diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2005-09-03 06:59:33 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2005-09-03 06:59:33 +0000 |
| commit | 043840df5be0cf8490b48a08fe6d9c316f473f58 (patch) | |
| tree | b8088b859d6543143de670740f5c6f7bf4e0b23d /crypto/openssh/dns.c | |
| parent | 4518870c7202d4098a97eae7a1d3820d84a4b0f4 (diff) | |
| download | src-043840df5be0cf8490b48a08fe6d9c316f473f58.tar.gz src-043840df5be0cf8490b48a08fe6d9c316f473f58.zip | |
Vendor import of OpenSSH 4.2p1.
Notes
Notes:
svn path=/vendor-crypto/openssh/dist/; revision=149749
Diffstat (limited to 'crypto/openssh/dns.c')
| -rw-r--r-- | crypto/openssh/dns.c | 33 |
1 files changed, 29 insertions, 4 deletions
diff --git a/crypto/openssh/dns.c b/crypto/openssh/dns.c index 140ab6042932..4487c1abaf23 100644 --- a/crypto/openssh/dns.c +++ b/crypto/openssh/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $ */ +/* $OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -43,7 +43,7 @@ #include "uuencode.h" extern char *__progname; -RCSID("$OpenBSD: dns.c,v 1.10 2004/06/21 17:36:31 avsm Exp $"); +RCSID("$OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $"); #ifndef LWRES static const char *errset_text[] = { @@ -142,6 +142,26 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, return success; } +/* + * Check if hostname is numerical. + * Returns -1 if hostname is numeric, 0 otherwise + */ +static int +is_numeric_hostname(const char *hostname) +{ + struct addrinfo hints, *ai; + + memset(&hints, 0, sizeof(hints)); + hints.ai_socktype = SOCK_DGRAM; + hints.ai_flags = AI_NUMERICHOST; + + if (getaddrinfo(hostname, "0", &hints, &ai) == 0) { + freeaddrinfo(ai); + return -1; + } + + return 0; +} /* * Verify the given hostname, address and host key using DNS. @@ -151,7 +171,7 @@ int verify_host_key_dns(const char *hostname, struct sockaddr *address, const Key *hostkey, int *flags) { - int counter; + u_int counter; int result; struct rrsetinfo *fingerprints = NULL; @@ -171,6 +191,11 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, if (hostkey == NULL) fatal("No key to look up!"); + if (is_numeric_hostname(hostname)) { + debug("skipped DNS lookup for numerical hostname"); + return -1; + } + result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, DNS_RDATATYPE_SSHFP, 0, &fingerprints); if (result) { @@ -249,7 +274,7 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic) u_char *rdata_digest; u_int rdata_digest_len; - int i; + u_int i; int success = 0; if (dns_read_key(&rdata_pubkey_algorithm, &rdata_digest_type, |