#include <limits.h>
#include <netdb.h>
#include <string.h>
-#ifdef HAVE_PTHREAD_H
-#include <pthread.h>
-#endif
#include "citadel.h"
#include "server.h"
#include "locate_host.h"
#include "config.h"
+#include "tools.h"
-void locate_host(char *tbuf)
+void locate_host(char *tbuf, const struct in_addr *addr)
{
- struct sockaddr_in cs;
- struct hostent * ch;
- int len;
+ struct hostent *ch;
char *i;
- int a1,a2,a3,a4;
-
- len = sizeof(cs);
- if (getpeername(CC->client_socket, (struct sockaddr *)&cs,&len) < 0){
- strcpy(tbuf,config.c_fqdn);
- return;
+ int a1, a2, a3, a4;
+
+#ifdef HAVE_NONREENTRANT_NETDB
+ begin_critical_section(S_NETDB);
+#endif
+
+ if ((ch = gethostbyaddr((char *) addr, sizeof(*addr), AF_INET)) ==
+ NULL) {
+ bad_dns:
+ i = (char *) addr;
+ a1 = ((*i++) & 0xff);
+ a2 = ((*i++) & 0xff);
+ a3 = ((*i++) & 0xff);
+ a4 = ((*i++) & 0xff);
+ sprintf(tbuf, "%d.%d.%d.%d", a1, a2, a3, a4);
+ goto end; /* because we might need to end the critical
+ section */
}
-
- if((ch = gethostbyaddr((char *) &cs.sin_addr, sizeof(cs.sin_addr),
- AF_INET)) == NULL) {
- i = (char *) &cs.sin_addr;
- a1 = ((*i++)&0xff);
- a2 = ((*i++)&0xff);
- a3 = ((*i++)&0xff);
- a4 = ((*i++)&0xff);
- sprintf(tbuf,"%d.%d.%d.%d",a1,a2,a3,a4);
- return;
+ /* check if the forward DNS agrees; if not, they're spoofing */
+ i = strdoop(ch->h_name);
+ ch = gethostbyname(i);
+ phree(i);
+ if (ch == NULL)
+ goto bad_dns;
+
+ /* check address for consistency */
+ for (; *ch->h_addr_list; ch->h_addr_list++)
+ if (!memcmp(*ch->h_addr_list, addr,
+ sizeof *addr)) {
+ safestrncpy(tbuf, ch->h_name, 25);
+ goto end;
}
+ goto bad_dns; /* they were spoofing. report a numeric IP
+ address. */
- strncpy(tbuf,ch->h_name, 24);
- tbuf[24] = 0;
- }
+ end:
+
+#ifdef HAVE_NONREENTRANT_NETDB
+ end_critical_section(S_NETDB);
+#endif
+
+ tbuf[25] = 0;
+}
projects / citadel.git / blobdiff