Hi,
>>> Thu, 01 Aug 2002 16:39:45 +0900 の刻に「ume」、すなわち
>>> Hajimu UMEMOTO <[EMAIL PROTECTED]> 氏曰く
ume> Current sshd doesn't handle actual size of struct sockaddr correctly,
ume> and does copy it as long as just size of struct sockaddr. So, sshd
ume> deesn't log hostname into utmp correctly.
ume> Here is a proposed patch to fix this problem. Please review it.
I discussed about this on [EMAIL PROTECTED] as use
requested. Then, this problem is occur only under FreeBSD because of
our hack.
However, this is potential problem of OpenSSH-portable, and they
agreed to fix this. But, there is no fixed version of
OpenSSH-portable available, yet.
This problem is serious and I received the claim from many people
especially from Japan. This problem is occur only when connecting via
IPv6, and there are many people who are using IPv6 in Japan.
So, I wish to fix this problem in time for 4.7-RELEASE. I wish to commit
this fix. Any objection or any idea?
Sincerely,
ume> [2 sshd-loghost.diff <text/x-patch; US-ASCII (7bit)>]
ume> Index: crypto/openssh/monitor.c
ume> diff -u crypto/openssh/monitor.c.orig crypto/openssh/monitor.c
ume> --- crypto/openssh/monitor.c.orig Thu Jul 11 08:04:07 2002
ume> +++ crypto/openssh/monitor.c Thu Aug 1 15:21:58 2002
ume> @@ -1113,8 +1113,8 @@
ume> * the address be 0.0.0.0.
ume> */
ume> memset(&from, 0, sizeof(from));
ume> + fromlen = sizeof(from);
ume> if (packet_connection_is_on_socket()) {
ume> - fromlen = sizeof(from);
ume> if (getpeername(packet_get_connection_in(),
ume> (struct sockaddr *) & from, &fromlen) < 0) {
ume> debug("getpeername: %.100s", strerror(errno));
ume> @@ -1124,7 +1124,7 @@
ume> /* Record that there was a login on that tty from the remote host. */
record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid,
ume> get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping),
ume> - (struct sockaddr *)&from);
ume> + (struct sockaddr *)&from, fromlen);
ume> }
ume> static void
ume> Index: crypto/openssh/session.c
ume> diff -u crypto/openssh/session.c.orig crypto/openssh/session.c
ume> --- crypto/openssh/session.c.orig Sun Jul 28 00:43:29 2002
ume> +++ crypto/openssh/session.c Thu Aug 1 15:22:21 2002
ume> @@ -721,8 +721,8 @@
ume> * the address be 0.0.0.0.
ume> */
ume> memset(&from, 0, sizeof(from));
ume> + fromlen = sizeof(from);
ume> if (packet_connection_is_on_socket()) {
ume> - fromlen = sizeof(from);
ume> if (getpeername(packet_get_connection_in(),
ume> (struct sockaddr *) & from, &fromlen) < 0) {
ume> debug("getpeername: %.100s", strerror(errno));
ume> @@ -735,7 +735,7 @@
ume> record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
ume> get_remote_name_or_ip(utmp_len,
ume> options.verify_reverse_mapping),
ume> - (struct sockaddr *)&from);
ume> + (struct sockaddr *)&from, fromlen);
ume> #ifdef USE_PAM
ume> /*
ume> Index: crypto/openssh/sshlogin.c
ume> diff -u crypto/openssh/sshlogin.c.orig crypto/openssh/sshlogin.c
ume> --- crypto/openssh/sshlogin.c.orig Sat Jul 13 12:53:57 2002
ume> +++ crypto/openssh/sshlogin.c Thu Aug 1 15:24:36 2002
ume> @@ -66,12 +66,12 @@
ume> */
ume> void
ume> record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
ume> - const char *host, struct sockaddr * addr)
ume> + const char *host, struct sockaddr * addr, socklen_t addrlen)
ume> {
ume> struct logininfo *li;
ume> li = login_alloc_entry(pid, user, host, ttyname);
ume> - login_set_addr(li, addr, sizeof(struct sockaddr));
ume> + login_set_addr(li, addr, addrlen);
ume> login_login(li);
ume> login_free_entry(li);
ume> }
ume> Index: crypto/openssh/sshlogin.h
ume> diff -u crypto/openssh/sshlogin.h.orig crypto/openssh/sshlogin.h
ume> --- crypto/openssh/sshlogin.h.orig Sat Jul 13 12:53:57 2002
ume> +++ crypto/openssh/sshlogin.h Thu Aug 1 15:26:40 2002
ume> @@ -16,7 +16,7 @@
ume> void
ume> record_login(pid_t, const char *, const char *, uid_t,
ume> - const char *, struct sockaddr *);
ume> + const char *, struct sockaddr *, socklen_t);
ume> void record_logout(pid_t, const char *, const char *);
ume> u_long get_last_login_time(uid_t, const char *, char *, u_int);
--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
[EMAIL PROTECTED] [EMAIL PROTECTED] ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
