Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 01 Sep 2002 21:18:31 +0900
From:      Hajimu UMEMOTO <ume@mahoroba.org>
To:        des@FreeBSD.org
Cc:        current@FreeBSD.org, stable@FreeBSD.org
Subject:   Re: sshd doesn't log hostname into utmp correctly
Message-ID:  <ygelm6l9a3s.wl%ume@mahoroba.org>
In-Reply-To: <yge3ctzjada.wl@lyrics.mahoroba.org>
References:  <yge3ctzjada.wl@lyrics.mahoroba.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi,

>>> Thu, 01 Aug 2002 16:39:45 +0900 の刻に「ume」、すなわち
>>> Hajimu UMEMOTO <ume@mahoroba.org> 氏曰く

ume> Current sshd doesn't handle actual size of struct sockaddr correctly,
ume> and does copy it as long as just size of struct sockaddr.  So, sshd
ume> deesn't log hostname into utmp correctly.
ume> Here is a proposed patch to fix this problem.  Please review it.

I discussed about this on openssh-unix-dev@mindrot.org as use
requested.  Then, this problem is occur only under FreeBSD because of
our hack.
However, this is potential problem of OpenSSH-portable, and they
agreed to fix this.  But, there is no fixed version of
OpenSSH-portable available, yet.
This problem is serious and I received the claim from many people
especially from Japan.  This problem is occur only when connecting via
IPv6, and there are many people who are using IPv6 in Japan.
So, I wish to fix this problem in time for 4.7-RELEASE.  I wish to commit
this fix.  Any objection or any idea?

Sincerely,

ume> [2 sshd-loghost.diff <text/x-patch; US-ASCII (7bit)>]
ume> Index: crypto/openssh/monitor.c
ume> diff -u crypto/openssh/monitor.c.orig crypto/openssh/monitor.c
ume> --- crypto/openssh/monitor.c.orig	Thu Jul 11 08:04:07 2002
ume> +++ crypto/openssh/monitor.c	Thu Aug  1 15:21:58 2002
ume> @@ -1113,8 +1113,8 @@
ume>  	 * the address be 0.0.0.0.
ume>  	 */
ume>  	memset(&from, 0, sizeof(from));
ume> +	fromlen = sizeof(from);
ume>  	if (packet_connection_is_on_socket()) {
ume> -		fromlen = sizeof(from);
ume>  		if (getpeername(packet_get_connection_in(),
ume>  			(struct sockaddr *) & from, &fromlen) < 0) {
ume>  			debug("getpeername: %.100s", strerror(errno));
ume> @@ -1124,7 +1124,7 @@
ume>  	/* Record that there was a login on that tty from the remote host. */
 	record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid,
ume>  	    get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping),
ume> -	    (struct sockaddr *)&from);
ume> +	    (struct sockaddr *)&from, fromlen);
ume>  }
 
ume>  static void
ume> Index: crypto/openssh/session.c
ume> diff -u crypto/openssh/session.c.orig crypto/openssh/session.c
ume> --- crypto/openssh/session.c.orig	Sun Jul 28 00:43:29 2002
ume> +++ crypto/openssh/session.c	Thu Aug  1 15:22:21 2002
ume> @@ -721,8 +721,8 @@
ume>  	 * the address be 0.0.0.0.
ume>  	 */
ume>  	memset(&from, 0, sizeof(from));
ume> +	fromlen = sizeof(from);
ume>  	if (packet_connection_is_on_socket()) {
ume> -		fromlen = sizeof(from);
ume>  		if (getpeername(packet_get_connection_in(),
ume>  		    (struct sockaddr *) & from, &fromlen) < 0) {
ume>  			debug("getpeername: %.100s", strerror(errno));
ume> @@ -735,7 +735,7 @@
ume>  		record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
ume>  		    get_remote_name_or_ip(utmp_len,
ume>  		    options.verify_reverse_mapping),
ume> -		    (struct sockaddr *)&from);
ume> +		    (struct sockaddr *)&from, fromlen);
 
ume>  #ifdef USE_PAM
ume>  	/*
ume> Index: crypto/openssh/sshlogin.c
ume> diff -u crypto/openssh/sshlogin.c.orig crypto/openssh/sshlogin.c
ume> --- crypto/openssh/sshlogin.c.orig	Sat Jul 13 12:53:57 2002
ume> +++ crypto/openssh/sshlogin.c	Thu Aug  1 15:24:36 2002
ume> @@ -66,12 +66,12 @@
ume>   */
ume>  void
ume>  record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
ume> -    const char *host, struct sockaddr * addr)
ume> +    const char *host, struct sockaddr * addr, socklen_t addrlen)
ume>  {
ume>    struct logininfo *li;
 
ume>    li = login_alloc_entry(pid, user, host, ttyname);
ume> -  login_set_addr(li, addr, sizeof(struct sockaddr));
ume> +  login_set_addr(li, addr, addrlen);
ume>    login_login(li);
ume>    login_free_entry(li);
ume>  }
ume> Index: crypto/openssh/sshlogin.h
ume> diff -u crypto/openssh/sshlogin.h.orig crypto/openssh/sshlogin.h
ume> --- crypto/openssh/sshlogin.h.orig	Sat Jul 13 12:53:57 2002
ume> +++ crypto/openssh/sshlogin.h	Thu Aug  1 15:26:40 2002
ume> @@ -16,7 +16,7 @@
 
ume>  void
ume>  record_login(pid_t, const char *, const char *, uid_t,
ume> -    const char *, struct sockaddr *);
ume> +    const char *, struct sockaddr *, socklen_t);
ume>  void   record_logout(pid_t, const char *, const char *);
ume>  u_long         get_last_login_time(uid_t, const char *, char *, u_int);
 
--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume@mahoroba.org  ume@bisd.hitachi.co.jp  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ygelm6l9a3s.wl%ume>