Blame SOURCES/0052-Fix-rDNS-with-IPv6.patch

bd689f
From 01b646d2af0ed885d01d31a6479898a3c423a630 Mon Sep 17 00:00:00 2001
bd689f
From: =?UTF-8?q?Ond=C5=99ej=20Lyson=C4=9Bk?= <olysonek@redhat.com>
bd689f
Date: Thu, 26 Apr 2018 10:00:19 +0200
bd689f
Subject: [PATCH 52/59] Fix rDNS with IPv6
bd689f
bd689f
Previously IPv6 addresses were not translated to hostnames for PAM to use.
bd689f
---
bd689f
 privops.c    |  3 ++-
bd689f
 sysdeputil.c | 28 +++++++++++++++-------------
bd689f
 sysdeputil.h |  5 ++++-
bd689f
 sysutil.c    | 35 +++++++++++++++++++++++++++++++++++
bd689f
 sysutil.h    |  4 ++++
bd689f
 5 files changed, 60 insertions(+), 15 deletions(-)
bd689f
bd689f
diff --git a/privops.c b/privops.c
bd689f
index f27c5c4..e577a27 100644
bd689f
--- a/privops.c
bd689f
+++ b/privops.c
bd689f
@@ -383,7 +383,8 @@ handle_local_login(struct vsf_session* p_sess,
bd689f
                    struct mystr* p_user_str,
bd689f
                    const struct mystr* p_pass_str)
bd689f
 {
bd689f
-  if (!vsf_sysdep_check_auth(p_user_str, p_pass_str, &p_sess->remote_ip_str))
bd689f
+  if (!vsf_sysdep_check_auth(p_sess, p_user_str, p_pass_str,
bd689f
+                             &p_sess->remote_ip_str))
bd689f
   {
bd689f
     return kVSFLoginFail;
bd689f
   }
bd689f
diff --git a/sysdeputil.c b/sysdeputil.c
bd689f
index 2063c87..4fe56c2 100644
bd689f
--- a/sysdeputil.c
bd689f
+++ b/sysdeputil.c
bd689f
@@ -16,10 +16,6 @@
bd689f
 #include "tunables.h"
bd689f
 #include "builddefs.h"
bd689f
 
bd689f
-/* For gethostbyaddr, inet_addr */
bd689f
-#include <netdb.h>
bd689f
-#include <arpa/inet.h>
bd689f
-
bd689f
 /* For Linux, this adds nothing :-) */
bd689f
 #include "port/porting_junk.h"
bd689f
 
bd689f
@@ -242,13 +238,15 @@ void vsf_remove_uwtmp(void);
bd689f
 
bd689f
 #ifndef VSF_SYSDEP_HAVE_PAM
bd689f
 int
bd689f
-vsf_sysdep_check_auth(struct mystr* p_user_str,
bd689f
+vsf_sysdep_check_auth(struct vsf_session* p_sess,
bd689f
+                      struct mystr* p_user_str,
bd689f
                       const struct mystr* p_pass_str,
bd689f
                       const struct mystr* p_remote_host)
bd689f
 {
bd689f
   const char* p_crypted;
bd689f
   const struct passwd* p_pwd = getpwnam(str_getbuf(p_user_str));
bd689f
   (void) p_remote_host;
bd689f
+  (void) p_sess;
bd689f
   if (p_pwd == NULL)
bd689f
   {
bd689f
     return 0;
bd689f
@@ -322,14 +320,14 @@ static int pam_conv_func(int nmsg, const struct pam_message** p_msg,
bd689f
 static void vsf_auth_shutdown(void);
bd689f
 
bd689f
 int
bd689f
-vsf_sysdep_check_auth(struct mystr* p_user_str,
bd689f
+vsf_sysdep_check_auth(struct vsf_session* p_sess,
bd689f
+                      struct mystr* p_user_str,
bd689f
                       const struct mystr* p_pass_str,
bd689f
                       const struct mystr* p_remote_host)
bd689f
 {
bd689f
   int retval = -1;
bd689f
 #ifdef PAM_RHOST
bd689f
-  struct sockaddr_in sin;
bd689f
-  struct hostent *host;
bd689f
+  struct mystr hostname = INIT_MYSTR;
bd689f
 #endif
bd689f
   pam_item_t item;
bd689f
   const char* pam_user_name = 0;
bd689f
@@ -354,13 +352,17 @@ vsf_sysdep_check_auth(struct mystr* p_user_str,
bd689f
     return 0;
bd689f
   }
bd689f
 #ifdef PAM_RHOST
bd689f
-  if (tunable_reverse_lookup_enable) {
bd689f
-    sin.sin_addr.s_addr = inet_addr(str_getbuf(p_remote_host));
bd689f
-    host = gethostbyaddr((char*)&sin.sin_addr.s_addr,sizeof(struct in_addr),AF_INET);
bd689f
-    if (host != (struct hostent*)0)
bd689f
-      retval = pam_set_item(s_pamh, PAM_RHOST, host->h_name);
bd689f
+  if (tunable_reverse_lookup_enable)
bd689f
+  {
bd689f
+    if (vsf_sysutil_get_hostname(p_sess->p_remote_addr, &hostname) == 0)
bd689f
+    {
bd689f
+      retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(&hostname));
bd689f
+      str_free(&hostname);
bd689f
+    }
bd689f
     else
bd689f
+    {
bd689f
       retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host));
bd689f
+    }
bd689f
   } else {
bd689f
     retval = pam_set_item(s_pamh, PAM_RHOST, str_getbuf(p_remote_host));
bd689f
   }
bd689f
diff --git a/sysdeputil.h b/sysdeputil.h
bd689f
index 3b6b30a..6f2aa0a 100644
bd689f
--- a/sysdeputil.h
bd689f
+++ b/sysdeputil.h
bd689f
@@ -5,6 +5,8 @@
bd689f
 #include "filesize.h"
bd689f
 #endif
bd689f
 
bd689f
+#include "session.h"
bd689f
+
bd689f
 /* VSF_SYSDEPUTIL_H:
bd689f
  * Support for highly system dependent features, and querying for support
bd689f
  * or lack thereof
bd689f
@@ -15,7 +17,8 @@ struct mystr;
bd689f
 
bd689f
 /* Authentication of local users */
bd689f
 /* Return 0 for fail, 1 for success */
bd689f
-int vsf_sysdep_check_auth(struct mystr* p_user,
bd689f
+int vsf_sysdep_check_auth(struct vsf_session* p_sess,
bd689f
+                          struct mystr* p_user,
bd689f
                           const struct mystr* p_pass,
bd689f
                           const struct mystr* p_remote_host);
bd689f
 
bd689f
diff --git a/sysutil.c b/sysutil.c
bd689f
index e847650..b68583b 100644
bd689f
--- a/sysutil.c
bd689f
+++ b/sysutil.c
bd689f
@@ -2356,6 +2356,41 @@ vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr,
bd689f
   }
bd689f
 }
bd689f
 
bd689f
+int
bd689f
+vsf_sysutil_get_hostname(struct vsf_sysutil_sockaddr *p_addr,
bd689f
+                         struct mystr* p_str)
bd689f
+{
bd689f
+  struct sockaddr *sa;
bd689f
+  socklen_t sa_len = 0;
bd689f
+  char hostname[NI_MAXHOST];
bd689f
+  int res;
bd689f
+
bd689f
+  sa = &p_addr->u.u_sockaddr;
bd689f
+  if (sa->sa_family == AF_INET)
bd689f
+  {
bd689f
+    sa_len = sizeof(struct sockaddr_in);
bd689f
+  }
bd689f
+  else if (sa->sa_family == AF_INET6)
bd689f
+  {
bd689f
+    sa_len = sizeof(struct sockaddr_in6);
bd689f
+  }
bd689f
+  else
bd689f
+  {
bd689f
+    die("can only support ipv4 and ipv6 currently");
bd689f
+  }
bd689f
+  res = getnameinfo(sa, sa_len, hostname, sizeof(hostname), NULL, 0,
bd689f
+                    NI_NAMEREQD);
bd689f
+  if (res == 0)
bd689f
+  {
bd689f
+    str_alloc_text(p_str, hostname);
bd689f
+    return 0;
bd689f
+  }
bd689f
+  else
bd689f
+  {
bd689f
+    return -1;
bd689f
+  }
bd689f
+}
bd689f
+
bd689f
 struct vsf_sysutil_user*
bd689f
 vsf_sysutil_getpwuid(const unsigned int uid)
bd689f
 {
bd689f
diff --git a/sysutil.h b/sysutil.h
bd689f
index 7a59f13..2df14ed 100644
bd689f
--- a/sysutil.h
bd689f
+++ b/sysutil.h
bd689f
@@ -7,6 +7,8 @@
bd689f
 #include "filesize.h"
bd689f
 #endif
bd689f
 
bd689f
+#include "str.h"
bd689f
+
bd689f
 /* Return value queries */
bd689f
 int vsf_sysutil_retval_is_error(int retval);
bd689f
 enum EVSFSysUtilError
bd689f
@@ -266,6 +268,8 @@ int vsf_sysutil_connect_timeout(int fd,
bd689f
                                 unsigned int wait_seconds);
bd689f
 void vsf_sysutil_dns_resolve(struct vsf_sysutil_sockaddr** p_sockptr,
bd689f
                              const char* p_name);
bd689f
+int vsf_sysutil_get_hostname(struct vsf_sysutil_sockaddr *p_addr,
bd689f
+                             struct mystr* p_str);
bd689f
 /* Option setting on sockets */
bd689f
 void vsf_sysutil_activate_keepalive(int fd);
bd689f
 void vsf_sysutil_rcvtimeo(int fd);
bd689f
-- 
bd689f
2.14.4
bd689f