nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity

Improve sk_peer_info.

Browse Source 
Previously, it returned a human-readable string suitable for log
files, which tried to say something useful about the remote end of a
socket. Now it returns a whole SocketPeerInfo structure, of which that
human-friendly log string is just one field, but also some of the same
information - remote IP address and port, in particular - is provided
in machine-readable form where it's available.
This commit is contained in:
Simon Tatham 2018-10-18 20:06:42 +01:00
parent 1bde686945
commit 82c83c1894
16 changed files with 161 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
defs.h
View File

@ -44,6 +44,7 @@ typedef struct SockAddr SockAddr;
typedef struct Socket Socket;
typedef struct Plug Plug;
typedef struct SocketPeerInfo SocketPeerInfo;
typedef struct Backend Backend;
typedef struct BackendVtable BackendVtable;

2
errsock.c
View File

@ -39,7 +39,7 @@ static const char *sk_error_socket_error(Socket *s)
return es->error;
}
static char *sk_error_peer_info(Socket *s)
static SocketPeerInfo *sk_error_peer_info(Socket *s)
{
return NULL;
}

3
mainchan.c
View File

@ -88,7 +88,8 @@ mainchan *mainchan_new(
const char *host = conf_get_str(mc->conf, CONF_ssh_nc_host);
int port = conf_get_int(mc->conf, CONF_ssh_nc_port);
mc->sc = ssh_lportfwd_open(cl, host, port, "main channel", &mc->chan);
mc->sc = ssh_lportfwd_open(cl, host, port, "main channel",
NULL, &mc->chan);
mc->type = MAINCHAN_DIRECT_TCPIP;
} else {
mc->sc = ssh_session_open(cl, &mc->chan);

9
misc.c
View File

@ -1416,3 +1416,12 @@ const char *nullseat_get_x_display(Seat *seat) { return NULL; }
int nullseat_get_windowid(Seat *seat, long *id_out) { return FALSE; }
int nullseat_get_window_pixel_size(
Seat *seat, int *width, int *height) { return FALSE; }
void sk_free_peer_info(SocketPeerInfo *pi)
{
if (pi) {
sfree((char *)pi->addr_text);
sfree((char *)pi->log_text);
sfree(pi);
}
}

48
network.h
View File

@ -35,7 +35,7 @@ struct SocketVtable {
void (*set_frozen) (Socket *s, int is_frozen);
/* ignored by tcp, but vital for ssl */
const char *(*socket_error) (Socket *s);
char *(*peer_info) (Socket *s);
SocketPeerInfo *(*peer_info) (Socket *s);
};
typedef union { void *p; int i; } accept_ctx_t;
@ -194,12 +194,52 @@ const char *sk_addr_error(SockAddr *addr);
#define sk_set_frozen(s, is_frozen) (((s)->vt->set_frozen) (s, is_frozen))
/*
* Return a (dynamically allocated) string giving some information
* about the other end of the socket, suitable for putting in log
* files. May be NULL if nothing is available at all.
* Return a structure giving some information about the other end of
* the socket. May be NULL, if nothing is available at all. If it is
* not NULL, then it is dynamically allocated, and should be freed by
* a call to sk_free_peer_info(). See below for the definition.
*/
#define sk_peer_info(s) (((s)->vt->peer_info) (s))
/*
* The structure returned from sk_peer_info, and a function to free
* one (in misc.c).
*/
struct SocketPeerInfo {
int addressfamily;
/*
* Text form of the IPv4 or IPv6 address of the other end of the
* socket, if available, in the standard text representation.
*/
const char *addr_text;
/*
* Binary form of the same address. Filled in if and only if
* addr_text is not NULL. You can tell which branch of the union
* is used by examining 'addressfamily'.
*/
union {
unsigned char ipv6[16];
unsigned char ipv4[4];
} addr_bin;
/*
* Remote port number, or -1 if not available.
*/
int port;
/*
* Free-form text suitable for putting in log messages. For IP
* sockets, repeats the address and port information from above.
* But it can be completely different, e.g. for Unix-domain
* sockets it gives information about the uid, gid and pid of the
* connecting process.
*/
const char *log_text;
};
void sk_free_peer_info(SocketPeerInfo *pi);
/*
* Simple wrapper on getservbyname(), needed by ssh.c. Returns the
* port number, in host byte order (suitable for printf and so on).

7
pageant.c
View File

@ -830,7 +830,7 @@ static int pageant_listen_accepting(Plug *plug,
plug, struct pageant_listen_state, plug);
struct pageant_conn_state *pc;
const char *err;
char *peerinfo;
SocketPeerInfo *peerinfo;
pc = snew(struct pageant_conn_state);
pc->plug.vt = &pageant_connection_plugvt;
@ -848,12 +848,13 @@ static int pageant_listen_accepting(Plug *plug,
sk_set_frozen(pc->connsock, 0);
peerinfo = sk_peer_info(pc->connsock);
if (peerinfo) {
if (peerinfo && peerinfo->log_text) {
plog(pl->logctx, pl->logfn, "%p: new connection from %s",
pc, peerinfo);
pc, peerinfo->log_text);
} else {
plog(pl->logctx, pl->logfn, "%p: new connection", pc);
}
sk_free_peer_info(peerinfo);
return 0;
}

14
portfwd.c
View File

@ -153,18 +153,18 @@ static SshChannel *wrap_lportfwd_open(
ConnectionLayer *cl, const char *hostname, int port,
Socket *s, Channel *chan)
{
char *peerinfo, *description;
SocketPeerInfo *pi;
char *description;
SshChannel *toret;
peerinfo = sk_peer_info(s);
if (peerinfo) {
description = dupprintf("forwarding from %s", peerinfo);
sfree(peerinfo);
pi = sk_peer_info(s);
if (pi && pi->log_text) {
description = dupprintf("forwarding from %s", pi->log_text);
} else {
description = dupstr("forwarding");
}
toret = ssh_lportfwd_open(cl, hostname, port, description, chan);
toret = ssh_lportfwd_open(cl, hostname, port, description, pi, chan);
sk_free_peer_info(pi);
sfree(description);
return toret;

6
putty.h
View File

@ -483,7 +483,11 @@ enum {
* host name has already been resolved or will be resolved at
* the proxy end.
*/
ADDRTYPE_UNSPEC, ADDRTYPE_IPV4, ADDRTYPE_IPV6, ADDRTYPE_NAME
ADDRTYPE_UNSPEC,
ADDRTYPE_IPV4,
ADDRTYPE_IPV6,
ADDRTYPE_LOCAL, /* e.g. Unix domain socket, or Windows named pipe */
ADDRTYPE_NAME /* SockAddr storing an unresolved host name */
};
struct Backend {

7
ssh.h
View File

@ -216,7 +216,8 @@ struct ConnectionLayerVtable {
* PortFwdManager */
SshChannel *(*lportfwd_open)(
ConnectionLayer *cl, const char *hostname, int port,
const char *org, Channel *chan);
const char *description, const SocketPeerInfo *peerinfo,
Channel *chan);
/* Initiate opening of a 'session'-type channel */
SshChannel *(*session_open)(ConnectionLayer *cl, Channel *chan);
@ -297,8 +298,8 @@ struct ConnectionLayer {
#define ssh_rportfwd_alloc(cl, sh, sp, dh, dp, af, ld, pfr, share) \
((cl)->vt->rportfwd_alloc(cl, sh, sp, dh, dp, af, ld, pfr, share))
#define ssh_rportfwd_remove(cl, rpf) ((cl)->vt->rportfwd_remove(cl, rpf))
#define ssh_lportfwd_open(cl, h, p, org, chan) \
((cl)->vt->lportfwd_open(cl, h, p, org, chan))
#define ssh_lportfwd_open(cl, h, p, desc, pi, chan) \
((cl)->vt->lportfwd_open(cl, h, p, desc, pi, chan))
#define ssh_session_open(cl, chan) \
((cl)->vt->session_open(cl, chan))
#define ssh_add_x11_display(cl, auth, disp) \

7
ssh1connection.c
View File

@ -109,7 +109,7 @@ static void ssh1_rportfwd_remove(
ConnectionLayer *cl, struct ssh_rportfwd *rpf);
static SshChannel *ssh1_lportfwd_open(
ConnectionLayer *cl, const char *hostname, int port,
const char *org, Channel *chan);
const char *description, const SocketPeerInfo *pi, Channel *chan);
static SshChannel *ssh1_session_open(ConnectionLayer *cl, Channel *chan);
static struct X11FakeAuth *ssh1_add_x11_display(
ConnectionLayer *cl, int authtype, struct X11Display *disp);
@ -1176,7 +1176,7 @@ static SshChannel *ssh1_session_open(ConnectionLayer *cl, Channel *chan)
static SshChannel *ssh1_lportfwd_open(
ConnectionLayer *cl, const char *hostname, int port,
const char *org, Channel *chan)
const char *description, const SocketPeerInfo *pi, Channel *chan)
{
struct ssh1_connection_state *s =
container_of(cl, struct ssh1_connection_state, cl);
@ -1189,7 +1189,8 @@ static SshChannel *ssh1_lportfwd_open(
c->halfopen = TRUE;
c->chan = chan;
ppl_logevent(("Opening connection to %s:%d for %s", hostname, port, org));
ppl_logevent(("Opening connection to %s:%d for %s",
hostname, port, description));
pktout = ssh_bpp_new_pktout(s->ppl.bpp, SSH1_MSG_PORT_OPEN);
put_uint32(pktout, c->localid);

7
ssh2connection.c
View File

@ -104,7 +104,7 @@ static void ssh2_rportfwd_remove(
ConnectionLayer *cl, struct ssh_rportfwd *rpf);
static SshChannel *ssh2_lportfwd_open(
ConnectionLayer *cl, const char *hostname, int port,
const char *org, Channel *chan);
const char *description, const SocketPeerInfo *pi, Channel *chan);
static SshChannel *ssh2_session_open(ConnectionLayer *cl, Channel *chan);
static struct X11FakeAuth *ssh2_add_x11_display(
ConnectionLayer *cl, int authtype, struct X11Display *x11disp);
@ -1678,7 +1678,7 @@ static void ssh2channel_hint_channel_is_simple(SshChannel *sc)
static SshChannel *ssh2_lportfwd_open(
ConnectionLayer *cl, const char *hostname, int port,
const char *org, Channel *chan)
const char *description, const SocketPeerInfo *pi, Channel *chan)
{
struct ssh2_connection_state *s =
container_of(cl, struct ssh2_connection_state, cl);
@ -1691,7 +1691,8 @@ static SshChannel *ssh2_lportfwd_open(
c->halfopen = TRUE;
c->chan = chan;
ppl_logevent(("Opening connection to %s:%d for %s", hostname, port, org));
ppl_logevent(("Opening connection to %s:%d for %s",
hostname, port, description));
pktout = ssh2_chanopen_init(c, "direct-tcpip");
{

8
sshshare.c
View File

@ -1914,7 +1914,7 @@ static int share_listen_accepting(Plug *plug,
plug, struct ssh_sharing_state, plug);
struct ssh_sharing_connstate *cs;
const char *err;
char *peerinfo;
SocketPeerInfo *peerinfo;
/*
* A new downstream has connected to us.
@ -1959,9 +1959,9 @@ static int share_listen_accepting(Plug *plug,
peerinfo = sk_peer_info(cs->sock);
log_downstream(cs, "connected%s%s",
peerinfo ? " from " : "", peerinfo ? peerinfo : "");
sfree(peerinfo);
(peerinfo && peerinfo->log_text ? " from " : ""),
(peerinfo && peerinfo->log_text ? peerinfo->log_text : ""));
sk_free_peer_info(peerinfo);
return 0;
}

50
unix/uxnet.c
View File

@ -503,7 +503,7 @@ static int sk_net_write(Socket *s, const void *data, int len);
static int sk_net_write_oob(Socket *s, const void *data, int len);
static void sk_net_write_eof(Socket *s);
static void sk_net_set_frozen(Socket *s, int is_frozen);
static char *sk_net_peer_info(Socket *s);
static SocketPeerInfo *sk_net_peer_info(Socket *s);
static const char *sk_net_socket_error(Socket *s);
static struct SocketVtable NetSocket_sockvt = {
@ -1480,7 +1480,7 @@ static void sk_net_set_frozen(Socket *sock, int is_frozen)
uxsel_tell(s);
}
static char *sk_net_peer_info(Socket *sock)
static SocketPeerInfo *sk_net_peer_info(Socket *sock)
{
NetSocket *s = container_of(sock, NetSocket, sock);
union sockaddr_union addr;
@ -1488,26 +1488,42 @@ static char *sk_net_peer_info(Socket *sock)
#ifndef NO_IPV6
char buf[INET6_ADDRSTRLEN];
#endif
SocketPeerInfo *pi;
if (getpeername(s->s, &addr.sa, &addrlen) < 0)
return NULL;
pi = snew(SocketPeerInfo);
pi->addressfamily = ADDRTYPE_UNSPEC;
pi->addr_text = NULL;
pi->port = -1;
pi->log_text = NULL;
if (addr.storage.ss_family == AF_INET) {
return dupprintf
("%s:%d",
inet_ntoa(addr.sin.sin_addr),
(int)ntohs(addr.sin.sin_port));
pi->addressfamily = ADDRTYPE_IPV4;
memcpy(pi->addr_bin.ipv4, &addr.sin.sin_addr, 4);
pi->port = ntohs(addr.sin.sin_port);
pi->addr_text = dupstr(inet_ntoa(addr.sin.sin_addr));
pi->log_text = dupprintf("%s:%d", pi->addr_text, pi->port);
#ifndef NO_IPV6
} else if (addr.storage.ss_family == AF_INET6) {
return dupprintf
("[%s]:%d",
inet_ntop(AF_INET6, &addr.sin6.sin6_addr, buf, sizeof(buf)),
(int)ntohs(addr.sin6.sin6_port));
pi->addressfamily = ADDRTYPE_IPV6;
memcpy(pi->addr_bin.ipv6, &addr.sin6.sin6_addr, 16);
pi->port = ntohs(addr.sin6.sin6_port);
pi->addr_text = dupstr(
inet_ntop(AF_INET6, &addr.sin6.sin6_addr, buf, sizeof(buf)));
pi->log_text = dupprintf("[%s]:%d", pi->addr_text, pi->port);
#endif
} else if (addr.storage.ss_family == AF_UNIX) {
pi->addressfamily = ADDRTYPE_LOCAL;
/*
* For Unix sockets, the source address is unlikely to be
* helpful. Instead, we try SO_PEERCRED and try to get the
* source pid.
* helpful, so we leave addr_txt NULL (and we certainly can't
* fill in port, obviously). Instead, we try SO_PEERCRED and
* try to get the source pid, and put that in the log text.
*/
int pid, uid, gid;
if (so_peercred(s->s, &pid, &uid, &gid)) {
@ -1516,14 +1532,16 @@ static char *sk_net_peer_info(Socket *sock)
sprintf(gidbuf, "%d", gid);
struct passwd *pw = getpwuid(uid);
struct group *gr = getgrgid(gid);
return dupprintf("pid %d (%s:%s)", pid,
pw ? pw->pw_name : uidbuf,
gr ? gr->gr_name : gidbuf);
pi->log_text = dupprintf("pid %d (%s:%s)", pid,
pw ? pw->pw_name : uidbuf,
gr ? gr->gr_name : gidbuf);
}
return NULL;
} else {
sfree(pi);
return NULL;
}
return pi;
}
static void uxsel_tell(NetSocket *s)

12
windows/winhsock.c
View File

@ -270,7 +270,7 @@ static const char *sk_handle_socket_error(Socket *s)
return hs->error;
}
static char *sk_handle_peer_info(Socket *s)
static SocketPeerInfo *sk_handle_peer_info(Socket *s)
{
HandleSocket *hs = container_of(s, HandleSocket, sock);
ULONG pid;
@ -299,8 +299,14 @@ static char *sk_handle_peer_info(Socket *s)
* to log what we can find out about the client end.
*/
if (p_GetNamedPipeClientProcessId &&
p_GetNamedPipeClientProcessId(hs->send_H, &pid))
return dupprintf("process id %lu", (unsigned long)pid);
p_GetNamedPipeClientProcessId(hs->send_H, &pid)) {
SocketPeerInfo *pi = snew(SocketPeerInfo);
pi->addressfamily = ADDRTYPE_LOCAL;
pi->addr_text = NULL;
pi->port = -1;
pi->log_text = dupprintf("process id %lu", (unsigned long)pid);
return pi;
}
return NULL;
}

39
windows/winnet.c
View File

@ -904,7 +904,7 @@ static int sk_net_write_oob(Socket *s, const void *data, int len);
static void sk_net_write_eof(Socket *s);
static void sk_net_set_frozen(Socket *s, int is_frozen);
static const char *sk_net_socket_error(Socket *s);
static char *sk_net_peer_info(Socket *s);
static SocketPeerInfo *sk_net_peer_info(Socket *s);
extern char *do_select(SOCKET skt, int startup);
@ -1763,7 +1763,7 @@ static const char *sk_net_socket_error(Socket *sock)
return s->error;
}
static char *sk_net_peer_info(Socket *sock)
static SocketPeerInfo *sk_net_peer_info(Socket *sock)
{
NetSocket *s = container_of(sock, NetSocket, sock);
#ifdef NO_IPV6
@ -1773,26 +1773,43 @@ static char *sk_net_peer_info(Socket *sock)
char buf[INET6_ADDRSTRLEN];
#endif
int addrlen = sizeof(addr);
SocketPeerInfo *pi;
if (p_getpeername(s->s, (struct sockaddr *)&addr, &addrlen) < 0)
return NULL;
pi = snew(SocketPeerInfo);
pi->addressfamily = ADDRTYPE_UNSPEC;
pi->addr_text = NULL;
pi->port = -1;
pi->log_text = NULL;
if (((struct sockaddr *)&addr)->sa_family == AF_INET) {
return dupprintf
("%s:%d",
p_inet_ntoa(((struct sockaddr_in *)&addr)->sin_addr),
(int)p_ntohs(((struct sockaddr_in *)&addr)->sin_port));
pi->addressfamily = ADDRTYPE_IPV4;
memcpy(pi->addr_bin.ipv4, &((struct sockaddr_in *)&addr)->sin_addr, 4);
pi->port = p_ntohs(((struct sockaddr_in *)&addr)->sin_port);
pi->addr_text = dupstr(
p_inet_ntoa(((struct sockaddr_in *)&addr)->sin_addr));
pi->log_text = dupprintf("%s:%d", pi->addr_text, pi->port);
#ifndef NO_IPV6
} else if (((struct sockaddr *)&addr)->sa_family == AF_INET6) {
return dupprintf
("[%s]:%d",
p_inet_ntop(AF_INET6, &((struct sockaddr_in6 *)&addr)->sin6_addr,
buf, sizeof(buf)),
(int)p_ntohs(((struct sockaddr_in6 *)&addr)->sin6_port));
pi->addressfamily = ADDRTYPE_IPV6;
memcpy(pi->addr_bin.ipv6,
&((struct sockaddr_in6 *)&addr)->sin6_addr, 16);
pi->port = p_ntohs(((struct sockaddr_in6 *)&addr)->sin6_port);
pi->addr_text = dupstr(
p_inet_ntop(AF_INET6, &((struct sockaddr_in6 *)&addr)->sin6_addr,
buf, sizeof(buf)));
pi->log_text = dupprintf("[%s]:%d", pi->addr_text, pi->port);
#endif
} else {
sfree(pi);
return NULL;
}
return pi;
}
static void sk_net_set_frozen(Socket *sock, int is_frozen)

2
windows/winnps.c
View File

@ -68,7 +68,7 @@ static const char *sk_namedpipeserver_socket_error(Socket *s)
return ps->error;
}
static char *sk_namedpipeserver_peer_info(Socket *s)
static SocketPeerInfo *sk_namedpipeserver_peer_info(Socket *s)
{
return NULL;
}