FreeBSD change for openssh

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



I've been working on cleanup of remnants of Internet Class A/B/C in
FreeBSD, and came across a piece of code in sshconnect.c that I'd
like to change.  The current code checks for loopback addresses by
picking apart the address as Class A (24 bit shift).  FreeBSD has a
newer IN_LOOPBACK() macro that determines whether an address is in the
loopback range, and I'd like to use that.  As not all systems provide
such a macro, I'd propose a default version that is essentially the
current FreeBSD version.  Part of the reason for using the system macro
is that there is a proposed change to the reserved space for loopback
heading toward the IETF, reserving 127.0.0.0/16 rather than /8.

The following is a proposed change to sshconnect.c.

diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c
index 8f7541942ac1..74636005eb7b 100644
--- a/crypto/openssh/sshconnect.c
+++ b/crypto/openssh/sshconnect.c
@@ -592,13 +592,20 @@ confirm(const char *prompt, const char *fingerprint)
 	}
 }
 
+/*
+ * <netinet/in.h> may provide an IN_LOOPBACK() macro; use it if provided.
+ */
+#ifndef IN_LOOPBACK
+#define IN_LOOPBACK(i)		(((i) & 0xff000000) == 0x7f000000)
+#endif
+
 static int
 sockaddr_is_local(struct sockaddr *hostaddr)
 {
 	switch (hostaddr->sa_family) {
 	case AF_INET:
-		return (ntohl(((struct sockaddr_in *)hostaddr)->
-		    sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
+		return (IN_LOOPBACK(ntohl(((struct sockaddr_in *)hostaddr)->
+		    sin_addr.s_addr)));
 	case AF_INET6:
 		return IN6_IS_ADDR_LOOPBACK(
 		    &(((struct sockaddr_in6 *)hostaddr)->sin6_addr));


Comments or suggestions?

Thanks,
		Mike
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux