Bugzilla – Attachment 2765 Details for
Bug 2503
The sshd log files are insufficient to detect sessions
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
include port number in more places
bz2503.diff (text/plain), 4.97 KB, created by
Damien Miller
on 2015-12-11 13:54:25 AEDT
(
hide
)
Description:
include port number in more places
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2015-12-11 13:54:25 AEDT
Size:
4.97 KB
patch
obsolete
>Index: packet.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/packet.c,v >retrieving revision 1.219 >diff -u -p -r1.219 packet.c >--- packet.c 10 Dec 2015 17:08:40 -0000 1.219 >+++ packet.c 11 Dec 2015 02:52:44 -0000 >@@ -332,7 +332,8 @@ ssh_packet_stop_discard(struct ssh *ssh) > sshbuf_ptr(state->incoming_packet), PACKET_MAX_SIZE, > NULL, 0); > } >- logit("Finished discarding for %.200s", ssh_remote_ipaddr(ssh)); >+ logit("Finished discarding for %.200s port %d", >+ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); > return SSH_ERR_MAC_INVALID; > } > >@@ -444,16 +445,30 @@ ssh_packet_get_connection_out(struct ssh > const char * > ssh_remote_ipaddr(struct ssh *ssh) > { >+ const int sock = ssh->state->connection_in; >+ > /* Check whether we have cached the ipaddr. */ >- if (ssh->remote_ipaddr == NULL) >- ssh->remote_ipaddr = ssh_packet_connection_is_on_socket(ssh) ? >- get_peer_ipaddr(ssh->state->connection_in) : >- strdup("UNKNOWN"); >- if (ssh->remote_ipaddr == NULL) >- return "UNKNOWN"; >+ if (ssh->remote_ipaddr == NULL) { >+ if (ssh_packet_connection_is_on_socket(ssh)) { >+ ssh->remote_ipaddr = get_peer_ipaddr(sock); >+ ssh->remote_port = get_sock_port(sock, 0); >+ } else { >+ ssh->remote_ipaddr = strdup("UNKNOWN"); >+ ssh->remote_port = 0; >+ } >+ } > return ssh->remote_ipaddr; > } > >+/* Returns the port number of the remote host. */ >+ >+int >+ssh_remote_port(struct ssh *ssh) >+{ >+ (void)ssh_remote_ipaddr(ssh); /* Will lookup and cache. */ >+ return ssh->remote_port; >+} >+ > /* Closes the connection and clears and frees internal data structures. */ > > void >@@ -1784,8 +1799,9 @@ ssh_packet_read_poll_seqnr(struct ssh *s > do_log2(ssh->state->server_side && > reason == SSH2_DISCONNECT_BY_APPLICATION ? > SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR, >- "Received disconnect from %s: %u: %.400s", >- ssh_remote_ipaddr(ssh), reason, msg); >+ "Received disconnect from %s port %d:" >+ "%u: %.400s", ssh_remote_ipaddr(ssh), >+ ssh_remote_port(ssh), reason, msg); > free(msg); > return SSH_ERR_DISCONNECTED; > case SSH2_MSG_UNIMPLEMENTED: >@@ -1813,8 +1829,9 @@ ssh_packet_read_poll_seqnr(struct ssh *s > case SSH_MSG_DISCONNECT: > if ((r = sshpkt_get_string(ssh, &msg, NULL)) != 0) > return r; >- error("Received disconnect from %s: %.400s", >- ssh_remote_ipaddr(ssh), msg); >+ error("Received disconnect from %s port %d: " >+ "%.400s", ssh_remote_ipaddr(ssh), >+ ssh_remote_port(ssh), msg); > free(msg); > return SSH_ERR_DISCONNECTED; > default: >@@ -1904,19 +1921,22 @@ sshpkt_fatal(struct ssh *ssh, const char > { > switch (r) { > case SSH_ERR_CONN_CLOSED: >- logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh)); >+ logit("Connection closed by %.200s port %d", >+ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); > cleanup_exit(255); > case SSH_ERR_CONN_TIMEOUT: >- logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh)); >+ logit("Connection %s %.200s port %d timed out", >+ ssh->state->server_side ? "from" : "to", >+ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); > cleanup_exit(255); > case SSH_ERR_DISCONNECTED: >- logit("Disconnected from %.200s", >- ssh_remote_ipaddr(ssh)); >+ logit("Disconnected from %.200s port %d", >+ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); > cleanup_exit(255); > case SSH_ERR_SYSTEM_ERROR: > if (errno == ECONNRESET) { >- logit("Connection reset by %.200s", >- ssh_remote_ipaddr(ssh)); >+ logit("Connection reset by %.200s port %d", >+ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); > cleanup_exit(255); > } > /* FALLTHROUGH */ >@@ -1926,15 +1946,17 @@ sshpkt_fatal(struct ssh *ssh, const char > case SSH_ERR_NO_KEX_ALG_MATCH: > case SSH_ERR_NO_HOSTKEY_ALG_MATCH: > if (ssh && ssh->kex && ssh->kex->failed_choice) { >- fatal("Unable to negotiate with %.200s: %s. " >+ fatal("Unable to negotiate with %.200s port %d: %s. " > "Their offer: %s", ssh_remote_ipaddr(ssh), >- ssh_err(r), ssh->kex->failed_choice); >+ ssh_remote_port(ssh), ssh_err(r), >+ ssh->kex->failed_choice); > } > /* FALLTHROUGH */ > default: >- fatal("%s%sConnection to %.200s: %s", >+ fatal("%s%sConnection %s %.200s port %d: %s", > tag != NULL ? tag : "", tag != NULL ? ": " : "", >- ssh_remote_ipaddr(ssh), ssh_err(r)); >+ ssh->state->server_side ? "from" : "to", >+ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), ssh_err(r)); > } > } > >Index: packet.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/packet.h,v >retrieving revision 1.66 >diff -u -p -r1.66 packet.h >--- packet.h 30 Jan 2015 01:13:33 -0000 1.66 >+++ packet.h 11 Dec 2015 02:52:44 -0000 >@@ -129,6 +129,7 @@ int ssh_packet_get_state(struct ssh *, > int ssh_packet_set_state(struct ssh *, struct sshbuf *); > > const char *ssh_remote_ipaddr(struct ssh *); >+int ssh_remote_port(struct ssh *); > > int ssh_packet_need_rekeying(struct ssh *); > void ssh_packet_set_rekey_limits(struct ssh *, u_int32_t, time_t);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2765">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
dtucker
:
ok+
Actions:
View
|
Diff
Attachments on
bug 2503
: 2765