change resolve_host to 'resolve' unix sockets

openssh · Aug 27, 2023 · f965e1e · f965e1e
1 parent 945687a
commit f965e1e
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 6 deletions.
diff --git a/ssh.c b/ssh.c
@@ -50,6 +50,7 @@
 #include <sys/ioctl.h>
 #include <sys/socket.h>
 #include <sys/wait.h>
+#include <sys/un.h>
 
 #include <ctype.h>
 #include <errno.h>
@@ -257,6 +258,23 @@ resolve_host(const char *name, int port, int logerr, char *cname, size_t clen)
 	int gaierr;
 	LogLevel loglevel = SYSLOG_LEVEL_DEBUG1;
 
+    debug3_f("name = %s\n", name);
+    if (name[0] == '/') {
+        struct sockaddr_un *s_un;
+        debug3_f("name is a socket\n");
+        res = xcalloc(1, sizeof(struct addrinfo));
+        res->ai_family = AF_UNIX;
+        res->ai_socktype = SOCK_STREAM;
+        res->ai_protocol = 0;
+        s_un = xcalloc(1, sizeof(struct sockaddr_un));
+        s_un->sun_family = AF_UNIX;
+        strlcpy(s_un->sun_path, name, sizeof(s_un->sun_path));
+        res->ai_addr = (struct sockaddr *)s_un;
+        res->ai_addrlen = sizeof(struct sockaddr_un);
+
+        return res;
+    }
+
 	if (port <= 0)
 		port = default_ssh_port();
 	if (cname != NULL)
@@ -1183,7 +1201,7 @@ main(int ac, char **av)
 	}
 
 	/* Don't lowercase addresses, they will be explicitly canonicalised */
-	if ((was_addr = is_addr(host)) == 0)
+	if (host[0] != '/' && (was_addr = is_addr(host)) == 0)
 		lowercase(host);
 
 	/*
@@ -1698,7 +1716,7 @@ main(int ac, char **av)
                   options.port, pw, timeout_ms, cinfo);
 
 	if (ssh_packet_connection_is_on_socket(ssh)) {
-		if (ssh_packet_connection_af(ssh) == AF_LOCAL) {
+		if (ssh_packet_connection_af(ssh) == AF_UNIX) {
 			verbose("Authenticated to %s.", host);
 		} else {
 			verbose("Authenticated to %s ([%s]:%d).", host,

diff --git a/sshconnect.c b/sshconnect.c
@@ -19,6 +19,7 @@
 #include <sys/wait.h>
 #include <sys/stat.h>
 #include <sys/socket.h>
+#include <sys/un.h>
 #ifdef HAVE_SYS_TIME_H
 # include <sys/time.h>
 #endif
@@ -453,7 +454,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
 	char ntop[NI_MAXHOST], strport[NI_MAXSERV];
 	struct addrinfo *ai;
 
-	debug3_f("entering");
+	debug3_f("entering, host=%s", host);
 	memset(ntop, 0, sizeof(ntop));
 	memset(strport, 0, sizeof(strport));
 
@@ -474,7 +475,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
 				errno = EAFNOSUPPORT;
 				continue;
 			}
-			if (getnameinfo(ai->ai_addr, ai->ai_addrlen,
+			if (ai->ai_family != AF_UNIX && getnameinfo(ai->ai_addr, ai->ai_addrlen,
 			    ntop, sizeof(ntop), strport, sizeof(strport),
 			    NI_NUMERICHOST|NI_NUMERICSERV) != 0) {
 				oerrno = errno;
@@ -627,6 +628,9 @@ get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr,
 	case AF_INET6:
 		addrlen = sizeof(struct sockaddr_in6);
 		break;
+	case AF_UNIX:
+		addrlen = sizeof(struct sockaddr_un);
+		break;
 	default:
 		addrlen = sizeof(struct sockaddr);
 		break;
@@ -636,7 +640,9 @@ get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr,
 	 * We don't have the remote ip-address for connections
 	 * using a proxy command
 	 */
-	if (hostfile_ipaddr != NULL) {
+	if (hostaddr != NULL &&
+		hostaddr->sa_family != AF_UNIX &&
+		hostfile_ipaddr != NULL) {
 		if (options.proxy_command == NULL) {
 			if (getnameinfo(hostaddr, addrlen,
 			    ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST) != 0)
@@ -1575,7 +1581,7 @@ ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost,
 
 	/* key exchange */
 	/* authenticate user */
-	if (hostaddr->sa_family == AF_LOCAL) {
+	if (hostaddr->sa_family == AF_UNIX) {
 		debug("Authenticating to %s as '%s'", host, server_user);
 	} else {
 		debug("Authenticating to %s:%d as '%s'", host, port,