Navigation

← Previous Changeset
Next Changeset →

Changeset 1440

Timestamp:

11/20/07 17:58:04 (9 months ago)

Author:

till

Message:

honeytrap
- Fix: improper logging of IP address pairs

Files:

honeytrap/trunk/ChangeLog (modified) (1 diff)
honeytrap/trunk/src/dynsrv.c (modified) (11 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

honeytrap/trunk/ChangeLog

r1425 r1440

1 Version 1.0.1
2 - Fix: Improper logging of IP address pairs
1 3 Version 1.0.0
2 4 - Improved configure script

honeytrap/trunk/src/dynsrv.c

r1361	r1440
65	65	int status;
66	66	#endif
67		socklen_t cli~~ent_~~addr_len;
68		struct sockaddr_in cli~~ent_addr, server_~~addr;
	67	socklen_t cliaddr_len, srvaddr_len;
	68	struct sockaddr_in cliaddr, srvaddr;
69	69	struct timeval c_timeout;
70	70	struct hostent *proxy_addr;
…	…
105	105	if (proto == TCP) {
106	106	logmsg(LOG_DEBUG, 1, "Requesting tcp socket.\n");
107		if ((listen_fd = get_boundsock(&s~~erver_~~addr, port_l, SOCK_STREAM)) == -1)
	107	if ((listen_fd = get_boundsock(&srvaddr, port_l, SOCK_STREAM)) == -1)
108	108	exit(EXIT_SUCCESS);
109	109	if (port_flags_tcp[htons(port_l)])
…	…
111	111	} else if (proto == UDP) {
112	112	logmsg(LOG_DEBUG, 1, "Requesting udp socket.\n");
113		if ((listen_fd = get_boundsock(&s~~erver_~~addr, port_l, SOCK_DGRAM)) == -1)
	113	if ((listen_fd = get_boundsock(&srvaddr, port_l, SOCK_DGRAM)) == -1)
114	114	exit(EXIT_SUCCESS);
115	115	if (port_flags_udp[htons(port_l)])
…	…
192	192	if (FD_ISSET(sigpipe[0], &rfds) && (check_sigpipe() == -1)) exit(EXIT_FAILURE);
193	193	if (FD_ISSET(listen_fd, &rfds)) {
194		~~if ((ip_l_str = strdup(inet_ntoa(ip_l))) == NULL) {~~
195		~~logmsg(LOG_ERR, 1, "Error - Unable to allocate memory: %m.\n");~~
196		~~exit(EXIT_FAILURE);~~
197		}
198		~~if ((ip_r_str = strdup(inet_ntoa(ip_r))) == NULL) {~~
199		~~logmsg(LOG_ERR, 1, "Error - Unable to allocate memory: %m.\n");~~
200		~~exit(EXIT_FAILURE);~~
201		}
202		~~logmsg(LOG_INFO, 1, " %s Handling %s connection request from %s:%d to %s:%d.\n",~~
203		~~portstr, PROTO(proto), ip_r_str, ntohs(port_r), ip_l_str, ntohs(port_l));~~
204		~~free(ip_r_str);~~
205		~~free(ip_l_str);~~
206
207		~~/* initialize attack record */~~
208		~~if ((attack = new_attack(ip_l, ip_r, ntohs(port_l), 0, proto)) == NULL) {~~
209		~~logmsg(LOG_ERR, 1, "Error - Could not initialize attack record.\n");~~
210		~~free(attack);~~
211		~~exit(EXIT_FAILURE);~~
212		}
213	194
214	195
215	196	/* accept connection depending on protocol */
216		bzero(&cli~~ent_addr, sizeof(client_~~addr));
217		cli~~ent_addr_len = sizeof(client_~~addr);
	197	bzero(&cliaddr, sizeof(cliaddr));
	198	cliaddr_len = sizeof(cliaddr);
218	199	established = 0;
219	200
…	…
222	203	/* accept tcp connection request */
223	204	if ((connection_fd = accept(listen_fd, (struct sockaddr *)
224		&cli~~ent_addr, &client_~~addr_len)) < 0) {
	205	&cliaddr, &cliaddr_len)) < 0) {
225	206	if (errno == EINTR)
226	207	break;
…	…
238	219	case UDP:
239	220	connection_fd = dup(listen_fd);
240		cli~~ent_~~addr.sin_family = AF_INET;
241		cli~~ent_~~addr.sin_addr = ip_r;
242		cli~~ent_~~addr.sin_port = port_r;
	221	cliaddr.sin_family = AF_INET;
	222	cliaddr.sin_addr = ip_r;
	223	cliaddr.sin_port = port_r;
243	224
244	225	/* connecting our udp socket enables us to use read() and write() */
245	226	if (connect
246		(connection_fd, (struct sockaddr *) &cli~~ent_~~addr,
247		cli~~ent_~~addr_len) < 0) {
	227	(connection_fd, (struct sockaddr *) &cliaddr,
	228	cliaddr_len) < 0) {
248	229	if (errno == EINTR)
249	230	break;
…	…
260	241	/* update remote endpoint information for attack structure */
261	242	if (getpeername
262		(connection_fd, (struct sockaddr *) &cli~~ent_~~addr,
263		&cli~~ent_~~addr_len) < 0) {
	243	(connection_fd, (struct sockaddr *) &cliaddr,
	244	&cliaddr_len) < 0) {
264	245	if (errno == EINTR)
265	246	break;
…	…
282	263
283	264
	265	/* get remote socket endpoint info */
	266	cliaddr_len = sizeof(cliaddr);
	267	if (getpeername(connection_fd, (struct sockaddr ) &cliaddr, (socklen_t ) &cliaddr_len) != 0) {
	268	logmsg(LOG_ERR, 1, "Error - Could not get client info from socket: %s.\n", strerror(errno));
	269	exit(1);
	270	}
	271	if ((ip_r_str = strdup(inet_ntoa(cliaddr.sin_addr))) == NULL) {
	272	logmsg(LOG_ERR, 1, "Error - Unable to allocate memory: %m.\n");
	273	exit(EXIT_FAILURE);
	274	}
	275
	276	/* get local socket endpoint info */
	277	srvaddr_len = sizeof(srvaddr);
	278	if (getsockname(connection_fd, (struct sockaddr ) &srvaddr, (socklen_t ) &srvaddr_len) != 0) {
	279	logmsg(LOG_ERR, 1, "Error - Could not get client info from socket: %s.\n", strerror(errno));
	280	exit(1);
	281	}
	282	srvaddr.sin_addr = ip_l;
	283	if ((ip_l_str = strdup(inet_ntoa(srvaddr.sin_addr))) == NULL) {
	284	logmsg(LOG_ERR, 1, "Error - Unable to allocate memory: %m.\n");
	285	exit(EXIT_FAILURE);
	286	}
	287
	288	logmsg(LOG_NOTICE, 1, " %s Handling %s connection request from %s:%d to %s:%d.\n",
	289	portstr, PROTO(proto), ip_r_str, ntohs(cliaddr.sin_port), ip_l_str, ntohs(srvaddr.sin_port));
	290	free(ip_r_str);
	291	free(ip_l_str);
	292
	293	/* initialize attack record */
	294	if ((attack = new_attack(cliaddr.sin_addr, srvaddr.sin_addr, ntohs(srvaddr.sin_port), 0, proto)) == NULL) {
	295	logmsg(LOG_ERR, 1, "Error - Could not initialize attack record.\n");
	296	free(attack);
	297	exit(EXIT_FAILURE);
	298	}
	299	attack->a_conn.r_port = ntohs(cliaddr.sin_port);
	300
	301
284	302	/* incoming connection accepted, select port mode */
285		~~logmsg(LOG_NOTICE, 1, " %s Connection from %s:%u accepted.\n",~~
286		~~portstr, inet_ntoa(client_addr.sin_addr), ntohs(client_addr.sin_port));~~
287		~~attack->a_conn.r_port = ntohs(client_addr.sin_port);~~
288
289	303	if (port_mode & PORTCONF_NORMAL) {
290	304	/* handle connection in normal mode if this port configured to be handled 'normal' */
…	…
372	386	" %s Handling connection from %s:%u in proxy mode.\n",
373	387	portstr,
374		inet_ntoa(cli~~ent_~~addr.sin_addr),
375		ntohs(cli~~ent_~~addr.sin_port));
	388	inet_ntoa(cliaddr.sin_addr),
	389	ntohs(cliaddr.sin_port));
376	390	handle_connection_proxied(connection_fd,
377	391	PORTCONF_PROXY,
378	392	proxy_sock_fd, (uint16_t)
379	393	ntohs(port_l),
380		cli~~ent_~~addr.sin_port,
381		cli~~ent_~~addr.sin_addr,
	394	cliaddr.sin_port,
	395	cliaddr.sin_addr,
382	396	proto,
383	397	m_read_timeout,
…	…
387	401	" %s Handling connection from %s:%u in mirror mode.\n",
388	402	portstr,
389		inet_ntoa(cli~~ent_~~addr.sin_addr),
390		ntohs(cli~~ent_~~addr.sin_port));
	403	inet_ntoa(cliaddr.sin_addr),
	404	ntohs(cliaddr.sin_port));
391	405	handle_connection_proxied(connection_fd,
392	406	PORTCONF_MIRROR,
393	407	mirror_sock_fd, (uint16_t)
394	408	ntohs(port_l),
395		cli~~ent_~~addr.sin_port,
396		cli~~ent_~~addr.sin_addr,
	409	cliaddr.sin_port,
	410	cliaddr.sin_addr,
397	411	proto,
398	412	m_read_timeout,
…	…
402	416	" %s Handling connection from %s:%u in normal mode.\n",
403	417	portstr,
404		inet_ntoa(cli~~ent_~~addr.sin_addr),
405		ntohs(cli~~ent_~~addr.sin_port));
	418	inet_ntoa(cliaddr.sin_addr),
	419	ntohs(cliaddr.sin_port));
406	420	handle_connection_normal(connection_fd, (uint16_t)
407	421	ntohs(port_l), proto,

r1425	r1440
	1	Version 1.0.1
	2	- Fix: Improper logging of IP address pairs
1	3	Version 1.0.0
2	4	- Improved configure script

Navigation

Changeset 1440

Legend:

honeytrap/trunk/ChangeLog

honeytrap/trunk/src/dynsrv.c

Download in other formats: