Tell the truth about DNS lookups in the Event Log.

We've always had the back-end code unconditionally print 'Looking up
host' before calling name_lookup. But name_lookup doesn't always do an
actual lookup - in cases where the connection will be proxied and
we're configured to let the proxy do the DNS for us, it just calls
sk_nonamelookup to return a dummy SockAddr with the unresolved name
still in it. It's better to print a message that varies depending on
whether we're _really_ doing DNS or not, e.g. so that people can tell
the difference between DNS failure and proxy misconfiguration.

Hence, those log messages are now generated inside name_lookup(),
which takes a couple of extra parameters for the purpose - a frontend
pointer to pass to logevent(), and a reason string so that it can say
what the hostname it's (optionally) looking up is going to be used
for. (The latter is intended for possible use in logging subsidiary
lookups for port forwarding, though  the moment I haven't changed
the current setup where those connection setups aren't logged in
detail - we just pass NULL in that situation.)

diff --git a/network.h b/network.h
index 3625613b8a6c728f58ba3e613a7dd27089c28f91..fa90e60e7349ce44437fab0861d24dc0bb67ccd2 100644 (file)
--- a/network.h
+++ b/network.h
@@ -100,7 +100,8 @@ Socket new_connection(SockAddr addr, const char *hostname,
 Socket new_listener(const char *srcaddr, int port, Plug plug,
                     int local_host_only, Conf *conf, int addressfamily);
 SockAddr name_lookup(const char *host, int port, char **canonicalname,
-                    Conf *conf, int addressfamily);
+                    Conf *conf, int addressfamily, void *frontend_for_logging,
+                     const char *lookup_reason_for_logging);
 int proxy_for_destination (SockAddr addr, const char *hostname, int port,
                            Conf *conf);
 

diff --git a/portfwd.c b/portfwd.c
index 325e86870f426a35be2e1ce7438a1653cc8a9aab..8a73a182d55329ab33a0ab763ff6d3c89d1cac39 100644 (file)
--- a/portfwd.c
+++ b/portfwd.c
@@ -443,7 +443,8 @@ char *pfd_connect(struct PortForwarding **pf_ret, char *hostname,int port,
     /*
      * Try to find host.
      */
-    addr = name_lookup(hostname, port, &dummy_realhost, conf, addressfamily);
+    addr = name_lookup(hostname, port, &dummy_realhost, conf, addressfamily,
+                       NULL, NULL);
     if ((err = sk_addr_error(addr)) != NULL) {
         char *err_ret = dupstr(err);
        sk_addr_free(addr);

diff --git a/proxy.c b/proxy.c
index 3104ef0d8922f8dfd33028b8e1b989d4a5608252..1f4d7d3dfca9a06ab35b689fb231868ebe2a4ffc 100644 (file)
--- a/proxy.c
+++ b/proxy.c
@@ -363,16 +363,35 @@ int proxy_for_destination (SockAddr addr, const char *hostname,
 }
 
 SockAddr name_lookup(const char *host, int port, char **canonicalname,
-                    Conf *conf, int addressfamily)
+                    Conf *conf, int addressfamily, void *frontend,
+                     const char *reason)
 {
+    char *logmsg;
     if (conf_get_int(conf, CONF_proxy_type) != PROXY_NONE &&
        do_proxy_dns(conf) &&
        proxy_for_destination(NULL, host, port, conf)) {
+
+        if (frontend) {
+            logmsg = dupprintf("Leaving host lookup to proxy of \"%s\""
+                               " (for %s)", host, reason);
+            logevent(frontend, logmsg);
+            sfree(logmsg);
+        }
+
        *canonicalname = dupstr(host);
        return sk_nonamelookup(host);
+    } else {
+        if (frontend) {
+            logmsg = dupprintf("Looking up host \"%s\"%s for %s", host,
+                               (addressfamily == ADDRTYPE_IPV4 ? " (IPv4)" :
+                                addressfamily == ADDRTYPE_IPV6 ? " (IPv6)" :
+                                ""), reason);
+            logevent(frontend, logmsg);
+            sfree(logmsg);
+        }
+
+        return sk_namelookup(host, canonicalname, addressfamily);
     }
-
-    return sk_namelookup(host, canonicalname, addressfamily);
 }
 
 Socket new_connection(SockAddr addr, const char *hostname,

diff --git a/raw.c b/raw.c
index 6262ed8994acc7a6a583addd71d924947ec11f3b..60fbbf65e2d74b74d80d6e438639a75b7c0d6d64 100644 (file)
--- a/raw.c
+++ b/raw.c
@@ -154,16 +154,8 @@ static const char *raw_init(void *frontend_handle, void **backend_handle,
     /*
      * Try to find host.
      */
-    {
-       char *buf;
-       buf = dupprintf("Looking up host \"%s\"%s", host,
-                       (addressfamily == ADDRTYPE_IPV4 ? " (IPv4)" :
-                        (addressfamily == ADDRTYPE_IPV6 ? " (IPv6)" :
-                         "")));
-       logevent(raw->frontend, buf);
-       sfree(buf);
-    }
-    addr = name_lookup(host, port, realhost, conf, addressfamily);
+    addr = name_lookup(host, port, realhost, conf, addressfamily,
+                       raw->frontend, "main connection");
     if ((err = sk_addr_error(addr)) != NULL) {
        sk_addr_free(addr);
        return err;

diff --git a/rlogin.c b/rlogin.c
index d73f7f9f97b7349025f1c566672178f5c63b5b7c..e5d2e39ce0b8a7e378637a2bc3e95c89cc094514 100644 (file)
--- a/rlogin.c
+++ b/rlogin.c
@@ -194,16 +194,8 @@ static const char *rlogin_init(void *frontend_handle, void **backend_handle,
     /*
      * Try to find host.
      */
-    {
-       char *buf;
-       buf = dupprintf("Looking up host \"%s\"%s", host,
-                       (addressfamily == ADDRTYPE_IPV4 ? " (IPv4)" :
-                        (addressfamily == ADDRTYPE_IPV6 ? " (IPv6)" :
-                         "")));
-       logevent(rlogin->frontend, buf);
-       sfree(buf);
-    }
-    addr = name_lookup(host, port, realhost, conf, addressfamily);
+    addr = name_lookup(host, port, realhost, conf, addressfamily,
+                       rlogin->frontend, "rlogin connection");
     if ((err = sk_addr_error(addr)) != NULL) {
        sk_addr_free(addr);
        return err;

diff --git a/ssh.c b/ssh.c
index 01c261a2e2acd5cdea4fe689e2fc40ed4f4268e6..b13802feb2abbdbfd26ade67f412a471ef1eb4a4 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -3674,10 +3674,8 @@ static const char *connect_to_host(Ssh ssh, const char *host, int port,
          * Try to find host.
          */
         addressfamily = conf_get_int(ssh->conf, CONF_addressfamily);
-        logeventf(ssh, "Looking up host \"%s\"%s", host,
-                  (addressfamily == ADDRTYPE_IPV4 ? " (IPv4)" :
-                   (addressfamily == ADDRTYPE_IPV6 ? " (IPv6)" : "")));
-        addr = name_lookup(host, port, realhost, ssh->conf, addressfamily);
+        addr = name_lookup(host, port, realhost, ssh->conf, addressfamily,
+                           ssh->frontend, "SSH connection");
         if ((err = sk_addr_error(addr)) != NULL) {
             sk_addr_free(addr);
             return err;

diff --git a/telnet.c b/telnet.c
index 0de8b016c381160ea3f627c171b623450e229b06..e7a8d8bad1a16757a4e5a1e9916b24c0cacd93f1 100644 (file)
--- a/telnet.c
+++ b/telnet.c
@@ -751,17 +751,9 @@ static const char *telnet_init(void *frontend_handle, void **backend_handle,
     /*
      * Try to find host.
      */
-    {
-       char *buf;
-       addressfamily = conf_get_int(telnet->conf, CONF_addressfamily);
-       buf = dupprintf("Looking up host \"%s\"%s", host,
-                       (addressfamily == ADDRTYPE_IPV4 ? " (IPv4)" :
-                        (addressfamily == ADDRTYPE_IPV6 ? " (IPv6)" :
-                         "")));
-       logevent(telnet->frontend, buf);
-       sfree(buf);
-    }
-    addr = name_lookup(host, port, realhost, telnet->conf, addressfamily);
+    addressfamily = conf_get_int(telnet->conf, CONF_addressfamily);
+    addr = name_lookup(host, port, realhost, telnet->conf, addressfamily,
+                       telnet->frontend, "Telnet connection");
     if ((err = sk_addr_error(addr)) != NULL) {
        sk_addr_free(addr);
        return err;

diff --git a/x11fwd.c b/x11fwd.c
index 6cfec72824304b8e853802b599c12ed932802a91..bdfc4e743570f9173cf86d82040b593d41fc6e7e 100644 (file)
--- a/x11fwd.c
+++ b/x11fwd.c
@@ -286,7 +286,8 @@ struct X11Display *x11_setup_display(const char *display, Conf *conf)
 
        disp->port = 6000 + disp->displaynum;
        disp->addr = name_lookup(disp->hostname, disp->port,
-                                &disp->realhost, conf, ADDRTYPE_UNSPEC);
+                                &disp->realhost, conf, ADDRTYPE_UNSPEC,
+                                 NULL, NULL);
     
        if ((err = sk_addr_error(disp->addr)) != NULL) {
            sk_addr_free(disp->addr);