File: | src/usr.bin/ssh/ssh/../sshconnect.c |
Warning: | line 994, column 36 Access to field 'key' results in a dereference of a null pointer (loaded from variable 'host_found') |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: sshconnect.c,v 1.356 2021/12/19 22:10:24 djm Exp $ */ | |||
2 | /* | |||
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | |||
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | |||
5 | * All rights reserved | |||
6 | * Code to connect to a remote host, and to perform the client side of the | |||
7 | * login (authentication) dialog. | |||
8 | * | |||
9 | * As far as I am concerned, the code I have written for this software | |||
10 | * can be used freely for any purpose. Any derived versions of this | |||
11 | * software must be clearly marked as such, and if the derived work is | |||
12 | * incompatible with the protocol description in the RFC file, it must be | |||
13 | * called by a name other than "ssh" or "Secure Shell". | |||
14 | */ | |||
15 | ||||
16 | #include <sys/types.h> | |||
17 | #include <sys/wait.h> | |||
18 | #include <sys/stat.h> | |||
19 | #include <sys/socket.h> | |||
20 | #include <sys/time.h> | |||
21 | ||||
22 | #include <net/if.h> | |||
23 | #include <netinet/in.h> | |||
24 | ||||
25 | #include <ctype.h> | |||
26 | #include <errno(*__errno()).h> | |||
27 | #include <fcntl.h> | |||
28 | #include <netdb.h> | |||
29 | #include <limits.h> | |||
30 | #include <paths.h> | |||
31 | #include <signal.h> | |||
32 | #include <pwd.h> | |||
33 | #include <stdio.h> | |||
34 | #include <stdlib.h> | |||
35 | #include <stdarg.h> | |||
36 | #include <string.h> | |||
37 | #include <unistd.h> | |||
38 | #include <ifaddrs.h> | |||
39 | ||||
40 | #include "xmalloc.h" | |||
41 | #include "ssh.h" | |||
42 | #include "sshbuf.h" | |||
43 | #include "packet.h" | |||
44 | #include "compat.h" | |||
45 | #include "sshkey.h" | |||
46 | #include "sshconnect.h" | |||
47 | #include "hostfile.h" | |||
48 | #include "log.h" | |||
49 | #include "misc.h" | |||
50 | #include "readconf.h" | |||
51 | #include "atomicio.h" | |||
52 | #include "dns.h" | |||
53 | #include "monitor_fdpass.h" | |||
54 | #include "ssh2.h" | |||
55 | #include "version.h" | |||
56 | #include "authfile.h" | |||
57 | #include "ssherr.h" | |||
58 | #include "authfd.h" | |||
59 | #include "kex.h" | |||
60 | ||||
61 | struct sshkey *previous_host_key = NULL((void *)0); | |||
62 | ||||
63 | static int matching_host_key_dns = 0; | |||
64 | ||||
65 | static pid_t proxy_command_pid = 0; | |||
66 | ||||
67 | /* import */ | |||
68 | extern int debug_flag; | |||
69 | extern Options options; | |||
70 | extern char *__progname; | |||
71 | ||||
72 | static int show_other_keys(struct hostkeys *, struct sshkey *); | |||
73 | static void warn_changed_key(struct sshkey *); | |||
74 | ||||
75 | /* Expand a proxy command */ | |||
76 | static char * | |||
77 | expand_proxy_command(const char *proxy_command, const char *user, | |||
78 | const char *host, const char *host_arg, int port) | |||
79 | { | |||
80 | char *tmp, *ret, strport[NI_MAXSERV32]; | |||
81 | const char *keyalias = options.host_key_alias ? | |||
82 | options.host_key_alias : host_arg; | |||
83 | ||||
84 | snprintf(strport, sizeof strport, "%d", port); | |||
85 | xasprintf(&tmp, "exec %s", proxy_command); | |||
86 | ret = percent_expand(tmp, | |||
87 | "h", host, | |||
88 | "k", keyalias, | |||
89 | "n", host_arg, | |||
90 | "p", strport, | |||
91 | "r", options.user, | |||
92 | (char *)NULL((void *)0)); | |||
93 | free(tmp); | |||
94 | return ret; | |||
95 | } | |||
96 | ||||
97 | /* | |||
98 | * Connect to the given ssh server using a proxy command that passes a | |||
99 | * a connected fd back to us. | |||
100 | */ | |||
101 | static int | |||
102 | ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, | |||
103 | const char *host_arg, u_short port, const char *proxy_command) | |||
104 | { | |||
105 | char *command_string; | |||
106 | int sp[2], sock; | |||
107 | pid_t pid; | |||
108 | char *shell; | |||
109 | ||||
110 | if ((shell = getenv("SHELL")) == NULL((void *)0)) | |||
111 | shell = _PATH_BSHELL"/bin/sh"; | |||
112 | ||||
113 | if (socketpair(AF_UNIX1, SOCK_STREAM1, 0, sp) == -1) | |||
114 | fatal("Could not create socketpair to communicate with "sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 115, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Could not create socketpair to communicate with " "proxy dialer: %.100s", strerror((*__errno()))) | |||
115 | "proxy dialer: %.100s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 115, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Could not create socketpair to communicate with " "proxy dialer: %.100s", strerror((*__errno()))); | |||
116 | ||||
117 | command_string = expand_proxy_command(proxy_command, options.user, | |||
118 | host, host_arg, port); | |||
119 | debug("Executing proxy dialer command: %.500s", command_string)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 119 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Executing proxy dialer command: %.500s" , command_string); | |||
120 | ||||
121 | /* Fork and execute the proxy command. */ | |||
122 | if ((pid = fork()) == 0) { | |||
123 | char *argv[10]; | |||
124 | ||||
125 | close(sp[1]); | |||
126 | /* Redirect stdin and stdout. */ | |||
127 | if (sp[0] != 0) { | |||
128 | if (dup2(sp[0], 0) == -1) | |||
129 | perror("dup2 stdin"); | |||
130 | } | |||
131 | if (sp[0] != 1) { | |||
132 | if (dup2(sp[0], 1) == -1) | |||
133 | perror("dup2 stdout"); | |||
134 | } | |||
135 | if (sp[0] >= 2) | |||
136 | close(sp[0]); | |||
137 | ||||
138 | /* | |||
139 | * Stderr is left for non-ControlPersist connections is so | |||
140 | * error messages may be printed on the user's terminal. | |||
141 | */ | |||
142 | if (!debug_flag && options.control_path != NULL((void *)0) && | |||
143 | options.control_persist && stdfd_devnull(0, 0, 1) == -1) | |||
144 | error_f("stdfd_devnull failed")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 144 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "stdfd_devnull failed"); | |||
145 | ||||
146 | argv[0] = shell; | |||
147 | argv[1] = "-c"; | |||
148 | argv[2] = command_string; | |||
149 | argv[3] = NULL((void *)0); | |||
150 | ||||
151 | /* | |||
152 | * Execute the proxy command. | |||
153 | * Note that we gave up any extra privileges above. | |||
154 | */ | |||
155 | execv(argv[0], argv); | |||
156 | perror(argv[0]); | |||
157 | exit(1); | |||
158 | } | |||
159 | /* Parent. */ | |||
160 | if (pid == -1) | |||
161 | fatal("fork failed: %.100s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 161, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "fork failed: %.100s" , strerror((*__errno()))); | |||
162 | close(sp[0]); | |||
163 | free(command_string); | |||
164 | ||||
165 | if ((sock = mm_receive_fd(sp[1])) == -1) | |||
166 | fatal("proxy dialer did not pass back a connection")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 166, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "proxy dialer did not pass back a connection" ); | |||
167 | close(sp[1]); | |||
168 | ||||
169 | while (waitpid(pid, NULL((void *)0), 0) == -1) | |||
170 | if (errno(*__errno()) != EINTR4) | |||
171 | fatal("Couldn't wait for child: %s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 171, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Couldn't wait for child: %s" , strerror((*__errno()))); | |||
172 | ||||
173 | /* Set the connection file descriptors. */ | |||
174 | if (ssh_packet_set_connection(ssh, sock, sock) == NULL((void *)0)) | |||
175 | return -1; /* ssh_packet_set_connection logs error */ | |||
176 | ||||
177 | return 0; | |||
178 | } | |||
179 | ||||
180 | /* | |||
181 | * Connect to the given ssh server using a proxy command. | |||
182 | */ | |||
183 | static int | |||
184 | ssh_proxy_connect(struct ssh *ssh, const char *host, const char *host_arg, | |||
185 | u_short port, const char *proxy_command) | |||
186 | { | |||
187 | char *command_string; | |||
188 | int pin[2], pout[2]; | |||
189 | pid_t pid; | |||
190 | char *shell; | |||
191 | ||||
192 | if ((shell = getenv("SHELL")) == NULL((void *)0) || *shell == '\0') | |||
193 | shell = _PATH_BSHELL"/bin/sh"; | |||
194 | ||||
195 | /* Create pipes for communicating with the proxy. */ | |||
196 | if (pipe(pin) == -1 || pipe(pout) == -1) | |||
197 | fatal("Could not create pipes to communicate with the proxy: %.100s",sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 198, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Could not create pipes to communicate with the proxy: %.100s" , strerror((*__errno()))) | |||
198 | strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 198, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Could not create pipes to communicate with the proxy: %.100s" , strerror((*__errno()))); | |||
199 | ||||
200 | command_string = expand_proxy_command(proxy_command, options.user, | |||
201 | host, host_arg, port); | |||
202 | debug("Executing proxy command: %.500s", command_string)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 202 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Executing proxy command: %.500s" , command_string); | |||
203 | ||||
204 | /* Fork and execute the proxy command. */ | |||
205 | if ((pid = fork()) == 0) { | |||
206 | char *argv[10]; | |||
207 | ||||
208 | /* Redirect stdin and stdout. */ | |||
209 | close(pin[1]); | |||
210 | if (pin[0] != 0) { | |||
211 | if (dup2(pin[0], 0) == -1) | |||
212 | perror("dup2 stdin"); | |||
213 | close(pin[0]); | |||
214 | } | |||
215 | close(pout[0]); | |||
216 | if (dup2(pout[1], 1) == -1) | |||
217 | perror("dup2 stdout"); | |||
218 | /* Cannot be 1 because pin allocated two descriptors. */ | |||
219 | close(pout[1]); | |||
220 | ||||
221 | /* | |||
222 | * Stderr is left for non-ControlPersist connections is so | |||
223 | * error messages may be printed on the user's terminal. | |||
224 | */ | |||
225 | if (!debug_flag && options.control_path != NULL((void *)0) && | |||
226 | options.control_persist && stdfd_devnull(0, 0, 1) == -1) | |||
227 | error_f("stdfd_devnull failed")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 227 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "stdfd_devnull failed"); | |||
228 | ||||
229 | argv[0] = shell; | |||
230 | argv[1] = "-c"; | |||
231 | argv[2] = command_string; | |||
232 | argv[3] = NULL((void *)0); | |||
233 | ||||
234 | /* | |||
235 | * Execute the proxy command. Note that we gave up any | |||
236 | * extra privileges above. | |||
237 | */ | |||
238 | ssh_signal(SIGPIPE13, SIG_DFL(void (*)(int))0); | |||
239 | execv(argv[0], argv); | |||
240 | perror(argv[0]); | |||
241 | exit(1); | |||
242 | } | |||
243 | /* Parent. */ | |||
244 | if (pid == -1) | |||
245 | fatal("fork failed: %.100s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 245, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "fork failed: %.100s" , strerror((*__errno()))); | |||
246 | else | |||
247 | proxy_command_pid = pid; /* save pid to clean up later */ | |||
248 | ||||
249 | /* Close child side of the descriptors. */ | |||
250 | close(pin[0]); | |||
251 | close(pout[1]); | |||
252 | ||||
253 | /* Free the command name. */ | |||
254 | free(command_string); | |||
255 | ||||
256 | /* Set the connection file descriptors. */ | |||
257 | if (ssh_packet_set_connection(ssh, pout[0], pin[1]) == NULL((void *)0)) | |||
258 | return -1; /* ssh_packet_set_connection logs error */ | |||
259 | ||||
260 | return 0; | |||
261 | } | |||
262 | ||||
263 | void | |||
264 | ssh_kill_proxy_command(void) | |||
265 | { | |||
266 | /* | |||
267 | * Send SIGHUP to proxy command if used. We don't wait() in | |||
268 | * case it hangs and instead rely on init to reap the child | |||
269 | */ | |||
270 | if (proxy_command_pid > 1) | |||
271 | kill(proxy_command_pid, SIGHUP1); | |||
272 | } | |||
273 | ||||
274 | /* | |||
275 | * Search a interface address list (returned from getifaddrs(3)) for an | |||
276 | * address that matches the desired address family on the specified interface. | |||
277 | * Returns 0 and fills in *resultp and *rlenp on success. Returns -1 on failure. | |||
278 | */ | |||
279 | static int | |||
280 | check_ifaddrs(const char *ifname, int af, const struct ifaddrs *ifaddrs, | |||
281 | struct sockaddr_storage *resultp, socklen_t *rlenp) | |||
282 | { | |||
283 | struct sockaddr_in6 *sa6; | |||
284 | struct sockaddr_in *sa; | |||
285 | struct in6_addr *v6addr; | |||
286 | const struct ifaddrs *ifa; | |||
287 | int allow_local; | |||
288 | ||||
289 | /* | |||
290 | * Prefer addresses that are not loopback or linklocal, but use them | |||
291 | * if nothing else matches. | |||
292 | */ | |||
293 | for (allow_local = 0; allow_local < 2; allow_local++) { | |||
294 | for (ifa = ifaddrs; ifa != NULL((void *)0); ifa = ifa->ifa_next) { | |||
295 | if (ifa->ifa_addr == NULL((void *)0) || ifa->ifa_name == NULL((void *)0) || | |||
296 | (ifa->ifa_flags & IFF_UP0x1) == 0 || | |||
297 | ifa->ifa_addr->sa_family != af || | |||
298 | strcmp(ifa->ifa_name, options.bind_interface) != 0) | |||
299 | continue; | |||
300 | switch (ifa->ifa_addr->sa_family) { | |||
301 | case AF_INET2: | |||
302 | sa = (struct sockaddr_in *)ifa->ifa_addr; | |||
303 | if (!allow_local && sa->sin_addr.s_addr == | |||
304 | htonl(INADDR_LOOPBACK)(__uint32_t)(__builtin_constant_p(((u_int32_t)(0x7f000001))) ? (__uint32_t)(((__uint32_t)(((u_int32_t)(0x7f000001))) & 0xff ) << 24 | ((__uint32_t)(((u_int32_t)(0x7f000001))) & 0xff00) << 8 | ((__uint32_t)(((u_int32_t)(0x7f000001)) ) & 0xff0000) >> 8 | ((__uint32_t)(((u_int32_t)(0x7f000001 ))) & 0xff000000) >> 24) : __swap32md(((u_int32_t)( 0x7f000001))))) | |||
305 | continue; | |||
306 | if (*rlenp < sizeof(struct sockaddr_in)) { | |||
307 | error_f("v4 addr doesn't fit")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 307 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "v4 addr doesn't fit"); | |||
308 | return -1; | |||
309 | } | |||
310 | *rlenp = sizeof(struct sockaddr_in); | |||
311 | memcpy(resultp, sa, *rlenp); | |||
312 | return 0; | |||
313 | case AF_INET624: | |||
314 | sa6 = (struct sockaddr_in6 *)ifa->ifa_addr; | |||
315 | v6addr = &sa6->sin6_addr; | |||
316 | if (!allow_local && | |||
317 | (IN6_IS_ADDR_LINKLOCAL(v6addr)(((v6addr)->__u6_addr.__u6_addr8[0] == 0xfe) && (( (v6addr)->__u6_addr.__u6_addr8[1] & 0xc0) == 0x80)) || | |||
318 | IN6_IS_ADDR_LOOPBACK(v6addr)((*(const u_int32_t *)(const void *)(&(v6addr)->__u6_addr .__u6_addr8[0]) == 0) && (*(const u_int32_t *)(const void *)(&(v6addr)->__u6_addr.__u6_addr8[4]) == 0) && (*(const u_int32_t *)(const void *)(&(v6addr)->__u6_addr .__u6_addr8[8]) == 0) && (*(const u_int32_t *)(const void *)(&(v6addr)->__u6_addr.__u6_addr8[12]) == (__uint32_t )(__builtin_constant_p(1) ? (__uint32_t)(((__uint32_t)(1) & 0xff) << 24 | ((__uint32_t)(1) & 0xff00) << 8 | ((__uint32_t)(1) & 0xff0000) >> 8 | ((__uint32_t )(1) & 0xff000000) >> 24) : __swap32md(1)))))) | |||
319 | continue; | |||
320 | if (*rlenp < sizeof(struct sockaddr_in6)) { | |||
321 | error_f("v6 addr doesn't fit")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 321 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "v6 addr doesn't fit"); | |||
322 | return -1; | |||
323 | } | |||
324 | *rlenp = sizeof(struct sockaddr_in6); | |||
325 | memcpy(resultp, sa6, *rlenp); | |||
326 | return 0; | |||
327 | } | |||
328 | } | |||
329 | } | |||
330 | return -1; | |||
331 | } | |||
332 | ||||
333 | /* | |||
334 | * Creates a socket for use as the ssh connection. | |||
335 | */ | |||
336 | static int | |||
337 | ssh_create_socket(struct addrinfo *ai) | |||
338 | { | |||
339 | int sock, r; | |||
340 | struct sockaddr_storage bindaddr; | |||
341 | socklen_t bindaddrlen = 0; | |||
342 | struct addrinfo hints, *res = NULL((void *)0); | |||
343 | struct ifaddrs *ifaddrs = NULL((void *)0); | |||
344 | char ntop[NI_MAXHOST256]; | |||
345 | ||||
346 | sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); | |||
347 | if (sock == -1) { | |||
348 | error("socket: %s", strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 348 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "socket: %s", strerror( (*__errno()))); | |||
349 | return -1; | |||
350 | } | |||
351 | fcntl(sock, F_SETFD2, FD_CLOEXEC1); | |||
352 | ||||
353 | /* Use interactive QOS (if specified) until authentication completed */ | |||
354 | if (options.ip_qos_interactive != INT_MAX2147483647) | |||
355 | set_sock_tos(sock, options.ip_qos_interactive); | |||
356 | ||||
357 | /* Bind the socket to an alternative local IP address */ | |||
358 | if (options.bind_address == NULL((void *)0) && options.bind_interface == NULL((void *)0)) | |||
359 | return sock; | |||
360 | ||||
361 | if (options.bind_address != NULL((void *)0)) { | |||
362 | memset(&hints, 0, sizeof(hints)); | |||
363 | hints.ai_family = ai->ai_family; | |||
364 | hints.ai_socktype = ai->ai_socktype; | |||
365 | hints.ai_protocol = ai->ai_protocol; | |||
366 | hints.ai_flags = AI_PASSIVE1; | |||
367 | if ((r = getaddrinfo(options.bind_address, NULL((void *)0), | |||
368 | &hints, &res)) != 0) { | |||
369 | error("getaddrinfo: %s: %s", options.bind_address,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 370 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "getaddrinfo: %s: %s", options .bind_address, ssh_gai_strerror(r)) | |||
370 | ssh_gai_strerror(r))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 370 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "getaddrinfo: %s: %s", options .bind_address, ssh_gai_strerror(r)); | |||
371 | goto fail; | |||
372 | } | |||
373 | if (res == NULL((void *)0)) { | |||
374 | error("getaddrinfo: no addrs")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 374 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "getaddrinfo: no addrs" ); | |||
375 | goto fail; | |||
376 | } | |||
377 | memcpy(&bindaddr, res->ai_addr, res->ai_addrlen); | |||
378 | bindaddrlen = res->ai_addrlen; | |||
379 | } else if (options.bind_interface != NULL((void *)0)) { | |||
380 | if ((r = getifaddrs(&ifaddrs)) != 0) { | |||
381 | error("getifaddrs: %s: %s", options.bind_interface,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 382 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "getifaddrs: %s: %s", options .bind_interface, strerror((*__errno()))) | |||
382 | strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 382 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "getifaddrs: %s: %s", options .bind_interface, strerror((*__errno()))); | |||
383 | goto fail; | |||
384 | } | |||
385 | bindaddrlen = sizeof(bindaddr); | |||
386 | if (check_ifaddrs(options.bind_interface, ai->ai_family, | |||
387 | ifaddrs, &bindaddr, &bindaddrlen) != 0) { | |||
388 | logit("getifaddrs: %s: no suitable addresses",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 389 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "getifaddrs: %s: no suitable addresses" , options.bind_interface) | |||
389 | options.bind_interface)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 389 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "getifaddrs: %s: no suitable addresses" , options.bind_interface); | |||
390 | goto fail; | |||
391 | } | |||
392 | } | |||
393 | if ((r = getnameinfo((struct sockaddr *)&bindaddr, bindaddrlen, | |||
394 | ntop, sizeof(ntop), NULL((void *)0), 0, NI_NUMERICHOST1)) != 0) { | |||
395 | error_f("getnameinfo failed: %s", ssh_gai_strerror(r))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 395 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "getnameinfo failed: %s" , ssh_gai_strerror(r)); | |||
396 | goto fail; | |||
397 | } | |||
398 | if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) { | |||
399 | error("bind %s: %s", ntop, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 399 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "bind %s: %s", ntop, strerror ((*__errno()))); | |||
400 | goto fail; | |||
401 | } | |||
402 | debug_f("bound to %s", ntop)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 402 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "bound to %s", ntop); | |||
403 | /* success */ | |||
404 | goto out; | |||
405 | fail: | |||
406 | close(sock); | |||
407 | sock = -1; | |||
408 | out: | |||
409 | if (res != NULL((void *)0)) | |||
410 | freeaddrinfo(res); | |||
411 | if (ifaddrs != NULL((void *)0)) | |||
412 | freeifaddrs(ifaddrs); | |||
413 | return sock; | |||
414 | } | |||
415 | ||||
416 | /* | |||
417 | * Opens a TCP/IP connection to the remote server on the given host. | |||
418 | * The address of the remote host will be returned in hostaddr. | |||
419 | * If port is 0, the default port will be used. | |||
420 | * Connection_attempts specifies the maximum number of tries (one per | |||
421 | * second). If proxy_command is non-NULL, it specifies the command (with %h | |||
422 | * and %p substituted for host and port, respectively) to use to contact | |||
423 | * the daemon. | |||
424 | */ | |||
425 | static int | |||
426 | ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, | |||
427 | struct sockaddr_storage *hostaddr, u_short port, int connection_attempts, | |||
428 | int *timeout_ms, int want_keepalive) | |||
429 | { | |||
430 | int on = 1, saved_timeout_ms = *timeout_ms; | |||
431 | int oerrno, sock = -1, attempt; | |||
432 | char ntop[NI_MAXHOST256], strport[NI_MAXSERV32]; | |||
433 | struct addrinfo *ai; | |||
434 | ||||
435 | debug3_f("entering")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 435 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "entering"); | |||
436 | memset(ntop, 0, sizeof(ntop)); | |||
437 | memset(strport, 0, sizeof(strport)); | |||
438 | ||||
439 | for (attempt = 0; attempt < connection_attempts; attempt++) { | |||
440 | if (attempt > 0) { | |||
441 | /* Sleep a moment before retrying. */ | |||
442 | sleep(1); | |||
443 | debug("Trying again...")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 443 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Trying again..."); | |||
444 | } | |||
445 | /* | |||
446 | * Loop through addresses for this host, and try each one in | |||
447 | * sequence until the connection succeeds. | |||
448 | */ | |||
449 | for (ai = aitop; ai; ai = ai->ai_next) { | |||
450 | if (ai->ai_family != AF_INET2 && | |||
451 | ai->ai_family != AF_INET624) { | |||
452 | errno(*__errno()) = EAFNOSUPPORT47; | |||
453 | continue; | |||
454 | } | |||
455 | if (getnameinfo(ai->ai_addr, ai->ai_addrlen, | |||
456 | ntop, sizeof(ntop), strport, sizeof(strport), | |||
457 | NI_NUMERICHOST1|NI_NUMERICSERV2) != 0) { | |||
458 | oerrno = errno(*__errno()); | |||
459 | error_f("getnameinfo failed")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 459 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "getnameinfo failed"); | |||
460 | errno(*__errno()) = oerrno; | |||
461 | continue; | |||
462 | } | |||
463 | debug("Connecting to %.200s [%.100s] port %s.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 464 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Connecting to %.200s [%.100s] port %s." , host, ntop, strport) | |||
464 | host, ntop, strport)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 464 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Connecting to %.200s [%.100s] port %s." , host, ntop, strport); | |||
465 | ||||
466 | /* Create a socket for connecting. */ | |||
467 | sock = ssh_create_socket(ai); | |||
468 | if (sock < 0) { | |||
469 | /* Any error is already output */ | |||
470 | errno(*__errno()) = 0; | |||
471 | continue; | |||
472 | } | |||
473 | ||||
474 | *timeout_ms = saved_timeout_ms; | |||
475 | if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen, | |||
476 | timeout_ms) >= 0) { | |||
477 | /* Successful connection. */ | |||
478 | memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen); | |||
479 | break; | |||
480 | } else { | |||
481 | oerrno = errno(*__errno()); | |||
482 | debug("connect to address %s port %s: %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 483 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "connect to address %s port %s: %s" , ntop, strport, strerror((*__errno()))) | |||
483 | ntop, strport, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 483 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "connect to address %s port %s: %s" , ntop, strport, strerror((*__errno()))); | |||
484 | close(sock); | |||
485 | sock = -1; | |||
486 | errno(*__errno()) = oerrno; | |||
487 | } | |||
488 | } | |||
489 | if (sock != -1) | |||
490 | break; /* Successful connection. */ | |||
491 | } | |||
492 | ||||
493 | /* Return failure if we didn't get a successful connection. */ | |||
494 | if (sock == -1) { | |||
495 | error("ssh: connect to host %s port %s: %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 496 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "ssh: connect to host %s port %s: %s" , host, strport, (*__errno()) == 0 ? "failure" : strerror((*__errno ()))) | |||
496 | host, strport, errno == 0 ? "failure" : strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 496 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "ssh: connect to host %s port %s: %s" , host, strport, (*__errno()) == 0 ? "failure" : strerror((*__errno ()))); | |||
497 | return -1; | |||
498 | } | |||
499 | ||||
500 | debug("Connection established.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 500 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Connection established." ); | |||
501 | ||||
502 | /* Set SO_KEEPALIVE if requested. */ | |||
503 | if (want_keepalive && | |||
504 | setsockopt(sock, SOL_SOCKET0xffff, SO_KEEPALIVE0x0008, (void *)&on, | |||
505 | sizeof(on)) == -1) | |||
506 | error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 506 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "setsockopt SO_KEEPALIVE: %.100s" , strerror((*__errno()))); | |||
507 | ||||
508 | /* Set the connection. */ | |||
509 | if (ssh_packet_set_connection(ssh, sock, sock) == NULL((void *)0)) | |||
510 | return -1; /* ssh_packet_set_connection logs error */ | |||
511 | ||||
512 | return 0; | |||
513 | } | |||
514 | ||||
515 | int | |||
516 | ssh_connect(struct ssh *ssh, const char *host, const char *host_arg, | |||
517 | struct addrinfo *addrs, struct sockaddr_storage *hostaddr, u_short port, | |||
518 | int connection_attempts, int *timeout_ms, int want_keepalive) | |||
519 | { | |||
520 | int in, out; | |||
521 | ||||
522 | if (options.proxy_command == NULL((void *)0)) { | |||
523 | return ssh_connect_direct(ssh, host, addrs, hostaddr, port, | |||
524 | connection_attempts, timeout_ms, want_keepalive); | |||
525 | } else if (strcmp(options.proxy_command, "-") == 0) { | |||
526 | if ((in = dup(STDIN_FILENO0)) == -1 || | |||
527 | (out = dup(STDOUT_FILENO1)) == -1) { | |||
528 | if (in >= 0) | |||
529 | close(in); | |||
530 | error_f("dup() in/out failed")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 530 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "dup() in/out failed"); | |||
531 | return -1; /* ssh_packet_set_connection logs error */ | |||
532 | } | |||
533 | if ((ssh_packet_set_connection(ssh, in, out)) == NULL((void *)0)) | |||
534 | return -1; /* ssh_packet_set_connection logs error */ | |||
535 | return 0; | |||
536 | } else if (options.proxy_use_fdpass) { | |||
537 | return ssh_proxy_fdpass_connect(ssh, host, host_arg, port, | |||
538 | options.proxy_command); | |||
539 | } | |||
540 | return ssh_proxy_connect(ssh, host, host_arg, port, | |||
541 | options.proxy_command); | |||
542 | } | |||
543 | ||||
544 | /* defaults to 'no' */ | |||
545 | static int | |||
546 | confirm(const char *prompt, const char *fingerprint) | |||
547 | { | |||
548 | const char *msg, *again = "Please type 'yes' or 'no': "; | |||
549 | const char *again_fp = "Please type 'yes', 'no' or the fingerprint: "; | |||
550 | char *p, *cp; | |||
551 | int ret = -1; | |||
552 | ||||
553 | if (options.batch_mode) | |||
554 | return 0; | |||
555 | for (msg = prompt;;msg = fingerprint ? again_fp : again) { | |||
556 | cp = p = read_passphrase(msg, RP_ECHO0x0001); | |||
557 | if (p == NULL((void *)0)) | |||
558 | return 0; | |||
559 | p += strspn(p, " \t"); /* skip leading whitespace */ | |||
560 | p[strcspn(p, " \t\n")] = '\0'; /* remove trailing whitespace */ | |||
561 | if (p[0] == '\0' || strcasecmp(p, "no") == 0) | |||
562 | ret = 0; | |||
563 | else if (strcasecmp(p, "yes") == 0 || (fingerprint != NULL((void *)0) && | |||
564 | strcmp(p, fingerprint) == 0)) | |||
565 | ret = 1; | |||
566 | free(cp); | |||
567 | if (ret != -1) | |||
568 | return ret; | |||
569 | } | |||
570 | } | |||
571 | ||||
572 | static int | |||
573 | sockaddr_is_local(struct sockaddr *hostaddr) | |||
574 | { | |||
575 | switch (hostaddr->sa_family) { | |||
576 | case AF_INET2: | |||
577 | return (ntohl(((struct sockaddr_in *)hostaddr)->(__uint32_t)(__builtin_constant_p(((struct sockaddr_in *)hostaddr )-> sin_addr.s_addr) ? (__uint32_t)(((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr) & 0xff) << 24 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr .s_addr) & 0xff00) << 8 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr) & 0xff0000) >> 8 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr .s_addr) & 0xff000000) >> 24) : __swap32md(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr)) | |||
578 | sin_addr.s_addr)(__uint32_t)(__builtin_constant_p(((struct sockaddr_in *)hostaddr )-> sin_addr.s_addr) ? (__uint32_t)(((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr) & 0xff) << 24 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr .s_addr) & 0xff00) << 8 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr) & 0xff0000) >> 8 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr .s_addr) & 0xff000000) >> 24) : __swap32md(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr)) >> 24) == IN_LOOPBACKNET127; | |||
579 | case AF_INET624: | |||
580 | return IN6_IS_ADDR_LOOPBACK(((*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr))->__u6_addr.__u6_addr8[0]) == 0 ) && (*(const u_int32_t *)(const void *)(&(&( ((struct sockaddr_in6 *)hostaddr)->sin6_addr))->__u6_addr .__u6_addr8[4]) == 0) && (*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr ))->__u6_addr.__u6_addr8[8]) == 0) && (*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr )->sin6_addr))->__u6_addr.__u6_addr8[12]) == (__uint32_t )(__builtin_constant_p(1) ? (__uint32_t)(((__uint32_t)(1) & 0xff) << 24 | ((__uint32_t)(1) & 0xff00) << 8 | ((__uint32_t)(1) & 0xff0000) >> 8 | ((__uint32_t )(1) & 0xff000000) >> 24) : __swap32md(1)))) | |||
581 | &(((struct sockaddr_in6 *)hostaddr)->sin6_addr))((*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr))->__u6_addr.__u6_addr8[0]) == 0 ) && (*(const u_int32_t *)(const void *)(&(&( ((struct sockaddr_in6 *)hostaddr)->sin6_addr))->__u6_addr .__u6_addr8[4]) == 0) && (*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr ))->__u6_addr.__u6_addr8[8]) == 0) && (*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr )->sin6_addr))->__u6_addr.__u6_addr8[12]) == (__uint32_t )(__builtin_constant_p(1) ? (__uint32_t)(((__uint32_t)(1) & 0xff) << 24 | ((__uint32_t)(1) & 0xff00) << 8 | ((__uint32_t)(1) & 0xff0000) >> 8 | ((__uint32_t )(1) & 0xff000000) >> 24) : __swap32md(1)))); | |||
582 | default: | |||
583 | return 0; | |||
584 | } | |||
585 | } | |||
586 | ||||
587 | /* | |||
588 | * Prepare the hostname and ip address strings that are used to lookup | |||
589 | * host keys in known_hosts files. These may have a port number appended. | |||
590 | */ | |||
591 | void | |||
592 | get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr, | |||
593 | u_short port, char **hostfile_hostname, char **hostfile_ipaddr) | |||
594 | { | |||
595 | char ntop[NI_MAXHOST256]; | |||
596 | ||||
597 | /* | |||
598 | * We don't have the remote ip-address for connections | |||
599 | * using a proxy command | |||
600 | */ | |||
601 | if (hostfile_ipaddr != NULL((void *)0)) { | |||
602 | if (options.proxy_command == NULL((void *)0)) { | |||
603 | if (getnameinfo(hostaddr, hostaddr->sa_len, | |||
604 | ntop, sizeof(ntop), NULL((void *)0), 0, NI_NUMERICHOST1) != 0) | |||
605 | fatal_f("getnameinfo failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 605, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "getnameinfo failed" ); | |||
606 | *hostfile_ipaddr = put_host_port(ntop, port); | |||
607 | } else { | |||
608 | *hostfile_ipaddr = xstrdup("<no hostip for proxy " | |||
609 | "command>"); | |||
610 | } | |||
611 | } | |||
612 | ||||
613 | /* | |||
614 | * Allow the user to record the key under a different name or | |||
615 | * differentiate a non-standard port. This is useful for ssh | |||
616 | * tunneling over forwarded connections or if you run multiple | |||
617 | * sshd's on different ports on the same machine. | |||
618 | */ | |||
619 | if (hostfile_hostname != NULL((void *)0)) { | |||
620 | if (options.host_key_alias != NULL((void *)0)) { | |||
621 | *hostfile_hostname = xstrdup(options.host_key_alias); | |||
622 | debug("using hostkeyalias: %s", *hostfile_hostname)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 622 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "using hostkeyalias: %s" , *hostfile_hostname); | |||
623 | } else { | |||
624 | *hostfile_hostname = put_host_port(hostname, port); | |||
625 | } | |||
626 | } | |||
627 | } | |||
628 | ||||
629 | /* returns non-zero if path appears in hostfiles, or 0 if not. */ | |||
630 | static int | |||
631 | path_in_hostfiles(const char *path, char **hostfiles, u_int num_hostfiles) | |||
632 | { | |||
633 | u_int i; | |||
634 | ||||
635 | for (i = 0; i < num_hostfiles; i++) { | |||
636 | if (strcmp(path, hostfiles[i]) == 0) | |||
637 | return 1; | |||
638 | } | |||
639 | return 0; | |||
640 | } | |||
641 | ||||
642 | struct find_by_key_ctx { | |||
643 | const char *host, *ip; | |||
644 | const struct sshkey *key; | |||
645 | char **names; | |||
646 | u_int nnames; | |||
647 | }; | |||
648 | ||||
649 | /* Try to replace home directory prefix (per $HOME) with a ~/ sequence */ | |||
650 | static char * | |||
651 | try_tilde_unexpand(const char *path) | |||
652 | { | |||
653 | char *home, *ret = NULL((void *)0); | |||
654 | size_t l; | |||
655 | ||||
656 | if (*path != '/') | |||
657 | return xstrdup(path); | |||
658 | if ((home = getenv("HOME")) == NULL((void *)0) || (l = strlen(home)) == 0) | |||
659 | return xstrdup(path); | |||
660 | if (strncmp(path, home, l) != 0) | |||
661 | return xstrdup(path); | |||
662 | /* | |||
663 | * ensure we have matched on a path boundary: either the $HOME that | |||
664 | * we just compared ends with a '/' or the next character of the path | |||
665 | * must be a '/'. | |||
666 | */ | |||
667 | if (home[l - 1] != '/' && path[l] != '/') | |||
668 | return xstrdup(path); | |||
669 | if (path[l] == '/') | |||
670 | l++; | |||
671 | xasprintf(&ret, "~/%s", path + l); | |||
672 | return ret; | |||
673 | } | |||
674 | ||||
675 | static int | |||
676 | hostkeys_find_by_key_cb(struct hostkey_foreach_line *l, void *_ctx) | |||
677 | { | |||
678 | struct find_by_key_ctx *ctx = (struct find_by_key_ctx *)_ctx; | |||
679 | char *path; | |||
680 | ||||
681 | /* we are looking for keys with names that *do not* match */ | |||
682 | if ((l->match & HKF_MATCH_HOST(1)) != 0) | |||
683 | return 0; | |||
684 | /* not interested in marker lines */ | |||
685 | if (l->marker != MRK_NONE) | |||
686 | return 0; | |||
687 | /* we are only interested in exact key matches */ | |||
688 | if (l->key == NULL((void *)0) || !sshkey_equal(ctx->key, l->key)) | |||
689 | return 0; | |||
690 | path = try_tilde_unexpand(l->path); | |||
691 | debug_f("found matching key in %s:%lu", path, l->linenum)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 691 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "found matching key in %s:%lu" , path, l->linenum); | |||
692 | ctx->names = xrecallocarray(ctx->names, | |||
693 | ctx->nnames, ctx->nnames + 1, sizeof(*ctx->names)); | |||
694 | xasprintf(&ctx->names[ctx->nnames], "%s:%lu: %s", path, l->linenum, | |||
695 | strncmp(l->hosts, HASH_MAGIC"|1|", strlen(HASH_MAGIC"|1|")) == 0 ? | |||
696 | "[hashed name]" : l->hosts); | |||
697 | ctx->nnames++; | |||
698 | free(path); | |||
699 | return 0; | |||
700 | } | |||
701 | ||||
702 | static int | |||
703 | hostkeys_find_by_key_hostfile(const char *file, const char *which, | |||
704 | struct find_by_key_ctx *ctx) | |||
705 | { | |||
706 | int r; | |||
707 | ||||
708 | debug3_f("trying %s hostfile \"%s\"", which, file)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 708 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "trying %s hostfile \"%s\"" , which, file); | |||
709 | if ((r = hostkeys_foreach(file, hostkeys_find_by_key_cb, ctx, | |||
710 | ctx->host, ctx->ip, HKF_WANT_PARSE_KEY(1<<1), 0)) != 0) { | |||
711 | if (r == SSH_ERR_SYSTEM_ERROR-24 && errno(*__errno()) == ENOENT2) { | |||
712 | debug_f("hostkeys file %s does not exist", file)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 712 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "hostkeys file %s does not exist" , file); | |||
713 | return 0; | |||
714 | } | |||
715 | error_fr(r, "hostkeys_foreach failed for %s", file)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 715 , 1, SYSLOG_LEVEL_ERROR, ssh_err(r), "hostkeys_foreach failed for %s" , file); | |||
716 | return r; | |||
717 | } | |||
718 | return 0; | |||
719 | } | |||
720 | ||||
721 | /* | |||
722 | * Find 'key' in known hosts file(s) that do not match host/ip. | |||
723 | * Used to display also-known-as information for previously-unseen hostkeys. | |||
724 | */ | |||
725 | static void | |||
726 | hostkeys_find_by_key(const char *host, const char *ip, const struct sshkey *key, | |||
727 | char **user_hostfiles, u_int num_user_hostfiles, | |||
728 | char **system_hostfiles, u_int num_system_hostfiles, | |||
729 | char ***names, u_int *nnames) | |||
730 | { | |||
731 | struct find_by_key_ctx ctx = {0, 0, 0, 0, 0}; | |||
732 | u_int i; | |||
733 | ||||
734 | *names = NULL((void *)0); | |||
735 | *nnames = 0; | |||
736 | ||||
737 | if (key == NULL((void *)0) || sshkey_is_cert(key)) | |||
738 | return; | |||
739 | ||||
740 | ctx.host = host; | |||
741 | ctx.ip = ip; | |||
742 | ctx.key = key; | |||
743 | ||||
744 | for (i = 0; i < num_user_hostfiles; i++) { | |||
745 | if (hostkeys_find_by_key_hostfile(user_hostfiles[i], | |||
746 | "user", &ctx) != 0) | |||
747 | goto fail; | |||
748 | } | |||
749 | for (i = 0; i < num_system_hostfiles; i++) { | |||
750 | if (hostkeys_find_by_key_hostfile(system_hostfiles[i], | |||
751 | "system", &ctx) != 0) | |||
752 | goto fail; | |||
753 | } | |||
754 | /* success */ | |||
755 | *names = ctx.names; | |||
756 | *nnames = ctx.nnames; | |||
757 | ctx.names = NULL((void *)0); | |||
758 | ctx.nnames = 0; | |||
759 | return; | |||
760 | fail: | |||
761 | for (i = 0; i < ctx.nnames; i++) | |||
762 | free(ctx.names[i]); | |||
763 | free(ctx.names); | |||
764 | } | |||
765 | ||||
766 | #define MAX_OTHER_NAMES8 8 /* Maximum number of names to list */ | |||
767 | static char * | |||
768 | other_hostkeys_message(const char *host, const char *ip, | |||
769 | const struct sshkey *key, | |||
770 | char **user_hostfiles, u_int num_user_hostfiles, | |||
771 | char **system_hostfiles, u_int num_system_hostfiles) | |||
772 | { | |||
773 | char *ret = NULL((void *)0), **othernames = NULL((void *)0); | |||
774 | u_int i, n, num_othernames = 0; | |||
775 | ||||
776 | hostkeys_find_by_key(host, ip, key, | |||
777 | user_hostfiles, num_user_hostfiles, | |||
778 | system_hostfiles, num_system_hostfiles, | |||
779 | &othernames, &num_othernames); | |||
780 | if (num_othernames == 0) | |||
781 | return xstrdup("This key is not known by any other names"); | |||
782 | ||||
783 | xasprintf(&ret, "This host key is known by the following other " | |||
784 | "names/addresses:"); | |||
785 | ||||
786 | n = num_othernames; | |||
787 | if (n > MAX_OTHER_NAMES8) | |||
788 | n = MAX_OTHER_NAMES8; | |||
789 | for (i = 0; i < n; i++) { | |||
790 | xextendf(&ret, "\n", " %s", othernames[i]); | |||
791 | } | |||
792 | if (n < num_othernames) { | |||
793 | xextendf(&ret, "\n", " (%d additional names omitted)", | |||
794 | num_othernames - n); | |||
795 | } | |||
796 | for (i = 0; i < num_othernames; i++) | |||
797 | free(othernames[i]); | |||
798 | free(othernames); | |||
799 | return ret; | |||
800 | } | |||
801 | ||||
802 | void | |||
803 | load_hostkeys_command(struct hostkeys *hostkeys, const char *command_template, | |||
804 | const char *invocation, const struct ssh_conn_info *cinfo, | |||
805 | const struct sshkey *host_key, const char *hostfile_hostname) | |||
806 | { | |||
807 | int r, i, ac = 0; | |||
808 | char *key_fp = NULL((void *)0), *keytext = NULL((void *)0), *tmp; | |||
809 | char *command = NULL((void *)0), *tag = NULL((void *)0), **av = NULL((void *)0); | |||
810 | FILE *f = NULL((void *)0); | |||
811 | pid_t pid; | |||
812 | void (*osigchld)(int); | |||
813 | ||||
814 | xasprintf(&tag, "KnownHostsCommand-%s", invocation); | |||
815 | ||||
816 | if (host_key != NULL((void *)0)) { | |||
817 | if ((key_fp = sshkey_fingerprint(host_key, | |||
818 | options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL((void *)0)) | |||
819 | fatal_f("sshkey_fingerprint failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 819, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshkey_fingerprint failed" ); | |||
820 | if ((r = sshkey_to_base64(host_key, &keytext)) != 0) | |||
821 | fatal_fr(r, "sshkey_to_base64 failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 821, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "sshkey_to_base64 failed" ); | |||
822 | } | |||
823 | /* | |||
824 | * NB. all returns later this function should go via "out" to | |||
825 | * ensure the original SIGCHLD handler is restored properly. | |||
826 | */ | |||
827 | osigchld = ssh_signal(SIGCHLD20, SIG_DFL(void (*)(int))0); | |||
828 | ||||
829 | /* Turn the command into an argument vector */ | |||
830 | if (argv_split(command_template, &ac, &av, 0) != 0) { | |||
831 | error("%s \"%s\" contains invalid quotes", tag,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 832 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s \"%s\" contains invalid quotes" , tag, command_template) | |||
832 | command_template)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 832 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s \"%s\" contains invalid quotes" , tag, command_template); | |||
833 | goto out; | |||
834 | } | |||
835 | if (ac == 0) { | |||
836 | error("%s \"%s\" yielded no arguments", tag,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 837 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s \"%s\" yielded no arguments" , tag, command_template) | |||
837 | command_template)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 837 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s \"%s\" yielded no arguments" , tag, command_template); | |||
838 | goto out; | |||
839 | } | |||
840 | for (i = 1; i < ac; i++) { | |||
841 | tmp = percent_dollar_expand(av[i], | |||
842 | DEFAULT_CLIENT_PERCENT_EXPAND_ARGS(cinfo)"C", cinfo->conn_hash_hex, "L", cinfo->shorthost, "i", cinfo ->uidstr, "k", cinfo->keyalias, "l", cinfo->thishost , "n", cinfo->host_arg, "p", cinfo->portstr, "d", cinfo ->homedir, "h", cinfo->remhost, "r", cinfo->remuser, "u", cinfo->locuser, | |||
843 | "H", hostfile_hostname, | |||
844 | "I", invocation, | |||
845 | "t", host_key == NULL((void *)0) ? "NONE" : sshkey_ssh_name(host_key), | |||
846 | "f", key_fp == NULL((void *)0) ? "NONE" : key_fp, | |||
847 | "K", keytext == NULL((void *)0) ? "NONE" : keytext, | |||
848 | (char *)NULL((void *)0)); | |||
849 | if (tmp == NULL((void *)0)) | |||
850 | fatal_f("percent_expand failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 850, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "percent_expand failed" ); | |||
851 | free(av[i]); | |||
852 | av[i] = tmp; | |||
853 | } | |||
854 | /* Prepare a printable command for logs, etc. */ | |||
855 | command = argv_assemble(ac, av); | |||
856 | ||||
857 | if ((pid = subprocess(tag, command, ac, av, &f, | |||
858 | SSH_SUBPROCESS_STDOUT_CAPTURE(1<<1)|SSH_SUBPROCESS_UNSAFE_PATH(1<<3)| | |||
859 | SSH_SUBPROCESS_PRESERVE_ENV(1<<4), NULL((void *)0), NULL((void *)0), NULL((void *)0))) == 0) | |||
860 | goto out; | |||
861 | ||||
862 | load_hostkeys_file(hostkeys, hostfile_hostname, tag, f, 1); | |||
863 | ||||
864 | if (exited_cleanly(pid, tag, command, 0) != 0) | |||
865 | fatal("KnownHostsCommand failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 865, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "KnownHostsCommand failed" ); | |||
866 | ||||
867 | out: | |||
868 | if (f != NULL((void *)0)) | |||
869 | fclose(f); | |||
870 | ssh_signal(SIGCHLD20, osigchld); | |||
871 | for (i = 0; i < ac; i++) | |||
872 | free(av[i]); | |||
873 | free(av); | |||
874 | free(tag); | |||
875 | free(command); | |||
876 | free(key_fp); | |||
877 | free(keytext); | |||
878 | } | |||
879 | ||||
880 | /* | |||
881 | * check whether the supplied host key is valid, return -1 if the key | |||
882 | * is not valid. user_hostfile[0] will not be updated if 'readonly' is true. | |||
883 | */ | |||
884 | #define RDRW0 0 | |||
885 | #define RDONLY1 1 | |||
886 | #define ROQUIET2 2 | |||
887 | static int | |||
888 | check_host_key(char *hostname, const struct ssh_conn_info *cinfo, | |||
889 | struct sockaddr *hostaddr, u_short port, | |||
890 | struct sshkey *host_key, int readonly, int clobber_port, | |||
891 | char **user_hostfiles, u_int num_user_hostfiles, | |||
892 | char **system_hostfiles, u_int num_system_hostfiles, | |||
893 | const char *hostfile_command) | |||
894 | { | |||
895 | HostStatus host_status = -1, ip_status = -1; | |||
896 | struct sshkey *raw_key = NULL((void *)0); | |||
897 | char *ip = NULL((void *)0), *host = NULL((void *)0); | |||
898 | char hostline[1000], *hostp, *fp, *ra; | |||
899 | char msg[1024]; | |||
900 | const char *type, *fail_reason; | |||
901 | const struct hostkey_entry *host_found = NULL((void *)0), *ip_found = NULL((void *)0); | |||
902 | int len, cancelled_forwarding = 0, confirmed; | |||
903 | int local = sockaddr_is_local(hostaddr); | |||
904 | int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0; | |||
905 | int hostkey_trusted = 0; /* Known or explicitly accepted by user */ | |||
906 | struct hostkeys *host_hostkeys, *ip_hostkeys; | |||
907 | u_int i; | |||
908 | ||||
909 | /* | |||
910 | * Force accepting of the host key for loopback/localhost. The | |||
911 | * problem is that if the home directory is NFS-mounted to multiple | |||
912 | * machines, localhost will refer to a different machine in each of | |||
913 | * them, and the user will get bogus HOST_CHANGED warnings. This | |||
914 | * essentially disables host authentication for localhost; however, | |||
915 | * this is probably not a real problem. | |||
916 | */ | |||
917 | if (options.no_host_authentication_for_localhost == 1 && local && | |||
| ||||
918 | options.host_key_alias == NULL((void *)0)) { | |||
919 | debug("Forcing accepting of host key for "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 920 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Forcing accepting of host key for " "loopback/localhost.") | |||
920 | "loopback/localhost.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 920 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Forcing accepting of host key for " "loopback/localhost."); | |||
921 | options.update_hostkeys = 0; | |||
922 | return 0; | |||
923 | } | |||
924 | ||||
925 | /* | |||
926 | * Prepare the hostname and address strings used for hostkey lookup. | |||
927 | * In some cases, these will have a port number appended. | |||
928 | */ | |||
929 | get_hostfile_hostname_ipaddr(hostname, hostaddr, | |||
930 | clobber_port ? 0 : port, &host, &ip); | |||
931 | ||||
932 | /* | |||
933 | * Turn off check_host_ip if the connection is to localhost, via proxy | |||
934 | * command or if we don't have a hostname to compare with | |||
935 | */ | |||
936 | if (options.check_host_ip && (local || | |||
937 | strcmp(hostname, ip) == 0 || options.proxy_command != NULL((void *)0))) | |||
938 | options.check_host_ip = 0; | |||
939 | ||||
940 | host_hostkeys = init_hostkeys(); | |||
941 | for (i = 0; i < num_user_hostfiles; i++) | |||
942 | load_hostkeys(host_hostkeys, host, user_hostfiles[i], 0); | |||
943 | for (i = 0; i < num_system_hostfiles; i++) | |||
944 | load_hostkeys(host_hostkeys, host, system_hostfiles[i], 0); | |||
945 | if (hostfile_command != NULL((void *)0) && !clobber_port) { | |||
946 | load_hostkeys_command(host_hostkeys, hostfile_command, | |||
947 | "HOSTNAME", cinfo, host_key, host); | |||
948 | } | |||
949 | ||||
950 | ip_hostkeys = NULL((void *)0); | |||
951 | if (!want_cert && options.check_host_ip) { | |||
952 | ip_hostkeys = init_hostkeys(); | |||
953 | for (i = 0; i < num_user_hostfiles; i++) | |||
954 | load_hostkeys(ip_hostkeys, ip, user_hostfiles[i], 0); | |||
955 | for (i = 0; i < num_system_hostfiles; i++) | |||
956 | load_hostkeys(ip_hostkeys, ip, system_hostfiles[i], 0); | |||
957 | if (hostfile_command
| |||
958 | load_hostkeys_command(ip_hostkeys, hostfile_command, | |||
959 | "ADDRESS", cinfo, host_key, ip); | |||
960 | } | |||
961 | } | |||
962 | ||||
963 | retry: | |||
964 | /* Reload these as they may have changed on cert->key downgrade */ | |||
965 | want_cert = sshkey_is_cert(host_key); | |||
966 | type = sshkey_type(host_key); | |||
967 | ||||
968 | /* | |||
969 | * Check if the host key is present in the user's list of known | |||
970 | * hosts or in the systemwide list. | |||
971 | */ | |||
972 | host_status = check_key_in_hostkeys(host_hostkeys, host_key, | |||
973 | &host_found); | |||
974 | ||||
975 | /* | |||
976 | * If there are no hostfiles, or if the hostkey was found via | |||
977 | * KnownHostsCommand, then don't try to touch the disk. | |||
978 | */ | |||
979 | if (!readonly && (num_user_hostfiles
| |||
980 | (host_found != NULL((void *)0) && host_found->note != 0))) | |||
981 | readonly = RDONLY1; | |||
982 | ||||
983 | /* | |||
984 | * Also perform check for the ip address, skip the check if we are | |||
985 | * localhost, looking for a certificate, or the hostname was an ip | |||
986 | * address to begin with. | |||
987 | */ | |||
988 | if (!want_cert && ip_hostkeys != NULL((void *)0)) { | |||
989 | ip_status = check_key_in_hostkeys(ip_hostkeys, host_key, | |||
990 | &ip_found); | |||
991 | if (host_status == HOST_CHANGED && | |||
992 | (ip_status != HOST_CHANGED || | |||
993 | (ip_found != NULL((void *)0) && | |||
994 | !sshkey_equal(ip_found->key, host_found->key)))) | |||
| ||||
995 | host_ip_differ = 1; | |||
996 | } else | |||
997 | ip_status = host_status; | |||
998 | ||||
999 | switch (host_status) { | |||
1000 | case HOST_OK: | |||
1001 | /* The host is known and the key matches. */ | |||
1002 | debug("Host '%.200s' is known and matches the %s host %s.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1003 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Host '%.200s' is known and matches the %s host %s." , host, type, want_cert ? "certificate" : "key") | |||
1003 | host, type, want_cert ? "certificate" : "key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1003 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Host '%.200s' is known and matches the %s host %s." , host, type, want_cert ? "certificate" : "key"); | |||
1004 | debug("Found %s in %s:%lu", want_cert ? "CA key" : "key",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1005 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Found %s in %s:%lu", want_cert ? "CA key" : "key", host_found->file, host_found->line ) | |||
1005 | host_found->file, host_found->line)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1005 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Found %s in %s:%lu", want_cert ? "CA key" : "key", host_found->file, host_found->line ); | |||
1006 | if (want_cert) { | |||
1007 | if (sshkey_cert_check_host(host_key, | |||
1008 | options.host_key_alias == NULL((void *)0) ? | |||
1009 | hostname : options.host_key_alias, 0, | |||
1010 | options.ca_sign_algorithms, &fail_reason) != 0) { | |||
1011 | error("%s", fail_reason)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1011 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s", fail_reason); | |||
1012 | goto fail; | |||
1013 | } | |||
1014 | /* | |||
1015 | * Do not attempt hostkey update if a certificate was | |||
1016 | * successfully matched. | |||
1017 | */ | |||
1018 | if (options.update_hostkeys != 0) { | |||
1019 | options.update_hostkeys = 0; | |||
1020 | debug3_f("certificate host key in use; "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1021 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "certificate host key in use; " "disabling UpdateHostkeys") | |||
1021 | "disabling UpdateHostkeys")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1021 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "certificate host key in use; " "disabling UpdateHostkeys"); | |||
1022 | } | |||
1023 | } | |||
1024 | /* Turn off UpdateHostkeys if key was in system known_hosts */ | |||
1025 | if (options.update_hostkeys != 0 && | |||
1026 | (path_in_hostfiles(host_found->file, | |||
1027 | system_hostfiles, num_system_hostfiles) || | |||
1028 | (ip_status == HOST_OK && ip_found != NULL((void *)0) && | |||
1029 | path_in_hostfiles(ip_found->file, | |||
1030 | system_hostfiles, num_system_hostfiles)))) { | |||
1031 | options.update_hostkeys = 0; | |||
1032 | debug3_f("host key found in GlobalKnownHostsFile; "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1033 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "host key found in GlobalKnownHostsFile; " "disabling UpdateHostkeys") | |||
1033 | "disabling UpdateHostkeys")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1033 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "host key found in GlobalKnownHostsFile; " "disabling UpdateHostkeys"); | |||
1034 | } | |||
1035 | if (options.update_hostkeys != 0 && host_found->note) { | |||
1036 | options.update_hostkeys = 0; | |||
1037 | debug3_f("host key found via KnownHostsCommand; "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1038 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "host key found via KnownHostsCommand; " "disabling UpdateHostkeys") | |||
1038 | "disabling UpdateHostkeys")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1038 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "host key found via KnownHostsCommand; " "disabling UpdateHostkeys"); | |||
1039 | } | |||
1040 | if (options.check_host_ip && ip_status == HOST_NEW) { | |||
1041 | if (readonly || want_cert) | |||
1042 | logit("%s host key for IP address "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1044 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s host key for IP address " "'%.128s' not in list of known hosts.", type, ip) | |||
1043 | "'%.128s' not in list of known hosts.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1044 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s host key for IP address " "'%.128s' not in list of known hosts.", type, ip) | |||
1044 | type, ip)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1044 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s host key for IP address " "'%.128s' not in list of known hosts.", type, ip); | |||
1045 | else if (!add_host_to_hostfile(user_hostfiles[0], ip, | |||
1046 | host_key, options.hash_known_hosts)) | |||
1047 | logit("Failed to add the %s host key for IP "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1050 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type , ip, user_hostfiles[0]) | |||
1048 | "address '%.128s' to the list of known "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1050 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type , ip, user_hostfiles[0]) | |||
1049 | "hosts (%.500s).", type, ip,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1050 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type , ip, user_hostfiles[0]) | |||
1050 | user_hostfiles[0])sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1050 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type , ip, user_hostfiles[0]); | |||
1051 | else | |||
1052 | logit("Warning: Permanently added the %s host "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1054 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts." , type, ip) | |||
1053 | "key for IP address '%.128s' to the list "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1054 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts." , type, ip) | |||
1054 | "of known hosts.", type, ip)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1054 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts." , type, ip); | |||
1055 | } else if (options.visual_host_key) { | |||
1056 | fp = sshkey_fingerprint(host_key, | |||
1057 | options.fingerprint_hash, SSH_FP_DEFAULT); | |||
1058 | ra = sshkey_fingerprint(host_key, | |||
1059 | options.fingerprint_hash, SSH_FP_RANDOMART); | |||
1060 | if (fp == NULL((void *)0) || ra == NULL((void *)0)) | |||
1061 | fatal_f("sshkey_fingerprint failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1061, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshkey_fingerprint failed" ); | |||
1062 | logit("Host key fingerprint is %s\n%s", fp, ra)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1062 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Host key fingerprint is %s\n%s" , fp, ra); | |||
1063 | free(ra); | |||
1064 | free(fp); | |||
1065 | } | |||
1066 | hostkey_trusted = 1; | |||
1067 | break; | |||
1068 | case HOST_NEW: | |||
1069 | if (options.host_key_alias == NULL((void *)0) && port != 0 && | |||
1070 | port != SSH_DEFAULT_PORT22 && !clobber_port) { | |||
1071 | debug("checking without port identifier")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1071 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "checking without port identifier" ); | |||
1072 | if (check_host_key(hostname, cinfo, hostaddr, 0, | |||
1073 | host_key, ROQUIET2, 1, | |||
1074 | user_hostfiles, num_user_hostfiles, | |||
1075 | system_hostfiles, num_system_hostfiles, | |||
1076 | hostfile_command) == 0) { | |||
1077 | debug("found matching key w/out port")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1077 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "found matching key w/out port" ); | |||
1078 | break; | |||
1079 | } | |||
1080 | } | |||
1081 | if (readonly || want_cert) | |||
1082 | goto fail; | |||
1083 | /* The host is new. */ | |||
1084 | if (options.strict_host_key_checking == | |||
1085 | SSH_STRICT_HOSTKEY_YES2) { | |||
1086 | /* | |||
1087 | * User has requested strict host key checking. We | |||
1088 | * will not add the host key automatically. The only | |||
1089 | * alternative left is to abort. | |||
1090 | */ | |||
1091 | error("No %s host key is known for %.200s and you "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1092 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "No %s host key is known for %.200s and you " "have requested strict checking.", type, host) | |||
1092 | "have requested strict checking.", type, host)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1092 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "No %s host key is known for %.200s and you " "have requested strict checking.", type, host); | |||
1093 | goto fail; | |||
1094 | } else if (options.strict_host_key_checking == | |||
1095 | SSH_STRICT_HOSTKEY_ASK3) { | |||
1096 | char *msg1 = NULL((void *)0), *msg2 = NULL((void *)0); | |||
1097 | ||||
1098 | xasprintf(&msg1, "The authenticity of host " | |||
1099 | "'%.200s (%s)' can't be established", host, ip); | |||
1100 | ||||
1101 | if (show_other_keys(host_hostkeys, host_key)) { | |||
1102 | xextendf(&msg1, "\n", "but keys of different " | |||
1103 | "type are already known for this host."); | |||
1104 | } else | |||
1105 | xextendf(&msg1, "", "."); | |||
1106 | ||||
1107 | fp = sshkey_fingerprint(host_key, | |||
1108 | options.fingerprint_hash, SSH_FP_DEFAULT); | |||
1109 | ra = sshkey_fingerprint(host_key, | |||
1110 | options.fingerprint_hash, SSH_FP_RANDOMART); | |||
1111 | if (fp == NULL((void *)0) || ra == NULL((void *)0)) | |||
1112 | fatal_f("sshkey_fingerprint failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1112, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshkey_fingerprint failed" ); | |||
1113 | xextendf(&msg1, "\n", "%s key fingerprint is %s.", | |||
1114 | type, fp); | |||
1115 | if (options.visual_host_key) | |||
1116 | xextendf(&msg1, "\n", "%s", ra); | |||
1117 | if (options.verify_host_key_dns) { | |||
1118 | xextendf(&msg1, "\n", | |||
1119 | "%s host key fingerprint found in DNS.", | |||
1120 | matching_host_key_dns ? | |||
1121 | "Matching" : "No matching"); | |||
1122 | } | |||
1123 | /* msg2 informs for other names matching this key */ | |||
1124 | if ((msg2 = other_hostkeys_message(host, ip, host_key, | |||
1125 | user_hostfiles, num_user_hostfiles, | |||
1126 | system_hostfiles, num_system_hostfiles)) != NULL((void *)0)) | |||
1127 | xextendf(&msg1, "\n", "%s", msg2); | |||
1128 | ||||
1129 | xextendf(&msg1, "\n", | |||
1130 | "Are you sure you want to continue connecting " | |||
1131 | "(yes/no/[fingerprint])? "); | |||
1132 | ||||
1133 | confirmed = confirm(msg1, fp); | |||
1134 | free(ra); | |||
1135 | free(fp); | |||
1136 | free(msg1); | |||
1137 | free(msg2); | |||
1138 | if (!confirmed) | |||
1139 | goto fail; | |||
1140 | hostkey_trusted = 1; /* user explicitly confirmed */ | |||
1141 | } | |||
1142 | /* | |||
1143 | * If in "new" or "off" strict mode, add the key automatically | |||
1144 | * to the local known_hosts file. | |||
1145 | */ | |||
1146 | if (options.check_host_ip && ip_status == HOST_NEW) { | |||
1147 | snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); | |||
1148 | hostp = hostline; | |||
1149 | if (options.hash_known_hosts) { | |||
1150 | /* Add hash of host and IP separately */ | |||
1151 | r = add_host_to_hostfile(user_hostfiles[0], | |||
1152 | host, host_key, options.hash_known_hosts) && | |||
1153 | add_host_to_hostfile(user_hostfiles[0], ip, | |||
1154 | host_key, options.hash_known_hosts); | |||
1155 | } else { | |||
1156 | /* Add unhashed "host,ip" */ | |||
1157 | r = add_host_to_hostfile(user_hostfiles[0], | |||
1158 | hostline, host_key, | |||
1159 | options.hash_known_hosts); | |||
1160 | } | |||
1161 | } else { | |||
1162 | r = add_host_to_hostfile(user_hostfiles[0], host, | |||
1163 | host_key, options.hash_known_hosts); | |||
1164 | hostp = host; | |||
1165 | } | |||
1166 | ||||
1167 | if (!r) | |||
1168 | logit("Failed to add the host to the list of known "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1169 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the host to the list of known " "hosts (%.500s).", user_hostfiles[0]) | |||
1169 | "hosts (%.500s).", user_hostfiles[0])sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1169 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the host to the list of known " "hosts (%.500s).", user_hostfiles[0]); | |||
1170 | else | |||
1171 | logit("Warning: Permanently added '%.200s' (%s) to the "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1172 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Warning: Permanently added '%.200s' (%s) to the " "list of known hosts.", hostp, type) | |||
1172 | "list of known hosts.", hostp, type)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1172 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Warning: Permanently added '%.200s' (%s) to the " "list of known hosts.", hostp, type); | |||
1173 | break; | |||
1174 | case HOST_REVOKED: | |||
1175 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1175 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); | |||
1176 | error("@ WARNING: REVOKED HOST KEY DETECTED! @")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1176 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@ WARNING: REVOKED HOST KEY DETECTED! @" ); | |||
1177 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1177 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); | |||
1178 | error("The %s host key for %s is marked as revoked.", type, host)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1178 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "The %s host key for %s is marked as revoked." , type, host); | |||
1179 | error("This could mean that a stolen key is being used to")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1179 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "This could mean that a stolen key is being used to" ); | |||
1180 | error("impersonate this host.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1180 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "impersonate this host." ); | |||
1181 | ||||
1182 | /* | |||
1183 | * If strict host key checking is in use, the user will have | |||
1184 | * to edit the key manually and we can only abort. | |||
1185 | */ | |||
1186 | if (options.strict_host_key_checking != | |||
1187 | SSH_STRICT_HOSTKEY_OFF0) { | |||
1188 | error("%s host key for %.200s was revoked and you have "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1189 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s host key for %.200s was revoked and you have " "requested strict checking.", type, host) | |||
1189 | "requested strict checking.", type, host)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1189 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s host key for %.200s was revoked and you have " "requested strict checking.", type, host); | |||
1190 | goto fail; | |||
1191 | } | |||
1192 | goto continue_unsafe; | |||
1193 | ||||
1194 | case HOST_CHANGED: | |||
1195 | if (want_cert) { | |||
1196 | /* | |||
1197 | * This is only a debug() since it is valid to have | |||
1198 | * CAs with wildcard DNS matches that don't match | |||
1199 | * all hosts that one might visit. | |||
1200 | */ | |||
1201 | debug("Host certificate authority does not "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1203 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Host certificate authority does not " "match %s in %s:%lu", "@cert-authority", host_found->file , host_found->line) | |||
1202 | "match %s in %s:%lu", CA_MARKER,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1203 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Host certificate authority does not " "match %s in %s:%lu", "@cert-authority", host_found->file , host_found->line) | |||
1203 | host_found->file, host_found->line)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1203 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Host certificate authority does not " "match %s in %s:%lu", "@cert-authority", host_found->file , host_found->line); | |||
1204 | goto fail; | |||
1205 | } | |||
1206 | if (readonly == ROQUIET2) | |||
1207 | goto fail; | |||
1208 | if (options.check_host_ip && host_ip_differ) { | |||
1209 | char *key_msg; | |||
1210 | if (ip_status == HOST_NEW) | |||
1211 | key_msg = "is unknown"; | |||
1212 | else if (ip_status == HOST_OK) | |||
1213 | key_msg = "is unchanged"; | |||
1214 | else | |||
1215 | key_msg = "has a different value"; | |||
1216 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1216 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); | |||
1217 | error("@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1217 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @" ); | |||
1218 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1218 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); | |||
1219 | error("The %s host key for %s has changed,", type, host)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1219 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "The %s host key for %s has changed," , type, host); | |||
1220 | error("and the key for the corresponding IP address %s", ip)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1220 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "and the key for the corresponding IP address %s" , ip); | |||
1221 | error("%s. This could either mean that", key_msg)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1221 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s. This could either mean that" , key_msg); | |||
1222 | error("DNS SPOOFING is happening or the IP address for the host")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1222 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "DNS SPOOFING is happening or the IP address for the host" ); | |||
1223 | error("and its host key have changed at the same time.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1223 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "and its host key have changed at the same time." ); | |||
1224 | if (ip_status != HOST_NEW) | |||
1225 | error("Offending key for IP in %s:%lu",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1226 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Offending key for IP in %s:%lu" , ip_found->file, ip_found->line) | |||
1226 | ip_found->file, ip_found->line)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1226 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Offending key for IP in %s:%lu" , ip_found->file, ip_found->line); | |||
1227 | } | |||
1228 | /* The host key has changed. */ | |||
1229 | warn_changed_key(host_key); | |||
1230 | error("Add correct host key in %.100s to get rid of this message.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1231 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Add correct host key in %.100s to get rid of this message." , user_hostfiles[0]) | |||
1231 | user_hostfiles[0])sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1231 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Add correct host key in %.100s to get rid of this message." , user_hostfiles[0]); | |||
1232 | error("Offending %s key in %s:%lu",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1234 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Offending %s key in %s:%lu" , sshkey_type(host_found->key), host_found->file, host_found ->line) | |||
1233 | sshkey_type(host_found->key),sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1234 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Offending %s key in %s:%lu" , sshkey_type(host_found->key), host_found->file, host_found ->line) | |||
1234 | host_found->file, host_found->line)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1234 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Offending %s key in %s:%lu" , sshkey_type(host_found->key), host_found->file, host_found ->line); | |||
1235 | ||||
1236 | /* | |||
1237 | * If strict host key checking is in use, the user will have | |||
1238 | * to edit the key manually and we can only abort. | |||
1239 | */ | |||
1240 | if (options.strict_host_key_checking != | |||
1241 | SSH_STRICT_HOSTKEY_OFF0) { | |||
1242 | error("Host key for %.200s has changed and you have "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1243 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Host key for %.200s has changed and you have " "requested strict checking.", host) | |||
1243 | "requested strict checking.", host)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1243 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Host key for %.200s has changed and you have " "requested strict checking.", host); | |||
1244 | goto fail; | |||
1245 | } | |||
1246 | ||||
1247 | continue_unsafe: | |||
1248 | /* | |||
1249 | * If strict host key checking has not been requested, allow | |||
1250 | * the connection but without MITM-able authentication or | |||
1251 | * forwarding. | |||
1252 | */ | |||
1253 | if (options.password_authentication) { | |||
1254 | error("Password authentication is disabled to avoid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1255 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Password authentication is disabled to avoid " "man-in-the-middle attacks.") | |||
1255 | "man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1255 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Password authentication is disabled to avoid " "man-in-the-middle attacks."); | |||
1256 | options.password_authentication = 0; | |||
1257 | cancelled_forwarding = 1; | |||
1258 | } | |||
1259 | if (options.kbd_interactive_authentication) { | |||
1260 | error("Keyboard-interactive authentication is disabled"sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1261 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Keyboard-interactive authentication is disabled" " to avoid man-in-the-middle attacks.") | |||
1261 | " to avoid man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1261 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Keyboard-interactive authentication is disabled" " to avoid man-in-the-middle attacks."); | |||
1262 | options.kbd_interactive_authentication = 0; | |||
1263 | cancelled_forwarding = 1; | |||
1264 | } | |||
1265 | if (options.forward_agent) { | |||
1266 | error("Agent forwarding is disabled to avoid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1267 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Agent forwarding is disabled to avoid " "man-in-the-middle attacks.") | |||
1267 | "man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1267 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Agent forwarding is disabled to avoid " "man-in-the-middle attacks."); | |||
1268 | options.forward_agent = 0; | |||
1269 | cancelled_forwarding = 1; | |||
1270 | } | |||
1271 | if (options.forward_x11) { | |||
1272 | error("X11 forwarding is disabled to avoid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1273 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "X11 forwarding is disabled to avoid " "man-in-the-middle attacks.") | |||
1273 | "man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1273 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "X11 forwarding is disabled to avoid " "man-in-the-middle attacks."); | |||
1274 | options.forward_x11 = 0; | |||
1275 | cancelled_forwarding = 1; | |||
1276 | } | |||
1277 | if (options.num_local_forwards > 0 || | |||
1278 | options.num_remote_forwards > 0) { | |||
1279 | error("Port forwarding is disabled to avoid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1280 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Port forwarding is disabled to avoid " "man-in-the-middle attacks.") | |||
1280 | "man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1280 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Port forwarding is disabled to avoid " "man-in-the-middle attacks."); | |||
1281 | options.num_local_forwards = | |||
1282 | options.num_remote_forwards = 0; | |||
1283 | cancelled_forwarding = 1; | |||
1284 | } | |||
1285 | if (options.tun_open != SSH_TUNMODE_NO0x00) { | |||
1286 | error("Tunnel forwarding is disabled to avoid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1287 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Tunnel forwarding is disabled to avoid " "man-in-the-middle attacks.") | |||
1287 | "man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1287 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Tunnel forwarding is disabled to avoid " "man-in-the-middle attacks."); | |||
1288 | options.tun_open = SSH_TUNMODE_NO0x00; | |||
1289 | cancelled_forwarding = 1; | |||
1290 | } | |||
1291 | if (options.update_hostkeys != 0) { | |||
1292 | error("UpdateHostkeys is disabled because the host "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1293 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "UpdateHostkeys is disabled because the host " "key is not trusted.") | |||
1293 | "key is not trusted.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1293 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "UpdateHostkeys is disabled because the host " "key is not trusted."); | |||
1294 | options.update_hostkeys = 0; | |||
1295 | } | |||
1296 | if (options.exit_on_forward_failure && cancelled_forwarding) | |||
1297 | fatal("Error: forwarding disabled due to host key "sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1298, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Error: forwarding disabled due to host key " "check failure") | |||
1298 | "check failure")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1298, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Error: forwarding disabled due to host key " "check failure"); | |||
1299 | ||||
1300 | /* | |||
1301 | * XXX Should permit the user to change to use the new id. | |||
1302 | * This could be done by converting the host key to an | |||
1303 | * identifying sentence, tell that the host identifies itself | |||
1304 | * by that sentence, and ask the user if they wish to | |||
1305 | * accept the authentication. | |||
1306 | */ | |||
1307 | break; | |||
1308 | case HOST_FOUND: | |||
1309 | fatal("internal error")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1309, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "internal error"); | |||
1310 | break; | |||
1311 | } | |||
1312 | ||||
1313 | if (options.check_host_ip && host_status != HOST_CHANGED && | |||
1314 | ip_status == HOST_CHANGED) { | |||
1315 | snprintf(msg, sizeof(msg), | |||
1316 | "Warning: the %s host key for '%.200s' " | |||
1317 | "differs from the key for the IP address '%.128s'" | |||
1318 | "\nOffending key for IP in %s:%lu", | |||
1319 | type, host, ip, ip_found->file, ip_found->line); | |||
1320 | if (host_status == HOST_OK) { | |||
1321 | len = strlen(msg); | |||
1322 | snprintf(msg + len, sizeof(msg) - len, | |||
1323 | "\nMatching host key in %s:%lu", | |||
1324 | host_found->file, host_found->line); | |||
1325 | } | |||
1326 | if (options.strict_host_key_checking == | |||
1327 | SSH_STRICT_HOSTKEY_ASK3) { | |||
1328 | strlcat(msg, "\nAre you sure you want " | |||
1329 | "to continue connecting (yes/no)? ", sizeof(msg)); | |||
1330 | if (!confirm(msg, NULL((void *)0))) | |||
1331 | goto fail; | |||
1332 | } else if (options.strict_host_key_checking != | |||
1333 | SSH_STRICT_HOSTKEY_OFF0) { | |||
1334 | logit("%s", msg)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1334 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s", msg); | |||
1335 | error("Exiting, you have requested strict checking.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1335 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Exiting, you have requested strict checking." ); | |||
1336 | goto fail; | |||
1337 | } else { | |||
1338 | logit("%s", msg)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1338 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s", msg); | |||
1339 | } | |||
1340 | } | |||
1341 | ||||
1342 | if (!hostkey_trusted && options.update_hostkeys) { | |||
1343 | debug_f("hostkey not known or explicitly trusted: "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1344 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "hostkey not known or explicitly trusted: " "disabling UpdateHostkeys") | |||
1344 | "disabling UpdateHostkeys")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1344 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "hostkey not known or explicitly trusted: " "disabling UpdateHostkeys"); | |||
1345 | options.update_hostkeys = 0; | |||
1346 | } | |||
1347 | ||||
1348 | free(ip); | |||
1349 | free(host); | |||
1350 | if (host_hostkeys != NULL((void *)0)) | |||
1351 | free_hostkeys(host_hostkeys); | |||
1352 | if (ip_hostkeys != NULL((void *)0)) | |||
1353 | free_hostkeys(ip_hostkeys); | |||
1354 | return 0; | |||
1355 | ||||
1356 | fail: | |||
1357 | if (want_cert && host_status != HOST_REVOKED) { | |||
1358 | /* | |||
1359 | * No matching certificate. Downgrade cert to raw key and | |||
1360 | * search normally. | |||
1361 | */ | |||
1362 | debug("No matching CA found. Retry with plain key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1362 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "No matching CA found. Retry with plain key" ); | |||
1363 | if ((r = sshkey_from_private(host_key, &raw_key)) != 0) | |||
1364 | fatal_fr(r, "decode key")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1364, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "decode key"); | |||
1365 | if ((r = sshkey_drop_cert(raw_key)) != 0) | |||
1366 | fatal_r(r, "Couldn't drop certificate")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1366, 0, SYSLOG_LEVEL_FATAL, ssh_err(r), "Couldn't drop certificate" ); | |||
1367 | host_key = raw_key; | |||
1368 | goto retry; | |||
1369 | } | |||
1370 | sshkey_free(raw_key); | |||
1371 | free(ip); | |||
1372 | free(host); | |||
1373 | if (host_hostkeys != NULL((void *)0)) | |||
1374 | free_hostkeys(host_hostkeys); | |||
1375 | if (ip_hostkeys != NULL((void *)0)) | |||
1376 | free_hostkeys(ip_hostkeys); | |||
1377 | return -1; | |||
1378 | } | |||
1379 | ||||
1380 | /* returns 0 if key verifies or -1 if key does NOT verify */ | |||
1381 | int | |||
1382 | verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key, | |||
1383 | const struct ssh_conn_info *cinfo) | |||
1384 | { | |||
1385 | u_int i; | |||
1386 | int r = -1, flags = 0; | |||
1387 | char valid[64], *fp = NULL((void *)0), *cafp = NULL((void *)0); | |||
1388 | struct sshkey *plain = NULL((void *)0); | |||
1389 | ||||
1390 | if ((fp = sshkey_fingerprint(host_key, | |||
1391 | options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL((void *)0)) { | |||
1392 | error_fr(r, "fingerprint host key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1392 , 1, SYSLOG_LEVEL_ERROR, ssh_err(r), "fingerprint host key"); | |||
1393 | r = -1; | |||
1394 | goto out; | |||
1395 | } | |||
1396 | ||||
1397 | if (sshkey_is_cert(host_key)) { | |||
1398 | if ((cafp = sshkey_fingerprint(host_key->cert->signature_key, | |||
1399 | options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL((void *)0)) { | |||
1400 | error_fr(r, "fingerprint CA key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1400 , 1, SYSLOG_LEVEL_ERROR, ssh_err(r), "fingerprint CA key"); | |||
1401 | r = -1; | |||
1402 | goto out; | |||
1403 | } | |||
1404 | sshkey_format_cert_validity(host_key->cert, | |||
1405 | valid, sizeof(valid)); | |||
1406 | debug("Server host certificate: %s %s, serial %llu "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) | |||
1407 | "ID \"%s\" CA %s %s valid %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) | |||
1408 | sshkey_ssh_name(host_key), fp,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) | |||
1409 | (unsigned long long)host_key->cert->serial,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) | |||
1410 | host_key->cert->key_id,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) | |||
1411 | sshkey_ssh_name(host_key->cert->signature_key), cafp,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) | |||
1412 | valid)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid); | |||
1413 | for (i = 0; i < host_key->cert->nprincipals; i++) { | |||
1414 | debug2("Server host certificate hostname: %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1415 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "Server host certificate hostname: %s" , host_key->cert->principals[i]) | |||
1415 | host_key->cert->principals[i])sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1415 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "Server host certificate hostname: %s" , host_key->cert->principals[i]); | |||
1416 | } | |||
1417 | } else { | |||
1418 | debug("Server host key: %s %s", sshkey_ssh_name(host_key), fp)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1418 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host key: %s %s" , sshkey_ssh_name(host_key), fp); | |||
1419 | } | |||
1420 | ||||
1421 | if (sshkey_equal(previous_host_key, host_key)) { | |||
1422 | debug2_f("server host key %s %s matches cached key",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1423 , 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "server host key %s %s matches cached key" , sshkey_type(host_key), fp) | |||
1423 | sshkey_type(host_key), fp)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1423 , 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "server host key %s %s matches cached key" , sshkey_type(host_key), fp); | |||
1424 | r = 0; | |||
1425 | goto out; | |||
1426 | } | |||
1427 | ||||
1428 | /* Check in RevokedHostKeys file if specified */ | |||
1429 | if (options.revoked_host_keys != NULL((void *)0)) { | |||
1430 | r = sshkey_check_revoked(host_key, options.revoked_host_keys); | |||
1431 | switch (r) { | |||
1432 | case 0: | |||
1433 | break; /* not revoked */ | |||
1434 | case SSH_ERR_KEY_REVOKED-51: | |||
1435 | error("Host key %s %s revoked by file %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1437 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Host key %s %s revoked by file %s" , sshkey_type(host_key), fp, options.revoked_host_keys) | |||
1436 | sshkey_type(host_key), fp,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1437 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Host key %s %s revoked by file %s" , sshkey_type(host_key), fp, options.revoked_host_keys) | |||
1437 | options.revoked_host_keys)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1437 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Host key %s %s revoked by file %s" , sshkey_type(host_key), fp, options.revoked_host_keys); | |||
1438 | r = -1; | |||
1439 | goto out; | |||
1440 | default: | |||
1441 | error_r(r, "Error checking host key %s %s in "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1443 , 0, SYSLOG_LEVEL_ERROR, ssh_err(r), "Error checking host key %s %s in " "revoked keys file %s", sshkey_type(host_key), fp, options.revoked_host_keys ) | |||
1442 | "revoked keys file %s", sshkey_type(host_key),sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1443 , 0, SYSLOG_LEVEL_ERROR, ssh_err(r), "Error checking host key %s %s in " "revoked keys file %s", sshkey_type(host_key), fp, options.revoked_host_keys ) | |||
1443 | fp, options.revoked_host_keys)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1443 , 0, SYSLOG_LEVEL_ERROR, ssh_err(r), "Error checking host key %s %s in " "revoked keys file %s", sshkey_type(host_key), fp, options.revoked_host_keys ); | |||
1444 | r = -1; | |||
1445 | goto out; | |||
1446 | } | |||
1447 | } | |||
1448 | ||||
1449 | if (options.verify_host_key_dns) { | |||
1450 | /* | |||
1451 | * XXX certs are not yet supported for DNS, so downgrade | |||
1452 | * them and try the plain key. | |||
1453 | */ | |||
1454 | if ((r = sshkey_from_private(host_key, &plain)) != 0) | |||
1455 | goto out; | |||
1456 | if (sshkey_is_cert(plain)) | |||
1457 | sshkey_drop_cert(plain); | |||
1458 | if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) { | |||
1459 | if (flags & DNS_VERIFY_FOUND0x00000001) { | |||
1460 | if (options.verify_host_key_dns == 1 && | |||
1461 | flags & DNS_VERIFY_MATCH0x00000002 && | |||
1462 | flags & DNS_VERIFY_SECURE0x00000004) { | |||
1463 | r = 0; | |||
1464 | goto out; | |||
1465 | } | |||
1466 | if (flags & DNS_VERIFY_MATCH0x00000002) { | |||
1467 | matching_host_key_dns = 1; | |||
1468 | } else { | |||
1469 | warn_changed_key(plain); | |||
1470 | error("Update the SSHFP RR in DNS "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1472 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Update the SSHFP RR in DNS " "with the new host key to get rid " "of this message.") | |||
1471 | "with the new host key to get rid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1472 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Update the SSHFP RR in DNS " "with the new host key to get rid " "of this message.") | |||
1472 | "of this message.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1472 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Update the SSHFP RR in DNS " "with the new host key to get rid " "of this message."); | |||
1473 | } | |||
1474 | } | |||
1475 | } | |||
1476 | } | |||
1477 | r = check_host_key(host, cinfo, hostaddr, options.port, host_key, | |||
1478 | RDRW0, 0, options.user_hostfiles, options.num_user_hostfiles, | |||
1479 | options.system_hostfiles, options.num_system_hostfiles, | |||
1480 | options.known_hosts_command); | |||
1481 | ||||
1482 | out: | |||
1483 | sshkey_free(plain); | |||
1484 | free(fp); | |||
1485 | free(cafp); | |||
1486 | if (r == 0 && host_key != NULL((void *)0)) { | |||
1487 | sshkey_free(previous_host_key); | |||
1488 | r = sshkey_from_private(host_key, &previous_host_key); | |||
1489 | } | |||
1490 | ||||
1491 | return r; | |||
1492 | } | |||
1493 | ||||
1494 | /* | |||
1495 | * Starts a dialog with the server, and authenticates the current user on the | |||
1496 | * server. This does not need any extra privileges. The basic connection | |||
1497 | * to the server must already have been established before this is called. | |||
1498 | * If login fails, this function prints an error and never returns. | |||
1499 | * This function does not require super-user privileges. | |||
1500 | */ | |||
1501 | void | |||
1502 | ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, | |||
1503 | struct sockaddr *hostaddr, u_short port, struct passwd *pw, int timeout_ms, | |||
1504 | const struct ssh_conn_info *cinfo) | |||
1505 | { | |||
1506 | char *host; | |||
1507 | char *server_user, *local_user; | |||
1508 | int r; | |||
1509 | ||||
1510 | local_user = xstrdup(pw->pw_name); | |||
1511 | server_user = options.user ? options.user : local_user; | |||
1512 | ||||
1513 | /* Convert the user-supplied hostname into all lowercase. */ | |||
1514 | host = xstrdup(orighost); | |||
1515 | lowercase(host); | |||
1516 | ||||
1517 | /* Exchange protocol version identification strings with the server. */ | |||
1518 | if ((r = kex_exchange_identification(ssh, timeout_ms, NULL((void *)0))) != 0) | |||
1519 | sshpkt_fatal(ssh, r, "banner exchange"); | |||
1520 | ||||
1521 | /* Put the connection into non-blocking mode. */ | |||
1522 | ssh_packet_set_nonblocking(ssh); | |||
1523 | ||||
1524 | /* key exchange */ | |||
1525 | /* authenticate user */ | |||
1526 | debug("Authenticating to %s:%d as '%s'", host, port, server_user)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1526 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Authenticating to %s:%d as '%s'" , host, port, server_user); | |||
1527 | ssh_kex2(ssh, host, hostaddr, port, cinfo); | |||
1528 | ssh_userauth2(ssh, local_user, server_user, host, sensitive); | |||
1529 | free(local_user); | |||
1530 | free(host); | |||
1531 | } | |||
1532 | ||||
1533 | /* print all known host keys for a given host, but skip keys of given type */ | |||
1534 | static int | |||
1535 | show_other_keys(struct hostkeys *hostkeys, struct sshkey *key) | |||
1536 | { | |||
1537 | int type[] = { | |||
1538 | KEY_RSA, | |||
1539 | KEY_DSA, | |||
1540 | KEY_ECDSA, | |||
1541 | KEY_ED25519, | |||
1542 | KEY_XMSS, | |||
1543 | -1 | |||
1544 | }; | |||
1545 | int i, ret = 0; | |||
1546 | char *fp, *ra; | |||
1547 | const struct hostkey_entry *found; | |||
1548 | ||||
1549 | for (i = 0; type[i] != -1; i++) { | |||
1550 | if (type[i] == key->type) | |||
1551 | continue; | |||
1552 | if (!lookup_key_in_hostkeys_by_type(hostkeys, type[i], | |||
1553 | -1, &found)) | |||
1554 | continue; | |||
1555 | fp = sshkey_fingerprint(found->key, | |||
1556 | options.fingerprint_hash, SSH_FP_DEFAULT); | |||
1557 | ra = sshkey_fingerprint(found->key, | |||
1558 | options.fingerprint_hash, SSH_FP_RANDOMART); | |||
1559 | if (fp == NULL((void *)0) || ra == NULL((void *)0)) | |||
1560 | fatal_f("sshkey_fingerprint fail")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1560, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshkey_fingerprint fail" ); | |||
1561 | logit("WARNING: %s key found for host %s\n"sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp) | |||
1562 | "in %s:%lu\n"sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp) | |||
1563 | "%s key fingerprint %s.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp) | |||
1564 | sshkey_type(found->key),sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp) | |||
1565 | found->host, found->file, found->line,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp) | |||
1566 | sshkey_type(found->key), fp)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp); | |||
1567 | if (options.visual_host_key) | |||
1568 | logit("%s", ra)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1568 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s", ra); | |||
1569 | free(ra); | |||
1570 | free(fp); | |||
1571 | ret = 1; | |||
1572 | } | |||
1573 | return ret; | |||
1574 | } | |||
1575 | ||||
1576 | static void | |||
1577 | warn_changed_key(struct sshkey *host_key) | |||
1578 | { | |||
1579 | char *fp; | |||
1580 | ||||
1581 | fp = sshkey_fingerprint(host_key, options.fingerprint_hash, | |||
1582 | SSH_FP_DEFAULT); | |||
1583 | if (fp == NULL((void *)0)) | |||
1584 | fatal_f("sshkey_fingerprint fail")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1584, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshkey_fingerprint fail" ); | |||
1585 | ||||
1586 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1586 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); | |||
1587 | error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1587 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @" ); | |||
1588 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1588 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); | |||
1589 | error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1589 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!" ); | |||
1590 | error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1590 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Someone could be eavesdropping on you right now (man-in-the-middle attack)!" ); | |||
1591 | error("It is also possible that a host key has just been changed.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1591 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "It is also possible that a host key has just been changed." ); | |||
1592 | error("The fingerprint for the %s key sent by the remote host is\n%s.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1593 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "The fingerprint for the %s key sent by the remote host is\n%s." , sshkey_type(host_key), fp) | |||
1593 | sshkey_type(host_key), fp)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1593 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "The fingerprint for the %s key sent by the remote host is\n%s." , sshkey_type(host_key), fp); | |||
1594 | error("Please contact your system administrator.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1594 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Please contact your system administrator." ); | |||
1595 | ||||
1596 | free(fp); | |||
1597 | } | |||
1598 | ||||
1599 | /* | |||
1600 | * Execute a local command | |||
1601 | */ | |||
1602 | int | |||
1603 | ssh_local_cmd(const char *args) | |||
1604 | { | |||
1605 | char *shell; | |||
1606 | pid_t pid; | |||
1607 | int status; | |||
1608 | void (*osighand)(int); | |||
1609 | ||||
1610 | if (!options.permit_local_command || | |||
1611 | args == NULL((void *)0) || !*args) | |||
1612 | return (1); | |||
1613 | ||||
1614 | if ((shell = getenv("SHELL")) == NULL((void *)0) || *shell == '\0') | |||
1615 | shell = _PATH_BSHELL"/bin/sh"; | |||
1616 | ||||
1617 | osighand = ssh_signal(SIGCHLD20, SIG_DFL(void (*)(int))0); | |||
1618 | pid = fork(); | |||
1619 | if (pid == 0) { | |||
1620 | ssh_signal(SIGPIPE13, SIG_DFL(void (*)(int))0); | |||
1621 | debug3("Executing %s -c \"%s\"", shell, args)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1621 , 0, SYSLOG_LEVEL_DEBUG3, ((void *)0), "Executing %s -c \"%s\"" , shell, args); | |||
1622 | execl(shell, shell, "-c", args, (char *)NULL((void *)0)); | |||
1623 | error("Couldn't execute %s -c \"%s\": %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1624 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Couldn't execute %s -c \"%s\": %s" , shell, args, strerror((*__errno()))) | |||
1624 | shell, args, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1624 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Couldn't execute %s -c \"%s\": %s" , shell, args, strerror((*__errno()))); | |||
1625 | _exit(1); | |||
1626 | } else if (pid == -1) | |||
1627 | fatal("fork failed: %.100s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1627, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "fork failed: %.100s" , strerror((*__errno()))); | |||
1628 | while (waitpid(pid, &status, 0) == -1) | |||
1629 | if (errno(*__errno()) != EINTR4) | |||
1630 | fatal("Couldn't wait for child: %s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1630, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Couldn't wait for child: %s" , strerror((*__errno()))); | |||
1631 | ssh_signal(SIGCHLD20, osighand); | |||
1632 | ||||
1633 | if (!WIFEXITED(status)(((status) & 0177) == 0)) | |||
1634 | return (1); | |||
1635 | ||||
1636 | return (WEXITSTATUS(status)(int)(((unsigned)(status) >> 8) & 0xff)); | |||
1637 | } | |||
1638 | ||||
1639 | void | |||
1640 | maybe_add_key_to_agent(const char *authfile, struct sshkey *private, | |||
1641 | const char *comment, const char *passphrase) | |||
1642 | { | |||
1643 | int auth_sock = -1, r; | |||
1644 | const char *skprovider = NULL((void *)0); | |||
1645 | ||||
1646 | if (options.add_keys_to_agent == 0) | |||
1647 | return; | |||
1648 | ||||
1649 | if ((r = ssh_get_authentication_socket(&auth_sock)) != 0) { | |||
1650 | debug3("no authentication agent, not adding key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1650 , 0, SYSLOG_LEVEL_DEBUG3, ((void *)0), "no authentication agent, not adding key" ); | |||
1651 | return; | |||
1652 | } | |||
1653 | ||||
1654 | if (options.add_keys_to_agent == 2 && | |||
1655 | !ask_permission("Add key %s (%s) to agent?", authfile, comment)) { | |||
1656 | debug3("user denied adding this key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1656 , 0, SYSLOG_LEVEL_DEBUG3, ((void *)0), "user denied adding this key" ); | |||
1657 | close(auth_sock); | |||
1658 | return; | |||
1659 | } | |||
1660 | if (sshkey_is_sk(private)) | |||
1661 | skprovider = options.sk_provider; | |||
1662 | if ((r = ssh_add_identity_constrained(auth_sock, private, | |||
1663 | comment == NULL((void *)0) ? authfile : comment, | |||
1664 | options.add_keys_to_agent_lifespan, | |||
1665 | (options.add_keys_to_agent == 3), 0, skprovider, NULL((void *)0), 0)) == 0) | |||
1666 | debug("identity added to agent: %s", authfile)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1666 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "identity added to agent: %s" , authfile); | |||
1667 | else | |||
1668 | debug("could not add identity to agent: %s (%d)", authfile, r)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1668 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "could not add identity to agent: %s (%d)" , authfile, r); | |||
1669 | close(auth_sock); | |||
1670 | } |