File: | src/usr.bin/ssh/ssh/../sshconnect.c |
Warning: | line 380, column 8 Although the value stored to 'r' is used in the enclosing expression, the value is never actually read from 'r' |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: sshconnect.c,v 1.356 2021/12/19 22:10:24 djm Exp $ */ |
2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
5 | * All rights reserved |
6 | * Code to connect to a remote host, and to perform the client side of the |
7 | * login (authentication) dialog. |
8 | * |
9 | * As far as I am concerned, the code I have written for this software |
10 | * can be used freely for any purpose. Any derived versions of this |
11 | * software must be clearly marked as such, and if the derived work is |
12 | * incompatible with the protocol description in the RFC file, it must be |
13 | * called by a name other than "ssh" or "Secure Shell". |
14 | */ |
15 | |
16 | #include <sys/types.h> |
17 | #include <sys/wait.h> |
18 | #include <sys/stat.h> |
19 | #include <sys/socket.h> |
20 | #include <sys/time.h> |
21 | |
22 | #include <net/if.h> |
23 | #include <netinet/in.h> |
24 | |
25 | #include <ctype.h> |
26 | #include <errno(*__errno()).h> |
27 | #include <fcntl.h> |
28 | #include <netdb.h> |
29 | #include <limits.h> |
30 | #include <paths.h> |
31 | #include <signal.h> |
32 | #include <pwd.h> |
33 | #include <stdio.h> |
34 | #include <stdlib.h> |
35 | #include <stdarg.h> |
36 | #include <string.h> |
37 | #include <unistd.h> |
38 | #include <ifaddrs.h> |
39 | |
40 | #include "xmalloc.h" |
41 | #include "ssh.h" |
42 | #include "sshbuf.h" |
43 | #include "packet.h" |
44 | #include "compat.h" |
45 | #include "sshkey.h" |
46 | #include "sshconnect.h" |
47 | #include "hostfile.h" |
48 | #include "log.h" |
49 | #include "misc.h" |
50 | #include "readconf.h" |
51 | #include "atomicio.h" |
52 | #include "dns.h" |
53 | #include "monitor_fdpass.h" |
54 | #include "ssh2.h" |
55 | #include "version.h" |
56 | #include "authfile.h" |
57 | #include "ssherr.h" |
58 | #include "authfd.h" |
59 | #include "kex.h" |
60 | |
61 | struct sshkey *previous_host_key = NULL((void *)0); |
62 | |
63 | static int matching_host_key_dns = 0; |
64 | |
65 | static pid_t proxy_command_pid = 0; |
66 | |
67 | /* import */ |
68 | extern int debug_flag; |
69 | extern Options options; |
70 | extern char *__progname; |
71 | |
72 | static int show_other_keys(struct hostkeys *, struct sshkey *); |
73 | static void warn_changed_key(struct sshkey *); |
74 | |
75 | /* Expand a proxy command */ |
76 | static char * |
77 | expand_proxy_command(const char *proxy_command, const char *user, |
78 | const char *host, const char *host_arg, int port) |
79 | { |
80 | char *tmp, *ret, strport[NI_MAXSERV32]; |
81 | const char *keyalias = options.host_key_alias ? |
82 | options.host_key_alias : host_arg; |
83 | |
84 | snprintf(strport, sizeof strport, "%d", port); |
85 | xasprintf(&tmp, "exec %s", proxy_command); |
86 | ret = percent_expand(tmp, |
87 | "h", host, |
88 | "k", keyalias, |
89 | "n", host_arg, |
90 | "p", strport, |
91 | "r", options.user, |
92 | (char *)NULL((void *)0)); |
93 | free(tmp); |
94 | return ret; |
95 | } |
96 | |
97 | /* |
98 | * Connect to the given ssh server using a proxy command that passes a |
99 | * a connected fd back to us. |
100 | */ |
101 | static int |
102 | ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, |
103 | const char *host_arg, u_short port, const char *proxy_command) |
104 | { |
105 | char *command_string; |
106 | int sp[2], sock; |
107 | pid_t pid; |
108 | char *shell; |
109 | |
110 | if ((shell = getenv("SHELL")) == NULL((void *)0)) |
111 | shell = _PATH_BSHELL"/bin/sh"; |
112 | |
113 | if (socketpair(AF_UNIX1, SOCK_STREAM1, 0, sp) == -1) |
114 | fatal("Could not create socketpair to communicate with "sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 115, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Could not create socketpair to communicate with " "proxy dialer: %.100s", strerror((*__errno()))) |
115 | "proxy dialer: %.100s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 115, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Could not create socketpair to communicate with " "proxy dialer: %.100s", strerror((*__errno()))); |
116 | |
117 | command_string = expand_proxy_command(proxy_command, options.user, |
118 | host, host_arg, port); |
119 | debug("Executing proxy dialer command: %.500s", command_string)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 119 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Executing proxy dialer command: %.500s" , command_string); |
120 | |
121 | /* Fork and execute the proxy command. */ |
122 | if ((pid = fork()) == 0) { |
123 | char *argv[10]; |
124 | |
125 | close(sp[1]); |
126 | /* Redirect stdin and stdout. */ |
127 | if (sp[0] != 0) { |
128 | if (dup2(sp[0], 0) == -1) |
129 | perror("dup2 stdin"); |
130 | } |
131 | if (sp[0] != 1) { |
132 | if (dup2(sp[0], 1) == -1) |
133 | perror("dup2 stdout"); |
134 | } |
135 | if (sp[0] >= 2) |
136 | close(sp[0]); |
137 | |
138 | /* |
139 | * Stderr is left for non-ControlPersist connections is so |
140 | * error messages may be printed on the user's terminal. |
141 | */ |
142 | if (!debug_flag && options.control_path != NULL((void *)0) && |
143 | options.control_persist && stdfd_devnull(0, 0, 1) == -1) |
144 | error_f("stdfd_devnull failed")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 144 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "stdfd_devnull failed"); |
145 | |
146 | argv[0] = shell; |
147 | argv[1] = "-c"; |
148 | argv[2] = command_string; |
149 | argv[3] = NULL((void *)0); |
150 | |
151 | /* |
152 | * Execute the proxy command. |
153 | * Note that we gave up any extra privileges above. |
154 | */ |
155 | execv(argv[0], argv); |
156 | perror(argv[0]); |
157 | exit(1); |
158 | } |
159 | /* Parent. */ |
160 | if (pid == -1) |
161 | fatal("fork failed: %.100s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 161, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "fork failed: %.100s" , strerror((*__errno()))); |
162 | close(sp[0]); |
163 | free(command_string); |
164 | |
165 | if ((sock = mm_receive_fd(sp[1])) == -1) |
166 | fatal("proxy dialer did not pass back a connection")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 166, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "proxy dialer did not pass back a connection" ); |
167 | close(sp[1]); |
168 | |
169 | while (waitpid(pid, NULL((void *)0), 0) == -1) |
170 | if (errno(*__errno()) != EINTR4) |
171 | fatal("Couldn't wait for child: %s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 171, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Couldn't wait for child: %s" , strerror((*__errno()))); |
172 | |
173 | /* Set the connection file descriptors. */ |
174 | if (ssh_packet_set_connection(ssh, sock, sock) == NULL((void *)0)) |
175 | return -1; /* ssh_packet_set_connection logs error */ |
176 | |
177 | return 0; |
178 | } |
179 | |
180 | /* |
181 | * Connect to the given ssh server using a proxy command. |
182 | */ |
183 | static int |
184 | ssh_proxy_connect(struct ssh *ssh, const char *host, const char *host_arg, |
185 | u_short port, const char *proxy_command) |
186 | { |
187 | char *command_string; |
188 | int pin[2], pout[2]; |
189 | pid_t pid; |
190 | char *shell; |
191 | |
192 | if ((shell = getenv("SHELL")) == NULL((void *)0) || *shell == '\0') |
193 | shell = _PATH_BSHELL"/bin/sh"; |
194 | |
195 | /* Create pipes for communicating with the proxy. */ |
196 | if (pipe(pin) == -1 || pipe(pout) == -1) |
197 | fatal("Could not create pipes to communicate with the proxy: %.100s",sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 198, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Could not create pipes to communicate with the proxy: %.100s" , strerror((*__errno()))) |
198 | strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 198, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Could not create pipes to communicate with the proxy: %.100s" , strerror((*__errno()))); |
199 | |
200 | command_string = expand_proxy_command(proxy_command, options.user, |
201 | host, host_arg, port); |
202 | debug("Executing proxy command: %.500s", command_string)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 202 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Executing proxy command: %.500s" , command_string); |
203 | |
204 | /* Fork and execute the proxy command. */ |
205 | if ((pid = fork()) == 0) { |
206 | char *argv[10]; |
207 | |
208 | /* Redirect stdin and stdout. */ |
209 | close(pin[1]); |
210 | if (pin[0] != 0) { |
211 | if (dup2(pin[0], 0) == -1) |
212 | perror("dup2 stdin"); |
213 | close(pin[0]); |
214 | } |
215 | close(pout[0]); |
216 | if (dup2(pout[1], 1) == -1) |
217 | perror("dup2 stdout"); |
218 | /* Cannot be 1 because pin allocated two descriptors. */ |
219 | close(pout[1]); |
220 | |
221 | /* |
222 | * Stderr is left for non-ControlPersist connections is so |
223 | * error messages may be printed on the user's terminal. |
224 | */ |
225 | if (!debug_flag && options.control_path != NULL((void *)0) && |
226 | options.control_persist && stdfd_devnull(0, 0, 1) == -1) |
227 | error_f("stdfd_devnull failed")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 227 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "stdfd_devnull failed"); |
228 | |
229 | argv[0] = shell; |
230 | argv[1] = "-c"; |
231 | argv[2] = command_string; |
232 | argv[3] = NULL((void *)0); |
233 | |
234 | /* |
235 | * Execute the proxy command. Note that we gave up any |
236 | * extra privileges above. |
237 | */ |
238 | ssh_signal(SIGPIPE13, SIG_DFL(void (*)(int))0); |
239 | execv(argv[0], argv); |
240 | perror(argv[0]); |
241 | exit(1); |
242 | } |
243 | /* Parent. */ |
244 | if (pid == -1) |
245 | fatal("fork failed: %.100s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 245, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "fork failed: %.100s" , strerror((*__errno()))); |
246 | else |
247 | proxy_command_pid = pid; /* save pid to clean up later */ |
248 | |
249 | /* Close child side of the descriptors. */ |
250 | close(pin[0]); |
251 | close(pout[1]); |
252 | |
253 | /* Free the command name. */ |
254 | free(command_string); |
255 | |
256 | /* Set the connection file descriptors. */ |
257 | if (ssh_packet_set_connection(ssh, pout[0], pin[1]) == NULL((void *)0)) |
258 | return -1; /* ssh_packet_set_connection logs error */ |
259 | |
260 | return 0; |
261 | } |
262 | |
263 | void |
264 | ssh_kill_proxy_command(void) |
265 | { |
266 | /* |
267 | * Send SIGHUP to proxy command if used. We don't wait() in |
268 | * case it hangs and instead rely on init to reap the child |
269 | */ |
270 | if (proxy_command_pid > 1) |
271 | kill(proxy_command_pid, SIGHUP1); |
272 | } |
273 | |
274 | /* |
275 | * Search a interface address list (returned from getifaddrs(3)) for an |
276 | * address that matches the desired address family on the specified interface. |
277 | * Returns 0 and fills in *resultp and *rlenp on success. Returns -1 on failure. |
278 | */ |
279 | static int |
280 | check_ifaddrs(const char *ifname, int af, const struct ifaddrs *ifaddrs, |
281 | struct sockaddr_storage *resultp, socklen_t *rlenp) |
282 | { |
283 | struct sockaddr_in6 *sa6; |
284 | struct sockaddr_in *sa; |
285 | struct in6_addr *v6addr; |
286 | const struct ifaddrs *ifa; |
287 | int allow_local; |
288 | |
289 | /* |
290 | * Prefer addresses that are not loopback or linklocal, but use them |
291 | * if nothing else matches. |
292 | */ |
293 | for (allow_local = 0; allow_local < 2; allow_local++) { |
294 | for (ifa = ifaddrs; ifa != NULL((void *)0); ifa = ifa->ifa_next) { |
295 | if (ifa->ifa_addr == NULL((void *)0) || ifa->ifa_name == NULL((void *)0) || |
296 | (ifa->ifa_flags & IFF_UP0x1) == 0 || |
297 | ifa->ifa_addr->sa_family != af || |
298 | strcmp(ifa->ifa_name, options.bind_interface) != 0) |
299 | continue; |
300 | switch (ifa->ifa_addr->sa_family) { |
301 | case AF_INET2: |
302 | sa = (struct sockaddr_in *)ifa->ifa_addr; |
303 | if (!allow_local && sa->sin_addr.s_addr == |
304 | htonl(INADDR_LOOPBACK)(__uint32_t)(__builtin_constant_p(((u_int32_t)(0x7f000001))) ? (__uint32_t)(((__uint32_t)(((u_int32_t)(0x7f000001))) & 0xff ) << 24 | ((__uint32_t)(((u_int32_t)(0x7f000001))) & 0xff00) << 8 | ((__uint32_t)(((u_int32_t)(0x7f000001)) ) & 0xff0000) >> 8 | ((__uint32_t)(((u_int32_t)(0x7f000001 ))) & 0xff000000) >> 24) : __swap32md(((u_int32_t)( 0x7f000001))))) |
305 | continue; |
306 | if (*rlenp < sizeof(struct sockaddr_in)) { |
307 | error_f("v4 addr doesn't fit")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 307 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "v4 addr doesn't fit"); |
308 | return -1; |
309 | } |
310 | *rlenp = sizeof(struct sockaddr_in); |
311 | memcpy(resultp, sa, *rlenp); |
312 | return 0; |
313 | case AF_INET624: |
314 | sa6 = (struct sockaddr_in6 *)ifa->ifa_addr; |
315 | v6addr = &sa6->sin6_addr; |
316 | if (!allow_local && |
317 | (IN6_IS_ADDR_LINKLOCAL(v6addr)(((v6addr)->__u6_addr.__u6_addr8[0] == 0xfe) && (( (v6addr)->__u6_addr.__u6_addr8[1] & 0xc0) == 0x80)) || |
318 | IN6_IS_ADDR_LOOPBACK(v6addr)((*(const u_int32_t *)(const void *)(&(v6addr)->__u6_addr .__u6_addr8[0]) == 0) && (*(const u_int32_t *)(const void *)(&(v6addr)->__u6_addr.__u6_addr8[4]) == 0) && (*(const u_int32_t *)(const void *)(&(v6addr)->__u6_addr .__u6_addr8[8]) == 0) && (*(const u_int32_t *)(const void *)(&(v6addr)->__u6_addr.__u6_addr8[12]) == (__uint32_t )(__builtin_constant_p(1) ? (__uint32_t)(((__uint32_t)(1) & 0xff) << 24 | ((__uint32_t)(1) & 0xff00) << 8 | ((__uint32_t)(1) & 0xff0000) >> 8 | ((__uint32_t )(1) & 0xff000000) >> 24) : __swap32md(1)))))) |
319 | continue; |
320 | if (*rlenp < sizeof(struct sockaddr_in6)) { |
321 | error_f("v6 addr doesn't fit")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 321 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "v6 addr doesn't fit"); |
322 | return -1; |
323 | } |
324 | *rlenp = sizeof(struct sockaddr_in6); |
325 | memcpy(resultp, sa6, *rlenp); |
326 | return 0; |
327 | } |
328 | } |
329 | } |
330 | return -1; |
331 | } |
332 | |
333 | /* |
334 | * Creates a socket for use as the ssh connection. |
335 | */ |
336 | static int |
337 | ssh_create_socket(struct addrinfo *ai) |
338 | { |
339 | int sock, r; |
340 | struct sockaddr_storage bindaddr; |
341 | socklen_t bindaddrlen = 0; |
342 | struct addrinfo hints, *res = NULL((void *)0); |
343 | struct ifaddrs *ifaddrs = NULL((void *)0); |
344 | char ntop[NI_MAXHOST256]; |
345 | |
346 | sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol); |
347 | if (sock == -1) { |
348 | error("socket: %s", strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 348 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "socket: %s", strerror( (*__errno()))); |
349 | return -1; |
350 | } |
351 | fcntl(sock, F_SETFD2, FD_CLOEXEC1); |
352 | |
353 | /* Use interactive QOS (if specified) until authentication completed */ |
354 | if (options.ip_qos_interactive != INT_MAX2147483647) |
355 | set_sock_tos(sock, options.ip_qos_interactive); |
356 | |
357 | /* Bind the socket to an alternative local IP address */ |
358 | if (options.bind_address == NULL((void *)0) && options.bind_interface == NULL((void *)0)) |
359 | return sock; |
360 | |
361 | if (options.bind_address != NULL((void *)0)) { |
362 | memset(&hints, 0, sizeof(hints)); |
363 | hints.ai_family = ai->ai_family; |
364 | hints.ai_socktype = ai->ai_socktype; |
365 | hints.ai_protocol = ai->ai_protocol; |
366 | hints.ai_flags = AI_PASSIVE1; |
367 | if ((r = getaddrinfo(options.bind_address, NULL((void *)0), |
368 | &hints, &res)) != 0) { |
369 | error("getaddrinfo: %s: %s", options.bind_address,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 370 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "getaddrinfo: %s: %s", options .bind_address, ssh_gai_strerror(r)) |
370 | ssh_gai_strerror(r))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 370 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "getaddrinfo: %s: %s", options .bind_address, ssh_gai_strerror(r)); |
371 | goto fail; |
372 | } |
373 | if (res == NULL((void *)0)) { |
374 | error("getaddrinfo: no addrs")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 374 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "getaddrinfo: no addrs" ); |
375 | goto fail; |
376 | } |
377 | memcpy(&bindaddr, res->ai_addr, res->ai_addrlen); |
378 | bindaddrlen = res->ai_addrlen; |
379 | } else if (options.bind_interface != NULL((void *)0)) { |
380 | if ((r = getifaddrs(&ifaddrs)) != 0) { |
Although the value stored to 'r' is used in the enclosing expression, the value is never actually read from 'r' | |
381 | error("getifaddrs: %s: %s", options.bind_interface,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 382 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "getifaddrs: %s: %s", options .bind_interface, strerror((*__errno()))) |
382 | strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 382 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "getifaddrs: %s: %s", options .bind_interface, strerror((*__errno()))); |
383 | goto fail; |
384 | } |
385 | bindaddrlen = sizeof(bindaddr); |
386 | if (check_ifaddrs(options.bind_interface, ai->ai_family, |
387 | ifaddrs, &bindaddr, &bindaddrlen) != 0) { |
388 | logit("getifaddrs: %s: no suitable addresses",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 389 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "getifaddrs: %s: no suitable addresses" , options.bind_interface) |
389 | options.bind_interface)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 389 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "getifaddrs: %s: no suitable addresses" , options.bind_interface); |
390 | goto fail; |
391 | } |
392 | } |
393 | if ((r = getnameinfo((struct sockaddr *)&bindaddr, bindaddrlen, |
394 | ntop, sizeof(ntop), NULL((void *)0), 0, NI_NUMERICHOST1)) != 0) { |
395 | error_f("getnameinfo failed: %s", ssh_gai_strerror(r))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 395 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "getnameinfo failed: %s" , ssh_gai_strerror(r)); |
396 | goto fail; |
397 | } |
398 | if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) { |
399 | error("bind %s: %s", ntop, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 399 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "bind %s: %s", ntop, strerror ((*__errno()))); |
400 | goto fail; |
401 | } |
402 | debug_f("bound to %s", ntop)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 402 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "bound to %s", ntop); |
403 | /* success */ |
404 | goto out; |
405 | fail: |
406 | close(sock); |
407 | sock = -1; |
408 | out: |
409 | if (res != NULL((void *)0)) |
410 | freeaddrinfo(res); |
411 | if (ifaddrs != NULL((void *)0)) |
412 | freeifaddrs(ifaddrs); |
413 | return sock; |
414 | } |
415 | |
416 | /* |
417 | * Opens a TCP/IP connection to the remote server on the given host. |
418 | * The address of the remote host will be returned in hostaddr. |
419 | * If port is 0, the default port will be used. |
420 | * Connection_attempts specifies the maximum number of tries (one per |
421 | * second). If proxy_command is non-NULL, it specifies the command (with %h |
422 | * and %p substituted for host and port, respectively) to use to contact |
423 | * the daemon. |
424 | */ |
425 | static int |
426 | ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, |
427 | struct sockaddr_storage *hostaddr, u_short port, int connection_attempts, |
428 | int *timeout_ms, int want_keepalive) |
429 | { |
430 | int on = 1, saved_timeout_ms = *timeout_ms; |
431 | int oerrno, sock = -1, attempt; |
432 | char ntop[NI_MAXHOST256], strport[NI_MAXSERV32]; |
433 | struct addrinfo *ai; |
434 | |
435 | debug3_f("entering")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 435 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "entering"); |
436 | memset(ntop, 0, sizeof(ntop)); |
437 | memset(strport, 0, sizeof(strport)); |
438 | |
439 | for (attempt = 0; attempt < connection_attempts; attempt++) { |
440 | if (attempt > 0) { |
441 | /* Sleep a moment before retrying. */ |
442 | sleep(1); |
443 | debug("Trying again...")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 443 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Trying again..."); |
444 | } |
445 | /* |
446 | * Loop through addresses for this host, and try each one in |
447 | * sequence until the connection succeeds. |
448 | */ |
449 | for (ai = aitop; ai; ai = ai->ai_next) { |
450 | if (ai->ai_family != AF_INET2 && |
451 | ai->ai_family != AF_INET624) { |
452 | errno(*__errno()) = EAFNOSUPPORT47; |
453 | continue; |
454 | } |
455 | if (getnameinfo(ai->ai_addr, ai->ai_addrlen, |
456 | ntop, sizeof(ntop), strport, sizeof(strport), |
457 | NI_NUMERICHOST1|NI_NUMERICSERV2) != 0) { |
458 | oerrno = errno(*__errno()); |
459 | error_f("getnameinfo failed")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 459 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "getnameinfo failed"); |
460 | errno(*__errno()) = oerrno; |
461 | continue; |
462 | } |
463 | debug("Connecting to %.200s [%.100s] port %s.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 464 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Connecting to %.200s [%.100s] port %s." , host, ntop, strport) |
464 | host, ntop, strport)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 464 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Connecting to %.200s [%.100s] port %s." , host, ntop, strport); |
465 | |
466 | /* Create a socket for connecting. */ |
467 | sock = ssh_create_socket(ai); |
468 | if (sock < 0) { |
469 | /* Any error is already output */ |
470 | errno(*__errno()) = 0; |
471 | continue; |
472 | } |
473 | |
474 | *timeout_ms = saved_timeout_ms; |
475 | if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen, |
476 | timeout_ms) >= 0) { |
477 | /* Successful connection. */ |
478 | memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen); |
479 | break; |
480 | } else { |
481 | oerrno = errno(*__errno()); |
482 | debug("connect to address %s port %s: %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 483 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "connect to address %s port %s: %s" , ntop, strport, strerror((*__errno()))) |
483 | ntop, strport, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 483 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "connect to address %s port %s: %s" , ntop, strport, strerror((*__errno()))); |
484 | close(sock); |
485 | sock = -1; |
486 | errno(*__errno()) = oerrno; |
487 | } |
488 | } |
489 | if (sock != -1) |
490 | break; /* Successful connection. */ |
491 | } |
492 | |
493 | /* Return failure if we didn't get a successful connection. */ |
494 | if (sock == -1) { |
495 | error("ssh: connect to host %s port %s: %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 496 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "ssh: connect to host %s port %s: %s" , host, strport, (*__errno()) == 0 ? "failure" : strerror((*__errno ()))) |
496 | host, strport, errno == 0 ? "failure" : strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 496 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "ssh: connect to host %s port %s: %s" , host, strport, (*__errno()) == 0 ? "failure" : strerror((*__errno ()))); |
497 | return -1; |
498 | } |
499 | |
500 | debug("Connection established.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 500 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Connection established." ); |
501 | |
502 | /* Set SO_KEEPALIVE if requested. */ |
503 | if (want_keepalive && |
504 | setsockopt(sock, SOL_SOCKET0xffff, SO_KEEPALIVE0x0008, (void *)&on, |
505 | sizeof(on)) == -1) |
506 | error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 506 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "setsockopt SO_KEEPALIVE: %.100s" , strerror((*__errno()))); |
507 | |
508 | /* Set the connection. */ |
509 | if (ssh_packet_set_connection(ssh, sock, sock) == NULL((void *)0)) |
510 | return -1; /* ssh_packet_set_connection logs error */ |
511 | |
512 | return 0; |
513 | } |
514 | |
515 | int |
516 | ssh_connect(struct ssh *ssh, const char *host, const char *host_arg, |
517 | struct addrinfo *addrs, struct sockaddr_storage *hostaddr, u_short port, |
518 | int connection_attempts, int *timeout_ms, int want_keepalive) |
519 | { |
520 | int in, out; |
521 | |
522 | if (options.proxy_command == NULL((void *)0)) { |
523 | return ssh_connect_direct(ssh, host, addrs, hostaddr, port, |
524 | connection_attempts, timeout_ms, want_keepalive); |
525 | } else if (strcmp(options.proxy_command, "-") == 0) { |
526 | if ((in = dup(STDIN_FILENO0)) == -1 || |
527 | (out = dup(STDOUT_FILENO1)) == -1) { |
528 | if (in >= 0) |
529 | close(in); |
530 | error_f("dup() in/out failed")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 530 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "dup() in/out failed"); |
531 | return -1; /* ssh_packet_set_connection logs error */ |
532 | } |
533 | if ((ssh_packet_set_connection(ssh, in, out)) == NULL((void *)0)) |
534 | return -1; /* ssh_packet_set_connection logs error */ |
535 | return 0; |
536 | } else if (options.proxy_use_fdpass) { |
537 | return ssh_proxy_fdpass_connect(ssh, host, host_arg, port, |
538 | options.proxy_command); |
539 | } |
540 | return ssh_proxy_connect(ssh, host, host_arg, port, |
541 | options.proxy_command); |
542 | } |
543 | |
544 | /* defaults to 'no' */ |
545 | static int |
546 | confirm(const char *prompt, const char *fingerprint) |
547 | { |
548 | const char *msg, *again = "Please type 'yes' or 'no': "; |
549 | const char *again_fp = "Please type 'yes', 'no' or the fingerprint: "; |
550 | char *p, *cp; |
551 | int ret = -1; |
552 | |
553 | if (options.batch_mode) |
554 | return 0; |
555 | for (msg = prompt;;msg = fingerprint ? again_fp : again) { |
556 | cp = p = read_passphrase(msg, RP_ECHO0x0001); |
557 | if (p == NULL((void *)0)) |
558 | return 0; |
559 | p += strspn(p, " \t"); /* skip leading whitespace */ |
560 | p[strcspn(p, " \t\n")] = '\0'; /* remove trailing whitespace */ |
561 | if (p[0] == '\0' || strcasecmp(p, "no") == 0) |
562 | ret = 0; |
563 | else if (strcasecmp(p, "yes") == 0 || (fingerprint != NULL((void *)0) && |
564 | strcmp(p, fingerprint) == 0)) |
565 | ret = 1; |
566 | free(cp); |
567 | if (ret != -1) |
568 | return ret; |
569 | } |
570 | } |
571 | |
572 | static int |
573 | sockaddr_is_local(struct sockaddr *hostaddr) |
574 | { |
575 | switch (hostaddr->sa_family) { |
576 | case AF_INET2: |
577 | return (ntohl(((struct sockaddr_in *)hostaddr)->(__uint32_t)(__builtin_constant_p(((struct sockaddr_in *)hostaddr )-> sin_addr.s_addr) ? (__uint32_t)(((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr) & 0xff) << 24 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr .s_addr) & 0xff00) << 8 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr) & 0xff0000) >> 8 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr .s_addr) & 0xff000000) >> 24) : __swap32md(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr)) |
578 | sin_addr.s_addr)(__uint32_t)(__builtin_constant_p(((struct sockaddr_in *)hostaddr )-> sin_addr.s_addr) ? (__uint32_t)(((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr) & 0xff) << 24 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr .s_addr) & 0xff00) << 8 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr) & 0xff0000) >> 8 | ((__uint32_t)(((struct sockaddr_in *)hostaddr)-> sin_addr .s_addr) & 0xff000000) >> 24) : __swap32md(((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr)) >> 24) == IN_LOOPBACKNET127; |
579 | case AF_INET624: |
580 | return IN6_IS_ADDR_LOOPBACK(((*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr))->__u6_addr.__u6_addr8[0]) == 0 ) && (*(const u_int32_t *)(const void *)(&(&( ((struct sockaddr_in6 *)hostaddr)->sin6_addr))->__u6_addr .__u6_addr8[4]) == 0) && (*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr ))->__u6_addr.__u6_addr8[8]) == 0) && (*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr )->sin6_addr))->__u6_addr.__u6_addr8[12]) == (__uint32_t )(__builtin_constant_p(1) ? (__uint32_t)(((__uint32_t)(1) & 0xff) << 24 | ((__uint32_t)(1) & 0xff00) << 8 | ((__uint32_t)(1) & 0xff0000) >> 8 | ((__uint32_t )(1) & 0xff000000) >> 24) : __swap32md(1)))) |
581 | &(((struct sockaddr_in6 *)hostaddr)->sin6_addr))((*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr))->__u6_addr.__u6_addr8[0]) == 0 ) && (*(const u_int32_t *)(const void *)(&(&( ((struct sockaddr_in6 *)hostaddr)->sin6_addr))->__u6_addr .__u6_addr8[4]) == 0) && (*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr ))->__u6_addr.__u6_addr8[8]) == 0) && (*(const u_int32_t *)(const void *)(&(&(((struct sockaddr_in6 *)hostaddr )->sin6_addr))->__u6_addr.__u6_addr8[12]) == (__uint32_t )(__builtin_constant_p(1) ? (__uint32_t)(((__uint32_t)(1) & 0xff) << 24 | ((__uint32_t)(1) & 0xff00) << 8 | ((__uint32_t)(1) & 0xff0000) >> 8 | ((__uint32_t )(1) & 0xff000000) >> 24) : __swap32md(1)))); |
582 | default: |
583 | return 0; |
584 | } |
585 | } |
586 | |
587 | /* |
588 | * Prepare the hostname and ip address strings that are used to lookup |
589 | * host keys in known_hosts files. These may have a port number appended. |
590 | */ |
591 | void |
592 | get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr, |
593 | u_short port, char **hostfile_hostname, char **hostfile_ipaddr) |
594 | { |
595 | char ntop[NI_MAXHOST256]; |
596 | |
597 | /* |
598 | * We don't have the remote ip-address for connections |
599 | * using a proxy command |
600 | */ |
601 | if (hostfile_ipaddr != NULL((void *)0)) { |
602 | if (options.proxy_command == NULL((void *)0)) { |
603 | if (getnameinfo(hostaddr, hostaddr->sa_len, |
604 | ntop, sizeof(ntop), NULL((void *)0), 0, NI_NUMERICHOST1) != 0) |
605 | fatal_f("getnameinfo failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 605, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "getnameinfo failed" ); |
606 | *hostfile_ipaddr = put_host_port(ntop, port); |
607 | } else { |
608 | *hostfile_ipaddr = xstrdup("<no hostip for proxy " |
609 | "command>"); |
610 | } |
611 | } |
612 | |
613 | /* |
614 | * Allow the user to record the key under a different name or |
615 | * differentiate a non-standard port. This is useful for ssh |
616 | * tunneling over forwarded connections or if you run multiple |
617 | * sshd's on different ports on the same machine. |
618 | */ |
619 | if (hostfile_hostname != NULL((void *)0)) { |
620 | if (options.host_key_alias != NULL((void *)0)) { |
621 | *hostfile_hostname = xstrdup(options.host_key_alias); |
622 | debug("using hostkeyalias: %s", *hostfile_hostname)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 622 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "using hostkeyalias: %s" , *hostfile_hostname); |
623 | } else { |
624 | *hostfile_hostname = put_host_port(hostname, port); |
625 | } |
626 | } |
627 | } |
628 | |
629 | /* returns non-zero if path appears in hostfiles, or 0 if not. */ |
630 | static int |
631 | path_in_hostfiles(const char *path, char **hostfiles, u_int num_hostfiles) |
632 | { |
633 | u_int i; |
634 | |
635 | for (i = 0; i < num_hostfiles; i++) { |
636 | if (strcmp(path, hostfiles[i]) == 0) |
637 | return 1; |
638 | } |
639 | return 0; |
640 | } |
641 | |
642 | struct find_by_key_ctx { |
643 | const char *host, *ip; |
644 | const struct sshkey *key; |
645 | char **names; |
646 | u_int nnames; |
647 | }; |
648 | |
649 | /* Try to replace home directory prefix (per $HOME) with a ~/ sequence */ |
650 | static char * |
651 | try_tilde_unexpand(const char *path) |
652 | { |
653 | char *home, *ret = NULL((void *)0); |
654 | size_t l; |
655 | |
656 | if (*path != '/') |
657 | return xstrdup(path); |
658 | if ((home = getenv("HOME")) == NULL((void *)0) || (l = strlen(home)) == 0) |
659 | return xstrdup(path); |
660 | if (strncmp(path, home, l) != 0) |
661 | return xstrdup(path); |
662 | /* |
663 | * ensure we have matched on a path boundary: either the $HOME that |
664 | * we just compared ends with a '/' or the next character of the path |
665 | * must be a '/'. |
666 | */ |
667 | if (home[l - 1] != '/' && path[l] != '/') |
668 | return xstrdup(path); |
669 | if (path[l] == '/') |
670 | l++; |
671 | xasprintf(&ret, "~/%s", path + l); |
672 | return ret; |
673 | } |
674 | |
675 | static int |
676 | hostkeys_find_by_key_cb(struct hostkey_foreach_line *l, void *_ctx) |
677 | { |
678 | struct find_by_key_ctx *ctx = (struct find_by_key_ctx *)_ctx; |
679 | char *path; |
680 | |
681 | /* we are looking for keys with names that *do not* match */ |
682 | if ((l->match & HKF_MATCH_HOST(1)) != 0) |
683 | return 0; |
684 | /* not interested in marker lines */ |
685 | if (l->marker != MRK_NONE) |
686 | return 0; |
687 | /* we are only interested in exact key matches */ |
688 | if (l->key == NULL((void *)0) || !sshkey_equal(ctx->key, l->key)) |
689 | return 0; |
690 | path = try_tilde_unexpand(l->path); |
691 | debug_f("found matching key in %s:%lu", path, l->linenum)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 691 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "found matching key in %s:%lu" , path, l->linenum); |
692 | ctx->names = xrecallocarray(ctx->names, |
693 | ctx->nnames, ctx->nnames + 1, sizeof(*ctx->names)); |
694 | xasprintf(&ctx->names[ctx->nnames], "%s:%lu: %s", path, l->linenum, |
695 | strncmp(l->hosts, HASH_MAGIC"|1|", strlen(HASH_MAGIC"|1|")) == 0 ? |
696 | "[hashed name]" : l->hosts); |
697 | ctx->nnames++; |
698 | free(path); |
699 | return 0; |
700 | } |
701 | |
702 | static int |
703 | hostkeys_find_by_key_hostfile(const char *file, const char *which, |
704 | struct find_by_key_ctx *ctx) |
705 | { |
706 | int r; |
707 | |
708 | debug3_f("trying %s hostfile \"%s\"", which, file)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 708 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "trying %s hostfile \"%s\"" , which, file); |
709 | if ((r = hostkeys_foreach(file, hostkeys_find_by_key_cb, ctx, |
710 | ctx->host, ctx->ip, HKF_WANT_PARSE_KEY(1<<1), 0)) != 0) { |
711 | if (r == SSH_ERR_SYSTEM_ERROR-24 && errno(*__errno()) == ENOENT2) { |
712 | debug_f("hostkeys file %s does not exist", file)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 712 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "hostkeys file %s does not exist" , file); |
713 | return 0; |
714 | } |
715 | error_fr(r, "hostkeys_foreach failed for %s", file)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 715 , 1, SYSLOG_LEVEL_ERROR, ssh_err(r), "hostkeys_foreach failed for %s" , file); |
716 | return r; |
717 | } |
718 | return 0; |
719 | } |
720 | |
721 | /* |
722 | * Find 'key' in known hosts file(s) that do not match host/ip. |
723 | * Used to display also-known-as information for previously-unseen hostkeys. |
724 | */ |
725 | static void |
726 | hostkeys_find_by_key(const char *host, const char *ip, const struct sshkey *key, |
727 | char **user_hostfiles, u_int num_user_hostfiles, |
728 | char **system_hostfiles, u_int num_system_hostfiles, |
729 | char ***names, u_int *nnames) |
730 | { |
731 | struct find_by_key_ctx ctx = {0, 0, 0, 0, 0}; |
732 | u_int i; |
733 | |
734 | *names = NULL((void *)0); |
735 | *nnames = 0; |
736 | |
737 | if (key == NULL((void *)0) || sshkey_is_cert(key)) |
738 | return; |
739 | |
740 | ctx.host = host; |
741 | ctx.ip = ip; |
742 | ctx.key = key; |
743 | |
744 | for (i = 0; i < num_user_hostfiles; i++) { |
745 | if (hostkeys_find_by_key_hostfile(user_hostfiles[i], |
746 | "user", &ctx) != 0) |
747 | goto fail; |
748 | } |
749 | for (i = 0; i < num_system_hostfiles; i++) { |
750 | if (hostkeys_find_by_key_hostfile(system_hostfiles[i], |
751 | "system", &ctx) != 0) |
752 | goto fail; |
753 | } |
754 | /* success */ |
755 | *names = ctx.names; |
756 | *nnames = ctx.nnames; |
757 | ctx.names = NULL((void *)0); |
758 | ctx.nnames = 0; |
759 | return; |
760 | fail: |
761 | for (i = 0; i < ctx.nnames; i++) |
762 | free(ctx.names[i]); |
763 | free(ctx.names); |
764 | } |
765 | |
766 | #define MAX_OTHER_NAMES8 8 /* Maximum number of names to list */ |
767 | static char * |
768 | other_hostkeys_message(const char *host, const char *ip, |
769 | const struct sshkey *key, |
770 | char **user_hostfiles, u_int num_user_hostfiles, |
771 | char **system_hostfiles, u_int num_system_hostfiles) |
772 | { |
773 | char *ret = NULL((void *)0), **othernames = NULL((void *)0); |
774 | u_int i, n, num_othernames = 0; |
775 | |
776 | hostkeys_find_by_key(host, ip, key, |
777 | user_hostfiles, num_user_hostfiles, |
778 | system_hostfiles, num_system_hostfiles, |
779 | &othernames, &num_othernames); |
780 | if (num_othernames == 0) |
781 | return xstrdup("This key is not known by any other names"); |
782 | |
783 | xasprintf(&ret, "This host key is known by the following other " |
784 | "names/addresses:"); |
785 | |
786 | n = num_othernames; |
787 | if (n > MAX_OTHER_NAMES8) |
788 | n = MAX_OTHER_NAMES8; |
789 | for (i = 0; i < n; i++) { |
790 | xextendf(&ret, "\n", " %s", othernames[i]); |
791 | } |
792 | if (n < num_othernames) { |
793 | xextendf(&ret, "\n", " (%d additional names omitted)", |
794 | num_othernames - n); |
795 | } |
796 | for (i = 0; i < num_othernames; i++) |
797 | free(othernames[i]); |
798 | free(othernames); |
799 | return ret; |
800 | } |
801 | |
802 | void |
803 | load_hostkeys_command(struct hostkeys *hostkeys, const char *command_template, |
804 | const char *invocation, const struct ssh_conn_info *cinfo, |
805 | const struct sshkey *host_key, const char *hostfile_hostname) |
806 | { |
807 | int r, i, ac = 0; |
808 | char *key_fp = NULL((void *)0), *keytext = NULL((void *)0), *tmp; |
809 | char *command = NULL((void *)0), *tag = NULL((void *)0), **av = NULL((void *)0); |
810 | FILE *f = NULL((void *)0); |
811 | pid_t pid; |
812 | void (*osigchld)(int); |
813 | |
814 | xasprintf(&tag, "KnownHostsCommand-%s", invocation); |
815 | |
816 | if (host_key != NULL((void *)0)) { |
817 | if ((key_fp = sshkey_fingerprint(host_key, |
818 | options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL((void *)0)) |
819 | fatal_f("sshkey_fingerprint failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 819, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshkey_fingerprint failed" ); |
820 | if ((r = sshkey_to_base64(host_key, &keytext)) != 0) |
821 | fatal_fr(r, "sshkey_to_base64 failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 821, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "sshkey_to_base64 failed" ); |
822 | } |
823 | /* |
824 | * NB. all returns later this function should go via "out" to |
825 | * ensure the original SIGCHLD handler is restored properly. |
826 | */ |
827 | osigchld = ssh_signal(SIGCHLD20, SIG_DFL(void (*)(int))0); |
828 | |
829 | /* Turn the command into an argument vector */ |
830 | if (argv_split(command_template, &ac, &av, 0) != 0) { |
831 | error("%s \"%s\" contains invalid quotes", tag,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 832 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s \"%s\" contains invalid quotes" , tag, command_template) |
832 | command_template)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 832 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s \"%s\" contains invalid quotes" , tag, command_template); |
833 | goto out; |
834 | } |
835 | if (ac == 0) { |
836 | error("%s \"%s\" yielded no arguments", tag,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 837 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s \"%s\" yielded no arguments" , tag, command_template) |
837 | command_template)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 837 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s \"%s\" yielded no arguments" , tag, command_template); |
838 | goto out; |
839 | } |
840 | for (i = 1; i < ac; i++) { |
841 | tmp = percent_dollar_expand(av[i], |
842 | DEFAULT_CLIENT_PERCENT_EXPAND_ARGS(cinfo)"C", cinfo->conn_hash_hex, "L", cinfo->shorthost, "i", cinfo ->uidstr, "k", cinfo->keyalias, "l", cinfo->thishost , "n", cinfo->host_arg, "p", cinfo->portstr, "d", cinfo ->homedir, "h", cinfo->remhost, "r", cinfo->remuser, "u", cinfo->locuser, |
843 | "H", hostfile_hostname, |
844 | "I", invocation, |
845 | "t", host_key == NULL((void *)0) ? "NONE" : sshkey_ssh_name(host_key), |
846 | "f", key_fp == NULL((void *)0) ? "NONE" : key_fp, |
847 | "K", keytext == NULL((void *)0) ? "NONE" : keytext, |
848 | (char *)NULL((void *)0)); |
849 | if (tmp == NULL((void *)0)) |
850 | fatal_f("percent_expand failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 850, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "percent_expand failed" ); |
851 | free(av[i]); |
852 | av[i] = tmp; |
853 | } |
854 | /* Prepare a printable command for logs, etc. */ |
855 | command = argv_assemble(ac, av); |
856 | |
857 | if ((pid = subprocess(tag, command, ac, av, &f, |
858 | SSH_SUBPROCESS_STDOUT_CAPTURE(1<<1)|SSH_SUBPROCESS_UNSAFE_PATH(1<<3)| |
859 | SSH_SUBPROCESS_PRESERVE_ENV(1<<4), NULL((void *)0), NULL((void *)0), NULL((void *)0))) == 0) |
860 | goto out; |
861 | |
862 | load_hostkeys_file(hostkeys, hostfile_hostname, tag, f, 1); |
863 | |
864 | if (exited_cleanly(pid, tag, command, 0) != 0) |
865 | fatal("KnownHostsCommand failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 865, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "KnownHostsCommand failed" ); |
866 | |
867 | out: |
868 | if (f != NULL((void *)0)) |
869 | fclose(f); |
870 | ssh_signal(SIGCHLD20, osigchld); |
871 | for (i = 0; i < ac; i++) |
872 | free(av[i]); |
873 | free(av); |
874 | free(tag); |
875 | free(command); |
876 | free(key_fp); |
877 | free(keytext); |
878 | } |
879 | |
880 | /* |
881 | * check whether the supplied host key is valid, return -1 if the key |
882 | * is not valid. user_hostfile[0] will not be updated if 'readonly' is true. |
883 | */ |
884 | #define RDRW0 0 |
885 | #define RDONLY1 1 |
886 | #define ROQUIET2 2 |
887 | static int |
888 | check_host_key(char *hostname, const struct ssh_conn_info *cinfo, |
889 | struct sockaddr *hostaddr, u_short port, |
890 | struct sshkey *host_key, int readonly, int clobber_port, |
891 | char **user_hostfiles, u_int num_user_hostfiles, |
892 | char **system_hostfiles, u_int num_system_hostfiles, |
893 | const char *hostfile_command) |
894 | { |
895 | HostStatus host_status = -1, ip_status = -1; |
896 | struct sshkey *raw_key = NULL((void *)0); |
897 | char *ip = NULL((void *)0), *host = NULL((void *)0); |
898 | char hostline[1000], *hostp, *fp, *ra; |
899 | char msg[1024]; |
900 | const char *type, *fail_reason; |
901 | const struct hostkey_entry *host_found = NULL((void *)0), *ip_found = NULL((void *)0); |
902 | int len, cancelled_forwarding = 0, confirmed; |
903 | int local = sockaddr_is_local(hostaddr); |
904 | int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0; |
905 | int hostkey_trusted = 0; /* Known or explicitly accepted by user */ |
906 | struct hostkeys *host_hostkeys, *ip_hostkeys; |
907 | u_int i; |
908 | |
909 | /* |
910 | * Force accepting of the host key for loopback/localhost. The |
911 | * problem is that if the home directory is NFS-mounted to multiple |
912 | * machines, localhost will refer to a different machine in each of |
913 | * them, and the user will get bogus HOST_CHANGED warnings. This |
914 | * essentially disables host authentication for localhost; however, |
915 | * this is probably not a real problem. |
916 | */ |
917 | if (options.no_host_authentication_for_localhost == 1 && local && |
918 | options.host_key_alias == NULL((void *)0)) { |
919 | debug("Forcing accepting of host key for "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 920 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Forcing accepting of host key for " "loopback/localhost.") |
920 | "loopback/localhost.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 920 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Forcing accepting of host key for " "loopback/localhost."); |
921 | options.update_hostkeys = 0; |
922 | return 0; |
923 | } |
924 | |
925 | /* |
926 | * Prepare the hostname and address strings used for hostkey lookup. |
927 | * In some cases, these will have a port number appended. |
928 | */ |
929 | get_hostfile_hostname_ipaddr(hostname, hostaddr, |
930 | clobber_port ? 0 : port, &host, &ip); |
931 | |
932 | /* |
933 | * Turn off check_host_ip if the connection is to localhost, via proxy |
934 | * command or if we don't have a hostname to compare with |
935 | */ |
936 | if (options.check_host_ip && (local || |
937 | strcmp(hostname, ip) == 0 || options.proxy_command != NULL((void *)0))) |
938 | options.check_host_ip = 0; |
939 | |
940 | host_hostkeys = init_hostkeys(); |
941 | for (i = 0; i < num_user_hostfiles; i++) |
942 | load_hostkeys(host_hostkeys, host, user_hostfiles[i], 0); |
943 | for (i = 0; i < num_system_hostfiles; i++) |
944 | load_hostkeys(host_hostkeys, host, system_hostfiles[i], 0); |
945 | if (hostfile_command != NULL((void *)0) && !clobber_port) { |
946 | load_hostkeys_command(host_hostkeys, hostfile_command, |
947 | "HOSTNAME", cinfo, host_key, host); |
948 | } |
949 | |
950 | ip_hostkeys = NULL((void *)0); |
951 | if (!want_cert && options.check_host_ip) { |
952 | ip_hostkeys = init_hostkeys(); |
953 | for (i = 0; i < num_user_hostfiles; i++) |
954 | load_hostkeys(ip_hostkeys, ip, user_hostfiles[i], 0); |
955 | for (i = 0; i < num_system_hostfiles; i++) |
956 | load_hostkeys(ip_hostkeys, ip, system_hostfiles[i], 0); |
957 | if (hostfile_command != NULL((void *)0) && !clobber_port) { |
958 | load_hostkeys_command(ip_hostkeys, hostfile_command, |
959 | "ADDRESS", cinfo, host_key, ip); |
960 | } |
961 | } |
962 | |
963 | retry: |
964 | /* Reload these as they may have changed on cert->key downgrade */ |
965 | want_cert = sshkey_is_cert(host_key); |
966 | type = sshkey_type(host_key); |
967 | |
968 | /* |
969 | * Check if the host key is present in the user's list of known |
970 | * hosts or in the systemwide list. |
971 | */ |
972 | host_status = check_key_in_hostkeys(host_hostkeys, host_key, |
973 | &host_found); |
974 | |
975 | /* |
976 | * If there are no hostfiles, or if the hostkey was found via |
977 | * KnownHostsCommand, then don't try to touch the disk. |
978 | */ |
979 | if (!readonly && (num_user_hostfiles == 0 || |
980 | (host_found != NULL((void *)0) && host_found->note != 0))) |
981 | readonly = RDONLY1; |
982 | |
983 | /* |
984 | * Also perform check for the ip address, skip the check if we are |
985 | * localhost, looking for a certificate, or the hostname was an ip |
986 | * address to begin with. |
987 | */ |
988 | if (!want_cert && ip_hostkeys != NULL((void *)0)) { |
989 | ip_status = check_key_in_hostkeys(ip_hostkeys, host_key, |
990 | &ip_found); |
991 | if (host_status == HOST_CHANGED && |
992 | (ip_status != HOST_CHANGED || |
993 | (ip_found != NULL((void *)0) && |
994 | !sshkey_equal(ip_found->key, host_found->key)))) |
995 | host_ip_differ = 1; |
996 | } else |
997 | ip_status = host_status; |
998 | |
999 | switch (host_status) { |
1000 | case HOST_OK: |
1001 | /* The host is known and the key matches. */ |
1002 | debug("Host '%.200s' is known and matches the %s host %s.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1003 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Host '%.200s' is known and matches the %s host %s." , host, type, want_cert ? "certificate" : "key") |
1003 | host, type, want_cert ? "certificate" : "key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1003 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Host '%.200s' is known and matches the %s host %s." , host, type, want_cert ? "certificate" : "key"); |
1004 | debug("Found %s in %s:%lu", want_cert ? "CA key" : "key",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1005 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Found %s in %s:%lu", want_cert ? "CA key" : "key", host_found->file, host_found->line ) |
1005 | host_found->file, host_found->line)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1005 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Found %s in %s:%lu", want_cert ? "CA key" : "key", host_found->file, host_found->line ); |
1006 | if (want_cert) { |
1007 | if (sshkey_cert_check_host(host_key, |
1008 | options.host_key_alias == NULL((void *)0) ? |
1009 | hostname : options.host_key_alias, 0, |
1010 | options.ca_sign_algorithms, &fail_reason) != 0) { |
1011 | error("%s", fail_reason)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1011 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s", fail_reason); |
1012 | goto fail; |
1013 | } |
1014 | /* |
1015 | * Do not attempt hostkey update if a certificate was |
1016 | * successfully matched. |
1017 | */ |
1018 | if (options.update_hostkeys != 0) { |
1019 | options.update_hostkeys = 0; |
1020 | debug3_f("certificate host key in use; "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1021 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "certificate host key in use; " "disabling UpdateHostkeys") |
1021 | "disabling UpdateHostkeys")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1021 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "certificate host key in use; " "disabling UpdateHostkeys"); |
1022 | } |
1023 | } |
1024 | /* Turn off UpdateHostkeys if key was in system known_hosts */ |
1025 | if (options.update_hostkeys != 0 && |
1026 | (path_in_hostfiles(host_found->file, |
1027 | system_hostfiles, num_system_hostfiles) || |
1028 | (ip_status == HOST_OK && ip_found != NULL((void *)0) && |
1029 | path_in_hostfiles(ip_found->file, |
1030 | system_hostfiles, num_system_hostfiles)))) { |
1031 | options.update_hostkeys = 0; |
1032 | debug3_f("host key found in GlobalKnownHostsFile; "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1033 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "host key found in GlobalKnownHostsFile; " "disabling UpdateHostkeys") |
1033 | "disabling UpdateHostkeys")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1033 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "host key found in GlobalKnownHostsFile; " "disabling UpdateHostkeys"); |
1034 | } |
1035 | if (options.update_hostkeys != 0 && host_found->note) { |
1036 | options.update_hostkeys = 0; |
1037 | debug3_f("host key found via KnownHostsCommand; "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1038 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "host key found via KnownHostsCommand; " "disabling UpdateHostkeys") |
1038 | "disabling UpdateHostkeys")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1038 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "host key found via KnownHostsCommand; " "disabling UpdateHostkeys"); |
1039 | } |
1040 | if (options.check_host_ip && ip_status == HOST_NEW) { |
1041 | if (readonly || want_cert) |
1042 | logit("%s host key for IP address "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1044 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s host key for IP address " "'%.128s' not in list of known hosts.", type, ip) |
1043 | "'%.128s' not in list of known hosts.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1044 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s host key for IP address " "'%.128s' not in list of known hosts.", type, ip) |
1044 | type, ip)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1044 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s host key for IP address " "'%.128s' not in list of known hosts.", type, ip); |
1045 | else if (!add_host_to_hostfile(user_hostfiles[0], ip, |
1046 | host_key, options.hash_known_hosts)) |
1047 | logit("Failed to add the %s host key for IP "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1050 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type , ip, user_hostfiles[0]) |
1048 | "address '%.128s' to the list of known "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1050 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type , ip, user_hostfiles[0]) |
1049 | "hosts (%.500s).", type, ip,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1050 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type , ip, user_hostfiles[0]) |
1050 | user_hostfiles[0])sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1050 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type , ip, user_hostfiles[0]); |
1051 | else |
1052 | logit("Warning: Permanently added the %s host "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1054 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts." , type, ip) |
1053 | "key for IP address '%.128s' to the list "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1054 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts." , type, ip) |
1054 | "of known hosts.", type, ip)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1054 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts." , type, ip); |
1055 | } else if (options.visual_host_key) { |
1056 | fp = sshkey_fingerprint(host_key, |
1057 | options.fingerprint_hash, SSH_FP_DEFAULT); |
1058 | ra = sshkey_fingerprint(host_key, |
1059 | options.fingerprint_hash, SSH_FP_RANDOMART); |
1060 | if (fp == NULL((void *)0) || ra == NULL((void *)0)) |
1061 | fatal_f("sshkey_fingerprint failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1061, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshkey_fingerprint failed" ); |
1062 | logit("Host key fingerprint is %s\n%s", fp, ra)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1062 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Host key fingerprint is %s\n%s" , fp, ra); |
1063 | free(ra); |
1064 | free(fp); |
1065 | } |
1066 | hostkey_trusted = 1; |
1067 | break; |
1068 | case HOST_NEW: |
1069 | if (options.host_key_alias == NULL((void *)0) && port != 0 && |
1070 | port != SSH_DEFAULT_PORT22 && !clobber_port) { |
1071 | debug("checking without port identifier")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1071 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "checking without port identifier" ); |
1072 | if (check_host_key(hostname, cinfo, hostaddr, 0, |
1073 | host_key, ROQUIET2, 1, |
1074 | user_hostfiles, num_user_hostfiles, |
1075 | system_hostfiles, num_system_hostfiles, |
1076 | hostfile_command) == 0) { |
1077 | debug("found matching key w/out port")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1077 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "found matching key w/out port" ); |
1078 | break; |
1079 | } |
1080 | } |
1081 | if (readonly || want_cert) |
1082 | goto fail; |
1083 | /* The host is new. */ |
1084 | if (options.strict_host_key_checking == |
1085 | SSH_STRICT_HOSTKEY_YES2) { |
1086 | /* |
1087 | * User has requested strict host key checking. We |
1088 | * will not add the host key automatically. The only |
1089 | * alternative left is to abort. |
1090 | */ |
1091 | error("No %s host key is known for %.200s and you "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1092 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "No %s host key is known for %.200s and you " "have requested strict checking.", type, host) |
1092 | "have requested strict checking.", type, host)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1092 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "No %s host key is known for %.200s and you " "have requested strict checking.", type, host); |
1093 | goto fail; |
1094 | } else if (options.strict_host_key_checking == |
1095 | SSH_STRICT_HOSTKEY_ASK3) { |
1096 | char *msg1 = NULL((void *)0), *msg2 = NULL((void *)0); |
1097 | |
1098 | xasprintf(&msg1, "The authenticity of host " |
1099 | "'%.200s (%s)' can't be established", host, ip); |
1100 | |
1101 | if (show_other_keys(host_hostkeys, host_key)) { |
1102 | xextendf(&msg1, "\n", "but keys of different " |
1103 | "type are already known for this host."); |
1104 | } else |
1105 | xextendf(&msg1, "", "."); |
1106 | |
1107 | fp = sshkey_fingerprint(host_key, |
1108 | options.fingerprint_hash, SSH_FP_DEFAULT); |
1109 | ra = sshkey_fingerprint(host_key, |
1110 | options.fingerprint_hash, SSH_FP_RANDOMART); |
1111 | if (fp == NULL((void *)0) || ra == NULL((void *)0)) |
1112 | fatal_f("sshkey_fingerprint failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1112, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshkey_fingerprint failed" ); |
1113 | xextendf(&msg1, "\n", "%s key fingerprint is %s.", |
1114 | type, fp); |
1115 | if (options.visual_host_key) |
1116 | xextendf(&msg1, "\n", "%s", ra); |
1117 | if (options.verify_host_key_dns) { |
1118 | xextendf(&msg1, "\n", |
1119 | "%s host key fingerprint found in DNS.", |
1120 | matching_host_key_dns ? |
1121 | "Matching" : "No matching"); |
1122 | } |
1123 | /* msg2 informs for other names matching this key */ |
1124 | if ((msg2 = other_hostkeys_message(host, ip, host_key, |
1125 | user_hostfiles, num_user_hostfiles, |
1126 | system_hostfiles, num_system_hostfiles)) != NULL((void *)0)) |
1127 | xextendf(&msg1, "\n", "%s", msg2); |
1128 | |
1129 | xextendf(&msg1, "\n", |
1130 | "Are you sure you want to continue connecting " |
1131 | "(yes/no/[fingerprint])? "); |
1132 | |
1133 | confirmed = confirm(msg1, fp); |
1134 | free(ra); |
1135 | free(fp); |
1136 | free(msg1); |
1137 | free(msg2); |
1138 | if (!confirmed) |
1139 | goto fail; |
1140 | hostkey_trusted = 1; /* user explicitly confirmed */ |
1141 | } |
1142 | /* |
1143 | * If in "new" or "off" strict mode, add the key automatically |
1144 | * to the local known_hosts file. |
1145 | */ |
1146 | if (options.check_host_ip && ip_status == HOST_NEW) { |
1147 | snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); |
1148 | hostp = hostline; |
1149 | if (options.hash_known_hosts) { |
1150 | /* Add hash of host and IP separately */ |
1151 | r = add_host_to_hostfile(user_hostfiles[0], |
1152 | host, host_key, options.hash_known_hosts) && |
1153 | add_host_to_hostfile(user_hostfiles[0], ip, |
1154 | host_key, options.hash_known_hosts); |
1155 | } else { |
1156 | /* Add unhashed "host,ip" */ |
1157 | r = add_host_to_hostfile(user_hostfiles[0], |
1158 | hostline, host_key, |
1159 | options.hash_known_hosts); |
1160 | } |
1161 | } else { |
1162 | r = add_host_to_hostfile(user_hostfiles[0], host, |
1163 | host_key, options.hash_known_hosts); |
1164 | hostp = host; |
1165 | } |
1166 | |
1167 | if (!r) |
1168 | logit("Failed to add the host to the list of known "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1169 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the host to the list of known " "hosts (%.500s).", user_hostfiles[0]) |
1169 | "hosts (%.500s).", user_hostfiles[0])sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1169 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Failed to add the host to the list of known " "hosts (%.500s).", user_hostfiles[0]); |
1170 | else |
1171 | logit("Warning: Permanently added '%.200s' (%s) to the "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1172 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Warning: Permanently added '%.200s' (%s) to the " "list of known hosts.", hostp, type) |
1172 | "list of known hosts.", hostp, type)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1172 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Warning: Permanently added '%.200s' (%s) to the " "list of known hosts.", hostp, type); |
1173 | break; |
1174 | case HOST_REVOKED: |
1175 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1175 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); |
1176 | error("@ WARNING: REVOKED HOST KEY DETECTED! @")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1176 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@ WARNING: REVOKED HOST KEY DETECTED! @" ); |
1177 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1177 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); |
1178 | error("The %s host key for %s is marked as revoked.", type, host)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1178 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "The %s host key for %s is marked as revoked." , type, host); |
1179 | error("This could mean that a stolen key is being used to")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1179 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "This could mean that a stolen key is being used to" ); |
1180 | error("impersonate this host.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1180 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "impersonate this host." ); |
1181 | |
1182 | /* |
1183 | * If strict host key checking is in use, the user will have |
1184 | * to edit the key manually and we can only abort. |
1185 | */ |
1186 | if (options.strict_host_key_checking != |
1187 | SSH_STRICT_HOSTKEY_OFF0) { |
1188 | error("%s host key for %.200s was revoked and you have "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1189 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s host key for %.200s was revoked and you have " "requested strict checking.", type, host) |
1189 | "requested strict checking.", type, host)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1189 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s host key for %.200s was revoked and you have " "requested strict checking.", type, host); |
1190 | goto fail; |
1191 | } |
1192 | goto continue_unsafe; |
1193 | |
1194 | case HOST_CHANGED: |
1195 | if (want_cert) { |
1196 | /* |
1197 | * This is only a debug() since it is valid to have |
1198 | * CAs with wildcard DNS matches that don't match |
1199 | * all hosts that one might visit. |
1200 | */ |
1201 | debug("Host certificate authority does not "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1203 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Host certificate authority does not " "match %s in %s:%lu", "@cert-authority", host_found->file , host_found->line) |
1202 | "match %s in %s:%lu", CA_MARKER,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1203 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Host certificate authority does not " "match %s in %s:%lu", "@cert-authority", host_found->file , host_found->line) |
1203 | host_found->file, host_found->line)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1203 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Host certificate authority does not " "match %s in %s:%lu", "@cert-authority", host_found->file , host_found->line); |
1204 | goto fail; |
1205 | } |
1206 | if (readonly == ROQUIET2) |
1207 | goto fail; |
1208 | if (options.check_host_ip && host_ip_differ) { |
1209 | char *key_msg; |
1210 | if (ip_status == HOST_NEW) |
1211 | key_msg = "is unknown"; |
1212 | else if (ip_status == HOST_OK) |
1213 | key_msg = "is unchanged"; |
1214 | else |
1215 | key_msg = "has a different value"; |
1216 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1216 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); |
1217 | error("@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1217 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @" ); |
1218 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1218 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); |
1219 | error("The %s host key for %s has changed,", type, host)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1219 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "The %s host key for %s has changed," , type, host); |
1220 | error("and the key for the corresponding IP address %s", ip)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1220 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "and the key for the corresponding IP address %s" , ip); |
1221 | error("%s. This could either mean that", key_msg)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1221 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "%s. This could either mean that" , key_msg); |
1222 | error("DNS SPOOFING is happening or the IP address for the host")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1222 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "DNS SPOOFING is happening or the IP address for the host" ); |
1223 | error("and its host key have changed at the same time.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1223 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "and its host key have changed at the same time." ); |
1224 | if (ip_status != HOST_NEW) |
1225 | error("Offending key for IP in %s:%lu",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1226 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Offending key for IP in %s:%lu" , ip_found->file, ip_found->line) |
1226 | ip_found->file, ip_found->line)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1226 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Offending key for IP in %s:%lu" , ip_found->file, ip_found->line); |
1227 | } |
1228 | /* The host key has changed. */ |
1229 | warn_changed_key(host_key); |
1230 | error("Add correct host key in %.100s to get rid of this message.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1231 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Add correct host key in %.100s to get rid of this message." , user_hostfiles[0]) |
1231 | user_hostfiles[0])sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1231 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Add correct host key in %.100s to get rid of this message." , user_hostfiles[0]); |
1232 | error("Offending %s key in %s:%lu",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1234 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Offending %s key in %s:%lu" , sshkey_type(host_found->key), host_found->file, host_found ->line) |
1233 | sshkey_type(host_found->key),sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1234 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Offending %s key in %s:%lu" , sshkey_type(host_found->key), host_found->file, host_found ->line) |
1234 | host_found->file, host_found->line)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1234 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Offending %s key in %s:%lu" , sshkey_type(host_found->key), host_found->file, host_found ->line); |
1235 | |
1236 | /* |
1237 | * If strict host key checking is in use, the user will have |
1238 | * to edit the key manually and we can only abort. |
1239 | */ |
1240 | if (options.strict_host_key_checking != |
1241 | SSH_STRICT_HOSTKEY_OFF0) { |
1242 | error("Host key for %.200s has changed and you have "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1243 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Host key for %.200s has changed and you have " "requested strict checking.", host) |
1243 | "requested strict checking.", host)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1243 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Host key for %.200s has changed and you have " "requested strict checking.", host); |
1244 | goto fail; |
1245 | } |
1246 | |
1247 | continue_unsafe: |
1248 | /* |
1249 | * If strict host key checking has not been requested, allow |
1250 | * the connection but without MITM-able authentication or |
1251 | * forwarding. |
1252 | */ |
1253 | if (options.password_authentication) { |
1254 | error("Password authentication is disabled to avoid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1255 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Password authentication is disabled to avoid " "man-in-the-middle attacks.") |
1255 | "man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1255 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Password authentication is disabled to avoid " "man-in-the-middle attacks."); |
1256 | options.password_authentication = 0; |
1257 | cancelled_forwarding = 1; |
1258 | } |
1259 | if (options.kbd_interactive_authentication) { |
1260 | error("Keyboard-interactive authentication is disabled"sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1261 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Keyboard-interactive authentication is disabled" " to avoid man-in-the-middle attacks.") |
1261 | " to avoid man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1261 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Keyboard-interactive authentication is disabled" " to avoid man-in-the-middle attacks."); |
1262 | options.kbd_interactive_authentication = 0; |
1263 | cancelled_forwarding = 1; |
1264 | } |
1265 | if (options.forward_agent) { |
1266 | error("Agent forwarding is disabled to avoid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1267 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Agent forwarding is disabled to avoid " "man-in-the-middle attacks.") |
1267 | "man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1267 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Agent forwarding is disabled to avoid " "man-in-the-middle attacks."); |
1268 | options.forward_agent = 0; |
1269 | cancelled_forwarding = 1; |
1270 | } |
1271 | if (options.forward_x11) { |
1272 | error("X11 forwarding is disabled to avoid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1273 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "X11 forwarding is disabled to avoid " "man-in-the-middle attacks.") |
1273 | "man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1273 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "X11 forwarding is disabled to avoid " "man-in-the-middle attacks."); |
1274 | options.forward_x11 = 0; |
1275 | cancelled_forwarding = 1; |
1276 | } |
1277 | if (options.num_local_forwards > 0 || |
1278 | options.num_remote_forwards > 0) { |
1279 | error("Port forwarding is disabled to avoid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1280 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Port forwarding is disabled to avoid " "man-in-the-middle attacks.") |
1280 | "man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1280 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Port forwarding is disabled to avoid " "man-in-the-middle attacks."); |
1281 | options.num_local_forwards = |
1282 | options.num_remote_forwards = 0; |
1283 | cancelled_forwarding = 1; |
1284 | } |
1285 | if (options.tun_open != SSH_TUNMODE_NO0x00) { |
1286 | error("Tunnel forwarding is disabled to avoid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1287 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Tunnel forwarding is disabled to avoid " "man-in-the-middle attacks.") |
1287 | "man-in-the-middle attacks.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1287 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Tunnel forwarding is disabled to avoid " "man-in-the-middle attacks."); |
1288 | options.tun_open = SSH_TUNMODE_NO0x00; |
1289 | cancelled_forwarding = 1; |
1290 | } |
1291 | if (options.update_hostkeys != 0) { |
1292 | error("UpdateHostkeys is disabled because the host "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1293 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "UpdateHostkeys is disabled because the host " "key is not trusted.") |
1293 | "key is not trusted.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1293 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "UpdateHostkeys is disabled because the host " "key is not trusted."); |
1294 | options.update_hostkeys = 0; |
1295 | } |
1296 | if (options.exit_on_forward_failure && cancelled_forwarding) |
1297 | fatal("Error: forwarding disabled due to host key "sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1298, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Error: forwarding disabled due to host key " "check failure") |
1298 | "check failure")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1298, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Error: forwarding disabled due to host key " "check failure"); |
1299 | |
1300 | /* |
1301 | * XXX Should permit the user to change to use the new id. |
1302 | * This could be done by converting the host key to an |
1303 | * identifying sentence, tell that the host identifies itself |
1304 | * by that sentence, and ask the user if they wish to |
1305 | * accept the authentication. |
1306 | */ |
1307 | break; |
1308 | case HOST_FOUND: |
1309 | fatal("internal error")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1309, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "internal error"); |
1310 | break; |
1311 | } |
1312 | |
1313 | if (options.check_host_ip && host_status != HOST_CHANGED && |
1314 | ip_status == HOST_CHANGED) { |
1315 | snprintf(msg, sizeof(msg), |
1316 | "Warning: the %s host key for '%.200s' " |
1317 | "differs from the key for the IP address '%.128s'" |
1318 | "\nOffending key for IP in %s:%lu", |
1319 | type, host, ip, ip_found->file, ip_found->line); |
1320 | if (host_status == HOST_OK) { |
1321 | len = strlen(msg); |
1322 | snprintf(msg + len, sizeof(msg) - len, |
1323 | "\nMatching host key in %s:%lu", |
1324 | host_found->file, host_found->line); |
1325 | } |
1326 | if (options.strict_host_key_checking == |
1327 | SSH_STRICT_HOSTKEY_ASK3) { |
1328 | strlcat(msg, "\nAre you sure you want " |
1329 | "to continue connecting (yes/no)? ", sizeof(msg)); |
1330 | if (!confirm(msg, NULL((void *)0))) |
1331 | goto fail; |
1332 | } else if (options.strict_host_key_checking != |
1333 | SSH_STRICT_HOSTKEY_OFF0) { |
1334 | logit("%s", msg)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1334 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s", msg); |
1335 | error("Exiting, you have requested strict checking.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1335 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Exiting, you have requested strict checking." ); |
1336 | goto fail; |
1337 | } else { |
1338 | logit("%s", msg)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1338 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s", msg); |
1339 | } |
1340 | } |
1341 | |
1342 | if (!hostkey_trusted && options.update_hostkeys) { |
1343 | debug_f("hostkey not known or explicitly trusted: "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1344 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "hostkey not known or explicitly trusted: " "disabling UpdateHostkeys") |
1344 | "disabling UpdateHostkeys")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1344 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "hostkey not known or explicitly trusted: " "disabling UpdateHostkeys"); |
1345 | options.update_hostkeys = 0; |
1346 | } |
1347 | |
1348 | free(ip); |
1349 | free(host); |
1350 | if (host_hostkeys != NULL((void *)0)) |
1351 | free_hostkeys(host_hostkeys); |
1352 | if (ip_hostkeys != NULL((void *)0)) |
1353 | free_hostkeys(ip_hostkeys); |
1354 | return 0; |
1355 | |
1356 | fail: |
1357 | if (want_cert && host_status != HOST_REVOKED) { |
1358 | /* |
1359 | * No matching certificate. Downgrade cert to raw key and |
1360 | * search normally. |
1361 | */ |
1362 | debug("No matching CA found. Retry with plain key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1362 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "No matching CA found. Retry with plain key" ); |
1363 | if ((r = sshkey_from_private(host_key, &raw_key)) != 0) |
1364 | fatal_fr(r, "decode key")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1364, 1, SYSLOG_LEVEL_FATAL, ssh_err(r), "decode key"); |
1365 | if ((r = sshkey_drop_cert(raw_key)) != 0) |
1366 | fatal_r(r, "Couldn't drop certificate")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1366, 0, SYSLOG_LEVEL_FATAL, ssh_err(r), "Couldn't drop certificate" ); |
1367 | host_key = raw_key; |
1368 | goto retry; |
1369 | } |
1370 | sshkey_free(raw_key); |
1371 | free(ip); |
1372 | free(host); |
1373 | if (host_hostkeys != NULL((void *)0)) |
1374 | free_hostkeys(host_hostkeys); |
1375 | if (ip_hostkeys != NULL((void *)0)) |
1376 | free_hostkeys(ip_hostkeys); |
1377 | return -1; |
1378 | } |
1379 | |
1380 | /* returns 0 if key verifies or -1 if key does NOT verify */ |
1381 | int |
1382 | verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key, |
1383 | const struct ssh_conn_info *cinfo) |
1384 | { |
1385 | u_int i; |
1386 | int r = -1, flags = 0; |
1387 | char valid[64], *fp = NULL((void *)0), *cafp = NULL((void *)0); |
1388 | struct sshkey *plain = NULL((void *)0); |
1389 | |
1390 | if ((fp = sshkey_fingerprint(host_key, |
1391 | options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL((void *)0)) { |
1392 | error_fr(r, "fingerprint host key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1392 , 1, SYSLOG_LEVEL_ERROR, ssh_err(r), "fingerprint host key"); |
1393 | r = -1; |
1394 | goto out; |
1395 | } |
1396 | |
1397 | if (sshkey_is_cert(host_key)) { |
1398 | if ((cafp = sshkey_fingerprint(host_key->cert->signature_key, |
1399 | options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL((void *)0)) { |
1400 | error_fr(r, "fingerprint CA key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1400 , 1, SYSLOG_LEVEL_ERROR, ssh_err(r), "fingerprint CA key"); |
1401 | r = -1; |
1402 | goto out; |
1403 | } |
1404 | sshkey_format_cert_validity(host_key->cert, |
1405 | valid, sizeof(valid)); |
1406 | debug("Server host certificate: %s %s, serial %llu "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) |
1407 | "ID \"%s\" CA %s %s valid %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) |
1408 | sshkey_ssh_name(host_key), fp,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) |
1409 | (unsigned long long)host_key->cert->serial,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) |
1410 | host_key->cert->key_id,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) |
1411 | sshkey_ssh_name(host_key->cert->signature_key), cafp,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid) |
1412 | valid)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1412 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host certificate: %s %s, serial %llu " "ID \"%s\" CA %s %s valid %s", sshkey_ssh_name(host_key), fp , (unsigned long long)host_key->cert->serial, host_key-> cert->key_id, sshkey_ssh_name(host_key->cert->signature_key ), cafp, valid); |
1413 | for (i = 0; i < host_key->cert->nprincipals; i++) { |
1414 | debug2("Server host certificate hostname: %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1415 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "Server host certificate hostname: %s" , host_key->cert->principals[i]) |
1415 | host_key->cert->principals[i])sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1415 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "Server host certificate hostname: %s" , host_key->cert->principals[i]); |
1416 | } |
1417 | } else { |
1418 | debug("Server host key: %s %s", sshkey_ssh_name(host_key), fp)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1418 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Server host key: %s %s" , sshkey_ssh_name(host_key), fp); |
1419 | } |
1420 | |
1421 | if (sshkey_equal(previous_host_key, host_key)) { |
1422 | debug2_f("server host key %s %s matches cached key",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1423 , 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "server host key %s %s matches cached key" , sshkey_type(host_key), fp) |
1423 | sshkey_type(host_key), fp)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1423 , 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "server host key %s %s matches cached key" , sshkey_type(host_key), fp); |
1424 | r = 0; |
1425 | goto out; |
1426 | } |
1427 | |
1428 | /* Check in RevokedHostKeys file if specified */ |
1429 | if (options.revoked_host_keys != NULL((void *)0)) { |
1430 | r = sshkey_check_revoked(host_key, options.revoked_host_keys); |
1431 | switch (r) { |
1432 | case 0: |
1433 | break; /* not revoked */ |
1434 | case SSH_ERR_KEY_REVOKED-51: |
1435 | error("Host key %s %s revoked by file %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1437 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Host key %s %s revoked by file %s" , sshkey_type(host_key), fp, options.revoked_host_keys) |
1436 | sshkey_type(host_key), fp,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1437 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Host key %s %s revoked by file %s" , sshkey_type(host_key), fp, options.revoked_host_keys) |
1437 | options.revoked_host_keys)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1437 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Host key %s %s revoked by file %s" , sshkey_type(host_key), fp, options.revoked_host_keys); |
1438 | r = -1; |
1439 | goto out; |
1440 | default: |
1441 | error_r(r, "Error checking host key %s %s in "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1443 , 0, SYSLOG_LEVEL_ERROR, ssh_err(r), "Error checking host key %s %s in " "revoked keys file %s", sshkey_type(host_key), fp, options.revoked_host_keys ) |
1442 | "revoked keys file %s", sshkey_type(host_key),sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1443 , 0, SYSLOG_LEVEL_ERROR, ssh_err(r), "Error checking host key %s %s in " "revoked keys file %s", sshkey_type(host_key), fp, options.revoked_host_keys ) |
1443 | fp, options.revoked_host_keys)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1443 , 0, SYSLOG_LEVEL_ERROR, ssh_err(r), "Error checking host key %s %s in " "revoked keys file %s", sshkey_type(host_key), fp, options.revoked_host_keys ); |
1444 | r = -1; |
1445 | goto out; |
1446 | } |
1447 | } |
1448 | |
1449 | if (options.verify_host_key_dns) { |
1450 | /* |
1451 | * XXX certs are not yet supported for DNS, so downgrade |
1452 | * them and try the plain key. |
1453 | */ |
1454 | if ((r = sshkey_from_private(host_key, &plain)) != 0) |
1455 | goto out; |
1456 | if (sshkey_is_cert(plain)) |
1457 | sshkey_drop_cert(plain); |
1458 | if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) { |
1459 | if (flags & DNS_VERIFY_FOUND0x00000001) { |
1460 | if (options.verify_host_key_dns == 1 && |
1461 | flags & DNS_VERIFY_MATCH0x00000002 && |
1462 | flags & DNS_VERIFY_SECURE0x00000004) { |
1463 | r = 0; |
1464 | goto out; |
1465 | } |
1466 | if (flags & DNS_VERIFY_MATCH0x00000002) { |
1467 | matching_host_key_dns = 1; |
1468 | } else { |
1469 | warn_changed_key(plain); |
1470 | error("Update the SSHFP RR in DNS "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1472 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Update the SSHFP RR in DNS " "with the new host key to get rid " "of this message.") |
1471 | "with the new host key to get rid "sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1472 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Update the SSHFP RR in DNS " "with the new host key to get rid " "of this message.") |
1472 | "of this message.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1472 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Update the SSHFP RR in DNS " "with the new host key to get rid " "of this message."); |
1473 | } |
1474 | } |
1475 | } |
1476 | } |
1477 | r = check_host_key(host, cinfo, hostaddr, options.port, host_key, |
1478 | RDRW0, 0, options.user_hostfiles, options.num_user_hostfiles, |
1479 | options.system_hostfiles, options.num_system_hostfiles, |
1480 | options.known_hosts_command); |
1481 | |
1482 | out: |
1483 | sshkey_free(plain); |
1484 | free(fp); |
1485 | free(cafp); |
1486 | if (r == 0 && host_key != NULL((void *)0)) { |
1487 | sshkey_free(previous_host_key); |
1488 | r = sshkey_from_private(host_key, &previous_host_key); |
1489 | } |
1490 | |
1491 | return r; |
1492 | } |
1493 | |
1494 | /* |
1495 | * Starts a dialog with the server, and authenticates the current user on the |
1496 | * server. This does not need any extra privileges. The basic connection |
1497 | * to the server must already have been established before this is called. |
1498 | * If login fails, this function prints an error and never returns. |
1499 | * This function does not require super-user privileges. |
1500 | */ |
1501 | void |
1502 | ssh_login(struct ssh *ssh, Sensitive *sensitive, const char *orighost, |
1503 | struct sockaddr *hostaddr, u_short port, struct passwd *pw, int timeout_ms, |
1504 | const struct ssh_conn_info *cinfo) |
1505 | { |
1506 | char *host; |
1507 | char *server_user, *local_user; |
1508 | int r; |
1509 | |
1510 | local_user = xstrdup(pw->pw_name); |
1511 | server_user = options.user ? options.user : local_user; |
1512 | |
1513 | /* Convert the user-supplied hostname into all lowercase. */ |
1514 | host = xstrdup(orighost); |
1515 | lowercase(host); |
1516 | |
1517 | /* Exchange protocol version identification strings with the server. */ |
1518 | if ((r = kex_exchange_identification(ssh, timeout_ms, NULL((void *)0))) != 0) |
1519 | sshpkt_fatal(ssh, r, "banner exchange"); |
1520 | |
1521 | /* Put the connection into non-blocking mode. */ |
1522 | ssh_packet_set_nonblocking(ssh); |
1523 | |
1524 | /* key exchange */ |
1525 | /* authenticate user */ |
1526 | debug("Authenticating to %s:%d as '%s'", host, port, server_user)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1526 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "Authenticating to %s:%d as '%s'" , host, port, server_user); |
1527 | ssh_kex2(ssh, host, hostaddr, port, cinfo); |
1528 | ssh_userauth2(ssh, local_user, server_user, host, sensitive); |
1529 | free(local_user); |
1530 | free(host); |
1531 | } |
1532 | |
1533 | /* print all known host keys for a given host, but skip keys of given type */ |
1534 | static int |
1535 | show_other_keys(struct hostkeys *hostkeys, struct sshkey *key) |
1536 | { |
1537 | int type[] = { |
1538 | KEY_RSA, |
1539 | KEY_DSA, |
1540 | KEY_ECDSA, |
1541 | KEY_ED25519, |
1542 | KEY_XMSS, |
1543 | -1 |
1544 | }; |
1545 | int i, ret = 0; |
1546 | char *fp, *ra; |
1547 | const struct hostkey_entry *found; |
1548 | |
1549 | for (i = 0; type[i] != -1; i++) { |
1550 | if (type[i] == key->type) |
1551 | continue; |
1552 | if (!lookup_key_in_hostkeys_by_type(hostkeys, type[i], |
1553 | -1, &found)) |
1554 | continue; |
1555 | fp = sshkey_fingerprint(found->key, |
1556 | options.fingerprint_hash, SSH_FP_DEFAULT); |
1557 | ra = sshkey_fingerprint(found->key, |
1558 | options.fingerprint_hash, SSH_FP_RANDOMART); |
1559 | if (fp == NULL((void *)0) || ra == NULL((void *)0)) |
1560 | fatal_f("sshkey_fingerprint fail")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1560, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshkey_fingerprint fail" ); |
1561 | logit("WARNING: %s key found for host %s\n"sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp) |
1562 | "in %s:%lu\n"sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp) |
1563 | "%s key fingerprint %s.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp) |
1564 | sshkey_type(found->key),sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp) |
1565 | found->host, found->file, found->line,sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp) |
1566 | sshkey_type(found->key), fp)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1566 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "WARNING: %s key found for host %s\n" "in %s:%lu\n" "%s key fingerprint %s.", sshkey_type(found-> key), found->host, found->file, found->line, sshkey_type (found->key), fp); |
1567 | if (options.visual_host_key) |
1568 | logit("%s", ra)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1568 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "%s", ra); |
1569 | free(ra); |
1570 | free(fp); |
1571 | ret = 1; |
1572 | } |
1573 | return ret; |
1574 | } |
1575 | |
1576 | static void |
1577 | warn_changed_key(struct sshkey *host_key) |
1578 | { |
1579 | char *fp; |
1580 | |
1581 | fp = sshkey_fingerprint(host_key, options.fingerprint_hash, |
1582 | SSH_FP_DEFAULT); |
1583 | if (fp == NULL((void *)0)) |
1584 | fatal_f("sshkey_fingerprint fail")sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1584, 1, SYSLOG_LEVEL_FATAL, ((void *)0), "sshkey_fingerprint fail" ); |
1585 | |
1586 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1586 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); |
1587 | error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1587 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @" ); |
1588 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1588 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" ); |
1589 | error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1589 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!" ); |
1590 | error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1590 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Someone could be eavesdropping on you right now (man-in-the-middle attack)!" ); |
1591 | error("It is also possible that a host key has just been changed.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1591 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "It is also possible that a host key has just been changed." ); |
1592 | error("The fingerprint for the %s key sent by the remote host is\n%s.",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1593 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "The fingerprint for the %s key sent by the remote host is\n%s." , sshkey_type(host_key), fp) |
1593 | sshkey_type(host_key), fp)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1593 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "The fingerprint for the %s key sent by the remote host is\n%s." , sshkey_type(host_key), fp); |
1594 | error("Please contact your system administrator.")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1594 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Please contact your system administrator." ); |
1595 | |
1596 | free(fp); |
1597 | } |
1598 | |
1599 | /* |
1600 | * Execute a local command |
1601 | */ |
1602 | int |
1603 | ssh_local_cmd(const char *args) |
1604 | { |
1605 | char *shell; |
1606 | pid_t pid; |
1607 | int status; |
1608 | void (*osighand)(int); |
1609 | |
1610 | if (!options.permit_local_command || |
1611 | args == NULL((void *)0) || !*args) |
1612 | return (1); |
1613 | |
1614 | if ((shell = getenv("SHELL")) == NULL((void *)0) || *shell == '\0') |
1615 | shell = _PATH_BSHELL"/bin/sh"; |
1616 | |
1617 | osighand = ssh_signal(SIGCHLD20, SIG_DFL(void (*)(int))0); |
1618 | pid = fork(); |
1619 | if (pid == 0) { |
1620 | ssh_signal(SIGPIPE13, SIG_DFL(void (*)(int))0); |
1621 | debug3("Executing %s -c \"%s\"", shell, args)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1621 , 0, SYSLOG_LEVEL_DEBUG3, ((void *)0), "Executing %s -c \"%s\"" , shell, args); |
1622 | execl(shell, shell, "-c", args, (char *)NULL((void *)0)); |
1623 | error("Couldn't execute %s -c \"%s\": %s",sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1624 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Couldn't execute %s -c \"%s\": %s" , shell, args, strerror((*__errno()))) |
1624 | shell, args, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1624 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Couldn't execute %s -c \"%s\": %s" , shell, args, strerror((*__errno()))); |
1625 | _exit(1); |
1626 | } else if (pid == -1) |
1627 | fatal("fork failed: %.100s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1627, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "fork failed: %.100s" , strerror((*__errno()))); |
1628 | while (waitpid(pid, &status, 0) == -1) |
1629 | if (errno(*__errno()) != EINTR4) |
1630 | fatal("Couldn't wait for child: %s", strerror(errno))sshfatal("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__ , 1630, 0, SYSLOG_LEVEL_FATAL, ((void *)0), "Couldn't wait for child: %s" , strerror((*__errno()))); |
1631 | ssh_signal(SIGCHLD20, osighand); |
1632 | |
1633 | if (!WIFEXITED(status)(((status) & 0177) == 0)) |
1634 | return (1); |
1635 | |
1636 | return (WEXITSTATUS(status)(int)(((unsigned)(status) >> 8) & 0xff)); |
1637 | } |
1638 | |
1639 | void |
1640 | maybe_add_key_to_agent(const char *authfile, struct sshkey *private, |
1641 | const char *comment, const char *passphrase) |
1642 | { |
1643 | int auth_sock = -1, r; |
1644 | const char *skprovider = NULL((void *)0); |
1645 | |
1646 | if (options.add_keys_to_agent == 0) |
1647 | return; |
1648 | |
1649 | if ((r = ssh_get_authentication_socket(&auth_sock)) != 0) { |
1650 | debug3("no authentication agent, not adding key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1650 , 0, SYSLOG_LEVEL_DEBUG3, ((void *)0), "no authentication agent, not adding key" ); |
1651 | return; |
1652 | } |
1653 | |
1654 | if (options.add_keys_to_agent == 2 && |
1655 | !ask_permission("Add key %s (%s) to agent?", authfile, comment)) { |
1656 | debug3("user denied adding this key")sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1656 , 0, SYSLOG_LEVEL_DEBUG3, ((void *)0), "user denied adding this key" ); |
1657 | close(auth_sock); |
1658 | return; |
1659 | } |
1660 | if (sshkey_is_sk(private)) |
1661 | skprovider = options.sk_provider; |
1662 | if ((r = ssh_add_identity_constrained(auth_sock, private, |
1663 | comment == NULL((void *)0) ? authfile : comment, |
1664 | options.add_keys_to_agent_lifespan, |
1665 | (options.add_keys_to_agent == 3), 0, skprovider, NULL((void *)0), 0)) == 0) |
1666 | debug("identity added to agent: %s", authfile)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1666 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "identity added to agent: %s" , authfile); |
1667 | else |
1668 | debug("could not add identity to agent: %s (%d)", authfile, r)sshlog("/usr/src/usr.bin/ssh/ssh/../sshconnect.c", __func__, 1668 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "could not add identity to agent: %s (%d)" , authfile, r); |
1669 | close(auth_sock); |
1670 | } |