File: | src/usr.bin/ssh/ssh/../hostfile.c |
Warning: | line 617, column 7 Although the value stored to 'r' is used in the enclosing expression, the value is never actually read from 'r' |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: hostfile.c,v 1.95 2023/02/21 06:48:18 dtucker Exp $ */ |
2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
5 | * All rights reserved |
6 | * Functions for manipulating the known hosts files. |
7 | * |
8 | * As far as I am concerned, the code I have written for this software |
9 | * can be used freely for any purpose. Any derived versions of this |
10 | * software must be clearly marked as such, and if the derived work is |
11 | * incompatible with the protocol description in the RFC file, it must be |
12 | * called by a name other than "ssh" or "Secure Shell". |
13 | * |
14 | * |
15 | * Copyright (c) 1999, 2000 Markus Friedl. All rights reserved. |
16 | * Copyright (c) 1999 Niels Provos. All rights reserved. |
17 | * |
18 | * Redistribution and use in source and binary forms, with or without |
19 | * modification, are permitted provided that the following conditions |
20 | * are met: |
21 | * 1. Redistributions of source code must retain the above copyright |
22 | * notice, this list of conditions and the following disclaimer. |
23 | * 2. Redistributions in binary form must reproduce the above copyright |
24 | * notice, this list of conditions and the following disclaimer in the |
25 | * documentation and/or other materials provided with the distribution. |
26 | * |
27 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
28 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
29 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
30 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
31 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
32 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
33 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
34 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
35 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
36 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
37 | */ |
38 | |
39 | #include <sys/types.h> |
40 | #include <sys/stat.h> |
41 | |
42 | #include <netinet/in.h> |
43 | |
44 | #include <errno(*__errno()).h> |
45 | #include <resolv.h> |
46 | #include <stdarg.h> |
47 | #include <stdio.h> |
48 | #include <stdlib.h> |
49 | #include <string.h> |
50 | #include <unistd.h> |
51 | |
52 | #include "xmalloc.h" |
53 | #include "match.h" |
54 | #include "sshkey.h" |
55 | #include "hostfile.h" |
56 | #include "log.h" |
57 | #include "misc.h" |
58 | #include "pathnames.h" |
59 | #include "ssherr.h" |
60 | #include "digest.h" |
61 | #include "hmac.h" |
62 | #include "sshbuf.h" |
63 | |
64 | /* XXX hmac is too easy to dictionary attack; use bcrypt? */ |
65 | |
66 | static int |
67 | extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len) |
68 | { |
69 | char *p, *b64salt; |
70 | u_int b64len; |
71 | int ret; |
72 | |
73 | if (l < sizeof(HASH_MAGIC"|1|") - 1) { |
74 | debug2("extract_salt: string too short")sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 74 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "extract_salt: string too short" ); |
75 | return (-1); |
76 | } |
77 | if (strncmp(s, HASH_MAGIC"|1|", sizeof(HASH_MAGIC"|1|") - 1) != 0) { |
78 | debug2("extract_salt: invalid magic identifier")sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 78 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "extract_salt: invalid magic identifier" ); |
79 | return (-1); |
80 | } |
81 | s += sizeof(HASH_MAGIC"|1|") - 1; |
82 | l -= sizeof(HASH_MAGIC"|1|") - 1; |
83 | if ((p = memchr(s, HASH_DELIM'|', l)) == NULL((void *)0)) { |
84 | debug2("extract_salt: missing salt termination character")sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 84 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "extract_salt: missing salt termination character" ); |
85 | return (-1); |
86 | } |
87 | |
88 | b64len = p - s; |
89 | /* Sanity check */ |
90 | if (b64len == 0 || b64len > 1024) { |
91 | debug2("extract_salt: bad encoded salt length %u", b64len)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 91 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "extract_salt: bad encoded salt length %u" , b64len); |
92 | return (-1); |
93 | } |
94 | b64salt = xmalloc(1 + b64len); |
95 | memcpy(b64salt, s, b64len); |
96 | b64salt[b64len] = '\0'; |
97 | |
98 | ret = __b64_pton(b64salt, salt, salt_len); |
99 | free(b64salt); |
100 | if (ret == -1) { |
101 | debug2("extract_salt: salt decode error")sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 101 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "extract_salt: salt decode error" ); |
102 | return (-1); |
103 | } |
104 | if (ret != (int)ssh_hmac_bytes(SSH_DIGEST_SHA11)) { |
105 | debug2("extract_salt: expected salt len %zd, got %d",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 106 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "extract_salt: expected salt len %zd, got %d" , ssh_hmac_bytes(1), ret) |
106 | ssh_hmac_bytes(SSH_DIGEST_SHA1), ret)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 106 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "extract_salt: expected salt len %zd, got %d" , ssh_hmac_bytes(1), ret); |
107 | return (-1); |
108 | } |
109 | |
110 | return (0); |
111 | } |
112 | |
113 | char * |
114 | host_hash(const char *host, const char *name_from_hostfile, u_int src_len) |
115 | { |
116 | struct ssh_hmac_ctx *ctx; |
117 | u_char salt[256], result[256]; |
118 | char uu_salt[512], uu_result[512]; |
119 | char *encoded = NULL((void *)0); |
120 | u_int len; |
121 | |
122 | len = ssh_digest_bytes(SSH_DIGEST_SHA11); |
123 | |
124 | if (name_from_hostfile == NULL((void *)0)) { |
125 | /* Create new salt */ |
126 | arc4random_buf(salt, len); |
127 | } else { |
128 | /* Extract salt from known host entry */ |
129 | if (extract_salt(name_from_hostfile, src_len, salt, |
130 | sizeof(salt)) == -1) |
131 | return (NULL((void *)0)); |
132 | } |
133 | |
134 | if ((ctx = ssh_hmac_start(SSH_DIGEST_SHA11)) == NULL((void *)0) || |
135 | ssh_hmac_init(ctx, salt, len) < 0 || |
136 | ssh_hmac_update(ctx, host, strlen(host)) < 0 || |
137 | ssh_hmac_final(ctx, result, sizeof(result))) |
138 | fatal_f("ssh_hmac failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 138 , 1, SYSLOG_LEVEL_FATAL, ((void *)0), "ssh_hmac failed"); |
139 | ssh_hmac_free(ctx); |
140 | |
141 | if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 || |
142 | __b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1) |
143 | fatal_f("__b64_ntop failed")sshfatal("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 143 , 1, SYSLOG_LEVEL_FATAL, ((void *)0), "__b64_ntop failed"); |
144 | xasprintf(&encoded, "%s%s%c%s", HASH_MAGIC"|1|", uu_salt, HASH_DELIM'|', |
145 | uu_result); |
146 | |
147 | return (encoded); |
148 | } |
149 | |
150 | /* |
151 | * Parses an RSA (number of bits, e, n) or DSA key from a string. Moves the |
152 | * pointer over the key. Skips any whitespace at the beginning and at end. |
153 | */ |
154 | |
155 | int |
156 | hostfile_read_key(char **cpp, u_int *bitsp, struct sshkey *ret) |
157 | { |
158 | char *cp; |
159 | |
160 | /* Skip leading whitespace. */ |
161 | for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++) |
162 | ; |
163 | |
164 | if (sshkey_read(ret, &cp) != 0) |
165 | return 0; |
166 | |
167 | /* Skip trailing whitespace. */ |
168 | for (; *cp == ' ' || *cp == '\t'; cp++) |
169 | ; |
170 | |
171 | /* Return results. */ |
172 | *cpp = cp; |
173 | if (bitsp != NULL((void *)0)) |
174 | *bitsp = sshkey_size(ret); |
175 | return 1; |
176 | } |
177 | |
178 | static HostkeyMarker |
179 | check_markers(char **cpp) |
180 | { |
181 | char marker[32], *sp, *cp = *cpp; |
182 | int ret = MRK_NONE; |
183 | |
184 | while (*cp == '@') { |
185 | /* Only one marker is allowed */ |
186 | if (ret != MRK_NONE) |
187 | return MRK_ERROR; |
188 | /* Markers are terminated by whitespace */ |
189 | if ((sp = strchr(cp, ' ')) == NULL((void *)0) && |
190 | (sp = strchr(cp, '\t')) == NULL((void *)0)) |
191 | return MRK_ERROR; |
192 | /* Extract marker for comparison */ |
193 | if (sp <= cp + 1 || sp >= cp + sizeof(marker)) |
194 | return MRK_ERROR; |
195 | memcpy(marker, cp, sp - cp); |
196 | marker[sp - cp] = '\0'; |
197 | if (strcmp(marker, CA_MARKER"@cert-authority") == 0) |
198 | ret = MRK_CA; |
199 | else if (strcmp(marker, REVOKE_MARKER"@revoked") == 0) |
200 | ret = MRK_REVOKE; |
201 | else |
202 | return MRK_ERROR; |
203 | |
204 | /* Skip past marker and any whitespace that follows it */ |
205 | cp = sp; |
206 | for (; *cp == ' ' || *cp == '\t'; cp++) |
207 | ; |
208 | } |
209 | *cpp = cp; |
210 | return ret; |
211 | } |
212 | |
213 | struct hostkeys * |
214 | init_hostkeys(void) |
215 | { |
216 | struct hostkeys *ret = xcalloc(1, sizeof(*ret)); |
217 | |
218 | ret->entries = NULL((void *)0); |
219 | return ret; |
220 | } |
221 | |
222 | struct load_callback_ctx { |
223 | const char *host; |
224 | u_long num_loaded; |
225 | struct hostkeys *hostkeys; |
226 | }; |
227 | |
228 | static int |
229 | record_hostkey(struct hostkey_foreach_line *l, void *_ctx) |
230 | { |
231 | struct load_callback_ctx *ctx = (struct load_callback_ctx *)_ctx; |
232 | struct hostkeys *hostkeys = ctx->hostkeys; |
233 | struct hostkey_entry *tmp; |
234 | |
235 | if (l->status == HKF_STATUS_INVALID1) { |
236 | /* XXX make this verbose() in the future */ |
237 | debug("%s:%ld: parse error in hostkeys file",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 238 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "%s:%ld: parse error in hostkeys file" , l->path, l->linenum) |
238 | l->path, l->linenum)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 238 , 0, SYSLOG_LEVEL_DEBUG1, ((void *)0), "%s:%ld: parse error in hostkeys file" , l->path, l->linenum); |
239 | return 0; |
240 | } |
241 | |
242 | debug3_f("found %skey type %s in file %s:%lu",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 245 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "found %skey type %s in file %s:%lu" , l->marker == MRK_NONE ? "" : (l->marker == MRK_CA ? "ca " : "revoked "), sshkey_type(l->key), l->path, l->linenum ) |
243 | l->marker == MRK_NONE ? "" :sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 245 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "found %skey type %s in file %s:%lu" , l->marker == MRK_NONE ? "" : (l->marker == MRK_CA ? "ca " : "revoked "), sshkey_type(l->key), l->path, l->linenum ) |
244 | (l->marker == MRK_CA ? "ca " : "revoked "),sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 245 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "found %skey type %s in file %s:%lu" , l->marker == MRK_NONE ? "" : (l->marker == MRK_CA ? "ca " : "revoked "), sshkey_type(l->key), l->path, l->linenum ) |
245 | sshkey_type(l->key), l->path, l->linenum)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 245 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "found %skey type %s in file %s:%lu" , l->marker == MRK_NONE ? "" : (l->marker == MRK_CA ? "ca " : "revoked "), sshkey_type(l->key), l->path, l->linenum ); |
246 | if ((tmp = recallocarray(hostkeys->entries, hostkeys->num_entries, |
247 | hostkeys->num_entries + 1, sizeof(*hostkeys->entries))) == NULL((void *)0)) |
248 | return SSH_ERR_ALLOC_FAIL-2; |
249 | hostkeys->entries = tmp; |
250 | hostkeys->entries[hostkeys->num_entries].host = xstrdup(ctx->host); |
251 | hostkeys->entries[hostkeys->num_entries].file = xstrdup(l->path); |
252 | hostkeys->entries[hostkeys->num_entries].line = l->linenum; |
253 | hostkeys->entries[hostkeys->num_entries].key = l->key; |
254 | l->key = NULL((void *)0); /* steal it */ |
255 | hostkeys->entries[hostkeys->num_entries].marker = l->marker; |
256 | hostkeys->entries[hostkeys->num_entries].note = l->note; |
257 | hostkeys->num_entries++; |
258 | ctx->num_loaded++; |
259 | |
260 | return 0; |
261 | } |
262 | |
263 | void |
264 | load_hostkeys_file(struct hostkeys *hostkeys, const char *host, |
265 | const char *path, FILE *f, u_int note) |
266 | { |
267 | int r; |
268 | struct load_callback_ctx ctx; |
269 | |
270 | ctx.host = host; |
271 | ctx.num_loaded = 0; |
272 | ctx.hostkeys = hostkeys; |
273 | |
274 | if ((r = hostkeys_foreach_file(path, f, record_hostkey, &ctx, host, |
275 | NULL((void *)0), HKF_WANT_MATCH(1)|HKF_WANT_PARSE_KEY(1<<1), note)) != 0) { |
276 | if (r != SSH_ERR_SYSTEM_ERROR-24 && errno(*__errno()) != ENOENT2) |
277 | debug_fr(r, "hostkeys_foreach failed for %s", path)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 277 , 1, SYSLOG_LEVEL_DEBUG1, ssh_err(r), "hostkeys_foreach failed for %s" , path); |
278 | } |
279 | if (ctx.num_loaded != 0) |
280 | debug3_f("loaded %lu keys from %s", ctx.num_loaded, host)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 280 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "loaded %lu keys from %s" , ctx.num_loaded, host); |
281 | } |
282 | |
283 | void |
284 | load_hostkeys(struct hostkeys *hostkeys, const char *host, const char *path, |
285 | u_int note) |
286 | { |
287 | FILE *f; |
288 | |
289 | if ((f = fopen(path, "r")) == NULL((void *)0)) { |
290 | debug_f("fopen %s: %s", path, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 290 , 1, SYSLOG_LEVEL_DEBUG1, ((void *)0), "fopen %s: %s", path, strerror ((*__errno()))); |
291 | return; |
292 | } |
293 | |
294 | load_hostkeys_file(hostkeys, host, path, f, note); |
295 | fclose(f); |
296 | } |
297 | |
298 | void |
299 | free_hostkeys(struct hostkeys *hostkeys) |
300 | { |
301 | u_int i; |
302 | |
303 | for (i = 0; i < hostkeys->num_entries; i++) { |
304 | free(hostkeys->entries[i].host); |
305 | free(hostkeys->entries[i].file); |
306 | sshkey_free(hostkeys->entries[i].key); |
307 | explicit_bzero(hostkeys->entries + i, sizeof(*hostkeys->entries)); |
308 | } |
309 | free(hostkeys->entries); |
310 | freezero(hostkeys, sizeof(*hostkeys)); |
311 | } |
312 | |
313 | static int |
314 | check_key_not_revoked(struct hostkeys *hostkeys, struct sshkey *k) |
315 | { |
316 | int is_cert = sshkey_is_cert(k); |
317 | u_int i; |
318 | |
319 | for (i = 0; i < hostkeys->num_entries; i++) { |
320 | if (hostkeys->entries[i].marker != MRK_REVOKE) |
321 | continue; |
322 | if (sshkey_equal_public(k, hostkeys->entries[i].key)) |
323 | return -1; |
324 | if (is_cert && k != NULL((void *)0) && |
325 | sshkey_equal_public(k->cert->signature_key, |
326 | hostkeys->entries[i].key)) |
327 | return -1; |
328 | } |
329 | return 0; |
330 | } |
331 | |
332 | /* |
333 | * Match keys against a specified key, or look one up by key type. |
334 | * |
335 | * If looking for a keytype (key == NULL) and one is found then return |
336 | * HOST_FOUND, otherwise HOST_NEW. |
337 | * |
338 | * If looking for a key (key != NULL): |
339 | * 1. If the key is a cert and a matching CA is found, return HOST_OK |
340 | * 2. If the key is not a cert and a matching key is found, return HOST_OK |
341 | * 3. If no key matches but a key with a different type is found, then |
342 | * return HOST_CHANGED |
343 | * 4. If no matching keys are found, then return HOST_NEW. |
344 | * |
345 | * Finally, check any found key is not revoked. |
346 | */ |
347 | static HostStatus |
348 | check_hostkeys_by_key_or_type(struct hostkeys *hostkeys, |
349 | struct sshkey *k, int keytype, int nid, const struct hostkey_entry **found) |
350 | { |
351 | u_int i; |
352 | HostStatus end_return = HOST_NEW; |
353 | int want_cert = sshkey_is_cert(k); |
354 | HostkeyMarker want_marker = want_cert ? MRK_CA : MRK_NONE; |
355 | |
356 | if (found != NULL((void *)0)) |
357 | *found = NULL((void *)0); |
358 | |
359 | for (i = 0; i < hostkeys->num_entries; i++) { |
360 | if (hostkeys->entries[i].marker != want_marker) |
361 | continue; |
362 | if (k == NULL((void *)0)) { |
363 | if (hostkeys->entries[i].key->type != keytype) |
364 | continue; |
365 | if (nid != -1 && |
366 | sshkey_type_plain(keytype) == KEY_ECDSA && |
367 | hostkeys->entries[i].key->ecdsa_nid != nid) |
368 | continue; |
369 | end_return = HOST_FOUND; |
370 | if (found != NULL((void *)0)) |
371 | *found = hostkeys->entries + i; |
372 | k = hostkeys->entries[i].key; |
373 | break; |
374 | } |
375 | if (want_cert) { |
376 | if (sshkey_equal_public(k->cert->signature_key, |
377 | hostkeys->entries[i].key)) { |
378 | /* A matching CA exists */ |
379 | end_return = HOST_OK; |
380 | if (found != NULL((void *)0)) |
381 | *found = hostkeys->entries + i; |
382 | break; |
383 | } |
384 | } else { |
385 | if (sshkey_equal(k, hostkeys->entries[i].key)) { |
386 | end_return = HOST_OK; |
387 | if (found != NULL((void *)0)) |
388 | *found = hostkeys->entries + i; |
389 | break; |
390 | } |
391 | /* A non-matching key exists */ |
392 | end_return = HOST_CHANGED; |
393 | if (found != NULL((void *)0)) |
394 | *found = hostkeys->entries + i; |
395 | } |
396 | } |
397 | if (check_key_not_revoked(hostkeys, k) != 0) { |
398 | end_return = HOST_REVOKED; |
399 | if (found != NULL((void *)0)) |
400 | *found = NULL((void *)0); |
401 | } |
402 | return end_return; |
403 | } |
404 | |
405 | HostStatus |
406 | check_key_in_hostkeys(struct hostkeys *hostkeys, struct sshkey *key, |
407 | const struct hostkey_entry **found) |
408 | { |
409 | if (key == NULL((void *)0)) |
410 | fatal("no key to look up")sshfatal("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 410 , 0, SYSLOG_LEVEL_FATAL, ((void *)0), "no key to look up"); |
411 | return check_hostkeys_by_key_or_type(hostkeys, key, 0, -1, found); |
412 | } |
413 | |
414 | int |
415 | lookup_key_in_hostkeys_by_type(struct hostkeys *hostkeys, int keytype, int nid, |
416 | const struct hostkey_entry **found) |
417 | { |
418 | return (check_hostkeys_by_key_or_type(hostkeys, NULL((void *)0), keytype, nid, |
419 | found) == HOST_FOUND); |
420 | } |
421 | |
422 | int |
423 | lookup_marker_in_hostkeys(struct hostkeys *hostkeys, int want_marker) |
424 | { |
425 | u_int i; |
426 | |
427 | for (i = 0; i < hostkeys->num_entries; i++) { |
428 | if (hostkeys->entries[i].marker == (HostkeyMarker)want_marker) |
429 | return 1; |
430 | } |
431 | return 0; |
432 | } |
433 | |
434 | static int |
435 | write_host_entry(FILE *f, const char *host, const char *ip, |
436 | const struct sshkey *key, int store_hash) |
437 | { |
438 | int r, success = 0; |
439 | char *hashed_host = NULL((void *)0), *lhost; |
440 | |
441 | lhost = xstrdup(host); |
442 | lowercase(lhost); |
443 | |
444 | if (store_hash) { |
445 | if ((hashed_host = host_hash(lhost, NULL((void *)0), 0)) == NULL((void *)0)) { |
446 | error_f("host_hash failed")sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 446 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "host_hash failed"); |
447 | free(lhost); |
448 | return 0; |
449 | } |
450 | fprintf(f, "%s ", hashed_host); |
451 | } else if (ip != NULL((void *)0)) |
452 | fprintf(f, "%s,%s ", lhost, ip); |
453 | else { |
454 | fprintf(f, "%s ", lhost); |
455 | } |
456 | free(hashed_host); |
457 | free(lhost); |
458 | if ((r = sshkey_write(key, f)) == 0) |
459 | success = 1; |
460 | else |
461 | error_fr(r, "sshkey_write")sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 461 , 1, SYSLOG_LEVEL_ERROR, ssh_err(r), "sshkey_write"); |
462 | fputc('\n', f); |
463 | /* If hashing is enabled, the IP address needs to go on its own line */ |
464 | if (success && store_hash && ip != NULL((void *)0)) |
465 | success = write_host_entry(f, ip, NULL((void *)0), key, 1); |
466 | return success; |
467 | } |
468 | |
469 | /* |
470 | * Create user ~/.ssh directory if it doesn't exist and we want to write to it. |
471 | * If notify is set, a message will be emitted if the directory is created. |
472 | */ |
473 | void |
474 | hostfile_create_user_ssh_dir(const char *filename, int notify) |
475 | { |
476 | char *dotsshdir = NULL((void *)0), *p; |
477 | size_t len; |
478 | struct stat st; |
479 | |
480 | if ((p = strrchr(filename, '/')) == NULL((void *)0)) |
481 | return; |
482 | len = p - filename; |
483 | dotsshdir = tilde_expand_filename("~/" _PATH_SSH_USER_DIR".ssh", getuid()); |
484 | if (strlen(dotsshdir) > len || strncmp(filename, dotsshdir, len) != 0) |
485 | goto out; /* not ~/.ssh prefixed */ |
486 | if (stat(dotsshdir, &st) == 0) |
487 | goto out; /* dir already exists */ |
488 | else if (errno(*__errno()) != ENOENT2) |
489 | error("Could not stat %s: %s", dotsshdir, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 489 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Could not stat %s: %s" , dotsshdir, strerror((*__errno()))); |
490 | else { |
491 | if (mkdir(dotsshdir, 0700) == -1) |
492 | error("Could not create directory '%.200s' (%s).",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 493 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Could not create directory '%.200s' (%s)." , dotsshdir, strerror((*__errno()))) |
493 | dotsshdir, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 493 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Could not create directory '%.200s' (%s)." , dotsshdir, strerror((*__errno()))); |
494 | else if (notify) |
495 | logit("Created directory '%s'.", dotsshdir)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 495 , 0, SYSLOG_LEVEL_INFO, ((void *)0), "Created directory '%s'." , dotsshdir); |
496 | } |
497 | out: |
498 | free(dotsshdir); |
499 | } |
500 | |
501 | |
502 | /* |
503 | * Appends an entry to the host file. Returns false if the entry could not |
504 | * be appended. |
505 | */ |
506 | int |
507 | add_host_to_hostfile(const char *filename, const char *host, |
508 | const struct sshkey *key, int store_hash) |
509 | { |
510 | FILE *f; |
511 | int success, addnl = 0; |
512 | |
513 | if (key == NULL((void *)0)) |
514 | return 1; /* XXX ? */ |
515 | hostfile_create_user_ssh_dir(filename, 0); |
516 | f = fopen(filename, "a+"); |
517 | if (!f) |
518 | return 0; |
519 | /* Make sure we have a terminating newline. */ |
520 | if (fseek(f, -1L, SEEK_END2) == 0 && fgetc(f) != '\n') |
521 | addnl = 1; |
522 | if (fseek(f, 0L, SEEK_END2) != 0 || (addnl && fputc('\n', f) != '\n')) { |
523 | error("Failed to add terminating newline to %s: %s",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 524 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Failed to add terminating newline to %s: %s" , filename, strerror((*__errno()))) |
524 | filename, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 524 , 0, SYSLOG_LEVEL_ERROR, ((void *)0), "Failed to add terminating newline to %s: %s" , filename, strerror((*__errno()))); |
525 | fclose(f); |
526 | return 0; |
527 | } |
528 | success = write_host_entry(f, host, NULL((void *)0), key, store_hash); |
529 | fclose(f); |
530 | return success; |
531 | } |
532 | |
533 | struct host_delete_ctx { |
534 | FILE *out; |
535 | int quiet; |
536 | const char *host, *ip; |
537 | u_int *match_keys; /* mask of HKF_MATCH_* for this key */ |
538 | struct sshkey * const *keys; |
539 | size_t nkeys; |
540 | int modified; |
541 | }; |
542 | |
543 | static int |
544 | host_delete(struct hostkey_foreach_line *l, void *_ctx) |
545 | { |
546 | struct host_delete_ctx *ctx = (struct host_delete_ctx *)_ctx; |
547 | int loglevel = ctx->quiet ? SYSLOG_LEVEL_DEBUG1 : SYSLOG_LEVEL_VERBOSE; |
548 | size_t i; |
549 | |
550 | /* Don't remove CA and revocation lines */ |
551 | if (l->status == HKF_STATUS_MATCHED3 && l->marker == MRK_NONE) { |
552 | /* |
553 | * If this line contains one of the keys that we will be |
554 | * adding later, then don't change it and mark the key for |
555 | * skipping. |
556 | */ |
557 | for (i = 0; i < ctx->nkeys; i++) { |
558 | if (!sshkey_equal(ctx->keys[i], l->key)) |
559 | continue; |
560 | ctx->match_keys[i] |= l->match; |
561 | fprintf(ctx->out, "%s\n", l->line); |
562 | debug3_f("%s key already at %s:%ld",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 563 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "%s key already at %s:%ld" , sshkey_type(l->key), l->path, l->linenum) |
563 | sshkey_type(l->key), l->path, l->linenum)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 563 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "%s key already at %s:%ld" , sshkey_type(l->key), l->path, l->linenum); |
564 | return 0; |
565 | } |
566 | |
567 | /* |
568 | * Hostname matches and has no CA/revoke marker, delete it |
569 | * by *not* writing the line to ctx->out. |
570 | */ |
571 | do_log2(loglevel, "%s%s%s:%ld: Removed %s key for host %s",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 573 , 0, loglevel, ((void *)0), "%s%s%s:%ld: Removed %s key for host %s" , ctx->quiet ? __func__ : "", ctx->quiet ? ": " : "", l ->path, l->linenum, sshkey_type(l->key), ctx->host ) |
572 | ctx->quiet ? __func__ : "", ctx->quiet ? ": " : "",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 573 , 0, loglevel, ((void *)0), "%s%s%s:%ld: Removed %s key for host %s" , ctx->quiet ? __func__ : "", ctx->quiet ? ": " : "", l ->path, l->linenum, sshkey_type(l->key), ctx->host ) |
573 | l->path, l->linenum, sshkey_type(l->key), ctx->host)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 573 , 0, loglevel, ((void *)0), "%s%s%s:%ld: Removed %s key for host %s" , ctx->quiet ? __func__ : "", ctx->quiet ? ": " : "", l ->path, l->linenum, sshkey_type(l->key), ctx->host ); |
574 | ctx->modified = 1; |
575 | return 0; |
576 | } |
577 | /* Retain non-matching hosts and invalid lines when deleting */ |
578 | if (l->status == HKF_STATUS_INVALID1) { |
579 | do_log2(loglevel, "%s%s%s:%ld: invalid known_hosts entry",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 581 , 0, loglevel, ((void *)0), "%s%s%s:%ld: invalid known_hosts entry" , ctx->quiet ? __func__ : "", ctx->quiet ? ": " : "", l ->path, l->linenum) |
580 | ctx->quiet ? __func__ : "", ctx->quiet ? ": " : "",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 581 , 0, loglevel, ((void *)0), "%s%s%s:%ld: invalid known_hosts entry" , ctx->quiet ? __func__ : "", ctx->quiet ? ": " : "", l ->path, l->linenum) |
581 | l->path, l->linenum)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 581 , 0, loglevel, ((void *)0), "%s%s%s:%ld: invalid known_hosts entry" , ctx->quiet ? __func__ : "", ctx->quiet ? ": " : "", l ->path, l->linenum); |
582 | } |
583 | fprintf(ctx->out, "%s\n", l->line); |
584 | return 0; |
585 | } |
586 | |
587 | int |
588 | hostfile_replace_entries(const char *filename, const char *host, const char *ip, |
589 | struct sshkey **keys, size_t nkeys, int store_hash, int quiet, int hash_alg) |
590 | { |
591 | int r, fd, oerrno = 0; |
592 | int loglevel = quiet ? SYSLOG_LEVEL_DEBUG1 : SYSLOG_LEVEL_VERBOSE; |
593 | struct host_delete_ctx ctx; |
594 | char *fp, *temp = NULL((void *)0), *back = NULL((void *)0); |
595 | const char *what; |
596 | mode_t omask; |
597 | size_t i; |
598 | u_int want; |
599 | |
600 | omask = umask(077); |
601 | |
602 | memset(&ctx, 0, sizeof(ctx)); |
603 | ctx.host = host; |
604 | ctx.ip = ip; |
605 | ctx.quiet = quiet; |
606 | |
607 | if ((ctx.match_keys = calloc(nkeys, sizeof(*ctx.match_keys))) == NULL((void *)0)) |
608 | return SSH_ERR_ALLOC_FAIL-2; |
609 | ctx.keys = keys; |
610 | ctx.nkeys = nkeys; |
611 | ctx.modified = 0; |
612 | |
613 | /* |
614 | * Prepare temporary file for in-place deletion. |
615 | */ |
616 | if ((r = asprintf(&temp, "%s.XXXXXXXXXXX", filename)) == -1 || |
617 | (r = asprintf(&back, "%s.old", filename)) == -1) { |
Although the value stored to 'r' is used in the enclosing expression, the value is never actually read from 'r' | |
618 | r = SSH_ERR_ALLOC_FAIL-2; |
619 | goto fail; |
620 | } |
621 | |
622 | if ((fd = mkstemp(temp)) == -1) { |
623 | oerrno = errno(*__errno()); |
624 | error_f("mkstemp: %s", strerror(oerrno))sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 624 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "mkstemp: %s", strerror (oerrno)); |
625 | r = SSH_ERR_SYSTEM_ERROR-24; |
626 | goto fail; |
627 | } |
628 | if ((ctx.out = fdopen(fd, "w")) == NULL((void *)0)) { |
629 | oerrno = errno(*__errno()); |
630 | close(fd); |
631 | error_f("fdopen: %s", strerror(oerrno))sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 631 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "fdopen: %s", strerror( oerrno)); |
632 | r = SSH_ERR_SYSTEM_ERROR-24; |
633 | goto fail; |
634 | } |
635 | |
636 | /* Remove stale/mismatching entries for the specified host */ |
637 | if ((r = hostkeys_foreach(filename, host_delete, &ctx, host, ip, |
638 | HKF_WANT_PARSE_KEY(1<<1), 0)) != 0) { |
639 | oerrno = errno(*__errno()); |
640 | error_fr(r, "hostkeys_foreach")sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 640 , 1, SYSLOG_LEVEL_ERROR, ssh_err(r), "hostkeys_foreach"); |
641 | goto fail; |
642 | } |
643 | |
644 | /* Re-add the requested keys */ |
645 | want = HKF_MATCH_HOST(1) | (ip == NULL((void *)0) ? 0 : HKF_MATCH_IP(1<<1)); |
646 | for (i = 0; i < nkeys; i++) { |
647 | if (keys[i] == NULL((void *)0) || (want & ctx.match_keys[i]) == want) |
648 | continue; |
649 | if ((fp = sshkey_fingerprint(keys[i], hash_alg, |
650 | SSH_FP_DEFAULT)) == NULL((void *)0)) { |
651 | r = SSH_ERR_ALLOC_FAIL-2; |
652 | goto fail; |
653 | } |
654 | /* write host/ip */ |
655 | what = ""; |
656 | if (ctx.match_keys[i] == 0) { |
657 | what = "Adding new key"; |
658 | if (!write_host_entry(ctx.out, host, ip, |
659 | keys[i], store_hash)) { |
660 | r = SSH_ERR_INTERNAL_ERROR-1; |
661 | goto fail; |
662 | } |
663 | } else if ((want & ~ctx.match_keys[i]) == HKF_MATCH_HOST(1)) { |
664 | what = "Fixing match (hostname)"; |
665 | if (!write_host_entry(ctx.out, host, NULL((void *)0), |
666 | keys[i], store_hash)) { |
667 | r = SSH_ERR_INTERNAL_ERROR-1; |
668 | goto fail; |
669 | } |
670 | } else if ((want & ~ctx.match_keys[i]) == HKF_MATCH_IP(1<<1)) { |
671 | what = "Fixing match (address)"; |
672 | if (!write_host_entry(ctx.out, ip, NULL((void *)0), |
673 | keys[i], store_hash)) { |
674 | r = SSH_ERR_INTERNAL_ERROR-1; |
675 | goto fail; |
676 | } |
677 | } |
678 | do_log2(loglevel, "%s%s%s for %s%s%s to %s: %s %s",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 681 , 0, loglevel, ((void *)0), "%s%s%s for %s%s%s to %s: %s %s", quiet ? __func__ : "", quiet ? ": " : "", what, host, ip == ( (void *)0) ? "" : ",", ip == ((void *)0) ? "" : ip, filename, sshkey_ssh_name(keys[i]), fp) |
679 | quiet ? __func__ : "", quiet ? ": " : "", what,sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 681 , 0, loglevel, ((void *)0), "%s%s%s for %s%s%s to %s: %s %s", quiet ? __func__ : "", quiet ? ": " : "", what, host, ip == ( (void *)0) ? "" : ",", ip == ((void *)0) ? "" : ip, filename, sshkey_ssh_name(keys[i]), fp) |
680 | host, ip == NULL ? "" : ",", ip == NULL ? "" : ip, filename,sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 681 , 0, loglevel, ((void *)0), "%s%s%s for %s%s%s to %s: %s %s", quiet ? __func__ : "", quiet ? ": " : "", what, host, ip == ( (void *)0) ? "" : ",", ip == ((void *)0) ? "" : ip, filename, sshkey_ssh_name(keys[i]), fp) |
681 | sshkey_ssh_name(keys[i]), fp)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 681 , 0, loglevel, ((void *)0), "%s%s%s for %s%s%s to %s: %s %s", quiet ? __func__ : "", quiet ? ": " : "", what, host, ip == ( (void *)0) ? "" : ",", ip == ((void *)0) ? "" : ip, filename, sshkey_ssh_name(keys[i]), fp); |
682 | free(fp); |
683 | ctx.modified = 1; |
684 | } |
685 | fclose(ctx.out); |
686 | ctx.out = NULL((void *)0); |
687 | |
688 | if (ctx.modified) { |
689 | /* Backup the original file and replace it with the temporary */ |
690 | if (unlink(back) == -1 && errno(*__errno()) != ENOENT2) { |
691 | oerrno = errno(*__errno()); |
692 | error_f("unlink %.100s: %s", back, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 692 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "unlink %.100s: %s", back , strerror((*__errno()))); |
693 | r = SSH_ERR_SYSTEM_ERROR-24; |
694 | goto fail; |
695 | } |
696 | if (link(filename, back) == -1) { |
697 | oerrno = errno(*__errno()); |
698 | error_f("link %.100s to %.100s: %s", filename,sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 699 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "link %.100s to %.100s: %s" , filename, back, strerror((*__errno()))) |
699 | back, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 699 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "link %.100s to %.100s: %s" , filename, back, strerror((*__errno()))); |
700 | r = SSH_ERR_SYSTEM_ERROR-24; |
701 | goto fail; |
702 | } |
703 | if (rename(temp, filename) == -1) { |
704 | oerrno = errno(*__errno()); |
705 | error_f("rename \"%s\" to \"%s\": %s", temp,sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 706 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "rename \"%s\" to \"%s\": %s" , temp, filename, strerror((*__errno()))) |
706 | filename, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 706 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "rename \"%s\" to \"%s\": %s" , temp, filename, strerror((*__errno()))); |
707 | r = SSH_ERR_SYSTEM_ERROR-24; |
708 | goto fail; |
709 | } |
710 | } else { |
711 | /* No changes made; just delete the temporary file */ |
712 | if (unlink(temp) != 0) |
713 | error_f("unlink \"%s\": %s", temp, strerror(errno))sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 713 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "unlink \"%s\": %s", temp , strerror((*__errno()))); |
714 | } |
715 | |
716 | /* success */ |
717 | r = 0; |
718 | fail: |
719 | if (temp != NULL((void *)0) && r != 0) |
720 | unlink(temp); |
721 | free(temp); |
722 | free(back); |
723 | if (ctx.out != NULL((void *)0)) |
724 | fclose(ctx.out); |
725 | free(ctx.match_keys); |
726 | umask(omask); |
727 | if (r == SSH_ERR_SYSTEM_ERROR-24) |
728 | errno(*__errno()) = oerrno; |
729 | return r; |
730 | } |
731 | |
732 | static int |
733 | match_maybe_hashed(const char *host, const char *names, int *was_hashed) |
734 | { |
735 | int hashed = *names == HASH_DELIM'|', ret; |
736 | char *hashed_host = NULL((void *)0); |
737 | size_t nlen = strlen(names); |
738 | |
739 | if (was_hashed != NULL((void *)0)) |
740 | *was_hashed = hashed; |
741 | if (hashed) { |
742 | if ((hashed_host = host_hash(host, names, nlen)) == NULL((void *)0)) |
743 | return -1; |
744 | ret = (nlen == strlen(hashed_host) && |
745 | strncmp(hashed_host, names, nlen) == 0); |
746 | free(hashed_host); |
747 | return ret; |
748 | } |
749 | return match_hostname(host, names) == 1; |
750 | } |
751 | |
752 | int |
753 | hostkeys_foreach_file(const char *path, FILE *f, hostkeys_foreach_fn *callback, |
754 | void *ctx, const char *host, const char *ip, u_int options, u_int note) |
755 | { |
756 | char *line = NULL((void *)0), ktype[128]; |
757 | u_long linenum = 0; |
758 | char *cp, *cp2; |
759 | u_int kbits; |
760 | int hashed; |
761 | int s, r = 0; |
762 | struct hostkey_foreach_line lineinfo; |
763 | size_t linesize = 0, l; |
764 | |
765 | memset(&lineinfo, 0, sizeof(lineinfo)); |
766 | if (host == NULL((void *)0) && (options & HKF_WANT_MATCH(1)) != 0) |
767 | return SSH_ERR_INVALID_ARGUMENT-10; |
768 | |
769 | while (getline(&line, &linesize, f) != -1) { |
770 | linenum++; |
771 | line[strcspn(line, "\n")] = '\0'; |
772 | |
773 | free(lineinfo.line); |
774 | sshkey_free(lineinfo.key); |
775 | memset(&lineinfo, 0, sizeof(lineinfo)); |
776 | lineinfo.path = path; |
777 | lineinfo.linenum = linenum; |
778 | lineinfo.line = xstrdup(line); |
779 | lineinfo.marker = MRK_NONE; |
780 | lineinfo.status = HKF_STATUS_OK0; |
781 | lineinfo.keytype = KEY_UNSPEC; |
782 | lineinfo.note = note; |
783 | |
784 | /* Skip any leading whitespace, comments and empty lines. */ |
785 | for (cp = line; *cp == ' ' || *cp == '\t'; cp++) |
786 | ; |
787 | if (!*cp || *cp == '#' || *cp == '\n') { |
788 | if ((options & HKF_WANT_MATCH(1)) == 0) { |
789 | lineinfo.status = HKF_STATUS_COMMENT2; |
790 | if ((r = callback(&lineinfo, ctx)) != 0) |
791 | break; |
792 | } |
793 | continue; |
794 | } |
795 | |
796 | if ((lineinfo.marker = check_markers(&cp)) == MRK_ERROR) { |
797 | verbose_f("invalid marker at %s:%lu", path, linenum)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 797 , 1, SYSLOG_LEVEL_VERBOSE, ((void *)0), "invalid marker at %s:%lu" , path, linenum); |
798 | if ((options & HKF_WANT_MATCH(1)) == 0) |
799 | goto bad; |
800 | continue; |
801 | } |
802 | |
803 | /* Find the end of the host name portion. */ |
804 | for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++) |
805 | ; |
806 | lineinfo.hosts = cp; |
807 | *cp2++ = '\0'; |
808 | |
809 | /* Check if the host name matches. */ |
810 | if (host != NULL((void *)0)) { |
811 | if ((s = match_maybe_hashed(host, lineinfo.hosts, |
812 | &hashed)) == -1) { |
813 | debug2_f("%s:%ld: bad host hash \"%.32s\"",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 814 , 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "%s:%ld: bad host hash \"%.32s\"" , path, linenum, lineinfo.hosts) |
814 | path, linenum, lineinfo.hosts)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 814 , 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "%s:%ld: bad host hash \"%.32s\"" , path, linenum, lineinfo.hosts); |
815 | goto bad; |
816 | } |
817 | if (s == 1) { |
818 | lineinfo.status = HKF_STATUS_MATCHED3; |
819 | lineinfo.match |= HKF_MATCH_HOST(1) | |
820 | (hashed ? HKF_MATCH_HOST_HASHED(1<<2) : 0); |
821 | } |
822 | /* Try matching IP address if supplied */ |
823 | if (ip != NULL((void *)0)) { |
824 | if ((s = match_maybe_hashed(ip, lineinfo.hosts, |
825 | &hashed)) == -1) { |
826 | debug2_f("%s:%ld: bad ip hash "sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 828 , 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "%s:%ld: bad ip hash " "\"%.32s\"", path, linenum, lineinfo.hosts) |
827 | "\"%.32s\"", path, linenum,sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 828 , 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "%s:%ld: bad ip hash " "\"%.32s\"", path, linenum, lineinfo.hosts) |
828 | lineinfo.hosts)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 828 , 1, SYSLOG_LEVEL_DEBUG2, ((void *)0), "%s:%ld: bad ip hash " "\"%.32s\"", path, linenum, lineinfo.hosts); |
829 | goto bad; |
830 | } |
831 | if (s == 1) { |
832 | lineinfo.status = HKF_STATUS_MATCHED3; |
833 | lineinfo.match |= HKF_MATCH_IP(1<<1) | |
834 | (hashed ? HKF_MATCH_IP_HASHED(1<<3) : 0); |
835 | } |
836 | } |
837 | /* |
838 | * Skip this line if host matching requested and |
839 | * neither host nor address matched. |
840 | */ |
841 | if ((options & HKF_WANT_MATCH(1)) != 0 && |
842 | lineinfo.status != HKF_STATUS_MATCHED3) |
843 | continue; |
844 | } |
845 | |
846 | /* Got a match. Skip host name and any following whitespace */ |
847 | for (; *cp2 == ' ' || *cp2 == '\t'; cp2++) |
848 | ; |
849 | if (*cp2 == '\0' || *cp2 == '#') { |
850 | debug2("%s:%ld: truncated before key type",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 851 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "%s:%ld: truncated before key type" , path, linenum) |
851 | path, linenum)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 851 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "%s:%ld: truncated before key type" , path, linenum); |
852 | goto bad; |
853 | } |
854 | lineinfo.rawkey = cp = cp2; |
855 | |
856 | if ((options & HKF_WANT_PARSE_KEY(1<<1)) != 0) { |
857 | /* |
858 | * Extract the key from the line. This will skip |
859 | * any leading whitespace. Ignore badly formatted |
860 | * lines. |
861 | */ |
862 | if ((lineinfo.key = sshkey_new(KEY_UNSPEC)) == NULL((void *)0)) { |
863 | error_f("sshkey_new failed")sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 863 , 1, SYSLOG_LEVEL_ERROR, ((void *)0), "sshkey_new failed"); |
864 | r = SSH_ERR_ALLOC_FAIL-2; |
865 | break; |
866 | } |
867 | if (!hostfile_read_key(&cp, &kbits, lineinfo.key)) { |
868 | goto bad; |
869 | } |
870 | lineinfo.keytype = lineinfo.key->type; |
871 | lineinfo.comment = cp; |
872 | } else { |
873 | /* Extract and parse key type */ |
874 | l = strcspn(lineinfo.rawkey, " \t"); |
875 | if (l <= 1 || l >= sizeof(ktype) || |
876 | lineinfo.rawkey[l] == '\0') |
877 | goto bad; |
878 | memcpy(ktype, lineinfo.rawkey, l); |
879 | ktype[l] = '\0'; |
880 | lineinfo.keytype = sshkey_type_from_name(ktype); |
881 | |
882 | /* |
883 | * Assume legacy RSA1 if the first component is a short |
884 | * decimal number. |
885 | */ |
886 | if (lineinfo.keytype == KEY_UNSPEC && l < 8 && |
887 | strspn(ktype, "0123456789") == l) |
888 | goto bad; |
889 | |
890 | /* |
891 | * Check that something other than whitespace follows |
892 | * the key type. This won't catch all corruption, but |
893 | * it does catch trivial truncation. |
894 | */ |
895 | cp2 += l; /* Skip past key type */ |
896 | for (; *cp2 == ' ' || *cp2 == '\t'; cp2++) |
897 | ; |
898 | if (*cp2 == '\0' || *cp2 == '#') { |
899 | debug2("%s:%ld: truncated after key type",sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 900 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "%s:%ld: truncated after key type" , path, linenum) |
900 | path, linenum)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 900 , 0, SYSLOG_LEVEL_DEBUG2, ((void *)0), "%s:%ld: truncated after key type" , path, linenum); |
901 | lineinfo.keytype = KEY_UNSPEC; |
902 | } |
903 | if (lineinfo.keytype == KEY_UNSPEC) { |
904 | bad: |
905 | sshkey_free(lineinfo.key); |
906 | lineinfo.key = NULL((void *)0); |
907 | lineinfo.status = HKF_STATUS_INVALID1; |
908 | if ((r = callback(&lineinfo, ctx)) != 0) |
909 | break; |
910 | continue; |
911 | } |
912 | } |
913 | if ((r = callback(&lineinfo, ctx)) != 0) |
914 | break; |
915 | } |
916 | sshkey_free(lineinfo.key); |
917 | free(lineinfo.line); |
918 | free(line); |
919 | return r; |
920 | } |
921 | |
922 | int |
923 | hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx, |
924 | const char *host, const char *ip, u_int options, u_int note) |
925 | { |
926 | FILE *f; |
927 | int r, oerrno; |
928 | |
929 | if ((f = fopen(path, "r")) == NULL((void *)0)) |
930 | return SSH_ERR_SYSTEM_ERROR-24; |
931 | |
932 | debug3_f("reading file \"%s\"", path)sshlog("/usr/src/usr.bin/ssh/ssh/../hostfile.c", __func__, 932 , 1, SYSLOG_LEVEL_DEBUG3, ((void *)0), "reading file \"%s\"", path); |
933 | r = hostkeys_foreach_file(path, f, callback, ctx, host, ip, |
934 | options, note); |
935 | oerrno = errno(*__errno()); |
936 | fclose(f); |
937 | errno(*__errno()) = oerrno; |
938 | return r; |
939 | } |