=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-keyscan.c,v retrieving revision 1.22.4.3 retrieving revision 1.23 diff -u -r1.22.4.3 -r1.23 --- src/usr.bin/ssh/ssh-keyscan.c 2002/03/09 00:20:45 1.22.4.3 +++ src/usr.bin/ssh/ssh-keyscan.c 2001/06/05 05:05:39 1.23 @@ -7,41 +7,26 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keyscan.c,v 1.22.4.3 2002/03/09 00:20:45 miod Exp $"); +RCSID("$OpenBSD: ssh-keyscan.c,v 1.23 2001/06/05 05:05:39 pvalchev Exp $"); #include #include #include -#include #include "xmalloc.h" #include "ssh.h" #include "ssh1.h" #include "key.h" -#include "kex.h" -#include "compat.h" -#include "myproposal.h" -#include "packet.h" -#include "dispatch.h" #include "buffer.h" #include "bufaux.h" #include "log.h" #include "atomicio.h" -#include "misc.h" -/* Flag indicating whether IPv4 or IPv6. This can be set on the command line. - Default value is AF_UNSPEC means both IPv4 and IPv6. */ -int IPv4or6 = AF_UNSPEC; +static int argno = 1; /* Number of argument currently being parsed */ -int ssh_port = SSH_DEFAULT_PORT; +int family = AF_UNSPEC; /* IPv4, IPv6 or both */ -#define KT_RSA1 1 -#define KT_DSA 2 -#define KT_RSA 4 - -int get_keytypes = KT_RSA1; /* Get only RSA1 keys by default */ - #define MAXMAXFD 256 /* The number of seconds after which to give up on a TCP connection */ @@ -54,9 +39,6 @@ fd_set *read_wait; size_t read_wait_size; int ncon; -int nonfatal_fatal = 0; -jmp_buf kexjmp; -Key *kexjmp_key; /* * Keep a connection structure for each file descriptor. The state @@ -72,13 +54,11 @@ int c_plen; /* Packet length field for ssh packet */ int c_len; /* Total bytes which must be read. */ int c_off; /* Length of data read so far. */ - int c_keytype; /* Only one of KT_RSA1, KT_DSA, or KT_RSA */ char *c_namebase; /* Address to free for c_name and c_namelist */ char *c_name; /* Hostname of connection for errors */ char *c_namelist; /* Pointer to other possible addresses */ char *c_output_name; /* Hostname of connection for output */ char *c_data; /* Data read from this fd */ - Kex *c_kex; /* The key-exchange struct for ssh2 */ struct timeval c_tv; /* Time at which connection gets aborted */ TAILQ_ENTRY(Connection) c_link; /* List of connections in timeout order. */ } con; @@ -102,7 +82,7 @@ void (*errfun) (const char *,...); } Linebuf; -static Linebuf * +Linebuf * Linebuf_alloc(const char *filename, void (*errfun) (const char *,...)) { Linebuf *lb; @@ -136,7 +116,7 @@ return (lb); } -static void +void Linebuf_free(Linebuf * lb) { fclose(lb->stream); @@ -144,8 +124,7 @@ xfree(lb); } -#if 0 -static void +void Linebuf_restart(Linebuf * lb) { clearerr(lb->stream); @@ -153,14 +132,13 @@ lb->lineno = 0; } -static int +int Linebuf_lineno(Linebuf * lb) { return (lb->lineno); } -#endif -static char * +char * Linebuf_getline(Linebuf * lb) { int n = 0; @@ -197,7 +175,7 @@ } } -static int +int fdlim_get(int hard) { struct rlimit rlfd; @@ -210,7 +188,7 @@ return hard ? rlfd.rlim_max : rlfd.rlim_cur; } -static int +int fdlim_set(int lim) { struct rlimit rlfd; @@ -229,7 +207,7 @@ * separators. This is the same as the 4.4BSD strsep, but different from the * one in the GNU libc. */ -static char * +char * xstrsep(char **str, const char *delim) { char *s, *e; @@ -251,7 +229,7 @@ * Get the next non-null token (like GNU strsep). Strsep() will return a * null token for two adjacent separators, so we may have to loop. */ -static char * +char * strnnsep(char **stringp, char *delim) { char *tok; @@ -262,8 +240,8 @@ return (tok); } -static Key * -keygrab_ssh1(con *c) +void +keyprint(char *host, char *output_name, char *kd, int len) { static Key *rsa; static Buffer msg; @@ -272,12 +250,12 @@ buffer_init(&msg); rsa = key_new(KEY_RSA1); } - buffer_append(&msg, c->c_data, c->c_plen); - buffer_consume(&msg, 8 - (c->c_plen & 7)); /* padding */ + buffer_append(&msg, kd, len); + buffer_consume(&msg, 8 - (len & 7)); /* padding */ if (buffer_get_char(&msg) != (int) SSH_SMSG_PUBLIC_KEY) { - error("%s: invalid packet type", c->c_name); + error("%s: invalid packet type", host); buffer_clear(&msg); - return NULL; + return; } buffer_consume(&msg, 8); /* cookie */ @@ -290,82 +268,23 @@ (void) buffer_get_int(&msg); buffer_get_bignum(&msg, rsa->rsa->e); buffer_get_bignum(&msg, rsa->rsa->n); - buffer_clear(&msg); - return (rsa); -} - -static int -hostjump(Key *hostkey) -{ - kexjmp_key = hostkey; - longjmp(kexjmp, 1); -} - -static int -ssh2_capable(int remote_major, int remote_minor) -{ - switch (remote_major) { - case 1: - if (remote_minor == 99) - return 1; - break; - case 2: - return 1; - default: - break; - } - return 0; -} - -static Key * -keygrab_ssh2(con *c) -{ - int j; - - packet_set_connection(c->c_fd, c->c_fd); - enable_compat20(); - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? - "ssh-dss": "ssh-rsa"; - c->c_kex = kex_setup(myproposal); - c->c_kex->verify_host_key = hostjump; - - if (!(j = setjmp(kexjmp))) { - nonfatal_fatal = 1; - dispatch_run(DISPATCH_BLOCK, &c->c_kex->done, c->c_kex); - fprintf(stderr, "Impossible! dispatch_run() returned!\n"); - exit(1); - } - nonfatal_fatal = 0; - xfree(c->c_kex); - c->c_kex = NULL; - packet_close(); - - return j < 0? NULL : kexjmp_key; -} - -static void -keyprint(con *c, Key *key) -{ - if (!key) - return; - - fprintf(stdout, "%s ", c->c_output_name ? c->c_output_name : c->c_name); - key_write(key, stdout); + fprintf(stdout, "%s ", output_name ? output_name : host); + key_write(rsa, stdout); fputs("\n", stdout); } -static int +int tcpconnect(char *host) { struct addrinfo hints, *ai, *aitop; char strport[NI_MAXSERV]; int gaierr, s = -1; - snprintf(strport, sizeof strport, "%d", ssh_port); + snprintf(strport, sizeof strport, "%d", SSH_DEFAULT_PORT); memset(&hints, 0, sizeof(hints)); - hints.ai_family = IPv4or6; + hints.ai_family = family; hints.ai_socktype = SOCK_STREAM; if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) fatal("getaddrinfo %s: %s", host, gai_strerror(gaierr)); @@ -389,8 +308,8 @@ return s; } -static int -conalloc(char *iname, char *oname, int keytype) +int +conalloc(char *iname, char *oname) { int s; char *namebase, *name, *namelist; @@ -419,7 +338,6 @@ fdcon[s].c_data = (char *) &fdcon[s].c_plen; fdcon[s].c_len = 4; fdcon[s].c_off = 0; - fdcon[s].c_keytype = keytype; gettimeofday(&fdcon[s].c_tv, NULL); fdcon[s].c_tv.tv_sec += timeout; TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link); @@ -428,7 +346,7 @@ return (s); } -static void +void confree(int s) { if (s >= maxfd || fdcon[s].c_status == CS_UNUSED) @@ -439,13 +357,12 @@ if (fdcon[s].c_status == CS_KEYS) xfree(fdcon[s].c_data); fdcon[s].c_status = CS_UNUSED; - fdcon[s].c_keytype = 0; TAILQ_REMOVE(&tq, &fdcon[s], c_link); FD_CLR(s, read_wait); ncon--; } -static void +void contouch(int s) { TAILQ_REMOVE(&tq, &fdcon[s], c_link); @@ -454,85 +371,58 @@ TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link); } -static int +int conrecycle(int s) { int ret; con *c = &fdcon[s]; + char *iname, *oname; - ret = conalloc(c->c_namelist, c->c_output_name, c->c_keytype); + iname = xstrdup(c->c_namelist); + oname = xstrdup(c->c_output_name); confree(s); + ret = conalloc(iname, oname); + xfree(iname); + xfree(oname); return (ret); } -static void +void congreet(int s) { - char buf[256], *cp; - char remote_version[sizeof buf]; + char buf[80], *cp; size_t bufsiz; - int remote_major, remote_minor, n = 0; + int n = 0; con *c = &fdcon[s]; bufsiz = sizeof(buf); cp = buf; - while (bufsiz-- && (n = read(s, cp, 1)) == 1 && *cp != '\n') { - if (*cp == '\r') - *cp = '\n'; + while (bufsiz-- && (n = read(s, cp, 1)) == 1 && *cp != '\n' && *cp != '\r') cp++; - } if (n < 0) { if (errno != ECONNREFUSED) error("read (%s): %s", c->c_name, strerror(errno)); conrecycle(s); return; } - if (n == 0) { - error("%s: Connection closed by remote host", c->c_name); - conrecycle(s); - return; - } if (*cp != '\n' && *cp != '\r') { error("%s: bad greeting", c->c_name); confree(s); return; } *cp = '\0'; - if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", - &remote_major, &remote_minor, remote_version) == 3) - compat_datafellows(remote_version); - else - datafellows = 0; - if (c->c_keytype != KT_RSA1) { - if (!ssh2_capable(remote_major, remote_minor)) { - debug("%s doesn't support ssh2", c->c_name); - confree(s); - return; - } - } else if (remote_major != 1) { - debug("%s doesn't support ssh1", c->c_name); - confree(s); - return; - } - fprintf(stderr, "# %s %s\n", c->c_name, chop(buf)); - n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n", - c->c_keytype == KT_RSA1? PROTOCOL_MAJOR_1 : PROTOCOL_MAJOR_2, - c->c_keytype == KT_RSA1? PROTOCOL_MINOR_1 : PROTOCOL_MINOR_2); + fprintf(stderr, "# %s %s\n", c->c_name, buf); + n = snprintf(buf, sizeof buf, "SSH-1.5-OpenSSH-keyscan\r\n"); if (atomicio(write, s, buf, n) != n) { error("write (%s): %s", c->c_name, strerror(errno)); confree(s); return; } - if (c->c_keytype != KT_RSA1) { - keyprint(c, keygrab_ssh2(c)); - confree(s); - return; - } c->c_status = CS_SIZE; contouch(s); } -static void +void conread(int s) { int n; @@ -560,7 +450,7 @@ c->c_status = CS_KEYS; break; case CS_KEYS: - keyprint(c, keygrab_ssh1(c)); + keyprint(c->c_name, c->c_output_name, c->c_data, c->c_plen); confree(s); return; break; @@ -572,7 +462,7 @@ contouch(s); } -static void +void conloop(void) { fd_set *r, *e; @@ -624,133 +514,81 @@ } } -static void -do_host(char *host) +char * +nexthost(int argc, char **argv) { - char *name = strnnsep(&host, " \t\n"); - int j; + static Linebuf *lb; - if (name == NULL) - return; - for (j = KT_RSA1; j <= KT_RSA; j *= 2) { - if (get_keytypes & j) { - while (ncon >= MAXCON) - conloop(); - conalloc(name, *host ? host : name, j); + for (;;) { + if (!lb) { + if (argno >= argc) + return (NULL); + if (argv[argno][0] != '-') + return (argv[argno++]); + if (!strcmp(argv[argno], "--")) { + if (++argno >= argc) + return (NULL); + return (argv[argno++]); + } else if (!strncmp(argv[argno], "-f", 2)) { + char *fname; + + if (argv[argno][2]) + fname = &argv[argno++][2]; + else if (++argno >= argc) { + error("missing filename for `-f'"); + return (NULL); + } else + fname = argv[argno++]; + if (!strcmp(fname, "-")) + fname = NULL; + lb = Linebuf_alloc(fname, error); + } else + error("ignoring invalid/misplaced option `%s'", + argv[argno++]); + } else { + char *line; + + line = Linebuf_getline(lb); + if (line) + return (line); + Linebuf_free(lb); + lb = NULL; } } } void -fatal(const char *fmt,...) -{ - va_list args; - va_start(args, fmt); - do_log(SYSLOG_LEVEL_FATAL, fmt, args); - va_end(args); - if (nonfatal_fatal) - longjmp(kexjmp, -1); - else - fatal_cleanup(); -} - -static void usage(void) { - fprintf(stderr, "Usage: %s [options] host ...\n", - __progname); - fprintf(stderr, "Options:\n"); - fprintf(stderr, " -f file Read hosts or addresses from file.\n"); - fprintf(stderr, " -p port Connect to the specified port.\n"); - fprintf(stderr, " -t keytype Specify the host key type.\n"); - fprintf(stderr, " -T timeout Set connection timeout.\n"); - fprintf(stderr, " -v Verbose; display verbose debugging messages.\n"); - fprintf(stderr, " -4 Use IPv4 only.\n"); - fprintf(stderr, " -6 Use IPv6 only.\n"); - exit(1); + fatal("usage: %s [-t timeout] { [--] host | -f file } ...", __progname); + return; } int main(int argc, char **argv) { - int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO; - int opt, fopt_count = 0; - char *tname; + char *host = NULL; - extern int optind; - extern char *optarg; - TAILQ_INIT(&tq); - if (argc <= 1) + if (argc <= argno) usage(); - while ((opt = getopt(argc, argv, "v46p:T:t:f:")) != -1) { - switch (opt) { - case 'p': - ssh_port = a2port(optarg); - if (ssh_port == 0) { - fprintf(stderr, "Bad port '%s'\n", optarg); - exit(1); - } - break; - case 'T': - timeout = atoi(optarg); - if (timeout <= 0) + if (argv[1][0] == '-' && argv[1][1] == 't') { + argno++; + if (argv[1][2]) + timeout = atoi(&argv[1][2]); + else { + if (argno >= argc) usage(); - break; - case 'v': - if (!debug_flag) { - debug_flag = 1; - log_level = SYSLOG_LEVEL_DEBUG1; - } - else if (log_level < SYSLOG_LEVEL_DEBUG3) - log_level++; - else - fatal("Too high debugging level."); - break; - case 'f': - if (strcmp(optarg, "-") == 0) - optarg = NULL; - argv[fopt_count++] = optarg; - break; - case 't': - get_keytypes = 0; - tname = strtok(optarg, ","); - while (tname) { - int type = key_type_from_name(tname); - switch (type) { - case KEY_RSA1: - get_keytypes |= KT_RSA1; - break; - case KEY_DSA: - get_keytypes |= KT_DSA; - break; - case KEY_RSA: - get_keytypes |= KT_RSA; - break; - case KEY_UNSPEC: - fatal("unknown key type %s", tname); - } - tname = strtok(NULL, ","); - } - break; - case '4': - IPv4or6 = AF_INET; - break; - case '6': - IPv4or6 = AF_INET6; - break; - case '?': - default: - usage(); + timeout = atoi(argv[argno++]); } + if (timeout <= 0) + usage(); } - if (optind == argc && !fopt_count) + if (argc <= argno) usage(); - log_init("ssh-keyscan", log_level, SYSLOG_FACILITY_USER, 1); - maxfd = fdlim_get(1); if (maxfd < 0) fatal("%s: fdlim_get: bad value", __progname); @@ -767,24 +605,18 @@ read_wait = xmalloc(read_wait_size); memset(read_wait, 0, read_wait_size); - if (fopt_count) { - Linebuf *lb; - char *line; - int j; + do { + while (ncon < MAXCON) { + char *name; - for (j = 0; j < fopt_count; j++) { - lb = Linebuf_alloc(argv[j], error); - if (!lb) - continue; - while ((line = Linebuf_getline(lb)) != NULL) - do_host(line); - Linebuf_free(lb); + host = nexthost(argc, argv); + if (host == NULL) + break; + name = strnnsep(&host, " \t\n"); + conalloc(name, *host ? host : name); } - } - - while (optind < argc) - do_host(argv[optind++]); - + conloop(); + } while (host); while (ncon > 0) conloop();