[BACK]Return to sshconnect.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Annotation of src/usr.bin/ssh/sshconnect.c, Revision 1.231

1.231   ! djm         1: /* $OpenBSD: sshconnect.c,v 1.230 2010/12/14 11:59:06 markus Exp $ */
1.1       deraadt     2: /*
1.39      deraadt     3:  * Author: Tatu Ylonen <ylo@cs.hut.fi>
                      4:  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
                      5:  *                    All rights reserved
                      6:  * Code to connect to a remote host, and to perform the client side of the
                      7:  * login (authentication) dialog.
1.78      deraadt     8:  *
                      9:  * As far as I am concerned, the code I have written for this software
                     10:  * can be used freely for any purpose.  Any derived versions of this
                     11:  * software must be clearly marked as such, and if the derived work is
                     12:  * incompatible with the protocol description in the RFC file, it must be
                     13:  * called by a name other than "ssh" or "Secure Shell".
1.39      deraadt    14:  */
1.1       deraadt    15:
1.174     stevesk    16: #include <sys/types.h>
                     17: #include <sys/wait.h>
1.175     stevesk    18: #include <sys/stat.h>
1.187     stevesk    19: #include <sys/socket.h>
1.195     stevesk    20: #include <sys/time.h>
1.187     stevesk    21:
                     22: #include <netinet/in.h>
1.172     stevesk    23:
1.176     stevesk    24: #include <ctype.h>
1.190     stevesk    25: #include <errno.h>
1.216     dtucker    26: #include <fcntl.h>
1.191     stevesk    27: #include <netdb.h>
1.172     stevesk    28: #include <paths.h>
1.199     deraadt    29: #include <signal.h>
1.188     stevesk    30: #include <pwd.h>
1.198     stevesk    31: #include <stdio.h>
1.196     stevesk    32: #include <stdlib.h>
1.193     stevesk    33: #include <string.h>
1.192     stevesk    34: #include <unistd.h>
1.71      markus     35:
1.199     deraadt    36: #include "xmalloc.h"
1.91      markus     37: #include "ssh.h"
1.1       deraadt    38: #include "rsa.h"
1.59      markus     39: #include "buffer.h"
1.1       deraadt    40: #include "packet.h"
                     41: #include "uidswap.h"
1.21      markus     42: #include "compat.h"
1.58      markus     43: #include "key.h"
1.71      markus     44: #include "sshconnect.h"
1.58      markus     45: #include "hostfile.h"
1.91      markus     46: #include "log.h"
                     47: #include "readconf.h"
                     48: #include "atomicio.h"
                     49: #include "misc.h"
1.140     jakob      50: #include "dns.h"
1.214     andreas    51: #include "roaming.h"
1.219     djm        52: #include "ssh2.h"
1.186     stevesk    53: #include "version.h"
1.140     jakob      54:
1.70      markus     55: char *client_version_string = NULL;
                     56: char *server_version_string = NULL;
1.59      markus     57:
1.169     stevesk    58: static int matching_host_key_dns = 0;
1.145     jakob      59:
1.227     djm        60: static pid_t proxy_command_pid = 0;
                     61:
1.124     markus     62: /* import */
1.43      markus     63: extern Options options;
1.50      markus     64: extern char *__progname;
1.124     markus     65: extern uid_t original_real_uid;
                     66: extern uid_t original_effective_uid;
1.91      markus     67:
1.229     djm        68: static int show_other_keys(struct hostkeys *, Key *);
1.150     jakob      69: static void warn_changed_key(Key *);
1.132     markus     70:
1.39      deraadt    71: /*
                     72:  * Connect to the given ssh server using a proxy command.
                     73:  */
1.109     itojun     74: static int
1.124     markus     75: ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
1.1       deraadt    76: {
1.164     djm        77:        char *command_string, *tmp;
1.38      markus     78:        int pin[2], pout[2];
1.69      deraadt    79:        pid_t pid;
1.201     djm        80:        char *shell, strport[NI_MAXSERV];
                     81:
1.226     djm        82:        if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
1.201     djm        83:                shell = _PATH_BSHELL;
1.38      markus     84:
                     85:        /* Convert the port number into a string. */
1.49      markus     86:        snprintf(strport, sizeof strport, "%hu", port);
1.38      markus     87:
1.135     djm        88:        /*
                     89:         * Build the final command string in the buffer by making the
                     90:         * appropriate substitutions to the given proxy command.
                     91:         *
1.154     djm        92:         * Use "exec" to avoid "sh -c" processes on some platforms
1.135     djm        93:         * (e.g. Solaris)
                     94:         */
1.179     djm        95:        xasprintf(&tmp, "exec %s", proxy_command);
1.222     djm        96:        command_string = percent_expand(tmp, "h", host, "p", strport,
1.224     djm        97:            "r", options.user, (char *)NULL);
1.164     djm        98:        xfree(tmp);
1.38      markus     99:
                    100:        /* Create pipes for communicating with the proxy. */
                    101:        if (pipe(pin) < 0 || pipe(pout) < 0)
                    102:                fatal("Could not create pipes to communicate with the proxy: %.100s",
1.118     deraadt   103:                    strerror(errno));
1.38      markus    104:
                    105:        debug("Executing proxy command: %.500s", command_string);
                    106:
                    107:        /* Fork and execute the proxy command. */
                    108:        if ((pid = fork()) == 0) {
                    109:                char *argv[10];
                    110:
                    111:                /* Child.  Permanently give up superuser privileges. */
1.184     markus    112:                permanently_drop_suid(original_real_uid);
1.38      markus    113:
                    114:                /* Redirect stdin and stdout. */
                    115:                close(pin[1]);
                    116:                if (pin[0] != 0) {
                    117:                        if (dup2(pin[0], 0) < 0)
                    118:                                perror("dup2 stdin");
                    119:                        close(pin[0]);
                    120:                }
                    121:                close(pout[0]);
                    122:                if (dup2(pout[1], 1) < 0)
                    123:                        perror("dup2 stdout");
                    124:                /* Cannot be 1 because pin allocated two descriptors. */
                    125:                close(pout[1]);
                    126:
                    127:                /* Stderr is left as it is so that error messages get
                    128:                   printed on the user's terminal. */
1.201     djm       129:                argv[0] = shell;
1.38      markus    130:                argv[1] = "-c";
                    131:                argv[2] = command_string;
                    132:                argv[3] = NULL;
                    133:
                    134:                /* Execute the proxy command.  Note that we gave up any
                    135:                   extra privileges above. */
1.89      markus    136:                execv(argv[0], argv);
                    137:                perror(argv[0]);
1.38      markus    138:                exit(1);
                    139:        }
                    140:        /* Parent. */
                    141:        if (pid < 0)
                    142:                fatal("fork failed: %.100s", strerror(errno));
1.135     djm       143:        else
                    144:                proxy_command_pid = pid; /* save pid to clean up later */
1.38      markus    145:
                    146:        /* Close child side of the descriptors. */
                    147:        close(pin[0]);
                    148:        close(pout[1]);
                    149:
                    150:        /* Free the command name. */
1.164     djm       151:        xfree(command_string);
1.38      markus    152:
                    153:        /* Set the connection file descriptors. */
                    154:        packet_set_connection(pout[0], pin[1]);
1.207     dtucker   155:        packet_set_timeout(options.server_alive_interval,
                    156:            options.server_alive_count_max);
1.1       deraadt   157:
1.110     markus    158:        /* Indicate OK return */
                    159:        return 0;
1.227     djm       160: }
                    161:
                    162: void
                    163: ssh_kill_proxy_command(void)
                    164: {
                    165:        /*
                    166:         * Send SIGHUP to proxy command if used. We don't wait() in
                    167:         * case it hangs and instead rely on init to reap the child
                    168:         */
                    169:        if (proxy_command_pid > 1)
1.228     djm       170:                kill(proxy_command_pid, SIGHUP);
1.1       deraadt   171: }
                    172:
1.39      deraadt   173: /*
                    174:  * Creates a (possibly privileged) socket for use as the ssh connection.
                    175:  */
1.109     itojun    176: static int
1.139     markus    177: ssh_create_socket(int privileged, struct addrinfo *ai)
1.1       deraadt   178: {
1.105     markus    179:        int sock, gaierr;
                    180:        struct addrinfo hints, *res;
1.1       deraadt   181:
1.40      markus    182:        /*
                    183:         * If we are running as root and want to connect to a privileged
                    184:         * port, bind our own socket to a privileged port.
                    185:         */
1.38      markus    186:        if (privileged) {
                    187:                int p = IPPORT_RESERVED - 1;
1.124     markus    188:                PRIV_START;
1.139     markus    189:                sock = rresvport_af(&p, ai->ai_family);
1.124     markus    190:                PRIV_END;
1.38      markus    191:                if (sock < 0)
1.139     markus    192:                        error("rresvport: af=%d %.100s", ai->ai_family,
                    193:                            strerror(errno));
1.55      markus    194:                else
                    195:                        debug("Allocated local port %d.", p);
1.105     markus    196:                return sock;
                    197:        }
1.217     dtucker   198:        sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
1.216     dtucker   199:        if (sock < 0) {
1.105     markus    200:                error("socket: %.100s", strerror(errno));
1.216     dtucker   201:                return -1;
                    202:        }
                    203:        fcntl(sock, F_SETFD, FD_CLOEXEC);
1.105     markus    204:
                    205:        /* Bind the socket to an alternative local IP address */
                    206:        if (options.bind_address == NULL)
                    207:                return sock;
                    208:
                    209:        memset(&hints, 0, sizeof(hints));
1.139     markus    210:        hints.ai_family = ai->ai_family;
                    211:        hints.ai_socktype = ai->ai_socktype;
                    212:        hints.ai_protocol = ai->ai_protocol;
1.105     markus    213:        hints.ai_flags = AI_PASSIVE;
1.205     dtucker   214:        gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res);
1.105     markus    215:        if (gaierr) {
                    216:                error("getaddrinfo: %s: %s", options.bind_address,
1.203     dtucker   217:                    ssh_gai_strerror(gaierr));
1.105     markus    218:                close(sock);
                    219:                return -1;
                    220:        }
                    221:        if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) {
                    222:                error("bind: %s: %s", options.bind_address, strerror(errno));
                    223:                close(sock);
                    224:                freeaddrinfo(res);
                    225:                return -1;
1.38      markus    226:        }
1.105     markus    227:        freeaddrinfo(res);
1.38      markus    228:        return sock;
1.1       deraadt   229: }
                    230:
1.141     djm       231: static int
                    232: timeout_connect(int sockfd, const struct sockaddr *serv_addr,
1.202     djm       233:     socklen_t addrlen, int *timeoutp)
1.141     djm       234: {
                    235:        fd_set *fdset;
1.202     djm       236:        struct timeval tv, t_start;
1.141     djm       237:        socklen_t optlen;
1.179     djm       238:        int optval, rc, result = -1;
1.141     djm       239:
1.202     djm       240:        gettimeofday(&t_start, NULL);
                    241:
                    242:        if (*timeoutp <= 0) {
                    243:                result = connect(sockfd, serv_addr, addrlen);
                    244:                goto done;
                    245:        }
1.141     djm       246:
1.156     djm       247:        set_nonblock(sockfd);
1.141     djm       248:        rc = connect(sockfd, serv_addr, addrlen);
1.156     djm       249:        if (rc == 0) {
                    250:                unset_nonblock(sockfd);
1.202     djm       251:                result = 0;
                    252:                goto done;
                    253:        }
                    254:        if (errno != EINPROGRESS) {
                    255:                result = -1;
                    256:                goto done;
1.156     djm       257:        }
1.141     djm       258:
1.179     djm       259:        fdset = (fd_set *)xcalloc(howmany(sockfd + 1, NFDBITS),
                    260:            sizeof(fd_mask));
1.141     djm       261:        FD_SET(sockfd, fdset);
1.202     djm       262:        ms_to_timeval(&tv, *timeoutp);
1.141     djm       263:
1.162     deraadt   264:        for (;;) {
1.141     djm       265:                rc = select(sockfd + 1, NULL, fdset, NULL, &tv);
                    266:                if (rc != -1 || errno != EINTR)
                    267:                        break;
                    268:        }
                    269:
1.162     deraadt   270:        switch (rc) {
1.141     djm       271:        case 0:
                    272:                /* Timed out */
                    273:                errno = ETIMEDOUT;
1.142     djm       274:                break;
1.141     djm       275:        case -1:
                    276:                /* Select error */
1.154     djm       277:                debug("select: %s", strerror(errno));
1.142     djm       278:                break;
1.141     djm       279:        case 1:
                    280:                /* Completed or failed */
                    281:                optval = 0;
                    282:                optlen = sizeof(optval);
1.154     djm       283:                if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval,
1.148     markus    284:                    &optlen) == -1) {
1.154     djm       285:                        debug("getsockopt: %s", strerror(errno));
1.142     djm       286:                        break;
1.148     markus    287:                }
1.141     djm       288:                if (optval != 0) {
                    289:                        errno = optval;
1.142     djm       290:                        break;
1.141     djm       291:                }
1.142     djm       292:                result = 0;
1.156     djm       293:                unset_nonblock(sockfd);
1.141     djm       294:                break;
                    295:        default:
                    296:                /* Should not occur */
                    297:                fatal("Bogus return (%d) from select()", rc);
                    298:        }
                    299:
1.142     djm       300:        xfree(fdset);
1.202     djm       301:
                    302:  done:
                    303:        if (result == 0 && *timeoutp > 0) {
                    304:                ms_subtract_diff(&t_start, timeoutp);
                    305:                if (*timeoutp <= 0) {
                    306:                        errno = ETIMEDOUT;
                    307:                        result = -1;
                    308:                }
                    309:        }
                    310:
1.142     djm       311:        return (result);
1.141     djm       312: }
                    313:
1.39      deraadt   314: /*
1.49      markus    315:  * Opens a TCP/IP connection to the remote server on the given host.
                    316:  * The address of the remote host will be returned in hostaddr.
1.124     markus    317:  * If port is 0, the default port will be used.  If needpriv is true,
1.39      deraadt   318:  * a privileged port will be allocated to make the connection.
1.124     markus    319:  * This requires super-user privileges if needpriv is true.
1.39      deraadt   320:  * Connection_attempts specifies the maximum number of tries (one per
                    321:  * second).  If proxy_command is non-NULL, it specifies the command (with %h
                    322:  * and %p substituted for host and port, respectively) to use to contact
                    323:  * the daemon.
                    324:  */
1.38      markus    325: int
1.49      markus    326: ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
1.202     djm       327:     u_short port, int family, int connection_attempts, int *timeout_ms,
                    328:     int want_keepalive, int needpriv, const char *proxy_command)
1.1       deraadt   329: {
1.90      markus    330:        int gaierr;
                    331:        int on = 1;
1.49      markus    332:        int sock = -1, attempt;
1.90      markus    333:        char ntop[NI_MAXHOST], strport[NI_MAXSERV];
1.49      markus    334:        struct addrinfo hints, *ai, *aitop;
1.38      markus    335:
1.136     markus    336:        debug2("ssh_connect: needpriv %d", needpriv);
1.38      markus    337:
                    338:        /* If a proxy command is given, connect using it. */
                    339:        if (proxy_command != NULL)
1.124     markus    340:                return ssh_proxy_connect(host, port, proxy_command);
1.38      markus    341:
                    342:        /* No proxy command. */
                    343:
1.49      markus    344:        memset(&hints, 0, sizeof(hints));
1.115     markus    345:        hints.ai_family = family;
1.49      markus    346:        hints.ai_socktype = SOCK_STREAM;
1.126     deraadt   347:        snprintf(strport, sizeof strport, "%u", port);
1.49      markus    348:        if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0)
1.203     dtucker   349:                fatal("%s: Could not resolve hostname %.100s: %s", __progname,
                    350:                    host, ssh_gai_strerror(gaierr));
1.38      markus    351:
1.181     markus    352:        for (attempt = 0; attempt < connection_attempts; attempt++) {
1.200     markus    353:                if (attempt > 0) {
                    354:                        /* Sleep a moment before retrying. */
                    355:                        sleep(1);
1.38      markus    356:                        debug("Trying again...");
1.200     markus    357:                }
1.181     markus    358:                /*
                    359:                 * Loop through addresses for this host, and try each one in
                    360:                 * sequence until the connection succeeds.
                    361:                 */
1.49      markus    362:                for (ai = aitop; ai; ai = ai->ai_next) {
                    363:                        if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
                    364:                                continue;
                    365:                        if (getnameinfo(ai->ai_addr, ai->ai_addrlen,
                    366:                            ntop, sizeof(ntop), strport, sizeof(strport),
                    367:                            NI_NUMERICHOST|NI_NUMERICSERV) != 0) {
                    368:                                error("ssh_connect: getnameinfo failed");
                    369:                                continue;
                    370:                        }
                    371:                        debug("Connecting to %.200s [%.100s] port %s.",
                    372:                                host, ntop, strport);
                    373:
                    374:                        /* Create a socket for connecting. */
1.139     markus    375:                        sock = ssh_create_socket(needpriv, ai);
1.49      markus    376:                        if (sock < 0)
1.110     markus    377:                                /* Any error is already output */
1.49      markus    378:                                continue;
                    379:
1.141     djm       380:                        if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen,
1.202     djm       381:                            timeout_ms) >= 0) {
1.49      markus    382:                                /* Successful connection. */
1.102     markus    383:                                memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);
1.38      markus    384:                                break;
1.49      markus    385:                        } else {
1.131     itojun    386:                                debug("connect to address %s port %s: %s",
                    387:                                    ntop, strport, strerror(errno));
1.38      markus    388:                                close(sock);
1.181     markus    389:                                sock = -1;
1.38      markus    390:                        }
                    391:                }
1.181     markus    392:                if (sock != -1)
1.49      markus    393:                        break;  /* Successful connection. */
1.38      markus    394:        }
1.49      markus    395:
                    396:        freeaddrinfo(aitop);
                    397:
1.38      markus    398:        /* Return failure if we didn't get a successful connection. */
1.181     markus    399:        if (sock == -1) {
1.159     markus    400:                error("ssh: connect to host %s port %s: %s",
1.130     itojun    401:                    host, strport, strerror(errno));
1.159     markus    402:                return (-1);
1.130     itojun    403:        }
1.38      markus    404:
                    405:        debug("Connection established.");
1.90      markus    406:
1.155     markus    407:        /* Set SO_KEEPALIVE if requested. */
1.202     djm       408:        if (want_keepalive &&
1.90      markus    409:            setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&on,
                    410:            sizeof(on)) < 0)
                    411:                error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
1.38      markus    412:
                    413:        /* Set the connection. */
                    414:        packet_set_connection(sock, sock);
1.207     dtucker   415:        packet_set_timeout(options.server_alive_interval,
                    416:            options.server_alive_count_max);
1.1       deraadt   417:
1.110     markus    418:        return 0;
1.59      markus    419: }
                    420:
1.43      markus    421: /*
1.39      deraadt   422:  * Waits for the server identification string, and sends our own
                    423:  * identification string.
                    424:  */
1.213     andreas   425: void
1.202     djm       426: ssh_exchange_identification(int timeout_ms)
1.1       deraadt   427: {
1.38      markus    428:        char buf[256], remote_version[256];     /* must be same size! */
1.165     djm       429:        int remote_major, remote_minor, mismatch;
1.38      markus    430:        int connection_in = packet_get_connection_in();
                    431:        int connection_out = packet_get_connection_out();
1.93      stevesk   432:        int minor1 = PROTOCOL_MINOR_1;
1.185     djm       433:        u_int i, n;
1.202     djm       434:        size_t len;
                    435:        int fdsetsz, remaining, rc;
                    436:        struct timeval t_start, t_remaining;
                    437:        fd_set *fdset;
                    438:
                    439:        fdsetsz = howmany(connection_in + 1, NFDBITS) * sizeof(fd_mask);
                    440:        fdset = xcalloc(1, fdsetsz);
1.38      markus    441:
1.163     avsm      442:        /* Read other side's version identification. */
1.202     djm       443:        remaining = timeout_ms;
1.185     djm       444:        for (n = 0;;) {
1.75      markus    445:                for (i = 0; i < sizeof(buf) - 1; i++) {
1.202     djm       446:                        if (timeout_ms > 0) {
                    447:                                gettimeofday(&t_start, NULL);
                    448:                                ms_to_timeval(&t_remaining, remaining);
                    449:                                FD_SET(connection_in, fdset);
                    450:                                rc = select(connection_in + 1, fdset, NULL,
                    451:                                    fdset, &t_remaining);
                    452:                                ms_subtract_diff(&t_start, &remaining);
                    453:                                if (rc == 0 || remaining <= 0)
                    454:                                        fatal("Connection timed out during "
                    455:                                            "banner exchange");
                    456:                                if (rc == -1) {
                    457:                                        if (errno == EINTR)
                    458:                                                continue;
                    459:                                        fatal("ssh_exchange_identification: "
                    460:                                            "select: %s", strerror(errno));
                    461:                                }
                    462:                        }
                    463:
1.214     andreas   464:                        len = roaming_atomicio(read, connection_in, &buf[i], 1);
1.163     avsm      465:
1.167     djm       466:                        if (len != 1 && errno == EPIPE)
1.202     djm       467:                                fatal("ssh_exchange_identification: "
                    468:                                    "Connection closed by remote host");
1.163     avsm      469:                        else if (len != 1)
1.202     djm       470:                                fatal("ssh_exchange_identification: "
                    471:                                    "read: %.100s", strerror(errno));
1.75      markus    472:                        if (buf[i] == '\r') {
                    473:                                buf[i] = '\n';
                    474:                                buf[i + 1] = 0;
                    475:                                continue;               /**XXX wait for \n */
                    476:                        }
                    477:                        if (buf[i] == '\n') {
                    478:                                buf[i + 1] = 0;
                    479:                                break;
                    480:                        }
1.185     djm       481:                        if (++n > 65536)
1.202     djm       482:                                fatal("ssh_exchange_identification: "
                    483:                                    "No banner received");
1.38      markus    484:                }
1.75      markus    485:                buf[sizeof(buf) - 1] = 0;
1.76      markus    486:                if (strncmp(buf, "SSH-", 4) == 0)
1.38      markus    487:                        break;
1.75      markus    488:                debug("ssh_exchange_identification: %s", buf);
1.38      markus    489:        }
1.59      markus    490:        server_version_string = xstrdup(buf);
1.202     djm       491:        xfree(fdset);
1.38      markus    492:
1.40      markus    493:        /*
                    494:         * Check that the versions match.  In future this might accept
                    495:         * several versions and set appropriate flags to handle them.
                    496:         */
1.59      markus    497:        if (sscanf(server_version_string, "SSH-%d.%d-%[^\n]\n",
                    498:            &remote_major, &remote_minor, remote_version) != 3)
1.38      markus    499:                fatal("Bad remote protocol version identification: '%.100s'", buf);
                    500:        debug("Remote protocol version %d.%d, remote software version %.100s",
1.118     deraadt   501:            remote_major, remote_minor, remote_version);
1.38      markus    502:
1.59      markus    503:        compat_datafellows(remote_version);
1.64      markus    504:        mismatch = 0;
1.59      markus    505:
1.116     deraadt   506:        switch (remote_major) {
1.64      markus    507:        case 1:
                    508:                if (remote_minor == 99 &&
                    509:                    (options.protocol & SSH_PROTO_2) &&
                    510:                    !(options.protocol & SSH_PROTO_1_PREFERRED)) {
                    511:                        enable_compat20();
                    512:                        break;
                    513:                }
                    514:                if (!(options.protocol & SSH_PROTO_1)) {
                    515:                        mismatch = 1;
                    516:                        break;
                    517:                }
                    518:                if (remote_minor < 3) {
                    519:                        fatal("Remote machine has too old SSH software version.");
1.81      markus    520:                } else if (remote_minor == 3 || remote_minor == 4) {
1.64      markus    521:                        /* We speak 1.3, too. */
                    522:                        enable_compat13();
1.81      markus    523:                        minor1 = 3;
1.64      markus    524:                        if (options.forward_agent) {
1.138     itojun    525:                                logit("Agent forwarding disabled for protocol 1.3");
1.64      markus    526:                                options.forward_agent = 0;
                    527:                        }
                    528:                }
                    529:                break;
                    530:        case 2:
                    531:                if (options.protocol & SSH_PROTO_2) {
                    532:                        enable_compat20();
                    533:                        break;
1.38      markus    534:                }
1.64      markus    535:                /* FALLTHROUGH */
1.68      markus    536:        default:
1.64      markus    537:                mismatch = 1;
                    538:                break;
1.38      markus    539:        }
1.64      markus    540:        if (mismatch)
1.38      markus    541:                fatal("Protocol major versions differ: %d vs. %d",
1.64      markus    542:                    (options.protocol & SSH_PROTO_2) ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1,
                    543:                    remote_major);
1.38      markus    544:        /* Send our own protocol version identification. */
1.211     dtucker   545:        snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s%s",
1.64      markus    546:            compat20 ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1,
1.81      markus    547:            compat20 ? PROTOCOL_MINOR_2 : minor1,
1.211     dtucker   548:            SSH_VERSION, compat20 ? "\r\n" : "\n");
1.214     andreas   549:        if (roaming_atomicio(vwrite, connection_out, buf, strlen(buf))
                    550:            != strlen(buf))
1.38      markus    551:                fatal("write: %.100s", strerror(errno));
1.59      markus    552:        client_version_string = xstrdup(buf);
                    553:        chop(client_version_string);
                    554:        chop(server_version_string);
                    555:        debug("Local version string %.100s", client_version_string);
1.1       deraadt   556: }
                    557:
1.96      markus    558: /* defaults to 'no' */
1.109     itojun    559: static int
1.112     markus    560: confirm(const char *prompt)
1.1       deraadt   561: {
1.119     markus    562:        const char *msg, *again = "Please type 'yes' or 'no': ";
                    563:        char *p;
                    564:        int ret = -1;
1.96      markus    565:
                    566:        if (options.batch_mode)
                    567:                return 0;
1.119     markus    568:        for (msg = prompt;;msg = again) {
                    569:                p = read_passphrase(msg, RP_ECHO);
                    570:                if (p == NULL ||
                    571:                    (p[0] == '\0') || (p[0] == '\n') ||
                    572:                    strncasecmp(p, "no", 2) == 0)
                    573:                        ret = 0;
1.127     markus    574:                if (p && strncasecmp(p, "yes", 3) == 0)
1.119     markus    575:                        ret = 1;
                    576:                if (p)
                    577:                        xfree(p);
                    578:                if (ret != -1)
                    579:                        return ret;
1.1       deraadt   580:        }
                    581: }
                    582:
1.219     djm       583: static int
                    584: check_host_cert(const char *host, const Key *host_key)
                    585: {
                    586:        const char *reason;
                    587:
                    588:        if (key_cert_check_authority(host_key, 1, 0, host, &reason) != 0) {
                    589:                error("%s", reason);
                    590:                return 0;
                    591:        }
1.223     djm       592:        if (buffer_len(&host_key->cert->critical) != 0) {
                    593:                error("Certificate for %s contains unsupported "
                    594:                    "critical options(s)", host);
1.219     djm       595:                return 0;
                    596:        }
                    597:        return 1;
                    598: }
                    599:
1.229     djm       600: static int
                    601: sockaddr_is_local(struct sockaddr *hostaddr)
                    602: {
                    603:        switch (hostaddr->sa_family) {
                    604:        case AF_INET:
                    605:                return (ntohl(((struct sockaddr_in *)hostaddr)->
                    606:                    sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
                    607:        case AF_INET6:
                    608:                return IN6_IS_ADDR_LOOPBACK(
                    609:                    &(((struct sockaddr_in6 *)hostaddr)->sin6_addr));
                    610:        default:
                    611:                return 0;
                    612:        }
                    613: }
                    614:
                    615: /*
                    616:  * Prepare the hostname and ip address strings that are used to lookup
                    617:  * host keys in known_hosts files. These may have a port number appended.
                    618:  */
                    619: void
                    620: get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr,
                    621:     u_short port, char **hostfile_hostname, char **hostfile_ipaddr)
                    622: {
                    623:        char ntop[NI_MAXHOST];
                    624:
                    625:        /*
                    626:         * We don't have the remote ip-address for connections
                    627:         * using a proxy command
                    628:         */
                    629:        if (hostfile_ipaddr != NULL) {
                    630:                if (options.proxy_command == NULL) {
                    631:                        if (getnameinfo(hostaddr, hostaddr->sa_len,
                    632:                            ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST) != 0)
                    633:                        fatal("check_host_key: getnameinfo failed");
                    634:                        *hostfile_ipaddr = put_host_port(ntop, port);
                    635:                } else {
                    636:                        *hostfile_ipaddr = xstrdup("<no hostip for proxy "
                    637:                            "command>");
                    638:                }
                    639:        }
                    640:
                    641:        /*
                    642:         * Allow the user to record the key under a different name or
                    643:         * differentiate a non-standard port.  This is useful for ssh
                    644:         * tunneling over forwarded connections or if you run multiple
                    645:         * sshd's on different ports on the same machine.
                    646:         */
                    647:        if (hostfile_hostname != NULL) {
                    648:                if (options.host_key_alias != NULL) {
                    649:                        *hostfile_hostname = xstrdup(options.host_key_alias);
                    650:                        debug("using hostkeyalias: %s", *hostfile_hostname);
                    651:                } else {
                    652:                        *hostfile_hostname = put_host_port(hostname, port);
                    653:                }
                    654:        }
                    655: }
                    656:
1.39      deraadt   657: /*
1.108     markus    658:  * check whether the supplied host key is valid, return -1 if the key
                    659:  * is not valid. the user_hostfile will not be updated if 'readonly' is true.
1.39      deraadt   660:  */
1.197     dtucker   661: #define RDRW   0
                    662: #define RDONLY 1
                    663: #define ROQUIET        2
1.109     itojun    664: static int
1.197     dtucker   665: check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
1.229     djm       666:     Key *host_key, int readonly, char *user_hostfile,
                    667:     char *system_hostfile)
1.1       deraadt   668: {
1.229     djm       669:        Key *raw_key = NULL;
1.219     djm       670:        const char *type;
1.189     dtucker   671:        char *ip = NULL, *host = NULL;
1.204     grunk     672:        char hostline[1000], *hostp, *fp, *ra;
1.38      markus    673:        HostStatus host_status;
                    674:        HostStatus ip_status;
1.229     djm       675:        int r, want_cert = key_is_cert(host_key), host_ip_differ = 0;
                    676:        int local = sockaddr_is_local(hostaddr);
1.119     markus    677:        char msg[1024];
1.229     djm       678:        int len, cancelled_forwarding = 0;
                    679:        struct hostkeys *host_hostkeys, *ip_hostkeys;
                    680:        const struct hostkey_entry *host_found, *ip_found;
1.49      markus    681:
                    682:        /*
                    683:         * Force accepting of the host key for loopback/localhost. The
                    684:         * problem is that if the home directory is NFS-mounted to multiple
                    685:         * machines, localhost will refer to a different machine in each of
                    686:         * them, and the user will get bogus HOST_CHANGED warnings.  This
                    687:         * essentially disables host authentication for localhost; however,
                    688:         * this is probably not a real problem.
                    689:         */
1.111     markus    690:        if (options.no_host_authentication_for_localhost == 1 && local &&
                    691:            options.host_key_alias == NULL) {
1.88      markus    692:                debug("Forcing accepting of host key for "
                    693:                    "loopback/localhost.");
1.108     markus    694:                return 0;
1.49      markus    695:        }
1.42      markus    696:
                    697:        /*
1.229     djm       698:         * Prepare the hostname and address strings used for hostkey lookup.
                    699:         * In some cases, these will have a port number appended.
1.42      markus    700:         */
1.229     djm       701:        get_hostfile_hostname_ipaddr(hostname, hostaddr, port, &host, &ip);
1.206     grunk     702:
                    703:        /*
1.88      markus    704:         * Turn off check_host_ip if the connection is to localhost, via proxy
                    705:         * command or if we don't have a hostname to compare with
                    706:         */
1.189     dtucker   707:        if (options.check_host_ip && (local ||
                    708:            strcmp(hostname, ip) == 0 || options.proxy_command != NULL))
1.88      markus    709:                options.check_host_ip = 0;
1.86      markus    710:
1.229     djm       711:        host_hostkeys = init_hostkeys();
                    712:        load_hostkeys(host_hostkeys, host, user_hostfile);
                    713:        load_hostkeys(host_hostkeys, host, system_hostfile);
                    714:
                    715:        ip_hostkeys = NULL;
                    716:        if (!want_cert && options.check_host_ip) {
                    717:                ip_hostkeys = init_hostkeys();
                    718:                load_hostkeys(ip_hostkeys, ip, user_hostfile);
                    719:                load_hostkeys(ip_hostkeys, ip, system_hostfile);
1.84      markus    720:        }
1.38      markus    721:
1.219     djm       722:  retry:
1.229     djm       723:        /* Reload these as they may have changed on cert->key downgrade */
1.219     djm       724:        want_cert = key_is_cert(host_key);
                    725:        type = key_type(host_key);
                    726:
1.46      markus    727:        /*
1.170     djm       728:         * Check if the host key is present in the user's list of known
1.40      markus    729:         * hosts or in the systemwide list.
                    730:         */
1.229     djm       731:        host_status = check_key_in_hostkeys(host_hostkeys, host_key,
                    732:            &host_found);
                    733:
1.40      markus    734:        /*
                    735:         * Also perform check for the ip address, skip the check if we are
1.219     djm       736:         * localhost, looking for a certificate, or the hostname was an ip
                    737:         * address to begin with.
1.40      markus    738:         */
1.229     djm       739:        if (!want_cert && ip_hostkeys != NULL) {
                    740:                ip_status = check_key_in_hostkeys(ip_hostkeys, host_key,
                    741:                    &ip_found);
1.38      markus    742:                if (host_status == HOST_CHANGED &&
1.229     djm       743:                    (ip_status != HOST_CHANGED ||
                    744:                    (ip_found != NULL &&
                    745:                    !key_equal(ip_found->key, host_found->key))))
1.38      markus    746:                        host_ip_differ = 1;
                    747:        } else
                    748:                ip_status = host_status;
                    749:
                    750:        switch (host_status) {
                    751:        case HOST_OK:
                    752:                /* The host is known and the key matches. */
1.219     djm       753:                debug("Host '%.200s' is known and matches the %s host %s.",
                    754:                    host, type, want_cert ? "certificate" : "key");
1.229     djm       755:                debug("Found %s in %s:%lu", want_cert ? "CA key" : "key",
                    756:                    host_found->file, host_found->line);
1.219     djm       757:                if (want_cert && !check_host_cert(hostname, host_key))
                    758:                        goto fail;
1.88      markus    759:                if (options.check_host_ip && ip_status == HOST_NEW) {
1.219     djm       760:                        if (readonly || want_cert)
1.138     itojun    761:                                logit("%s host key for IP address "
1.108     markus    762:                                    "'%.128s' not in list of known hosts.",
                    763:                                    type, ip);
                    764:                        else if (!add_host_to_hostfile(user_hostfile, ip,
1.160     djm       765:                            host_key, options.hash_known_hosts))
1.138     itojun    766:                                logit("Failed to add the %s host key for IP "
1.108     markus    767:                                    "address '%.128s' to the list of known "
                    768:                                    "hosts (%.30s).", type, ip, user_hostfile);
1.88      markus    769:                        else
1.138     itojun    770:                                logit("Warning: Permanently added the %s host "
1.108     markus    771:                                    "key for IP address '%.128s' to the list "
                    772:                                    "of known hosts.", type, ip);
1.209     grunk     773:                } else if (options.visual_host_key) {
1.204     grunk     774:                        fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
                    775:                        ra = key_fingerprint(host_key, SSH_FP_MD5,
                    776:                            SSH_FP_RANDOMART);
                    777:                        logit("Host key fingerprint is %s\n%s\n", fp, ra);
                    778:                        xfree(ra);
                    779:                        xfree(fp);
1.38      markus    780:                }
                    781:                break;
                    782:        case HOST_NEW:
1.197     dtucker   783:                if (options.host_key_alias == NULL && port != 0 &&
                    784:                    port != SSH_DEFAULT_PORT) {
                    785:                        debug("checking without port identifier");
1.212     stevesk   786:                        if (check_host_key(hostname, hostaddr, 0, host_key,
                    787:                            ROQUIET, user_hostfile, system_hostfile) == 0) {
1.197     dtucker   788:                                debug("found matching key w/out port");
                    789:                                break;
                    790:                        }
                    791:                }
1.219     djm       792:                if (readonly || want_cert)
1.108     markus    793:                        goto fail;
1.38      markus    794:                /* The host is new. */
                    795:                if (options.strict_host_key_checking == 1) {
1.108     markus    796:                        /*
                    797:                         * User has requested strict host key checking.  We
                    798:                         * will not add the host key automatically.  The only
                    799:                         * alternative left is to abort.
                    800:                         */
                    801:                        error("No %s host key is known for %.200s and you "
                    802:                            "have requested strict checking.", type, host);
                    803:                        goto fail;
1.38      markus    804:                } else if (options.strict_host_key_checking == 2) {
1.145     jakob     805:                        char msg1[1024], msg2[1024];
                    806:
1.229     djm       807:                        if (show_other_keys(host_hostkeys, host_key))
1.145     jakob     808:                                snprintf(msg1, sizeof(msg1),
1.168     djm       809:                                    "\nbut keys of different type are already"
                    810:                                    " known for this host.");
1.145     jakob     811:                        else
                    812:                                snprintf(msg1, sizeof(msg1), ".");
1.38      markus    813:                        /* The default */
1.100     markus    814:                        fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
1.204     grunk     815:                        ra = key_fingerprint(host_key, SSH_FP_MD5,
                    816:                            SSH_FP_RANDOMART);
1.145     jakob     817:                        msg2[0] = '\0';
                    818:                        if (options.verify_host_key_dns) {
1.153     jakob     819:                                if (matching_host_key_dns)
1.145     jakob     820:                                        snprintf(msg2, sizeof(msg2),
                    821:                                            "Matching host key fingerprint"
                    822:                                            " found in DNS.\n");
                    823:                                else
                    824:                                        snprintf(msg2, sizeof(msg2),
                    825:                                            "No matching host key fingerprint"
                    826:                                            " found in DNS.\n");
                    827:                        }
1.119     markus    828:                        snprintf(msg, sizeof(msg),
1.108     markus    829:                            "The authenticity of host '%.200s (%s)' can't be "
1.132     markus    830:                            "established%s\n"
1.209     grunk     831:                            "%s key fingerprint is %s.%s%s\n%s"
1.108     markus    832:                            "Are you sure you want to continue connecting "
1.132     markus    833:                            "(yes/no)? ",
1.209     grunk     834:                            host, ip, msg1, type, fp,
                    835:                            options.visual_host_key ? "\n" : "",
                    836:                            options.visual_host_key ? ra : "",
                    837:                            msg2);
1.204     grunk     838:                        xfree(ra);
1.100     markus    839:                        xfree(fp);
1.119     markus    840:                        if (!confirm(msg))
1.108     markus    841:                                goto fail;
1.38      markus    842:                }
1.161     djm       843:                /*
                    844:                 * If not in strict mode, add the key automatically to the
                    845:                 * local known_hosts file.
                    846:                 */
1.88      markus    847:                if (options.check_host_ip && ip_status == HOST_NEW) {
1.229     djm       848:                        snprintf(hostline, sizeof(hostline), "%s,%s", host, ip);
1.38      markus    849:                        hostp = hostline;
1.161     djm       850:                        if (options.hash_known_hosts) {
                    851:                                /* Add hash of host and IP separately */
                    852:                                r = add_host_to_hostfile(user_hostfile, host,
                    853:                                    host_key, options.hash_known_hosts) &&
                    854:                                    add_host_to_hostfile(user_hostfile, ip,
                    855:                                    host_key, options.hash_known_hosts);
                    856:                        } else {
                    857:                                /* Add unhashed "host,ip" */
                    858:                                r = add_host_to_hostfile(user_hostfile,
                    859:                                    hostline, host_key,
                    860:                                    options.hash_known_hosts);
                    861:                        }
                    862:                } else {
                    863:                        r = add_host_to_hostfile(user_hostfile, host, host_key,
                    864:                            options.hash_known_hosts);
1.38      markus    865:                        hostp = host;
1.161     djm       866:                }
1.38      markus    867:
1.161     djm       868:                if (!r)
1.138     itojun    869:                        logit("Failed to add the host to the list of known "
1.108     markus    870:                            "hosts (%.500s).", user_hostfile);
1.38      markus    871:                else
1.138     itojun    872:                        logit("Warning: Permanently added '%.200s' (%s) to the "
1.108     markus    873:                            "list of known hosts.", hostp, type);
1.38      markus    874:                break;
1.220     djm       875:        case HOST_REVOKED:
                    876:                error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
                    877:                error("@       WARNING: REVOKED HOST KEY DETECTED!               @");
                    878:                error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
                    879:                error("The %s host key for %s is marked as revoked.", type, host);
                    880:                error("This could mean that a stolen key is being used to");
                    881:                error("impersonate this host.");
                    882:
                    883:                /*
                    884:                 * If strict host key checking is in use, the user will have
                    885:                 * to edit the key manually and we can only abort.
                    886:                 */
                    887:                if (options.strict_host_key_checking) {
                    888:                        error("%s host key for %.200s was revoked and you have "
                    889:                            "requested strict checking.", type, host);
                    890:                        goto fail;
                    891:                }
                    892:                goto continue_unsafe;
                    893:
1.38      markus    894:        case HOST_CHANGED:
1.219     djm       895:                if (want_cert) {
                    896:                        /*
                    897:                         * This is only a debug() since it is valid to have
                    898:                         * CAs with wildcard DNS matches that don't match
                    899:                         * all hosts that one might visit.
                    900:                         */
                    901:                        debug("Host certificate authority does not "
1.229     djm       902:                            "match %s in %s:%lu", CA_MARKER,
                    903:                            host_found->file, host_found->line);
1.219     djm       904:                        goto fail;
                    905:                }
1.197     dtucker   906:                if (readonly == ROQUIET)
                    907:                        goto fail;
1.38      markus    908:                if (options.check_host_ip && host_ip_differ) {
1.158     avsm      909:                        char *key_msg;
1.38      markus    910:                        if (ip_status == HOST_NEW)
1.158     avsm      911:                                key_msg = "is unknown";
1.38      markus    912:                        else if (ip_status == HOST_OK)
1.158     avsm      913:                                key_msg = "is unchanged";
1.38      markus    914:                        else
1.158     avsm      915:                                key_msg = "has a different value";
1.38      markus    916:                        error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
                    917:                        error("@       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @");
                    918:                        error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
1.72      markus    919:                        error("The %s host key for %s has changed,", type, host);
1.208     ian       920:                        error("and the key for the corresponding IP address %s", ip);
1.158     avsm      921:                        error("%s. This could either mean that", key_msg);
1.38      markus    922:                        error("DNS SPOOFING is happening or the IP address for the host");
1.85      markus    923:                        error("and its host key have changed at the same time.");
1.88      markus    924:                        if (ip_status != HOST_NEW)
1.229     djm       925:                                error("Offending key for IP in %s:%lu",
                    926:                                    ip_found->file, ip_found->line);
1.38      markus    927:                }
                    928:                /* The host key has changed. */
1.150     jakob     929:                warn_changed_key(host_key);
1.38      markus    930:                error("Add correct host key in %.100s to get rid of this message.",
1.87      markus    931:                    user_hostfile);
1.229     djm       932:                error("Offending %s key in %s:%lu", key_type(host_found->key),
                    933:                    host_found->file, host_found->line);
1.38      markus    934:
1.40      markus    935:                /*
                    936:                 * If strict host key checking is in use, the user will have
                    937:                 * to edit the key manually and we can only abort.
                    938:                 */
1.108     markus    939:                if (options.strict_host_key_checking) {
                    940:                        error("%s host key for %.200s has changed and you have "
                    941:                            "requested strict checking.", type, host);
                    942:                        goto fail;
                    943:                }
1.38      markus    944:
1.220     djm       945:  continue_unsafe:
1.40      markus    946:                /*
                    947:                 * If strict host key checking has not been requested, allow
1.144     djm       948:                 * the connection but without MITM-able authentication or
1.194     stevesk   949:                 * forwarding.
1.40      markus    950:                 */
1.38      markus    951:                if (options.password_authentication) {
1.108     markus    952:                        error("Password authentication is disabled to avoid "
                    953:                            "man-in-the-middle attacks.");
1.38      markus    954:                        options.password_authentication = 0;
1.210     dtucker   955:                        cancelled_forwarding = 1;
1.144     djm       956:                }
                    957:                if (options.kbd_interactive_authentication) {
                    958:                        error("Keyboard-interactive authentication is disabled"
                    959:                            " to avoid man-in-the-middle attacks.");
                    960:                        options.kbd_interactive_authentication = 0;
                    961:                        options.challenge_response_authentication = 0;
1.210     dtucker   962:                        cancelled_forwarding = 1;
1.144     djm       963:                }
                    964:                if (options.challenge_response_authentication) {
                    965:                        error("Challenge/response authentication is disabled"
                    966:                            " to avoid man-in-the-middle attacks.");
                    967:                        options.challenge_response_authentication = 0;
1.210     dtucker   968:                        cancelled_forwarding = 1;
1.38      markus    969:                }
                    970:                if (options.forward_agent) {
1.108     markus    971:                        error("Agent forwarding is disabled to avoid "
                    972:                            "man-in-the-middle attacks.");
1.38      markus    973:                        options.forward_agent = 0;
1.210     dtucker   974:                        cancelled_forwarding = 1;
1.83      markus    975:                }
                    976:                if (options.forward_x11) {
1.108     markus    977:                        error("X11 forwarding is disabled to avoid "
                    978:                            "man-in-the-middle attacks.");
1.83      markus    979:                        options.forward_x11 = 0;
1.210     dtucker   980:                        cancelled_forwarding = 1;
1.83      markus    981:                }
1.108     markus    982:                if (options.num_local_forwards > 0 ||
                    983:                    options.num_remote_forwards > 0) {
                    984:                        error("Port forwarding is disabled to avoid "
                    985:                            "man-in-the-middle attacks.");
                    986:                        options.num_local_forwards =
1.118     deraadt   987:                            options.num_remote_forwards = 0;
1.210     dtucker   988:                        cancelled_forwarding = 1;
1.194     stevesk   989:                }
                    990:                if (options.tun_open != SSH_TUNMODE_NO) {
                    991:                        error("Tunnel forwarding is disabled to avoid "
                    992:                            "man-in-the-middle attacks.");
                    993:                        options.tun_open = SSH_TUNMODE_NO;
1.210     dtucker   994:                        cancelled_forwarding = 1;
1.38      markus    995:                }
1.210     dtucker   996:                if (options.exit_on_forward_failure && cancelled_forwarding)
                    997:                        fatal("Error: forwarding disabled due to host key "
                    998:                            "check failure");
                    999:
1.40      markus   1000:                /*
                   1001:                 * XXX Should permit the user to change to use the new id.
                   1002:                 * This could be done by converting the host key to an
                   1003:                 * identifying sentence, tell that the host identifies itself
1.218     dtucker  1004:                 * by that sentence, and ask the user if he/she wishes to
1.40      markus   1005:                 * accept the authentication.
                   1006:                 */
1.38      markus   1007:                break;
1.132     markus   1008:        case HOST_FOUND:
                   1009:                fatal("internal error");
                   1010:                break;
1.88      markus   1011:        }
                   1012:
                   1013:        if (options.check_host_ip && host_status != HOST_CHANGED &&
                   1014:            ip_status == HOST_CHANGED) {
1.119     markus   1015:                snprintf(msg, sizeof(msg),
                   1016:                    "Warning: the %s host key for '%.200s' "
                   1017:                    "differs from the key for the IP address '%.128s'"
1.229     djm      1018:                    "\nOffending key for IP in %s:%lu",
                   1019:                    type, host, ip, ip_found->file, ip_found->line);
1.119     markus   1020:                if (host_status == HOST_OK) {
                   1021:                        len = strlen(msg);
                   1022:                        snprintf(msg + len, sizeof(msg) - len,
1.229     djm      1023:                            "\nMatching host key in %s:%lu",
                   1024:                            host_found->file, host_found->line);
1.119     markus   1025:                }
1.88      markus   1026:                if (options.strict_host_key_checking == 1) {
1.143     djm      1027:                        logit("%s", msg);
1.108     markus   1028:                        error("Exiting, you have requested strict checking.");
                   1029:                        goto fail;
1.88      markus   1030:                } else if (options.strict_host_key_checking == 2) {
1.119     markus   1031:                        strlcat(msg, "\nAre you sure you want "
                   1032:                            "to continue connecting (yes/no)? ", sizeof(msg));
                   1033:                        if (!confirm(msg))
1.108     markus   1034:                                goto fail;
1.119     markus   1035:                } else {
1.143     djm      1036:                        logit("%s", msg);
1.88      markus   1037:                }
1.38      markus   1038:        }
1.82      provos   1039:
                   1040:        xfree(ip);
1.189     dtucker  1041:        xfree(host);
1.229     djm      1042:        if (host_hostkeys != NULL)
                   1043:                free_hostkeys(host_hostkeys);
                   1044:        if (ip_hostkeys != NULL)
                   1045:                free_hostkeys(ip_hostkeys);
1.108     markus   1046:        return 0;
                   1047:
                   1048: fail:
1.220     djm      1049:        if (want_cert && host_status != HOST_REVOKED) {
1.219     djm      1050:                /*
                   1051:                 * No matching certificate. Downgrade cert to raw key and
                   1052:                 * search normally.
                   1053:                 */
                   1054:                debug("No matching CA found. Retry with plain key");
                   1055:                raw_key = key_from_private(host_key);
                   1056:                if (key_drop_cert(raw_key) != 0)
                   1057:                        fatal("Couldn't drop certificate");
                   1058:                host_key = raw_key;
                   1059:                goto retry;
                   1060:        }
                   1061:        if (raw_key != NULL)
                   1062:                key_free(raw_key);
1.108     markus   1063:        xfree(ip);
1.189     dtucker  1064:        xfree(host);
1.229     djm      1065:        if (host_hostkeys != NULL)
                   1066:                free_hostkeys(host_hostkeys);
                   1067:        if (ip_hostkeys != NULL)
                   1068:                free_hostkeys(ip_hostkeys);
1.108     markus   1069:        return -1;
                   1070: }
                   1071:
1.140     jakob    1072: /* returns 0 if key verifies or -1 if key does NOT verify */
1.108     markus   1073: int
                   1074: verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
                   1075: {
                   1076:        struct stat st;
1.153     jakob    1077:        int flags = 0;
1.229     djm      1078:        char *fp;
                   1079:
                   1080:        fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
                   1081:        debug("Server host key: %s %s", key_type(host_key), fp);
                   1082:        xfree(fp);
1.140     jakob    1083:
1.219     djm      1084:        /* XXX certs are not yet supported for DNS */
                   1085:        if (!key_is_cert(host_key) && options.verify_host_key_dns &&
1.153     jakob    1086:            verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) {
                   1087:
                   1088:                if (flags & DNS_VERIFY_FOUND) {
                   1089:
                   1090:                        if (options.verify_host_key_dns == 1 &&
                   1091:                            flags & DNS_VERIFY_MATCH &&
                   1092:                            flags & DNS_VERIFY_SECURE)
                   1093:                                return 0;
                   1094:
                   1095:                        if (flags & DNS_VERIFY_MATCH) {
                   1096:                                matching_host_key_dns = 1;
                   1097:                        } else {
                   1098:                                warn_changed_key(host_key);
                   1099:                                error("Update the SSHFP RR in DNS with the new "
                   1100:                                    "host key to get rid of this message.");
                   1101:                        }
1.140     jakob    1102:                }
                   1103:        }
1.108     markus   1104:
                   1105:        /* return ok if the key can be found in an old keyfile */
                   1106:        if (stat(options.system_hostfile2, &st) == 0 ||
                   1107:            stat(options.user_hostfile2, &st) == 0) {
1.197     dtucker  1108:                if (check_host_key(host, hostaddr, options.port, host_key,
                   1109:                    RDONLY, options.user_hostfile2,
                   1110:                    options.system_hostfile2) == 0)
1.108     markus   1111:                        return 0;
                   1112:        }
1.197     dtucker  1113:        return check_host_key(host, hostaddr, options.port, host_key,
                   1114:            RDRW, options.user_hostfile, options.system_hostfile);
1.51      markus   1115: }
1.70      markus   1116:
1.51      markus   1117: /*
                   1118:  * Starts a dialog with the server, and authenticates the current user on the
                   1119:  * server.  This does not need any extra privileges.  The basic connection
                   1120:  * to the server must already have been established before this is called.
                   1121:  * If login fails, this function prints an error and never returns.
                   1122:  * This function does not require super-user privileges.
                   1123:  */
                   1124: void
1.120     markus   1125: ssh_login(Sensitive *sensitive, const char *orighost,
1.229     djm      1126:     struct sockaddr *hostaddr, u_short port, struct passwd *pw, int timeout_ms)
1.51      markus   1127: {
                   1128:        char *host, *cp;
1.70      markus   1129:        char *server_user, *local_user;
                   1130:
                   1131:        local_user = xstrdup(pw->pw_name);
                   1132:        server_user = options.user ? options.user : local_user;
1.51      markus   1133:
                   1134:        /* Convert the user-supplied hostname into all lowercase. */
                   1135:        host = xstrdup(orighost);
                   1136:        for (cp = host; *cp; cp++)
                   1137:                if (isupper(*cp))
1.178     deraadt  1138:                        *cp = (char)tolower(*cp);
1.51      markus   1139:
                   1140:        /* Exchange protocol version identification strings with the server. */
1.202     djm      1141:        ssh_exchange_identification(timeout_ms);
1.51      markus   1142:
                   1143:        /* Put the connection into non-blocking mode. */
                   1144:        packet_set_nonblocking();
                   1145:
                   1146:        /* key exchange */
                   1147:        /* authenticate user */
1.59      markus   1148:        if (compat20) {
1.229     djm      1149:                ssh_kex2(host, hostaddr, port);
1.120     markus   1150:                ssh_userauth2(local_user, server_user, host, sensitive);
1.59      markus   1151:        } else {
                   1152:                ssh_kex(host, hostaddr);
1.120     markus   1153:                ssh_userauth1(local_user, server_user, host, sensitive);
1.59      markus   1154:        }
1.182     markus   1155:        xfree(local_user);
1.97      markus   1156: }
                   1157:
                   1158: void
                   1159: ssh_put_password(char *password)
                   1160: {
                   1161:        int size;
                   1162:        char *padded;
                   1163:
1.99      deraadt  1164:        if (datafellows & SSH_BUG_PASSWORDPAD) {
1.107     markus   1165:                packet_put_cstring(password);
1.99      deraadt  1166:                return;
                   1167:        }
1.97      markus   1168:        size = roundup(strlen(password) + 1, 32);
1.179     djm      1169:        padded = xcalloc(1, size);
1.97      markus   1170:        strlcpy(padded, password, size);
                   1171:        packet_put_string(padded, size);
                   1172:        memset(padded, 0, size);
                   1173:        xfree(padded);
1.132     markus   1174: }
                   1175:
                   1176: /* print all known host keys for a given host, but skip keys of given type */
                   1177: static int
1.229     djm      1178: show_other_keys(struct hostkeys *hostkeys, Key *key)
1.132     markus   1179: {
1.225     djm      1180:        int type[] = { KEY_RSA1, KEY_RSA, KEY_DSA, KEY_ECDSA, -1};
1.229     djm      1181:        int i, ret = 0;
                   1182:        char *fp, *ra;
                   1183:        const struct hostkey_entry *found;
1.132     markus   1184:
                   1185:        for (i = 0; type[i] != -1; i++) {
                   1186:                if (type[i] == key->type)
                   1187:                        continue;
1.229     djm      1188:                if (!lookup_key_in_hostkeys_by_type(hostkeys, type[i], &found))
1.132     markus   1189:                        continue;
1.229     djm      1190:                fp = key_fingerprint(found->key, SSH_FP_MD5, SSH_FP_HEX);
                   1191:                ra = key_fingerprint(found->key, SSH_FP_MD5, SSH_FP_RANDOMART);
                   1192:                logit("WARNING: %s key found for host %s\n"
                   1193:                    "in %s:%lu\n"
                   1194:                    "%s key fingerprint %s.",
                   1195:                    key_type(found->key),
                   1196:                    found->host, found->file, found->line,
                   1197:                    key_type(found->key), fp);
                   1198:                if (options.visual_host_key)
                   1199:                        logit("%s", ra);
                   1200:                xfree(ra);
                   1201:                xfree(fp);
                   1202:                ret = 1;
1.132     markus   1203:        }
1.229     djm      1204:        return ret;
1.150     jakob    1205: }
                   1206:
                   1207: static void
                   1208: warn_changed_key(Key *host_key)
                   1209: {
                   1210:        char *fp;
                   1211:
                   1212:        fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
                   1213:
                   1214:        error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
                   1215:        error("@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @");
                   1216:        error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
                   1217:        error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");
                   1218:        error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
1.230     markus   1219:        error("It is also possible that a host key has just been changed.");
1.150     jakob    1220:        error("The fingerprint for the %s key sent by the remote host is\n%s.",
1.230     markus   1221:            key_type(host_key), fp);
1.150     jakob    1222:        error("Please contact your system administrator.");
                   1223:
                   1224:        xfree(fp);
1.171     reyk     1225: }
                   1226:
                   1227: /*
                   1228:  * Execute a local command
                   1229:  */
                   1230: int
                   1231: ssh_local_cmd(const char *args)
                   1232: {
                   1233:        char *shell;
                   1234:        pid_t pid;
                   1235:        int status;
1.231   ! djm      1236:        void (*osighand)(int);
1.171     reyk     1237:
                   1238:        if (!options.permit_local_command ||
                   1239:            args == NULL || !*args)
                   1240:                return (1);
                   1241:
1.226     djm      1242:        if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
1.171     reyk     1243:                shell = _PATH_BSHELL;
                   1244:
1.231   ! djm      1245:        osighand = signal(SIGCHLD, SIG_DFL);
1.171     reyk     1246:        pid = fork();
                   1247:        if (pid == 0) {
                   1248:                debug3("Executing %s -c \"%s\"", shell, args);
                   1249:                execl(shell, shell, "-c", args, (char *)NULL);
                   1250:                error("Couldn't execute %s -c \"%s\": %s",
                   1251:                    shell, args, strerror(errno));
                   1252:                _exit(1);
                   1253:        } else if (pid == -1)
                   1254:                fatal("fork failed: %.100s", strerror(errno));
                   1255:        while (waitpid(pid, &status, 0) == -1)
                   1256:                if (errno != EINTR)
                   1257:                        fatal("Couldn't wait for child: %s", strerror(errno));
1.231   ! djm      1258:        signal(SIGCHLD, osighand);
1.171     reyk     1259:
                   1260:        if (!WIFEXITED(status))
                   1261:                return (1);
                   1262:
                   1263:        return (WEXITSTATUS(status));
1.1       deraadt  1264: }