blob: f9a59372c3b593bb9fcf17d8a36d3ed7289dc046 [file] [log] [blame]
djm@openbsd.org5e39a492014-12-04 02:24:32 +00001/* $OpenBSD: sshconnect.c,v 1.252 2014/12/04 02:24:32 djm Exp $ */
Damien Millerd4a8b7e1999-10-27 13:42:43 +10002/*
Damien Miller95def091999-11-25 00:26:21 +11003 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * All rights reserved
Damien Miller95def091999-11-25 00:26:21 +11006 * Code to connect to a remote host, and to perform the client side of the
7 * login (authentication) dialog.
Damien Millere4340be2000-09-16 13:29:08 +11008 *
9 * As far as I am concerned, the code I have written for this software
10 * can be used freely for any purpose. Any derived versions of this
11 * software must be clearly marked as such, and if the derived work is
12 * incompatible with the protocol description in the RFC file, it must be
13 * called by a name other than "ssh" or "Secure Shell".
Damien Miller95def091999-11-25 00:26:21 +110014 */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100015
16#include "includes.h"
Damien Miller9cf6d072006-03-15 11:29:24 +110017
18#include <sys/types.h>
19#include <sys/wait.h>
Damien Millerf17883e2006-03-15 11:45:54 +110020#include <sys/stat.h>
Damien Miller8ec8c3e2006-07-10 20:35:38 +100021#include <sys/socket.h>
Damien Miller9aec9192006-08-05 10:57:45 +100022#ifdef HAVE_SYS_TIME_H
23# include <sys/time.h>
24#endif
Damien Miller8ec8c3e2006-07-10 20:35:38 +100025
26#include <netinet/in.h>
Darren Tucker46aa3e02006-09-02 15:32:40 +100027#include <arpa/inet.h>
Damien Miller03e20032006-03-15 11:16:59 +110028
Damien Millerc7b06362006-03-15 11:53:45 +110029#include <ctype.h>
Darren Tucker39972492006-07-12 22:22:46 +100030#include <errno.h>
Darren Tucker6e7fe1c2010-01-08 17:07:22 +110031#include <fcntl.h>
Damien Millerb8fe89c2006-07-24 14:51:00 +100032#include <netdb.h>
Damien Miller6645e7a2006-03-15 14:42:54 +110033#ifdef HAVE_PATHS_H
Damien Miller03e20032006-03-15 11:16:59 +110034#include <paths.h>
Damien Miller6645e7a2006-03-15 14:42:54 +110035#endif
Damien Miller9f2abc42006-07-10 20:53:08 +100036#include <pwd.h>
Damien Miller9c0c31d2010-10-12 13:30:44 +110037#include <signal.h>
Damien Millerded319c2006-09-01 15:38:36 +100038#include <stdarg.h>
Damien Millera7a73ee2006-08-05 11:37:59 +100039#include <stdio.h>
Damien Millere7a1e5c2006-08-05 11:34:19 +100040#include <stdlib.h>
Damien Millere3476ed2006-07-24 14:13:33 +100041#include <string.h>
Damien Millere6b3b612006-07-24 14:01:23 +100042#include <unistd.h>
Damien Millerd4a8b7e1999-10-27 13:42:43 +100043
Damien Millerd4a8b7e1999-10-27 13:42:43 +100044#include "xmalloc.h"
Damien Millerd7834352006-08-05 12:39:39 +100045#include "key.h"
46#include "hostfile.h"
47#include "ssh.h"
Damien Millerd4a8b7e1999-10-27 13:42:43 +100048#include "rsa.h"
Damien Miller1383bd82000-04-06 12:32:37 +100049#include "buffer.h"
Damien Millerd4a8b7e1999-10-27 13:42:43 +100050#include "packet.h"
Damien Millerd4a8b7e1999-10-27 13:42:43 +100051#include "uidswap.h"
52#include "compat.h"
Damien Miller450a7a12000-03-26 13:04:51 +100053#include "key.h"
Damien Millereba71ba2000-04-29 23:57:08 +100054#include "sshconnect.h"
Damien Miller450a7a12000-03-26 13:04:51 +100055#include "hostfile.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000056#include "log.h"
Damien Miller7acefbb2014-07-18 14:11:24 +100057#include "misc.h"
Ben Lindstrom226cfa02001-01-22 05:34:40 +000058#include "readconf.h"
59#include "atomicio.h"
Damien Miller37876e92003-05-15 10:19:46 +100060#include "dns.h"
Darren Tuckerc5564e12009-06-21 18:53:53 +100061#include "roaming.h"
Damien Miller1262b662013-08-21 02:44:24 +100062#include "monitor_fdpass.h"
Damien Miller0a80ca12010-02-27 07:55:05 +110063#include "ssh2.h"
Damien Millerb7576772006-07-10 20:23:39 +100064#include "version.h"
djm@openbsd.org5e39a492014-12-04 02:24:32 +000065#include "authfile.h"
66#include "ssherr.h"
Damien Miller37876e92003-05-15 10:19:46 +100067
Damien Millereba71ba2000-04-29 23:57:08 +100068char *client_version_string = NULL;
69char *server_version_string = NULL;
Damien Miller6b37fbb2014-07-04 08:59:24 +100070Key *previous_host_key = NULL;
Damien Miller1383bd82000-04-06 12:32:37 +100071
Damien Millerc1af1d52005-11-05 15:08:57 +110072static int matching_host_key_dns = 0;
Damien Miller7392ae62003-06-11 22:05:25 +100073
Damien Millera41ccca2010-10-07 22:07:32 +110074static pid_t proxy_command_pid = 0;
75
Ben Lindstromf9c48842002-06-11 16:37:51 +000076/* import */
Damien Milleraae6c611999-12-06 11:47:28 +110077extern Options options;
Damien Miller34132e52000-01-14 15:45:46 +110078extern char *__progname;
Ben Lindstromf9c48842002-06-11 16:37:51 +000079extern uid_t original_real_uid;
80extern uid_t original_effective_uid;
Damien Milleraae6c611999-12-06 11:47:28 +110081
Damien Millerd925dcd2010-12-01 12:21:51 +110082static int show_other_keys(struct hostkeys *, Key *);
Damien Miller5a388972003-11-17 21:10:47 +110083static void warn_changed_key(Key *);
Ben Lindstrom3ed66402002-08-01 01:21:56 +000084
Damien Miller1262b662013-08-21 02:44:24 +100085/* Expand a proxy command */
86static char *
87expand_proxy_command(const char *proxy_command, const char *user,
88 const char *host, int port)
89{
90 char *tmp, *ret, strport[NI_MAXSERV];
91
Damien Miller0faf7472013-10-17 11:47:23 +110092 snprintf(strport, sizeof strport, "%d", port);
Damien Miller1262b662013-08-21 02:44:24 +100093 xasprintf(&tmp, "exec %s", proxy_command);
94 ret = percent_expand(tmp, "h", host, "p", strport,
95 "r", options.user, (char *)NULL);
96 free(tmp);
97 return ret;
98}
99
100/*
101 * Connect to the given ssh server using a proxy command that passes a
102 * a connected fd back to us.
103 */
104static int
105ssh_proxy_fdpass_connect(const char *host, u_short port,
106 const char *proxy_command)
107{
108 char *command_string;
109 int sp[2], sock;
110 pid_t pid;
111 char *shell;
112
113 if ((shell = getenv("SHELL")) == NULL)
114 shell = _PATH_BSHELL;
115
116 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) < 0)
117 fatal("Could not create socketpair to communicate with "
118 "proxy dialer: %.100s", strerror(errno));
119
120 command_string = expand_proxy_command(proxy_command, options.user,
121 host, port);
122 debug("Executing proxy dialer command: %.500s", command_string);
123
124 /* Fork and execute the proxy command. */
125 if ((pid = fork()) == 0) {
126 char *argv[10];
127
128 /* Child. Permanently give up superuser privileges. */
129 permanently_drop_suid(original_real_uid);
130
131 close(sp[1]);
132 /* Redirect stdin and stdout. */
133 if (sp[0] != 0) {
134 if (dup2(sp[0], 0) < 0)
135 perror("dup2 stdin");
136 }
137 if (sp[0] != 1) {
138 if (dup2(sp[0], 1) < 0)
139 perror("dup2 stdout");
140 }
141 if (sp[0] >= 2)
142 close(sp[0]);
143
144 /*
145 * Stderr is left as it is so that error messages get
146 * printed on the user's terminal.
147 */
148 argv[0] = shell;
149 argv[1] = "-c";
150 argv[2] = command_string;
151 argv[3] = NULL;
152
153 /*
154 * Execute the proxy command.
155 * Note that we gave up any extra privileges above.
156 */
157 execv(argv[0], argv);
158 perror(argv[0]);
159 exit(1);
160 }
161 /* Parent. */
162 if (pid < 0)
163 fatal("fork failed: %.100s", strerror(errno));
164 close(sp[0]);
165 free(command_string);
166
167 if ((sock = mm_receive_fd(sp[1])) == -1)
168 fatal("proxy dialer did not pass back a connection");
169
170 while (waitpid(pid, NULL, 0) == -1)
171 if (errno != EINTR)
172 fatal("Couldn't wait for child: %s", strerror(errno));
173
174 /* Set the connection file descriptors. */
175 packet_set_connection(sock, sock);
Damien Miller1262b662013-08-21 02:44:24 +1000176
177 return 0;
178}
179
Damien Miller95def091999-11-25 00:26:21 +1100180/*
181 * Connect to the given ssh server using a proxy command.
182 */
Ben Lindstrombba81212001-06-25 05:01:22 +0000183static int
Ben Lindstromf9c48842002-06-11 16:37:51 +0000184ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000185{
Damien Miller1262b662013-08-21 02:44:24 +1000186 char *command_string;
Damien Miller95def091999-11-25 00:26:21 +1100187 int pin[2], pout[2];
Damien Miller166fca82000-04-20 07:42:21 +1000188 pid_t pid;
Damien Miller1262b662013-08-21 02:44:24 +1000189 char *shell;
Damien Miller1d824ab2007-09-17 11:58:04 +1000190
Damien Miller38d9a962010-10-07 22:07:11 +1100191 if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
Damien Miller1d824ab2007-09-17 11:58:04 +1000192 shell = _PATH_BSHELL;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000193
Damien Miller95def091999-11-25 00:26:21 +1100194 /* Create pipes for communicating with the proxy. */
195 if (pipe(pin) < 0 || pipe(pout) < 0)
196 fatal("Could not create pipes to communicate with the proxy: %.100s",
Damien Miller9f0f5c62001-12-21 14:45:46 +1100197 strerror(errno));
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000198
Damien Miller1262b662013-08-21 02:44:24 +1000199 command_string = expand_proxy_command(proxy_command, options.user,
200 host, port);
Damien Miller95def091999-11-25 00:26:21 +1100201 debug("Executing proxy command: %.500s", command_string);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000202
Damien Miller95def091999-11-25 00:26:21 +1100203 /* Fork and execute the proxy command. */
204 if ((pid = fork()) == 0) {
205 char *argv[10];
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000206
Damien Miller95def091999-11-25 00:26:21 +1100207 /* Child. Permanently give up superuser privileges. */
Damien Miller2e5fe882006-06-13 13:10:00 +1000208 permanently_drop_suid(original_real_uid);
Damien Miller95def091999-11-25 00:26:21 +1100209
210 /* Redirect stdin and stdout. */
211 close(pin[1]);
212 if (pin[0] != 0) {
213 if (dup2(pin[0], 0) < 0)
214 perror("dup2 stdin");
215 close(pin[0]);
216 }
217 close(pout[0]);
218 if (dup2(pout[1], 1) < 0)
219 perror("dup2 stdout");
220 /* Cannot be 1 because pin allocated two descriptors. */
221 close(pout[1]);
222
223 /* Stderr is left as it is so that error messages get
224 printed on the user's terminal. */
Damien Miller1d824ab2007-09-17 11:58:04 +1000225 argv[0] = shell;
Damien Miller95def091999-11-25 00:26:21 +1100226 argv[1] = "-c";
227 argv[2] = command_string;
228 argv[3] = NULL;
229
230 /* Execute the proxy command. Note that we gave up any
231 extra privileges above. */
Damien Miller6fb6fd52011-01-16 23:17:45 +1100232 signal(SIGPIPE, SIG_DFL);
Kevin Stevesfcd5d602001-01-07 11:45:22 +0000233 execv(argv[0], argv);
234 perror(argv[0]);
Damien Miller95def091999-11-25 00:26:21 +1100235 exit(1);
236 }
237 /* Parent. */
238 if (pid < 0)
239 fatal("fork failed: %.100s", strerror(errno));
Damien Miller8c4e18a2002-09-19 12:05:02 +1000240 else
241 proxy_command_pid = pid; /* save pid to clean up later */
Damien Miller95def091999-11-25 00:26:21 +1100242
243 /* Close child side of the descriptors. */
244 close(pin[0]);
245 close(pout[1]);
246
247 /* Free the command name. */
Darren Tuckera627d422013-06-02 07:31:17 +1000248 free(command_string);
Damien Miller95def091999-11-25 00:26:21 +1100249
250 /* Set the connection file descriptors. */
251 packet_set_connection(pout[0], pin[1]);
252
Ben Lindstromf9cedb92001-08-06 21:07:11 +0000253 /* Indicate OK return */
254 return 0;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000255}
256
Damien Millera41ccca2010-10-07 22:07:32 +1100257void
258ssh_kill_proxy_command(void)
259{
260 /*
261 * Send SIGHUP to proxy command if used. We don't wait() in
262 * case it hangs and instead rely on init to reap the child
263 */
264 if (proxy_command_pid > 1)
Damien Miller45fcdaa2010-10-07 22:07:58 +1100265 kill(proxy_command_pid, SIGHUP);
Damien Millera41ccca2010-10-07 22:07:32 +1100266}
267
Damien Miller95def091999-11-25 00:26:21 +1100268/*
269 * Creates a (possibly privileged) socket for use as the ssh connection.
270 */
Ben Lindstrombba81212001-06-25 05:01:22 +0000271static int
Damien Miller2372ace2003-05-14 13:42:23 +1000272ssh_create_socket(int privileged, struct addrinfo *ai)
Damien Miller95def091999-11-25 00:26:21 +1100273{
Darren Tuckere6e52f82013-10-10 10:28:07 +1100274 int sock, r, gaierr;
Damien Millerd1a7a9c2014-02-07 09:24:33 +1100275 struct addrinfo hints, *res = NULL;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000276
Darren Tucker7bd98e72010-01-10 10:31:12 +1100277 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
Darren Tucker6e7fe1c2010-01-08 17:07:22 +1100278 if (sock < 0) {
Darren Tuckere6e52f82013-10-10 10:28:07 +1100279 error("socket: %s", strerror(errno));
Darren Tucker6e7fe1c2010-01-08 17:07:22 +1100280 return -1;
281 }
282 fcntl(sock, F_SETFD, FD_CLOEXEC);
Ben Lindstrome0f88042001-04-30 13:06:24 +0000283
284 /* Bind the socket to an alternative local IP address */
Darren Tuckere6e52f82013-10-10 10:28:07 +1100285 if (options.bind_address == NULL && !privileged)
Ben Lindstrome0f88042001-04-30 13:06:24 +0000286 return sock;
287
Damien Millerd1a7a9c2014-02-07 09:24:33 +1100288 if (options.bind_address) {
289 memset(&hints, 0, sizeof(hints));
290 hints.ai_family = ai->ai_family;
291 hints.ai_socktype = ai->ai_socktype;
292 hints.ai_protocol = ai->ai_protocol;
293 hints.ai_flags = AI_PASSIVE;
294 gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res);
295 if (gaierr) {
296 error("getaddrinfo: %s: %s", options.bind_address,
297 ssh_gai_strerror(gaierr));
298 close(sock);
299 return -1;
300 }
Ben Lindstrome0f88042001-04-30 13:06:24 +0000301 }
Darren Tuckere6e52f82013-10-10 10:28:07 +1100302 /*
303 * If we are running as root and want to connect to a privileged
304 * port, bind our own socket to a privileged port.
305 */
306 if (privileged) {
307 PRIV_START;
Damien Millerd1a7a9c2014-02-07 09:24:33 +1100308 r = bindresvport_sa(sock, res ? res->ai_addr : NULL);
Darren Tuckere6e52f82013-10-10 10:28:07 +1100309 PRIV_END;
310 if (r < 0) {
311 error("bindresvport_sa: af=%d %s", ai->ai_family,
312 strerror(errno));
313 goto fail;
314 }
315 } else {
316 if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) {
317 error("bind: %s: %s", options.bind_address,
318 strerror(errno));
319 fail:
320 close(sock);
321 freeaddrinfo(res);
322 return -1;
323 }
Ben Lindstrome0f88042001-04-30 13:06:24 +0000324 }
Damien Millerd1a7a9c2014-02-07 09:24:33 +1100325 if (res != NULL)
326 freeaddrinfo(res);
Damien Miller95def091999-11-25 00:26:21 +1100327 return sock;
328}
329
Damien Millerb78d5eb2003-05-16 11:39:04 +1000330static int
331timeout_connect(int sockfd, const struct sockaddr *serv_addr,
Damien Miller67bd0622007-09-17 12:06:57 +1000332 socklen_t addrlen, int *timeoutp)
Damien Millerb78d5eb2003-05-16 11:39:04 +1000333{
334 fd_set *fdset;
Damien Miller67bd0622007-09-17 12:06:57 +1000335 struct timeval tv, t_start;
Damien Millerb78d5eb2003-05-16 11:39:04 +1000336 socklen_t optlen;
Damien Miller07d86be2006-03-26 14:19:21 +1100337 int optval, rc, result = -1;
Damien Millerb78d5eb2003-05-16 11:39:04 +1000338
Damien Miller67bd0622007-09-17 12:06:57 +1000339 gettimeofday(&t_start, NULL);
340
341 if (*timeoutp <= 0) {
342 result = connect(sockfd, serv_addr, addrlen);
343 goto done;
344 }
Damien Millerb78d5eb2003-05-16 11:39:04 +1000345
Damien Millerf6723f02004-01-27 21:21:27 +1100346 set_nonblock(sockfd);
Damien Millerb78d5eb2003-05-16 11:39:04 +1000347 rc = connect(sockfd, serv_addr, addrlen);
Damien Millerf6723f02004-01-27 21:21:27 +1100348 if (rc == 0) {
349 unset_nonblock(sockfd);
Damien Miller67bd0622007-09-17 12:06:57 +1000350 result = 0;
351 goto done;
Damien Millerf6723f02004-01-27 21:21:27 +1100352 }
Damien Miller67bd0622007-09-17 12:06:57 +1000353 if (errno != EINPROGRESS) {
354 result = -1;
355 goto done;
356 }
Damien Millerb78d5eb2003-05-16 11:39:04 +1000357
Damien Miller07d86be2006-03-26 14:19:21 +1100358 fdset = (fd_set *)xcalloc(howmany(sockfd + 1, NFDBITS),
359 sizeof(fd_mask));
Damien Millerb78d5eb2003-05-16 11:39:04 +1000360 FD_SET(sockfd, fdset);
Damien Miller67bd0622007-09-17 12:06:57 +1000361 ms_to_timeval(&tv, *timeoutp);
Damien Millerb78d5eb2003-05-16 11:39:04 +1000362
Darren Tucker47eede72005-03-14 23:08:12 +1100363 for (;;) {
Damien Millerb78d5eb2003-05-16 11:39:04 +1000364 rc = select(sockfd + 1, NULL, fdset, NULL, &tv);
365 if (rc != -1 || errno != EINTR)
366 break;
367 }
368
Darren Tucker47eede72005-03-14 23:08:12 +1100369 switch (rc) {
Damien Millerb78d5eb2003-05-16 11:39:04 +1000370 case 0:
371 /* Timed out */
372 errno = ETIMEDOUT;
Damien Miller08293fa2003-05-23 18:44:41 +1000373 break;
Damien Millerb78d5eb2003-05-16 11:39:04 +1000374 case -1:
375 /* Select error */
Damien Millera8e06ce2003-11-21 23:48:55 +1100376 debug("select: %s", strerror(errno));
Damien Miller08293fa2003-05-23 18:44:41 +1000377 break;
Damien Millerb78d5eb2003-05-16 11:39:04 +1000378 case 1:
379 /* Completed or failed */
380 optval = 0;
381 optlen = sizeof(optval);
Damien Millera8e06ce2003-11-21 23:48:55 +1100382 if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval,
Darren Tuckerbd5361b2003-09-22 20:59:16 +1000383 &optlen) == -1) {
Damien Millera8e06ce2003-11-21 23:48:55 +1100384 debug("getsockopt: %s", strerror(errno));
Damien Miller08293fa2003-05-23 18:44:41 +1000385 break;
Darren Tuckerbd5361b2003-09-22 20:59:16 +1000386 }
Damien Millerb78d5eb2003-05-16 11:39:04 +1000387 if (optval != 0) {
388 errno = optval;
Damien Miller08293fa2003-05-23 18:44:41 +1000389 break;
Damien Millerb78d5eb2003-05-16 11:39:04 +1000390 }
Damien Miller08293fa2003-05-23 18:44:41 +1000391 result = 0;
Damien Millerf6723f02004-01-27 21:21:27 +1100392 unset_nonblock(sockfd);
Damien Millerb78d5eb2003-05-16 11:39:04 +1000393 break;
394 default:
395 /* Should not occur */
396 fatal("Bogus return (%d) from select()", rc);
397 }
398
Darren Tuckera627d422013-06-02 07:31:17 +1000399 free(fdset);
Damien Miller67bd0622007-09-17 12:06:57 +1000400
401 done:
402 if (result == 0 && *timeoutp > 0) {
403 ms_subtract_diff(&t_start, timeoutp);
404 if (*timeoutp <= 0) {
405 errno = ETIMEDOUT;
406 result = -1;
407 }
408 }
409
Damien Miller08293fa2003-05-23 18:44:41 +1000410 return (result);
Damien Millerb78d5eb2003-05-16 11:39:04 +1000411}
412
Damien Miller95def091999-11-25 00:26:21 +1100413/*
Damien Miller34132e52000-01-14 15:45:46 +1100414 * Opens a TCP/IP connection to the remote server on the given host.
415 * The address of the remote host will be returned in hostaddr.
Ben Lindstromf9c48842002-06-11 16:37:51 +0000416 * If port is 0, the default port will be used. If needpriv is true,
Damien Miller95def091999-11-25 00:26:21 +1100417 * a privileged port will be allocated to make the connection.
Ben Lindstromf9c48842002-06-11 16:37:51 +0000418 * This requires super-user privileges if needpriv is true.
Damien Miller95def091999-11-25 00:26:21 +1100419 * Connection_attempts specifies the maximum number of tries (one per
420 * second). If proxy_command is non-NULL, it specifies the command (with %h
421 * and %p substituted for host and port, respectively) to use to contact
422 * the daemon.
423 */
Damien Miller0faf7472013-10-17 11:47:23 +1100424static int
425ssh_connect_direct(const char *host, struct addrinfo *aitop,
426 struct sockaddr_storage *hostaddr, u_short port, int family,
427 int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv)
Damien Miller95def091999-11-25 00:26:21 +1100428{
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000429 int on = 1;
430 int sock = -1, attempt;
431 char ntop[NI_MAXHOST], strport[NI_MAXSERV];
Damien Miller0faf7472013-10-17 11:47:23 +1100432 struct addrinfo *ai;
Damien Miller95def091999-11-25 00:26:21 +1100433
Ben Lindstrom064496f2002-12-23 02:04:22 +0000434 debug2("ssh_connect: needpriv %d", needpriv);
Damien Miller95def091999-11-25 00:26:21 +1100435
Damien Miller56e5e6a2006-04-23 12:08:59 +1000436 for (attempt = 0; attempt < connection_attempts; attempt++) {
Damien Millerf4bcd102006-10-24 03:02:23 +1000437 if (attempt > 0) {
438 /* Sleep a moment before retrying. */
439 sleep(1);
Damien Miller95def091999-11-25 00:26:21 +1100440 debug("Trying again...");
Damien Millerf4bcd102006-10-24 03:02:23 +1000441 }
Damien Miller56e5e6a2006-04-23 12:08:59 +1000442 /*
443 * Loop through addresses for this host, and try each one in
444 * sequence until the connection succeeds.
445 */
Damien Miller34132e52000-01-14 15:45:46 +1100446 for (ai = aitop; ai; ai = ai->ai_next) {
Damien Miller0faf7472013-10-17 11:47:23 +1100447 if (ai->ai_family != AF_INET &&
448 ai->ai_family != AF_INET6)
Damien Miller34132e52000-01-14 15:45:46 +1100449 continue;
450 if (getnameinfo(ai->ai_addr, ai->ai_addrlen,
451 ntop, sizeof(ntop), strport, sizeof(strport),
452 NI_NUMERICHOST|NI_NUMERICSERV) != 0) {
453 error("ssh_connect: getnameinfo failed");
454 continue;
455 }
456 debug("Connecting to %.200s [%.100s] port %s.",
457 host, ntop, strport);
Damien Miller95def091999-11-25 00:26:21 +1100458
Damien Miller34132e52000-01-14 15:45:46 +1100459 /* Create a socket for connecting. */
Damien Miller2372ace2003-05-14 13:42:23 +1000460 sock = ssh_create_socket(needpriv, ai);
Damien Miller34132e52000-01-14 15:45:46 +1100461 if (sock < 0)
Ben Lindstromf9cedb92001-08-06 21:07:11 +0000462 /* Any error is already output */
Damien Miller34132e52000-01-14 15:45:46 +1100463 continue;
Damien Miller95def091999-11-25 00:26:21 +1100464
Damien Millerb78d5eb2003-05-16 11:39:04 +1000465 if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen,
Damien Miller67bd0622007-09-17 12:06:57 +1000466 timeout_ms) >= 0) {
Damien Miller34132e52000-01-14 15:45:46 +1100467 /* Successful connection. */
Ben Lindstroma3700052001-04-05 23:26:32 +0000468 memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);
Damien Miller95def091999-11-25 00:26:21 +1100469 break;
Damien Miller34132e52000-01-14 15:45:46 +1100470 } else {
Ben Lindstrom728aa7e2002-07-15 17:48:11 +0000471 debug("connect to address %s port %s: %s",
472 ntop, strport, strerror(errno));
Damien Miller95def091999-11-25 00:26:21 +1100473 close(sock);
Damien Miller56e5e6a2006-04-23 12:08:59 +1000474 sock = -1;
Damien Miller95def091999-11-25 00:26:21 +1100475 }
Damien Miller95def091999-11-25 00:26:21 +1100476 }
Damien Miller56e5e6a2006-04-23 12:08:59 +1000477 if (sock != -1)
Damien Miller34132e52000-01-14 15:45:46 +1100478 break; /* Successful connection. */
Damien Miller95def091999-11-25 00:26:21 +1100479 }
Damien Miller34132e52000-01-14 15:45:46 +1100480
Damien Miller95def091999-11-25 00:26:21 +1100481 /* Return failure if we didn't get a successful connection. */
Damien Miller56e5e6a2006-04-23 12:08:59 +1000482 if (sock == -1) {
Darren Tuckerb2161e32005-01-20 11:00:46 +1100483 error("ssh: connect to host %s port %s: %s",
Ben Lindstroma6cd75c2002-07-11 04:00:19 +0000484 host, strport, strerror(errno));
Darren Tuckerb2161e32005-01-20 11:00:46 +1100485 return (-1);
Ben Lindstroma6cd75c2002-07-11 04:00:19 +0000486 }
Damien Miller95def091999-11-25 00:26:21 +1100487
488 debug("Connection established.");
489
Damien Miller12c150e2003-12-17 16:31:10 +1100490 /* Set SO_KEEPALIVE if requested. */
Damien Miller67bd0622007-09-17 12:06:57 +1000491 if (want_keepalive &&
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000492 setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&on,
493 sizeof(on)) < 0)
494 error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
Damien Miller95def091999-11-25 00:26:21 +1100495
496 /* Set the connection. */
497 packet_set_connection(sock, sock);
498
Ben Lindstromf9cedb92001-08-06 21:07:11 +0000499 return 0;
Damien Miller95def091999-11-25 00:26:21 +1100500}
501
Damien Miller0faf7472013-10-17 11:47:23 +1100502int
503ssh_connect(const char *host, struct addrinfo *addrs,
504 struct sockaddr_storage *hostaddr, u_short port, int family,
505 int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv)
506{
507 if (options.proxy_command == NULL) {
508 return ssh_connect_direct(host, addrs, hostaddr, port, family,
509 connection_attempts, timeout_ms, want_keepalive, needpriv);
510 } else if (strcmp(options.proxy_command, "-") == 0) {
511 packet_set_connection(STDIN_FILENO, STDOUT_FILENO);
512 return 0; /* Always succeeds */
513 } else if (options.proxy_use_fdpass) {
514 return ssh_proxy_fdpass_connect(host, port,
515 options.proxy_command);
516 }
517 return ssh_proxy_connect(host, port, options.proxy_command);
518}
519
Darren Tucker00c15182012-09-06 21:21:56 +1000520static void
521send_client_banner(int connection_out, int minor1)
522{
Darren Tucker00c15182012-09-06 21:21:56 +1000523 /* Send our own protocol version identification. */
524 if (compat20) {
525 xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",
526 PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);
527 } else {
528 xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
529 PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
530 }
531 if (roaming_atomicio(vwrite, connection_out, client_version_string,
532 strlen(client_version_string)) != strlen(client_version_string))
533 fatal("write: %.100s", strerror(errno));
534 chop(client_version_string);
535 debug("Local version string %.100s", client_version_string);
536}
537
Damien Milleraae6c611999-12-06 11:47:28 +1100538/*
Damien Miller95def091999-11-25 00:26:21 +1100539 * Waits for the server identification string, and sends our own
540 * identification string.
541 */
Darren Tucker1cc55d72009-06-21 18:17:19 +1000542void
Damien Miller67bd0622007-09-17 12:06:57 +1000543ssh_exchange_identification(int timeout_ms)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000544{
Damien Miller95def091999-11-25 00:26:21 +1100545 char buf[256], remote_version[256]; /* must be same size! */
Damien Millereccb9de2005-06-17 12:59:34 +1000546 int remote_major, remote_minor, mismatch;
Damien Miller95def091999-11-25 00:26:21 +1100547 int connection_in = packet_get_connection_in();
548 int connection_out = packet_get_connection_out();
Darren Tucker00c15182012-09-06 21:21:56 +1000549 int minor1 = PROTOCOL_MINOR_1, client_banner_sent = 0;
Damien Miller1e88ea62006-07-10 20:15:56 +1000550 u_int i, n;
Damien Miller67bd0622007-09-17 12:06:57 +1000551 size_t len;
552 int fdsetsz, remaining, rc;
553 struct timeval t_start, t_remaining;
554 fd_set *fdset;
555
556 fdsetsz = howmany(connection_in + 1, NFDBITS) * sizeof(fd_mask);
557 fdset = xcalloc(1, fdsetsz);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000558
Darren Tucker00c15182012-09-06 21:21:56 +1000559 /*
560 * If we are SSH2-only then we can send the banner immediately and
561 * save a round-trip.
562 */
563 if (options.protocol == SSH_PROTO_2) {
564 enable_compat20();
565 send_client_banner(connection_out, 0);
566 client_banner_sent = 1;
567 }
568
Damien Millerb253cc42005-05-26 12:23:44 +1000569 /* Read other side's version identification. */
Damien Miller67bd0622007-09-17 12:06:57 +1000570 remaining = timeout_ms;
Damien Miller1e88ea62006-07-10 20:15:56 +1000571 for (n = 0;;) {
Damien Millerf6d9e222000-06-18 14:50:44 +1000572 for (i = 0; i < sizeof(buf) - 1; i++) {
Damien Miller67bd0622007-09-17 12:06:57 +1000573 if (timeout_ms > 0) {
574 gettimeofday(&t_start, NULL);
575 ms_to_timeval(&t_remaining, remaining);
576 FD_SET(connection_in, fdset);
577 rc = select(connection_in + 1, fdset, NULL,
578 fdset, &t_remaining);
579 ms_subtract_diff(&t_start, &remaining);
580 if (rc == 0 || remaining <= 0)
581 fatal("Connection timed out during "
582 "banner exchange");
583 if (rc == -1) {
584 if (errno == EINTR)
585 continue;
586 fatal("ssh_exchange_identification: "
587 "select: %s", strerror(errno));
588 }
589 }
590
Darren Tuckerc5564e12009-06-21 18:53:53 +1000591 len = roaming_atomicio(read, connection_in, &buf[i], 1);
Damien Millerb253cc42005-05-26 12:23:44 +1000592
Damien Miller46d38de2005-07-17 17:02:09 +1000593 if (len != 1 && errno == EPIPE)
Damien Miller67bd0622007-09-17 12:06:57 +1000594 fatal("ssh_exchange_identification: "
595 "Connection closed by remote host");
Damien Millerb253cc42005-05-26 12:23:44 +1000596 else if (len != 1)
Damien Miller67bd0622007-09-17 12:06:57 +1000597 fatal("ssh_exchange_identification: "
598 "read: %.100s", strerror(errno));
Damien Millerf6d9e222000-06-18 14:50:44 +1000599 if (buf[i] == '\r') {
600 buf[i] = '\n';
601 buf[i + 1] = 0;
602 continue; /**XXX wait for \n */
603 }
604 if (buf[i] == '\n') {
605 buf[i + 1] = 0;
606 break;
607 }
Damien Miller1e88ea62006-07-10 20:15:56 +1000608 if (++n > 65536)
Damien Miller67bd0622007-09-17 12:06:57 +1000609 fatal("ssh_exchange_identification: "
610 "No banner received");
Damien Miller95def091999-11-25 00:26:21 +1100611 }
Damien Millerf6d9e222000-06-18 14:50:44 +1000612 buf[sizeof(buf) - 1] = 0;
613 if (strncmp(buf, "SSH-", 4) == 0)
Damien Miller95def091999-11-25 00:26:21 +1100614 break;
Damien Millerf6d9e222000-06-18 14:50:44 +1000615 debug("ssh_exchange_identification: %s", buf);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000616 }
Damien Miller1383bd82000-04-06 12:32:37 +1000617 server_version_string = xstrdup(buf);
Darren Tuckera627d422013-06-02 07:31:17 +1000618 free(fdset);
Damien Miller95def091999-11-25 00:26:21 +1100619
Damien Miller5428f641999-11-25 11:54:57 +1100620 /*
621 * Check that the versions match. In future this might accept
622 * several versions and set appropriate flags to handle them.
623 */
Damien Miller1383bd82000-04-06 12:32:37 +1000624 if (sscanf(server_version_string, "SSH-%d.%d-%[^\n]\n",
625 &remote_major, &remote_minor, remote_version) != 3)
Damien Miller95def091999-11-25 00:26:21 +1100626 fatal("Bad remote protocol version identification: '%.100s'", buf);
627 debug("Remote protocol version %d.%d, remote software version %.100s",
Damien Miller9f0f5c62001-12-21 14:45:46 +1100628 remote_major, remote_minor, remote_version);
Damien Miller95def091999-11-25 00:26:21 +1100629
Damien Miller1383bd82000-04-06 12:32:37 +1000630 compat_datafellows(remote_version);
Damien Miller78928792000-04-12 20:17:38 +1000631 mismatch = 0;
Damien Miller1383bd82000-04-06 12:32:37 +1000632
Ben Lindstrom1c37c6a2001-12-06 18:00:18 +0000633 switch (remote_major) {
Damien Miller78928792000-04-12 20:17:38 +1000634 case 1:
635 if (remote_minor == 99 &&
636 (options.protocol & SSH_PROTO_2) &&
637 !(options.protocol & SSH_PROTO_1_PREFERRED)) {
638 enable_compat20();
639 break;
Damien Miller95def091999-11-25 00:26:21 +1100640 }
Damien Miller78928792000-04-12 20:17:38 +1000641 if (!(options.protocol & SSH_PROTO_1)) {
642 mismatch = 1;
643 break;
644 }
645 if (remote_minor < 3) {
646 fatal("Remote machine has too old SSH software version.");
Damien Miller0bc1bd82000-11-13 22:57:25 +1100647 } else if (remote_minor == 3 || remote_minor == 4) {
Damien Miller78928792000-04-12 20:17:38 +1000648 /* We speak 1.3, too. */
649 enable_compat13();
Damien Miller0bc1bd82000-11-13 22:57:25 +1100650 minor1 = 3;
Damien Miller78928792000-04-12 20:17:38 +1000651 if (options.forward_agent) {
Damien Miller996acd22003-04-09 20:59:48 +1000652 logit("Agent forwarding disabled for protocol 1.3");
Damien Miller78928792000-04-12 20:17:38 +1000653 options.forward_agent = 0;
654 }
655 }
656 break;
657 case 2:
658 if (options.protocol & SSH_PROTO_2) {
659 enable_compat20();
660 break;
661 }
662 /* FALLTHROUGH */
Damien Miller4af51302000-04-16 11:18:38 +1000663 default:
Damien Miller78928792000-04-12 20:17:38 +1000664 mismatch = 1;
665 break;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000666 }
Damien Miller78928792000-04-12 20:17:38 +1000667 if (mismatch)
Damien Miller95def091999-11-25 00:26:21 +1100668 fatal("Protocol major versions differ: %d vs. %d",
Damien Miller78928792000-04-12 20:17:38 +1000669 (options.protocol & SSH_PROTO_2) ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1,
670 remote_major);
Damien Miller58cd63b2014-01-10 10:59:24 +1100671 if ((datafellows & SSH_BUG_DERIVEKEY) != 0)
672 fatal("Server version \"%.100s\" uses unsafe key agreement; "
673 "refusing connection", remote_version);
Damien Miller324541e2013-12-31 12:25:40 +1100674 if ((datafellows & SSH_BUG_RSASIGMD5) != 0)
675 logit("Server version \"%.100s\" uses unsafe RSA signature "
676 "scheme; disabling use of RSA keys", remote_version);
Darren Tucker00c15182012-09-06 21:21:56 +1000677 if (!client_banner_sent)
678 send_client_banner(connection_out, minor1);
Damien Miller1383bd82000-04-06 12:32:37 +1000679 chop(server_version_string);
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000680}
681
Ben Lindstromb6c06d92001-02-10 23:21:09 +0000682/* defaults to 'no' */
Ben Lindstrombba81212001-06-25 05:01:22 +0000683static int
Damien Millere3980042001-10-10 15:02:03 +1000684confirm(const char *prompt)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000685{
Damien Miller49d795c2002-01-22 23:34:12 +1100686 const char *msg, *again = "Please type 'yes' or 'no': ";
687 char *p;
688 int ret = -1;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000689
Ben Lindstromb6c06d92001-02-10 23:21:09 +0000690 if (options.batch_mode)
691 return 0;
Damien Miller49d795c2002-01-22 23:34:12 +1100692 for (msg = prompt;;msg = again) {
693 p = read_passphrase(msg, RP_ECHO);
694 if (p == NULL ||
695 (p[0] == '\0') || (p[0] == '\n') ||
696 strncasecmp(p, "no", 2) == 0)
697 ret = 0;
Ben Lindstrom04f9af72002-07-04 00:03:56 +0000698 if (p && strncasecmp(p, "yes", 3) == 0)
Damien Miller49d795c2002-01-22 23:34:12 +1100699 ret = 1;
Darren Tuckera627d422013-06-02 07:31:17 +1000700 free(p);
Damien Miller49d795c2002-01-22 23:34:12 +1100701 if (ret != -1)
702 return ret;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000703 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000704}
705
Damien Miller0a80ca12010-02-27 07:55:05 +1100706static int
707check_host_cert(const char *host, const Key *host_key)
708{
709 const char *reason;
710
711 if (key_cert_check_authority(host_key, 1, 0, host, &reason) != 0) {
712 error("%s", reason);
713 return 0;
714 }
Damien Miller86687062014-07-02 15:28:02 +1000715 if (buffer_len(host_key->cert->critical) != 0) {
Damien Miller4e270b02010-04-16 15:56:21 +1000716 error("Certificate for %s contains unsupported "
717 "critical options(s)", host);
Damien Miller0a80ca12010-02-27 07:55:05 +1100718 return 0;
719 }
720 return 1;
721}
722
Damien Millerd925dcd2010-12-01 12:21:51 +1100723static int
724sockaddr_is_local(struct sockaddr *hostaddr)
725{
726 switch (hostaddr->sa_family) {
727 case AF_INET:
728 return (ntohl(((struct sockaddr_in *)hostaddr)->
729 sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
730 case AF_INET6:
731 return IN6_IS_ADDR_LOOPBACK(
732 &(((struct sockaddr_in6 *)hostaddr)->sin6_addr));
733 default:
734 return 0;
735 }
736}
737
738/*
739 * Prepare the hostname and ip address strings that are used to lookup
740 * host keys in known_hosts files. These may have a port number appended.
741 */
742void
743get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr,
744 u_short port, char **hostfile_hostname, char **hostfile_ipaddr)
745{
746 char ntop[NI_MAXHOST];
747 socklen_t addrlen;
748
749 switch (hostaddr == NULL ? -1 : hostaddr->sa_family) {
750 case -1:
751 addrlen = 0;
752 break;
753 case AF_INET:
754 addrlen = sizeof(struct sockaddr_in);
755 break;
756 case AF_INET6:
757 addrlen = sizeof(struct sockaddr_in6);
758 break;
759 default:
760 addrlen = sizeof(struct sockaddr);
761 break;
762 }
763
764 /*
765 * We don't have the remote ip-address for connections
766 * using a proxy command
767 */
768 if (hostfile_ipaddr != NULL) {
769 if (options.proxy_command == NULL) {
770 if (getnameinfo(hostaddr, addrlen,
771 ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST) != 0)
772 fatal("check_host_key: getnameinfo failed");
773 *hostfile_ipaddr = put_host_port(ntop, port);
774 } else {
775 *hostfile_ipaddr = xstrdup("<no hostip for proxy "
776 "command>");
777 }
778 }
779
780 /*
781 * Allow the user to record the key under a different name or
782 * differentiate a non-standard port. This is useful for ssh
783 * tunneling over forwarded connections or if you run multiple
784 * sshd's on different ports on the same machine.
785 */
786 if (hostfile_hostname != NULL) {
787 if (options.host_key_alias != NULL) {
788 *hostfile_hostname = xstrdup(options.host_key_alias);
789 debug("using hostkeyalias: %s", *hostfile_hostname);
790 } else {
791 *hostfile_hostname = put_host_port(hostname, port);
792 }
793 }
794}
795
Damien Miller95def091999-11-25 00:26:21 +1100796/*
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000797 * check whether the supplied host key is valid, return -1 if the key
Damien Miller295ee632011-05-29 21:42:31 +1000798 * is not valid. user_hostfile[0] will not be updated if 'readonly' is true.
Damien Miller95def091999-11-25 00:26:21 +1100799 */
Damien Millerda828392006-08-05 11:35:45 +1000800#define RDRW 0
801#define RDONLY 1
802#define ROQUIET 2
Ben Lindstrombba81212001-06-25 05:01:22 +0000803static int
Damien Millerda828392006-08-05 11:35:45 +1000804check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
Damien Miller295ee632011-05-29 21:42:31 +1000805 Key *host_key, int readonly,
806 char **user_hostfiles, u_int num_user_hostfiles,
807 char **system_hostfiles, u_int num_system_hostfiles)
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000808{
Damien Miller95def091999-11-25 00:26:21 +1100809 HostStatus host_status;
810 HostStatus ip_status;
Damien Miller295ee632011-05-29 21:42:31 +1000811 Key *raw_key = NULL;
812 char *ip = NULL, *host = NULL;
813 char hostline[1000], *hostp, *fp, *ra;
Damien Miller49d795c2002-01-22 23:34:12 +1100814 char msg[1024];
Damien Miller295ee632011-05-29 21:42:31 +1000815 const char *type;
Damien Millerd925dcd2010-12-01 12:21:51 +1100816 const struct hostkey_entry *host_found, *ip_found;
Damien Miller295ee632011-05-29 21:42:31 +1000817 int len, cancelled_forwarding = 0;
818 int local = sockaddr_is_local(hostaddr);
819 int r, want_cert = key_is_cert(host_key), host_ip_differ = 0;
820 struct hostkeys *host_hostkeys, *ip_hostkeys;
821 u_int i;
Damien Miller34132e52000-01-14 15:45:46 +1100822
823 /*
824 * Force accepting of the host key for loopback/localhost. The
825 * problem is that if the home directory is NFS-mounted to multiple
826 * machines, localhost will refer to a different machine in each of
827 * them, and the user will get bogus HOST_CHANGED warnings. This
828 * essentially disables host authentication for localhost; however,
829 * this is probably not a real problem.
830 */
Ben Lindstrom3cecc9a2001-10-03 17:39:38 +0000831 if (options.no_host_authentication_for_localhost == 1 && local &&
832 options.host_key_alias == NULL) {
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +0000833 debug("Forcing accepting of host key for "
834 "loopback/localhost.");
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000835 return 0;
Damien Miller34132e52000-01-14 15:45:46 +1100836 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000837
Damien Milleraae6c611999-12-06 11:47:28 +1100838 /*
Damien Millerd925dcd2010-12-01 12:21:51 +1100839 * Prepare the hostname and address strings used for hostkey lookup.
840 * In some cases, these will have a port number appended.
Damien Milleraae6c611999-12-06 11:47:28 +1100841 */
Damien Millerd925dcd2010-12-01 12:21:51 +1100842 get_hostfile_hostname_ipaddr(hostname, hostaddr, port, &host, &ip);
Darren Tucker78913e02008-06-13 04:47:34 +1000843
844 /*
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +0000845 * Turn off check_host_ip if the connection is to localhost, via proxy
846 * command or if we don't have a hostname to compare with
847 */
Darren Tuckerda345532006-07-10 23:04:19 +1000848 if (options.check_host_ip && (local ||
849 strcmp(hostname, ip) == 0 || options.proxy_command != NULL))
Damien Milleraae6c611999-12-06 11:47:28 +1100850 options.check_host_ip = 0;
851
Damien Millerd925dcd2010-12-01 12:21:51 +1100852 host_hostkeys = init_hostkeys();
Damien Miller295ee632011-05-29 21:42:31 +1000853 for (i = 0; i < num_user_hostfiles; i++)
854 load_hostkeys(host_hostkeys, host, user_hostfiles[i]);
855 for (i = 0; i < num_system_hostfiles; i++)
856 load_hostkeys(host_hostkeys, host, system_hostfiles[i]);
Damien Millerd925dcd2010-12-01 12:21:51 +1100857
858 ip_hostkeys = NULL;
859 if (!want_cert && options.check_host_ip) {
860 ip_hostkeys = init_hostkeys();
Damien Miller295ee632011-05-29 21:42:31 +1000861 for (i = 0; i < num_user_hostfiles; i++)
862 load_hostkeys(ip_hostkeys, ip, user_hostfiles[i]);
863 for (i = 0; i < num_system_hostfiles; i++)
864 load_hostkeys(ip_hostkeys, ip, system_hostfiles[i]);
Ben Lindstrom4dccfa52000-12-28 16:40:05 +0000865 }
866
Damien Miller0a80ca12010-02-27 07:55:05 +1100867 retry:
Damien Millerd925dcd2010-12-01 12:21:51 +1100868 /* Reload these as they may have changed on cert->key downgrade */
Damien Miller0a80ca12010-02-27 07:55:05 +1100869 want_cert = key_is_cert(host_key);
870 type = key_type(host_key);
871
Ben Lindstrom4dccfa52000-12-28 16:40:05 +0000872 /*
Damien Miller788f2122005-11-05 15:14:59 +1100873 * Check if the host key is present in the user's list of known
Damien Miller5428f641999-11-25 11:54:57 +1100874 * hosts or in the systemwide list.
875 */
Damien Millerd925dcd2010-12-01 12:21:51 +1100876 host_status = check_key_in_hostkeys(host_hostkeys, host_key,
877 &host_found);
878
Damien Miller5428f641999-11-25 11:54:57 +1100879 /*
Damien Miller5428f641999-11-25 11:54:57 +1100880 * Also perform check for the ip address, skip the check if we are
Damien Miller0a80ca12010-02-27 07:55:05 +1100881 * localhost, looking for a certificate, or the hostname was an ip
882 * address to begin with.
Damien Miller5428f641999-11-25 11:54:57 +1100883 */
Damien Millerd925dcd2010-12-01 12:21:51 +1100884 if (!want_cert && ip_hostkeys != NULL) {
885 ip_status = check_key_in_hostkeys(ip_hostkeys, host_key,
886 &ip_found);
Damien Miller95def091999-11-25 00:26:21 +1100887 if (host_status == HOST_CHANGED &&
Damien Millerd925dcd2010-12-01 12:21:51 +1100888 (ip_status != HOST_CHANGED ||
889 (ip_found != NULL &&
890 !key_equal(ip_found->key, host_found->key))))
Damien Miller95def091999-11-25 00:26:21 +1100891 host_ip_differ = 1;
Damien Miller95def091999-11-25 00:26:21 +1100892 } else
893 ip_status = host_status;
Damien Millerd4a8b7e1999-10-27 13:42:43 +1000894
Damien Miller95def091999-11-25 00:26:21 +1100895 switch (host_status) {
896 case HOST_OK:
897 /* The host is known and the key matches. */
Damien Miller0a80ca12010-02-27 07:55:05 +1100898 debug("Host '%.200s' is known and matches the %s host %s.",
899 host, type, want_cert ? "certificate" : "key");
Damien Millerd925dcd2010-12-01 12:21:51 +1100900 debug("Found %s in %s:%lu", want_cert ? "CA key" : "key",
901 host_found->file, host_found->line);
Damien Miller0a80ca12010-02-27 07:55:05 +1100902 if (want_cert && !check_host_cert(hostname, host_key))
903 goto fail;
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +0000904 if (options.check_host_ip && ip_status == HOST_NEW) {
Damien Miller0a80ca12010-02-27 07:55:05 +1100905 if (readonly || want_cert)
Damien Miller996acd22003-04-09 20:59:48 +1000906 logit("%s host key for IP address "
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000907 "'%.128s' not in list of known hosts.",
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +0000908 type, ip);
Damien Miller295ee632011-05-29 21:42:31 +1000909 else if (!add_host_to_hostfile(user_hostfiles[0], ip,
Damien Millere1776152005-03-01 21:47:37 +1100910 host_key, options.hash_known_hosts))
Damien Miller996acd22003-04-09 20:59:48 +1000911 logit("Failed to add the %s host key for IP "
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000912 "address '%.128s' to the list of known "
Damien Miller295ee632011-05-29 21:42:31 +1000913 "hosts (%.30s).", type, ip,
914 user_hostfiles[0]);
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000915 else
Damien Miller996acd22003-04-09 20:59:48 +1000916 logit("Warning: Permanently added the %s host "
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000917 "key for IP address '%.128s' to the list "
918 "of known hosts.", type, ip);
Damien Miller10288242008-06-30 00:04:03 +1000919 } else if (options.visual_host_key) {
Darren Tucker9c16ac92008-06-13 04:40:35 +1000920 fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
921 ra = key_fingerprint(host_key, SSH_FP_MD5,
922 SSH_FP_RANDOMART);
923 logit("Host key fingerprint is %s\n%s\n", fp, ra);
Darren Tuckera627d422013-06-02 07:31:17 +1000924 free(ra);
925 free(fp);
Damien Miller95def091999-11-25 00:26:21 +1100926 }
927 break;
928 case HOST_NEW:
Damien Millerda828392006-08-05 11:35:45 +1000929 if (options.host_key_alias == NULL && port != 0 &&
930 port != SSH_DEFAULT_PORT) {
931 debug("checking without port identifier");
Damien Millerece92c82008-11-03 19:25:03 +1100932 if (check_host_key(hostname, hostaddr, 0, host_key,
Damien Miller295ee632011-05-29 21:42:31 +1000933 ROQUIET, user_hostfiles, num_user_hostfiles,
934 system_hostfiles, num_system_hostfiles) == 0) {
Damien Millerda828392006-08-05 11:35:45 +1000935 debug("found matching key w/out port");
936 break;
937 }
938 }
Damien Miller0a80ca12010-02-27 07:55:05 +1100939 if (readonly || want_cert)
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000940 goto fail;
Damien Miller95def091999-11-25 00:26:21 +1100941 /* The host is new. */
942 if (options.strict_host_key_checking == 1) {
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000943 /*
944 * User has requested strict host key checking. We
945 * will not add the host key automatically. The only
946 * alternative left is to abort.
947 */
948 error("No %s host key is known for %.200s and you "
949 "have requested strict checking.", type, host);
950 goto fail;
Damien Miller95def091999-11-25 00:26:21 +1100951 } else if (options.strict_host_key_checking == 2) {
Damien Miller7392ae62003-06-11 22:05:25 +1000952 char msg1[1024], msg2[1024];
953
Damien Millerd925dcd2010-12-01 12:21:51 +1100954 if (show_other_keys(host_hostkeys, host_key))
Damien Miller7392ae62003-06-11 22:05:25 +1000955 snprintf(msg1, sizeof(msg1),
Damien Miller0dc1bef2005-07-17 17:22:45 +1000956 "\nbut keys of different type are already"
957 " known for this host.");
Damien Miller7392ae62003-06-11 22:05:25 +1000958 else
959 snprintf(msg1, sizeof(msg1), ".");
Damien Miller95def091999-11-25 00:26:21 +1100960 /* The default */
Ben Lindstromcfccef92001-03-13 04:57:58 +0000961 fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
Darren Tucker9c16ac92008-06-13 04:40:35 +1000962 ra = key_fingerprint(host_key, SSH_FP_MD5,
963 SSH_FP_RANDOMART);
Damien Miller7392ae62003-06-11 22:05:25 +1000964 msg2[0] = '\0';
Damien Miller7392ae62003-06-11 22:05:25 +1000965 if (options.verify_host_key_dns) {
Damien Miller150b5572003-11-17 21:19:29 +1100966 if (matching_host_key_dns)
Damien Miller7392ae62003-06-11 22:05:25 +1000967 snprintf(msg2, sizeof(msg2),
968 "Matching host key fingerprint"
969 " found in DNS.\n");
970 else
971 snprintf(msg2, sizeof(msg2),
972 "No matching host key fingerprint"
973 " found in DNS.\n");
974 }
Damien Miller49d795c2002-01-22 23:34:12 +1100975 snprintf(msg, sizeof(msg),
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000976 "The authenticity of host '%.200s (%s)' can't be "
Ben Lindstrom3ed66402002-08-01 01:21:56 +0000977 "established%s\n"
Damien Miller10288242008-06-30 00:04:03 +1000978 "%s key fingerprint is %s.%s%s\n%s"
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000979 "Are you sure you want to continue connecting "
Ben Lindstrom3ed66402002-08-01 01:21:56 +0000980 "(yes/no)? ",
Damien Miller10288242008-06-30 00:04:03 +1000981 host, ip, msg1, type, fp,
982 options.visual_host_key ? "\n" : "",
983 options.visual_host_key ? ra : "",
984 msg2);
Darren Tuckera627d422013-06-02 07:31:17 +1000985 free(ra);
986 free(fp);
Damien Miller49d795c2002-01-22 23:34:12 +1100987 if (!confirm(msg))
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000988 goto fail;
Damien Miller95def091999-11-25 00:26:21 +1100989 }
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000990 /*
991 * If not in strict mode, add the key automatically to the
992 * local known_hosts file.
993 */
Damien Miller1227d4c2005-03-02 12:06:51 +1100994 if (options.check_host_ip && ip_status == HOST_NEW) {
Damien Millerd925dcd2010-12-01 12:21:51 +1100995 snprintf(hostline, sizeof(hostline), "%s,%s", host, ip);
Damien Miller1227d4c2005-03-02 12:06:51 +1100996 hostp = hostline;
997 if (options.hash_known_hosts) {
998 /* Add hash of host and IP separately */
Damien Miller295ee632011-05-29 21:42:31 +1000999 r = add_host_to_hostfile(user_hostfiles[0],
1000 host, host_key, options.hash_known_hosts) &&
1001 add_host_to_hostfile(user_hostfiles[0], ip,
Damien Miller1227d4c2005-03-02 12:06:51 +11001002 host_key, options.hash_known_hosts);
1003 } else {
1004 /* Add unhashed "host,ip" */
Damien Miller295ee632011-05-29 21:42:31 +10001005 r = add_host_to_hostfile(user_hostfiles[0],
Damien Miller1227d4c2005-03-02 12:06:51 +11001006 hostline, host_key,
1007 options.hash_known_hosts);
1008 }
1009 } else {
Damien Miller295ee632011-05-29 21:42:31 +10001010 r = add_host_to_hostfile(user_hostfiles[0], host,
1011 host_key, options.hash_known_hosts);
Damien Miller1227d4c2005-03-02 12:06:51 +11001012 hostp = host;
1013 }
1014
1015 if (!r)
Damien Miller996acd22003-04-09 20:59:48 +10001016 logit("Failed to add the host to the list of known "
Damien Miller295ee632011-05-29 21:42:31 +10001017 "hosts (%.500s).", user_hostfiles[0]);
Damien Miller95def091999-11-25 00:26:21 +11001018 else
Damien Miller996acd22003-04-09 20:59:48 +10001019 logit("Warning: Permanently added '%.200s' (%s) to the "
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001020 "list of known hosts.", hostp, type);
Damien Miller95def091999-11-25 00:26:21 +11001021 break;
Damien Miller1aed65e2010-03-04 21:53:35 +11001022 case HOST_REVOKED:
1023 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
1024 error("@ WARNING: REVOKED HOST KEY DETECTED! @");
1025 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
1026 error("The %s host key for %s is marked as revoked.", type, host);
1027 error("This could mean that a stolen key is being used to");
1028 error("impersonate this host.");
1029
1030 /*
1031 * If strict host key checking is in use, the user will have
1032 * to edit the key manually and we can only abort.
1033 */
1034 if (options.strict_host_key_checking) {
1035 error("%s host key for %.200s was revoked and you have "
1036 "requested strict checking.", type, host);
1037 goto fail;
1038 }
1039 goto continue_unsafe;
1040
Damien Miller95def091999-11-25 00:26:21 +11001041 case HOST_CHANGED:
Damien Miller0a80ca12010-02-27 07:55:05 +11001042 if (want_cert) {
1043 /*
1044 * This is only a debug() since it is valid to have
1045 * CAs with wildcard DNS matches that don't match
1046 * all hosts that one might visit.
1047 */
1048 debug("Host certificate authority does not "
Damien Millerd925dcd2010-12-01 12:21:51 +11001049 "match %s in %s:%lu", CA_MARKER,
1050 host_found->file, host_found->line);
Damien Miller0a80ca12010-02-27 07:55:05 +11001051 goto fail;
1052 }
Damien Millerda828392006-08-05 11:35:45 +10001053 if (readonly == ROQUIET)
1054 goto fail;
Damien Miller95def091999-11-25 00:26:21 +11001055 if (options.check_host_ip && host_ip_differ) {
Darren Tucker3f9fdc72004-06-22 12:56:01 +10001056 char *key_msg;
Damien Miller95def091999-11-25 00:26:21 +11001057 if (ip_status == HOST_NEW)
Darren Tucker3f9fdc72004-06-22 12:56:01 +10001058 key_msg = "is unknown";
Damien Miller95def091999-11-25 00:26:21 +11001059 else if (ip_status == HOST_OK)
Darren Tucker3f9fdc72004-06-22 12:56:01 +10001060 key_msg = "is unchanged";
Damien Miller95def091999-11-25 00:26:21 +11001061 else
Darren Tucker3f9fdc72004-06-22 12:56:01 +10001062 key_msg = "has a different value";
Damien Miller95def091999-11-25 00:26:21 +11001063 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
1064 error("@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @");
1065 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
Damien Millere247cc42000-05-07 12:03:14 +10001066 error("The %s host key for %s has changed,", type, host);
Darren Tuckerff4454d2008-06-13 10:21:51 +10001067 error("and the key for the corresponding IP address %s", ip);
Darren Tucker3f9fdc72004-06-22 12:56:01 +10001068 error("%s. This could either mean that", key_msg);
Damien Miller95def091999-11-25 00:26:21 +11001069 error("DNS SPOOFING is happening or the IP address for the host");
Ben Lindstrom46c16222000-12-22 01:43:59 +00001070 error("and its host key have changed at the same time.");
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00001071 if (ip_status != HOST_NEW)
Damien Millerd925dcd2010-12-01 12:21:51 +11001072 error("Offending key for IP in %s:%lu",
1073 ip_found->file, ip_found->line);
Damien Miller95def091999-11-25 00:26:21 +11001074 }
1075 /* The host key has changed. */
Damien Miller5a388972003-11-17 21:10:47 +11001076 warn_changed_key(host_key);
Damien Miller95def091999-11-25 00:26:21 +11001077 error("Add correct host key in %.100s to get rid of this message.",
Damien Miller295ee632011-05-29 21:42:31 +10001078 user_hostfiles[0]);
Damien Millerd925dcd2010-12-01 12:21:51 +11001079 error("Offending %s key in %s:%lu", key_type(host_found->key),
1080 host_found->file, host_found->line);
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001081
Damien Miller5428f641999-11-25 11:54:57 +11001082 /*
1083 * If strict host key checking is in use, the user will have
1084 * to edit the key manually and we can only abort.
1085 */
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001086 if (options.strict_host_key_checking) {
1087 error("%s host key for %.200s has changed and you have "
1088 "requested strict checking.", type, host);
1089 goto fail;
1090 }
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001091
Damien Miller1aed65e2010-03-04 21:53:35 +11001092 continue_unsafe:
Damien Miller5428f641999-11-25 11:54:57 +11001093 /*
1094 * If strict host key checking has not been requested, allow
Damien Miller941ac452003-06-04 20:31:53 +10001095 * the connection but without MITM-able authentication or
Damien Miller437edb92006-08-05 09:11:13 +10001096 * forwarding.
Damien Miller5428f641999-11-25 11:54:57 +11001097 */
Damien Miller95def091999-11-25 00:26:21 +11001098 if (options.password_authentication) {
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001099 error("Password authentication is disabled to avoid "
1100 "man-in-the-middle attacks.");
Damien Miller95def091999-11-25 00:26:21 +11001101 options.password_authentication = 0;
Darren Tucker068e01f2008-07-02 22:33:55 +10001102 cancelled_forwarding = 1;
Damien Miller95def091999-11-25 00:26:21 +11001103 }
Damien Miller941ac452003-06-04 20:31:53 +10001104 if (options.kbd_interactive_authentication) {
1105 error("Keyboard-interactive authentication is disabled"
1106 " to avoid man-in-the-middle attacks.");
1107 options.kbd_interactive_authentication = 0;
1108 options.challenge_response_authentication = 0;
Darren Tucker068e01f2008-07-02 22:33:55 +10001109 cancelled_forwarding = 1;
Damien Miller941ac452003-06-04 20:31:53 +10001110 }
1111 if (options.challenge_response_authentication) {
1112 error("Challenge/response authentication is disabled"
1113 " to avoid man-in-the-middle attacks.");
1114 options.challenge_response_authentication = 0;
Darren Tucker068e01f2008-07-02 22:33:55 +10001115 cancelled_forwarding = 1;
Damien Miller941ac452003-06-04 20:31:53 +10001116 }
Damien Miller95def091999-11-25 00:26:21 +11001117 if (options.forward_agent) {
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001118 error("Agent forwarding is disabled to avoid "
1119 "man-in-the-middle attacks.");
Damien Miller95def091999-11-25 00:26:21 +11001120 options.forward_agent = 0;
Darren Tucker068e01f2008-07-02 22:33:55 +10001121 cancelled_forwarding = 1;
Damien Miller95def091999-11-25 00:26:21 +11001122 }
Ben Lindstromc72745a2000-12-02 19:03:54 +00001123 if (options.forward_x11) {
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001124 error("X11 forwarding is disabled to avoid "
1125 "man-in-the-middle attacks.");
Ben Lindstromc72745a2000-12-02 19:03:54 +00001126 options.forward_x11 = 0;
Darren Tucker068e01f2008-07-02 22:33:55 +10001127 cancelled_forwarding = 1;
Ben Lindstromc72745a2000-12-02 19:03:54 +00001128 }
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001129 if (options.num_local_forwards > 0 ||
1130 options.num_remote_forwards > 0) {
1131 error("Port forwarding is disabled to avoid "
1132 "man-in-the-middle attacks.");
1133 options.num_local_forwards =
Damien Miller9f0f5c62001-12-21 14:45:46 +11001134 options.num_remote_forwards = 0;
Darren Tucker068e01f2008-07-02 22:33:55 +10001135 cancelled_forwarding = 1;
Ben Lindstromc72745a2000-12-02 19:03:54 +00001136 }
Damien Miller437edb92006-08-05 09:11:13 +10001137 if (options.tun_open != SSH_TUNMODE_NO) {
1138 error("Tunnel forwarding is disabled to avoid "
1139 "man-in-the-middle attacks.");
1140 options.tun_open = SSH_TUNMODE_NO;
Darren Tucker068e01f2008-07-02 22:33:55 +10001141 cancelled_forwarding = 1;
Damien Miller437edb92006-08-05 09:11:13 +10001142 }
Darren Tucker068e01f2008-07-02 22:33:55 +10001143 if (options.exit_on_forward_failure && cancelled_forwarding)
1144 fatal("Error: forwarding disabled due to host key "
1145 "check failure");
1146
Damien Miller5428f641999-11-25 11:54:57 +11001147 /*
1148 * XXX Should permit the user to change to use the new id.
1149 * This could be done by converting the host key to an
1150 * identifying sentence, tell that the host identifies itself
Darren Tuckere2b36742010-01-13 22:42:34 +11001151 * by that sentence, and ask the user if he/she wishes to
Damien Miller5428f641999-11-25 11:54:57 +11001152 * accept the authentication.
1153 */
Damien Miller95def091999-11-25 00:26:21 +11001154 break;
Ben Lindstrom3ed66402002-08-01 01:21:56 +00001155 case HOST_FOUND:
1156 fatal("internal error");
1157 break;
Damien Miller95def091999-11-25 00:26:21 +11001158 }
Ben Lindstromc72745a2000-12-02 19:03:54 +00001159
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00001160 if (options.check_host_ip && host_status != HOST_CHANGED &&
1161 ip_status == HOST_CHANGED) {
Damien Miller49d795c2002-01-22 23:34:12 +11001162 snprintf(msg, sizeof(msg),
1163 "Warning: the %s host key for '%.200s' "
1164 "differs from the key for the IP address '%.128s'"
Damien Millerd925dcd2010-12-01 12:21:51 +11001165 "\nOffending key for IP in %s:%lu",
1166 type, host, ip, ip_found->file, ip_found->line);
Damien Miller49d795c2002-01-22 23:34:12 +11001167 if (host_status == HOST_OK) {
1168 len = strlen(msg);
1169 snprintf(msg + len, sizeof(msg) - len,
Damien Millerd925dcd2010-12-01 12:21:51 +11001170 "\nMatching host key in %s:%lu",
1171 host_found->file, host_found->line);
Damien Miller49d795c2002-01-22 23:34:12 +11001172 }
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00001173 if (options.strict_host_key_checking == 1) {
Damien Millerab2db412003-06-02 19:09:13 +10001174 logit("%s", msg);
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001175 error("Exiting, you have requested strict checking.");
1176 goto fail;
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00001177 } else if (options.strict_host_key_checking == 2) {
Damien Miller49d795c2002-01-22 23:34:12 +11001178 strlcat(msg, "\nAre you sure you want "
1179 "to continue connecting (yes/no)? ", sizeof(msg));
1180 if (!confirm(msg))
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001181 goto fail;
Damien Miller49d795c2002-01-22 23:34:12 +11001182 } else {
Damien Millerab2db412003-06-02 19:09:13 +10001183 logit("%s", msg);
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00001184 }
1185 }
1186
Darren Tuckera627d422013-06-02 07:31:17 +10001187 free(ip);
1188 free(host);
Damien Millerd925dcd2010-12-01 12:21:51 +11001189 if (host_hostkeys != NULL)
1190 free_hostkeys(host_hostkeys);
1191 if (ip_hostkeys != NULL)
1192 free_hostkeys(ip_hostkeys);
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001193 return 0;
1194
1195fail:
Damien Miller1aed65e2010-03-04 21:53:35 +11001196 if (want_cert && host_status != HOST_REVOKED) {
Damien Miller0a80ca12010-02-27 07:55:05 +11001197 /*
1198 * No matching certificate. Downgrade cert to raw key and
1199 * search normally.
1200 */
1201 debug("No matching CA found. Retry with plain key");
1202 raw_key = key_from_private(host_key);
1203 if (key_drop_cert(raw_key) != 0)
1204 fatal("Couldn't drop certificate");
1205 host_key = raw_key;
1206 goto retry;
1207 }
1208 if (raw_key != NULL)
1209 key_free(raw_key);
Darren Tuckera627d422013-06-02 07:31:17 +10001210 free(ip);
1211 free(host);
Damien Millerd925dcd2010-12-01 12:21:51 +11001212 if (host_hostkeys != NULL)
1213 free_hostkeys(host_hostkeys);
1214 if (ip_hostkeys != NULL)
1215 free_hostkeys(ip_hostkeys);
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001216 return -1;
1217}
1218
Damien Miller37876e92003-05-15 10:19:46 +10001219/* returns 0 if key verifies or -1 if key does NOT verify */
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001220int
1221verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
1222{
Damien Miller6b37fbb2014-07-04 08:59:24 +10001223 int r = -1, flags = 0;
djm@openbsd.org5e39a492014-12-04 02:24:32 +00001224 char *fp = NULL;
1225 struct sshkey *plain = NULL;
Damien Millerd925dcd2010-12-01 12:21:51 +11001226
djm@openbsd.org5e39a492014-12-04 02:24:32 +00001227 if ((fp = sshkey_fingerprint(host_key,
1228 SSH_FP_MD5, SSH_FP_HEX)) == NULL) {
1229 error("%s: fingerprint host key: %s", __func__, ssh_err(r));
1230 r = -1;
1231 goto out;
1232 }
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001233
djm@openbsd.org5e39a492014-12-04 02:24:32 +00001234 debug("Server host key: %s %s", sshkey_type(host_key), fp);
1235
1236 if (sshkey_equal(previous_host_key, host_key)) {
1237 debug2("%s: server host key %s %s matches cached key",
1238 __func__, sshkey_type(host_key), fp);
1239 r = 0;
1240 goto out;
1241 }
1242
1243 /* Check in RevokedHostKeys file if specified */
1244 if (options.revoked_host_keys != NULL) {
1245 r = sshkey_check_revoked(host_key, options.revoked_host_keys);
1246 switch (r) {
1247 case 0:
1248 break; /* not revoked */
1249 case SSH_ERR_KEY_REVOKED:
1250 error("Host key %s %s revoked by file %s",
1251 sshkey_type(host_key), fp,
1252 options.revoked_host_keys);
1253 r = -1;
1254 goto out;
1255 default:
1256 error("Error checking host key %s %s in "
1257 "revoked keys file %s: %s", sshkey_type(host_key),
1258 fp, options.revoked_host_keys, ssh_err(r));
1259 r = -1;
1260 goto out;
1261 }
Damien Miller6b37fbb2014-07-04 08:59:24 +10001262 }
1263
Damien Miller7d6a9fb2014-04-20 13:23:43 +10001264 if (options.verify_host_key_dns) {
1265 /*
1266 * XXX certs are not yet supported for DNS, so downgrade
1267 * them and try the plain key.
1268 */
djm@openbsd.org5e39a492014-12-04 02:24:32 +00001269 if ((r = sshkey_from_private(host_key, &plain)) != 0)
1270 goto out;
1271 if (sshkey_is_cert(plain))
1272 sshkey_drop_cert(plain);
Damien Miller7d6a9fb2014-04-20 13:23:43 +10001273 if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) {
1274 if (flags & DNS_VERIFY_FOUND) {
1275 if (options.verify_host_key_dns == 1 &&
1276 flags & DNS_VERIFY_MATCH &&
1277 flags & DNS_VERIFY_SECURE) {
Damien Miller6b37fbb2014-07-04 08:59:24 +10001278 r = 0;
djm@openbsd.org5e39a492014-12-04 02:24:32 +00001279 goto out;
Damien Miller7d6a9fb2014-04-20 13:23:43 +10001280 }
1281 if (flags & DNS_VERIFY_MATCH) {
1282 matching_host_key_dns = 1;
1283 } else {
1284 warn_changed_key(plain);
1285 error("Update the SSHFP RR in DNS "
1286 "with the new host key to get rid "
1287 "of this message.");
1288 }
Damien Miller150b5572003-11-17 21:19:29 +11001289 }
Damien Miller37876e92003-05-15 10:19:46 +10001290 }
1291 }
Damien Miller6b37fbb2014-07-04 08:59:24 +10001292 r = check_host_key(host, hostaddr, options.port, host_key, RDRW,
Damien Miller295ee632011-05-29 21:42:31 +10001293 options.user_hostfiles, options.num_user_hostfiles,
1294 options.system_hostfiles, options.num_system_hostfiles);
Damien Miller6b37fbb2014-07-04 08:59:24 +10001295
djm@openbsd.org5e39a492014-12-04 02:24:32 +00001296out:
1297 sshkey_free(plain);
1298 free(fp);
Damien Miller6b37fbb2014-07-04 08:59:24 +10001299 if (r == 0 && host_key != NULL) {
1300 key_free(previous_host_key);
1301 previous_host_key = key_from_private(host_key);
1302 }
1303
1304 return r;
Damien Millera34a28b1999-12-14 10:47:15 +11001305}
Damien Miller037a0dc1999-12-07 15:38:31 +11001306
Damien Miller396691a2000-01-20 22:44:08 +11001307/*
1308 * Starts a dialog with the server, and authenticates the current user on the
1309 * server. This does not need any extra privileges. The basic connection
1310 * to the server must already have been established before this is called.
1311 * If login fails, this function prints an error and never returns.
1312 * This function does not require super-user privileges.
1313 */
1314void
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001315ssh_login(Sensitive *sensitive, const char *orighost,
Damien Millerd925dcd2010-12-01 12:21:51 +11001316 struct sockaddr *hostaddr, u_short port, struct passwd *pw, int timeout_ms)
Damien Miller396691a2000-01-20 22:44:08 +11001317{
Damien Miller0faf7472013-10-17 11:47:23 +11001318 char *host;
Damien Millereba71ba2000-04-29 23:57:08 +10001319 char *server_user, *local_user;
1320
Damien Millereba71ba2000-04-29 23:57:08 +10001321 local_user = xstrdup(pw->pw_name);
1322 server_user = options.user ? options.user : local_user;
Damien Miller396691a2000-01-20 22:44:08 +11001323
1324 /* Convert the user-supplied hostname into all lowercase. */
1325 host = xstrdup(orighost);
Damien Miller0faf7472013-10-17 11:47:23 +11001326 lowercase(host);
Damien Miller396691a2000-01-20 22:44:08 +11001327
1328 /* Exchange protocol version identification strings with the server. */
Damien Miller67bd0622007-09-17 12:06:57 +10001329 ssh_exchange_identification(timeout_ms);
Damien Miller396691a2000-01-20 22:44:08 +11001330
1331 /* Put the connection into non-blocking mode. */
1332 packet_set_nonblocking();
1333
Damien Miller396691a2000-01-20 22:44:08 +11001334 /* key exchange */
Damien Miller396691a2000-01-20 22:44:08 +11001335 /* authenticate user */
Damien Miller1383bd82000-04-06 12:32:37 +10001336 if (compat20) {
Damien Millerd925dcd2010-12-01 12:21:51 +11001337 ssh_kex2(host, hostaddr, port);
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001338 ssh_userauth2(local_user, server_user, host, sensitive);
Damien Miller1383bd82000-04-06 12:32:37 +10001339 } else {
Damien Miller1f0311c2014-05-15 14:24:09 +10001340#ifdef WITH_SSH1
Damien Miller1383bd82000-04-06 12:32:37 +10001341 ssh_kex(host, hostaddr);
Ben Lindstrom1bad2562002-06-06 19:57:33 +00001342 ssh_userauth1(local_user, server_user, host, sensitive);
Damien Miller1f0311c2014-05-15 14:24:09 +10001343#else
1344 fatal("ssh1 is not unsupported");
1345#endif
Damien Miller1383bd82000-04-06 12:32:37 +10001346 }
Darren Tuckera627d422013-06-02 07:31:17 +10001347 free(local_user);
Damien Miller396691a2000-01-20 22:44:08 +11001348}
Damien Miller79438cc2001-02-16 12:34:57 +11001349
1350void
1351ssh_put_password(char *password)
1352{
1353 int size;
1354 char *padded;
1355
Ben Lindstromd20d0f32001-03-10 17:22:20 +00001356 if (datafellows & SSH_BUG_PASSWORDPAD) {
Ben Lindstrom664408d2001-06-09 01:42:01 +00001357 packet_put_cstring(password);
Ben Lindstromd20d0f32001-03-10 17:22:20 +00001358 return;
1359 }
Damien Miller79438cc2001-02-16 12:34:57 +11001360 size = roundup(strlen(password) + 1, 32);
Damien Miller07d86be2006-03-26 14:19:21 +11001361 padded = xcalloc(1, size);
Damien Miller79438cc2001-02-16 12:34:57 +11001362 strlcpy(padded, password, size);
1363 packet_put_string(padded, size);
Damien Millera5103f42014-02-04 11:20:14 +11001364 explicit_bzero(padded, size);
Darren Tuckera627d422013-06-02 07:31:17 +10001365 free(padded);
Damien Miller79438cc2001-02-16 12:34:57 +11001366}
Ben Lindstrom3ed66402002-08-01 01:21:56 +00001367
Ben Lindstrom3ed66402002-08-01 01:21:56 +00001368/* print all known host keys for a given host, but skip keys of given type */
1369static int
Damien Millerd925dcd2010-12-01 12:21:51 +11001370show_other_keys(struct hostkeys *hostkeys, Key *key)
Ben Lindstrom3ed66402002-08-01 01:21:56 +00001371{
Damien Miller106bf1c2013-12-29 17:54:03 +11001372 int type[] = {
1373 KEY_RSA1,
1374 KEY_RSA,
1375 KEY_DSA,
1376 KEY_ECDSA,
1377 KEY_ED25519,
1378 -1
1379 };
Damien Millerd925dcd2010-12-01 12:21:51 +11001380 int i, ret = 0;
1381 char *fp, *ra;
1382 const struct hostkey_entry *found;
Ben Lindstrom3ed66402002-08-01 01:21:56 +00001383
1384 for (i = 0; type[i] != -1; i++) {
1385 if (type[i] == key->type)
1386 continue;
Damien Millerd925dcd2010-12-01 12:21:51 +11001387 if (!lookup_key_in_hostkeys_by_type(hostkeys, type[i], &found))
Ben Lindstrom3ed66402002-08-01 01:21:56 +00001388 continue;
Damien Millerd925dcd2010-12-01 12:21:51 +11001389 fp = key_fingerprint(found->key, SSH_FP_MD5, SSH_FP_HEX);
1390 ra = key_fingerprint(found->key, SSH_FP_MD5, SSH_FP_RANDOMART);
1391 logit("WARNING: %s key found for host %s\n"
1392 "in %s:%lu\n"
1393 "%s key fingerprint %s.",
1394 key_type(found->key),
1395 found->host, found->file, found->line,
1396 key_type(found->key), fp);
1397 if (options.visual_host_key)
1398 logit("%s", ra);
Darren Tuckera627d422013-06-02 07:31:17 +10001399 free(ra);
1400 free(fp);
Damien Millerd925dcd2010-12-01 12:21:51 +11001401 ret = 1;
Ben Lindstrom3ed66402002-08-01 01:21:56 +00001402 }
Damien Millerd925dcd2010-12-01 12:21:51 +11001403 return ret;
Ben Lindstrom3ed66402002-08-01 01:21:56 +00001404}
Damien Miller5a388972003-11-17 21:10:47 +11001405
1406static void
1407warn_changed_key(Key *host_key)
1408{
1409 char *fp;
Damien Miller5a388972003-11-17 21:10:47 +11001410
1411 fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
1412
1413 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
1414 error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @");
1415 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
1416 error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");
1417 error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
Damien Miller05c89972011-01-06 22:42:04 +11001418 error("It is also possible that a host key has just been changed.");
Damien Miller5a388972003-11-17 21:10:47 +11001419 error("The fingerprint for the %s key sent by the remote host is\n%s.",
Damien Miller05c89972011-01-06 22:42:04 +11001420 key_type(host_key), fp);
Damien Miller5a388972003-11-17 21:10:47 +11001421 error("Please contact your system administrator.");
1422
Darren Tuckera627d422013-06-02 07:31:17 +10001423 free(fp);
Damien Miller5a388972003-11-17 21:10:47 +11001424}
Damien Millerd27b9472005-12-13 19:29:02 +11001425
1426/*
1427 * Execute a local command
1428 */
1429int
1430ssh_local_cmd(const char *args)
1431{
1432 char *shell;
1433 pid_t pid;
1434 int status;
Damien Millered3a8eb2011-01-07 10:02:52 +11001435 void (*osighand)(int);
Damien Millerd27b9472005-12-13 19:29:02 +11001436
1437 if (!options.permit_local_command ||
1438 args == NULL || !*args)
1439 return (1);
1440
Damien Miller38d9a962010-10-07 22:07:11 +11001441 if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
Damien Millerd27b9472005-12-13 19:29:02 +11001442 shell = _PATH_BSHELL;
1443
Damien Millered3a8eb2011-01-07 10:02:52 +11001444 osighand = signal(SIGCHLD, SIG_DFL);
Damien Millerd27b9472005-12-13 19:29:02 +11001445 pid = fork();
1446 if (pid == 0) {
Damien Miller6fb6fd52011-01-16 23:17:45 +11001447 signal(SIGPIPE, SIG_DFL);
Damien Millerd27b9472005-12-13 19:29:02 +11001448 debug3("Executing %s -c \"%s\"", shell, args);
1449 execl(shell, shell, "-c", args, (char *)NULL);
1450 error("Couldn't execute %s -c \"%s\": %s",
1451 shell, args, strerror(errno));
1452 _exit(1);
1453 } else if (pid == -1)
1454 fatal("fork failed: %.100s", strerror(errno));
1455 while (waitpid(pid, &status, 0) == -1)
1456 if (errno != EINTR)
1457 fatal("Couldn't wait for child: %s", strerror(errno));
Damien Millered3a8eb2011-01-07 10:02:52 +11001458 signal(SIGCHLD, osighand);
Damien Millerd27b9472005-12-13 19:29:02 +11001459
1460 if (!WIFEXITED(status))
1461 return (1);
1462
1463 return (WEXITSTATUS(status));
1464}