Mercurial > dropbear
annotate cli-kex.c @ 1930:299f4f19ba19
Add /usr/sbin and /sbin to default root PATH
When dropbear is used in a very restricted environment (such as in a
initrd), the default user shell is often also very restricted
and doesn't take care of setting the PATH so the user ends up
with the PATH set by dropbear. Unfortunately, dropbear always
sets "/usr/bin:/bin" as default PATH even for the root user
which should have /usr/sbin and /sbin too.
For a concrete instance of this problem, see the "Remote Unlocking"
section in this tutorial: https://paxswill.com/blog/2013/11/04/encrypted-raspberry-pi/
It speaks of a bug in the initramfs script because it's written "blkid"
instead of "/sbin/blkid"... this is just because the scripts from the
initramfs do not expect to have a PATH without the sbin directories and
because dropbear is not setting the PATH appropriately for the root user.
I'm thus suggesting to use the attached patch to fix this misbehaviour (I
did not test it, but it's easy enough). It might seem anecdotic but
multiple Kali users have been bitten by this.
From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903403
author | Raphael Hertzog <hertzog@debian.org> |
---|---|
date | Mon, 09 Jul 2018 16:27:53 +0200 |
parents | 6e71440b1e47 |
children | 62ae35ff833e |
rev | line source |
---|---|
26 | 1 /* |
2 * Dropbear - a SSH2 server | |
3 * | |
74
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
59
diff
changeset
|
4 * Copyright (c) 2002-2004 Matt Johnston |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
59
diff
changeset
|
5 * Copyright (c) 2004 by Mihnea Stoenescu |
26 | 6 * All rights reserved. |
7 * | |
8 * Permission is hereby granted, free of charge, to any person obtaining a copy | |
9 * of this software and associated documentation files (the "Software"), to deal | |
10 * in the Software without restriction, including without limitation the rights | |
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
12 * copies of the Software, and to permit persons to whom the Software is | |
13 * furnished to do so, subject to the following conditions: | |
14 * | |
15 * The above copyright notice and this permission notice shall be included in | |
16 * all copies or substantial portions of the Software. | |
17 * | |
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | |
24 * SOFTWARE. */ | |
25 | |
26 #include "includes.h" | |
27 #include "session.h" | |
28 #include "dbutil.h" | |
29 #include "algo.h" | |
30 #include "buffer.h" | |
31 #include "session.h" | |
32 #include "kex.h" | |
33 #include "ssh.h" | |
34 #include "packet.h" | |
35 #include "bignum.h" | |
858
220f55d540ae
rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents:
850
diff
changeset
|
36 #include "dbrandom.h" |
26 | 37 #include "runopts.h" |
33 | 38 #include "signkey.h" |
761
ac2158e3e403
ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents:
759
diff
changeset
|
39 #include "ecc.h" |
26 | 40 |
41 | |
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
42 static void checkhostkey(const unsigned char* keyblob, unsigned int keybloblen); |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
43 #define MAX_KNOWNHOSTS_LINE 4500 |
26 | 44 |
45 void send_msg_kexdh_init() { | |
739
d44325108d0e
first_kex_packet_follows working, needs tidying
Matt Johnston <matt@ucc.asn.au>
parents:
723
diff
changeset
|
46 TRACE(("send_msg_kexdh_init()")) |
26 | 47 |
48 CHECKCLEARTOWRITE(); | |
1742
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
49 |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
50 #if DROPBEAR_FUZZ |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
51 if (fuzz.fuzzing && fuzz.skip_kexmaths) { |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
52 return; |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
53 } |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
54 #endif |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
55 |
26 | 56 buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_INIT); |
848 | 57 switch (ses.newkeys->algo_kex->mode) { |
1294
56aba7dedbea
options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents:
1257
diff
changeset
|
58 #if DROPBEAR_NORMAL_DH |
848 | 59 case DROPBEAR_KEX_NORMAL_DH: |
60 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo | |
61 || !cli_ses.dh_param) { | |
62 if (cli_ses.dh_param) { | |
63 free_kexdh_param(cli_ses.dh_param); | |
64 } | |
65 cli_ses.dh_param = gen_kexdh_param(); | |
801 | 66 } |
848 | 67 buf_putmpint(ses.writepayload, &cli_ses.dh_param->pub); |
68 break; | |
1294
56aba7dedbea
options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents:
1257
diff
changeset
|
69 #endif |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
70 #if DROPBEAR_ECDH |
848 | 71 case DROPBEAR_KEX_ECDH: |
72 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo | |
73 || !cli_ses.ecdh_param) { | |
74 if (cli_ses.ecdh_param) { | |
75 free_kexecdh_param(cli_ses.ecdh_param); | |
76 } | |
77 cli_ses.ecdh_param = gen_kexecdh_param(); | |
801 | 78 } |
848 | 79 buf_put_ecc_raw_pubkey_string(ses.writepayload, &cli_ses.ecdh_param->key); |
1294
56aba7dedbea
options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents:
1257
diff
changeset
|
80 break; |
755
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
723
diff
changeset
|
81 #endif |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
82 #if DROPBEAR_CURVE25519 |
848 | 83 case DROPBEAR_KEX_CURVE25519: |
84 if (ses.newkeys->algo_kex != cli_ses.param_kex_algo | |
85 || !cli_ses.curve25519_param) { | |
86 if (cli_ses.curve25519_param) { | |
87 free_kexcurve25519_param(cli_ses.curve25519_param); | |
88 } | |
89 cli_ses.curve25519_param = gen_kexcurve25519_param(); | |
90 } | |
1659
d32bcb5c557d
Add Ed25519 support (#91)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents:
1459
diff
changeset
|
91 buf_putstring(ses.writepayload, cli_ses.curve25519_param->pub, CURVE25519_LEN); |
1294
56aba7dedbea
options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents:
1257
diff
changeset
|
92 break; |
848 | 93 #endif |
755
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
723
diff
changeset
|
94 } |
848 | 95 |
801 | 96 cli_ses.param_kex_algo = ses.newkeys->algo_kex; |
26 | 97 encrypt_packet(); |
98 } | |
99 | |
100 /* Handle a diffie-hellman key exchange reply. */ | |
101 void recv_msg_kexdh_reply() { | |
102 | |
103 sign_key *hostkey = NULL; | |
1674
ba6fc7afe1c5
use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents:
1659
diff
changeset
|
104 unsigned int keytype, keybloblen; |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
105 unsigned char* keyblob = NULL; |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
106 |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
107 TRACE(("enter recv_msg_kexdh_reply")) |
1742
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
108 |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
109 #if DROPBEAR_FUZZ |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
110 if (fuzz.fuzzing && fuzz.skip_kexmaths) { |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
111 return; |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
112 } |
6e71440b1e47
Add fuzzer-client_nomaths, fix client fuzzer
Matt Johnston <matt@ucc.asn.au>
parents:
1702
diff
changeset
|
113 #endif |
84
29a5c7c62350
default initialisers for mp_ints
Matt Johnston <matt@ucc.asn.au>
parents:
80
diff
changeset
|
114 |
29a5c7c62350
default initialisers for mp_ints
Matt Johnston <matt@ucc.asn.au>
parents:
80
diff
changeset
|
115 if (cli_ses.kex_state != KEXDH_INIT_SENT) { |
29a5c7c62350
default initialisers for mp_ints
Matt Johnston <matt@ucc.asn.au>
parents:
80
diff
changeset
|
116 dropbear_exit("Received out-of-order kexdhreply"); |
29a5c7c62350
default initialisers for mp_ints
Matt Johnston <matt@ucc.asn.au>
parents:
80
diff
changeset
|
117 } |
1674
ba6fc7afe1c5
use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents:
1659
diff
changeset
|
118 keytype = ses.newkeys->algo_hostkey; |
ba6fc7afe1c5
use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents:
1659
diff
changeset
|
119 TRACE(("keytype is %d", keytype)) |
26 | 120 |
121 hostkey = new_sign_key(); | |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
122 keybloblen = buf_getint(ses.payload); |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
123 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
124 keyblob = buf_getptr(ses.payload, keybloblen); |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
125 if (!ses.kexstate.donefirstkex) { |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
126 /* Only makes sense the first time */ |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
127 checkhostkey(keyblob, keybloblen); |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
128 } |
34
e2a1eaa19f22
Client mostly works up to password auth
Matt Johnston <matt@ucc.asn.au>
parents:
33
diff
changeset
|
129 |
1674
ba6fc7afe1c5
use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents:
1659
diff
changeset
|
130 if (buf_get_pub_key(ses.payload, hostkey, &keytype) != DROPBEAR_SUCCESS) { |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
131 TRACE(("failed getting pubkey")) |
26 | 132 dropbear_exit("Bad KEX packet"); |
133 } | |
134 | |
848 | 135 switch (ses.newkeys->algo_kex->mode) { |
1294
56aba7dedbea
options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents:
1257
diff
changeset
|
136 #if DROPBEAR_NORMAL_DH |
848 | 137 case DROPBEAR_KEX_NORMAL_DH: |
138 { | |
139 DEF_MP_INT(dh_f); | |
140 m_mp_init(&dh_f); | |
141 if (buf_getmpint(ses.payload, &dh_f) != DROPBEAR_SUCCESS) { | |
142 TRACE(("failed getting mpint")) | |
143 dropbear_exit("Bad KEX packet"); | |
144 } | |
26 | 145 |
848 | 146 kexdh_comb_key(cli_ses.dh_param, &dh_f, hostkey); |
147 mp_clear(&dh_f); | |
148 } | |
149 break; | |
1294
56aba7dedbea
options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents:
1257
diff
changeset
|
150 #endif |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
151 #if DROPBEAR_ECDH |
848 | 152 case DROPBEAR_KEX_ECDH: |
153 { | |
154 buffer *ecdh_qs = buf_getstringbuf(ses.payload); | |
155 kexecdh_comb_key(cli_ses.ecdh_param, ecdh_qs, hostkey); | |
156 buf_free(ecdh_qs); | |
157 } | |
1294
56aba7dedbea
options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents:
1257
diff
changeset
|
158 break; |
755
b07eb3dc23ec
refactor kexdh code a bit, start working on ecdh etc
Matt Johnston <matt@ucc.asn.au>
parents:
723
diff
changeset
|
159 #endif |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
160 #if DROPBEAR_CURVE25519 |
848 | 161 case DROPBEAR_KEX_CURVE25519: |
162 { | |
163 buffer *ecdh_qs = buf_getstringbuf(ses.payload); | |
164 kexcurve25519_comb_key(cli_ses.curve25519_param, ecdh_qs, hostkey); | |
165 buf_free(ecdh_qs); | |
166 } | |
1294
56aba7dedbea
options for disabling "normal" DH
Matt Johnston <matt@ucc.asn.au>
parents:
1257
diff
changeset
|
167 break; |
848 | 168 #endif |
26 | 169 } |
170 | |
1702
8f93f37c01de
Allow DH to be completely disabled (#97)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents:
1681
diff
changeset
|
171 #if DROPBEAR_NORMAL_DH |
801 | 172 if (cli_ses.dh_param) { |
173 free_kexdh_param(cli_ses.dh_param); | |
174 cli_ses.dh_param = NULL; | |
175 } | |
1702
8f93f37c01de
Allow DH to be completely disabled (#97)
Vladislav Grishenko <themiron@users.noreply.github.com>
parents:
1681
diff
changeset
|
176 #endif |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
177 #if DROPBEAR_ECDH |
801 | 178 if (cli_ses.ecdh_param) { |
179 free_kexecdh_param(cli_ses.ecdh_param); | |
180 cli_ses.ecdh_param = NULL; | |
181 } | |
182 #endif | |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1294
diff
changeset
|
183 #if DROPBEAR_CURVE25519 |
848 | 184 if (cli_ses.curve25519_param) { |
185 free_kexcurve25519_param(cli_ses.curve25519_param); | |
186 cli_ses.curve25519_param = NULL; | |
187 } | |
188 #endif | |
26 | 189 |
801 | 190 cli_ses.param_kex_algo = NULL; |
1674
ba6fc7afe1c5
use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents:
1659
diff
changeset
|
191 if (buf_verify(ses.payload, hostkey, ses.newkeys->algo_signature, |
ba6fc7afe1c5
use sigtype where appropriate
Matt Johnston <matt@ucc.asn.au>
parents:
1659
diff
changeset
|
192 ses.hash) != DROPBEAR_SUCCESS) { |
26 | 193 dropbear_exit("Bad hostkey signature"); |
194 } | |
195 | |
196 sign_key_free(hostkey); | |
197 hostkey = NULL; | |
198 | |
199 send_msg_newkeys(); | |
886
cbc73a5aefb0
requirenext doesn't need two values
Matt Johnston <matt@ucc.asn.au>
parents:
885
diff
changeset
|
200 ses.requirenext = SSH_MSG_NEWKEYS; |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
201 TRACE(("leave recv_msg_kexdh_init")) |
26 | 202 } |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
203 |
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
204 static void ask_to_confirm(const unsigned char* keyblob, unsigned int keybloblen, |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
205 const char* algoname) { |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
206 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
207 char* fp = NULL; |
170
a62cb364f615
Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
208 FILE *tty = NULL; |
1257
8291fc87273e
Fix truncated type for getc() at confirmation prompt
Matt Johnston <matt@ucc.asn.au>
parents:
1213
diff
changeset
|
209 int response = 'z'; |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
210 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
211 fp = sign_key_fingerprint(keyblob, keybloblen); |
418
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
212 if (cli_opts.always_accept_key) { |
1213
7fd1211a1f63
Use dropbear_log instead of some fprintf's in client code.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
213 dropbear_log(LOG_INFO, "\nHost '%s' key accepted unconditionally.\n(%s fingerprint %s)\n", |
418
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
214 cli_opts.remotehost, |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
215 algoname, |
418
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
216 fp); |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
217 m_free(fp); |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
218 return; |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
219 } |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
220 fprintf(stderr, "\nHost '%s' is not in the trusted hosts file.\n(%s fingerprint %s)\nDo you want to continue connecting? (y/n) ", |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
221 cli_opts.remotehost, |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
222 algoname, |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
223 fp); |
340 | 224 m_free(fp); |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
225 |
170
a62cb364f615
Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
226 tty = fopen(_PATH_TTY, "r"); |
a62cb364f615
Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
227 if (tty) { |
a62cb364f615
Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
228 response = getc(tty); |
a62cb364f615
Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
229 fclose(tty); |
a62cb364f615
Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
230 } else { |
a62cb364f615
Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
231 response = getc(stdin); |
a62cb364f615
Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
232 } |
a62cb364f615
Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
233 |
a62cb364f615
Read "y/n" response for fingerprints from /dev/tty directly so that dbclient
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
234 if (response == 'y') { |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
235 return; |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
236 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
237 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
238 dropbear_exit("Didn't validate host key"); |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
239 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
240 |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
241 static FILE* open_known_hosts_file(int * readonly) |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
242 { |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
243 FILE * hostsfile = NULL; |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
244 char * filename = NULL; |
318
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
245 char * homedir = NULL; |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
246 |
322
84aa4e60bd3c
Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
318
diff
changeset
|
247 homedir = getenv("HOME"); |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
248 |
322
84aa4e60bd3c
Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
318
diff
changeset
|
249 if (!homedir) { |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
250 struct passwd * pw = NULL; |
322
84aa4e60bd3c
Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
318
diff
changeset
|
251 pw = getpwuid(getuid()); |
84aa4e60bd3c
Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
318
diff
changeset
|
252 if (pw) { |
84aa4e60bd3c
Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
318
diff
changeset
|
253 homedir = pw->pw_dir; |
84aa4e60bd3c
Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
318
diff
changeset
|
254 } |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
255 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
256 |
318
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
257 if (homedir) { |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
258 unsigned int len; |
318
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
259 len = strlen(homedir); |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
260 filename = m_malloc(len + 18); /* "/.ssh/known_hosts" and null-terminator*/ |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
261 |
318
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
262 snprintf(filename, len+18, "%s/.ssh", homedir); |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
263 /* Check that ~/.ssh exists - easiest way is just to mkdir */ |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
264 if (mkdir(filename, S_IRWXU) != 0) { |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
265 if (errno != EEXIST) { |
322
84aa4e60bd3c
Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
318
diff
changeset
|
266 dropbear_log(LOG_INFO, "Warning: failed creating %s/.ssh: %s", |
84aa4e60bd3c
Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
318
diff
changeset
|
267 homedir, strerror(errno)); |
318
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
268 TRACE(("mkdir didn't work: %s", strerror(errno))) |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
269 goto out; |
318
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
270 } |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
271 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
272 |
318
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
273 snprintf(filename, len+18, "%s/.ssh/known_hosts", homedir); |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
274 hostsfile = fopen(filename, "a+"); |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
275 |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
276 if (hostsfile != NULL) { |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
277 *readonly = 0; |
318
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
278 fseek(hostsfile, 0, SEEK_SET); |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
279 } else { |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
280 /* We mightn't have been able to open it if it was read-only */ |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
281 if (errno == EACCES || errno == EROFS) { |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
282 TRACE(("trying readonly: %s", strerror(errno))) |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
283 *readonly = 1; |
318
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
284 hostsfile = fopen(filename, "r"); |
9916350d7d8b
don't fail fatally if the client can't get homedir from getpwuid(), fallback
Matt Johnston <matt@ucc.asn.au>
parents:
170
diff
changeset
|
285 } |
106
e13f8a712a1c
Fix if the first write fails
Matt Johnston <matt@ucc.asn.au>
parents:
84
diff
changeset
|
286 } |
59
bdc97a5719f4
add new entries to known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
51
diff
changeset
|
287 } |
bdc97a5719f4
add new entries to known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
51
diff
changeset
|
288 |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
289 if (hostsfile == NULL) { |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
290 TRACE(("hostsfile didn't open: %s", strerror(errno))) |
322
84aa4e60bd3c
Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
318
diff
changeset
|
291 dropbear_log(LOG_WARNING, "Failed to open %s/.ssh/known_hosts", |
84aa4e60bd3c
Look at HOME before /etc/passwd when looking for ~/.ssh/known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
318
diff
changeset
|
292 homedir); |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
293 goto out; |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
294 } |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
295 |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
296 out: |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
297 m_free(filename); |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
298 return hostsfile; |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
299 } |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
300 |
1459
06d52bcb8094
Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
301 static void checkhostkey(const unsigned char* keyblob, unsigned int keybloblen) { |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
302 |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
303 FILE *hostsfile = NULL; |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
304 int readonly = 0; |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
305 unsigned int hostlen, algolen; |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
306 unsigned long len; |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
307 const char *algoname = NULL; |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
308 char * fingerprint = NULL; |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
309 buffer * line = NULL; |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
310 int ret; |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
311 |
772
7fc0aeada79c
-y -y to disable hostkey checking
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
312 if (cli_opts.no_hostkey_check) { |
1213
7fd1211a1f63
Use dropbear_log instead of some fprintf's in client code.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1124
diff
changeset
|
313 dropbear_log(LOG_INFO, "Caution, skipping hostkey check for %s\n", cli_opts.remotehost); |
772
7fc0aeada79c
-y -y to disable hostkey checking
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
314 return; |
7fc0aeada79c
-y -y to disable hostkey checking
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
315 } |
7fc0aeada79c
-y -y to disable hostkey checking
Matt Johnston <matt@ucc.asn.au>
parents:
568
diff
changeset
|
316 |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
317 algoname = signkey_name_from_type(ses.newkeys->algo_hostkey, &algolen); |
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
318 |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
319 hostsfile = open_known_hosts_file(&readonly); |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
320 if (!hostsfile) { |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
321 ask_to_confirm(keyblob, keybloblen, algoname); |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
322 /* ask_to_confirm will exit upon failure */ |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
323 return; |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
324 } |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
325 |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
326 line = buf_new(MAX_KNOWNHOSTS_LINE); |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
327 hostlen = strlen(cli_opts.remotehost); |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
328 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
329 do { |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
330 if (buf_getline(line, hostsfile) == DROPBEAR_FAILURE) { |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
331 TRACE(("failed reading line: prob EOF")) |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
332 break; |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
333 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
334 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
335 /* The line is too short to be sensible */ |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
336 /* "30" is 'enough to hold ssh-dss plus the spaces, ie so we don't |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
337 * buf_getfoo() past the end and die horribly - the base64 parsing |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
338 * code is what tiptoes up to the end nicely */ |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
339 if (line->len < (hostlen+30) ) { |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
340 TRACE(("line is too short to be sensible")) |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
341 continue; |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
342 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
343 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
344 /* Compare hostnames */ |
1094
c45d65392c1a
Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents:
886
diff
changeset
|
345 if (strncmp(cli_opts.remotehost, (const char *) buf_getptr(line, hostlen), |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
346 hostlen) != 0) { |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
347 continue; |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
348 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
349 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
350 buf_incrpos(line, hostlen); |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
351 if (buf_getbyte(line) != ' ') { |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
352 /* there wasn't a space after the hostname, something dodgy */ |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
353 TRACE(("missing space afte matching hostname")) |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
354 continue; |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
355 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
356 |
1094
c45d65392c1a
Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents:
886
diff
changeset
|
357 if (strncmp((const char *) buf_getptr(line, algolen), algoname, algolen) != 0) { |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
358 TRACE(("algo doesn't match")) |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
359 continue; |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
360 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
361 |
59
bdc97a5719f4
add new entries to known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
51
diff
changeset
|
362 buf_incrpos(line, algolen); |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
363 if (buf_getbyte(line) != ' ') { |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
364 TRACE(("missing space after algo")) |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
365 continue; |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
366 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
367 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
368 /* Now we're at the interesting hostkey */ |
1094
c45d65392c1a
Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents:
886
diff
changeset
|
369 ret = cmp_base64_key(keyblob, keybloblen, (const unsigned char *) algoname, algolen, |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
370 line, &fingerprint); |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
371 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
372 if (ret == DROPBEAR_SUCCESS) { |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
373 /* Good matching key */ |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
374 TRACE(("good matching key")) |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
375 goto out; |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
376 } |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
377 |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
378 /* The keys didn't match. eep. Note that we're "leaking" |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
379 the fingerprint strings here, but we're exiting anyway */ |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
380 dropbear_exit("\n\n%s host key mismatch for %s !\n" |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
381 "Fingerprint is %s\n" |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
382 "Expected %s\n" |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
383 "If you know that the host key is correct you can\nremove the bad entry from ~/.ssh/known_hosts", |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
384 algoname, |
436
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
385 cli_opts.remotehost, |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
386 sign_key_fingerprint(keyblob, keybloblen), |
7282370416a0
Improve known_hosts checking.
Matt Johnston <matt@ucc.asn.au>
parents:
418
diff
changeset
|
387 fingerprint ? fingerprint : "UNKNOWN"); |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
388 } while (1); /* keep going 'til something happens */ |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
389 |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
390 /* Key doesn't exist yet */ |
847
f4bb964c8678
Add '-R' for delayed hostkey option
Matt Johnston <matt@ucc.asn.au>
parents:
801
diff
changeset
|
391 ask_to_confirm(keyblob, keybloblen, algoname); |
59
bdc97a5719f4
add new entries to known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
51
diff
changeset
|
392 |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
393 /* If we get here, they said yes */ |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
394 |
59
bdc97a5719f4
add new entries to known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
51
diff
changeset
|
395 if (readonly) { |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
106
diff
changeset
|
396 TRACE(("readonly")) |
59
bdc97a5719f4
add new entries to known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
51
diff
changeset
|
397 goto out; |
bdc97a5719f4
add new entries to known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
51
diff
changeset
|
398 } |
bdc97a5719f4
add new entries to known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
51
diff
changeset
|
399 |
418
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
400 if (!cli_opts.always_accept_key) { |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
401 /* put the new entry in the file */ |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
402 fseek(hostsfile, 0, SEEK_END); /* In case it wasn't opened append */ |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
403 buf_setpos(line, 0); |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
404 buf_setlen(line, 0); |
1094
c45d65392c1a
Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents:
886
diff
changeset
|
405 buf_putbytes(line, (const unsigned char *) cli_opts.remotehost, hostlen); |
418
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
406 buf_putbyte(line, ' '); |
1094
c45d65392c1a
Fix pointer differ in signess warnings [-Werror=pointer-sign]
Gaël PORTAY <gael.portay@gmail.com>
parents:
886
diff
changeset
|
407 buf_putbytes(line, (const unsigned char *) algoname, algolen); |
418
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
408 buf_putbyte(line, ' '); |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
409 len = line->size - line->pos; |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
410 /* The only failure with base64 is buffer_overflow, but buf_getwriteptr |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
411 * will die horribly in the case anyway */ |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
412 base64_encode(keyblob, keybloblen, buf_getwriteptr(line, len), &len); |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
413 buf_incrwritepos(line, len); |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
414 buf_putbyte(line, '\n'); |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
415 buf_setpos(line, 0); |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
416 fwrite(buf_getptr(line, line->len), line->len, 1, hostsfile); |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
417 /* We ignore errors, since there's not much we can do about them */ |
ab57ba0cb667
Add '-y' option to dbclient to accept the host key without checking
Matt Johnston <matt@ucc.asn.au>
parents:
340
diff
changeset
|
418 } |
59
bdc97a5719f4
add new entries to known_hosts
Matt Johnston <matt@ucc.asn.au>
parents:
51
diff
changeset
|
419 |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
420 out: |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
421 if (hostsfile != NULL) { |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
422 fclose(hostsfile); |
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
423 } |
79
5a55bd66707f
- don't crash when trying to add to known_hosts if it doesn't exist
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
424 if (line != NULL) { |
5a55bd66707f
- don't crash when trying to add to known_hosts if it doesn't exist
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
425 buf_free(line); |
5a55bd66707f
- don't crash when trying to add to known_hosts if it doesn't exist
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
426 } |
544
9e51707cd6f2
- Make -i and -W pass through multihop arguments
Matt Johnston <matt@ucc.asn.au>
parents:
440
diff
changeset
|
427 m_free(fingerprint); |
51
095d689fed16
- Hostkey checking is mostly there, just aren't appending yet.
Matt Johnston <matt@ucc.asn.au>
parents:
34
diff
changeset
|
428 } |
1676
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
429 |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
430 void recv_msg_ext_info(void) { |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
431 /* This message is not client-specific in the protocol but Dropbear only handles |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
432 a server-sent message at present. */ |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
433 unsigned int num_ext; |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
434 unsigned int i; |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
435 |
1681
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1676
diff
changeset
|
436 TRACE(("enter recv_msg_ext_info")) |
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1676
diff
changeset
|
437 |
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1676
diff
changeset
|
438 /* Must be after the first SSH_MSG_NEWKEYS */ |
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1676
diff
changeset
|
439 TRACE(("last %d, donefirst %d, donescond %d", ses.lastpacket, ses.kexstate.donefirstkex, ses.kexstate.donesecondkex)) |
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1676
diff
changeset
|
440 if (!(ses.lastpacket == SSH_MSG_NEWKEYS && !ses.kexstate.donesecondkex)) { |
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1676
diff
changeset
|
441 TRACE(("leave recv_msg_ext_info: ignoring packet received at the wrong time")) |
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1676
diff
changeset
|
442 return; |
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1676
diff
changeset
|
443 } |
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1676
diff
changeset
|
444 |
1676
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
445 num_ext = buf_getint(ses.payload); |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
446 TRACE(("received SSH_MSG_EXT_INFO with %d items", num_ext)) |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
447 |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
448 for (i = 0; i < num_ext; i++) { |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
449 unsigned int name_len; |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
450 char *ext_name = buf_getstring(ses.payload, &name_len); |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
451 TRACE(("extension %d name '%s'", i, ext_name)) |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
452 if (cli_ses.server_sig_algs == NULL |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
453 && name_len == strlen(SSH_SERVER_SIG_ALGS) |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
454 && strcmp(ext_name, SSH_SERVER_SIG_ALGS) == 0) { |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
455 cli_ses.server_sig_algs = buf_getbuf(ses.payload); |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
456 } else { |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
457 /* valid extension values could be >MAX_STRING_LEN */ |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
458 buf_eatstring(ses.payload); |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
459 } |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
460 m_free(ext_name); |
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
461 } |
1681
435cfb9ec96e
send and handle SSH_MSG_EXT_INFO only at the correct point
Matt Johnston <matt@ucc.asn.au>
parents:
1676
diff
changeset
|
462 TRACE(("leave recv_msg_ext_info")) |
1676
d5cdc60db08e
ext-info handling for server-sig-algs
Matt Johnston <matt@ucc.asn.au>
parents:
1674
diff
changeset
|
463 } |