diff options
author | Damien Miller <djm@mindrot.org> | 1999-11-25 11:54:57 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 1999-11-25 11:54:57 +1100 |
commit | 5428f646ad32da88ddd04a8c287d595524674fbf (patch) | |
tree | cc1f1e5d7852e1f44d41077f776abf7dab7ac06d /hostfile.c | |
parent | 9072e1889648988da38b7b81bce95291c1dc3a23 (diff) |
- More reformatting merged from OpenBSD CVS
- Merged OpenBSD CVS changes:
- [channels.c]
report from mrwizard@psu.edu via djm@ibs.com.au
- [channels.c]
set SO_REUSEADDR and SO_LINGER for forwarded ports.
chip@valinux.com via damien@ibs.com.au
- [nchan.c]
it's not an error() if shutdown_write failes in nchan.
- [readconf.c]
remove dead #ifdef-0-code
- [readconf.c servconf.c]
strcasecmp instead of tolower
- [scp.c]
progress meter overflow fix from damien@ibs.com.au
- [ssh-add.1 ssh-add.c]
SSH_ASKPASS support
- [ssh.1 ssh.c]
postpone fork_after_authentication until command execution,
request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au
plus: use daemon() for backgrounding
Diffstat (limited to 'hostfile.c')
-rw-r--r-- | hostfile.c | 119 |
1 files changed, 70 insertions, 49 deletions
diff --git a/hostfile.c b/hostfile.c index 61046f071..cdfb48f3e 100644 --- a/hostfile.c +++ b/hostfile.c | |||
@@ -14,16 +14,18 @@ | |||
14 | */ | 14 | */ |
15 | 15 | ||
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$Id: hostfile.c,v 1.5 1999/11/24 13:26:22 damien Exp $"); | 17 | RCSID("$Id: hostfile.c,v 1.6 1999/11/25 00:54:59 damien Exp $"); |
18 | 18 | ||
19 | #include "packet.h" | 19 | #include "packet.h" |
20 | #include "ssh.h" | 20 | #include "ssh.h" |
21 | 21 | ||
22 | /* Reads a multiple-precision integer in hex from the buffer, and advances the | 22 | /* |
23 | pointer. The integer must already be initialized. This function is | 23 | * Reads a multiple-precision integer in hex from the buffer, and advances |
24 | permitted to modify the buffer. This leaves *cpp to point just beyond | 24 | * the pointer. The integer must already be initialized. This function is |
25 | the last processed (and maybe modified) character. Note that this may | 25 | * permitted to modify the buffer. This leaves *cpp to point just beyond the |
26 | modify the buffer containing the number. */ | 26 | * last processed (and maybe modified) character. Note that this may modify |
27 | * the buffer containing the number. | ||
28 | */ | ||
27 | 29 | ||
28 | int | 30 | int |
29 | auth_rsa_read_bignum(char **cpp, BIGNUM * value) | 31 | auth_rsa_read_bignum(char **cpp, BIGNUM * value) |
@@ -32,7 +34,8 @@ auth_rsa_read_bignum(char **cpp, BIGNUM * value) | |||
32 | int len, old; | 34 | int len, old; |
33 | 35 | ||
34 | /* Skip any leading whitespace. */ | 36 | /* Skip any leading whitespace. */ |
35 | for (; *cp == ' ' || *cp == '\t'; cp++); | 37 | for (; *cp == ' ' || *cp == '\t'; cp++) |
38 | ; | ||
36 | 39 | ||
37 | /* Check that it begins with a hex digit. */ | 40 | /* Check that it begins with a hex digit. */ |
38 | if (*cp < '0' || *cp > '9') | 41 | if (*cp < '0' || *cp > '9') |
@@ -42,7 +45,8 @@ auth_rsa_read_bignum(char **cpp, BIGNUM * value) | |||
42 | *cpp = cp; | 45 | *cpp = cp; |
43 | 46 | ||
44 | /* Move forward until all hex digits skipped. */ | 47 | /* Move forward until all hex digits skipped. */ |
45 | for (; *cp >= '0' && *cp <= '9'; cp++); | 48 | for (; *cp >= '0' && *cp <= '9'; cp++) |
49 | ; | ||
46 | 50 | ||
47 | /* Compute the length of the hex number. */ | 51 | /* Compute the length of the hex number. */ |
48 | len = cp - *cpp; | 52 | len = cp - *cpp; |
@@ -51,7 +55,6 @@ auth_rsa_read_bignum(char **cpp, BIGNUM * value) | |||
51 | old = *cp; | 55 | old = *cp; |
52 | *cp = 0; | 56 | *cp = 0; |
53 | 57 | ||
54 | |||
55 | /* Parse the number. */ | 58 | /* Parse the number. */ |
56 | if (BN_dec2bn(&value, *cpp) == 0) | 59 | if (BN_dec2bn(&value, *cpp) == 0) |
57 | return 0; | 60 | return 0; |
@@ -64,8 +67,10 @@ auth_rsa_read_bignum(char **cpp, BIGNUM * value) | |||
64 | return 1; | 67 | return 1; |
65 | } | 68 | } |
66 | 69 | ||
67 | /* Parses an RSA key (number of bits, e, n) from a string. Moves the pointer | 70 | /* |
68 | over the key. Skips any whitespace at the beginning and at end. */ | 71 | * Parses an RSA key (number of bits, e, n) from a string. Moves the pointer |
72 | * over the key. Skips any whitespace at the beginning and at end. | ||
73 | */ | ||
69 | 74 | ||
70 | int | 75 | int |
71 | auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n) | 76 | auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n) |
@@ -74,7 +79,8 @@ auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n) | |||
74 | char *cp; | 79 | char *cp; |
75 | 80 | ||
76 | /* Skip leading whitespace. */ | 81 | /* Skip leading whitespace. */ |
77 | for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++); | 82 | for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++) |
83 | ; | ||
78 | 84 | ||
79 | /* Get number of bits. */ | 85 | /* Get number of bits. */ |
80 | if (*cp < '0' || *cp > '9') | 86 | if (*cp < '0' || *cp > '9') |
@@ -91,7 +97,8 @@ auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n) | |||
91 | return 0; | 97 | return 0; |
92 | 98 | ||
93 | /* Skip trailing whitespace. */ | 99 | /* Skip trailing whitespace. */ |
94 | for (; *cp == ' ' || *cp == '\t'; cp++); | 100 | for (; *cp == ' ' || *cp == '\t'; cp++) |
101 | ; | ||
95 | 102 | ||
96 | /* Return results. */ | 103 | /* Return results. */ |
97 | *cpp = cp; | 104 | *cpp = cp; |
@@ -99,10 +106,12 @@ auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n) | |||
99 | return 1; | 106 | return 1; |
100 | } | 107 | } |
101 | 108 | ||
102 | /* Tries to match the host name (which must be in all lowercase) against the | 109 | /* |
103 | comma-separated sequence of subpatterns (each possibly preceded by ! to | 110 | * Tries to match the host name (which must be in all lowercase) against the |
104 | indicate negation). Returns true if there is a positive match; zero | 111 | * comma-separated sequence of subpatterns (each possibly preceded by ! to |
105 | otherwise. */ | 112 | * indicate negation). Returns true if there is a positive match; zero |
113 | * otherwise. | ||
114 | */ | ||
106 | 115 | ||
107 | int | 116 | int |
108 | match_hostname(const char *host, const char *pattern, unsigned int len) | 117 | match_hostname(const char *host, const char *pattern, unsigned int len) |
@@ -121,18 +130,19 @@ match_hostname(const char *host, const char *pattern, unsigned int len) | |||
121 | } else | 130 | } else |
122 | negated = 0; | 131 | negated = 0; |
123 | 132 | ||
124 | /* Extract the subpattern up to a comma or end. Convert | 133 | /* |
125 | the subpattern to lowercase. */ | 134 | * Extract the subpattern up to a comma or end. Convert the |
135 | * subpattern to lowercase. | ||
136 | */ | ||
126 | for (subi = 0; | 137 | for (subi = 0; |
127 | i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; | 138 | i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; |
128 | subi++, i++) | 139 | subi++, i++) |
129 | sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i]; | 140 | sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i]; |
130 | /* If subpattern too long, return failure (no match). */ | 141 | /* If subpattern too long, return failure (no match). */ |
131 | if (subi >= sizeof(sub) - 1) | 142 | if (subi >= sizeof(sub) - 1) |
132 | return 0; | 143 | return 0; |
133 | 144 | ||
134 | /* If the subpattern was terminated by a comma, skip the | 145 | /* If the subpattern was terminated by a comma, skip the comma. */ |
135 | comma. */ | ||
136 | if (i < len && pattern[i] == ',') | 146 | if (i < len && pattern[i] == ',') |
137 | i++; | 147 | i++; |
138 | 148 | ||
@@ -142,24 +152,25 @@ match_hostname(const char *host, const char *pattern, unsigned int len) | |||
142 | /* Try to match the subpattern against the host name. */ | 152 | /* Try to match the subpattern against the host name. */ |
143 | if (match_pattern(host, sub)) { | 153 | if (match_pattern(host, sub)) { |
144 | if (negated) | 154 | if (negated) |
145 | return 0; /* Fail if host matches | 155 | return 0; /* Fail */ |
146 | any negated subpattern. */ | ||
147 | else | 156 | else |
148 | got_positive = 1; | 157 | got_positive = 1; |
149 | } | 158 | } |
150 | } | 159 | } |
151 | 160 | ||
152 | /* Return success if got a positive match. If there was a | 161 | /* |
153 | negative match, we have already returned zero and never get | 162 | * Return success if got a positive match. If there was a negative |
154 | here. */ | 163 | * match, we have already returned zero and never get here. |
164 | */ | ||
155 | return got_positive; | 165 | return got_positive; |
156 | } | 166 | } |
157 | 167 | ||
158 | /* Checks whether the given host (which must be in all lowercase) is | 168 | /* |
159 | already in the list of our known hosts. | 169 | * Checks whether the given host (which must be in all lowercase) is already |
160 | Returns HOST_OK if the host is known and has the specified key, | 170 | * in the list of our known hosts. Returns HOST_OK if the host is known and |
161 | HOST_NEW if the host is not known, and HOST_CHANGED if the host is known | 171 | * has the specified key, HOST_NEW if the host is not known, and HOST_CHANGED |
162 | but used to have a different host key. */ | 172 | * if the host is known but used to have a different host key. |
173 | */ | ||
163 | 174 | ||
164 | HostStatus | 175 | HostStatus |
165 | check_host_in_hostfile(const char *filename, const char *host, | 176 | check_host_in_hostfile(const char *filename, const char *host, |
@@ -180,9 +191,11 @@ check_host_in_hostfile(const char *filename, const char *host, | |||
180 | /* Cache the length of the host name. */ | 191 | /* Cache the length of the host name. */ |
181 | hostlen = strlen(host); | 192 | hostlen = strlen(host); |
182 | 193 | ||
183 | /* Return value when the loop terminates. This is set to | 194 | /* |
184 | HOST_CHANGED if we have seen a different key for the host and | 195 | * Return value when the loop terminates. This is set to |
185 | have not found the proper one. */ | 196 | * HOST_CHANGED if we have seen a different key for the host and have |
197 | * not found the proper one. | ||
198 | */ | ||
186 | end_return = HOST_NEW; | 199 | end_return = HOST_NEW; |
187 | 200 | ||
188 | /* size of modulus 'n' */ | 201 | /* size of modulus 'n' */ |
@@ -193,15 +206,15 @@ check_host_in_hostfile(const char *filename, const char *host, | |||
193 | cp = line; | 206 | cp = line; |
194 | linenum++; | 207 | linenum++; |
195 | 208 | ||
196 | /* Skip any leading whitespace. */ | 209 | /* Skip any leading whitespace, comments and empty lines. */ |
197 | for (; *cp == ' ' || *cp == '\t'; cp++); | 210 | for (; *cp == ' ' || *cp == '\t'; cp++) |
198 | 211 | ; | |
199 | /* Ignore comment lines and empty lines. */ | ||
200 | if (!*cp || *cp == '#' || *cp == '\n') | 212 | if (!*cp || *cp == '#' || *cp == '\n') |
201 | continue; | 213 | continue; |
202 | 214 | ||
203 | /* Find the end of the host name portion. */ | 215 | /* Find the end of the host name portion. */ |
204 | for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++); | 216 | for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++) |
217 | ; | ||
205 | 218 | ||
206 | /* Check if the host name matches. */ | 219 | /* Check if the host name matches. */ |
207 | if (!match_hostname(host, cp, (unsigned int) (cp2 - cp))) | 220 | if (!match_hostname(host, cp, (unsigned int) (cp2 - cp))) |
@@ -210,8 +223,10 @@ check_host_in_hostfile(const char *filename, const char *host, | |||
210 | /* Got a match. Skip host name. */ | 223 | /* Got a match. Skip host name. */ |
211 | cp = cp2; | 224 | cp = cp2; |
212 | 225 | ||
213 | /* Extract the key from the line. This will skip any | 226 | /* |
214 | leading whitespace. Ignore badly formatted lines. */ | 227 | * Extract the key from the line. This will skip any leading |
228 | * whitespace. Ignore badly formatted lines. | ||
229 | */ | ||
215 | if (!auth_rsa_read_key(&cp, &kbits, ke, kn)) | 230 | if (!auth_rsa_read_key(&cp, &kbits, ke, kn)) |
216 | continue; | 231 | continue; |
217 | 232 | ||
@@ -228,21 +243,27 @@ check_host_in_hostfile(const char *filename, const char *host, | |||
228 | fclose(f); | 243 | fclose(f); |
229 | return HOST_OK; | 244 | return HOST_OK; |
230 | } | 245 | } |
231 | /* They do not match. We will continue to go through the | 246 | /* |
232 | file; however, we note that we will not return that it | 247 | * They do not match. We will continue to go through the |
233 | is new. */ | 248 | * file; however, we note that we will not return that it is |
249 | * new. | ||
250 | */ | ||
234 | end_return = HOST_CHANGED; | 251 | end_return = HOST_CHANGED; |
235 | } | 252 | } |
236 | /* Clear variables and close the file. */ | 253 | /* Clear variables and close the file. */ |
237 | fclose(f); | 254 | fclose(f); |
238 | 255 | ||
239 | /* Return either HOST_NEW or HOST_CHANGED, depending on whether we | 256 | /* |
240 | saw a different key for the host. */ | 257 | * Return either HOST_NEW or HOST_CHANGED, depending on whether we |
258 | * saw a different key for the host. | ||
259 | */ | ||
241 | return end_return; | 260 | return end_return; |
242 | } | 261 | } |
243 | 262 | ||
244 | /* Appends an entry to the host file. Returns false if the entry | 263 | /* |
245 | could not be appended. */ | 264 | * Appends an entry to the host file. Returns false if the entry could not |
265 | * be appended. | ||
266 | */ | ||
246 | 267 | ||
247 | int | 268 | int |
248 | add_host_to_hostfile(const char *filename, const char *host, | 269 | add_host_to_hostfile(const char *filename, const char *host, |