diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2017-04-30 23:18:44 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2017-05-01 10:05:01 +1000 |
| commit | 873d3e7d9a4707d0934fb4c4299354418f91b541 (patch) | |
| tree | 4fd961131c84ad1626f11ffdcdc4316a26febacb /ssh-keyscan.c | |
| parent | 788ac799a6efa40517f2ac0d895a610394298ffc (diff) | |
upstream commit
remove KEY_RSA1
ok markus@
Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
Diffstat (limited to 'ssh-keyscan.c')
| -rw-r--r-- | ssh-keyscan.c | 64 |
1 files changed, 28 insertions, 36 deletions
diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 6a9292487..d49d79ad7 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-keyscan.c,v 1.111 2017/04/30 23:13:25 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keyscan.c,v 1.112 2017/04/30 23:18:44 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. | 3 | * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. |
| 4 | * | 4 | * |
| @@ -54,11 +54,13 @@ int IPv4or6 = AF_UNSPEC; | |||
| 54 | 54 | ||
| 55 | int ssh_port = SSH_DEFAULT_PORT; | 55 | int ssh_port = SSH_DEFAULT_PORT; |
| 56 | 56 | ||
| 57 | #define KT_RSA1 1 | 57 | #define KT_DSA (1) |
| 58 | #define KT_DSA 2 | 58 | #define KT_RSA (1<<1) |
| 59 | #define KT_RSA 4 | 59 | #define KT_ECDSA (1<<2) |
| 60 | #define KT_ECDSA 8 | 60 | #define KT_ED25519 (1<<3) |
| 61 | #define KT_ED25519 16 | 61 | |
| 62 | #define KT_MIN KT_DSA | ||
| 63 | #define KT_MAX KT_ED25519 | ||
| 62 | 64 | ||
| 63 | int get_cert = 0; | 65 | int get_cert = 0; |
| 64 | int get_keytypes = KT_RSA|KT_ECDSA|KT_ED25519; | 66 | int get_keytypes = KT_RSA|KT_ECDSA|KT_ED25519; |
| @@ -94,7 +96,7 @@ typedef struct Connection { | |||
| 94 | int c_plen; /* Packet length field for ssh packet */ | 96 | int c_plen; /* Packet length field for ssh packet */ |
| 95 | int c_len; /* Total bytes which must be read. */ | 97 | int c_len; /* Total bytes which must be read. */ |
| 96 | int c_off; /* Length of data read so far. */ | 98 | int c_off; /* Length of data read so far. */ |
| 97 | int c_keytype; /* Only one of KT_RSA1, KT_DSA, or KT_RSA */ | 99 | int c_keytype; /* Only one of KT_* */ |
| 98 | sig_atomic_t c_done; /* SSH2 done */ | 100 | sig_atomic_t c_done; /* SSH2 done */ |
| 99 | char *c_namebase; /* Address to free for c_name and c_namelist */ | 101 | char *c_namebase; /* Address to free for c_name and c_namelist */ |
| 100 | char *c_name; /* Hostname of connection for errors */ | 102 | char *c_name; /* Hostname of connection for errors */ |
| @@ -435,6 +437,20 @@ congreet(int s) | |||
| 435 | size_t bufsiz; | 437 | size_t bufsiz; |
| 436 | con *c = &fdcon[s]; | 438 | con *c = &fdcon[s]; |
| 437 | 439 | ||
| 440 | /* send client banner */ | ||
| 441 | n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n", | ||
| 442 | PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2); | ||
| 443 | if (n < 0 || (size_t)n >= sizeof(buf)) { | ||
| 444 | error("snprintf: buffer too small"); | ||
| 445 | confree(s); | ||
| 446 | return; | ||
| 447 | } | ||
| 448 | if (atomicio(vwrite, s, buf, n) != (size_t)n) { | ||
| 449 | error("write (%s): %s", c->c_name, strerror(errno)); | ||
| 450 | confree(s); | ||
| 451 | return; | ||
| 452 | } | ||
| 453 | |||
| 438 | for (;;) { | 454 | for (;;) { |
| 439 | memset(buf, '\0', sizeof(buf)); | 455 | memset(buf, '\0', sizeof(buf)); |
| 440 | bufsiz = sizeof(buf); | 456 | bufsiz = sizeof(buf); |
| @@ -477,38 +493,14 @@ congreet(int s) | |||
| 477 | c->c_ssh->compat = compat_datafellows(remote_version); | 493 | c->c_ssh->compat = compat_datafellows(remote_version); |
| 478 | else | 494 | else |
| 479 | c->c_ssh->compat = 0; | 495 | c->c_ssh->compat = 0; |
| 480 | if (c->c_keytype != KT_RSA1) { | 496 | if (!ssh2_capable(remote_major, remote_minor)) { |
| 481 | if (!ssh2_capable(remote_major, remote_minor)) { | 497 | debug("%s doesn't support ssh2", c->c_name); |
| 482 | debug("%s doesn't support ssh2", c->c_name); | ||
| 483 | confree(s); | ||
| 484 | return; | ||
| 485 | } | ||
| 486 | } else if (remote_major != 1) { | ||
| 487 | debug("%s doesn't support ssh1", c->c_name); | ||
| 488 | confree(s); | 498 | confree(s); |
| 489 | return; | 499 | return; |
| 490 | } | 500 | } |
| 491 | fprintf(stderr, "# %s:%d %s\n", c->c_name, ssh_port, chop(buf)); | 501 | fprintf(stderr, "# %s:%d %s\n", c->c_name, ssh_port, chop(buf)); |
| 492 | n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n", | 502 | keygrab_ssh2(c); |
| 493 | c->c_keytype == KT_RSA1? PROTOCOL_MAJOR_1 : PROTOCOL_MAJOR_2, | 503 | confree(s); |
| 494 | c->c_keytype == KT_RSA1? PROTOCOL_MINOR_1 : PROTOCOL_MINOR_2); | ||
| 495 | if (n < 0 || (size_t)n >= sizeof(buf)) { | ||
| 496 | error("snprintf: buffer too small"); | ||
| 497 | confree(s); | ||
| 498 | return; | ||
| 499 | } | ||
| 500 | if (atomicio(vwrite, s, buf, n) != (size_t)n) { | ||
| 501 | error("write (%s): %s", c->c_name, strerror(errno)); | ||
| 502 | confree(s); | ||
| 503 | return; | ||
| 504 | } | ||
| 505 | if (c->c_keytype != KT_RSA1) { | ||
| 506 | keygrab_ssh2(c); | ||
| 507 | confree(s); | ||
| 508 | return; | ||
| 509 | } | ||
| 510 | c->c_status = CS_SIZE; | ||
| 511 | contouch(s); | ||
| 512 | } | 504 | } |
| 513 | 505 | ||
| 514 | static void | 506 | static void |
| @@ -606,7 +598,7 @@ do_host(char *host) | |||
| 606 | 598 | ||
| 607 | if (name == NULL) | 599 | if (name == NULL) |
| 608 | return; | 600 | return; |
| 609 | for (j = KT_RSA1; j <= KT_ED25519; j *= 2) { | 601 | for (j = KT_MIN; j <= KT_MAX; j *= 2) { |
| 610 | if (get_keytypes & j) { | 602 | if (get_keytypes & j) { |
| 611 | while (ncon >= MAXCON) | 603 | while (ncon >= MAXCON) |
| 612 | conloop(); | 604 | conloop(); |