diff options
author | djm@openbsd.org <djm@openbsd.org> | 2015-01-26 03:04:45 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2015-01-27 00:00:57 +1100 |
commit | 8d4f87258f31cb6def9b3b55b6a7321d84728ff2 (patch) | |
tree | c98e66c1c0824f0b0e312d7b44d8eeac46265362 /sshconnect.c | |
parent | 60b1825262b1f1e24fc72050b907189c92daf18e (diff) |
upstream commit
Host key rotation support.
Add a hostkeys@openssh.com protocol extension (global request) for
a server to inform a client of all its available host key after
authentication has completed. The client may record the keys in
known_hosts, allowing it to upgrade to better host key algorithms
and a server to gracefully rotate its keys.
The client side of this is controlled by a UpdateHostkeys config
option (default on).
ok markus@
Diffstat (limited to 'sshconnect.c')
-rw-r--r-- | sshconnect.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/sshconnect.c b/sshconnect.c index 6fc3fa520..ae3b642cb 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshconnect.c,v 1.256 2015/01/20 23:14:00 deraadt Exp $ */ | 1 | /* $OpenBSD: sshconnect.c,v 1.257 2015/01/26 03:04:46 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -818,6 +818,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, | |||
818 | int len, cancelled_forwarding = 0; | 818 | int len, cancelled_forwarding = 0; |
819 | int local = sockaddr_is_local(hostaddr); | 819 | int local = sockaddr_is_local(hostaddr); |
820 | int r, want_cert = key_is_cert(host_key), host_ip_differ = 0; | 820 | int r, want_cert = key_is_cert(host_key), host_ip_differ = 0; |
821 | int hostkey_trusted = 0; /* Known or explicitly accepted by user */ | ||
821 | struct hostkeys *host_hostkeys, *ip_hostkeys; | 822 | struct hostkeys *host_hostkeys, *ip_hostkeys; |
822 | u_int i; | 823 | u_int i; |
823 | 824 | ||
@@ -926,6 +927,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, | |||
926 | free(ra); | 927 | free(ra); |
927 | free(fp); | 928 | free(fp); |
928 | } | 929 | } |
930 | hostkey_trusted = 1; | ||
929 | break; | 931 | break; |
930 | case HOST_NEW: | 932 | case HOST_NEW: |
931 | if (options.host_key_alias == NULL && port != 0 && | 933 | if (options.host_key_alias == NULL && port != 0 && |
@@ -989,6 +991,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, | |||
989 | free(fp); | 991 | free(fp); |
990 | if (!confirm(msg)) | 992 | if (!confirm(msg)) |
991 | goto fail; | 993 | goto fail; |
994 | hostkey_trusted = 1; /* user explicitly confirmed */ | ||
992 | } | 995 | } |
993 | /* | 996 | /* |
994 | * If not in strict mode, add the key automatically to the | 997 | * If not in strict mode, add the key automatically to the |
@@ -1187,6 +1190,12 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, | |||
1187 | } | 1190 | } |
1188 | } | 1191 | } |
1189 | 1192 | ||
1193 | if (!hostkey_trusted && options.update_hostkeys) { | ||
1194 | debug("%s: hostkey not known or explicitly trusted: " | ||
1195 | "disabling UpdateHostkeys", __func__); | ||
1196 | options.update_hostkeys = 0; | ||
1197 | } | ||
1198 | |||
1190 | free(ip); | 1199 | free(ip); |
1191 | free(host); | 1200 | free(host); |
1192 | if (host_hostkeys != NULL) | 1201 | if (host_hostkeys != NULL) |