ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-03-15 08:08:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Improve known_hosts checking.

Browse Source 
--HG--
extra : convert_revision : b7933fa29cbedeb53b79a0b60aaa0f049e003cb2
This commit is contained in:
Matt Johnston 2007-02-22 15:29:32 +00:00
parent b01a74a9d7
commit c077f22fb4
4 changed files with 55 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
cli-kex.c
View File

@ -146,31 +146,24 @@ static void ask_to_confirm(unsigned char* keyblob, unsigned int keybloblen) {
dropbear_exit("Didn't validate host key"); dropbear_exit("Didn't validate host key");
} }
static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) { static FILE* open_known_hosts_file(int * readonly)
{
FILE * hostsfile = NULL;
char * filename = NULL; char * filename = NULL;
FILE *hostsfile = NULL;
int readonly = 0;
struct passwd *pw = NULL;
char * homedir = NULL; char * homedir = NULL;
unsigned int hostlen, algolen;
unsigned long len;
const char *algoname = NULL;
buffer * line = NULL;
int ret;
homedir = getenv("HOME"); homedir = getenv("HOME");
if (!homedir) { if (!homedir) {
struct passwd * pw = NULL;
pw = getpwuid(getuid()); pw = getpwuid(getuid());
if (pw) { if (pw) {
homedir = pw->pw_dir; homedir = pw->pw_dir;
} }
pw = NULL;
} }
if (homedir) { if (homedir) {
unsigned int len;
len = strlen(homedir); len = strlen(homedir);
filename = m_malloc(len + 18); /* "/.ssh/known_hosts" and null-terminator*/ filename = m_malloc(len + 18); /* "/.ssh/known_hosts" and null-terminator*/
@ -181,8 +174,7 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
dropbear_log(LOG_INFO, "Warning: failed creating %s/.ssh: %s", dropbear_log(LOG_INFO, "Warning: failed creating %s/.ssh: %s",
homedir, strerror(errno)); homedir, strerror(errno));
TRACE(("mkdir didn't work: %s", strerror(errno))) TRACE(("mkdir didn't work: %s", strerror(errno)))
ask_to_confirm(keyblob, keybloblen); goto out;
goto out; /* only get here on success */
} }
} }
@ -190,12 +182,13 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
hostsfile = fopen(filename, "a+"); hostsfile = fopen(filename, "a+");
if (hostsfile != NULL) { if (hostsfile != NULL) {
*readonly = 0;
fseek(hostsfile, 0, SEEK_SET); fseek(hostsfile, 0, SEEK_SET);
} else { } else {
/* We mightn't have been able to open it if it was read-only */ /* We mightn't have been able to open it if it was read-only */
if (errno == EACCES || errno == EROFS) { if (errno == EACCES || errno == EROFS) {
TRACE(("trying readonly: %s", strerror(errno))) TRACE(("trying readonly: %s", strerror(errno)))
readonly = 1; *readonly = 1;
hostsfile = fopen(filename, "r"); hostsfile = fopen(filename, "r");
} }
} }
@ -205,8 +198,30 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
TRACE(("hostsfile didn't open: %s", strerror(errno))) TRACE(("hostsfile didn't open: %s", strerror(errno)))
dropbear_log(LOG_WARNING, "Failed to open %s/.ssh/known_hosts", dropbear_log(LOG_WARNING, "Failed to open %s/.ssh/known_hosts",
homedir); homedir);
goto out;
}
out:
m_free(filename);
return hostsfile;
}
static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
FILE *hostsfile = NULL;
int readonly = 0;
unsigned int hostlen, algolen;
unsigned long len;
const char *algoname = NULL;
char * fingerprint = NULL;
buffer * line = NULL;
int ret;
hostsfile = open_known_hosts_file(&readonly);
if (!hostsfile) {
ask_to_confirm(keyblob, keybloblen); ask_to_confirm(keyblob, keybloblen);
goto out; /* We only get here on success */ /* ask_to_confirm will exit upon failure */
return;
} }
line = buf_new(MAX_KNOWNHOSTS_LINE); line = buf_new(MAX_KNOWNHOSTS_LINE);
@ -242,7 +257,7 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
continue; continue;
} }
if ( strncmp(buf_getptr(line, algolen), algoname, algolen) != 0) { if (strncmp(buf_getptr(line, algolen), algoname, algolen) != 0) {
TRACE(("algo doesn't match")) TRACE(("algo doesn't match"))
continue; continue;
} }
@ -254,7 +269,8 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
} }
/* Now we're at the interesting hostkey */ /* Now we're at the interesting hostkey */
ret = cmp_base64_key(keyblob, keybloblen, algoname, algolen, line); ret = cmp_base64_key(keyblob, keybloblen, algoname, algolen,
line, &fingerprint);
if (ret == DROPBEAR_SUCCESS) { if (ret == DROPBEAR_SUCCESS) {
/* Good matching key */ /* Good matching key */
@ -262,7 +278,15 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
goto out; goto out;
} }
/* The keys didn't match. eep. */ /* The keys didn't match. eep. Note that we're "leaking"
the fingerprint strings here, but we're exiting anyway */
dropbear_exit("\n\nHost key mismatch for %s !\n"
"Fingerprint is %s\n"
"Expected %s\n"
"If you know that the host key is correct you can\nremove the bad entry from ~/.ssh/known_hosts",
cli_opts.remotehost,
sign_key_fingerprint(keyblob, keybloblen),
fingerprint ? fingerprint : "UNKNOWN");
} while (1); /* keep going 'til something happens */ } while (1); /* keep going 'til something happens */
/* Key doesn't exist yet */ /* Key doesn't exist yet */
@ -300,7 +324,6 @@ out:
if (hostsfile != NULL) { if (hostsfile != NULL) {
fclose(hostsfile); fclose(hostsfile);
} }
m_free(filename);
if (line != NULL) { if (line != NULL) {
buf_free(line); buf_free(line);
} }

9
signkey.c
View File

@ -432,9 +432,11 @@ int buf_verify(buffer * buf, sign_key *key, const unsigned char *data,
/* Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE when given a buffer containing /* Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE when given a buffer containing
* a key, a key, and a type. The buffer is positioned at the start of the * a key, a key, and a type. The buffer is positioned at the start of the
* base64 data, and contains no trailing data */ * base64 data, and contains no trailing data */
/* If fingerprint is non-NULL, it will be set to a malloc()ed fingerprint
of the key if it is successfully decoded */
int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen,
const unsigned char* algoname, unsigned int algolen, const unsigned char* algoname, unsigned int algolen,
buffer * line) { buffer * line, char ** fingerprint) {
buffer * decodekey = NULL; buffer * decodekey = NULL;
int ret = DROPBEAR_FAILURE; int ret = DROPBEAR_FAILURE;
@ -456,6 +458,11 @@ int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen,
TRACE(("checkpubkey: base64_decode success")) TRACE(("checkpubkey: base64_decode success"))
buf_incrlen(decodekey, decodekeylen); buf_incrlen(decodekey, decodekeylen);
if (fingerprint) {
*fingerprint = sign_key_fingerprint(buf_getptr(decodekey, decodekeylen),
decodekeylen);
}
/* compare the keys */ /* compare the keys */
if ( ( decodekeylen != keybloblen ) if ( ( decodekeylen != keybloblen )
|| memcmp( buf_getptr(decodekey, decodekey->len), || memcmp( buf_getptr(decodekey, decodekey->len),

2
signkey.h
View File

@ -58,6 +58,6 @@ char * sign_key_fingerprint(unsigned char* keyblob, unsigned int keybloblen);
#endif #endif
int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen,
const unsigned char* algoname, unsigned int algolen, const unsigned char* algoname, unsigned int algolen,
buffer * line); buffer * line, char ** fingerprint);
#endif /* _SIGNKEY_H_ */ #endif /* _SIGNKEY_H_ */

2
svr-authpubkey.c
View File

@ -231,7 +231,7 @@ static int checkpubkey(unsigned char* algo, unsigned int algolen,
TRACE(("checkpubkey: line pos = %d len = %d", line->pos, line->len)) TRACE(("checkpubkey: line pos = %d len = %d", line->pos, line->len))
ret = cmp_base64_key(keyblob, keybloblen, algo, algolen, line); ret = cmp_base64_key(keyblob, keybloblen, algo, algolen, line, NULL);
if (ret == DROPBEAR_SUCCESS) { if (ret == DROPBEAR_SUCCESS) {
break; break;
} }