OpenCoverage

sshconnect.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/sshconnect.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: sshconnect.c,v 1.305 2018/09/20 03:30:44 djm Exp $ */-
2/*-
3 * Author: Tatu Ylonen <ylo@cs.hut.fi>-
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland-
5 * All rights reserved-
6 * Code to connect to a remote host, and to perform the client side of the-
7 * login (authentication) dialog.-
8 *-
9 * As far as I am concerned, the code I have written for this software-
10 * can be used freely for any purpose. Any derived versions of this-
11 * software must be clearly marked as such, and if the derived work is-
12 * incompatible with the protocol description in the RFC file, it must be-
13 * called by a name other than "ssh" or "Secure Shell".-
14 */-
15-
16#include "includes.h"-
17-
18#include <sys/types.h>-
19#include <sys/wait.h>-
20#include <sys/stat.h>-
21#include <sys/socket.h>-
22#ifdef HAVE_SYS_TIME_H-
23# include <sys/time.h>-
24#endif-
25-
26#include <net/if.h>-
27#include <netinet/in.h>-
28#include <arpa/inet.h>-
29-
30#include <ctype.h>-
31#include <errno.h>-
32#include <fcntl.h>-
33#include <netdb.h>-
34#ifdef HAVE_PATHS_H-
35#include <paths.h>-
36#endif-
37#include <pwd.h>-
38#ifdef HAVE_POLL_H-
39#include <poll.h>-
40#endif-
41#include <signal.h>-
42#include <stdarg.h>-
43#include <stdio.h>-
44#include <stdlib.h>-
45#include <string.h>-
46#include <unistd.h>-
47#ifdef HAVE_IFADDRS_H-
48# include <ifaddrs.h>-
49#endif-
50-
51#include "xmalloc.h"-
52#include "hostfile.h"-
53#include "ssh.h"-
54#include "sshbuf.h"-
55#include "packet.h"-
56#include "compat.h"-
57#include "sshkey.h"-
58#include "sshconnect.h"-
59#include "hostfile.h"-
60#include "log.h"-
61#include "misc.h"-
62#include "readconf.h"-
63#include "atomicio.h"-
64#include "dns.h"-
65#include "monitor_fdpass.h"-
66#include "ssh2.h"-
67#include "version.h"-
68#include "authfile.h"-
69#include "ssherr.h"-
70#include "authfd.h"-
71-
72char *client_version_string = NULL;-
73char *server_version_string = NULL;-
74struct sshkey *previous_host_key = NULL;-
75-
76static int matching_host_key_dns = 0;-
77-
78static pid_t proxy_command_pid = 0;-
79-
80/* import */-
81extern Options options;-
82extern char *__progname;-
83-
84static int show_other_keys(struct hostkeys *, struct sshkey *);-
85static void warn_changed_key(struct sshkey *);-
86-
87/* Expand a proxy command */-
88static char *-
89expand_proxy_command(const char *proxy_command, const char *user,-
90 const char *host, int port)-
91{-
92 char *tmp, *ret, strport[NI_MAXSERV];-
93-
94 snprintf(strport, sizeof strport, "%d", port);-
95 xasprintf(&tmp, "exec %s", proxy_command);-
96 ret = percent_expand(tmp, "h", host, "p", strport,-
97 "r", options.user, (char *)NULL);-
98 free(tmp);-
99 return ret;
never executed: return ret;
0
100}-
101-
102/*-
103 * Connect to the given ssh server using a proxy command that passes a-
104 * a connected fd back to us.-
105 */-
106static int-
107ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,-
108 const char *proxy_command)-
109{-
110 char *command_string;-
111 int sp[2], sock;-
112 pid_t pid;-
113 char *shell;-
114-
115 if ((shell = getenv("SHELL")) == NULL)
(shell = geten...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
116 shell = _PATH_BSHELL;
never executed: shell = "/bin/sh" ;
0
117-
118 if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) < 0)
socketpair( 1 ...M , 0, sp) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
119 fatal("Could not create socketpair to communicate with "
never executed: fatal("Could not create socketpair to communicate with " "proxy dialer: %.100s", strerror( (*__errno_location ()) ));
0
120 "proxy dialer: %.100s", strerror(errno));
never executed: fatal("Could not create socketpair to communicate with " "proxy dialer: %.100s", strerror( (*__errno_location ()) ));
0
121-
122 command_string = expand_proxy_command(proxy_command, options.user,-
123 host, port);-
124 debug("Executing proxy dialer command: %.500s", command_string);-
125-
126 /* Fork and execute the proxy command. */-
127 if ((pid = fork()) == 0) {
(pid = fork()) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
128 char *argv[10];-
129-
130 close(sp[1]);-
131 /* Redirect stdin and stdout. */-
132 if (sp[0] != 0) {
sp[0] != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
133 if (dup2(sp[0], 0) < 0)
dup2(sp[0], 0) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
134 perror("dup2 stdin");
never executed: perror("dup2 stdin");
0
135 }
never executed: end of block
0
136 if (sp[0] != 1) {
sp[0] != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
137 if (dup2(sp[0], 1) < 0)
dup2(sp[0], 1) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
138 perror("dup2 stdout");
never executed: perror("dup2 stdout");
0
139 }
never executed: end of block
0
140 if (sp[0] >= 2)
sp[0] >= 2Description
TRUEnever evaluated
FALSEnever evaluated
0
141 close(sp[0]);
never executed: close(sp[0]);
0
142-
143 /*-
144 * Stderr is left as it is so that error messages get-
145 * printed on the user's terminal.-
146 */-
147 argv[0] = shell;-
148 argv[1] = "-c";-
149 argv[2] = command_string;-
150 argv[3] = NULL;-
151-
152 /*-
153 * Execute the proxy command.-
154 * Note that we gave up any extra privileges above.-
155 */-
156 execv(argv[0], argv);-
157 perror(argv[0]);-
158 exit(1);
never executed: exit(1);
0
159 }-
160 /* Parent. */-
161 if (pid < 0)
pid < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
162 fatal("fork failed: %.100s", strerror(errno));
never executed: fatal("fork failed: %.100s", strerror( (*__errno_location ()) ));
0
163 close(sp[0]);-
164 free(command_string);-
165-
166 if ((sock = mm_receive_fd(sp[1])) == -1)
(sock = mm_rec...(sp[1])) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
167 fatal("proxy dialer did not pass back a connection");
never executed: fatal("proxy dialer did not pass back a connection");
0
168 close(sp[1]);-
169-
170 while (waitpid(pid, NULL, 0) == -1)
waitpid(pid, (...)0) , 0) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
171 if (errno != EINTR)
(*__errno_location ()) != 4Description
TRUEnever evaluated
FALSEnever evaluated
0
172 fatal("Couldn't wait for child: %s", strerror(errno));
never executed: fatal("Couldn't wait for child: %s", strerror( (*__errno_location ()) ));
0
173-
174 /* Set the connection file descriptors. */-
175 if (ssh_packet_set_connection(ssh, sock, sock) == NULL)
ssh_packet_set...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
176 return -1; /* ssh_packet_set_connection logs error */
never executed: return -1;
0
177-
178 return 0;
never executed: return 0;
0
179}-
180-
181/*-
182 * Connect to the given ssh server using a proxy command.-
183 */-
184static int-
185ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,-
186 const char *proxy_command)-
187{-
188 char *command_string;-
189 int pin[2], pout[2];-
190 pid_t pid;-
191 char *shell;-
192-
193 if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
(shell = geten...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
*shell == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
194 shell = _PATH_BSHELL;
never executed: shell = "/bin/sh" ;
0
195-
196 /* Create pipes for communicating with the proxy. */-
197 if (pipe(pin) < 0 || pipe(pout) < 0)
pipe(pin) < 0Description
TRUEnever evaluated
FALSEnever evaluated
pipe(pout) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
198 fatal("Could not create pipes to communicate with the proxy: %.100s",
never executed: fatal("Could not create pipes to communicate with the proxy: %.100s", strerror( (*__errno_location ()) ));
0
199 strerror(errno));
never executed: fatal("Could not create pipes to communicate with the proxy: %.100s", strerror( (*__errno_location ()) ));
0
200-
201 command_string = expand_proxy_command(proxy_command, options.user,-
202 host, port);-
203 debug("Executing proxy command: %.500s", command_string);-
204-
205 /* Fork and execute the proxy command. */-
206 if ((pid = fork()) == 0) {
(pid = fork()) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
207 char *argv[10];-
208-
209 /* Redirect stdin and stdout. */-
210 close(pin[1]);-
211 if (pin[0] != 0) {
pin[0] != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
212 if (dup2(pin[0], 0) < 0)
dup2(pin[0], 0) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
213 perror("dup2 stdin");
never executed: perror("dup2 stdin");
0
214 close(pin[0]);-
215 }
never executed: end of block
0
216 close(pout[0]);-
217 if (dup2(pout[1], 1) < 0)
dup2(pout[1], 1) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
218 perror("dup2 stdout");
never executed: perror("dup2 stdout");
0
219 /* Cannot be 1 because pin allocated two descriptors. */-
220 close(pout[1]);-
221-
222 /* Stderr is left as it is so that error messages get-
223 printed on the user's terminal. */-
224 argv[0] = shell;-
225 argv[1] = "-c";-
226 argv[2] = command_string;-
227 argv[3] = NULL;-
228-
229 /* Execute the proxy command. Note that we gave up any-
230 extra privileges above. */-
231 signal(SIGPIPE, SIG_DFL);-
232 execv(argv[0], argv);-
233 perror(argv[0]);-
234 exit(1);
never executed: exit(1);
0
235 }-
236 /* Parent. */-
237 if (pid < 0)
pid < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
238 fatal("fork failed: %.100s", strerror(errno));
never executed: fatal("fork failed: %.100s", strerror( (*__errno_location ()) ));
0
239 else-
240 proxy_command_pid = pid; /* save pid to clean up later */
never executed: proxy_command_pid = pid;
0
241-
242 /* Close child side of the descriptors. */-
243 close(pin[0]);-
244 close(pout[1]);-
245-
246 /* Free the command name. */-
247 free(command_string);-
248-
249 /* Set the connection file descriptors. */-
250 if (ssh_packet_set_connection(ssh, pout[0], pin[1]) == NULL)
ssh_packet_set...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
251 return -1; /* ssh_packet_set_connection logs error */
never executed: return -1;
0
252-
253 return 0;
never executed: return 0;
0
254}-
255-
256void-
257ssh_kill_proxy_command(void)-
258{-
259 /*-
260 * Send SIGHUP to proxy command if used. We don't wait() in-
261 * case it hangs and instead rely on init to reap the child-
262 */-
263 if (proxy_command_pid > 1)
proxy_command_pid > 1Description
TRUEnever evaluated
FALSEnever evaluated
0
264 kill(proxy_command_pid, SIGHUP);
never executed: kill(proxy_command_pid, 1 );
0
265}
never executed: end of block
0
266-
267#ifdef HAVE_IFADDRS_H-
268/*-
269 * Search a interface address list (returned from getifaddrs(3)) for an-
270 * address that matches the desired address family on the specified interface.-
271 * Returns 0 and fills in *resultp and *rlenp on success. Returns -1 on failure.-
272 */-
273static int-
274check_ifaddrs(const char *ifname, int af, const struct ifaddrs *ifaddrs,-
275 struct sockaddr_storage *resultp, socklen_t *rlenp)-
276{-
277 struct sockaddr_in6 *sa6;-
278 struct sockaddr_in *sa;-
279 struct in6_addr *v6addr;-
280 const struct ifaddrs *ifa;-
281 int allow_local;-
282-
283 /*-
284 * Prefer addresses that are not loopback or linklocal, but use them-
285 * if nothing else matches.-
286 */-
287 for (allow_local = 0; allow_local < 2; allow_local++) {
allow_local < 2Description
TRUEnever evaluated
FALSEnever evaluated
0
288 for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) {
ifa != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
289 if (ifa->ifa_addr == NULL || ifa->ifa_name == NULL ||
ifa->ifa_addr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
ifa->ifa_name == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
290 (ifa->ifa_flags & IFF_UP) == 0 ||
(ifa->ifa_flag... IFF_UP ) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
291 ifa->ifa_addr->sa_family != af ||
ifa->ifa_addr->sa_family != afDescription
TRUEnever evaluated
FALSEnever evaluated
0
292 strcmp(ifa->ifa_name, options.bind_interface) != 0)
never executed: __result = (((const unsigned char *) (const char *) ( ifa->ifa_name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( options.bind_interface ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) != 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
293 continue;
never executed: continue;
0
294 switch (ifa->ifa_addr->sa_family) {-
295 case AF_INET:
never executed: case 2 :
0
296 sa = (struct sockaddr_in *)ifa->ifa_addr;-
297 if (!allow_local && sa->sin_addr.s_addr ==
!allow_localDescription
TRUEnever evaluated
FALSEnever evaluated
sa->sin_addr.s...) 0x7f000001))Description
TRUEnever evaluated
FALSEnever evaluated
0
298 htonl(INADDR_LOOPBACK))
sa->sin_addr.s...) 0x7f000001))Description
TRUEnever evaluated
FALSEnever evaluated
0
299 continue;
never executed: continue;
0
300 if (*rlenp < sizeof(struct sockaddr_in)) {
*rlenp < sizeo...t sockaddr_in)Description
TRUEnever evaluated
FALSEnever evaluated
0
301 error("%s: v4 addr doesn't fit",-
302 __func__);-
303 return -1;
never executed: return -1;
0
304 }-
305 *rlenp = sizeof(struct sockaddr_in);-
306 memcpy(resultp, sa, *rlenp);-
307 return 0;
never executed: return 0;
0
308 case AF_INET6:
never executed: case 10 :
0
309 sa6 = (struct sockaddr_in6 *)ifa->ifa_addr;-
310 v6addr = &sa6->sin6_addr;-
311 if (!allow_local &&
!allow_localDescription
TRUEnever evaluated
FALSEnever evaluated
0
312 (IN6_IS_ADDR_LINKLOCAL(v6addr) ||
(__extension__...fe800000); }))Description
TRUEnever evaluated
FALSEnever evaluated
0
313 IN6_IS_ADDR_LOOPBACK(v6addr)))
(__extension__...ap_32 (1); }))Description
TRUEnever evaluated
FALSEnever evaluated
0
314 continue;
never executed: continue;
0
315 if (*rlenp < sizeof(struct sockaddr_in6)) {
*rlenp < sizeo... sockaddr_in6)Description
TRUEnever evaluated
FALSEnever evaluated
0
316 error("%s: v6 addr doesn't fit",-
317 __func__);-
318 return -1;
never executed: return -1;
0
319 }-
320 *rlenp = sizeof(struct sockaddr_in6);-
321 memcpy(resultp, sa6, *rlenp);-
322 return 0;
never executed: return 0;
0
323 }-
324 }
never executed: end of block
0
325 }
never executed: end of block
0
326 return -1;
never executed: return -1;
0
327}-
328#endif-
329-
330/*-
331 * Creates a socket for use as the ssh connection.-
332 */-
333static int-
334ssh_create_socket(struct addrinfo *ai)-
335{-
336 int sock, r;-
337 struct sockaddr_storage bindaddr;-
338 socklen_t bindaddrlen = 0;-
339 struct addrinfo hints, *res = NULL;-
340#ifdef HAVE_IFADDRS_H-
341 struct ifaddrs *ifaddrs = NULL;-
342#endif-
343 char ntop[NI_MAXHOST];-
344-
345 sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);-
346 if (sock < 0) {
sock < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
347 error("socket: %s", strerror(errno));-
348 return -1;
never executed: return -1;
0
349 }-
350 fcntl(sock, F_SETFD, FD_CLOEXEC);-
351-
352 /* Bind the socket to an alternative local IP address */-
353 if (options.bind_address == NULL && options.bind_interface == NULL)
options.bind_a...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
options.bind_i...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
354 return sock;
never executed: return sock;
0
355-
356 if (options.bind_address != NULL) {
options.bind_a...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
357 memset(&hints, 0, sizeof(hints));-
358 hints.ai_family = ai->ai_family;-
359 hints.ai_socktype = ai->ai_socktype;-
360 hints.ai_protocol = ai->ai_protocol;-
361 hints.ai_flags = AI_PASSIVE;-
362 if ((r = getaddrinfo(options.bind_address, NULL,
(r = getaddrin...s, &res)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
363 &hints, &res)) != 0) {
(r = getaddrin...s, &res)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
364 error("getaddrinfo: %s: %s", options.bind_address,-
365 ssh_gai_strerror(r));-
366 goto fail;
never executed: goto fail;
0
367 }-
368 if (res == NULL) {
res == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
369 error("getaddrinfo: no addrs");-
370 goto fail;
never executed: goto fail;
0
371 }-
372 if (res->ai_addrlen > sizeof(bindaddr)) {
res->ai_addrle...zeof(bindaddr)Description
TRUEnever evaluated
FALSEnever evaluated
0
373 error("%s: addr doesn't fit", __func__);-
374 goto fail;
never executed: goto fail;
0
375 }-
376 memcpy(&bindaddr, res->ai_addr, res->ai_addrlen);-
377 bindaddrlen = res->ai_addrlen;-
378 } else if (options.bind_interface != NULL) {
never executed: end of block
options.bind_i...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
379#ifdef HAVE_IFADDRS_H-
380 if ((r = getifaddrs(&ifaddrs)) != 0) {
(r = getifaddr...ifaddrs)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
381 error("getifaddrs: %s: %s", options.bind_interface,-
382 strerror(errno));-
383 goto fail;
never executed: goto fail;
0
384 }-
385 bindaddrlen = sizeof(bindaddr);-
386 if (check_ifaddrs(options.bind_interface, ai->ai_family,
check_ifaddrs(...daddrlen) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
387 ifaddrs, &bindaddr, &bindaddrlen) != 0) {
check_ifaddrs(...daddrlen) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
388 logit("getifaddrs: %s: no suitable addresses",-
389 options.bind_interface);-
390 goto fail;
never executed: goto fail;
0
391 }-
392#else-
393 error("BindInterface not supported on this platform.");-
394#endif-
395 }
never executed: end of block
0
396 if ((r = getnameinfo((struct sockaddr *)&bindaddr, bindaddrlen,
(r = getnamein..., 0, 1 )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
397 ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST)) != 0) {
(r = getnamein..., 0, 1 )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
398 error("%s: getnameinfo failed: %s", __func__,-
399 ssh_gai_strerror(r));-
400 goto fail;
never executed: goto fail;
0
401 }-
402 if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) {
bind(sock, (st...daddrlen) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
403 error("bind %s: %s", ntop, strerror(errno));-
404 goto fail;
never executed: goto fail;
0
405 }-
406 debug("%s: bound to %s", __func__, ntop);-
407 /* success */-
408 goto out;
never executed: goto out;
0
409fail:-
410 close(sock);-
411 sock = -1;-
412 out:
code before this statement never executed: out:
0
413 if (res != NULL)
res != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
414 freeaddrinfo(res);
never executed: freeaddrinfo(res);
0
415#ifdef HAVE_IFADDRS_H-
416 if (ifaddrs != NULL)
ifaddrs != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
417 freeifaddrs(ifaddrs);
never executed: freeifaddrs(ifaddrs);
0
418#endif-
419 return sock;
never executed: return sock;
0
420}-
421-
422/*-
423 * Wait up to *timeoutp milliseconds for fd to be readable. Updates-
424 * *timeoutp with time remaining.-
425 * Returns 0 if fd ready or -1 on timeout or error (see errno).-
426 */-
427static int-
428waitrfd(int fd, int *timeoutp)-
429{-
430 struct pollfd pfd;-
431 struct timeval t_start;-
432 int oerrno, r;-
433-
434 monotime_tv(&t_start);-
435 pfd.fd = fd;-
436 pfd.events = POLLIN;-
437 for (; *timeoutp >= 0;) {
*timeoutp >= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
438 r = poll(&pfd, 1, *timeoutp);-
439 oerrno = errno;-
440 ms_subtract_diff(&t_start, timeoutp);-
441 errno = oerrno;-
442 if (r > 0)
r > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
443 return 0;
never executed: return 0;
0
444 else if (r == -1 && errno != EAGAIN)
r == -1Description
TRUEnever evaluated
FALSEnever evaluated
(*__errno_location ()) != 11Description
TRUEnever evaluated
FALSEnever evaluated
0
445 return -1;
never executed: return -1;
0
446 else if (r == 0)
r == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
447 break;
never executed: break;
0
448 }
never executed: end of block
0
449 /* timeout */-
450 errno = ETIMEDOUT;-
451 return -1;
never executed: return -1;
0
452}-
453-
454static int-
455timeout_connect(int sockfd, const struct sockaddr *serv_addr,-
456 socklen_t addrlen, int *timeoutp)-
457{-
458 int optval = 0;-
459 socklen_t optlen = sizeof(optval);-
460-
461 /* No timeout: just do a blocking connect() */-
462 if (*timeoutp <= 0)
*timeoutp <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
463 return connect(sockfd, serv_addr, addrlen);
never executed: return connect(sockfd, serv_addr, addrlen);
0
464-
465 set_nonblock(sockfd);-
466 if (connect(sockfd, serv_addr, addrlen) == 0) {
connect(sockfd... addrlen) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
467 /* Succeeded already? */-
468 unset_nonblock(sockfd);-
469 return 0;
never executed: return 0;
0
470 } else if (errno != EINPROGRESS)
(*__errno_location ()) != 115Description
TRUEnever evaluated
FALSEnever evaluated
0
471 return -1;
never executed: return -1;
0
472-
473 if (waitrfd(sockfd, timeoutp) == -1)
waitrfd(sockfd...imeoutp) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
474 return -1;
never executed: return -1;
0
475-
476 /* Completed or failed */-
477 if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1) {
getsockopt(soc...&optlen) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
478 debug("getsockopt: %s", strerror(errno));-
479 return -1;
never executed: return -1;
0
480 }-
481 if (optval != 0) {
optval != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
482 errno = optval;-
483 return -1;
never executed: return -1;
0
484 }-
485 unset_nonblock(sockfd);-
486 return 0;
never executed: return 0;
0
487}-
488-
489/*-
490 * Opens a TCP/IP connection to the remote server on the given host.-
491 * The address of the remote host will be returned in hostaddr.-
492 * If port is 0, the default port will be used.-
493 * Connection_attempts specifies the maximum number of tries (one per-
494 * second). If proxy_command is non-NULL, it specifies the command (with %h-
495 * and %p substituted for host and port, respectively) to use to contact-
496 * the daemon.-
497 */-
498static int-
499ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,-
500 struct sockaddr_storage *hostaddr, u_short port, int family,-
501 int connection_attempts, int *timeout_ms, int want_keepalive)-
502{-
503 int on = 1;-
504 int oerrno, sock = -1, attempt;-
505 char ntop[NI_MAXHOST], strport[NI_MAXSERV];-
506 struct addrinfo *ai;-
507-
508 debug2("%s", __func__);-
509 memset(ntop, 0, sizeof(ntop));-
510 memset(strport, 0, sizeof(strport));-
511-
512 for (attempt = 0; attempt < connection_attempts; attempt++) {
attempt < connection_attemptsDescription
TRUEnever evaluated
FALSEnever evaluated
0
513 if (attempt > 0) {
attempt > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
514 /* Sleep a moment before retrying. */-
515 sleep(1);-
516 debug("Trying again...");-
517 }
never executed: end of block
0
518 /*-
519 * Loop through addresses for this host, and try each one in-
520 * sequence until the connection succeeds.-
521 */-
522 for (ai = aitop; ai; ai = ai->ai_next) {
aiDescription
TRUEnever evaluated
FALSEnever evaluated
0
523 if (ai->ai_family != AF_INET &&
ai->ai_family != 2Description
TRUEnever evaluated
FALSEnever evaluated
0
524 ai->ai_family != AF_INET6) {
ai->ai_family != 10Description
TRUEnever evaluated
FALSEnever evaluated
0
525 errno = EAFNOSUPPORT;-
526 continue;
never executed: continue;
0
527 }-
528 if (getnameinfo(ai->ai_addr, ai->ai_addrlen,
getnameinfo(ai..., 1 | 2 ) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
529 ntop, sizeof(ntop), strport, sizeof(strport),
getnameinfo(ai..., 1 | 2 ) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
530 NI_NUMERICHOST|NI_NUMERICSERV) != 0) {
getnameinfo(ai..., 1 | 2 ) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
531 oerrno = errno;-
532 error("%s: getnameinfo failed", __func__);-
533 errno = oerrno;-
534 continue;
never executed: continue;
0
535 }-
536 debug("Connecting to %.200s [%.100s] port %s.",-
537 host, ntop, strport);-
538-
539 /* Create a socket for connecting. */-
540 sock = ssh_create_socket(ai);-
541 if (sock < 0) {
sock < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
542 /* Any error is already output */-
543 errno = 0;-
544 continue;
never executed: continue;
0
545 }-
546-
547 if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen,
timeout_connec...meout_ms) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
548 timeout_ms) >= 0) {
timeout_connec...meout_ms) >= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
549 /* Successful connection. */-
550 memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);-
551 break;
never executed: break;
0
552 } else {-
553 oerrno = errno;-
554 debug("connect to address %s port %s: %s",-
555 ntop, strport, strerror(errno));-
556 close(sock);-
557 sock = -1;-
558 errno = oerrno;-
559 }
never executed: end of block
0
560 }-
561 if (sock != -1)
sock != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
562 break; /* Successful connection. */
never executed: break;
0
563 }
never executed: end of block
0
564-
565 /* Return failure if we didn't get a successful connection. */-
566 if (sock == -1) {
sock == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
567 error("ssh: connect to host %s port %s: %s",-
568 host, strport, errno == 0 ? "failure" : strerror(errno));-
569 return -1;
never executed: return -1;
0
570 }-
571-
572 debug("Connection established.");-
573-
574 /* Set SO_KEEPALIVE if requested. */-
575 if (want_keepalive &&
want_keepaliveDescription
TRUEnever evaluated
FALSEnever evaluated
0
576 setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&on,
setsockopt(soc...izeof(on)) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
577 sizeof(on)) < 0)
setsockopt(soc...izeof(on)) < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
578 error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
never executed: error("setsockopt SO_KEEPALIVE: %.100s", strerror( (*__errno_location ()) ));
0
579-
580 /* Set the connection. */-
581 if (ssh_packet_set_connection(ssh, sock, sock) == NULL)
ssh_packet_set...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
582 return -1; /* ssh_packet_set_connection logs error */
never executed: return -1;
0
583-
584 return 0;
never executed: return 0;
0
585}-
586-
587int-
588ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,-
589 struct sockaddr_storage *hostaddr, u_short port, int family,-
590 int connection_attempts, int *timeout_ms, int want_keepalive)-
591{-
592 if (options.proxy_command == NULL) {
options.proxy_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
593 return ssh_connect_direct(ssh, host, addrs, hostaddr, port,
never executed: return ssh_connect_direct(ssh, host, addrs, hostaddr, port, family, connection_attempts, timeout_ms, want_keepalive);
0
594 family, connection_attempts, timeout_ms, want_keepalive);
never executed: return ssh_connect_direct(ssh, host, addrs, hostaddr, port, family, connection_attempts, timeout_ms, want_keepalive);
0
595 } else if (strcmp(options.proxy_command, "-") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( options.proxy_command ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "-" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
596 if ((ssh_packet_set_connection(ssh,
(ssh_packet_se...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
597 STDIN_FILENO, STDOUT_FILENO)) == NULL)
(ssh_packet_se...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
598 return -1; /* ssh_packet_set_connection logs error */
never executed: return -1;
0
599 return 0;
never executed: return 0;
0
600 } else if (options.proxy_use_fdpass) {
options.proxy_use_fdpassDescription
TRUEnever evaluated
FALSEnever evaluated
0
601 return ssh_proxy_fdpass_connect(ssh, host, port,
never executed: return ssh_proxy_fdpass_connect(ssh, host, port, options.proxy_command);
0
602 options.proxy_command);
never executed: return ssh_proxy_fdpass_connect(ssh, host, port, options.proxy_command);
0
603 }-
604 return ssh_proxy_connect(ssh, host, port, options.proxy_command);
never executed: return ssh_proxy_connect(ssh, host, port, options.proxy_command);
0
605}-
606-
607static void-
608send_client_banner(int connection_out, int minor1)-
609{-
610 /* Send our own protocol version identification. */-
611 xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n",-
612 PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION);-
613 if (atomicio(vwrite, connection_out, client_version_string,
atomicio((ssiz...ersion_string)Description
TRUEnever evaluated
FALSEnever evaluated
0
614 strlen(client_version_string)) != strlen(client_version_string))
atomicio((ssiz...ersion_string)Description
TRUEnever evaluated
FALSEnever evaluated
0
615 fatal("write: %.100s", strerror(errno));
never executed: fatal("write: %.100s", strerror( (*__errno_location ()) ));
0
616 chop(client_version_string);-
617 debug("Local version string %.100s", client_version_string);-
618}
never executed: end of block
0
619-
620/*-
621 * Waits for the server identification string, and sends our own-
622 * identification string.-
623 */-
624void-
625ssh_exchange_identification(int timeout_ms)-
626{-
627 char buf[256], remote_version[256]; /* must be same size! */-
628 int remote_major, remote_minor, mismatch;-
629 int connection_in = packet_get_connection_in();-
630 int connection_out = packet_get_connection_out();-
631 u_int i, n;-
632 size_t len;-
633 int rc;-
634-
635 send_client_banner(connection_out, 0);-
636-
637 /* Read other side's version identification. */-
638 for (n = 0;;) {-
639 for (i = 0; i < sizeof(buf) - 1; i++) {
i < sizeof(buf) - 1Description
TRUEnever evaluated
FALSEnever evaluated
0
640 if (timeout_ms > 0) {
timeout_ms > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
641 rc = waitrfd(connection_in, &timeout_ms);-
642 if (rc == -1 && errno == ETIMEDOUT) {
rc == -1Description
TRUEnever evaluated
FALSEnever evaluated
(*__errno_location ()) == 110Description
TRUEnever evaluated
FALSEnever evaluated
0
643 fatal("Connection timed out during "-
644 "banner exchange");-
645 } else if (rc == -1) {
never executed: end of block
rc == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
646 fatal("%s: %s",-
647 __func__, strerror(errno));-
648 }
never executed: end of block
0
649 }
never executed: end of block
0
650-
651 len = atomicio(read, connection_in, &buf[i], 1);-
652 if (len != 1 && errno == EPIPE)
len != 1Description
TRUEnever evaluated
FALSEnever evaluated
(*__errno_location ()) == 32Description
TRUEnever evaluated
FALSEnever evaluated
0
653 fatal("ssh_exchange_identification: "
never executed: fatal("ssh_exchange_identification: " "Connection closed by remote host");
0
654 "Connection closed by remote host");
never executed: fatal("ssh_exchange_identification: " "Connection closed by remote host");
0
655 else if (len != 1)
len != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
656 fatal("ssh_exchange_identification: "
never executed: fatal("ssh_exchange_identification: " "read: %.100s", strerror( (*__errno_location ()) ));
0
657 "read: %.100s", strerror(errno));
never executed: fatal("ssh_exchange_identification: " "read: %.100s", strerror( (*__errno_location ()) ));
0
658 if (buf[i] == '\r') {
buf[i] == '\r'Description
TRUEnever evaluated
FALSEnever evaluated
0
659 buf[i] = '\n';-
660 buf[i + 1] = 0;-
661 continue; /**XXX wait for \n */
never executed: continue;
0
662 }-
663 if (buf[i] == '\n') {
buf[i] == '\n'Description
TRUEnever evaluated
FALSEnever evaluated
0
664 buf[i + 1] = 0;-
665 break;
never executed: break;
0
666 }-
667 if (++n > 65536)
++n > 65536Description
TRUEnever evaluated
FALSEnever evaluated
0
668 fatal("ssh_exchange_identification: "
never executed: fatal("ssh_exchange_identification: " "No banner received");
0
669 "No banner received");
never executed: fatal("ssh_exchange_identification: " "No banner received");
0
670 }
never executed: end of block
0
671 buf[sizeof(buf) - 1] = 0;-
672 if (strncmp(buf, "SSH-", 4) == 0)
never executed: __result = (((const unsigned char *) (const char *) ( buf ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "SSH-" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(__extension__..." , 4 ))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 4 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( buf )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( buf )...size_t) ( 4 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons...t_p ( "SSH-" )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "SSH-...size_t) ( 4 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
673 break;
never executed: break;
0
674 debug("ssh_exchange_identification: %s", buf);-
675 }
never executed: end of block
0
676 server_version_string = xstrdup(buf);-
677-
678 /*-
679 * Check that the versions match. In future this might accept-
680 * several versions and set appropriate flags to handle them.-
681 */-
682 if (sscanf(server_version_string, "SSH-%d.%d-%[^\n]\n",
sscanf(server_..._version) != 3Description
TRUEnever evaluated
FALSEnever evaluated
0
683 &remote_major, &remote_minor, remote_version) != 3)
sscanf(server_..._version) != 3Description
TRUEnever evaluated
FALSEnever evaluated
0
684 fatal("Bad remote protocol version identification: '%.100s'", buf);
never executed: fatal("Bad remote protocol version identification: '%.100s'", buf);
0
685 debug("Remote protocol version %d.%d, remote software version %.100s",-
686 remote_major, remote_minor, remote_version);-
687-
688 active_state->compat = compat_datafellows(remote_version);-
689 mismatch = 0;-
690-
691 switch (remote_major) {-
692 case 2:
never executed: case 2:
0
693 break;
never executed: break;
0
694 case 1:
never executed: case 1:
0
695 if (remote_minor != 99)
remote_minor != 99Description
TRUEnever evaluated
FALSEnever evaluated
0
696 mismatch = 1;
never executed: mismatch = 1;
0
697 break;
never executed: break;
0
698 default:
never executed: default:
0
699 mismatch = 1;-
700 break;
never executed: break;
0
701 }-
702 if (mismatch)
mismatchDescription
TRUEnever evaluated
FALSEnever evaluated
0
703 fatal("Protocol major versions differ: %d vs. %d",
never executed: fatal("Protocol major versions differ: %d vs. %d", 2, remote_major);
0
704 PROTOCOL_MAJOR_2, remote_major);
never executed: fatal("Protocol major versions differ: %d vs. %d", 2, remote_major);
0
705 if ((datafellows & SSH_BUG_RSASIGMD5) != 0)
(datafellows &...00002000) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
706 logit("Server version \"%.100s\" uses unsafe RSA signature "
never executed: logit("Server version \"%.100s\" uses unsafe RSA signature " "scheme; disabling use of RSA keys", remote_version);
0
707 "scheme; disabling use of RSA keys", remote_version);
never executed: logit("Server version \"%.100s\" uses unsafe RSA signature " "scheme; disabling use of RSA keys", remote_version);
0
708 chop(server_version_string);-
709}
never executed: end of block
0
710-
711/* defaults to 'no' */-
712static int-
713confirm(const char *prompt)-
714{-
715 const char *msg, *again = "Please type 'yes' or 'no': ";-
716 char *p;-
717 int ret = -1;-
718-
719 if (options.batch_mode)
options.batch_modeDescription
TRUEnever evaluated
FALSEnever evaluated
0
720 return 0;
never executed: return 0;
0
721 for (msg = prompt;;msg = again) {-
722 p = read_passphrase(msg, RP_ECHO);-
723 if (p == NULL)
p == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
724 return 0;
never executed: return 0;
0
725 p[strcspn(p, "\n")] = '\0';-
726 if (p[0] == '\0' || strcasecmp(p, "no") == 0)
p[0] == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
strcasecmp(p, "no") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
727 ret = 0;
never executed: ret = 0;
0
728 else if (strcasecmp(p, "yes") == 0)
strcasecmp(p, "yes") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
729 ret = 1;
never executed: ret = 1;
0
730 free(p);-
731 if (ret != -1)
ret != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
732 return ret;
never executed: return ret;
0
733 }
never executed: end of block
0
734}
never executed: end of block
0
735-
736static int-
737check_host_cert(const char *host, const struct sshkey *key)-
738{-
739 const char *reason;-
740 int r;-
741-
742 if (sshkey_cert_check_authority(key, 1, 0, host, &reason) != 0) {
sshkey_cert_ch... &reason) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
743 error("%s", reason);-
744 return 0;
never executed: return 0;
0
745 }-
746 if (sshbuf_len(key->cert->critical) != 0) {
sshbuf_len(key...critical) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
747 error("Certificate for %s contains unsupported "-
748 "critical options(s)", host);-
749 return 0;
never executed: return 0;
0
750 }-
751 if ((r = sshkey_check_cert_sigtype(key,
(r = sshkey_ch...orithms)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
752 options.ca_sign_algorithms)) != 0) {
(r = sshkey_ch...orithms)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
753 logit("%s: certificate signature algorithm %s: %s", __func__,-
754 (key->cert == NULL || key->cert->signature_type == NULL) ?-
755 "(null)" : key->cert->signature_type, ssh_err(r));-
756 return 0;
never executed: return 0;
0
757 }-
758-
759 return 1;
never executed: return 1;
0
760}-
761-
762static int-
763sockaddr_is_local(struct sockaddr *hostaddr)-
764{-
765 switch (hostaddr->sa_family) {-
766 case AF_INET:
never executed: case 2 :
0
767 return (ntohl(((struct sockaddr_in *)hostaddr)->
never executed: return ( __bswap_32 ( ((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr ) >> 24) == 127 ;
0
768 sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
never executed: return ( __bswap_32 ( ((struct sockaddr_in *)hostaddr)-> sin_addr.s_addr ) >> 24) == 127 ;
0
769 case AF_INET6:
never executed: case 10 :
0
770 return IN6_IS_ADDR_LOOPBACK(
never executed: return (__extension__ ({ const struct in6_addr *__a = (const struct in6_addr *) ( &(((struct sockaddr_in6 *)hostaddr)->sin6_addr) ); __a->__in6_u.__u6_addr32[0] == 0 && __a->__in6_u.__u6_addr32[1] == 0 && __a->__in6_u.__u6_addr32[2] == 0 && __a->__in6_u.__u6_addr32[3] == __bswap_32 (1); })) ;
0
771 &(((struct sockaddr_in6 *)hostaddr)->sin6_addr));
never executed: return (__extension__ ({ const struct in6_addr *__a = (const struct in6_addr *) ( &(((struct sockaddr_in6 *)hostaddr)->sin6_addr) ); __a->__in6_u.__u6_addr32[0] == 0 && __a->__in6_u.__u6_addr32[1] == 0 && __a->__in6_u.__u6_addr32[2] == 0 && __a->__in6_u.__u6_addr32[3] == __bswap_32 (1); })) ;
0
772 default:
never executed: default:
0
773 return 0;
never executed: return 0;
0
774 }-
775}-
776-
777/*-
778 * Prepare the hostname and ip address strings that are used to lookup-
779 * host keys in known_hosts files. These may have a port number appended.-
780 */-
781void-
782get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr,-
783 u_short port, char **hostfile_hostname, char **hostfile_ipaddr)-
784{-
785 char ntop[NI_MAXHOST];-
786 socklen_t addrlen;-
787-
788 switch (hostaddr == NULL ? -1 : hostaddr->sa_family) {
hostaddr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
789 case -1:
never executed: case -1:
0
790 addrlen = 0;-
791 break;
never executed: break;
0
792 case AF_INET:
never executed: case 2 :
0
793 addrlen = sizeof(struct sockaddr_in);-
794 break;
never executed: break;
0
795 case AF_INET6:
never executed: case 10 :
0
796 addrlen = sizeof(struct sockaddr_in6);-
797 break;
never executed: break;
0
798 default:
never executed: default:
0
799 addrlen = sizeof(struct sockaddr);-
800 break;
never executed: break;
0
801 }-
802-
803 /*-
804 * We don't have the remote ip-address for connections-
805 * using a proxy command-
806 */-
807 if (hostfile_ipaddr != NULL) {
hostfile_ipaddr != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
808 if (options.proxy_command == NULL) {
options.proxy_...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
809 if (getnameinfo(hostaddr, addrlen,
getnameinfo(ho... , 0, 1 ) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
810 ntop, sizeof(ntop), NULL, 0, NI_NUMERICHOST) != 0)
getnameinfo(ho... , 0, 1 ) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
811 fatal("%s: getnameinfo failed", __func__);
never executed: fatal("%s: getnameinfo failed", __func__);
0
812 *hostfile_ipaddr = put_host_port(ntop, port);-
813 } else {
never executed: end of block
0
814 *hostfile_ipaddr = xstrdup("<no hostip for proxy "-
815 "command>");-
816 }
never executed: end of block
0
817 }-
818-
819 /*-
820 * Allow the user to record the key under a different name or-
821 * differentiate a non-standard port. This is useful for ssh-
822 * tunneling over forwarded connections or if you run multiple-
823 * sshd's on different ports on the same machine.-
824 */-
825 if (hostfile_hostname != NULL) {
hostfile_hostn...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
826 if (options.host_key_alias != NULL) {
options.host_k...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
827 *hostfile_hostname = xstrdup(options.host_key_alias);-
828 debug("using hostkeyalias: %s", *hostfile_hostname);-
829 } else {
never executed: end of block
0
830 *hostfile_hostname = put_host_port(hostname, port);-
831 }
never executed: end of block
0
832 }-
833}
never executed: end of block
0
834-
835/*-
836 * check whether the supplied host key is valid, return -1 if the key-
837 * is not valid. user_hostfile[0] will not be updated if 'readonly' is true.-
838 */-
839#define RDRW 0-
840#define RDONLY 1-
841#define ROQUIET 2-
842static int-
843check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,-
844 struct sshkey *host_key, int readonly,-
845 char **user_hostfiles, u_int num_user_hostfiles,-
846 char **system_hostfiles, u_int num_system_hostfiles)-
847{-
848 HostStatus host_status;-
849 HostStatus ip_status;-
850 struct sshkey *raw_key = NULL;-
851 char *ip = NULL, *host = NULL;-
852 char hostline[1000], *hostp, *fp, *ra;-
853 char msg[1024];-
854 const char *type;-
855 const struct hostkey_entry *host_found, *ip_found;-
856 int len, cancelled_forwarding = 0;-
857 int local = sockaddr_is_local(hostaddr);-
858 int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0;-
859 int hostkey_trusted = 0; /* Known or explicitly accepted by user */-
860 struct hostkeys *host_hostkeys, *ip_hostkeys;-
861 u_int i;-
862-
863 /*-
864 * Force accepting of the host key for loopback/localhost. The-
865 * problem is that if the home directory is NFS-mounted to multiple-
866 * machines, localhost will refer to a different machine in each of-
867 * them, and the user will get bogus HOST_CHANGED warnings. This-
868 * essentially disables host authentication for localhost; however,-
869 * this is probably not a real problem.-
870 */-
871 if (options.no_host_authentication_for_localhost == 1 && local &&
options.no_hos...localhost == 1Description
TRUEnever evaluated
FALSEnever evaluated
localDescription
TRUEnever evaluated
FALSEnever evaluated
0
872 options.host_key_alias == NULL) {
options.host_k...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
873 debug("Forcing accepting of host key for "-
874 "loopback/localhost.");-
875 return 0;
never executed: return 0;
0
876 }-
877-
878 /*-
879 * Prepare the hostname and address strings used for hostkey lookup.-
880 * In some cases, these will have a port number appended.-
881 */-
882 get_hostfile_hostname_ipaddr(hostname, hostaddr, port, &host, &ip);-
883-
884 /*-
885 * Turn off check_host_ip if the connection is to localhost, via proxy-
886 * command or if we don't have a hostname to compare with-
887 */-
888 if (options.check_host_ip && (local ||
options.check_host_ipDescription
TRUEnever evaluated
FALSEnever evaluated
localDescription
TRUEnever evaluated
FALSEnever evaluated
0
889 strcmp(hostname, ip) == 0 || options.proxy_command != NULL))
never executed: __result = (((const unsigned char *) (const char *) ( hostname ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( ip ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
options.proxy_...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
890 options.check_host_ip = 0;
never executed: options.check_host_ip = 0;
0
891-
892 host_hostkeys = init_hostkeys();-
893 for (i = 0; i < num_user_hostfiles; i++)
i < num_user_hostfilesDescription
TRUEnever evaluated
FALSEnever evaluated
0
894 load_hostkeys(host_hostkeys, host, user_hostfiles[i]);
never executed: load_hostkeys(host_hostkeys, host, user_hostfiles[i]);
0
895 for (i = 0; i < num_system_hostfiles; i++)
i < num_system_hostfilesDescription
TRUEnever evaluated
FALSEnever evaluated
0
896 load_hostkeys(host_hostkeys, host, system_hostfiles[i]);
never executed: load_hostkeys(host_hostkeys, host, system_hostfiles[i]);
0
897-
898 ip_hostkeys = NULL;-
899 if (!want_cert && options.check_host_ip) {
!want_certDescription
TRUEnever evaluated
FALSEnever evaluated
options.check_host_ipDescription
TRUEnever evaluated
FALSEnever evaluated
0
900 ip_hostkeys = init_hostkeys();-
901 for (i = 0; i < num_user_hostfiles; i++)
i < num_user_hostfilesDescription
TRUEnever evaluated
FALSEnever evaluated
0
902 load_hostkeys(ip_hostkeys, ip, user_hostfiles[i]);
never executed: load_hostkeys(ip_hostkeys, ip, user_hostfiles[i]);
0
903 for (i = 0; i < num_system_hostfiles; i++)
i < num_system_hostfilesDescription
TRUEnever evaluated
FALSEnever evaluated
0
904 load_hostkeys(ip_hostkeys, ip, system_hostfiles[i]);
never executed: load_hostkeys(ip_hostkeys, ip, system_hostfiles[i]);
0
905 }
never executed: end of block
0
906-
907 retry:
code before this statement never executed: retry:
0
908 /* Reload these as they may have changed on cert->key downgrade */-
909 want_cert = sshkey_is_cert(host_key);-
910 type = sshkey_type(host_key);-
911-
912 /*-
913 * Check if the host key is present in the user's list of known-
914 * hosts or in the systemwide list.-
915 */-
916 host_status = check_key_in_hostkeys(host_hostkeys, host_key,-
917 &host_found);-
918-
919 /*-
920 * Also perform check for the ip address, skip the check if we are-
921 * localhost, looking for a certificate, or the hostname was an ip-
922 * address to begin with.-
923 */-
924 if (!want_cert && ip_hostkeys != NULL) {
!want_certDescription
TRUEnever evaluated
FALSEnever evaluated
ip_hostkeys != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
925 ip_status = check_key_in_hostkeys(ip_hostkeys, host_key,-
926 &ip_found);-
927 if (host_status == HOST_CHANGED &&
host_status == HOST_CHANGEDDescription
TRUEnever evaluated
FALSEnever evaluated
0
928 (ip_status != HOST_CHANGED ||
ip_status != HOST_CHANGEDDescription
TRUEnever evaluated
FALSEnever evaluated
0
929 (ip_found != NULL &&
ip_found != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
930 !sshkey_equal(ip_found->key, host_found->key))))
!sshkey_equal(...st_found->key)Description
TRUEnever evaluated
FALSEnever evaluated
0
931 host_ip_differ = 1;
never executed: host_ip_differ = 1;
0
932 } else
never executed: end of block
0
933 ip_status = host_status;
never executed: ip_status = host_status;
0
934-
935 switch (host_status) {-
936 case HOST_OK:
never executed: case HOST_OK:
0
937 /* The host is known and the key matches. */-
938 debug("Host '%.200s' is known and matches the %s host %s.",-
939 host, type, want_cert ? "certificate" : "key");-
940 debug("Found %s in %s:%lu", want_cert ? "CA key" : "key",-
941 host_found->file, host_found->line);-
942 if (want_cert &&
want_certDescription
TRUEnever evaluated
FALSEnever evaluated
0
943 !check_host_cert(options.host_key_alias == NULL ?
!check_host_ce...ias, host_key)Description
TRUEnever evaluated
FALSEnever evaluated
0
944 hostname : options.host_key_alias, host_key))
!check_host_ce...ias, host_key)Description
TRUEnever evaluated
FALSEnever evaluated
0
945 goto fail;
never executed: goto fail;
0
946 if (options.check_host_ip && ip_status == HOST_NEW) {
options.check_host_ipDescription
TRUEnever evaluated
FALSEnever evaluated
ip_status == HOST_NEWDescription
TRUEnever evaluated
FALSEnever evaluated
0
947 if (readonly || want_cert)
readonlyDescription
TRUEnever evaluated
FALSEnever evaluated
want_certDescription
TRUEnever evaluated
FALSEnever evaluated
0
948 logit("%s host key for IP address "
never executed: logit("%s host key for IP address " "'%.128s' not in list of known hosts.", type, ip);
0
949 "'%.128s' not in list of known hosts.",
never executed: logit("%s host key for IP address " "'%.128s' not in list of known hosts.", type, ip);
0
950 type, ip);
never executed: logit("%s host key for IP address " "'%.128s' not in list of known hosts.", type, ip);
0
951 else if (!add_host_to_hostfile(user_hostfiles[0], ip,
!add_host_to_h...h_known_hosts)Description
TRUEnever evaluated
FALSEnever evaluated
0
952 host_key, options.hash_known_hosts))
!add_host_to_h...h_known_hosts)Description
TRUEnever evaluated
FALSEnever evaluated
0
953 logit("Failed to add the %s host key for IP "
never executed: logit("Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type, ip, user_hostfiles[0]);
0
954 "address '%.128s' to the list of known "
never executed: logit("Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type, ip, user_hostfiles[0]);
0
955 "hosts (%.500s).", type, ip,
never executed: logit("Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type, ip, user_hostfiles[0]);
0
956 user_hostfiles[0]);
never executed: logit("Failed to add the %s host key for IP " "address '%.128s' to the list of known " "hosts (%.500s).", type, ip, user_hostfiles[0]);
0
957 else-
958 logit("Warning: Permanently added the %s host "
never executed: logit("Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts.", type, ip);
0
959 "key for IP address '%.128s' to the list "
never executed: logit("Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts.", type, ip);
0
960 "of known hosts.", type, ip);
never executed: logit("Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts.", type, ip);
0
961 } else if (options.visual_host_key) {
options.visual_host_keyDescription
TRUEnever evaluated
FALSEnever evaluated
0
962 fp = sshkey_fingerprint(host_key,-
963 options.fingerprint_hash, SSH_FP_DEFAULT);-
964 ra = sshkey_fingerprint(host_key,-
965 options.fingerprint_hash, SSH_FP_RANDOMART);-
966 if (fp == NULL || ra == NULL)
fp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
ra == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
967 fatal("%s: sshkey_fingerprint fail", __func__);
never executed: fatal("%s: sshkey_fingerprint fail", __func__);
0
968 logit("Host key fingerprint is %s\n%s", fp, ra);-
969 free(ra);-
970 free(fp);-
971 }
never executed: end of block
0
972 hostkey_trusted = 1;-
973 break;
never executed: break;
0
974 case HOST_NEW:
never executed: case HOST_NEW:
0
975 if (options.host_key_alias == NULL && port != 0 &&
options.host_k...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
port != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
976 port != SSH_DEFAULT_PORT) {
port != 22Description
TRUEnever evaluated
FALSEnever evaluated
0
977 debug("checking without port identifier");-
978 if (check_host_key(hostname, hostaddr, 0, host_key,
check_host_key...ostfiles) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
979 ROQUIET, user_hostfiles, num_user_hostfiles,
check_host_key...ostfiles) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
980 system_hostfiles, num_system_hostfiles) == 0) {
check_host_key...ostfiles) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
981 debug("found matching key w/out port");-
982 break;
never executed: break;
0
983 }-
984 }
never executed: end of block
0
985 if (readonly || want_cert)
readonlyDescription
TRUEnever evaluated
FALSEnever evaluated
want_certDescription
TRUEnever evaluated
FALSEnever evaluated
0
986 goto fail;
never executed: goto fail;
0
987 /* The host is new. */-
988 if (options.strict_host_key_checking ==
options.strict..._checking == 2Description
TRUEnever evaluated
FALSEnever evaluated
0
989 SSH_STRICT_HOSTKEY_YES) {
options.strict..._checking == 2Description
TRUEnever evaluated
FALSEnever evaluated
0
990 /*-
991 * User has requested strict host key checking. We-
992 * will not add the host key automatically. The only-
993 * alternative left is to abort.-
994 */-
995 error("No %s host key is known for %.200s and you "-
996 "have requested strict checking.", type, host);-
997 goto fail;
never executed: goto fail;
0
998 } else if (options.strict_host_key_checking ==
options.strict..._checking == 3Description
TRUEnever evaluated
FALSEnever evaluated
0
999 SSH_STRICT_HOSTKEY_ASK) {
options.strict..._checking == 3Description
TRUEnever evaluated
FALSEnever evaluated
0
1000 char msg1[1024], msg2[1024];-
1001-
1002 if (show_other_keys(host_hostkeys, host_key))
show_other_key...eys, host_key)Description
TRUEnever evaluated
FALSEnever evaluated
0
1003 snprintf(msg1, sizeof(msg1),
never executed: snprintf(msg1, sizeof(msg1), "\nbut keys of different type are already" " known for this host.");
0
1004 "\nbut keys of different type are already"
never executed: snprintf(msg1, sizeof(msg1), "\nbut keys of different type are already" " known for this host.");
0
1005 " known for this host.");
never executed: snprintf(msg1, sizeof(msg1), "\nbut keys of different type are already" " known for this host.");
0
1006 else-
1007 snprintf(msg1, sizeof(msg1), ".");
never executed: snprintf(msg1, sizeof(msg1), ".");
0
1008 /* The default */-
1009 fp = sshkey_fingerprint(host_key,-
1010 options.fingerprint_hash, SSH_FP_DEFAULT);-
1011 ra = sshkey_fingerprint(host_key,-
1012 options.fingerprint_hash, SSH_FP_RANDOMART);-
1013 if (fp == NULL || ra == NULL)
fp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
ra == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1014 fatal("%s: sshkey_fingerprint fail", __func__);
never executed: fatal("%s: sshkey_fingerprint fail", __func__);
0
1015 msg2[0] = '\0';-
1016 if (options.verify_host_key_dns) {
options.verify_host_key_dnsDescription
TRUEnever evaluated
FALSEnever evaluated
0
1017 if (matching_host_key_dns)
matching_host_key_dnsDescription
TRUEnever evaluated
FALSEnever evaluated
0
1018 snprintf(msg2, sizeof(msg2),
never executed: snprintf(msg2, sizeof(msg2), "Matching host key fingerprint" " found in DNS.\n");
0
1019 "Matching host key fingerprint"
never executed: snprintf(msg2, sizeof(msg2), "Matching host key fingerprint" " found in DNS.\n");
0
1020 " found in DNS.\n");
never executed: snprintf(msg2, sizeof(msg2), "Matching host key fingerprint" " found in DNS.\n");
0
1021 else-
1022 snprintf(msg2, sizeof(msg2),
never executed: snprintf(msg2, sizeof(msg2), "No matching host key fingerprint" " found in DNS.\n");
0
1023 "No matching host key fingerprint"
never executed: snprintf(msg2, sizeof(msg2), "No matching host key fingerprint" " found in DNS.\n");
0
1024 " found in DNS.\n");
never executed: snprintf(msg2, sizeof(msg2), "No matching host key fingerprint" " found in DNS.\n");
0
1025 }-
1026 snprintf(msg, sizeof(msg),-
1027 "The authenticity of host '%.200s (%s)' can't be "-
1028 "established%s\n"-
1029 "%s key fingerprint is %s.%s%s\n%s"-
1030 "Are you sure you want to continue connecting "-
1031 "(yes/no)? ",-
1032 host, ip, msg1, type, fp,-
1033 options.visual_host_key ? "\n" : "",-
1034 options.visual_host_key ? ra : "",-
1035 msg2);-
1036 free(ra);-
1037 free(fp);-
1038 if (!confirm(msg))
!confirm(msg)Description
TRUEnever evaluated
FALSEnever evaluated
0
1039 goto fail;
never executed: goto fail;
0
1040 hostkey_trusted = 1; /* user explicitly confirmed */-
1041 }
never executed: end of block
0
1042 /*-
1043 * If in "new" or "off" strict mode, add the key automatically-
1044 * to the local known_hosts file.-
1045 */-
1046 if (options.check_host_ip && ip_status == HOST_NEW) {
options.check_host_ipDescription
TRUEnever evaluated
FALSEnever evaluated
ip_status == HOST_NEWDescription
TRUEnever evaluated
FALSEnever evaluated
0
1047 snprintf(hostline, sizeof(hostline), "%s,%s", host, ip);-
1048 hostp = hostline;-
1049 if (options.hash_known_hosts) {
options.hash_known_hostsDescription
TRUEnever evaluated
FALSEnever evaluated
0
1050 /* Add hash of host and IP separately */-
1051 r = add_host_to_hostfile(user_hostfiles[0],
add_host_to_ho...h_known_hosts)Description
TRUEnever evaluated
FALSEnever evaluated
0
1052 host, host_key, options.hash_known_hosts) &&
add_host_to_ho...h_known_hosts)Description
TRUEnever evaluated
FALSEnever evaluated
0
1053 add_host_to_hostfile(user_hostfiles[0], ip,
add_host_to_ho...h_known_hosts)Description
TRUEnever evaluated
FALSEnever evaluated
0
1054 host_key, options.hash_known_hosts);
add_host_to_ho...h_known_hosts)Description
TRUEnever evaluated
FALSEnever evaluated
0
1055 } else {
never executed: end of block
0
1056 /* Add unhashed "host,ip" */-
1057 r = add_host_to_hostfile(user_hostfiles[0],-
1058 hostline, host_key,-
1059 options.hash_known_hosts);-
1060 }
never executed: end of block
0
1061 } else {-
1062 r = add_host_to_hostfile(user_hostfiles[0], host,-
1063 host_key, options.hash_known_hosts);-
1064 hostp = host;-
1065 }
never executed: end of block
0
1066-
1067 if (!r)
!rDescription
TRUEnever evaluated
FALSEnever evaluated
0
1068 logit("Failed to add the host to the list of known "
never executed: logit("Failed to add the host to the list of known " "hosts (%.500s).", user_hostfiles[0]);
0
1069 "hosts (%.500s).", user_hostfiles[0]);
never executed: logit("Failed to add the host to the list of known " "hosts (%.500s).", user_hostfiles[0]);
0
1070 else-
1071 logit("Warning: Permanently added '%.200s' (%s) to the "
never executed: logit("Warning: Permanently added '%.200s' (%s) to the " "list of known hosts.", hostp, type);
0
1072 "list of known hosts.", hostp, type);
never executed: logit("Warning: Permanently added '%.200s' (%s) to the " "list of known hosts.", hostp, type);
0
1073 break;
never executed: break;
0
1074 case HOST_REVOKED:
never executed: case HOST_REVOKED:
0
1075 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");-
1076 error("@ WARNING: REVOKED HOST KEY DETECTED! @");-
1077 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");-
1078 error("The %s host key for %s is marked as revoked.", type, host);-
1079 error("This could mean that a stolen key is being used to");-
1080 error("impersonate this host.");-
1081-
1082 /*-
1083 * If strict host key checking is in use, the user will have-
1084 * to edit the key manually and we can only abort.-
1085 */-
1086 if (options.strict_host_key_checking !=
options.strict..._checking != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1087 SSH_STRICT_HOSTKEY_OFF) {
options.strict..._checking != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1088 error("%s host key for %.200s was revoked and you have "-
1089 "requested strict checking.", type, host);-
1090 goto fail;
never executed: goto fail;
0
1091 }-
1092 goto continue_unsafe;
never executed: goto continue_unsafe;
0
1093-
1094 case HOST_CHANGED:
never executed: case HOST_CHANGED:
0
1095 if (want_cert) {
want_certDescription
TRUEnever evaluated
FALSEnever evaluated
0
1096 /*-
1097 * This is only a debug() since it is valid to have-
1098 * CAs with wildcard DNS matches that don't match-
1099 * all hosts that one might visit.-
1100 */-
1101 debug("Host certificate authority does not "-
1102 "match %s in %s:%lu", CA_MARKER,-
1103 host_found->file, host_found->line);-
1104 goto fail;
never executed: goto fail;
0
1105 }-
1106 if (readonly == ROQUIET)
readonly == 2Description
TRUEnever evaluated
FALSEnever evaluated
0
1107 goto fail;
never executed: goto fail;
0
1108 if (options.check_host_ip && host_ip_differ) {
options.check_host_ipDescription
TRUEnever evaluated
FALSEnever evaluated
host_ip_differDescription
TRUEnever evaluated
FALSEnever evaluated
0
1109 char *key_msg;-
1110 if (ip_status == HOST_NEW)
ip_status == HOST_NEWDescription
TRUEnever evaluated
FALSEnever evaluated
0
1111 key_msg = "is unknown";
never executed: key_msg = "is unknown";
0
1112 else if (ip_status == HOST_OK)
ip_status == HOST_OKDescription
TRUEnever evaluated
FALSEnever evaluated
0
1113 key_msg = "is unchanged";
never executed: key_msg = "is unchanged";
0
1114 else-
1115 key_msg = "has a different value";
never executed: key_msg = "has a different value";
0
1116 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");-
1117 error("@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @");-
1118 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");-
1119 error("The %s host key for %s has changed,", type, host);-
1120 error("and the key for the corresponding IP address %s", ip);-
1121 error("%s. This could either mean that", key_msg);-
1122 error("DNS SPOOFING is happening or the IP address for the host");-
1123 error("and its host key have changed at the same time.");-
1124 if (ip_status != HOST_NEW)
ip_status != HOST_NEWDescription
TRUEnever evaluated
FALSEnever evaluated
0
1125 error("Offending key for IP in %s:%lu",
never executed: error("Offending key for IP in %s:%lu", ip_found->file, ip_found->line);
0
1126 ip_found->file, ip_found->line);
never executed: error("Offending key for IP in %s:%lu", ip_found->file, ip_found->line);
0
1127 }
never executed: end of block
0
1128 /* The host key has changed. */-
1129 warn_changed_key(host_key);-
1130 error("Add correct host key in %.100s to get rid of this message.",-
1131 user_hostfiles[0]);-
1132 error("Offending %s key in %s:%lu",-
1133 sshkey_type(host_found->key),-
1134 host_found->file, host_found->line);-
1135-
1136 /*-
1137 * If strict host key checking is in use, the user will have-
1138 * to edit the key manually and we can only abort.-
1139 */-
1140 if (options.strict_host_key_checking !=
options.strict..._checking != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1141 SSH_STRICT_HOSTKEY_OFF) {
options.strict..._checking != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1142 error("%s host key for %.200s has changed and you have "-
1143 "requested strict checking.", type, host);-
1144 goto fail;
never executed: goto fail;
0
1145 }-
1146-
1147 continue_unsafe:
code before this statement never executed: continue_unsafe:
0
1148 /*-
1149 * If strict host key checking has not been requested, allow-
1150 * the connection but without MITM-able authentication or-
1151 * forwarding.-
1152 */-
1153 if (options.password_authentication) {
options.passwo...authenticationDescription
TRUEnever evaluated
FALSEnever evaluated
0
1154 error("Password authentication is disabled to avoid "-
1155 "man-in-the-middle attacks.");-
1156 options.password_authentication = 0;-
1157 cancelled_forwarding = 1;-
1158 }
never executed: end of block
0
1159 if (options.kbd_interactive_authentication) {
options.kbd_in...authenticationDescription
TRUEnever evaluated
FALSEnever evaluated
0
1160 error("Keyboard-interactive authentication is disabled"-
1161 " to avoid man-in-the-middle attacks.");-
1162 options.kbd_interactive_authentication = 0;-
1163 options.challenge_response_authentication = 0;-
1164 cancelled_forwarding = 1;-
1165 }
never executed: end of block
0
1166 if (options.challenge_response_authentication) {
options.challe...authenticationDescription
TRUEnever evaluated
FALSEnever evaluated
0
1167 error("Challenge/response authentication is disabled"-
1168 " to avoid man-in-the-middle attacks.");-
1169 options.challenge_response_authentication = 0;-
1170 cancelled_forwarding = 1;-
1171 }
never executed: end of block
0
1172 if (options.forward_agent) {
options.forward_agentDescription
TRUEnever evaluated
FALSEnever evaluated
0
1173 error("Agent forwarding is disabled to avoid "-
1174 "man-in-the-middle attacks.");-
1175 options.forward_agent = 0;-
1176 cancelled_forwarding = 1;-
1177 }
never executed: end of block
0
1178 if (options.forward_x11) {
options.forward_x11Description
TRUEnever evaluated
FALSEnever evaluated
0
1179 error("X11 forwarding is disabled to avoid "-
1180 "man-in-the-middle attacks.");-
1181 options.forward_x11 = 0;-
1182 cancelled_forwarding = 1;-
1183 }
never executed: end of block
0
1184 if (options.num_local_forwards > 0 ||
options.num_local_forwards > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1185 options.num_remote_forwards > 0) {
options.num_re...e_forwards > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1186 error("Port forwarding is disabled to avoid "-
1187 "man-in-the-middle attacks.");-
1188 options.num_local_forwards =-
1189 options.num_remote_forwards = 0;-
1190 cancelled_forwarding = 1;-
1191 }
never executed: end of block
0
1192 if (options.tun_open != SSH_TUNMODE_NO) {
options.tun_open != 0x00Description
TRUEnever evaluated
FALSEnever evaluated
0
1193 error("Tunnel forwarding is disabled to avoid "-
1194 "man-in-the-middle attacks.");-
1195 options.tun_open = SSH_TUNMODE_NO;-
1196 cancelled_forwarding = 1;-
1197 }
never executed: end of block
0
1198 if (options.exit_on_forward_failure && cancelled_forwarding)
options.exit_o...orward_failureDescription
TRUEnever evaluated
FALSEnever evaluated
cancelled_forwardingDescription
TRUEnever evaluated
FALSEnever evaluated
0
1199 fatal("Error: forwarding disabled due to host key "
never executed: fatal("Error: forwarding disabled due to host key " "check failure");
0
1200 "check failure");
never executed: fatal("Error: forwarding disabled due to host key " "check failure");
0
1201 -
1202 /*-
1203 * XXX Should permit the user to change to use the new id.-
1204 * This could be done by converting the host key to an-
1205 * identifying sentence, tell that the host identifies itself-
1206 * by that sentence, and ask the user if he/she wishes to-
1207 * accept the authentication.-
1208 */-
1209 break;
never executed: break;
0
1210 case HOST_FOUND:
never executed: case HOST_FOUND:
0
1211 fatal("internal error");-
1212 break;
never executed: break;
0
1213 }-
1214-
1215 if (options.check_host_ip && host_status != HOST_CHANGED &&
options.check_host_ipDescription
TRUEnever evaluated
FALSEnever evaluated
host_status != HOST_CHANGEDDescription
TRUEnever evaluated
FALSEnever evaluated
0
1216 ip_status == HOST_CHANGED) {
ip_status == HOST_CHANGEDDescription
TRUEnever evaluated
FALSEnever evaluated
0
1217 snprintf(msg, sizeof(msg),-
1218 "Warning: the %s host key for '%.200s' "-
1219 "differs from the key for the IP address '%.128s'"-
1220 "\nOffending key for IP in %s:%lu",-
1221 type, host, ip, ip_found->file, ip_found->line);-
1222 if (host_status == HOST_OK) {
host_status == HOST_OKDescription
TRUEnever evaluated
FALSEnever evaluated
0
1223 len = strlen(msg);-
1224 snprintf(msg + len, sizeof(msg) - len,-
1225 "\nMatching host key in %s:%lu",-
1226 host_found->file, host_found->line);-
1227 }
never executed: end of block
0
1228 if (options.strict_host_key_checking ==
options.strict..._checking == 3Description
TRUEnever evaluated
FALSEnever evaluated
0
1229 SSH_STRICT_HOSTKEY_ASK) {
options.strict..._checking == 3Description
TRUEnever evaluated
FALSEnever evaluated
0
1230 strlcat(msg, "\nAre you sure you want "-
1231 "to continue connecting (yes/no)? ", sizeof(msg));-
1232 if (!confirm(msg))
!confirm(msg)Description
TRUEnever evaluated
FALSEnever evaluated
0
1233 goto fail;
never executed: goto fail;
0
1234 } else if (options.strict_host_key_checking !=
never executed: end of block
options.strict..._checking != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1235 SSH_STRICT_HOSTKEY_OFF) {
options.strict..._checking != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1236 logit("%s", msg);-
1237 error("Exiting, you have requested strict checking.");-
1238 goto fail;
never executed: goto fail;
0
1239 } else {-
1240 logit("%s", msg);-
1241 }
never executed: end of block
0
1242 }-
1243-
1244 if (!hostkey_trusted && options.update_hostkeys) {
!hostkey_trustedDescription
TRUEnever evaluated
FALSEnever evaluated
options.update_hostkeysDescription
TRUEnever evaluated
FALSEnever evaluated
0
1245 debug("%s: hostkey not known or explicitly trusted: "-
1246 "disabling UpdateHostkeys", __func__);-
1247 options.update_hostkeys = 0;-
1248 }
never executed: end of block
0
1249-
1250 free(ip);-
1251 free(host);-
1252 if (host_hostkeys != NULL)
host_hostkeys != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1253 free_hostkeys(host_hostkeys);
never executed: free_hostkeys(host_hostkeys);
0
1254 if (ip_hostkeys != NULL)
ip_hostkeys != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1255 free_hostkeys(ip_hostkeys);
never executed: free_hostkeys(ip_hostkeys);
0
1256 return 0;
never executed: return 0;
0
1257-
1258fail:-
1259 if (want_cert && host_status != HOST_REVOKED) {
want_certDescription
TRUEnever evaluated
FALSEnever evaluated
host_status != HOST_REVOKEDDescription
TRUEnever evaluated
FALSEnever evaluated
0
1260 /*-
1261 * No matching certificate. Downgrade cert to raw key and-
1262 * search normally.-
1263 */-
1264 debug("No matching CA found. Retry with plain key");-
1265 if ((r = sshkey_from_private(host_key, &raw_key)) != 0)
(r = sshkey_fr...raw_key)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1266 fatal("%s: sshkey_from_private: %s",
never executed: fatal("%s: sshkey_from_private: %s", __func__, ssh_err(r));
0
1267 __func__, ssh_err(r));
never executed: fatal("%s: sshkey_from_private: %s", __func__, ssh_err(r));
0
1268 if ((r = sshkey_drop_cert(raw_key)) != 0)
(r = sshkey_dr...raw_key)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1269 fatal("Couldn't drop certificate: %s", ssh_err(r));
never executed: fatal("Couldn't drop certificate: %s", ssh_err(r));
0
1270 host_key = raw_key;-
1271 goto retry;
never executed: goto retry;
0
1272 }-
1273 sshkey_free(raw_key);-
1274 free(ip);-
1275 free(host);-
1276 if (host_hostkeys != NULL)
host_hostkeys != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1277 free_hostkeys(host_hostkeys);
never executed: free_hostkeys(host_hostkeys);
0
1278 if (ip_hostkeys != NULL)
ip_hostkeys != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1279 free_hostkeys(ip_hostkeys);
never executed: free_hostkeys(ip_hostkeys);
0
1280 return -1;
never executed: return -1;
0
1281}-
1282-
1283/* returns 0 if key verifies or -1 if key does NOT verify */-
1284int-
1285verify_host_key(char *host, struct sockaddr *hostaddr, struct sshkey *host_key)-
1286{-
1287 u_int i;-
1288 int r = -1, flags = 0;-
1289 char valid[64], *fp = NULL, *cafp = NULL;-
1290 struct sshkey *plain = NULL;-
1291-
1292 if ((fp = sshkey_fingerprint(host_key,
(fp = sshkey_f...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1293 options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) {
(fp = sshkey_f...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1294 error("%s: fingerprint host key: %s", __func__, ssh_err(r));-
1295 r = -1;-
1296 goto out;
never executed: goto out;
0
1297 }-
1298-
1299 if (sshkey_is_cert(host_key)) {
sshkey_is_cert(host_key)Description
TRUEnever evaluated
FALSEnever evaluated
0
1300 if ((cafp = sshkey_fingerprint(host_key->cert->signature_key,
(cafp = sshkey...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1301 options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) {
(cafp = sshkey...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1302 error("%s: fingerprint CA key: %s",-
1303 __func__, ssh_err(r));-
1304 r = -1;-
1305 goto out;
never executed: goto out;
0
1306 }-
1307 sshkey_format_cert_validity(host_key->cert,-
1308 valid, sizeof(valid));-
1309 debug("Server host certificate: %s %s, serial %llu "-
1310 "ID \"%s\" CA %s %s valid %s",-
1311 sshkey_ssh_name(host_key), fp,-
1312 (unsigned long long)host_key->cert->serial,-
1313 host_key->cert->key_id,-
1314 sshkey_ssh_name(host_key->cert->signature_key), cafp,-
1315 valid);-
1316 for (i = 0; i < host_key->cert->nprincipals; i++) {
i < host_key->...t->nprincipalsDescription
TRUEnever evaluated
FALSEnever evaluated
0
1317 debug2("Server host certificate hostname: %s",-
1318 host_key->cert->principals[i]);-
1319 }
never executed: end of block
0
1320 } else {
never executed: end of block
0
1321 debug("Server host key: %s %s", sshkey_ssh_name(host_key), fp);-
1322 }
never executed: end of block
0
1323-
1324 if (sshkey_equal(previous_host_key, host_key)) {
sshkey_equal(p...key, host_key)Description
TRUEnever evaluated
FALSEnever evaluated
0
1325 debug2("%s: server host key %s %s matches cached key",-
1326 __func__, sshkey_type(host_key), fp);-
1327 r = 0;-
1328 goto out;
never executed: goto out;
0
1329 }-
1330-
1331 /* Check in RevokedHostKeys file if specified */-
1332 if (options.revoked_host_keys != NULL) {
options.revoke...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1333 r = sshkey_check_revoked(host_key, options.revoked_host_keys);-
1334 switch (r) {-
1335 case 0:
never executed: case 0:
0
1336 break; /* not revoked */
never executed: break;
0
1337 case SSH_ERR_KEY_REVOKED:
never executed: case -51:
0
1338 error("Host key %s %s revoked by file %s",-
1339 sshkey_type(host_key), fp,-
1340 options.revoked_host_keys);-
1341 r = -1;-
1342 goto out;
never executed: goto out;
0
1343 default:
never executed: default:
0
1344 error("Error checking host key %s %s in "-
1345 "revoked keys file %s: %s", sshkey_type(host_key),-
1346 fp, options.revoked_host_keys, ssh_err(r));-
1347 r = -1;-
1348 goto out;
never executed: goto out;
0
1349 }-
1350 }-
1351-
1352 if (options.verify_host_key_dns) {
options.verify_host_key_dnsDescription
TRUEnever evaluated
FALSEnever evaluated
0
1353 /*-
1354 * XXX certs are not yet supported for DNS, so downgrade-
1355 * them and try the plain key.-
1356 */-
1357 if ((r = sshkey_from_private(host_key, &plain)) != 0)
(r = sshkey_fr... &plain)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1358 goto out;
never executed: goto out;
0
1359 if (sshkey_is_cert(plain))
sshkey_is_cert(plain)Description
TRUEnever evaluated
FALSEnever evaluated
0
1360 sshkey_drop_cert(plain);
never executed: sshkey_drop_cert(plain);
0
1361 if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) {
verify_host_ke..., &flags) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1362 if (flags & DNS_VERIFY_FOUND) {
flags & 0x00000001Description
TRUEnever evaluated
FALSEnever evaluated
0
1363 if (options.verify_host_key_dns == 1 &&
options.verify...t_key_dns == 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1364 flags & DNS_VERIFY_MATCH &&
flags & 0x00000002Description
TRUEnever evaluated
FALSEnever evaluated
0
1365 flags & DNS_VERIFY_SECURE) {
flags & 0x00000004Description
TRUEnever evaluated
FALSEnever evaluated
0
1366 r = 0;-
1367 goto out;
never executed: goto out;
0
1368 }-
1369 if (flags & DNS_VERIFY_MATCH) {
flags & 0x00000002Description
TRUEnever evaluated
FALSEnever evaluated
0
1370 matching_host_key_dns = 1;-
1371 } else {
never executed: end of block
0
1372 warn_changed_key(plain);-
1373 error("Update the SSHFP RR in DNS "-
1374 "with the new host key to get rid "-
1375 "of this message.");-
1376 }
never executed: end of block
0
1377 }-
1378 }
never executed: end of block
0
1379 }
never executed: end of block
0
1380 r = check_host_key(host, hostaddr, options.port, host_key, RDRW,-
1381 options.user_hostfiles, options.num_user_hostfiles,-
1382 options.system_hostfiles, options.num_system_hostfiles);-
1383-
1384out:
code before this statement never executed: out:
0
1385 sshkey_free(plain);-
1386 free(fp);-
1387 free(cafp);-
1388 if (r == 0 && host_key != NULL) {
r == 0Description
TRUEnever evaluated
FALSEnever evaluated
host_key != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1389 sshkey_free(previous_host_key);-
1390 r = sshkey_from_private(host_key, &previous_host_key);-
1391 }
never executed: end of block
0
1392-
1393 return r;
never executed: return r;
0
1394}-
1395-
1396/*-
1397 * Starts a dialog with the server, and authenticates the current user on the-
1398 * server. This does not need any extra privileges. The basic connection-
1399 * to the server must already have been established before this is called.-
1400 * If login fails, this function prints an error and never returns.-
1401 * This function does not require super-user privileges.-
1402 */-
1403void-
1404ssh_login(Sensitive *sensitive, const char *orighost,-
1405 struct sockaddr *hostaddr, u_short port, struct passwd *pw, int timeout_ms)-
1406{-
1407 char *host;-
1408 char *server_user, *local_user;-
1409-
1410 local_user = xstrdup(pw->pw_name);-
1411 server_user = options.user ? options.user : local_user;
options.userDescription
TRUEnever evaluated
FALSEnever evaluated
0
1412-
1413 /* Convert the user-supplied hostname into all lowercase. */-
1414 host = xstrdup(orighost);-
1415 lowercase(host);-
1416-
1417 /* Exchange protocol version identification strings with the server. */-
1418 ssh_exchange_identification(timeout_ms);-
1419-
1420 /* Put the connection into non-blocking mode. */-
1421 packet_set_nonblocking();-
1422-
1423 /* key exchange */-
1424 /* authenticate user */-
1425 debug("Authenticating to %s:%d as '%s'", host, port, server_user);-
1426 ssh_kex2(host, hostaddr, port);-
1427 ssh_userauth2(local_user, server_user, host, sensitive);-
1428 free(local_user);-
1429}
never executed: end of block
0
1430-
1431void-
1432ssh_put_password(char *password)-
1433{-
1434 int size;-
1435 char *padded;-
1436-
1437 if (datafellows & SSH_BUG_PASSWORDPAD) {
datafellows & 0x00000400Description
TRUEnever evaluated
FALSEnever evaluated
0
1438 packet_put_cstring(password);-
1439 return;
never executed: return;
0
1440 }-
1441 size = ROUNDUP(strlen(password) + 1, 32);-
1442 padded = xcalloc(1, size);-
1443 strlcpy(padded, password, size);-
1444 packet_put_string(padded, size);-
1445 explicit_bzero(padded, size);-
1446 free(padded);-
1447}
never executed: end of block
0
1448-
1449/* print all known host keys for a given host, but skip keys of given type */-
1450static int-
1451show_other_keys(struct hostkeys *hostkeys, struct sshkey *key)-
1452{-
1453 int type[] = {-
1454 KEY_RSA,-
1455 KEY_DSA,-
1456 KEY_ECDSA,-
1457 KEY_ED25519,-
1458 KEY_XMSS,-
1459 -1-
1460 };-
1461 int i, ret = 0;-
1462 char *fp, *ra;-
1463 const struct hostkey_entry *found;-
1464-
1465 for (i = 0; type[i] != -1; i++) {
type[i] != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1466 if (type[i] == key->type)
type[i] == key->typeDescription
TRUEnever evaluated
FALSEnever evaluated
0
1467 continue;
never executed: continue;
0
1468 if (!lookup_key_in_hostkeys_by_type(hostkeys, type[i], &found))
!lookup_key_in...pe[i], &found)Description
TRUEnever evaluated
FALSEnever evaluated
0
1469 continue;
never executed: continue;
0
1470 fp = sshkey_fingerprint(found->key,-
1471 options.fingerprint_hash, SSH_FP_DEFAULT);-
1472 ra = sshkey_fingerprint(found->key,-
1473 options.fingerprint_hash, SSH_FP_RANDOMART);-
1474 if (fp == NULL || ra == NULL)
fp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
ra == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1475 fatal("%s: sshkey_fingerprint fail", __func__);
never executed: fatal("%s: sshkey_fingerprint fail", __func__);
0
1476 logit("WARNING: %s key found for host %s\n"-
1477 "in %s:%lu\n"-
1478 "%s key fingerprint %s.",-
1479 sshkey_type(found->key),-
1480 found->host, found->file, found->line,-
1481 sshkey_type(found->key), fp);-
1482 if (options.visual_host_key)
options.visual_host_keyDescription
TRUEnever evaluated
FALSEnever evaluated
0
1483 logit("%s", ra);
never executed: logit("%s", ra);
0
1484 free(ra);-
1485 free(fp);-
1486 ret = 1;-
1487 }
never executed: end of block
0
1488 return ret;
never executed: return ret;
0
1489}-
1490-
1491static void-
1492warn_changed_key(struct sshkey *host_key)-
1493{-
1494 char *fp;-
1495-
1496 fp = sshkey_fingerprint(host_key, options.fingerprint_hash,-
1497 SSH_FP_DEFAULT);-
1498 if (fp == NULL)
fp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1499 fatal("%s: sshkey_fingerprint fail", __func__);
never executed: fatal("%s: sshkey_fingerprint fail", __func__);
0
1500-
1501 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");-
1502 error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @");-
1503 error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");-
1504 error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");-
1505 error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");-
1506 error("It is also possible that a host key has just been changed.");-
1507 error("The fingerprint for the %s key sent by the remote host is\n%s.",-
1508 sshkey_type(host_key), fp);-
1509 error("Please contact your system administrator.");-
1510-
1511 free(fp);-
1512}
never executed: end of block
0
1513-
1514/*-
1515 * Execute a local command-
1516 */-
1517int-
1518ssh_local_cmd(const char *args)-
1519{-
1520 char *shell;-
1521 pid_t pid;-
1522 int status;-
1523 void (*osighand)(int);-
1524-
1525 if (!options.permit_local_command ||
!options.permit_local_commandDescription
TRUEnever evaluated
FALSEnever evaluated
0
1526 args == NULL || !*args)
args == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
!*argsDescription
TRUEnever evaluated
FALSEnever evaluated
0
1527 return (1);
never executed: return (1);
0
1528-
1529 if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
(shell = geten...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
*shell == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1530 shell = _PATH_BSHELL;
never executed: shell = "/bin/sh" ;
0
1531-
1532 osighand = signal(SIGCHLD, SIG_DFL);-
1533 pid = fork();-
1534 if (pid == 0) {
pid == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1535 signal(SIGPIPE, SIG_DFL);-
1536 debug3("Executing %s -c \"%s\"", shell, args);-
1537 execl(shell, shell, "-c", args, (char *)NULL);-
1538 error("Couldn't execute %s -c \"%s\": %s",-
1539 shell, args, strerror(errno));-
1540 _exit(1);-
1541 } else if (pid == -1)
never executed: end of block
pid == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1542 fatal("fork failed: %.100s", strerror(errno));
never executed: fatal("fork failed: %.100s", strerror( (*__errno_location ()) ));
0
1543 while (waitpid(pid, &status, 0) == -1)
waitpid(pid, &status, 0) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1544 if (errno != EINTR)
(*__errno_location ()) != 4Description
TRUEnever evaluated
FALSEnever evaluated
0
1545 fatal("Couldn't wait for child: %s", strerror(errno));
never executed: fatal("Couldn't wait for child: %s", strerror( (*__errno_location ()) ));
0
1546 signal(SIGCHLD, osighand);-
1547-
1548 if (!WIFEXITED(status))
! ((( status ) & 0x7f) == 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1549 return (1);
never executed: return (1);
0
1550-
1551 return (WEXITSTATUS(status));
never executed: return ( ((( status ) & 0xff00) >> 8) );
0
1552}-
1553-
1554void-
1555maybe_add_key_to_agent(char *authfile, const struct sshkey *private,-
1556 char *comment, char *passphrase)-
1557{-
1558 int auth_sock = -1, r;-
1559-
1560 if (options.add_keys_to_agent == 0)
options.add_keys_to_agent == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1561 return;
never executed: return;
0
1562-
1563 if ((r = ssh_get_authentication_socket(&auth_sock)) != 0) {
(r = ssh_get_a...th_sock)) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1564 debug3("no authentication agent, not adding key");-
1565 return;
never executed: return;
0
1566 }-
1567-
1568 if (options.add_keys_to_agent == 2 &&
options.add_keys_to_agent == 2Description
TRUEnever evaluated
FALSEnever evaluated
0
1569 !ask_permission("Add key %s (%s) to agent?", authfile, comment)) {
!ask_permissio...file, comment)Description
TRUEnever evaluated
FALSEnever evaluated
0
1570 debug3("user denied adding this key");-
1571 close(auth_sock);-
1572 return;
never executed: return;
0
1573 }-
1574-
1575 if ((r = ssh_add_identity_constrained(auth_sock, private, comment, 0,
(r = ssh_add_i...= 3), 0)) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1576 (options.add_keys_to_agent == 3), 0)) == 0)
(r = ssh_add_i...= 3), 0)) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1577 debug("identity added to agent: %s", authfile);
never executed: debug("identity added to agent: %s", authfile);
0
1578 else-
1579 debug("could not add identity to agent: %s (%d)", authfile, r);
never executed: debug("could not add identity to agent: %s (%d)", authfile, r);
0
1580 close(auth_sock);-
1581}
never executed: end of block
0
Source codeSwitch to Preprocessed file

Generated by Squish Coco 4.2.2