[openssh-commits] [openssh] 04/05: upstream: disable UpdateHostkeys when a wildcard hostname pattern

git+noreply at mindrot.org git+noreply at mindrot.org
Sat Oct 3 18:32:00 AEST 2020 

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 332f21537293d66508f7342dc643bc7fe45f0f69
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Sat Oct 3 08:12:59 2020 +0000

    upstream: disable UpdateHostkeys when a wildcard hostname pattern
    
    is encountered or when a certificate host key is in use. feedback/ok markus@
    
    OpenBSD-Commit-ID: b6e5575af7e6732322be82ec299e09051a5413bd
---
 clientloop.c | 33 +++++++++++++++++++++++++++++++--
 1 file changed, 31 insertions(+), 2 deletions(-)

diff --git a/clientloop.c b/clientloop.c
index 60b46d16..de13adab 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.346 2020/09/16 03:07:31 dtucker Exp $ */
+/* $OpenBSD: clientloop.c,v 1.347 2020/10/03 08:12:59 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -1828,6 +1828,10 @@ struct hostkeys_update_ctx {
 	 */
 	struct sshkey **old_keys;
 	size_t nold;
+
+	/* Various special cases. */
+	int wildcard_hostspec;	/* saw wildcard or pattern-list host name */
+	int ca_available;	/* saw CA key for this host */
 };
 
 static void
@@ -1859,6 +1863,21 @@ hostkeys_find(struct hostkey_foreach_line *l, void *_ctx)
 	if (l->status != HKF_STATUS_MATCHED || l->key == NULL)
 		return 0;
 
+	if (l->marker == MRK_REVOKE)
+		return 0;
+	if (l->marker == MRK_CA) {
+		ctx->ca_available = 1;
+		return 0;
+	}
+
+	/* UpdateHostkeys is skipped for wildcard host names */
+	if (strchr(l->hosts, '*') != NULL ||
+	    strchr(l->hosts, ',') != NULL) {
+		debug3("%s: hostkeys file %s:%ld contains wildcard or pattern",
+		     __func__, l->path, l->linenum);
+		ctx->wildcard_hostspec = 1;
+	}
+
 	/* Mark off keys we've already seen for this host */
 	for (i = 0; i < ctx->nkeys; i++) {
 		if (sshkey_equal(l->key, ctx->keys[i])) {
@@ -2204,7 +2223,17 @@ client_input_hostkeys(struct ssh *ssh)
 	debug3("%s: %zu keys from server: %zu new, %zu retained. %zu to remove",
 	    __func__, ctx->nkeys, ctx->nnew, ctx->nkeys - ctx->nnew, ctx->nold);
 
-	if (ctx->nnew == 0 && ctx->nold != 0) {
+	if (ctx->wildcard_hostspec && (ctx->nnew != 0 || ctx->nold != 0)) {
+		debug("%s: wildcard known hosts name found, "
+		    "skipping UserKnownHostsFile update", __func__);
+		goto out;
+	} else if (sshkey_type_is_cert(ssh->kex->hostkey_type) &&
+	    ctx->ca_available &&
+	    (ssh->kex->flags & KEX_HOSTCERT_CONVERT) == 0) {
+		debug("%s: server offered certificate host key, "
+		    "skipping UserKnownHostsFile update", __func__);
+		goto out;
+	} else if (ctx->nnew == 0 && ctx->nold != 0) {
 		/* We have some keys to remove. Just do it. */
 		update_known_hosts(ctx);
 	} else if (ctx->nnew != 0) {

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list