[openssh-commits] [openssh] 07/09: upstream: don't UpdateHostkeys when the hostkey is verified by the

git+noreply at mindrot.org git+noreply at mindrot.org
Wed Oct 7 13:34:23 AEDT 2020


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit b70e33711291f3081702133175a41cccafc0212a
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Wed Oct 7 02:24:51 2020 +0000

    upstream: don't UpdateHostkeys when the hostkey is verified by the
    
    GlobalKnownHostsFile file, support only UserKnownHostsFile matches
    
    suggested by Mark D. Baushke; feedback and ok markus@
    
    OpenBSD-Commit-ID: eabb771a6add676c398d38a143a1aff5f04abbb9
---
 sshconnect.c | 32 ++++++++++++++++++++++++++++----
 1 file changed, 28 insertions(+), 4 deletions(-)

diff --git a/sshconnect.c b/sshconnect.c
index 4591e6a6..c055773f 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.337 2020/10/07 02:22:23 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.338 2020/10/07 02:24:51 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo at cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -691,6 +691,19 @@ get_hostfile_hostname_ipaddr(char *hostname, struct sockaddr *hostaddr,
 	}
 }
 
+/* returns non-zero if path appears in hostfiles, or 0 if not. */
+static int
+path_in_hostfiles(const char *path, char **hostfiles, u_int num_hostfiles)
+{
+	u_int i;
+
+	for (i = 0; i < num_hostfiles; i++) {
+		if (strcmp(path, hostfiles[i]) == 0)
+			return 1;
+	}
+	return 0;
+}
+
 /*
  * check whether the supplied host key is valid, return -1 if the key
  * is not valid. user_hostfile[0] will not be updated if 'readonly' is true.
@@ -704,14 +717,13 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
     char **user_hostfiles, u_int num_user_hostfiles,
     char **system_hostfiles, u_int num_system_hostfiles)
 {
-	HostStatus host_status;
-	HostStatus ip_status;
+	HostStatus host_status = -1, ip_status = -1;
 	struct sshkey *raw_key = NULL;
 	char *ip = NULL, *host = NULL;
 	char hostline[1000], *hostp, *fp, *ra;
 	char msg[1024];
 	const char *type;
-	const struct hostkey_entry *host_found, *ip_found;
+	const struct hostkey_entry *host_found = NULL, *ip_found = NULL;
 	int len, cancelled_forwarding = 0, confirmed;
 	int local = sockaddr_is_local(hostaddr);
 	int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0;
@@ -731,6 +743,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
 	    options.host_key_alias == NULL) {
 		debug("Forcing accepting of host key for "
 		    "loopback/localhost.");
+		options.update_hostkeys = 0;
 		return 0;
 	}
 
@@ -802,6 +815,17 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
 		    !check_host_cert(options.host_key_alias == NULL ?
 		    hostname : options.host_key_alias, host_key))
 			goto fail;
+		/* Turn off UpdateHostkeys if key was in system known_hosts */
+		if (options.update_hostkeys != 0 &&
+		    (path_in_hostfiles(host_found->file,
+		    system_hostfiles, num_system_hostfiles) ||
+		    (ip_status == HOST_OK && ip_found != NULL &&
+		    path_in_hostfiles(ip_found->file,
+		    system_hostfiles, num_system_hostfiles)))) {
+			options.update_hostkeys = 0;
+			debug3("%s: host key found in GlobalKnownHostsFile; "
+			    "disabling UpdateHostkeys", __func__);
+		}
 		if (options.check_host_ip && ip_status == HOST_NEW) {
 			if (readonly || want_cert)
 				logit("%s host key for IP address "

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list