ssh-keyscan for ssh2
Wayne Davison
wayne at blorf.net
Sun May 20 07:14:53 EST 2001
On Sat, 19 May 2001, Markus Friedl wrote:
> i think you can overload fatal() with longjmp().
Yeah, I was thinking of doing the same thing. I didn't do it earlier
because it means moving fatal() into its own file so that we don't end
up with a duplicate symbol.
The appended patch changes this, and it also implemented: the change in
option parsing to support -T timeout and -t rsa1,dsa,rsa; the new -v
option (for verbose logging); the other changes suggested on the list (I
think I got them all).
Since the patches were getting heavily nested, this is back to being
based on the CVS version.
** I left off the change to Makefile.in. Just add logfatal.o to the
line right after log.o. **
..wayne..
-------------- next part --------------
Index: log.c
@@ -109,17 +109,6 @@
return log_levels[i].val;
return (LogLevel) - 1;
}
-/* Fatal messages. This function never returns. */
-
-void
-fatal(const char *fmt,...)
-{
- va_list args;
- va_start(args, fmt);
- do_log(SYSLOG_LEVEL_FATAL, fmt, args);
- va_end(args);
- fatal_cleanup();
-}
/* Error messages that should be logged. */
Index: logfatal.c
@@ -0,0 +1,51 @@
+/*
+ * Author: Tatu Ylonen <ylo at cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
+ * All rights reserved
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose. Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
+/*
+ * Copyright (c) 2000 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "includes.h"
+RCSID("$OpenBSD: log.c,v 1.17 2001/03/04 17:42:28 millert Exp $");
+
+#include "log.h"
+
+/* Fatal messages. This function never returns. */
+
+void
+fatal(const char *fmt,...)
+{
+ va_list args;
+ va_start(args, fmt);
+ do_log(SYSLOG_LEVEL_FATAL, fmt, args);
+ va_end(args);
+ fatal_cleanup();
+}
Index: ssh-keyscan.c
@@ -19,10 +19,16 @@
#include <openssl/bn.h>
+#include <setjmp.h>
#include "xmalloc.h"
#include "ssh.h"
#include "ssh1.h"
#include "key.h"
+#include "kex.h"
+#include "compat.h"
+#include "myproposal.h"
+#include "packet.h"
+#include "dispatch.h"
#include "buffer.h"
#include "bufaux.h"
#include "log.h"
@@ -30,7 +36,19 @@
static int argno = 1; /* Number of argument currently being parsed */
-int family = AF_UNSPEC; /* IPv4, IPv6 or both */
+/* Flag indicating whether IPv4 or IPv6. This can be set on the command line.
+ Default value is AF_UNSPEC means both IPv4 and IPv6. */
+#ifdef IPV4_DEFAULT
+int IPv4or6 = AF_INET;
+#else
+int IPv4or6 = AF_UNSPEC;
+#endif
+
+#define KT_RSA1 1
+#define KT_DSA 2
+#define KT_RSA 4
+
+int get_keytypes = KT_RSA1; /* Get only RSA1 keys by default */
#define MAXMAXFD 256
@@ -48,6 +66,8 @@
fd_set *read_wait;
size_t read_wait_size;
int ncon;
+int nonfatal_fatal = 0;
+jmp_buf kexjmp;
/*
* Keep a connection structure for each file descriptor. The state
@@ -63,11 +83,13 @@
int c_plen; /* Packet length field for ssh packet */
int c_len; /* Total bytes which must be read. */
int c_off; /* Length of data read so far. */
+ int c_keytype; /* Only one of KT_RSA1, KT_DSA, or KT_RSA */
char *c_namebase; /* Address to free for c_name and c_namelist */
char *c_name; /* Hostname of connection for errors */
char *c_namelist; /* Pointer to other possible addresses */
char *c_output_name; /* Hostname of connection for output */
char *c_data; /* Data read from this fd */
+ Kex *c_kex; /* The key-exchange struct for ssh2 */
struct timeval c_tv; /* Time at which connection gets aborted */
TAILQ_ENTRY(Connection) c_link; /* List of connections in timeout order. */
} con;
@@ -261,8 +283,8 @@
return (tok);
}
-void
-keyprint(char *host, char *output_name, char *kd, int len)
+Key *
+keygrab_ssh1(con *c)
{
static Key *rsa;
static Buffer msg;
@@ -271,12 +293,12 @@
buffer_init(&msg);
rsa = key_new(KEY_RSA1);
}
- buffer_append(&msg, kd, len);
- buffer_consume(&msg, 8 - (len & 7)); /* padding */
+ buffer_append(&msg, c->c_data, c->c_plen);
+ buffer_consume(&msg, 8 - (c->c_plen & 7)); /* padding */
if (buffer_get_char(&msg) != (int) SSH_SMSG_PUBLIC_KEY) {
- error("%s: invalid packet type", host);
+ error("%s: invalid packet type", c->c_name);
buffer_clear(&msg);
- return;
+ return NULL;
}
buffer_consume(&msg, 8); /* cookie */
@@ -289,10 +311,54 @@
(void) buffer_get_int(&msg);
buffer_get_bignum(&msg, rsa->rsa->e);
buffer_get_bignum(&msg, rsa->rsa->n);
+
buffer_clear(&msg);
+
+ return (rsa);
+}
+
+int
+hostjump(Key *hostkey)
+{
+ longjmp(kexjmp, (int)hostkey);
+}
+
+Key *
+keygrab_ssh2(con *c)
+{
+ int j;
- fprintf(stdout, "%s ", output_name ? output_name : host);
- key_write(rsa, stdout);
+ packet_set_connection(c->c_fd, c->c_fd);
+ packet_set_ssh2_format();
+ myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA?
+ "ssh-dss": "ssh-rsa";
+ c->c_kex = kex_setup(myproposal);
+ c->c_kex->check_host_key = hostjump;
+
+ if (!(j = setjmp(kexjmp))) {
+ nonfatal_fatal = 1;
+ dispatch_run(DISPATCH_BLOCK, &c->c_kex->done, c->c_kex);
+ fprintf(stderr, "Impossible! dispatch_run() returned!\n");
+ exit(1);
+ }
+ nonfatal_fatal = 0;
+ xfree(c->c_kex);
+ c->c_kex = NULL;
+ packet_close();
+ if (j < 0)
+ j = 0;
+
+ return (Key*)(j);
+}
+
+void
+keyprint(con *c, Key *key)
+{
+ if (!key)
+ return;
+
+ fprintf(stdout, "%s ", c->c_output_name ? c->c_output_name : c->c_name);
+ key_write(key, stdout);
fputs("\n", stdout);
}
@@ -305,7 +371,7 @@
snprintf(strport, sizeof strport, "%d", SSH_DEFAULT_PORT);
memset(&hints, 0, sizeof(hints));
- hints.ai_family = family;
+ hints.ai_family = IPv4or6;
hints.ai_socktype = SOCK_STREAM;
if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0)
fatal("getaddrinfo %s: %s", host, gai_strerror(gaierr));
@@ -330,7 +396,7 @@
}
int
-conalloc(char *iname, char *oname)
+conalloc(char *iname, char *oname, int keytype)
{
int s;
char *namebase, *name, *namelist;
@@ -359,6 +425,7 @@
fdcon[s].c_data = (char *) &fdcon[s].c_plen;
fdcon[s].c_len = 4;
fdcon[s].c_off = 0;
+ fdcon[s].c_keytype = keytype;
gettimeofday(&fdcon[s].c_tv, NULL);
fdcon[s].c_tv.tv_sec += timeout;
TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link);
@@ -378,6 +445,7 @@
if (fdcon[s].c_status == CS_KEYS)
xfree(fdcon[s].c_data);
fdcon[s].c_status = CS_UNUSED;
+ fdcon[s].c_keytype = 0;
TAILQ_REMOVE(&tq, &fdcon[s], c_link);
FD_CLR(s, read_wait);
ncon--;
@@ -397,21 +465,16 @@
{
int ret;
con *c = &fdcon[s];
- char *iname, *oname;
- iname = xstrdup(c->c_namelist);
- oname = xstrdup(c->c_output_name);
+ ret = conalloc(c->c_namelist, c->c_output_name, c->c_keytype);
confree(s);
- ret = conalloc(iname, oname);
- xfree(iname);
- xfree(oname);
return (ret);
}
void
congreet(int s)
{
- char buf[80], *cp;
+ char buf[256], *cp;
size_t bufsiz;
int n = 0;
con *c = &fdcon[s];
@@ -433,12 +496,27 @@
}
*cp = '\0';
fprintf(stderr, "# %s %s\n", c->c_name, buf);
- n = snprintf(buf, sizeof buf, "SSH-1.5-OpenSSH-keyscan\r\n");
+ if (c->c_keytype != KT_RSA1) {
+ char remote_version[sizeof buf];
+
+ if (sscanf(buf, "SSH-%*d.%*d-%[^\n]\n", remote_version) == 1)
+ compat_datafellows(remote_version);
+ else
+ datafellows = 0;
+ }
+ n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n",
+ c->c_keytype == KT_RSA1? PROTOCOL_MAJOR_1 : PROTOCOL_MAJOR_2,
+ c->c_keytype == KT_RSA1? PROTOCOL_MINOR_1 : PROTOCOL_MINOR_2);
if (atomicio(write, s, buf, n) != n) {
error("write (%s): %s", c->c_name, strerror(errno));
confree(s);
return;
}
+ if (c->c_keytype != KT_RSA1) {
+ keyprint(c, keygrab_ssh2(c));
+ confree(s);
+ return;
+ }
c->c_status = CS_SIZE;
contouch(s);
}
@@ -471,7 +549,7 @@
c->c_status = CS_KEYS;
break;
case CS_KEYS:
- keyprint(c->c_name, c->c_output_name, c->c_data, c->c_plen);
+ keyprint(c, keygrab_ssh1(c));
confree(s);
return;
break;
@@ -539,49 +617,105 @@
nexthost(int argc, char **argv)
{
static Linebuf *lb;
+ char *fname, *tname;
for (;;) {
- if (!lb) {
- if (argno >= argc)
- return (NULL);
- if (argv[argno][0] != '-')
- return (argv[argno++]);
- if (!strcmp(argv[argno], "--")) {
+ if (lb) {
+ char *line;
+
+ line = Linebuf_getline(lb);
+ if (line)
+ return (line);
+ Linebuf_free(lb);
+ lb = NULL;
+ }
+ if (argno >= argc)
+ return (NULL);
+ if (argv[argno][0] != '-')
+ return (argv[argno++]);
+ while (*++(argv[argno])) {
+ switch (argv[argno][0]) {
+ case '-':
if (++argno >= argc)
return (NULL);
return (argv[argno++]);
- } else if (!strncmp(argv[argno], "-f", 2)) {
- char *fname;
-
- if (argv[argno][2])
- fname = &argv[argno++][2];
+ case 'f':
+ if (argv[argno][1])
+ fname = &argv[argno][1];
else if (++argno >= argc) {
error("missing filename for `-f'");
return (NULL);
} else
- fname = argv[argno++];
+ fname = argv[argno];
if (!strcmp(fname, "-"))
fname = NULL;
lb = Linebuf_alloc(fname, error);
- } else
+ goto double_break;
+ case 't':
+ get_keytypes = 0;
+ tname = &argv[argno][1];
+ if (!*tname) {
+ if (++argno >= argc) {
+ error("missing types for `-t'");
+ return (NULL);
+ }
+ tname = argv[argno];
+ }
+ tname = strtok(tname, ",");
+ while (tname) {
+ int type = key_type_from_name(tname);
+ switch (type) {
+ case KEY_RSA1:
+ get_keytypes |= KT_RSA1;
+ break;
+ case KEY_DSA:
+ get_keytypes |= KT_DSA;
+ break;
+ case KEY_RSA:
+ get_keytypes |= KT_RSA;
+ break;
+ case KEY_UNSPEC:
+ fatal("unknown key type %s\n",
+ tname);
+ }
+ tname = strtok(NULL, ",");
+ }
+ goto double_break;
+ case '4':
+ IPv4or6 = AF_INET;
+ break;
+ case '6':
+ IPv4or6 = AF_INET6;
+ break;
+ default:
error("ignoring invalid/misplaced option `%s'",
- argv[argno++]);
- } else {
- char *line;
-
- line = Linebuf_getline(lb);
- if (line)
- return (line);
- Linebuf_free(lb);
- lb = NULL;
+ argv[argno]);
+ goto double_break;
+ }
}
+double_break:
+ argno++;
}
}
void
+fatal(const char *fmt,...)
+{
+ va_list args;
+ if (nonfatal_fatal)
+ longjmp(kexjmp, -1);
+ va_start(args, fmt);
+ vfprintf(stderr, fmt, args);
+ fputs("\n", stderr);
+ va_end(args);
+ exit(1);
+}
+
+void
usage(void)
{
- fatal("usage: %s [-t timeout] { [--] host | -f file } ...", __progname);
+ fatal("usage: %s [-T timeout] { [-t rsa1,dsa,rsa] [--] host | -f file } ...",
+ __progname);
return;
}
@@ -589,6 +723,7 @@
main(int argc, char **argv)
{
char *host = NULL;
+ int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO;
__progname = get_progname(argv[0]);
TAILQ_INIT(&tq);
@@ -596,21 +731,45 @@
if (argc <= argno)
usage();
- if (argv[1][0] == '-' && argv[1][1] == 't') {
- argno++;
- if (argv[1][2])
- timeout = atoi(&argv[1][2]);
- else {
- if (argno >= argc)
- usage();
- timeout = atoi(argv[argno++]);
+ while (argv[argno][0] == '-') {
+ while (*++(argv[argno])) {
+ switch (argv[argno][0]) {
+ case 'T':
+ if (argv[argno][1])
+ timeout = atoi(&argv[argno][1]);
+ else {
+ if (++argno >= argc)
+ usage();
+ timeout = atoi(argv[argno]);
+ }
+ if (timeout <= 0)
+ usage();
+ goto double_break;
+ case 'v':
+ if (!debug_flag) {
+ debug_flag = 1;
+ log_level = SYSLOG_LEVEL_DEBUG1;
+ }
+ else if (log_level < SYSLOG_LEVEL_DEBUG3)
+ log_level++;
+ else
+ fatal("Too high debugging level.");
+ break;
+ default:
+ if (*--(argv[argno]) != '-')
+ fatal("Please separate options T and v from any other options.");
+ goto triple_break;
+ }
}
- if (timeout <= 0)
- usage();
+double_break:
+ argno++;
}
+triple_break:
if (argc <= argno)
usage();
+ log_init("ssh-keyscan", log_level, SYSLOG_FACILITY_USER, 1);
+
maxfd = fdlim_get(1);
if (maxfd < 0)
fatal("%s: fdlim_get: bad value", __progname);
@@ -623,6 +782,9 @@
fdcon = xmalloc(maxfd * sizeof(con));
memset(fdcon, 0, maxfd * sizeof(con));
+ init_rng();
+ seed_rng();
+
read_wait_size = howmany(maxfd, NFDBITS) * sizeof(fd_mask);
read_wait = xmalloc(read_wait_size);
memset(read_wait, 0, read_wait_size);
@@ -630,12 +792,16 @@
do {
while (ncon < MAXCON) {
char *name;
+ int j;
host = nexthost(argc, argv);
if (host == NULL)
break;
name = strnnsep(&host, " \t\n");
- conalloc(name, *host ? host : name);
+ for (j = KT_RSA1; j <= KT_RSA; j *= 2) {
+ if (get_keytypes & j)
+ conalloc(name, *host ? host : name, j);
+ }
}
conloop();
} while (host);
More information about the openssh-unix-dev
mailing list