[openssh.git] / hostfile.c

/*
 * 
 * hostfile.c
 * 
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * 
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 * 
 * Created: Thu Jun 29 07:10:56 1995 ylo
 * 
 * Functions for manipulating the known hosts files.
 * 
 */

#include "includes.h"
RCSID("$Id$");

#include "packet.h"
#include "ssh.h"

/* Reads a multiple-precision integer in hex from the buffer, and advances the
   pointer.  The integer must already be initialized.  This function is
   permitted to modify the buffer.  This leaves *cpp to point just beyond
   the last processed (and maybe modified) character.  Note that this may
   modify the buffer containing the number. */

int
auth_rsa_read_bignum(char **cpp, BIGNUM * value)
{
	char *cp = *cpp;
	int len, old;

	/* Skip any leading whitespace. */
	for (; *cp == ' ' || *cp == '\t'; cp++);

	/* Check that it begins with a hex digit. */
	if (*cp < '0' || *cp > '9')
		return 0;

	/* Save starting position. */
	*cpp = cp;

	/* Move forward until all hex digits skipped. */
	for (; *cp >= '0' && *cp <= '9'; cp++);

	/* Compute the length of the hex number. */
	len = cp - *cpp;

	/* Save the old terminating character, and replace it by \0. */
	old = *cp;
	*cp = 0;


	/* Parse the number. */
	if (BN_dec2bn(&value, *cpp) == 0)
		return 0;

	/* Restore old terminating character. */
	*cp = old;

	/* Move beyond the number and return success. */
	*cpp = cp;
	return 1;
}

/* Parses an RSA key (number of bits, e, n) from a string.  Moves the pointer
   over the key.  Skips any whitespace at the beginning and at end. */

int
auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n)
{
	unsigned int bits;
	char *cp;

	/* Skip leading whitespace. */
	for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++);

	/* Get number of bits. */
	if (*cp < '0' || *cp > '9')
		return 0;	/* Bad bit count... */
	for (bits = 0; *cp >= '0' && *cp <= '9'; cp++)
		bits = 10 * bits + *cp - '0';

	/* Get public exponent. */
	if (!auth_rsa_read_bignum(&cp, e))
		return 0;

	/* Get public modulus. */
	if (!auth_rsa_read_bignum(&cp, n))
		return 0;

	/* Skip trailing whitespace. */
	for (; *cp == ' ' || *cp == '\t'; cp++);

	/* Return results. */
	*cpp = cp;
	*bitsp = bits;
	return 1;
}

/* Tries to match the host name (which must be in all lowercase) against the
   comma-separated sequence of subpatterns (each possibly preceded by ! to
   indicate negation).  Returns true if there is a positive match; zero
   otherwise. */

int
match_hostname(const char *host, const char *pattern, unsigned int len)
{
	char sub[1024];
	int negated;
	int got_positive;
	unsigned int i, subi;

	got_positive = 0;
	for (i = 0; i < len;) {
		/* Check if the subpattern is negated. */
		if (pattern[i] == '!') {
			negated = 1;
			i++;
		} else
			negated = 0;

		/* Extract the subpattern up to a comma or end.  Convert
		   the subpattern to lowercase. */
		for (subi = 0;
		  i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
		     subi++, i++)
			sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i];
		/* If subpattern too long, return failure (no match). */
		if (subi >= sizeof(sub) - 1)
			return 0;

		/* If the subpattern was terminated by a comma, skip the
		   comma. */
		if (i < len && pattern[i] == ',')
			i++;

		/* Null-terminate the subpattern. */
		sub[subi] = '\0';

		/* Try to match the subpattern against the host name. */
		if (match_pattern(host, sub)) {
			if (negated)
				return 0;	/* Fail if host matches
						   any negated subpattern. */
			else
				got_positive = 1;
		}
	}

	/* Return success if got a positive match.  If there was a
	   negative match, we have already returned zero and never get
	   here. */
	return got_positive;
}

/* Checks whether the given host (which must be in all lowercase) is
   already in the list of our known hosts.
   Returns HOST_OK if the host is known and has the specified key,
   HOST_NEW if the host is not known, and HOST_CHANGED if the host is known
   but used to have a different host key. */

HostStatus
check_host_in_hostfile(const char *filename, const char *host,
		       BIGNUM * e, BIGNUM * n, BIGNUM * ke, BIGNUM * kn)
{
	FILE *f;
	char line[8192];
	int linenum = 0;
	unsigned int bits, kbits, hostlen;
	char *cp, *cp2;
	HostStatus end_return;

	/* Open the file containing the list of known hosts. */
	f = fopen(filename, "r");
	if (!f)
		return HOST_NEW;

	/* Cache the length of the host name. */
	hostlen = strlen(host);

	/* Return value when the loop terminates.  This is set to
	   HOST_CHANGED if we have seen a different key for the host and
	   have not found the proper one. */
	end_return = HOST_NEW;

	/* size of modulus 'n' */
	bits = BN_num_bits(n);

	/* Go trough the file. */
	while (fgets(line, sizeof(line), f)) {
		cp = line;
		linenum++;

		/* Skip any leading whitespace. */
		for (; *cp == ' ' || *cp == '\t'; cp++);

		/* Ignore comment lines and empty lines. */
		if (!*cp || *cp == '#' || *cp == '\n')
			continue;

		/* Find the end of the host name portion. */
		for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++);

		/* Check if the host name matches. */
		if (!match_hostname(host, cp, (unsigned int) (cp2 - cp)))
			continue;

		/* Got a match.  Skip host name. */
		cp = cp2;

		/* Extract the key from the line.  This will skip any
		   leading whitespace.  Ignore badly formatted lines. */
		if (!auth_rsa_read_key(&cp, &kbits, ke, kn))
			continue;

		if (kbits != BN_num_bits(kn)) {
			error("Warning: error in %s, line %d: keysize mismatch for host %s: "
			      "actual size %d vs. announced %d.",
			filename, linenum, host, BN_num_bits(kn), kbits);
			error("Warning: replace %d with %d in %s, line %d.",
			      kbits, BN_num_bits(kn), filename, linenum);
		}
		/* Check if the current key is the same as the given key. */
		if (BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0) {
			/* Ok, they match. */
			fclose(f);
			return HOST_OK;
		}
		/* They do not match.  We will continue to go through the
		   file; however, we note that we will not return that it
		   is new. */
		end_return = HOST_CHANGED;
	}
	/* Clear variables and close the file. */
	fclose(f);

	/* Return either HOST_NEW or HOST_CHANGED, depending on whether we
	   saw a different key for the host. */
	return end_return;
}

/* Appends an entry to the host file.  Returns false if the entry
   could not be appended. */

int
add_host_to_hostfile(const char *filename, const char *host,
		     BIGNUM * e, BIGNUM * n)
{
	FILE *f;
	char *buf;
	unsigned int bits;

	/* Open the file for appending. */
	f = fopen(filename, "a");
	if (!f)
		return 0;

	/* size of modulus 'n' */
	bits = BN_num_bits(n);

	/* Print the host name and key to the file. */
	fprintf(f, "%s %u ", host, bits);
	buf = BN_bn2dec(e);
	if (buf == NULL) {
		error("add_host_to_hostfile: BN_bn2dec(e) failed");
		fclose(f);
		return 0;
	}
	fprintf(f, "%s ", buf);
	free(buf);
	buf = BN_bn2dec(n);
	if (buf == NULL) {
		error("add_host_to_hostfile: BN_bn2dec(n) failed");
		fclose(f);
		return 0;
	}
	fprintf(f, "%s\n", buf);
	free(buf);

	/* Close the file. */
	fclose(f);
	return 1;
}
Commit	Line	Data
8efc0c15	1	/*
5260325f	2	*
	3	* hostfile.c
	4	*
	5	* Author: Tatu Ylonen <ylo@cs.hut.fi>
	6	*
	7	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	8	* All rights reserved
	9	*
	10	* Created: Thu Jun 29 07:10:56 1995 ylo
	11	*
	12	* Functions for manipulating the known hosts files.
	13	*
	14	*/
8efc0c15	15
	16	#include "includes.h"
	17	RCSID("$Id$");
	18
	19	#include "packet.h"
	20	#include "ssh.h"
	21
	22	/* Reads a multiple-precision integer in hex from the buffer, and advances the
	23	pointer. The integer must already be initialized. This function is
	24	permitted to modify the buffer. This leaves *cpp to point just beyond
	25	the last processed (and maybe modified) character. Note that this may
	26	modify the buffer containing the number. */
	27
	28	int
5260325f	29	auth_rsa_read_bignum(char *cpp, BIGNUM value)
8efc0c15	30	{
5260325f	31	char cp = cpp;
	32	int len, old;
	33
	34	/* Skip any leading whitespace. */
	35	for (; cp == ' ' \|\| cp == '\t'; cp++);
8efc0c15	36
5260325f	37	/* Check that it begins with a hex digit. */
	38	if (cp < '0' \|\| cp > '9')
	39	return 0;
8efc0c15	40
5260325f	41	/* Save starting position. */
5260325f	42	*cpp = cp;
8efc0c15	43
5260325f	44	/* Move forward until all hex digits skipped. */
5260325f	45	for (; cp >= '0' && cp <= '9'; cp++);
8efc0c15	46
5260325f	47	/* Compute the length of the hex number. */
5260325f	48	len = cp - *cpp;
8efc0c15	49
5260325f	50	/* Save the old terminating character, and replace it by \0. */
	51	old = *cp;
	52	*cp = 0;
8efc0c15	53
8efc0c15	54
5260325f	55	/* Parse the number. */
	56	if (BN_dec2bn(&value, *cpp) == 0)
	57	return 0;
8efc0c15	58
5260325f	59	/* Restore old terminating character. */
5260325f	60	*cp = old;
8efc0c15	61
5260325f	62	/* Move beyond the number and return success. */
	63	*cpp = cp;
	64	return 1;
8efc0c15	65	}
	66
	67	/* Parses an RSA key (number of bits, e, n) from a string. Moves the pointer
	68	over the key. Skips any whitespace at the beginning and at end. */
	69
	70	int
5260325f	71	auth_rsa_read_key(char *cpp, unsigned int bitsp, BIGNUM * e, BIGNUM * n)
8efc0c15	72	{
5260325f	73	unsigned int bits;
	74	char *cp;
	75
	76	/* Skip leading whitespace. */
	77	for (cp = cpp; cp == ' ' \|\| *cp == '\t'; cp++);
	78
	79	/* Get number of bits. */
	80	if (cp < '0' \|\| cp > '9')
	81	return 0; /* Bad bit count... */
	82	for (bits = 0; cp >= '0' && cp <= '9'; cp++)
	83	bits = 10 * bits + *cp - '0';
	84
	85	/* Get public exponent. */
	86	if (!auth_rsa_read_bignum(&cp, e))
	87	return 0;
	88
	89	/* Get public modulus. */
	90	if (!auth_rsa_read_bignum(&cp, n))
	91	return 0;
	92
	93	/* Skip trailing whitespace. */
	94	for (; cp == ' ' \|\| cp == '\t'; cp++);
	95
	96	/* Return results. */
	97	*cpp = cp;
	98	*bitsp = bits;
	99	return 1;
8efc0c15	100	}
	101
	102	/* Tries to match the host name (which must be in all lowercase) against the
5260325f	103	comma-separated sequence of subpatterns (each possibly preceded by ! to
8efc0c15	104	indicate negation). Returns true if there is a positive match; zero
	105	otherwise. */
	106
	107	int
	108	match_hostname(const char host, const char pattern, unsigned int len)
	109	{
5260325f	110	char sub[1024];
	111	int negated;
	112	int got_positive;
	113	unsigned int i, subi;
	114
	115	got_positive = 0;
	116	for (i = 0; i < len;) {
	117	/* Check if the subpattern is negated. */
	118	if (pattern[i] == '!') {
	119	negated = 1;
	120	i++;
	121	} else
	122	negated = 0;
	123
	124	/* Extract the subpattern up to a comma or end. Convert
	125	the subpattern to lowercase. */
	126	for (subi = 0;
	127	i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
	128	subi++, i++)
	129	sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i];
	130	/* If subpattern too long, return failure (no match). */
	131	if (subi >= sizeof(sub) - 1)
	132	return 0;
	133
	134	/* If the subpattern was terminated by a comma, skip the
	135	comma. */
	136	if (i < len && pattern[i] == ',')
	137	i++;
	138
	139	/* Null-terminate the subpattern. */
	140	sub[subi] = '\0';
	141
	142	/* Try to match the subpattern against the host name. */
	143	if (match_pattern(host, sub)) {
	144	if (negated)
	145	return 0; /* Fail if host matches
	146	any negated subpattern. */
	147	else
	148	got_positive = 1;
	149	}
8efc0c15	150	}
5260325f	151
	152	/* Return success if got a positive match. If there was a
	153	negative match, we have already returned zero and never get
	154	here. */
	155	return got_positive;
8efc0c15	156	}
8efc0c15	157
5260325f	158	/* Checks whether the given host (which must be in all lowercase) is
8efc0c15	159	already in the list of our known hosts.
	160	Returns HOST_OK if the host is known and has the specified key,
	161	HOST_NEW if the host is not known, and HOST_CHANGED if the host is known
	162	but used to have a different host key. */
	163
	164	HostStatus
4d195447	165	check_host_in_hostfile(const char filename, const char host,
5260325f	166	BIGNUM * e, BIGNUM * n, BIGNUM * ke, BIGNUM * kn)
8efc0c15	167	{
5260325f	168	FILE *f;
	169	char line[8192];
	170	int linenum = 0;
	171	unsigned int bits, kbits, hostlen;
	172	char cp, cp2;
	173	HostStatus end_return;
	174
	175	/* Open the file containing the list of known hosts. */
	176	f = fopen(filename, "r");
	177	if (!f)
	178	return HOST_NEW;
	179
	180	/* Cache the length of the host name. */
	181	hostlen = strlen(host);
	182
	183	/* Return value when the loop terminates. This is set to
	184	HOST_CHANGED if we have seen a different key for the host and
	185	have not found the proper one. */
	186	end_return = HOST_NEW;
	187
	188	/* size of modulus 'n' */
	189	bits = BN_num_bits(n);
	190
	191	/* Go trough the file. */
	192	while (fgets(line, sizeof(line), f)) {
	193	cp = line;
	194	linenum++;
	195
	196	/* Skip any leading whitespace. */
	197	for (; cp == ' ' \|\| cp == '\t'; cp++);
	198
	199	/* Ignore comment lines and empty lines. */
	200	if (!cp \|\| cp == '#' \|\| *cp == '\n')
	201	continue;
	202
	203	/* Find the end of the host name portion. */
	204	for (cp2 = cp; cp2 && cp2 != ' ' && *cp2 != '\t'; cp2++);
	205
	206	/* Check if the host name matches. */
	207	if (!match_hostname(host, cp, (unsigned int) (cp2 - cp)))
	208	continue;
	209
	210	/* Got a match. Skip host name. */
	211	cp = cp2;
	212
	213	/* Extract the key from the line. This will skip any
	214	leading whitespace. Ignore badly formatted lines. */
	215	if (!auth_rsa_read_key(&cp, &kbits, ke, kn))
	216	continue;
	217
	218	if (kbits != BN_num_bits(kn)) {
	219	error("Warning: error in %s, line %d: keysize mismatch for host %s: "
	220	"actual size %d vs. announced %d.",
	221	filename, linenum, host, BN_num_bits(kn), kbits);
	222	error("Warning: replace %d with %d in %s, line %d.",
	223	kbits, BN_num_bits(kn), filename, linenum);
	224	}
	225	/* Check if the current key is the same as the given key. */
	226	if (BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0) {
	227	/* Ok, they match. */
	228	fclose(f);
	229	return HOST_OK;
	230	}
	231	/* They do not match. We will continue to go through the
232	file; however, we note that we will not return that it
233	is new. */
234	end_return = HOST_CHANGED;
8efc0c15	235	}
5260325f	236	/* Clear variables and close the file. */
	237	fclose(f);
	238
	239	/* Return either HOST_NEW or HOST_CHANGED, depending on whether we
	240	saw a different key for the host. */
	241	return end_return;
8efc0c15	242	}
	243
	244	/* Appends an entry to the host file. Returns false if the entry
	245	could not be appended. */
	246
	247	int
	248	add_host_to_hostfile(const char filename, const char host,
5260325f	249	BIGNUM * e, BIGNUM * n)
8efc0c15	250	{
5260325f	251	FILE *f;
	252	char *buf;
	253	unsigned int bits;
	254
	255	/* Open the file for appending. */
	256	f = fopen(filename, "a");
	257	if (!f)
	258	return 0;
	259
	260	/* size of modulus 'n' */
	261	bits = BN_num_bits(n);
	262
	263	/* Print the host name and key to the file. */
	264	fprintf(f, "%s %u ", host, bits);
	265	buf = BN_bn2dec(e);
	266	if (buf == NULL) {
	267	error("add_host_to_hostfile: BN_bn2dec(e) failed");
	268	fclose(f);
	269	return 0;
	270	}
	271	fprintf(f, "%s ", buf);
	272	free(buf);
	273	buf = BN_bn2dec(n);
	274	if (buf == NULL) {
	275	error("add_host_to_hostfile: BN_bn2dec(n) failed");
	276	fclose(f);
	277	return 0;
	278	}
	279	fprintf(f, "%s\n", buf);
	280	free(buf);
	281
	282	/* Close the file. */
	283	fclose(f);
	284	return 1;
8efc0c15	285	}