[openssh.git] / hostfile.c

/*

hostfile.c

Author: Tatu Ylonen <ylo@cs.hut.fi>

Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
                   All rights reserved

Created: Thu Jun 29 07:10:56 1995 ylo

Functions for manipulating the known hosts files.

*/

#include "includes.h"
RCSID("$Id$");

#include "packet.h"
#include "ssh.h"

/* Reads a multiple-precision integer in hex from the buffer, and advances the
   pointer.  The integer must already be initialized.  This function is
   permitted to modify the buffer.  This leaves *cpp to point just beyond
   the last processed (and maybe modified) character.  Note that this may
   modify the buffer containing the number. */

int
auth_rsa_read_bignum(char **cpp, BIGNUM *value)
{
  char *cp = *cpp;
  int len, old;

  /* Skip any leading whitespace. */
  for (; *cp == ' ' || *cp == '\t'; cp++)
    ;

  /* Check that it begins with a hex digit. */
  if (*cp < '0' || *cp > '9')
    return 0;

  /* Save starting position. */
  *cpp = cp;

  /* Move forward until all hex digits skipped. */
  for (; *cp >= '0' && *cp <= '9'; cp++)
    ;

  /* Compute the length of the hex number. */
  len = cp - *cpp;

  /* Save the old terminating character, and replace it by \0. */
  old = *cp;
  *cp = 0;

  
  /* Parse the number. */
  if (BN_dec2bn(&value, *cpp) == 0)
    return 0;

  /* Restore old terminating character. */
  *cp = old;

  /* Move beyond the number and return success. */
  *cpp = cp;
  return 1;
}

/* Parses an RSA key (number of bits, e, n) from a string.  Moves the pointer
   over the key.  Skips any whitespace at the beginning and at end. */

int
auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM *e, BIGNUM *n)
{
  unsigned int bits;
  char *cp;

  /* Skip leading whitespace. */
  for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++)
    ;

  /* Get number of bits. */
  if (*cp < '0' || *cp > '9')
    return 0; /* Bad bit count... */
  for (bits = 0; *cp >= '0' && *cp <= '9'; cp++)
    bits = 10 * bits + *cp - '0';

  /* Get public exponent. */
  if (!auth_rsa_read_bignum(&cp, e))
    return 0;

  /* Get public modulus. */
  if (!auth_rsa_read_bignum(&cp, n))
    return 0;

  /* Skip trailing whitespace. */
  for (; *cp == ' ' || *cp == '\t'; cp++)
    ;
  
  /* Return results. */
  *cpp = cp;
  *bitsp = bits;
  return 1;
}

/* Tries to match the host name (which must be in all lowercase) against the
   comma-separated sequence of subpatterns (each possibly preceded by ! to 
   indicate negation).  Returns true if there is a positive match; zero
   otherwise. */

int
match_hostname(const char *host, const char *pattern, unsigned int len)
{
  char sub[1024];
  int negated;
  int got_positive;
  unsigned int i, subi;

  got_positive = 0;
  for (i = 0; i < len;)
    {
      /* Check if the subpattern is negated. */
      if (pattern[i] == '!')
	{
	  negated = 1;
	  i++;
	}
      else
	negated = 0;
      
      /* Extract the subpattern up to a comma or end.  Convert the subpattern
         to lowercase. */
      for (subi = 0; 
	   i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
	   subi++, i++)
	sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i];
      /* If subpattern too long, return failure (no match). */
      if (subi >= sizeof(sub) - 1)
	return 0;

      /* If the subpattern was terminated by a comma, skip the comma. */
      if (i < len && pattern[i] == ',')
	i++;
      
      /* Null-terminate the subpattern. */
      sub[subi] = '\0';

      /* Try to match the subpattern against the host name. */
      if (match_pattern(host, sub)) {
	if (negated)
	  return 0;  /* Fail if host matches any negated subpattern. */
        else
	  got_positive = 1;
      }
    }

  /* Return success if got a positive match.  If there was a negative match,
     we have already returned zero and never get here. */
  return got_positive;
}

/* Checks whether the given host (which must be in all lowercase) is 
   already in the list of our known hosts.
   Returns HOST_OK if the host is known and has the specified key,
   HOST_NEW if the host is not known, and HOST_CHANGED if the host is known
   but used to have a different host key. */

HostStatus
check_host_in_hostfile(const char *filename, const char *host,
		       BIGNUM *e, BIGNUM *n, BIGNUM *ke, BIGNUM *kn)
{
  FILE *f;
  char line[8192];
  int linenum = 0;
  unsigned int bits, kbits, hostlen;
  char *cp, *cp2;
  HostStatus end_return;

  /* Open the file containing the list of known hosts. */
  f = fopen(filename, "r");
  if (!f)
    return HOST_NEW;

  /* Cache the length of the host name. */
  hostlen = strlen(host);
  
  /* Return value when the loop terminates.  This is set to HOST_CHANGED if
     we have seen a different key for the host and have not found the proper
     one. */
  end_return = HOST_NEW;

  /* size of modulus 'n' */
  bits = BN_num_bits(n);

  /* Go trough the file. */
  while (fgets(line, sizeof(line), f))
    {
      cp = line;
      linenum++;

      /* Skip any leading whitespace. */
      for (; *cp == ' ' || *cp == '\t'; cp++)
	;

      /* Ignore comment lines and empty lines. */
      if (!*cp || *cp == '#' || *cp == '\n')
	continue;
      
      /* Find the end of the host name portion. */
      for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++)
	;

      /* Check if the host name matches. */
      if (!match_hostname(host, cp, (unsigned int)(cp2 - cp)))
	continue;
      
      /* Got a match.  Skip host name. */
      cp = cp2;
      
      /* Extract the key from the line.  This will skip any leading 
	 whitespace.  Ignore badly formatted lines. */
      if (!auth_rsa_read_key(&cp, &kbits, ke, kn))
	continue;

      if (kbits != BN_num_bits(kn)) {
        error("Warning: error in %s, line %d: keysize mismatch for host %s: "
	      "actual size %d vs. announced %d.",
	      filename, linenum, host, BN_num_bits(kn), kbits);
        error("Warning: replace %d with %d in %s, line %d.",
	      kbits, BN_num_bits(kn), filename, linenum);
      }

      /* Check if the current key is the same as the given key. */
      if (BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0)
	{
	  /* Ok, they match. */
	  fclose(f);
	  return HOST_OK;
	}
      
      /* They do not match.  We will continue to go through the file; however,
	 we note that we will not return that it is new. */
      end_return = HOST_CHANGED;
    }
  /* Clear variables and close the file. */
  fclose(f);

  /* Return either HOST_NEW or HOST_CHANGED, depending on whether we saw a
     different key for the host. */
  return end_return;
}

/* Appends an entry to the host file.  Returns false if the entry
   could not be appended. */

int
add_host_to_hostfile(const char *filename, const char *host,
		     BIGNUM *e, BIGNUM *n)
{
  FILE *f;
  char *buf;
  unsigned int bits;
 
  /* Open the file for appending. */
  f = fopen(filename, "a");
  if (!f)
    return 0;

  /* size of modulus 'n' */
  bits = BN_num_bits(n);

  /* Print the host name and key to the file. */
  fprintf(f, "%s %u ", host, bits);
  buf = BN_bn2dec(e);
  if (buf == NULL) {
    error("add_host_to_hostfile: BN_bn2dec(e) failed");
    fclose(f);
    return 0;
  }
  fprintf(f, "%s ", buf);
  free (buf);
  buf = BN_bn2dec(n);
  if (buf == NULL) {
    error("add_host_to_hostfile: BN_bn2dec(n) failed");
    fclose(f);
    return 0;
  }
  fprintf(f, "%s\n", buf);
  free (buf);

  /* Close the file. */
  fclose(f);
  return 1;
}
Commit	Line	Data
8efc0c15	1	/*
	2
	3	hostfile.c
	4
	5	Author: Tatu Ylonen <ylo@cs.hut.fi>
	6
	7	Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	8	All rights reserved
	9
	10	Created: Thu Jun 29 07:10:56 1995 ylo
	11
	12	Functions for manipulating the known hosts files.
	13
	14	*/
	15
	16	#include "includes.h"
	17	RCSID("$Id$");
	18
	19	#include "packet.h"
	20	#include "ssh.h"
	21
	22	/* Reads a multiple-precision integer in hex from the buffer, and advances the
	23	pointer. The integer must already be initialized. This function is
	24	permitted to modify the buffer. This leaves *cpp to point just beyond
	25	the last processed (and maybe modified) character. Note that this may
	26	modify the buffer containing the number. */
	27
	28	int
	29	auth_rsa_read_bignum(char *cpp, BIGNUM value)
	30	{
	31	char cp = cpp;
	32	int len, old;
	33
	34	/* Skip any leading whitespace. */
	35	for (; cp == ' ' \|\| cp == '\t'; cp++)
	36	;
	37
	38	/* Check that it begins with a hex digit. */
	39	if (cp < '0' \|\| cp > '9')
	40	return 0;
	41
	42	/* Save starting position. */
	43	*cpp = cp;
	44
	45	/* Move forward until all hex digits skipped. */
	46	for (; cp >= '0' && cp <= '9'; cp++)
	47	;
	48
	49	/* Compute the length of the hex number. */
	50	len = cp - *cpp;
	51
	52	/* Save the old terminating character, and replace it by \0. */
	53	old = *cp;
	54	*cp = 0;
	55
	56
	57	/* Parse the number. */
	58	if (BN_dec2bn(&value, *cpp) == 0)
	59	return 0;
	60
	61	/* Restore old terminating character. */
	62	*cp = old;
	63
	64	/* Move beyond the number and return success. */
65	*cpp = cp;
66	return 1;
67	}
68
69	/* Parses an RSA key (number of bits, e, n) from a string. Moves the pointer
70	over the key. Skips any whitespace at the beginning and at end. */
71
72	int
73	auth_rsa_read_key(char *cpp, unsigned int bitsp, BIGNUM e, BIGNUM n)
74	{
75	unsigned int bits;
76	char *cp;
77
78	/* Skip leading whitespace. */
79	for (cp = cpp; cp == ' ' \|\| *cp == '\t'; cp++)
80	;
81
82	/* Get number of bits. */
83	if (cp < '0' \|\| cp > '9')
84	return 0; /* Bad bit count... */
85	for (bits = 0; cp >= '0' && cp <= '9'; cp++)
86	bits = 10 * bits + *cp - '0';
87
88	/* Get public exponent. */
89	if (!auth_rsa_read_bignum(&cp, e))
90	return 0;
91
92	/* Get public modulus. */
93	if (!auth_rsa_read_bignum(&cp, n))
94	return 0;
95
96	/* Skip trailing whitespace. */
97	for (; cp == ' ' \|\| cp == '\t'; cp++)
98	;
99
100	/* Return results. */
101	*cpp = cp;
102	*bitsp = bits;
103	return 1;
104	}
105
106	/* Tries to match the host name (which must be in all lowercase) against the
107	comma-separated sequence of subpatterns (each possibly preceded by ! to
108	indicate negation). Returns true if there is a positive match; zero
109	otherwise. */
110
111	int
112	match_hostname(const char host, const char pattern, unsigned int len)
113	{
114	char sub[1024];
115	int negated;
116	int got_positive;
117	unsigned int i, subi;
118
119	got_positive = 0;
120	for (i = 0; i < len;)
121	{
122	/* Check if the subpattern is negated. */
123	if (pattern[i] == '!')
124	{
125	negated = 1;
126	i++;
127	}
128	else
129	negated = 0;
130
131	/* Extract the subpattern up to a comma or end. Convert the subpattern
132	to lowercase. */
133	for (subi = 0;
134	i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
135	subi++, i++)
136	sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i];
137	/* If subpattern too long, return failure (no match). */
138	if (subi >= sizeof(sub) - 1)
139	return 0;
140
141	/* If the subpattern was terminated by a comma, skip the comma. */
142	if (i < len && pattern[i] == ',')
143	i++;
144
145	/* Null-terminate the subpattern. */
146	sub[subi] = '\0';
147
148	/* Try to match the subpattern against the host name. */
149	if (match_pattern(host, sub)) {
150	if (negated)
151	return 0; /* Fail if host matches any negated subpattern. */
152	else
153	got_positive = 1;
154	}
155	}
156
157	/* Return success if got a positive match. If there was a negative match,
158	we have already returned zero and never get here. */
159	return got_positive;
160	}
161
162	/* Checks whether the given host (which must be in all lowercase) is
163	already in the list of our known hosts.
164	Returns HOST_OK if the host is known and has the specified key,
165	HOST_NEW if the host is not known, and HOST_CHANGED if the host is known
166	but used to have a different host key. */
167
168	HostStatus
4d195447	169	check_host_in_hostfile(const char filename, const char host,
4d195447	170	BIGNUM e, BIGNUM n, BIGNUM ke, BIGNUM kn)
8efc0c15	171	{
	172	FILE *f;
	173	char line[8192];
4d195447	174	int linenum = 0;
4d195447	175	unsigned int bits, kbits, hostlen;
8efc0c15	176	char cp, cp2;
8efc0c15	177	HostStatus end_return;
8efc0c15	178
	179	/* Open the file containing the list of known hosts. */
	180	f = fopen(filename, "r");
	181	if (!f)
4d195447	182	return HOST_NEW;
8efc0c15	183
	184	/* Cache the length of the host name. */
	185	hostlen = strlen(host);
	186
	187	/* Return value when the loop terminates. This is set to HOST_CHANGED if
	188	we have seen a different key for the host and have not found the proper
	189	one. */
	190	end_return = HOST_NEW;
	191
4d195447	192	/* size of modulus 'n' */
	193	bits = BN_num_bits(n);
	194
8efc0c15	195	/* Go trough the file. */
	196	while (fgets(line, sizeof(line), f))
	197	{
	198	cp = line;
4d195447	199	linenum++;
8efc0c15	200
	201	/* Skip any leading whitespace. */
	202	for (; cp == ' ' \|\| cp == '\t'; cp++)
	203	;
	204
	205	/* Ignore comment lines and empty lines. */
	206	if (!cp \|\| cp == '#' \|\| *cp == '\n')
	207	continue;
	208
	209	/* Find the end of the host name portion. */
	210	for (cp2 = cp; cp2 && cp2 != ' ' && *cp2 != '\t'; cp2++)
	211	;
	212
	213	/* Check if the host name matches. */
	214	if (!match_hostname(host, cp, (unsigned int)(cp2 - cp)))
	215	continue;
	216
	217	/* Got a match. Skip host name. */
	218	cp = cp2;
	219
	220	/* Extract the key from the line. This will skip any leading
	221	whitespace. Ignore badly formatted lines. */
	222	if (!auth_rsa_read_key(&cp, &kbits, ke, kn))
	223	continue;
	224
4d195447	225	if (kbits != BN_num_bits(kn)) {
	226	error("Warning: error in %s, line %d: keysize mismatch for host %s: "
	227	"actual size %d vs. announced %d.",
	228	filename, linenum, host, BN_num_bits(kn), kbits);
	229	error("Warning: replace %d with %d in %s, line %d.",
	230	kbits, BN_num_bits(kn), filename, linenum);
	231	}
	232
	233	/* Check if the current key is the same as the given key. */
f095fcc7	234	if (BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0)
8efc0c15	235	{
	236	/* Ok, they match. */
	237	fclose(f);
	238	return HOST_OK;
	239	}
	240
	241	/* They do not match. We will continue to go through the file; however,
	242	we note that we will not return that it is new. */
	243	end_return = HOST_CHANGED;
	244	}
	245	/* Clear variables and close the file. */
	246	fclose(f);
	247
	248	/* Return either HOST_NEW or HOST_CHANGED, depending on whether we saw a
	249	different key for the host. */
	250	return end_return;
	251	}
	252
	253	/* Appends an entry to the host file. Returns false if the entry
	254	could not be appended. */
	255
	256	int
	257	add_host_to_hostfile(const char filename, const char host,
4d195447	258	BIGNUM e, BIGNUM n)
8efc0c15	259	{
	260	FILE *f;
	261	char *buf;
4d195447	262	unsigned int bits;
8efc0c15	263
	264	/* Open the file for appending. */
	265	f = fopen(filename, "a");
	266	if (!f)
	267	return 0;
	268
4d195447	269	/* size of modulus 'n' */
	270	bits = BN_num_bits(n);
	271
8efc0c15	272	/* Print the host name and key to the file. */
	273	fprintf(f, "%s %u ", host, bits);
	274	buf = BN_bn2dec(e);
5bae4ab8	275	if (buf == NULL) {
4d195447	276	error("add_host_to_hostfile: BN_bn2dec(e) failed");
5bae4ab8	277	fclose(f);
	278	return 0;
	279	}
8efc0c15	280	fprintf(f, "%s ", buf);
	281	free (buf);
	282	buf = BN_bn2dec(n);
5bae4ab8	283	if (buf == NULL) {
4d195447	284	error("add_host_to_hostfile: BN_bn2dec(n) failed");
5bae4ab8	285	fclose(f);
	286	return 0;
	287	}
8efc0c15	288	fprintf(f, "%s\n", buf);
	289	free (buf);
	290
	291	/* Close the file. */
	292	fclose(f);
	293	return 1;
	294	}