[openssh.git] / hostfile.c

/*
 * 
 * hostfile.c
 * 
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * 
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 * 
 * Created: Thu Jun 29 07:10:56 1995 ylo
 * 
 * Functions for manipulating the known hosts files.
 * 
 */

#include "includes.h"
RCSID("$Id$");

#include "packet.h"
#include "ssh.h"

/*
 * Reads a multiple-precision integer in hex from the buffer, and advances
 * the pointer.  The integer must already be initialized.  This function is
 * permitted to modify the buffer.  This leaves *cpp to point just beyond the
 * last processed (and maybe modified) character.  Note that this may modify
 * the buffer containing the number.
 */

int
auth_rsa_read_bignum(char **cpp, BIGNUM * value)
{
	char *cp = *cpp;
	int len, old;

	/* Skip any leading whitespace. */
	for (; *cp == ' ' || *cp == '\t'; cp++)
		;

	/* Check that it begins with a hex digit. */
	if (*cp < '0' || *cp > '9')
		return 0;

	/* Save starting position. */
	*cpp = cp;

	/* Move forward until all hex digits skipped. */
	for (; *cp >= '0' && *cp <= '9'; cp++)
		;

	/* Compute the length of the hex number. */
	len = cp - *cpp;

	/* Save the old terminating character, and replace it by \0. */
	old = *cp;
	*cp = 0;

	/* Parse the number. */
	if (BN_dec2bn(&value, *cpp) == 0)
		return 0;

	/* Restore old terminating character. */
	*cp = old;

	/* Move beyond the number and return success. */
	*cpp = cp;
	return 1;
}

/*
 * Parses an RSA key (number of bits, e, n) from a string.  Moves the pointer
 * over the key.  Skips any whitespace at the beginning and at end.
 */

int
auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n)
{
	unsigned int bits;
	char *cp;

	/* Skip leading whitespace. */
	for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++)
		;

	/* Get number of bits. */
	if (*cp < '0' || *cp > '9')
		return 0;	/* Bad bit count... */
	for (bits = 0; *cp >= '0' && *cp <= '9'; cp++)
		bits = 10 * bits + *cp - '0';

	/* Get public exponent. */
	if (!auth_rsa_read_bignum(&cp, e))
		return 0;

	/* Get public modulus. */
	if (!auth_rsa_read_bignum(&cp, n))
		return 0;

	/* Skip trailing whitespace. */
	for (; *cp == ' ' || *cp == '\t'; cp++)
		;

	/* Return results. */
	*cpp = cp;
	*bitsp = bits;
	return 1;
}

/*
 * Tries to match the host name (which must be in all lowercase) against the
 * comma-separated sequence of subpatterns (each possibly preceded by ! to
 * indicate negation).  Returns true if there is a positive match; zero
 * otherwise.
 */

int
match_hostname(const char *host, const char *pattern, unsigned int len)
{
	char sub[1024];
	int negated;
	int got_positive;
	unsigned int i, subi;

	got_positive = 0;
	for (i = 0; i < len;) {
		/* Check if the subpattern is negated. */
		if (pattern[i] == '!') {
			negated = 1;
			i++;
		} else
			negated = 0;

		/*
		 * Extract the subpattern up to a comma or end.  Convert the
		 * subpattern to lowercase.
		 */
		for (subi = 0;
		     i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
		     subi++, i++)
			sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i];
		/* If subpattern too long, return failure (no match). */
		if (subi >= sizeof(sub) - 1)
			return 0;

		/* If the subpattern was terminated by a comma, skip the comma. */
		if (i < len && pattern[i] == ',')
			i++;

		/* Null-terminate the subpattern. */
		sub[subi] = '\0';

		/* Try to match the subpattern against the host name. */
		if (match_pattern(host, sub)) {
			if (negated)
				return 0;	/* Fail */
			else
				got_positive = 1;
		}
	}

	/*
	 * Return success if got a positive match.  If there was a negative
	 * match, we have already returned zero and never get here.
	 */
	return got_positive;
}

/*
 * Checks whether the given host (which must be in all lowercase) is already
 * in the list of our known hosts. Returns HOST_OK if the host is known and
 * has the specified key, HOST_NEW if the host is not known, and HOST_CHANGED
 * if the host is known but used to have a different host key.
 */

HostStatus
check_host_in_hostfile(const char *filename, const char *host,
		       BIGNUM * e, BIGNUM * n, BIGNUM * ke, BIGNUM * kn)
{
	FILE *f;
	char line[8192];
	int linenum = 0;
	unsigned int bits, kbits, hostlen;
	char *cp, *cp2;
	HostStatus end_return;

	/* Open the file containing the list of known hosts. */
	f = fopen(filename, "r");
	if (!f)
		return HOST_NEW;

	/* Cache the length of the host name. */
	hostlen = strlen(host);

	/*
	 * Return value when the loop terminates.  This is set to
	 * HOST_CHANGED if we have seen a different key for the host and have
	 * not found the proper one.
	 */
	end_return = HOST_NEW;

	/* size of modulus 'n' */
	bits = BN_num_bits(n);

	/* Go trough the file. */
	while (fgets(line, sizeof(line), f)) {
		cp = line;
		linenum++;

		/* Skip any leading whitespace, comments and empty lines. */
		for (; *cp == ' ' || *cp == '\t'; cp++)
			;
		if (!*cp || *cp == '#' || *cp == '\n')
			continue;

		/* Find the end of the host name portion. */
		for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++)
			;

		/* Check if the host name matches. */
		if (!match_hostname(host, cp, (unsigned int) (cp2 - cp)))
			continue;

		/* Got a match.  Skip host name. */
		cp = cp2;

		/*
		 * Extract the key from the line.  This will skip any leading
		 * whitespace.  Ignore badly formatted lines.
		 */
		if (!auth_rsa_read_key(&cp, &kbits, ke, kn))
			continue;

		if (kbits != BN_num_bits(kn)) {
			error("Warning: error in %s, line %d: keysize mismatch for host %s: "
			      "actual size %d vs. announced %d.",
			filename, linenum, host, BN_num_bits(kn), kbits);
			error("Warning: replace %d with %d in %s, line %d.",
			      kbits, BN_num_bits(kn), filename, linenum);
		}
		/* Check if the current key is the same as the given key. */
		if (BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0) {
			/* Ok, they match. */
			fclose(f);
			return HOST_OK;
		}
		/*
		 * They do not match.  We will continue to go through the
		 * file; however, we note that we will not return that it is
		 * new.
		 */
		end_return = HOST_CHANGED;
	}
	/* Clear variables and close the file. */
	fclose(f);

	/*
	 * Return either HOST_NEW or HOST_CHANGED, depending on whether we
	 * saw a different key for the host.
	 */
	return end_return;
}

/*
 * Appends an entry to the host file.  Returns false if the entry could not
 * be appended.
 */

int
add_host_to_hostfile(const char *filename, const char *host,
		     BIGNUM * e, BIGNUM * n)
{
	FILE *f;
	char *buf;
	unsigned int bits;

	/* Open the file for appending. */
	f = fopen(filename, "a");
	if (!f)
		return 0;

	/* size of modulus 'n' */
	bits = BN_num_bits(n);

	/* Print the host name and key to the file. */
	fprintf(f, "%s %u ", host, bits);
	buf = BN_bn2dec(e);
	if (buf == NULL) {
		error("add_host_to_hostfile: BN_bn2dec(e) failed");
		fclose(f);
		return 0;
	}
	fprintf(f, "%s ", buf);
	free(buf);
	buf = BN_bn2dec(n);
	if (buf == NULL) {
		error("add_host_to_hostfile: BN_bn2dec(n) failed");
		fclose(f);
		return 0;
	}
	fprintf(f, "%s\n", buf);
	free(buf);

	/* Close the file. */
	fclose(f);
	return 1;
}
Commit	Line	Data
8efc0c15	1	/*
5260325f	2	*
	3	* hostfile.c
	4	*
	5	* Author: Tatu Ylonen <ylo@cs.hut.fi>
	6	*
	7	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	8	* All rights reserved
	9	*
	10	* Created: Thu Jun 29 07:10:56 1995 ylo
	11	*
	12	* Functions for manipulating the known hosts files.
	13	*
	14	*/
8efc0c15	15
	16	#include "includes.h"
	17	RCSID("$Id$");
	18
	19	#include "packet.h"
	20	#include "ssh.h"
	21
aa3378df	22	/*
	23	* Reads a multiple-precision integer in hex from the buffer, and advances
	24	* the pointer. The integer must already be initialized. This function is
	25	* permitted to modify the buffer. This leaves *cpp to point just beyond the
	26	* last processed (and maybe modified) character. Note that this may modify
	27	* the buffer containing the number.
	28	*/
8efc0c15	29
8efc0c15	30	int
5260325f	31	auth_rsa_read_bignum(char *cpp, BIGNUM value)
8efc0c15	32	{
5260325f	33	char cp = cpp;
	34	int len, old;
	35
	36	/* Skip any leading whitespace. */
aa3378df	37	for (; cp == ' ' \|\| cp == '\t'; cp++)
aa3378df	38	;
8efc0c15	39
5260325f	40	/* Check that it begins with a hex digit. */
	41	if (cp < '0' \|\| cp > '9')
	42	return 0;
8efc0c15	43
5260325f	44	/* Save starting position. */
5260325f	45	*cpp = cp;
8efc0c15	46
5260325f	47	/* Move forward until all hex digits skipped. */
aa3378df	48	for (; cp >= '0' && cp <= '9'; cp++)
aa3378df	49	;
8efc0c15	50
5260325f	51	/* Compute the length of the hex number. */
5260325f	52	len = cp - *cpp;
8efc0c15	53
5260325f	54	/* Save the old terminating character, and replace it by \0. */
	55	old = *cp;
	56	*cp = 0;
8efc0c15	57
5260325f	58	/* Parse the number. */
	59	if (BN_dec2bn(&value, *cpp) == 0)
	60	return 0;
8efc0c15	61
5260325f	62	/* Restore old terminating character. */
5260325f	63	*cp = old;
8efc0c15	64
5260325f	65	/* Move beyond the number and return success. */
	66	*cpp = cp;
	67	return 1;
8efc0c15	68	}
8efc0c15	69
aa3378df	70	/*
	71	* Parses an RSA key (number of bits, e, n) from a string. Moves the pointer
	72	* over the key. Skips any whitespace at the beginning and at end.
	73	*/
8efc0c15	74
8efc0c15	75	int
5260325f	76	auth_rsa_read_key(char *cpp, unsigned int bitsp, BIGNUM * e, BIGNUM * n)
8efc0c15	77	{
5260325f	78	unsigned int bits;
	79	char *cp;
	80
	81	/* Skip leading whitespace. */
aa3378df	82	for (cp = cpp; cp == ' ' \|\| *cp == '\t'; cp++)
aa3378df	83	;
5260325f	84
	85	/* Get number of bits. */
	86	if (cp < '0' \|\| cp > '9')
	87	return 0; /* Bad bit count... */
	88	for (bits = 0; cp >= '0' && cp <= '9'; cp++)
	89	bits = 10 * bits + *cp - '0';
	90
	91	/* Get public exponent. */
	92	if (!auth_rsa_read_bignum(&cp, e))
	93	return 0;
	94
	95	/* Get public modulus. */
	96	if (!auth_rsa_read_bignum(&cp, n))
	97	return 0;
	98
	99	/* Skip trailing whitespace. */
aa3378df	100	for (; cp == ' ' \|\| cp == '\t'; cp++)
aa3378df	101	;
5260325f	102
	103	/* Return results. */
	104	*cpp = cp;
	105	*bitsp = bits;
	106	return 1;
8efc0c15	107	}
8efc0c15	108
aa3378df	109	/*
	110	* Tries to match the host name (which must be in all lowercase) against the
	111	* comma-separated sequence of subpatterns (each possibly preceded by ! to
	112	* indicate negation). Returns true if there is a positive match; zero
	113	* otherwise.
	114	*/
8efc0c15	115
	116	int
	117	match_hostname(const char host, const char pattern, unsigned int len)
	118	{
5260325f	119	char sub[1024];
	120	int negated;
	121	int got_positive;
	122	unsigned int i, subi;
	123
	124	got_positive = 0;
	125	for (i = 0; i < len;) {
	126	/* Check if the subpattern is negated. */
	127	if (pattern[i] == '!') {
	128	negated = 1;
	129	i++;
	130	} else
	131	negated = 0;
	132
aa3378df	133	/*
	134	* Extract the subpattern up to a comma or end. Convert the
	135	* subpattern to lowercase.
	136	*/
5260325f	137	for (subi = 0;
aa3378df	138	i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
5260325f	139	subi++, i++)
	140	sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i];
	141	/* If subpattern too long, return failure (no match). */
	142	if (subi >= sizeof(sub) - 1)
	143	return 0;
	144
aa3378df	145	/* If the subpattern was terminated by a comma, skip the comma. */
5260325f	146	if (i < len && pattern[i] == ',')
	147	i++;
	148
	149	/* Null-terminate the subpattern. */
	150	sub[subi] = '\0';
	151
	152	/* Try to match the subpattern against the host name. */
	153	if (match_pattern(host, sub)) {
	154	if (negated)
aa3378df	155	return 0; /* Fail */
5260325f	156	else
	157	got_positive = 1;
	158	}
8efc0c15	159	}
5260325f	160
aa3378df	161	/*
	162	* Return success if got a positive match. If there was a negative
	163	* match, we have already returned zero and never get here.
	164	*/
5260325f	165	return got_positive;
8efc0c15	166	}
8efc0c15	167
aa3378df	168	/*
	169	* Checks whether the given host (which must be in all lowercase) is already
	170	* in the list of our known hosts. Returns HOST_OK if the host is known and
	171	* has the specified key, HOST_NEW if the host is not known, and HOST_CHANGED
	172	* if the host is known but used to have a different host key.
	173	*/
8efc0c15	174
8efc0c15	175	HostStatus
4d195447	176	check_host_in_hostfile(const char filename, const char host,
5260325f	177	BIGNUM * e, BIGNUM * n, BIGNUM * ke, BIGNUM * kn)
8efc0c15	178	{
5260325f	179	FILE *f;
	180	char line[8192];
	181	int linenum = 0;
	182	unsigned int bits, kbits, hostlen;
	183	char cp, cp2;
	184	HostStatus end_return;
	185
	186	/* Open the file containing the list of known hosts. */
	187	f = fopen(filename, "r");
	188	if (!f)
	189	return HOST_NEW;
	190
	191	/* Cache the length of the host name. */
	192	hostlen = strlen(host);
	193
aa3378df	194	/*
	195	* Return value when the loop terminates. This is set to
	196	* HOST_CHANGED if we have seen a different key for the host and have
	197	* not found the proper one.
	198	*/
5260325f	199	end_return = HOST_NEW;
	200
	201	/* size of modulus 'n' */
	202	bits = BN_num_bits(n);
	203
	204	/* Go trough the file. */
	205	while (fgets(line, sizeof(line), f)) {
	206	cp = line;
	207	linenum++;
	208
aa3378df	209	/* Skip any leading whitespace, comments and empty lines. */
	210	for (; cp == ' ' \|\| cp == '\t'; cp++)
	211	;
5260325f	212	if (!cp \|\| cp == '#' \|\| *cp == '\n')
	213	continue;
	214
	215	/* Find the end of the host name portion. */
aa3378df	216	for (cp2 = cp; cp2 && cp2 != ' ' && *cp2 != '\t'; cp2++)
aa3378df	217	;
5260325f	218
	219	/* Check if the host name matches. */
	220	if (!match_hostname(host, cp, (unsigned int) (cp2 - cp)))
	221	continue;
	222
	223	/* Got a match. Skip host name. */
	224	cp = cp2;
	225
aa3378df	226	/*
	227	* Extract the key from the line. This will skip any leading
	228	* whitespace. Ignore badly formatted lines.
	229	*/
5260325f	230	if (!auth_rsa_read_key(&cp, &kbits, ke, kn))
	231	continue;
	232
	233	if (kbits != BN_num_bits(kn)) {
	234	error("Warning: error in %s, line %d: keysize mismatch for host %s: "
	235	"actual size %d vs. announced %d.",
	236	filename, linenum, host, BN_num_bits(kn), kbits);
	237	error("Warning: replace %d with %d in %s, line %d.",
	238	kbits, BN_num_bits(kn), filename, linenum);
	239	}
	240	/* Check if the current key is the same as the given key. */
	241	if (BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0) {
	242	/* Ok, they match. */
	243	fclose(f);
	244	return HOST_OK;
	245	}
aa3378df	246	/*
	247	* They do not match. We will continue to go through the
	248	* file; however, we note that we will not return that it is
	249	* new.
	250	*/
5260325f	251	end_return = HOST_CHANGED;
8efc0c15	252	}
5260325f	253	/* Clear variables and close the file. */
	254	fclose(f);
	255
aa3378df	256	/*
	257	* Return either HOST_NEW or HOST_CHANGED, depending on whether we
	258	* saw a different key for the host.
	259	*/
5260325f	260	return end_return;
8efc0c15	261	}
8efc0c15	262
aa3378df	263	/*
	264	* Appends an entry to the host file. Returns false if the entry could not
	265	* be appended.
	266	*/
8efc0c15	267
	268	int
	269	add_host_to_hostfile(const char filename, const char host,
5260325f	270	BIGNUM * e, BIGNUM * n)
8efc0c15	271	{
5260325f	272	FILE *f;
	273	char *buf;
	274	unsigned int bits;
	275
	276	/* Open the file for appending. */
	277	f = fopen(filename, "a");
	278	if (!f)
	279	return 0;
	280
	281	/* size of modulus 'n' */
	282	bits = BN_num_bits(n);
	283
	284	/* Print the host name and key to the file. */
	285	fprintf(f, "%s %u ", host, bits);
	286	buf = BN_bn2dec(e);
	287	if (buf == NULL) {
	288	error("add_host_to_hostfile: BN_bn2dec(e) failed");
	289	fclose(f);
	290	return 0;
	291	}
	292	fprintf(f, "%s ", buf);
	293	free(buf);
	294	buf = BN_bn2dec(n);
	295	if (buf == NULL) {
	296	error("add_host_to_hostfile: BN_bn2dec(n) failed");
	297	fclose(f);
	298	return 0;
	299	}
	300	fprintf(f, "%s\n", buf);
	301	free(buf);
	302
	303	/* Close the file. */
	304	fclose(f);
	305	return 1;
8efc0c15	306	}