*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.108 2001/06/23 02:34:31 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.119 2002/01/21 15:13:51 markus Exp $");
#include <openssl/bn.h>
#include "readconf.h"
#include "atomicio.h"
#include "misc.h"
+#include "readpass.h"
char *client_version_string = NULL;
char *server_version_string = NULL;
extern Options options;
extern char *__progname;
-/* AF_UNSPEC or AF_INET or AF_INET6 */
-extern int IPv4or6;
+#ifndef INET6_ADDRSTRLEN /* for non IPv6 machines */
+#define INET6_ADDRSTRLEN 46
+#endif
+
+static const char *
+sockaddr_ntop(struct sockaddr *sa)
+{
+ void *addr;
+ static char addrbuf[INET6_ADDRSTRLEN];
+
+ switch (sa->sa_family) {
+ case AF_INET:
+ addr = &((struct sockaddr_in *)sa)->sin_addr;
+ break;
+ case AF_INET6:
+ addr = &((struct sockaddr_in6 *)sa)->sin6_addr;
+ break;
+ default:
+ /* This case should be protected against elsewhere */
+ abort(); /* XXX abort is bad -- do something else */
+ }
+ inet_ntop(sa->sa_family, addr, addrbuf, sizeof(addrbuf));
+ return addrbuf;
+}
/*
* Connect to the given ssh server using a proxy command.
*/
-int
+static int
ssh_proxy_connect(const char *host, u_short port, struct passwd *pw,
const char *proxy_command)
{
/* Create pipes for communicating with the proxy. */
if (pipe(pin) < 0 || pipe(pout) < 0)
fatal("Could not create pipes to communicate with the proxy: %.100s",
- strerror(errno));
+ strerror(errno));
debug("Executing proxy command: %.500s", command_string);
/* Set the connection file descriptors. */
packet_set_connection(pout[0], pin[1]);
- return 1;
+ /* Indicate OK return */
+ return 0;
}
/*
* Creates a (possibly privileged) socket for use as the ssh connection.
*/
-int
+static int
ssh_create_socket(struct passwd *pw, int privileged, int family)
{
int sock, gaierr;
return sock;
memset(&hints, 0, sizeof(hints));
- hints.ai_family = IPv4or6;
+ hints.ai_family = family;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = AI_PASSIVE;
gaierr = getaddrinfo(options.bind_address, "0", &hints, &res);
* second). If proxy_command is non-NULL, it specifies the command (with %h
* and %p substituted for host and port, respectively) to use to contact
* the daemon.
+ * Return values:
+ * 0 for OK
+ * ECONNREFUSED if we got a "Connection Refused" by the peer on any address
+ * ECONNABORTED if we failed without a "Connection refused"
+ * Suitable error messages for the connection failure will already have been
+ * printed.
*/
int
ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
- u_short port, int connection_attempts,
- int anonymous, struct passwd *pw,
- const char *proxy_command)
+ u_short port, int family, int connection_attempts,
+ int anonymous, struct passwd *pw, const char *proxy_command)
{
int gaierr;
int on = 1;
struct addrinfo hints, *ai, *aitop;
struct linger linger;
struct servent *sp;
+ /*
+ * Did we get only other errors than "Connection refused" (which
+ * should block fallback to rsh and similar), or did we get at least
+ * one "Connection refused"?
+ */
+ int full_failure = 1;
debug("ssh_connect: getuid %u geteuid %u anon %d",
- (u_int) getuid(), (u_int) geteuid(), anonymous);
+ (u_int) getuid(), (u_int) geteuid(), anonymous);
/* Get default port if port has not been set. */
if (port == 0) {
/* No proxy command. */
memset(&hints, 0, sizeof(hints));
- hints.ai_family = IPv4or6;
+ hints.ai_family = family;
hints.ai_socktype = SOCK_STREAM;
snprintf(strport, sizeof strport, "%d", port);
if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0)
* Try to connect several times. On some machines, the first time
* will sometimes fail. In general socket code appears to behave
* quite magically on many machines.
- */
- for (attempt = 0; attempt < connection_attempts; attempt++) {
+ */
+ for (attempt = 0; ;) {
if (attempt > 0)
debug("Trying again...");
#endif
ai->ai_family);
if (sock < 0)
+ /* Any error is already output */
continue;
/* Connect to the host. We use the user's uid in the
restore_uid();
break;
} else {
- debug("connect: %.100s", strerror(errno));
+ if (errno == ECONNREFUSED)
+ full_failure = 0;
+ log("ssh: connect to address %s port %s: %s",
+ sockaddr_ntop(ai->ai_addr), strport,
+ strerror(errno));
restore_uid();
/*
* Close the failed socket; there appear to
* which connect() has already returned an
* error.
*/
- shutdown(sock, SHUT_RDWR);
close(sock);
}
}
if (ai)
break; /* Successful connection. */
+ attempt++;
+ if (attempt >= connection_attempts)
+ break;
/* Sleep a moment before retrying. */
sleep(1);
}
/* Return failure if we didn't get a successful connection. */
if (attempt >= connection_attempts)
- return 0;
+ return full_failure ? ECONNABORTED : ECONNREFUSED;
debug("Connection established.");
/* Set the connection. */
packet_set_connection(sock, sock);
- return 1;
+ return 0;
}
/*
* Waits for the server identification string, and sends our own
* identification string.
*/
-void
+static void
ssh_exchange_identification(void)
{
char buf[256], remote_version[256]; /* must be same size! */
&remote_major, &remote_minor, remote_version) != 3)
fatal("Bad remote protocol version identification: '%.100s'", buf);
debug("Remote protocol version %d.%d, remote software version %.100s",
- remote_major, remote_minor, remote_version);
+ remote_major, remote_minor, remote_version);
compat_datafellows(remote_version);
mismatch = 0;
- switch(remote_major) {
+ switch (remote_major) {
case 1:
if (remote_minor == 99 &&
(options.protocol & SSH_PROTO_2) &&
}
/* defaults to 'no' */
-int
-read_yes_or_no(const char *prompt, int defval)
+static int
+confirm(const char *prompt)
{
- char buf[1024];
- FILE *f;
- int retval = -1;
+ const char *msg, *again = "Please type 'yes' or 'no': ";
+ char *p;
+ int ret = -1;
if (options.batch_mode)
return 0;
-
- if (isatty(STDIN_FILENO))
- f = stdin;
- else
- f = fopen(_PATH_TTY, "rw");
-
- if (f == NULL)
- return 0;
-
- fflush(stdout);
-
- while (1) {
- fprintf(stderr, "%s", prompt);
- if (fgets(buf, sizeof(buf), f) == NULL) {
- /*
- * Print a newline (the prompt probably didn\'t have
- * one).
- */
- fprintf(stderr, "\n");
- strlcpy(buf, "no", sizeof buf);
- }
- /* Remove newline from response. */
- if (strchr(buf, '\n'))
- *strchr(buf, '\n') = 0;
-
- if (buf[0] == 0)
- retval = defval;
- if (strcmp(buf, "yes") == 0)
- retval = 1;
- else if (strcmp(buf, "no") == 0)
- retval = 0;
- else
- fprintf(stderr, "Please type 'yes' or 'no'.\n");
-
- if (retval != -1) {
- if (f != stdin)
- fclose(f);
- return retval;
- }
+ for (msg = prompt;;msg = again) {
+ p = read_passphrase(msg, RP_ECHO);
+ if (p == NULL ||
+ (p[0] == '\0') || (p[0] == '\n') ||
+ strncasecmp(p, "no", 2) == 0)
+ ret = 0;
+ if (strncasecmp(p, "yes", 3) == 0)
+ ret = 1;
+ if (p)
+ xfree(p);
+ if (ret != -1)
+ return ret;
}
}
* is not valid. the user_hostfile will not be updated if 'readonly' is true.
*/
-int
+static int
check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
int readonly, const char *user_hostfile, const char *system_hostfile)
{
int local = 0, host_ip_differ = 0;
int salen;
char ntop[NI_MAXHOST];
- int host_line, ip_line;
+ char msg[1024];
+ int len, host_line, ip_line;
const char *host_file = NULL, *ip_file = NULL;
/*
switch (hostaddr->sa_family) {
case AF_INET:
local = (ntohl(((struct sockaddr_in *)hostaddr)->
- sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
+ sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
salen = sizeof(struct sockaddr_in);
break;
case AF_INET6:
salen = sizeof(struct sockaddr_storage);
break;
}
- if (local && options.host_key_alias == NULL) {
+ if (options.no_host_authentication_for_localhost == 1 && local &&
+ options.host_key_alias == NULL) {
debug("Forcing accepting of host key for "
"loopback/localhost.");
return 0;
*/
host_file = user_hostfile;
host_status = check_host_in_hostfile(host_file, host, host_key,
- file_key, &host_line);
+ file_key, &host_line);
if (host_status == HOST_NEW) {
host_file = system_hostfile;
host_status = check_host_in_hostfile(host_file, host, host_key,
"'%.128s' not in list of known hosts.",
type, ip);
else if (!add_host_to_hostfile(user_hostfile, ip,
- host_key))
+ host_key))
log("Failed to add the %s host key for IP "
"address '%.128s' to the list of known "
"hosts (%.30s).", type, ip, user_hostfile);
goto fail;
} else if (options.strict_host_key_checking == 2) {
/* The default */
- char prompt[1024];
fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
- snprintf(prompt, sizeof(prompt),
+ snprintf(msg, sizeof(msg),
"The authenticity of host '%.200s (%s)' can't be "
"established.\n"
"%s key fingerprint is %s.\n"
"Are you sure you want to continue connecting "
"(yes/no)? ", host, ip, type, fp);
xfree(fp);
- if (!read_yes_or_no(prompt, -1)) {
- log("Aborted by user!");
+ if (!confirm(msg))
goto fail;
- }
}
if (options.check_host_ip && ip_status == HOST_NEW) {
snprintf(hostline, sizeof(hostline), "%s,%s", host, ip);
error("Port forwarding is disabled to avoid "
"man-in-the-middle attacks.");
options.num_local_forwards =
- options.num_remote_forwards = 0;
+ options.num_remote_forwards = 0;
}
/*
* XXX Should permit the user to change to use the new id.
if (options.check_host_ip && host_status != HOST_CHANGED &&
ip_status == HOST_CHANGED) {
- log("Warning: the %s host key for '%.200s' "
- "differs from the key for the IP address '%.128s'",
- type, host, ip);
- if (host_status == HOST_OK)
- log("Matching host key in %s:%d", host_file, host_line);
- log("Offending key for IP in %s:%d", ip_file, ip_line);
+ snprintf(msg, sizeof(msg),
+ "Warning: the %s host key for '%.200s' "
+ "differs from the key for the IP address '%.128s'"
+ "\nOffending key for IP in %s:%d",
+ type, host, ip, ip_file, ip_line);
+ if (host_status == HOST_OK) {
+ len = strlen(msg);
+ snprintf(msg + len, sizeof(msg) - len,
+ "\nMatching host key in %s:%d",
+ host_file, host_line);
+ }
if (options.strict_host_key_checking == 1) {
+ log(msg);
error("Exiting, you have requested strict checking.");
goto fail;
} else if (options.strict_host_key_checking == 2) {
- if (!read_yes_or_no("Are you sure you want "
- "to continue connecting (yes/no)? ", -1)) {
- log("Aborted by user!");
+ strlcat(msg, "\nAre you sure you want "
+ "to continue connecting (yes/no)? ", sizeof(msg));
+ if (!confirm(msg))
goto fail;
- }
+ } else {
+ log(msg);
}
}