summaryrefslogtreecommitdiff
path: root/hostfile.c
Commit message (Collapse)AuthorAgeFilesLines
* upstream: fseek to end of known_hosts before writing to it.dtucker@openbsd.org2023-02-211-8/+9
| | | | | | | | | POSIX and ANSI C require that applications call fseek or similar between read and writing to a RW file. OpenBSD doesn't enforce this, but some (System V derived) platforms need this to prevent it from writing a spurious extra byte (in this case, a newline). ok djm@ deraadt@ OpenBSD-Commit-ID: 33e680dcd8110582a93a40a8491024e961f45137
* upstream: Ensure that there is a terminating newline when adding a newdtucker@openbsd.org2023-02-091-2/+10
| | | | | | | entry to known_hosts. bz#3529, with git+openssh at limpsquid.nl, ok deraadt@ markus@ OpenBSD-Commit-ID: fa8d90698da1886570512b96f051e266eac105e0
* upstream: piece of UpdateHostkeys client strictification: whendjm@openbsd.org2022-01-071-2/+2
| | | | | | | updating known_hosts with new keys, ignore NULL keys (forgot to include in prior commit) OpenBSD-Commit-ID: 49d2eda6379490e1ceec40c3b670b973f63dea08
* upstream: Dynamically allocate encoded HashKnownHosts and free asdtucker@openbsd.org2021-10-061-9/+11
| | | | | | | | | appropriate. Saves 1k of static storage and prevents snprintf "possible truncation" warnings from newer compilers (although in this case it's false positive since the actual sizes are limited by the output size of the SHA1). ok djm@ OpenBSD-Commit-ID: e254ae723f7e3dce352c7d5abc4b6d87faf61bf4
* upstream: Order includes as per style(9). Portable already hasdtucker@openbsd.org2021-07-081-1/+1
| | | | | | these so this removes a handful of diffs between the two. OpenBSD-Commit-ID: 8bd7452d809b199c19bfc49511a798f414eb4a77
* upstream: typos in comments; GHPR#180 from Villdjm@openbsd.org2021-04-031-2/+2
| | | | | | | | | =?UTF-8?q?e=20Skytt=C3=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: 93c732381ae0e2b680c79e67c40c1814b7ceed2c
* upstream: make struct hostkeys public; I have no idea why I made itdjm@openbsd.org2021-01-261-6/+1
| | | | | | | | opaque originally. ok markus@ OpenBSD-Commit-ID: e50780b34d4bbe628d69b2405b024dd749d982f3
* upstream: move check_host_cert() from sshconnect,c to sshkey.c anddjm@openbsd.org2021-01-261-1/+2
| | | | | | | | refactor it to make it more generally usable and testable. ok markus@ OpenBSD-Commit-ID: 536f489f5ff38808c1fa711ba58d4579b636f9e4
* upstream: load_hostkeys()/hostkeys_foreach() variants for FILE*djm@openbsd.org2020-12-211-11/+43
| | | | | | | | | | | | | | | | | Add load_hostkeys_file() and hostkeys_foreach_file() that accept a FILE* argument instead of opening the file directly. Original load_hostkeys() and hostkeys_foreach() are implemented using these new interfaces. Add a u_int note field to the hostkey_entry and hostkey_foreach_line structs that is passed directly from the load_hostkeys() and hostkeys_foreach() call. This is a lightweight way to annotate results between different invocations of load_hostkeys(). ok markus@ OpenBSD-Commit-ID: 6ff6db13ec9ee4edfa658b2c38baad0f505d8c20
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-31/+26
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: UpdateHostkeys: better CheckHostIP handlingdjm@openbsd.org2020-10-121-28/+49
| | | | | | | | | | | | | | When preparing to update the known_hosts file, fully check both entries for both the host and the address (if CheckHostIP enabled) and ensure that, at the end of the operation, entries for both are recorded. Make sure this works with HashKnownHosts too, which requires maintaining a list of entry-types seen across the whole file for each key. ok markus@ OpenBSD-Commit-ID: 374dc263103f6b343d9671f87dbf81ffd0d6abdd
* upstream: Fix UpdateHostkeys/HashKnownHosts/CheckHostIP bugdjm@openbsd.org2020-10-071-1/+4
| | | | | | | | | | When all of UpdateHostkeys, HashKnownHosts and ChechHostIP were enabled and new host keys were learned, known_hosts IP entries were not being recorded for new host keys. reported by matthieu@ ok markus@ OpenBSD-Commit-ID: a654a8290bd1c930aac509e8158cf85e42e49cb7
* upstream: when ordering host key algorithms in the client, considerdjm@openbsd.org2020-10-071-5/+9
| | | | | | the ECDSA key subtype; ok markus@ OpenBSD-Commit-ID: 3097686f853c61ff61772ea35f8b699931392ece
* upstream: avoid spurious error message when ssh-keygen creates filesdjm@openbsd.org2020-06-261-4/+6
| | | | | | outside ~/.ssh; with dtucker@ OpenBSD-Commit-ID: ac0c662d44607e00ec78c266ee60752beb1c7e08
* missing ifdef SELINUX; spotted by dtuckerDamien Miller2020-06-261-0/+4
|
* upstream: Defer creation of ~/.ssh by ssh(1) until we attempt todtucker@openbsd.org2020-06-261-1/+35
| | | | | | | | write to it so we don't leave an empty .ssh directory when it's not needed. Use the same function to replace the code in ssh-keygen that does the same thing. bz#3156, ok djm@ OpenBSD-Commit-ID: 59c073b569be1a60f4de36f491a4339bc4ae870f
* upstream: when ordering the hostkey algorithms to request from adjm@openbsd.org2020-05-271-1/+13
| | | | | | | server, prefer certificate types if the known_hosts files contain a key marked as a @cert-authority; bz#3157 ok markus@ OpenBSD-Commit-ID: 8f194573e5bb7c01b69bbfaabc68f27c9fa5e0db
* upstream: fix possible null-deref in check_key_not_revoked; okmarkus@openbsd.org2020-03-131-2/+2
| | | | | | djm OpenBSD-Commit-ID: 80855e9d7af42bb6fcc16c074ba69876bfe5e3bf
* upstream: change explicit_bzero();free() to freezero()jsg@openbsd.org2020-02-281-3/+2
| | | | | | | | | | While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
* upstream: allow UpdateKnownHosts=yes to function when multipledjm@openbsd.org2020-01-251-1/+2
| | | | | | | | | | known_hosts files are in use. When updating host keys, ssh will now search subsequent known_hosts files, but will add new/changed host keys to the first specified file only. bz#2738 ok markus@ OpenBSD-Commit-ID: 6ded6d878a03e57d5aa20bab9c31f92e929dbc6c
* remove duplicate #includesDamien Miller2019-10-021-1/+0
| | | | Prompted by Jakub Jelen
* upstream: Remove some set but never used variables. ok daraadt@dtucker@openbsd.org2019-07-081-3/+2
| | | | OpenBSD-Commit-ID: 824baf9c59afc66a4637017e397b9b74a41684e7
* upstream: oops, from asouderaadt@openbsd.org2019-06-281-2/+2
| | | | OpenBSD-Commit-ID: 702e765d1639b732370d8f003bb84a1c71c4d0c6
* upstream: Some asprintf() calls were checked < 0, rather than thederaadt@openbsd.org2019-06-281-3/+3
| | | | | | precise == -1. ok millert nicm tb, etc OpenBSD-Commit-ID: caecf8f57938685c04f125515b9f2806ad408d53
* upstream: memleaks; found by valgrinddjm@openbsd.org2018-07-161-2/+2
| | | | OpenBSD-Commit-ID: 6c3ba22be53e753c899545f771e8399fc93cd844
* upstream: switch config file parsing to getline(3) as this avoidsmarkus@openbsd.org2018-06-071-6/+9
| | | | | | static limits noted by gerhard@; ok dtucker@, djm@ OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
* upstream commitderaadt@openbsd.org2017-06-011-2/+2
| | | | | | | | | Switch to recallocarray() for a few operations. Both growth and shrinkage are handled safely, and there also is no need for preallocation dances. Future changes in this area will be less error prone. Review and one bug found by markus Upstream-ID: 822d664d6a5a1d10eccb23acdd53578a679d5065
* upstream commitdjm@openbsd.org2017-05-011-15/+3
| | | | | | | | remove KEY_RSA1 ok markus@ Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
* upstream commitdjm@openbsd.org2017-05-011-14/+1
| | | | | | unifdef WITH_SSH1 ok markus@ Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
* upstream commitdjm@openbsd.org2017-03-101-7/+12
| | | | | | | ensure hostname is lower-case before hashing it; bz#2591 reported by Griff Miller II; ok dtucker@ Upstream-ID: c3b8b93804f376bd00d859b8bcd9fc0d86b4db17
* upstream committedu@openbsd.org2016-09-211-4/+3
| | | | | | | replace two arc4random loops with arc4random_buf ok deraadt natano Upstream-ID: e18ede972d1737df54b49f011fa4f3917a403f48
* upstream commitdjm@openbsd.org2015-05-101-2/+2
| | | | | | | | | | | Remove pattern length argument from match_pattern_list(), we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@
* upstream commitdjm@openbsd.org2015-04-011-4/+5
| | | | | | | | | downgrade error() for known_hosts parse errors to debug() to quiet warnings from ssh1 keys present when compiled !ssh1. also identify ssh1 keys when scanning, even when compiled !ssh1 ok markus@ miod@
* upstream commitdjm@openbsd.org2015-02-171-76/+143
| | | | | | Refactor hostkeys_foreach() and dependent code Deal with IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing changed ok markus@ as part of larger commit
* upstream commitdjm@openbsd.org2015-01-271-2/+4
| | | | properly restore umask
* upstream commitdjm@openbsd.org2015-01-271-16/+190
| | | | | | | | | | | | | | | Host key rotation support. Add a hostkeys@openssh.com protocol extension (global request) for a server to inform a client of all its available host key after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys. The client side of this is controlled by a UpdateHostkeys config option (default on). ok markus@
* upstream commitdjm@openbsd.org2015-01-201-89/+52
| | | | | convert load_hostkeys() (hostkey ordering and known_host matching) to use the new hostkey_foreach() iterator; ok markus
* upstream commitdjm@openbsd.org2015-01-201-2/+145
| | | | | | | | | introduce hostkeys_foreach() to allow iteration over a known_hosts file or controlled subset thereof. This will allow us to pull out some ugly and duplicated code, and will be used to implement hostkey rotation later. feedback and ok markus
* upstream commitdjm@openbsd.org2015-01-151-34/+40
| | | | | sync ssh-keysign, ssh-keygen and some dependencies to the new buffer/key API; mostly mechanical, ok markus@
* upstream commitdjm@openbsd.org2014-10-201-3/+3
| | | | whitespace
* - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller2014-07-021-1/+2
| | | | | | | | | | | | | | | | | | | | | | | [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
* - markus@cvs.openbsd.org 2014/04/29 18:01:49Damien Miller2014-05-151-1/+7
| | | | | | | | | | [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
* - tedu@cvs.openbsd.org 2014/01/31 16:39:19Damien Miller2014-02-041-3/+3
| | | | | | | | | | [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
* - markus@cvs.openbsd.org 2014/01/27 18:58:14Damien Miller2014-02-041-15/+14
| | | | | | [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h] replace openssl HMAC with an implementation based on our ssh_digest_* ok and feedback djm@
* - djm@cvs.openbsd.org 2014/01/09 23:20:00Damien Miller2014-01-101-1/+2
| | | | | | | | | | | [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c] [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c] [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c] [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c] Introduce digest API and use it to perform all hashing operations rather than calling OpenSSL EVP_Digest* directly. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in future; feedback, ok markus@
* - djm@cvs.openbsd.org 2013/07/12 00:19:59Damien Miller2013-07-181-7/+10
| | | | | | [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c] [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c] fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
* - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker2013-06-021-9/+7
| | | | | | | | | | | | | | | | | | [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
* - djm@cvs.openbsd.org 2010/12/04 13:31:37Darren Tucker2010-12-051-1/+2
| | | | | [hostfile.c] fix fd leak; spotted and ok dtucker
* - djm@cvs.openbsd.org 2010/11/29 23:45:51Damien Miller2010-12-011-125/+176
| | | | | | | | | [auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c] [sshconnect.h sshconnect2.c] automatically order the hostkeys requested by the client based on which hostkeys are already recorded in known_hosts. This avoids hostkey warnings when connecting to servers with new ECDSA keys that are preferred by default; with markus@
* - djm@cvs.openbsd.org 2010/03/04 10:36:03Damien Miller2010-03-041-21/+81
| | | | | | | | | | | | | | | [auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c] [authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h] [ssh-keygen.c ssh.1 sshconnect.c sshd_config.5] Add a TrustedUserCAKeys option to sshd_config to specify CA keys that are trusted to authenticate users (in addition than doing it per-user in authorized_keys). Add a RevokedKeys option to sshd_config and a @revoked marker to known_hosts to allow keys to me revoked and banned for user or host authentication. feedback and ok markus@
View Lorry Controller Status