diff options
-rw-r--r-- | include/libssh/libssh.h | 23 | ||||
-rw-r--r-- | src/CMakeLists.txt | 1 | ||||
-rw-r--r-- | src/knownhosts.c | 295 | ||||
-rw-r--r-- | tests/unittests/CMakeLists.txt | 1 | ||||
-rw-r--r-- | tests/unittests/torture_knownhosts_parsing.c | 218 |
5 files changed, 538 insertions, 0 deletions
diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h index 0f509aea..ac5daaab 100644 --- a/include/libssh/libssh.h +++ b/include/libssh/libssh.h @@ -267,6 +267,16 @@ enum ssh_keycmp_e { SSH_KEY_CMP_PRIVATE }; +#define SSH_ADDRSTRLEN 46 + +struct ssh_knownhosts_entry { + char *hostname; + char *unparsed; + ssh_key publickey; + char *comment; +}; + + /* Error return codes */ #define SSH_OK 0 /* No error */ #define SSH_ERROR -1 /* Error of some kind */ @@ -505,6 +515,19 @@ LIBSSH_API int ssh_is_blocking(ssh_session session); LIBSSH_API int ssh_is_connected(ssh_session session); LIBSSH_API int ssh_is_server_known(ssh_session session); +/* KNOWN HOSTS */ +LIBSSH_API void ssh_knownhosts_entry_free(struct ssh_knownhosts_entry *entry); +#define SSH_KNOWNHOSTS_ENTRY_FREE(e) do { \ + if ((e) != NULL) { \ + ssh_knownhosts_entry_free(e); \ + e = NULL; \ + } \ +} while(0) + +LIBSSH_API int ssh_known_hosts_parse_line(const char *host, + const char *line, + struct ssh_knownhosts_entry **entry); + /* LOGGING */ LIBSSH_API int ssh_set_log_level(int level); LIBSSH_API int ssh_get_log_level(void); diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index da87313e..7ecee06c 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -135,6 +135,7 @@ set(libssh_SRCS init.c kex.c known_hosts.c + knownhosts.c legacy.c log.c match.c diff --git a/src/knownhosts.c b/src/knownhosts.c new file mode 100644 index 00000000..6557f89f --- /dev/null +++ b/src/knownhosts.c @@ -0,0 +1,295 @@ +/* + * known_hosts: Host and public key verification. + * + * This file is part of the SSH Library + * + * Copyright (c) 2003-2009 by Aris Adamantiadis + * Copyright (c) 2009-2017 by Andreas Schneider <asn@cryptomilk.org> + * + * The SSH Library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The SSH Library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the SSH Library; see the file COPYING. If not, write to + * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, + * MA 02111-1307, USA. + */ + +#include "config.h" + +#include <ctype.h> +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <arpa/inet.h> +#include <netinet/in.h> + +#include "libssh/priv.h" +#include "libssh/session.h" +#include "libssh/options.h" +#include "libssh/misc.h" +#include "libssh/pki.h" + +static int hash_hostname(const char *name, + unsigned char *salt, + unsigned int salt_size, + unsigned char **hash, + unsigned int *hash_size) +{ + HMACCTX mac_ctx; + + mac_ctx = hmac_init(salt, salt_size, SSH_HMAC_SHA1); + if (mac_ctx == NULL) { + return SSH_ERROR; + } + + hmac_update(mac_ctx, name, strlen(name)); + hmac_final(mac_ctx, *hash, hash_size); + + return SSH_OK; +} + +static int match_hashed_hostname(const char *host, const char *hashed_host) +{ + char *hashed; + char *b64_hash; + ssh_buffer salt = NULL; + ssh_buffer hash = NULL; + unsigned char hashed_buf[256] = {0}; + unsigned char *hashed_buf_ptr = hashed_buf; + unsigned int hashed_buf_size = sizeof(hashed_buf); + int cmp; + int rc; + int match = 0; + + cmp = strncmp(hashed_host, "|1|", 3); + if (cmp != 0) { + return 0; + } + + hashed = strdup(hashed_host + 3); + if (hashed == NULL) { + return 0; + } + + b64_hash = strchr(hashed, '|'); + if (b64_hash == NULL) { + goto error; + } + *b64_hash = '\0'; + b64_hash++; + + salt = base64_to_bin(hashed); + if (salt == NULL) { + goto error; + } + + hash = base64_to_bin(b64_hash); + if (hash == NULL) { + goto error; + } + + rc = hash_hostname(host, + ssh_buffer_get(salt), + ssh_buffer_get_len(salt), + &hashed_buf_ptr, + &hashed_buf_size); + if (rc != SSH_OK) { + goto error; + } + + if (hashed_buf_size != ssh_buffer_get_len(hash)) { + goto error; + } + + cmp = memcmp(hashed_buf, ssh_buffer_get(hash), hashed_buf_size); + if (cmp == 0) { + match = 1; + } + +error: + free(hashed); + ssh_buffer_free(salt); + ssh_buffer_free(hash); + + return match; +} + +/** + * @brief Free an allocated ssh_knownhosts_entry. + * + * Use SSH_KNOWNHOSTS_ENTRY_FREE() to set the pointer to NULL. + * + * @param[in] entry The entry to free. + */ +void ssh_knownhosts_entry_free(struct ssh_knownhosts_entry *entry) +{ + if (entry == NULL) { + return; + } + + SAFE_FREE(entry->hostname); + SAFE_FREE(entry->unparsed); + ssh_key_free(entry->publickey); + SAFE_FREE(entry->comment); + SAFE_FREE(entry); +} + +/** + * @brief Parse a line from a known_hosts entry into a structure + * + * This parses an known_hosts entry into a structure with the key in a libssh + * consumeable form. You can use the PKI key function to further work with it. + * + * @param[in] hostname The hostname to match the line to + * + * @param[in] line The line to compare and parse if we have a hostname + * match. + * + * @param[in] entry A pointer to store the the allocated known_hosts + * entry structure. The user needs to free the memory + * using SSH_KNOWNHOSTS_ENTRY_FREE(). + * + * @return SSH_OK on success, SSH_ERROR otherwise. + */ +int ssh_known_hosts_parse_line(const char *hostname, + const char *line, + struct ssh_knownhosts_entry **entry) +{ + struct ssh_knownhosts_entry *e = NULL; + char *known_host = NULL; + char *p; + enum ssh_keytypes_e key_type; + int match = 0; + int rc = SSH_OK; + + known_host = strdup(line); + if (known_host == NULL) { + return SSH_ERROR; + } + + /* match pattern for hostname or hashed hostname */ + p = strtok(known_host, " "); + if (p == NULL ) { + free(known_host); + return SSH_ERROR; + } + + e = calloc(1, sizeof(struct ssh_knownhosts_entry)); + if (e == NULL) { + free(known_host); + return SSH_ERROR; + } + + if (hostname != NULL) { + char *match_pattern = NULL; + char *q; + + /* Hashed */ + if (p[0] == '|') { + match = match_hashed_hostname(hostname, p); + } + + for (q = strtok(p, ","); + q != NULL; + q = strtok(NULL, ",")) { + int cmp; + + cmp = match_hostname(hostname, q, strlen(q)); + if (cmp == 1) { + match = 1; + break; + } + } + SAFE_FREE(match_pattern); + + if (match == 0) { + rc = SSH_AGAIN; + goto out; + } + + e->hostname = strdup(hostname); + if (e->hostname == NULL) { + rc = SSH_ERROR; + goto out; + } + } + + /* Restart parsing */ + SAFE_FREE(known_host); + known_host = strdup(line); + if (known_host == NULL) { + return SSH_ERROR; + } + + p = strtok(known_host, " "); + if (p == NULL ) { + free(known_host); + return SSH_ERROR; + } + + e->unparsed = strdup(p); + if (e->unparsed == NULL) { + rc = SSH_ERROR; + goto out; + } + + /* pubkey type */ + p = strtok(NULL, " "); + if (p == NULL) { + rc = SSH_ERROR; + goto out; + } + + key_type = ssh_key_type_from_name(p); + if (key_type == SSH_KEYTYPE_UNKNOWN) { + SSH_LOG(SSH_LOG_WARN, "key type '%s' unknown!", p); + rc = SSH_ERROR; + goto out; + } + + /* public key */ + p = strtok(NULL, " "); + if (p == NULL) { + rc = SSH_ERROR; + goto out; + } + + rc = ssh_pki_import_pubkey_base64(p, + key_type, + &e->publickey); + if (rc != SSH_OK) { + SSH_LOG(SSH_LOG_WARN, + "Failed to parse %s key for entry: %s!", + ssh_key_type_to_char(key_type), + e->unparsed); + goto out; + } + + /* comment */ + p = strtok(NULL, " "); + if (p != NULL) { + p = strstr(line, p); + e->comment = strdup(p); + if (e->comment == NULL) { + rc = SSH_ERROR; + goto out; + } + } + + *entry = e; + SAFE_FREE(known_host); + + return SSH_OK; +out: + SAFE_FREE(known_host); + ssh_knownhosts_entry_free(e); + return rc; +} diff --git a/tests/unittests/CMakeLists.txt b/tests/unittests/CMakeLists.txt index 3c4bc2c8..ee8db1d2 100644 --- a/tests/unittests/CMakeLists.txt +++ b/tests/unittests/CMakeLists.txt @@ -11,6 +11,7 @@ add_cmocka_test(torture_misc torture_misc.c ${TORTURE_LIBRARY}) add_cmocka_test(torture_config torture_config.c ${TORTURE_LIBRARY}) add_cmocka_test(torture_options torture_options.c ${TORTURE_LIBRARY}) add_cmocka_test(torture_isipaddr torture_isipaddr.c ${TORTURE_LIBRARY}) +add_cmocka_test(torture_knownhosts_parsing torture_knownhosts_parsing.c ${TORTURE_LIBRARY}) if (UNIX AND NOT WIN32) # requires ssh-keygen add_cmocka_test(torture_keyfiles torture_keyfiles.c ${TORTURE_LIBRARY}) diff --git a/tests/unittests/torture_knownhosts_parsing.c b/tests/unittests/torture_knownhosts_parsing.c new file mode 100644 index 00000000..8955c7e8 --- /dev/null +++ b/tests/unittests/torture_knownhosts_parsing.c @@ -0,0 +1,218 @@ +#include "config.h" + +#define LIBSSH_STATIC +#include <libssh/priv.h> +#include "torture.h" + +#include "knownhosts.c" + +#define LOCALHOST_RSA_LINE "localhost,127.0.0.1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDD7g+vV5cvxxGN0Ldmda4WZCPgRaxV1tV+1KRZoGUNUI61h0X4bmmGaAPRQBCz4G1d9bawqDqEqnpFWazrxBU5cQtISSjzuDJKovLGliky/ShTszee1Thszg3qVNk9gGOWj7jn/HDaOxRlp003Bp47MOdnMnK/oftllFDfY2fF5IRpE6sSIGtg2ZDtF95TV5/9W2oMOIAy8u/83tuibYlNPa1X/von5LgdaPLn6Bk16bQKIhAhlMtFZH8MBYEWe4ZtOGaSWKOsK9MM/RTMlwPi6PkfoHNl4MCMupjx+CdLXwbQEt9Ww+bBIaCui2VWBEiruVbIgJh0W2Tal0e2BzYZ What a Wurst!" +#define LOCALHOST_ECDSA_SHA1_NISTP256_LINE "localhost ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFWmI0n0Tn5+zR7pPGcKYszRbJ/T0T3QfzRBSMMiyebGKRY8tjkU5h2l/UMugzOrOyWqMGQDgQn+a0aMunhKMg0=" +#define LOCALHOST_DEFAULT_ED25519 "localhost ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7M22fXD7OiS7kGMXP+OoIjCa+J+5sq8SgAZfIOmDgM" +#define LOCALHOST_PORT_ED25519 "[localhost]:2222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7M22fXD7OiS7kGMXP+OoIjCa+J+5sq8SgAZfIOmDgM" +#define LOCALHOST_PATTERN_ED25519 "local* ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7M22fXD7OiS7kGMXP+OoIjCa+J+5sq8SgAZfIOmDgM" +#define LOCALHOST_HASHED_ED25519 "|1|ayWjmTf9mYgj7PuQNVOa7Lqkj5s=|hkbEh8FN6IkLo6t6GQGuBwamgsM= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7M22fXD7OiS7kGMXP+OoIjCa+J+5sq8SgAZfIOmDgM" + +#define TMP_FILE_NAME "/tmp/known_hosts_XXXXXX" + +static int setup_knownhosts_file(void **state) +{ + char *tmp_file = NULL; + size_t nwritten; + FILE *fp = NULL; + int fd; + + tmp_file = strdup(TMP_FILE_NAME); + assert_non_null(tmp_file); + *state = tmp_file; + + fd = mkstemp(tmp_file); + assert_return_code(fd, errno); + + fp = fdopen(fd, "w"); + if (fp == NULL) { + close(fd); + return -1; + } + + nwritten = fwrite(LOCALHOST_PATTERN_ED25519, + sizeof(char), + sizeof(LOCALHOST_PATTERN_ED25519), + fp); + if (nwritten != sizeof(LOCALHOST_PATTERN_ED25519)) { + fclose(fp); + return -1; + } + + nwritten = fwrite(LOCALHOST_RSA_LINE, + sizeof(char), + sizeof(LOCALHOST_RSA_LINE), + fp); + if (nwritten != sizeof(LOCALHOST_RSA_LINE)) { + fclose(fp); + return -1; + } + + fclose(fp); + + return 0; +} + +static int teardown_knownhosts_file(void **state) +{ + char *tmp_file = *state; + + if (tmp_file == NULL) { + return -1; + } + + unlink(tmp_file); + + return 0; +} + +static void torture_knownhosts_parse_line_rsa(void **state) { + struct ssh_knownhosts_entry *entry = NULL; + int rc; + + (void) state; + + rc = ssh_known_hosts_parse_line("localhost", + LOCALHOST_RSA_LINE, + &entry); + assert_int_equal(rc, SSH_OK); + + assert_string_equal(entry->hostname, "localhost"); + assert_non_null(entry->unparsed); + assert_non_null(entry->publickey); + assert_int_equal(ssh_key_type(entry->publickey), SSH_KEYTYPE_RSA); + assert_string_equal(entry->comment, "What a Wurst!"); + + SSH_KNOWNHOSTS_ENTRY_FREE(entry); + + rc = ssh_known_hosts_parse_line("127.0.0.1", + LOCALHOST_RSA_LINE, + &entry); + assert_int_equal(rc, SSH_OK); + + assert_string_equal(entry->hostname, "127.0.0.1"); + assert_non_null(entry->unparsed); + assert_non_null(entry->publickey); + assert_int_equal(ssh_key_type(entry->publickey), SSH_KEYTYPE_RSA); + assert_string_equal(entry->comment, "What a Wurst!"); + + SSH_KNOWNHOSTS_ENTRY_FREE(entry); +} + +static void torture_knownhosts_parse_line_ecdsa(void **state) { + struct ssh_knownhosts_entry *entry = NULL; + int rc; + + (void) state; + + rc = ssh_known_hosts_parse_line("localhost", + LOCALHOST_ECDSA_SHA1_NISTP256_LINE, + &entry); + assert_int_equal(rc, SSH_OK); + + assert_string_equal(entry->hostname, "localhost"); + assert_non_null(entry->unparsed); + assert_non_null(entry->publickey); + assert_int_equal(ssh_key_type(entry->publickey), SSH_KEYTYPE_ECDSA); + + SSH_KNOWNHOSTS_ENTRY_FREE(entry); +} + +static void torture_knownhosts_parse_line_default_ed25519(void **state) { + struct ssh_knownhosts_entry *entry = NULL; + int rc; + + (void) state; + + rc = ssh_known_hosts_parse_line("localhost", + LOCALHOST_DEFAULT_ED25519, + &entry); + assert_int_equal(rc, SSH_OK); + + assert_string_equal(entry->hostname, "localhost"); + assert_non_null(entry->unparsed); + assert_non_null(entry->publickey); + assert_int_equal(ssh_key_type(entry->publickey), SSH_KEYTYPE_ED25519); + + SSH_KNOWNHOSTS_ENTRY_FREE(entry); +} + +static void torture_knownhosts_parse_line_port_ed25519(void **state) { + struct ssh_knownhosts_entry *entry = NULL; + int rc; + + (void) state; + + rc = ssh_known_hosts_parse_line("[localhost]:2222", + LOCALHOST_PORT_ED25519, + &entry); + assert_int_equal(rc, SSH_OK); + + assert_string_equal(entry->hostname, "[localhost]:2222"); + assert_non_null(entry->unparsed); + assert_non_null(entry->publickey); + assert_int_equal(ssh_key_type(entry->publickey), SSH_KEYTYPE_ED25519); + + SSH_KNOWNHOSTS_ENTRY_FREE(entry); +} + +static void torture_knownhosts_parse_line_pattern_ed25519(void **state) { + struct ssh_knownhosts_entry *entry = NULL; + int rc; + + (void) state; + + rc = ssh_known_hosts_parse_line("localhost", + LOCALHOST_PATTERN_ED25519, + &entry); + assert_int_equal(rc, SSH_OK); + + assert_string_equal(entry->hostname, "localhost"); + assert_non_null(entry->unparsed); + assert_non_null(entry->publickey); + assert_int_equal(ssh_key_type(entry->publickey), SSH_KEYTYPE_ED25519); + + SSH_KNOWNHOSTS_ENTRY_FREE(entry); +} + +static void torture_knownhosts_parse_line_hashed_ed25519(void **state) { + struct ssh_knownhosts_entry *entry = NULL; + int rc; + + (void) state; + + rc = ssh_known_hosts_parse_line("localhost", + LOCALHOST_HASHED_ED25519, + &entry); + assert_int_equal(rc, SSH_OK); + + assert_string_equal(entry->hostname, "localhost"); + assert_non_null(entry->unparsed); + assert_non_null(entry->publickey); + assert_int_equal(ssh_key_type(entry->publickey), SSH_KEYTYPE_ED25519); + + SSH_KNOWNHOSTS_ENTRY_FREE(entry); +} + +int torture_run_tests(void) { + int rc; + struct CMUnitTest tests[] = { + cmocka_unit_test(torture_knownhosts_parse_line_rsa), + cmocka_unit_test(torture_knownhosts_parse_line_ecdsa), + cmocka_unit_test(torture_knownhosts_parse_line_default_ed25519), + cmocka_unit_test(torture_knownhosts_parse_line_port_ed25519), + cmocka_unit_test(torture_knownhosts_parse_line_pattern_ed25519), + cmocka_unit_test(torture_knownhosts_parse_line_hashed_ed25519), + }; + + ssh_init(); + torture_filter_tests(tests); + rc = cmocka_run_group_tests(tests, NULL, NULL); + ssh_finalize(); + return rc; +} |