Previously, if the path to known_hosts file set through
SSH_OPTIONS_KNOWNHOSTS included missing directories,
ssh_session_update_known_hosts() would fail. The added test case checks
that this is not the case anymore.
The logic of checking if the directory is accessible before creating it
was replaced by creating the directory if opening the file failed. This
is to minimize the risk of TOCTOU race conditions.
Fixes: T166
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The added internal function obtain a newly allocated string containing a
list of the signature types that can be generated by the keys present in
the known_hosts files, separated by commas.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Avoid trying to open the files if they are not accessible. This was
already treated as a non-error, but with this we save one function call.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
The memory allocated for host_port can leak if the global knownhosts
file is unaccessible.
Found by address sanitizer build in CI.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Previously, if the global known_hosts file (default:
/etc/ssh/ssh_known_hosts) was inaccessible, the check for known hosts
failed. This makes the check to fail if both files are inaccessible.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
CID 1401096
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Fixes T135
Reported-by: Jan Pazdziora <jpazdziora@redhat.com>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
If either one is missing at this point, fill it with default vaules in
ssh_options_apply().
Previously, when setting up only knownhosts, global_knownhosts file
was left pointing to NULL and the ssh_known_hosts_read_entries()
was trying to open NULL file which is invalid.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The conversion from ssh_keytype_e to string does not work for ECDSA keys,
because different key lengths have different string representation.
The usage of type_c should work also for every other key type in future,
but it does not reflrect different signature types (SHA2 extension for RSA
keys), but this early in the key exchange phase, we can not make any
assumptions about supported extensions by the server.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
