20010103

- (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD
   tree (mainly positioning)
 - (bal) OpenSSH CVS Update
   - markus@cvs.openbsd.org 2001/01/02 20:41:02
     [packet.c]
     log remote ip on disconnect; PR 1600 from jcs@rt.fm
   - markus@cvs.openbsd.org 2001/01/02 20:50:56
     [sshconnect.c]
     strict_host_key_checking for host_status != HOST_CHANGED &&
     ip_status == HOST_CHANGED

ChangeLog

@@ -1,3 +1,15 @@
+20010103
+ - (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD
+   tree (mainly positioning)
+ - (bal) OpenSSH CVS Update
+   - markus@cvs.openbsd.org 2001/01/02 20:41:02
+     [packet.c]
+     log remote ip on disconnect; PR 1600 from jcs@rt.fm
+   - markus@cvs.openbsd.org 2001/01/02 20:50:56
+     [sshconnect.c]
+     strict_host_key_checking for host_status != HOST_CHANGED && 
+     ip_status == HOST_CHANGED
+
 20010102
  - (bal) OpenBSD CVS Update
    - markus@cvs.openbsd.org 2001/01/01 14:52:49

packet.c

@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.40 2000/12/19 23:17:57 markus Exp $");
+RCSID("$OpenBSD: packet.c,v 1.41 2001/01/02 20:41:02 markus Exp $");
 
 #include "xmalloc.h"
 #include "buffer.h"
@@ -979,7 +979,8 @@ packet_read_poll(int *payload_len_ptr)
 			case SSH2_MSG_DISCONNECT:
 				reason = packet_get_int();
 				msg = packet_get_string(NULL);
-				log("Received disconnect: %d: %.900s", reason, msg);
+				log("Received disconnect from %s: %d: %.400s", get_remote_ipaddr(),
+					reason, msg);
 				xfree(msg);
 				fatal_cleanup();
 				break;
@@ -998,7 +999,8 @@ packet_read_poll(int *payload_len_ptr)
 				break;
 			case SSH_MSG_DISCONNECT:
 				msg = packet_get_string(NULL);
-				log("Received disconnect: %.900s", msg);
+				log("Received disconnect from %s: %.400s", get_remote_ipaddr(),
+					msg);
 				fatal_cleanup();
 				xfree(msg);
 				break;

sshconnect.c

@@ -13,7 +13,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.87 2000/12/28 14:25:03 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.88 2001/01/02 20:50:56 markus Exp $");
 
 #include <openssl/bn.h>
 #include <openssl/dsa.h>
@@ -417,7 +417,7 @@ read_yes_or_no(const char *prompt, int defval)
 	FILE *f;
 	int retval = -1;
 
-	if (isatty(0))
+	if (isatty(STDIN_FILENO))
 		f = stdin;
 	else
 		f = fopen("/dev/tty", "rw");
@@ -472,7 +472,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 	int local = 0, host_ip_differ = 0;
 	int salen;
 	char ntop[NI_MAXHOST];
-	int host_line = -1, ip_line = -1;
+	int host_line, ip_line;
 	const char *host_file = NULL, *ip_file = NULL;
 
 	/*
@@ -498,38 +498,36 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 		salen = sizeof(struct sockaddr_storage);
 		break;
 	}
-	if (local) {
-		if (options.host_key_alias == NULL) {
-			debug("Forcing accepting of host key for "
-			    "loopback/localhost.");
-			return;
-		}
-		if (options.check_host_ip)
-			options.check_host_ip = 0;
+	if (local && options.host_key_alias == NULL) {
+		debug("Forcing accepting of host key for "
+		    "loopback/localhost.");
+		return;
 	}
 
 	/*
-	 * Turn off check_host_ip for proxy connects, since
-	 * we don't have the remote ip-address
+	 * We don't have the remote ip-address for connections
+	 * using a proxy command
 	 */
-	if (options.proxy_command != NULL && options.check_host_ip)
+	if (options.proxy_command == NULL) {
+		if (getnameinfo(hostaddr, salen, ntop, sizeof(ntop),
+		    NULL, 0, NI_NUMERICHOST) != 0)
+			fatal("check_host_key: getnameinfo failed");
+		ip = xstrdup(ntop);
+	} else {
+		ip = xstrdup("<no hostip for proxy command>");
+	}
+	/*
+	 * Turn off check_host_ip if the connection is to localhost, via proxy
+	 * command or if we don't have a hostname to compare with
+	 */
+	if (options.check_host_ip &&
+	    (local || strcmp(host, ip) == 0 || options.proxy_command != NULL))
 		options.check_host_ip = 0;
 
-
-
- 	if (options.proxy_command == NULL) {
- 		if (getnameinfo(hostaddr, salen, ntop, sizeof(ntop),
- 		    NULL, 0, NI_NUMERICHOST) != 0)
- 			fatal("check_host_key: getnameinfo failed");
- 		ip = xstrdup(ntop);
- 	} else {
- 		ip = xstrdup("<no hostip for proxy command>");
- 	}
-
 	/*
-  	 * Allow the user to record the key under a different name. This is
+	 * Allow the user to record the key under a different name. This is
 	 * useful for ssh tunneling over forwarded connections or if you run
-         * multiple sshd's on different ports on the same machine.
+	 * multiple sshd's on different ports on the same machine.
 	 */
 	if (options.host_key_alias != NULL) {
 		host = options.host_key_alias;
@@ -556,7 +554,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 	 * Also perform check for the ip address, skip the check if we are
 	 * localhost or the hostname was an ip address to begin with
 	 */
-	if (options.check_host_ip && !local && strcmp(host, ip)) {
+	if (options.check_host_ip) {
 		Key *ip_key = key_new(host_key->type);
 
 		ip_file = user_hostfile;
@@ -581,21 +579,13 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 		debug("Host '%.200s' is known and matches the %s host key.",
 		    host, type);
 		debug("Found key in %s:%d", host_file, host_line);
-		if (options.check_host_ip) {
-			if (ip_status == HOST_NEW) {
-				if (!add_host_to_hostfile(user_hostfile, ip, host_key))
-					log("Failed to add the %s host key for IP address '%.30s' to the list of known hosts (%.30s).",
-					    type, ip, user_hostfile);
-				else
-					log("Warning: Permanently added the %s host key for IP address '%.30s' to the list of known hosts.",
-					    type, ip);
-			} else if (ip_status != HOST_OK) {
-				log("Warning: the %s host key for '%.200s' differs from the key for the IP address '%.30s'",
-				    type, host, ip);
-				log("Found key in %s:%d", host_file, host_line);
-				if (ip_line != -1)
-					log("Offending key for IP in %s:%d", ip_file, ip_line);
-			}
+		if (options.check_host_ip && ip_status == HOST_NEW) {
+			if (!add_host_to_hostfile(user_hostfile, ip, host_key))
+				log("Failed to add the %s host key for IP address '%.30s' to the list of known hosts (%.30s).",
+				    type, ip, user_hostfile);
+			else
+				log("Warning: Permanently added the %s host key for IP address '%.30s' to the list of known hosts.",
+				    type, ip);
 		}
 		break;
 	case HOST_NEW:
@@ -615,7 +605,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 			if (!read_yes_or_no(prompt, -1))
 				fatal("Aborted by user!\n");
 		}
-		if (options.check_host_ip && ip_status == HOST_NEW && strcmp(host, ip)) {
+		if (options.check_host_ip && ip_status == HOST_NEW) {
 			snprintf(hostline, sizeof(hostline), "%s,%s", host, ip);
 			hostp = hostline;
 		} else
@@ -646,7 +636,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 			error("%s. This could either mean that", msg);
 			error("DNS SPOOFING is happening or the IP address for the host");
 			error("and its host key have changed at the same time.");
-			if (ip_line != -1)
+			if (ip_status != HOST_NEW)
 				error("Offending key for IP in %s:%d", ip_file, ip_line);
 		}
 		/* The host key has changed. */
@@ -701,6 +691,22 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
 		break;
 	}
 
+	if (options.check_host_ip && host_status != HOST_CHANGED &&
+	    ip_status == HOST_CHANGED) {
+		log("Warning: the %s host key for '%.200s' "
+		    "differs from the key for the IP address '%.30s'",
+		    type, host, ip);
+		if (host_status == HOST_OK)
+			log("Matching host key in %s:%d", host_file, host_line);
+		log("Offending key for IP in %s:%d", ip_file, ip_line);
+		if (options.strict_host_key_checking == 1) {
+			fatal("Exiting, you have requested strict checking.");
+		} else if (options.strict_host_key_checking == 2) {
+			if (!read_yes_or_no("Continue?", -1))
+				fatal("Aborted by user!\n");
+		}
+	}
+
 	xfree(ip);
 }