Attachment #3602 for bug #976

View | Details | Raw Unified | Return to bug 976
Collapse All | Expand All




	}
}

int
addr_or(struct xaddr *dst, const struct xaddr *a, const struct xaddr *b)
{
	int i;

	if (dst == NULL || a == NULL || b == NULL || a->af != b->af)
		return (-1);

	memcpy(dst, a, sizeof(*dst));
	switch (a->af) {
	case AF_INET:
		dst->v4.s_addr |= b->v4.s_addr;
		return (0);
	case AF_INET6:
		for (i = 0; i < 4; i++)
			dst->addr32[i] |= b->addr32[i];
		return (0);
	default:
		return (-1);
	}
}

int
addr_cmp(const struct xaddr *a, const struct xaddr *b)
{

	}
}

/* Increment the specified address. Note, does not overflow checking */
void
addr_increment(struct xaddr *a)
{
	int i;
	uint32_t n;

	switch (a->af) {
	case AF_INET:
		a->v4.s_addr = htonl(ntohl(a->v4.s_addr) + 1);
		break;
	case AF_INET6:
		for (i = 0; i < 4; i++) {
			/* Increment with carry */
			n = ntohl(a->addr32[3 - i]) + 1;
			a->addr32[3 - i] = htonl(n);
			if (n != 0)
				break;
		}
		break;
	}
}

/*
 * Test whether host portion of address 'a', as determined by 'masklen'
 * is all zeros.

	return addr_is_all0s(&tmp_result);
}

int
addr_host_to_all0s(struct xaddr *a, u_int masklen)
{
	struct xaddr tmp_mask;

	if (addr_netmask(a->af, masklen, &tmp_mask) == -1)
		return (-1);
	if (addr_and(a, a, &tmp_mask) == -1)
		return (-1);
	return (0);
}

int
addr_host_to_all1s(struct xaddr *a, u_int masklen)
{
	struct xaddr tmp_mask;

	if (addr_hostmask(a->af, masklen, &tmp_mask) == -1)
		return (-1);
	if (addr_or(a, a, &tmp_mask) == -1)
		return (-1);
	return (0);
}

/*
 * Parse string address 'p' into 'n'.
 * Returns 0 on success, -1 on failure.

Lines 52-60 int addr_sa_pton(const char h, const char s, struct sockaddr *sa, Link Here

(-)a/addr.h (+4 lines)
52	int addr_pton_cidr(const char p, struct xaddr n, u_int *l);	52	int addr_pton_cidr(const char p, struct xaddr n, u_int *l);
53	int addr_ntop(const struct xaddr n, char p, size_t len);	53	int addr_ntop(const struct xaddr n, char p, size_t len);
54	int addr_and(struct xaddr dst, const struct xaddr a, const struct xaddr *b);	54	int addr_and(struct xaddr dst, const struct xaddr a, const struct xaddr *b);
		55	int addr_or(struct xaddr dst, const struct xaddr a, const struct xaddr *b);
55	int addr_cmp(const struct xaddr a, const struct xaddr b);	56	int addr_cmp(const struct xaddr a, const struct xaddr b);
56	int addr_is_all0s(const struct xaddr *n);	57	int addr_is_all0s(const struct xaddr *n);
57	int addr_host_is_all0s(const struct xaddr *n, u_int masklen);	58	int addr_host_is_all0s(const struct xaddr *n, u_int masklen);
		59	int addr_host_to_all0s(struct xaddr *a, u_int masklen);
		60	int addr_host_to_all1s(struct xaddr *a, u_int masklen);
58	int addr_netmatch(const struct xaddr host, const struct xaddr net,	61	int addr_netmatch(const struct xaddr host, const struct xaddr net,
59	u_int masklen);	62	u_int masklen);
		63	void addr_increment(struct xaddr *a);
60	#endif /* _ADDR_H */	64	#endif /* _ADDR_H */

Lines 44-49 For scanning, one does not need Link Here

(-)a/ssh-keyscan.1 (-2 / +18 lines)
44	login access to the machines that are being scanned, nor does the	44	login access to the machines that are being scanned, nor does the
45	scanning process involve any encryption.	45	scanning process involve any encryption.
46	.Pp	46	.Pp
		47	Hosts to be scanned may be specified by hostname, address or by CIDR
		48	network range (e.g. 192.168.16/28).
		49	If a network range is specified, then all addresses in that range will
		50	be scanned.
		51	.Pp
47	The options are as follows:	52	The options are as follows:
48	.Bl -tag -width Ds	53	.Bl -tag -width Ds
49	.It Fl 4	54	.It Fl 4
Lines 73-81 If Link Here
73	is supplied instead of a filename,	78	is supplied instead of a filename,
74	.Nm	79	.Nm
75	will read from the standard input.	80	will read from the standard input.
76	Input is expected in the format:	81	Names read from a file must start with an address, hostname or CIDR network
		82	range to be scanned.
		83	Addresses and hostnames may optionally be followed by comma-separated name
		84	or address aliases that will be copied to the output.
		85	For example:
77	.Bd -literal	86	.Bd -literal
78	1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4	87	192.168.11.0/24
		88	10.20.1.1
		89	happy.example.org
		90	10.0.0.1,sad.example.org
79	.Ed	91	.Ed
80	.It Fl H	92	.It Fl H
81	Hash all hostnames and addresses in the output.	93	Hash all hostnames and addresses in the output.
Lines 138-143 Print the RSA host key for machine Link Here
138	.Pp	150	.Pp
139	.Dl $ ssh-keyscan -t rsa hostname	151	.Dl $ ssh-keyscan -t rsa hostname
140	.Pp	152	.Pp
		153	Search a network range, printing all supported key types:
		154	.Pp
		155	.Dl $ ssh-keyscan 192.168.0.64/25
		156	.Pp
141	Find all hosts from the file	157	Find all hosts from the file
142	.Pa ssh_hosts	158	.Pa ssh_hosts
143	which have new or different keys from those in the sorted file	159	which have new or different keys from those in the sorted file




#include "ssherr.h"
#include "ssh_api.h"
#include "dns.h"
#include "addr.h"

/* Flag indicating whether IPv4 or IPv6.  This can be set on the command line.
   Default value is AF_UNSPEC means both IPv4 and IPv6. */

}

static int
conalloc(const char *iname, const char *oname, int keytype)
{
	char *namebase, *name, *namelist;
	int s;

}

static void
do_one_host(char *host)
{
	char *name = strnnsep(&host, " \t\n");
	int j;

	}
}

static void
do_host(char *host)
{
	char daddr[128];
	struct xaddr addr, start_addr, end_addr;
	u_int masklen;

	if (host == NULL)
		return;
	if (addr_pton_cidr(host, &addr, &masklen) != 0) {
		/* Assume argument is a hostname */
		do_one_host(host);
	} else {
		/* Argument is a CIDR range */
		debug("CIDR range %s", host);
		start_addr = end_addr = addr;
		if (addr_host_to_all0s(&start_addr, masklen) != 0 ||
		    addr_host_to_all1s(&end_addr, masklen) != 0)
			goto badaddr;
		/*
		 * Note: we deliberately include the all-zero/ones addresses.
		 */
		for (;;) {
			if (addr_ntop(&addr, daddr, sizeof(daddr)) != 0) {
 badaddr:
				error("Invalid address %s", host);
				return;
			}
			debug("CIDR expand: address %s", daddr);
			do_one_host(daddr);
			if (addr_cmp(&addr, &end_addr) == 0)
				break;
			addr_increment(&addr);
		};
	}
}

void
sshfatal(const char *file, const char *func, int line, int showfunc,
    LogLevel level, const char *suffix, const char *fmt, ...)

Return to bug 976

Lines 223-228 addr_and(struct xaddr dst, const struct xaddr a, const struct xaddr *b) Link Here

(-)a/addr.c (+69 lines)
223	}	223	}
224	}	224	}
225		225
		226	int
		227	addr_or(struct xaddr dst, const struct xaddr a, const struct xaddr *b)
		228	{
		229	int i;
		230
		231	if (dst == NULL \|\| a == NULL \|\| b == NULL \|\| a->af != b->af)
		232	return (-1);
		233
		234	memcpy(dst, a, sizeof(*dst));
		235	switch (a->af) {
		236	case AF_INET:
		237	dst->v4.s_addr \|= b->v4.s_addr;
		238	return (0);
		239	case AF_INET6:
		240	for (i = 0; i < 4; i++)
		241	dst->addr32[i] \|= b->addr32[i];
		242	return (0);
		243	default:
		244	return (-1);
		245	}
		246	}
		247
226	int	248	int
227	addr_cmp(const struct xaddr a, const struct xaddr b)	249	addr_cmp(const struct xaddr a, const struct xaddr b)
228	{	250	{
Lines 274-279 addr_is_all0s(const struct xaddr *a) Link Here
274	}	296	}
275	}	297	}
276		298
		299	/* Increment the specified address. Note, does not overflow checking */
		300	void
		301	addr_increment(struct xaddr *a)
		302	{
		303	int i;
		304	uint32_t n;
		305
		306	switch (a->af) {
		307	case AF_INET:
		308	a->v4.s_addr = htonl(ntohl(a->v4.s_addr) + 1);
		309	break;
		310	case AF_INET6:
		311	for (i = 0; i < 4; i++) {
		312	/* Increment with carry */
		313	n = ntohl(a->addr32[3 - i]) + 1;
		314	a->addr32[3 - i] = htonl(n);
		315	if (n != 0)
		316	break;
		317	}
		318	break;
		319	}
		320	}
		321
277	/*	322	/*
278	* Test whether host portion of address 'a', as determined by 'masklen'	323	* Test whether host portion of address 'a', as determined by 'masklen'
279	* is all zeros.	324	* is all zeros.
Lines 293-298 addr_host_is_all0s(const struct xaddr *a, u_int masklen) Link Here
293	return addr_is_all0s(&tmp_result);	338	return addr_is_all0s(&tmp_result);
294	}	339	}
295		340
		341	int
		342	addr_host_to_all0s(struct xaddr *a, u_int masklen)
		343	{
		344	struct xaddr tmp_mask;
		345
		346	if (addr_netmask(a->af, masklen, &tmp_mask) == -1)
		347	return (-1);
		348	if (addr_and(a, a, &tmp_mask) == -1)
		349	return (-1);
		350	return (0);
		351	}
		352
		353	int
		354	addr_host_to_all1s(struct xaddr *a, u_int masklen)
		355	{
		356	struct xaddr tmp_mask;
		357
		358	if (addr_hostmask(a->af, masklen, &tmp_mask) == -1)
		359	return (-1);
		360	if (addr_or(a, a, &tmp_mask) == -1)
		361	return (-1);
		362	return (0);
		363	}
		364
296	/*	365	/*
297	* Parse string address 'p' into 'n'.	366	* Parse string address 'p' into 'n'.
298	* Returns 0 on success, -1 on failure.	367	* Returns 0 on success, -1 on failure.

Lines 44-49 Link Here

(-)a/ssh-keyscan.c (-2 / +40 lines)
44	#include "ssherr.h"	44	#include "ssherr.h"
45	#include "ssh_api.h"	45	#include "ssh_api.h"
46	#include "dns.h"	46	#include "dns.h"
		47	#include "addr.h"
47		48
48	/* Flag indicating whether IPv4 or IPv6. This can be set on the command line.	49	/* Flag indicating whether IPv4 or IPv6. This can be set on the command line.
49	Default value is AF_UNSPEC means both IPv4 and IPv6. */	50	Default value is AF_UNSPEC means both IPv4 and IPv6. */
Lines 364-370 tcpconnect(char *host) Link Here
364	}	365	}
365		366
366	static int	367	static int
367	conalloc(char iname, char oname, int keytype)	368	conalloc(const char iname, const char oname, int keytype)
368	{	369	{
369	char namebase, name, *namelist;	370	char namebase, name, *namelist;
370	int s;	371	int s;
Lines 595-601 conloop(void) Link Here
595	}	596	}
596		597
597	static void	598	static void
598	do_host(char *host)	599	do_one_host(char *host)
599	{	600	{
600	char *name = strnnsep(&host, " \t\n");	601	char *name = strnnsep(&host, " \t\n");
601	int j;	602	int j;
Lines 611-616 do_host(char *host) Link Here
611	}	612	}
612	}	613	}
613		614
		615	static void
		616	do_host(char *host)
		617	{
		618	char daddr[128];
		619	struct xaddr addr, start_addr, end_addr;
		620	u_int masklen;
		621
		622	if (host == NULL)
		623	return;
		624	if (addr_pton_cidr(host, &addr, &masklen) != 0) {
		625	/* Assume argument is a hostname */
		626	do_one_host(host);
		627	} else {
		628	/* Argument is a CIDR range */
		629	debug("CIDR range %s", host);
		630	start_addr = end_addr = addr;
		631	if (addr_host_to_all0s(&start_addr, masklen) != 0 \|\|
		632	addr_host_to_all1s(&end_addr, masklen) != 0)
		633	goto badaddr;
		634	/*
		635	* Note: we deliberately include the all-zero/ones addresses.
		636	*/
		637	for (;;) {
		638	if (addr_ntop(&addr, daddr, sizeof(daddr)) != 0) {
		639	badaddr:
		640	error("Invalid address %s", host);
		641	return;
		642	}
		643	debug("CIDR expand: address %s", daddr);
		644	do_one_host(daddr);
		645	if (addr_cmp(&addr, &end_addr) == 0)
		646	break;
		647	addr_increment(&addr);
		648	};
		649	}
		650	}
		651
614	void	652	void
615	sshfatal(const char file, const char func, int line, int showfunc,	653	sshfatal(const char file, const char func, int line, int showfunc,
616	LogLevel level, const char suffix, const char fmt, ...)	654	LogLevel level, const char suffix, const char fmt, ...)