search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- markus@cvs.openbsd.org 2005/06/16 08:00:00
[openssh-git.git] / ssh-keyscan.c
blob7dffb8517da8cc22ccc19bdc8e0adf6d084e2401
1 /*
2 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
3 *
4 * Modification and redistribution in source and binary forms is
5 * permitted provided that due credit is given to the author and the
6 * OpenBSD project by leaving this copyright notice intact.
7 */
8
9 #include "includes.h"
10 RCSID("$OpenBSD: ssh-keyscan.c,v 1.54 2005/05/24 17:32:44 avsm Exp $");
11
12 #include "openbsd-compat/sys-queue.h"
13
14 #include <openssl/bn.h>
15
16 #include <setjmp.h>
17 #include "xmalloc.h"
18 #include "ssh.h"
19 #include "ssh1.h"
20 #include "key.h"
21 #include "kex.h"
22 #include "compat.h"
23 #include "myproposal.h"
24 #include "packet.h"
25 #include "dispatch.h"
26 #include "buffer.h"
27 #include "bufaux.h"
28 #include "log.h"
29 #include "atomicio.h"
30 #include "misc.h"
31 #include "hostfile.h"
32
33 /* Flag indicating whether IPv4 or IPv6. This can be set on the command line.
34 Default value is AF_UNSPEC means both IPv4 and IPv6. */
35 int IPv4or6 = AF_UNSPEC;
36
37 int ssh_port = SSH_DEFAULT_PORT;
38
39 #define KT_RSA1 1
40 #define KT_DSA 2
41 #define KT_RSA 4
42
43 int get_keytypes = KT_RSA1; /* Get only RSA1 keys by default */
44
45 int hash_hosts = 0; /* Hash hostname on output */
46
47 #define MAXMAXFD 256
48
49 /* The number of seconds after which to give up on a TCP connection */
50 int timeout = 5;
51
52 int maxfd;
53 #define MAXCON (maxfd - 10)
54
55 extern char *__progname;
56 fd_set *read_wait;
57 size_t read_wait_size;
58 int ncon;
59 int nonfatal_fatal = 0;
60 jmp_buf kexjmp;
61 Key *kexjmp_key;
62
63 /*
64 * Keep a connection structure for each file descriptor. The state
65 * associated with file descriptor n is held in fdcon[n].
66 */
67 typedef struct Connection {
68 u_char c_status; /* State of connection on this file desc. */
69 #define CS_UNUSED 0 /* File descriptor unused */
70 #define CS_CON 1 /* Waiting to connect/read greeting */
71 #define CS_SIZE 2 /* Waiting to read initial packet size */
72 #define CS_KEYS 3 /* Waiting to read public key packet */
73 int c_fd; /* Quick lookup: c->c_fd == c - fdcon */
74 int c_plen; /* Packet length field for ssh packet */
75 int c_len; /* Total bytes which must be read. */
76 int c_off; /* Length of data read so far. */
77 int c_keytype; /* Only one of KT_RSA1, KT_DSA, or KT_RSA */
78 char *c_namebase; /* Address to free for c_name and c_namelist */
79 char *c_name; /* Hostname of connection for errors */
80 char *c_namelist; /* Pointer to other possible addresses */
81 char *c_output_name; /* Hostname of connection for output */
82 char *c_data; /* Data read from this fd */
83 Kex *c_kex; /* The key-exchange struct for ssh2 */
84 struct timeval c_tv; /* Time at which connection gets aborted */
85 TAILQ_ENTRY(Connection) c_link; /* List of connections in timeout order. */
86 } con;
87
88 TAILQ_HEAD(conlist, Connection) tq; /* Timeout Queue */
89 con *fdcon;
90
91 /*
92 * This is just a wrapper around fgets() to make it usable.
93 */
94
95 /* Stress-test. Increase this later. */
96 #define LINEBUF_SIZE 16
97
98 typedef struct {
99 char *buf;
100 u_int size;
101 int lineno;
102 const char *filename;
103 FILE *stream;
104 void (*errfun) (const char *,...);
105 } Linebuf;
106
107 static Linebuf *
108 Linebuf_alloc(const char *filename, void (*errfun) (const char *,...))
109 {
110 Linebuf *lb;
111
112 if (!(lb = malloc(sizeof(*lb)))) {
113 if (errfun)
114 (*errfun) ("linebuf (%s): malloc failed\n",
115 filename ? filename : "(stdin)");
116 return (NULL);
117 }
118 if (filename) {
119 lb->filename = filename;
120 if (!(lb->stream = fopen(filename, "r"))) {
121 xfree(lb);
122 if (errfun)
123 (*errfun) ("%s: %s\n", filename, strerror(errno));
124 return (NULL);
125 }
126 } else {
127 lb->filename = "(stdin)";
128 lb->stream = stdin;
129 }
130
131 if (!(lb->buf = malloc(lb->size = LINEBUF_SIZE))) {
132 if (errfun)
133 (*errfun) ("linebuf (%s): malloc failed\n", lb->filename);
134 xfree(lb);
135 return (NULL);
136 }
137 lb->errfun = errfun;
138 lb->lineno = 0;
139 return (lb);
140 }
141
142 static void
143 Linebuf_free(Linebuf * lb)
144 {
145 fclose(lb->stream);
146 xfree(lb->buf);
147 xfree(lb);
148 }
149
150 #if 0
151 static void
152 Linebuf_restart(Linebuf * lb)
153 {
154 clearerr(lb->stream);
155 rewind(lb->stream);
156 lb->lineno = 0;
157 }
158
159 static int
160 Linebuf_lineno(Linebuf * lb)
161 {
162 return (lb->lineno);
163 }
164 #endif
165
166 static char *
167 Linebuf_getline(Linebuf * lb)
168 {
169 int n = 0;
170 void *p;
171
172 lb->lineno++;
173 for (;;) {
174 /* Read a line */
175 if (!fgets(&lb->buf[n], lb->size - n, lb->stream)) {
176 if (ferror(lb->stream) && lb->errfun)
177 (*lb->errfun)("%s: %s\n", lb->filename,
178 strerror(errno));
179 return (NULL);
180 }
181 n = strlen(lb->buf);
182
183 /* Return it or an error if it fits */
184 if (n > 0 && lb->buf[n - 1] == '\n') {
185 lb->buf[n - 1] = '\0';
186 return (lb->buf);
187 }
188 if (n != lb->size - 1) {
189 if (lb->errfun)
190 (*lb->errfun)("%s: skipping incomplete last line\n",
191 lb->filename);
192 return (NULL);
193 }
194 /* Double the buffer if we need more space */
195 lb->size *= 2;
196 if ((p = realloc(lb->buf, lb->size)) == NULL) {
197 lb->size /= 2;
198 if (lb->errfun)
199 (*lb->errfun)("linebuf (%s): realloc failed\n",
200 lb->filename);
201 return (NULL);
202 }
203 lb->buf = p;
204 }
205 }
206
207 static int
208 fdlim_get(int hard)
209 {
210 #if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE)
211 struct rlimit rlfd;
212
213 if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0)
214 return (-1);
215 if ((hard ? rlfd.rlim_max : rlfd.rlim_cur) == RLIM_INFINITY)
216 return SSH_SYSFDMAX;
217 else
218 return hard ? rlfd.rlim_max : rlfd.rlim_cur;
219 #else
220 return SSH_SYSFDMAX;
221 #endif
222 }
223
224 static int
225 fdlim_set(int lim)
226 {
227 #if defined(HAVE_SETRLIMIT) && defined(RLIMIT_NOFILE)
228 struct rlimit rlfd;
229 #endif
230
231 if (lim <= 0)
232 return (-1);
233 #if defined(HAVE_SETRLIMIT) && defined(RLIMIT_NOFILE)
234 if (getrlimit(RLIMIT_NOFILE, &rlfd) < 0)
235 return (-1);
236 rlfd.rlim_cur = lim;
237 if (setrlimit(RLIMIT_NOFILE, &rlfd) < 0)
238 return (-1);
239 #elif defined (HAVE_SETDTABLESIZE)
240 setdtablesize(lim);
241 #endif
242 return (0);
243 }
244
245 /*
246 * This is an strsep function that returns a null field for adjacent
247 * separators. This is the same as the 4.4BSD strsep, but different from the
248 * one in the GNU libc.
249 */
250 static char *
251 xstrsep(char **str, const char *delim)
252 {
253 char *s, *e;
254
255 if (!**str)
256 return (NULL);
257
258 s = *str;
259 e = s + strcspn(s, delim);
260
261 if (*e != '\0')
262 *e++ = '\0';
263 *str = e;
264
265 return (s);
266 }
267
268 /*
269 * Get the next non-null token (like GNU strsep). Strsep() will return a
270 * null token for two adjacent separators, so we may have to loop.
271 */
272 static char *
273 strnnsep(char **stringp, char *delim)
274 {
275 char *tok;
276
277 do {
278 tok = xstrsep(stringp, delim);
279 } while (tok && *tok == '\0');
280 return (tok);
281 }
282
283 static Key *
284 keygrab_ssh1(con *c)
285 {
286 static Key *rsa;
287 static Buffer msg;
288
289 if (rsa == NULL) {
290 buffer_init(&msg);
291 rsa = key_new(KEY_RSA1);
292 }
293 buffer_append(&msg, c->c_data, c->c_plen);
294 buffer_consume(&msg, 8 - (c->c_plen & 7)); /* padding */
295 if (buffer_get_char(&msg) != (int) SSH_SMSG_PUBLIC_KEY) {
296 error("%s: invalid packet type", c->c_name);
297 buffer_clear(&msg);
298 return NULL;
299 }
300 buffer_consume(&msg, 8); /* cookie */
301
302 /* server key */
303 (void) buffer_get_int(&msg);
304 buffer_get_bignum(&msg, rsa->rsa->e);
305 buffer_get_bignum(&msg, rsa->rsa->n);
306
307 /* host key */
308 (void) buffer_get_int(&msg);
309 buffer_get_bignum(&msg, rsa->rsa->e);
310 buffer_get_bignum(&msg, rsa->rsa->n);
311
312 buffer_clear(&msg);
313
314 return (rsa);
315 }
316
317 static int
318 hostjump(Key *hostkey)
319 {
320 kexjmp_key = hostkey;
321 longjmp(kexjmp, 1);
322 }
323
324 static int
325 ssh2_capable(int remote_major, int remote_minor)
326 {
327 switch (remote_major) {
328 case 1:
329 if (remote_minor == 99)
330 return 1;
331 break;
332 case 2:
333 return 1;
334 default:
335 break;
336 }
337 return 0;
338 }
339
340 static Key *
341 keygrab_ssh2(con *c)
342 {
343 int j;
344
345 packet_set_connection(c->c_fd, c->c_fd);
346 enable_compat20();
347 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA?
348 "ssh-dss": "ssh-rsa";
349 c->c_kex = kex_setup(myproposal);
350 c->c_kex->kex[KEX_DH_GRP1_SHA1] = kexdh_client;
351 c->c_kex->kex[KEX_DH_GRP14_SHA1] = kexdh_client;
352 c->c_kex->kex[KEX_DH_GEX_SHA1] = kexgex_client;
353 c->c_kex->verify_host_key = hostjump;
354
355 if (!(j = setjmp(kexjmp))) {
356 nonfatal_fatal = 1;
357 dispatch_run(DISPATCH_BLOCK, &c->c_kex->done, c->c_kex);
358 fprintf(stderr, "Impossible! dispatch_run() returned!\n");
359 exit(1);
360 }
361 nonfatal_fatal = 0;
362 xfree(c->c_kex);
363 c->c_kex = NULL;
364 packet_close();
365
366 return j < 0? NULL : kexjmp_key;
367 }
368
369 static void
370 keyprint(con *c, Key *key)
371 {
372 char *host = c->c_output_name ? c->c_output_name : c->c_name;
373
374 if (!key)
375 return;
376 if (hash_hosts && (host = host_hash(host, NULL, 0)) == NULL)
377 fatal("host_hash failed");
378
379 fprintf(stdout, "%s ", host);
380 key_write(key, stdout);
381 fputs("\n", stdout);
382 }
383
384 static int
385 tcpconnect(char *host)
386 {
387 struct addrinfo hints, *ai, *aitop;
388 char strport[NI_MAXSERV];
389 int gaierr, s = -1;
390
391 snprintf(strport, sizeof strport, "%d", ssh_port);
392 memset(&hints, 0, sizeof(hints));
393 hints.ai_family = IPv4or6;
394 hints.ai_socktype = SOCK_STREAM;
395 if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0)
396 fatal("getaddrinfo %s: %s", host, gai_strerror(gaierr));
397 for (ai = aitop; ai; ai = ai->ai_next) {
398 s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
399 if (s < 0) {
400 error("socket: %s", strerror(errno));
401 continue;
402 }
403 if (set_nonblock(s) == -1)
404 fatal("%s: set_nonblock(%d)", __func__, s);
405 if (connect(s, ai->ai_addr, ai->ai_addrlen) < 0 &&
406 errno != EINPROGRESS)
407 error("connect (`%s'): %s", host, strerror(errno));
408 else
409 break;
410 close(s);
411 s = -1;
412 }
413 freeaddrinfo(aitop);
414 return s;
415 }
416
417 static int
418 conalloc(char *iname, char *oname, int keytype)
419 {
420 char *namebase, *name, *namelist;
421 int s;
422
423 namebase = namelist = xstrdup(iname);
424
425 do {
426 name = xstrsep(&namelist, ",");
427 if (!name) {
428 xfree(namebase);
429 return (-1);
430 }
431 } while ((s = tcpconnect(name)) < 0);
432
433 if (s >= maxfd)
434 fatal("conalloc: fdno %d too high", s);
435 if (fdcon[s].c_status)
436 fatal("conalloc: attempt to reuse fdno %d", s);
437
438 fdcon[s].c_fd = s;
439 fdcon[s].c_status = CS_CON;
440 fdcon[s].c_namebase = namebase;
441 fdcon[s].c_name = name;
442 fdcon[s].c_namelist = namelist;
443 fdcon[s].c_output_name = xstrdup(oname);
444 fdcon[s].c_data = (char *) &fdcon[s].c_plen;
445 fdcon[s].c_len = 4;
446 fdcon[s].c_off = 0;
447 fdcon[s].c_keytype = keytype;
448 gettimeofday(&fdcon[s].c_tv, NULL);
449 fdcon[s].c_tv.tv_sec += timeout;
450 TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link);
451 FD_SET(s, read_wait);
452 ncon++;
453 return (s);
454 }
455
456 static void
457 confree(int s)
458 {
459 if (s >= maxfd || fdcon[s].c_status == CS_UNUSED)
460 fatal("confree: attempt to free bad fdno %d", s);
461 close(s);
462 xfree(fdcon[s].c_namebase);
463 xfree(fdcon[s].c_output_name);
464 if (fdcon[s].c_status == CS_KEYS)
465 xfree(fdcon[s].c_data);
466 fdcon[s].c_status = CS_UNUSED;
467 fdcon[s].c_keytype = 0;
468 TAILQ_REMOVE(&tq, &fdcon[s], c_link);
469 FD_CLR(s, read_wait);
470 ncon--;
471 }
472
473 static void
474 contouch(int s)
475 {
476 TAILQ_REMOVE(&tq, &fdcon[s], c_link);
477 gettimeofday(&fdcon[s].c_tv, NULL);
478 fdcon[s].c_tv.tv_sec += timeout;
479 TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link);
480 }
481
482 static int
483 conrecycle(int s)
484 {
485 con *c = &fdcon[s];
486 int ret;
487
488 ret = conalloc(c->c_namelist, c->c_output_name, c->c_keytype);
489 confree(s);
490 return (ret);
491 }
492
493 static void
494 congreet(int s)
495 {
496 int remote_major = 0, remote_minor = 0;
497 char buf[256], *cp;
498 char remote_version[sizeof buf];
499 size_t bufsiz, n = 0;
500 con *c = &fdcon[s];
501
502 bufsiz = sizeof(buf);
503 cp = buf;
504 while (bufsiz-- && (n = atomicio(read, s, cp, 1)) == 1 && *cp != '\n') {
505 if (*cp == '\r')
506 *cp = '\n';
507 cp++;
508 }
509 if (n == 0) {
510 switch (errno) {
511 case EPIPE:
512 error("%s: Connection closed by remote host", c->c_name);
513 break;
514 case ECONNREFUSED:
515 break;
516 default:
517 error("read (%s): %s", c->c_name, strerror(errno));
518 break;
519 }
520 conrecycle(s);
521 return;
522 }
523 if (*cp != '\n' && *cp != '\r') {
524 error("%s: bad greeting", c->c_name);
525 confree(s);
526 return;
527 }
528 *cp = '\0';
529 if (sscanf(buf, "SSH-%d.%d-%[^\n]\n",
530 &remote_major, &remote_minor, remote_version) == 3)
531 compat_datafellows(remote_version);
532 else
533 datafellows = 0;
534 if (c->c_keytype != KT_RSA1) {
535 if (!ssh2_capable(remote_major, remote_minor)) {
536 debug("%s doesn't support ssh2", c->c_name);
537 confree(s);
538 return;
539 }
540 } else if (remote_major != 1) {
541 debug("%s doesn't support ssh1", c->c_name);
542 confree(s);
543 return;
544 }
545 fprintf(stderr, "# %s %s\n", c->c_name, chop(buf));
546 n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n",
547 c->c_keytype == KT_RSA1? PROTOCOL_MAJOR_1 : PROTOCOL_MAJOR_2,
548 c->c_keytype == KT_RSA1? PROTOCOL_MINOR_1 : PROTOCOL_MINOR_2);
549 if (n == -1 || n >= sizeof buf) {
550 error("snprintf: buffer too small");
551 confree(s);
552 return;
553 }
554 if (atomicio(vwrite, s, buf, n) != n) {
555 error("write (%s): %s", c->c_name, strerror(errno));
556 confree(s);
557 return;
558 }
559 if (c->c_keytype != KT_RSA1) {
560 keyprint(c, keygrab_ssh2(c));
561 confree(s);
562 return;
563 }
564 c->c_status = CS_SIZE;
565 contouch(s);
566 }
567
568 static void
569 conread(int s)
570 {
571 con *c = &fdcon[s];
572 size_t n;
573
574 if (c->c_status == CS_CON) {
575 congreet(s);
576 return;
577 }
578 n = atomicio(read, s, c->c_data + c->c_off, c->c_len - c->c_off);
579 if (n == 0) {
580 error("read (%s): %s", c->c_name, strerror(errno));
581 confree(s);
582 return;
583 }
584 c->c_off += n;
585
586 if (c->c_off == c->c_len)
587 switch (c->c_status) {
588 case CS_SIZE:
589 c->c_plen = htonl(c->c_plen);
590 c->c_len = c->c_plen + 8 - (c->c_plen & 7);
591 c->c_off = 0;
592 c->c_data = xmalloc(c->c_len);
593 c->c_status = CS_KEYS;
594 break;
595 case CS_KEYS:
596 keyprint(c, keygrab_ssh1(c));
597 confree(s);
598 return;
599 break;
600 default:
601 fatal("conread: invalid status %d", c->c_status);
602 break;
603 }
604
605 contouch(s);
606 }
607
608 static void
609 conloop(void)
610 {
611 struct timeval seltime, now;
612 fd_set *r, *e;
613 con *c;
614 int i;
615
616 gettimeofday(&now, NULL);
617 c = TAILQ_FIRST(&tq);
618
619 if (c && (c->c_tv.tv_sec > now.tv_sec ||
620 (c->c_tv.tv_sec == now.tv_sec && c->c_tv.tv_usec > now.tv_usec))) {
621 seltime = c->c_tv;
622 seltime.tv_sec -= now.tv_sec;
623 seltime.tv_usec -= now.tv_usec;
624 if (seltime.tv_usec < 0) {
625 seltime.tv_usec += 1000000;
626 seltime.tv_sec--;
627 }
628 } else
629 seltime.tv_sec = seltime.tv_usec = 0;
630
631 r = xmalloc(read_wait_size);
632 memcpy(r, read_wait, read_wait_size);
633 e = xmalloc(read_wait_size);
634 memcpy(e, read_wait, read_wait_size);
635
636 while (select(maxfd, r, NULL, e, &seltime) == -1 &&
637 (errno == EAGAIN || errno == EINTR))
638 ;
639
640 for (i = 0; i < maxfd; i++) {
641 if (FD_ISSET(i, e)) {
642 error("%s: exception!", fdcon[i].c_name);
643 confree(i);
644 } else if (FD_ISSET(i, r))
645 conread(i);
646 }
647 xfree(r);
648 xfree(e);
649
650 c = TAILQ_FIRST(&tq);
651 while (c && (c->c_tv.tv_sec < now.tv_sec ||
652 (c->c_tv.tv_sec == now.tv_sec && c->c_tv.tv_usec < now.tv_usec))) {
653 int s = c->c_fd;
654
655 c = TAILQ_NEXT(c, c_link);
656 conrecycle(s);
657 }
658 }
659
660 static void
661 do_host(char *host)
662 {
663 char *name = strnnsep(&host, " \t\n");
664 int j;
665
666 if (name == NULL)
667 return;
668 for (j = KT_RSA1; j <= KT_RSA; j *= 2) {
669 if (get_keytypes & j) {
670 while (ncon >= MAXCON)
671 conloop();
672 conalloc(name, *host ? host : name, j);
673 }
674 }
675 }
676
677 void
678 fatal(const char *fmt,...)
679 {
680 va_list args;
681
682 va_start(args, fmt);
683 do_log(SYSLOG_LEVEL_FATAL, fmt, args);
684 va_end(args);
685 if (nonfatal_fatal)
686 longjmp(kexjmp, -1);
687 else
688 exit(255);
689 }
690
691 static void
692 usage(void)
693 {
694 fprintf(stderr, "usage: %s [-46Hv] [-f file] [-p port] [-T timeout] [-t type]\n"
695 "\t\t [host | addrlist namelist] [...]\n",
696 __progname);
697 exit(1);
698 }
699
700 int
701 main(int argc, char **argv)
702 {
703 int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO;
704 int opt, fopt_count = 0;
705 char *tname;
706
707 extern int optind;
708 extern char *optarg;
709
710 __progname = ssh_get_progname(argv[0]);
711 init_rng();
712 seed_rng();
713 TAILQ_INIT(&tq);
714
715 if (argc <= 1)
716 usage();
717
718 while ((opt = getopt(argc, argv, "Hv46p:T:t:f:")) != -1) {
719 switch (opt) {
720 case 'H':
721 hash_hosts = 1;
722 break;
723 case 'p':
724 ssh_port = a2port(optarg);
725 if (ssh_port == 0) {
726 fprintf(stderr, "Bad port '%s'\n", optarg);
727 exit(1);
728 }
729 break;
730 case 'T':
731 timeout = convtime(optarg);
732 if (timeout == -1 || timeout == 0) {
733 fprintf(stderr, "Bad timeout '%s'\n", optarg);
734 usage();
735 }
736 break;
737 case 'v':
738 if (!debug_flag) {
739 debug_flag = 1;
740 log_level = SYSLOG_LEVEL_DEBUG1;
741 }
742 else if (log_level < SYSLOG_LEVEL_DEBUG3)
743 log_level++;
744 else
745 fatal("Too high debugging level.");
746 break;
747 case 'f':
748 if (strcmp(optarg, "-") == 0)
749 optarg = NULL;
750 argv[fopt_count++] = optarg;
751 break;
752 case 't':
753 get_keytypes = 0;
754 tname = strtok(optarg, ",");
755 while (tname) {
756 int type = key_type_from_name(tname);
757 switch (type) {
758 case KEY_RSA1:
759 get_keytypes |= KT_RSA1;
760 break;
761 case KEY_DSA:
762 get_keytypes |= KT_DSA;
763 break;
764 case KEY_RSA:
765 get_keytypes |= KT_RSA;
766 break;
767 case KEY_UNSPEC:
768 fatal("unknown key type %s", tname);
769 }
770 tname = strtok(NULL, ",");
771 }
772 break;
773 case '4':
774 IPv4or6 = AF_INET;
775 break;
776 case '6':
777 IPv4or6 = AF_INET6;
778 break;
779 case '?':
780 default:
781 usage();
782 }
783 }
784 if (optind == argc && !fopt_count)
785 usage();
786
787 log_init("ssh-keyscan", log_level, SYSLOG_FACILITY_USER, 1);
788
789 maxfd = fdlim_get(1);
790 if (maxfd < 0)
791 fatal("%s: fdlim_get: bad value", __progname);
792 if (maxfd > MAXMAXFD)
793 maxfd = MAXMAXFD;
794 if (MAXCON <= 0)
795 fatal("%s: not enough file descriptors", __progname);
796 if (maxfd > fdlim_get(0))
797 fdlim_set(maxfd);
798 fdcon = xmalloc(maxfd * sizeof(con));
799 memset(fdcon, 0, maxfd * sizeof(con));
800
801 read_wait_size = howmany(maxfd, NFDBITS) * sizeof(fd_mask);
802 read_wait = xmalloc(read_wait_size);
803 memset(read_wait, 0, read_wait_size);
804
805 if (fopt_count) {
806 Linebuf *lb;
807 char *line;
808 int j;
809
810 for (j = 0; j < fopt_count; j++) {
811 lb = Linebuf_alloc(argv[j], error);
812 if (!lb)
813 continue;
814 while ((line = Linebuf_getline(lb)) != NULL)
815 do_host(line);
816 Linebuf_free(lb);
817 }
818 }
819
820 while (optind < argc)
821 do_host(argv[optind++]);
822
823 while (ncon > 0)
824 conloop();
825
826 return (0);
827 }
A clone of openssh git repository