diff --git a/putty.h b/putty.h index 07990a63..4b64892e 100644 --- a/putty.h +++ b/putty.h @@ -270,7 +270,7 @@ void do_defaults (char *); void logevent (char *); void showeventlog (HWND); void showabout (HWND); -void verify_ssh_host_key(char *host, char *keytype, +void verify_ssh_host_key(char *host, int port, char *keytype, char *keystr, char *fingerprint); void get_sesslist(int allocate); void registry_cleanup(void); diff --git a/ssh.c b/ssh.c index 9fbcf463..add4ae5a 100644 --- a/ssh.c +++ b/ssh.c @@ -203,6 +203,7 @@ static struct ssh_hostkey *hostkey = NULL; int (*ssh_get_password)(const char *prompt, char *str, int maxlen) = NULL; static char *savedhost; +static int savedport; static int ssh_send_ok; /* @@ -704,6 +705,7 @@ static char *connect_to_host(char *host, int port, char **realhost) if (port < 0) port = 22; /* default ssh port */ + savedport = port; #ifdef FWHACK FWhost = host; @@ -1148,7 +1150,7 @@ static int do_ssh1_login(unsigned char *in, int inlen, int ispkt) fatalbox("Out of memory"); rsastr_fmt(keystr, &hostkey); rsa_fingerprint(fingerprint, sizeof(fingerprint), &hostkey); - verify_ssh_host_key(savedhost, "rsa", keystr, fingerprint); + verify_ssh_host_key(savedhost, savedport, "rsa", keystr, fingerprint); free(keystr); } @@ -2056,7 +2058,8 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt) */ keystr = hostkey->fmtkey(); fingerprint = hostkey->fingerprint(); - verify_ssh_host_key(savedhost, hostkey->keytype, keystr, fingerprint); + verify_ssh_host_key(savedhost, savedport, hostkey->keytype, + keystr, fingerprint); logevent("Host key fingerprint is:"); logevent(fingerprint); free(fingerprint); diff --git a/storage.h b/storage.h index 4abdac10..43f22d3e 100644 --- a/storage.h +++ b/storage.h @@ -67,13 +67,13 @@ void enum_settings_finish(void *handle); * be 0 (entry matches database), 1 (entry is absent in database), * or 2 (entry exists in database and is different). */ -int verify_host_key(char *hostname, char *keytype, char *key); +int verify_host_key(char *hostname, int port, char *keytype, char *key); /* * Write a host key into the database, overwriting any previous * entry that might have been there. */ -void store_host_key(char *hostname, char *keytype, char *key); +void store_host_key(char *hostname, int port, char *keytype, char *key); /* ---------------------------------------------------------------------- * Functions to access PuTTY's random number seed file. diff --git a/windlg.c b/windlg.c index 89aecba0..1b800e87 100644 --- a/windlg.c +++ b/windlg.c @@ -1550,7 +1550,7 @@ void showabout (HWND hwnd) { } } -void verify_ssh_host_key(char *host, char *keytype, +void verify_ssh_host_key(char *host, int port, char *keytype, char *keystr, char *fingerprint) { int ret; @@ -1593,7 +1593,7 @@ void verify_ssh_host_key(char *host, char *keytype, /* * Verify the key against the registry. */ - ret = verify_host_key(host, keytype, keystr); + ret = verify_host_key(host, port, keytype, keystr); if (ret == 0) /* success - key matched OK */ return; @@ -1603,7 +1603,7 @@ void verify_ssh_host_key(char *host, char *keytype, mbret = MessageBox(NULL, message, mbtitle, MB_ICONWARNING | MB_YESNOCANCEL); if (mbret == IDYES) - store_host_key(host, keytype, keystr); + store_host_key(host, port, keytype, keystr); if (mbret == IDCANCEL) exit(0); } @@ -1614,6 +1614,6 @@ void verify_ssh_host_key(char *host, char *keytype, MB_ICONWARNING | MB_YESNO); if (mbret == IDNO) exit(0); - store_host_key(host, keytype, keystr); + store_host_key(host, port, keytype, keystr); } } diff --git a/winstore.c b/winstore.c index 48d4f6cd..3aef22fa 100644 --- a/winstore.c +++ b/winstore.c @@ -154,12 +154,6 @@ void del_settings (char *sessionname) { RegCloseKey(subkey1); } -static void hostkey_regname(char *buffer, char *hostname, char *keytype) { - strcpy(buffer, keytype); - strcat(buffer, "@"); - mungestr(hostname, buffer + strlen(buffer)); -} - struct enumsettings { HKEY key; int i; @@ -201,7 +195,17 @@ void enum_settings_finish(void *handle) { free(e); } -int verify_host_key(char *hostname, char *keytype, char *key) { +static void hostkey_regname(char *buffer, char *hostname, + int port, char *keytype) { + int len; + strcpy(buffer, keytype); + strcat(buffer, "@"); + len = strlen(buffer); + len += sprintf(buffer+len, "%d:", port); + mungestr(hostname, buffer + strlen(buffer)); +} + +int verify_host_key(char *hostname, int port, char *keytype, char *key) { char *otherstr, *regname; int len; HKEY rkey; @@ -216,11 +220,11 @@ int verify_host_key(char *hostname, char *keytype, char *key) { * says. */ otherstr = smalloc(len); - regname = smalloc(3*(strlen(hostname)+strlen(keytype))+5); + regname = smalloc(3*(strlen(hostname)+strlen(keytype))+15); if (!otherstr || !regname) fatalbox("Out of memory"); - hostkey_regname(regname, hostname, keytype); + hostkey_regname(regname, hostname, port, keytype); if (RegCreateKey(HKEY_CURRENT_USER, PUTTY_REG_POS "\\SshHostKeys", &rkey) != ERROR_SUCCESS) @@ -236,7 +240,7 @@ int verify_host_key(char *hostname, char *keytype, char *key) { * another trick, which is to look up the _old_ key format * under just the hostname and translate that. */ - char *justhost = regname + 1 + strlen(keytype); + char *justhost = regname + 1 + strcspn(regname, ":"); char *oldstyle = smalloc(len + 10); /* safety margin */ readlen = len; ret = RegQueryValueEx(rkey, justhost, NULL, &type, @@ -306,15 +310,15 @@ int verify_host_key(char *hostname, char *keytype, char *key) { return 0; /* key matched OK in registry */ } -void store_host_key(char *hostname, char *keytype, char *key) { +void store_host_key(char *hostname, int port, char *keytype, char *key) { char *regname; HKEY rkey; - regname = smalloc(3*(strlen(hostname)+strlen(keytype))+5); + regname = smalloc(3*(strlen(hostname)+strlen(keytype))+15); if (!regname) fatalbox("Out of memory"); - hostkey_regname(regname, hostname, keytype); + hostkey_regname(regname, hostname, port, keytype); if (RegCreateKey(HKEY_CURRENT_USER, PUTTY_REG_POS "\\SshHostKeys", &rkey) != ERROR_SUCCESS)