diff options
| author | Damien Miller <djm@mindrot.org> | 2005-03-02 12:06:51 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2005-03-02 12:06:51 +1100 |
| commit | 1227d4c93c44d09694e547b62b643afa2a321a17 (patch) | |
| tree | 7863e2efa552e67527e7301857a653ef50a883ba | |
| parent | 265d309ebc97447f5e710df04196e626f018cad8 (diff) | |
- djm@cvs.openbsd.org 2005/03/02 01:00:06
[sshconnect.c]
fix addition of new hashed hostnames when CheckHostIP=yes;
found and ok dtucker@
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | sshconnect.c | 35 |
2 files changed, 30 insertions, 11 deletions
@@ -35,6 +35,10 @@ spelling (occurance -> occurrence); use prompt before examples; grammar; + - djm@cvs.openbsd.org 2005/03/02 01:00:06 + [sshconnect.c] + fix addition of new hashed hostnames when CheckHostIP=yes; + found and ok dtucker@ 20050301 - (djm) OpenBSD CVS sync: @@ -2254,4 +2258,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3684 2005/03/02 01:05:06 djm Exp $ +$Id: ChangeLog,v 1.3685 2005/03/02 01:06:51 djm Exp $ diff --git a/sshconnect.c b/sshconnect.c index bafe7ba9..49190560 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.160 2005/03/01 10:40:27 djm Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.161 2005/03/02 01:00:06 djm Exp $"); #include <openssl/bn.h> @@ -554,7 +554,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, char hostline[1000], *hostp, *fp; HostStatus host_status; HostStatus ip_status; - int local = 0, host_ip_differ = 0; + int r, local = 0, host_ip_differ = 0; int salen; char ntop[NI_MAXHOST]; char msg[1024]; @@ -734,18 +734,33 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, if (!confirm(msg)) goto fail; } - if (options.check_host_ip && ip_status == HOST_NEW) { - snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); - hostp = hostline; - } else - hostp = host; - /* * If not in strict mode, add the key automatically to the * local known_hosts file. */ - if (!add_host_to_hostfile(user_hostfile, hostp, host_key, - options.hash_known_hosts)) + if (options.check_host_ip && ip_status == HOST_NEW) { + snprintf(hostline, sizeof(hostline), "%s,%s", + host, ip); + hostp = hostline; + if (options.hash_known_hosts) { + /* Add hash of host and IP separately */ + r = add_host_to_hostfile(user_hostfile, host, + host_key, options.hash_known_hosts) && + add_host_to_hostfile(user_hostfile, ip, + host_key, options.hash_known_hosts); + } else { + /* Add unhashed "host,ip" */ + r = add_host_to_hostfile(user_hostfile, + hostline, host_key, + options.hash_known_hosts); + } + } else { + r = add_host_to_hostfile(user_hostfile, host, host_key, + options.hash_known_hosts); + hostp = host; + } + + if (!r) logit("Failed to add the host to the list of known " "hosts (%.500s).", user_hostfile); else |