version 1.332, 2020/01/23 07:10:22 |
version 1.333, 2020/01/25 00:21:08 |
|
|
SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_VERBOSE; |
SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_VERBOSE; |
char *fp, *response; |
char *fp, *response; |
size_t i; |
size_t i; |
|
struct stat sb; |
|
|
for (i = 0; i < ctx->nkeys; i++) { |
for (i = 0; i < ctx->nkeys; i++) { |
if (ctx->keys_seen[i] != 2) |
if (ctx->keys_seen[i] != 2) |
|
|
if (was_raw) |
if (was_raw) |
enter_raw_mode(1); |
enter_raw_mode(1); |
} |
} |
|
if (options.update_hostkeys == 0) |
|
return; |
/* |
/* |
* Now that all the keys are verified, we can go ahead and replace |
* Now that all the keys are verified, we can go ahead and replace |
* them in known_hosts (assuming SSH_UPDATE_HOSTKEYS_ASK didn't |
* them in known_hosts (assuming SSH_UPDATE_HOSTKEYS_ASK didn't |
* cancel the operation). |
* cancel the operation). |
*/ |
*/ |
if (options.update_hostkeys != 0 && |
for (i = 0; i < options.num_user_hostfiles; i++) { |
(r = hostfile_replace_entries(options.user_hostfiles[0], |
/* |
ctx->host_str, ctx->ip_str, ctx->keys, ctx->nkeys, |
* NB. keys are only added to hostfiles[0], for the rest we |
options.hash_known_hosts, 0, |
* just delete the hostname entries. |
options.fingerprint_hash)) != 0) |
*/ |
error("%s: hostfile_replace_entries failed: %s", |
if (stat(options.user_hostfiles[i], &sb) != 0) { |
__func__, ssh_err(r)); |
if (errno == ENOENT) { |
|
debug("%s: known hosts file %s does not exist", |
|
__func__, strerror(errno)); |
|
} else { |
|
error("%s: known hosts file %s inaccessible", |
|
__func__, strerror(errno)); |
|
} |
|
continue; |
|
} |
|
if ((r = hostfile_replace_entries(options.user_hostfiles[i], |
|
ctx->host_str, ctx->ip_str, |
|
i == 0 ? ctx->keys : NULL, i == 0 ? ctx->nkeys : 0, |
|
options.hash_known_hosts, 0, |
|
options.fingerprint_hash)) != 0) { |
|
error("%s: hostfile_replace_entries failed for %s: %s", |
|
__func__, options.user_hostfiles[i], ssh_err(r)); |
|
} |
|
} |
} |
} |
|
|
static void |
static void |
|
|
options.check_host_ip ? &ctx->ip_str : NULL); |
options.check_host_ip ? &ctx->ip_str : NULL); |
|
|
/* Find which keys we already know about. */ |
/* Find which keys we already know about. */ |
if ((r = hostkeys_foreach(options.user_hostfiles[0], hostkeys_find, |
for (i = 0; i < options.num_user_hostfiles; i++) { |
ctx, ctx->host_str, ctx->ip_str, |
debug("%s: searching %s for %s / %s", __func__, |
HKF_WANT_PARSE_KEY|HKF_WANT_MATCH)) != 0) { |
options.user_hostfiles[i], ctx->host_str, ctx->ip_str); |
error("%s: hostkeys_foreach failed: %s", __func__, ssh_err(r)); |
if ((r = hostkeys_foreach(options.user_hostfiles[i], |
goto out; |
hostkeys_find, ctx, ctx->host_str, ctx->ip_str, |
|
HKF_WANT_PARSE_KEY|HKF_WANT_MATCH)) != 0) { |
|
if (r == SSH_ERR_SYSTEM_ERROR && errno == ENOENT) { |
|
error("%s: hostkeys file %s does not exist", |
|
__func__, options.user_hostfiles[i]); |
|
continue; |
|
} |
|
error("%s: hostkeys_foreach failed for %s: %s", |
|
__func__, options.user_hostfiles[i], ssh_err(r)); |
|
goto out; |
|
} |
} |
} |
|
|
/* Figure out if we have any new keys to add */ |
/* Figure out if we have any new keys to add */ |