version 1.335, 2020/01/26 00:14:45 |
version 1.336, 2020/01/29 07:51:30 |
|
|
} |
} |
|
|
static void |
static void |
update_known_hosts(struct hostkeys_update_ctx *ctx) |
hostkey_change_preamble(void) |
{ |
{ |
int r, was_raw = 0; |
|
LogLevel loglevel = options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK ? |
LogLevel loglevel = options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK ? |
SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_VERBOSE; |
SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_VERBOSE; |
|
|
|
do_log2(loglevel, "The server has updated its host keys."); |
|
do_log2(loglevel, "These changes were verified by the server's " |
|
"existing trusted key."); |
|
} |
|
|
|
static void |
|
update_known_hosts(struct hostkeys_update_ctx *ctx) |
|
{ |
|
int r, was_raw = 0, first = 1; |
|
int asking = options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK; |
|
LogLevel loglevel = asking ? SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_VERBOSE; |
char *fp, *response; |
char *fp, *response; |
size_t i; |
size_t i; |
struct stat sb; |
struct stat sb; |
|
|
if ((fp = sshkey_fingerprint(ctx->keys[i], |
if ((fp = sshkey_fingerprint(ctx->keys[i], |
options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) |
options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) |
fatal("%s: sshkey_fingerprint failed", __func__); |
fatal("%s: sshkey_fingerprint failed", __func__); |
|
if (first && asking) |
|
hostkey_change_preamble(); |
do_log2(loglevel, "Learned new hostkey: %s %s", |
do_log2(loglevel, "Learned new hostkey: %s %s", |
sshkey_type(ctx->keys[i]), fp); |
sshkey_type(ctx->keys[i]), fp); |
|
first = 0; |
free(fp); |
free(fp); |
} |
} |
for (i = 0; i < ctx->nold; i++) { |
for (i = 0; i < ctx->nold; i++) { |
if ((fp = sshkey_fingerprint(ctx->old_keys[i], |
if ((fp = sshkey_fingerprint(ctx->old_keys[i], |
options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) |
options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) |
fatal("%s: sshkey_fingerprint failed", __func__); |
fatal("%s: sshkey_fingerprint failed", __func__); |
|
if (first && asking) |
|
hostkey_change_preamble(); |
do_log2(loglevel, "Deprecating obsolete hostkey: %s %s", |
do_log2(loglevel, "Deprecating obsolete hostkey: %s %s", |
sshkey_type(ctx->old_keys[i]), fp); |
sshkey_type(ctx->old_keys[i]), fp); |
|
first = 0; |
free(fp); |
free(fp); |
} |
} |
if (options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK) { |
if (options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK) { |