| version 1.283, 2017/07/01 13:50:45 |
version 1.284, 2017/09/01 05:53:56 |
|
|
| |
|
| static int show_other_keys(struct hostkeys *, struct sshkey *); |
static int show_other_keys(struct hostkeys *, struct sshkey *); |
| static void warn_changed_key(struct sshkey *); |
static void warn_changed_key(struct sshkey *); |
| |
static void warn_missing_key(struct sshkey *); |
| |
|
| /* Expand a proxy command */ |
/* Expand a proxy command */ |
| static char * |
static char * |
|
|
| free(ra); |
free(ra); |
| free(fp); |
free(fp); |
| } |
} |
| |
if (options.verify_host_key_dns && |
| |
options.strict_host_key_checking && |
| |
!matching_host_key_dns) { |
| |
snprintf(msg, sizeof(msg), |
| |
"Are you sure you want to continue connecting " |
| |
"(yes/no)? "); |
| |
if (!confirm(msg)) |
| |
goto fail; |
| |
msg[0] = '\0'; |
| |
} |
| hostkey_trusted = 1; |
hostkey_trusted = 1; |
| break; |
break; |
| case HOST_NEW: |
case HOST_NEW: |
|
|
| if (flags & DNS_VERIFY_MATCH) { |
if (flags & DNS_VERIFY_MATCH) { |
| matching_host_key_dns = 1; |
matching_host_key_dns = 1; |
| } else { |
} else { |
| warn_changed_key(plain); |
if (flags & DNS_VERIFY_MISSING) { |
| error("Update the SSHFP RR in DNS " |
warn_missing_key(plain); |
| "with the new host key to get rid " |
error("Add this host key to " |
| "of this message."); |
"the SSHFP RR in DNS to get rid " |
| |
"of this message."); |
| |
} else { |
| |
warn_changed_key(plain); |
| |
error("Update the SSHFP RR in DNS " |
| |
"with the new host key to get rid " |
| |
"of this message."); |
| |
} |
| } |
} |
| } |
} |
| } |
} |
|
|
| error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); |
error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); |
| error("It is also possible that a host key has just been changed."); |
error("It is also possible that a host key has just been changed."); |
| error("The fingerprint for the %s key sent by the remote host is\n%s.", |
error("The fingerprint for the %s key sent by the remote host is\n%s.", |
| key_type(host_key), fp); |
sshkey_type(host_key), fp); |
| error("Please contact your system administrator."); |
error("Please contact your system administrator."); |
| |
|
| free(fp); |
free(fp); |
| } |
} |
| |
|
| |
static void |
| |
warn_missing_key(struct sshkey *host_key) |
| |
{ |
| |
char *fp; |
| |
|
| |
fp = sshkey_fingerprint(host_key, options.fingerprint_hash, |
| |
SSH_FP_DEFAULT); |
| |
if (fp == NULL) |
| |
fatal("%s: sshkey_fingerprint fail", __func__); |
| |
|
| |
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
| |
error("@ WARNING: REMOTE HOST IDENTIFICATION IS MISSING @"); |
| |
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |
| |
error("The fingerprint for the %s key sent by the remote host is\n%s.", |
| |
sshkey_type(host_key), fp); |
| |
error("Please contact your system administrator."); |
| |
|
| |
free(fp); |
| |
} |
| /* |
/* |
| * Execute a local command |
* Execute a local command |
| */ |
*/ |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshconnect.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh