version 1.311, 2019/01/19 21:36:38 |
version 1.312, 2019/01/24 17:00:29 |
|
|
|
|
/* defaults to 'no' */ |
/* defaults to 'no' */ |
static int |
static int |
confirm(const char *prompt) |
confirm(const char *prompt, const char *fingerprint) |
{ |
{ |
const char *msg, *again = "Please type 'yes' or 'no': "; |
const char *msg, *again = "Please type 'yes' or 'no': "; |
|
const char *again_fp = "Please type 'yes', 'no' or the fingerprint: "; |
char *p; |
char *p; |
int ret = -1; |
int ret = -1; |
|
|
if (options.batch_mode) |
if (options.batch_mode) |
return 0; |
return 0; |
for (msg = prompt;;msg = again) { |
for (msg = prompt;;msg = fingerprint ? again_fp : again) { |
p = read_passphrase(msg, RP_ECHO); |
p = read_passphrase(msg, RP_ECHO); |
if (p == NULL) |
if (p == NULL) |
return 0; |
return 0; |
p[strcspn(p, "\n")] = '\0'; |
p[strcspn(p, "\n")] = '\0'; |
if (p[0] == '\0' || strcasecmp(p, "no") == 0) |
if (p[0] == '\0' || strcasecmp(p, "no") == 0) |
ret = 0; |
ret = 0; |
else if (strcasecmp(p, "yes") == 0) |
else if (strcasecmp(p, "yes") == 0 || (fingerprint != NULL && |
|
strcasecmp(p, fingerprint) == 0)) |
ret = 1; |
ret = 1; |
free(p); |
free(p); |
if (ret != -1) |
if (ret != -1) |
|
|
char msg[1024]; |
char msg[1024]; |
const char *type; |
const char *type; |
const struct hostkey_entry *host_found, *ip_found; |
const struct hostkey_entry *host_found, *ip_found; |
int len, cancelled_forwarding = 0; |
int len, cancelled_forwarding = 0, confirmed; |
int local = sockaddr_is_local(hostaddr); |
int local = sockaddr_is_local(hostaddr); |
int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0; |
int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0; |
int hostkey_trusted = 0; /* Known or explicitly accepted by user */ |
int hostkey_trusted = 0; /* Known or explicitly accepted by user */ |
|
|
"established%s\n" |
"established%s\n" |
"%s key fingerprint is %s.%s%s\n%s" |
"%s key fingerprint is %s.%s%s\n%s" |
"Are you sure you want to continue connecting " |
"Are you sure you want to continue connecting " |
"(yes/no)? ", |
"(yes/no/[fingerprint])? ", |
host, ip, msg1, type, fp, |
host, ip, msg1, type, fp, |
options.visual_host_key ? "\n" : "", |
options.visual_host_key ? "\n" : "", |
options.visual_host_key ? ra : "", |
options.visual_host_key ? ra : "", |
msg2); |
msg2); |
free(ra); |
free(ra); |
|
confirmed = confirm(msg, fp); |
free(fp); |
free(fp); |
if (!confirm(msg)) |
if (!confirmed) |
goto fail; |
goto fail; |
hostkey_trusted = 1; /* user explicitly confirmed */ |
hostkey_trusted = 1; /* user explicitly confirmed */ |
} |
} |
|
|
SSH_STRICT_HOSTKEY_ASK) { |
SSH_STRICT_HOSTKEY_ASK) { |
strlcat(msg, "\nAre you sure you want " |
strlcat(msg, "\nAre you sure you want " |
"to continue connecting (yes/no)? ", sizeof(msg)); |
"to continue connecting (yes/no)? ", sizeof(msg)); |
if (!confirm(msg)) |
if (!confirm(msg, NULL)) |
goto fail; |
goto fail; |
} else if (options.strict_host_key_checking != |
} else if (options.strict_host_key_checking != |
SSH_STRICT_HOSTKEY_OFF) { |
SSH_STRICT_HOSTKEY_OFF) { |