version 1.337, 2020/10/07 02:22:23 |
version 1.338, 2020/10/07 02:24:51 |
|
|
} |
} |
} |
} |
|
|
|
/* returns non-zero if path appears in hostfiles, or 0 if not. */ |
|
static int |
|
path_in_hostfiles(const char *path, char **hostfiles, u_int num_hostfiles) |
|
{ |
|
u_int i; |
|
|
|
for (i = 0; i < num_hostfiles; i++) { |
|
if (strcmp(path, hostfiles[i]) == 0) |
|
return 1; |
|
} |
|
return 0; |
|
} |
|
|
/* |
/* |
* check whether the supplied host key is valid, return -1 if the key |
* check whether the supplied host key is valid, return -1 if the key |
* is not valid. user_hostfile[0] will not be updated if 'readonly' is true. |
* is not valid. user_hostfile[0] will not be updated if 'readonly' is true. |
|
|
char **user_hostfiles, u_int num_user_hostfiles, |
char **user_hostfiles, u_int num_user_hostfiles, |
char **system_hostfiles, u_int num_system_hostfiles) |
char **system_hostfiles, u_int num_system_hostfiles) |
{ |
{ |
HostStatus host_status; |
HostStatus host_status = -1, ip_status = -1; |
HostStatus ip_status; |
|
struct sshkey *raw_key = NULL; |
struct sshkey *raw_key = NULL; |
char *ip = NULL, *host = NULL; |
char *ip = NULL, *host = NULL; |
char hostline[1000], *hostp, *fp, *ra; |
char hostline[1000], *hostp, *fp, *ra; |
char msg[1024]; |
char msg[1024]; |
const char *type; |
const char *type; |
const struct hostkey_entry *host_found, *ip_found; |
const struct hostkey_entry *host_found = NULL, *ip_found = NULL; |
int len, cancelled_forwarding = 0, confirmed; |
int len, cancelled_forwarding = 0, confirmed; |
int local = sockaddr_is_local(hostaddr); |
int local = sockaddr_is_local(hostaddr); |
int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0; |
int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0; |
|
|
options.host_key_alias == NULL) { |
options.host_key_alias == NULL) { |
debug("Forcing accepting of host key for " |
debug("Forcing accepting of host key for " |
"loopback/localhost."); |
"loopback/localhost."); |
|
options.update_hostkeys = 0; |
return 0; |
return 0; |
} |
} |
|
|
|
|
!check_host_cert(options.host_key_alias == NULL ? |
!check_host_cert(options.host_key_alias == NULL ? |
hostname : options.host_key_alias, host_key)) |
hostname : options.host_key_alias, host_key)) |
goto fail; |
goto fail; |
|
/* Turn off UpdateHostkeys if key was in system known_hosts */ |
|
if (options.update_hostkeys != 0 && |
|
(path_in_hostfiles(host_found->file, |
|
system_hostfiles, num_system_hostfiles) || |
|
(ip_status == HOST_OK && ip_found != NULL && |
|
path_in_hostfiles(ip_found->file, |
|
system_hostfiles, num_system_hostfiles)))) { |
|
options.update_hostkeys = 0; |
|
debug3("%s: host key found in GlobalKnownHostsFile; " |
|
"disabling UpdateHostkeys", __func__); |
|
} |
if (options.check_host_ip && ip_status == HOST_NEW) { |
if (options.check_host_ip && ip_status == HOST_NEW) { |
if (readonly || want_cert) |
if (readonly || want_cert) |
logit("%s host key for IP address " |
logit("%s host key for IP address " |