diff options
| author |   provos <provos@openbsd.org> | 1999-10-03 22:01:39 +0000 |
|---|---|---|
| committer | provos <provos@openbsd.org> | 1999-10-03 22:01:39 +0000 |
| commit | eae0429d645dd5c79f7a57fb8cc82edc51c2b598 (patch) | |
| tree | f122cbc1d9d0f6c62d12384e33f569b76e771385 | |
| parent | add code to detect DNS spoofing: (diff) | |
| download | wireguard-openbsd-eae0429d645dd5c79f7a57fb8cc82edc51c2b598.tar.xz wireguard-openbsd-eae0429d645dd5c79f7a57fb8cc82edc51c2b598.zip | |
fix last commit.
| -rw-r--r-- | usr.bin/ssh/readconf.c | 6 | ||||
| -rw-r--r-- | usr.bin/ssh/sshconnect.c | 19 |
2 files changed, 14 insertions, 11 deletions
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index 3b98588c87f..74ec62de326 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -14,7 +14,7 @@ Functions for reading the configuration files. */ #include "includes.h" -RCSID("$Id: readconf.c,v 1.8 1999/10/03 21:50:03 provos Exp $"); +RCSID("$Id: readconf.c,v 1.9 1999/10/03 22:01:39 provos Exp $"); #include "ssh.h" #include "cipher.h" @@ -305,6 +305,10 @@ void process_config_line(Options *options, const char *host, intptr = &options->batch_mode; goto parse_flag; + case oCheckHostIP: + intptr = &options->check_host_ip; + goto parse_flag; + case oStrictHostKeyChecking: intptr = &options->strict_host_key_checking; cp = strtok(NULL, WHITESPACE); diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index fcb8dd15320..242eab6326e 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -15,7 +15,7 @@ login (authentication) dialog. */ #include "includes.h" -RCSID("$Id: sshconnect.c,v 1.12 1999/10/03 21:50:04 provos Exp $"); +RCSID("$Id: sshconnect.c,v 1.13 1999/10/03 22:01:39 provos Exp $"); #include <ssl/bn.h> #include "xmalloc.h" @@ -1058,14 +1058,12 @@ void ssh_login(int host_key_valid, packet_get_bignum(host_key->n, &clen); sum_len += clen; - if (options->check_host_ip && strcmp(host, inet_ntoa(hostaddr->sin_addr))) { - /* Store the host key from the known host file in here - * so that we can compare it with the key for the IP - * address. */ - file_key = RSA_new(); - file_key->n = BN_new(); - file_key->e = BN_new(); - } + /* Store the host key from the known host file in here + * so that we can compare it with the key for the IP + * address. */ + file_key = RSA_new(); + file_key->n = BN_new(); + file_key->e = BN_new(); /* Get protocol flags. */ protocol_flags = packet_get_int(); @@ -1135,10 +1133,11 @@ void ssh_login(int host_key_valid, ip_status = HOST_DIFFER; RSA_free(ip_key); - RSA_free(file_key); } else ip_status = host_status; + RSA_free(file_key); + switch (host_status) { case HOST_OK: /* The host is known and the key matches. */ |