summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/sshconnect.c
diff options
context:
space:
mode:
authordtucker <dtucker@openbsd.org>2020-01-22 07:38:30 +0000
committerdtucker <dtucker@openbsd.org>2020-01-22 07:38:30 +0000
commit0260df4cea3a5d88269f7cfaaee2ef09b8852a08 (patch)
treea9e108dda0acca9e058aefc14f2fc4407d8d5ece /usr.bin/ssh/sshconnect.c
parentIncrease keyscan timeout from default. On slow hosts 3 concurrent keyscans (diff)
downloadwireguard-openbsd-0260df4cea3a5d88269f7cfaaee2ef09b8852a08.tar.xz
wireguard-openbsd-0260df4cea3a5d88269f7cfaaee2ef09b8852a08.zip
Ignore whitespace when checking explict fingerprint. When confirming a host
key using the fingerprint itself, ignore leading and trailing whitespace. ok deraadt@ djm@
Diffstat (limited to 'usr.bin/ssh/sshconnect.c')
-rw-r--r--usr.bin/ssh/sshconnect.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c
index df03c5b90d7..18bf553bfa6 100644
--- a/usr.bin/ssh/sshconnect.c
+++ b/usr.bin/ssh/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.325 2020/01/11 16:23:10 naddy Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.326 2020/01/22 07:38:30 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -558,22 +558,23 @@ confirm(const char *prompt, const char *fingerprint)
{
const char *msg, *again = "Please type 'yes' or 'no': ";
const char *again_fp = "Please type 'yes', 'no' or the fingerprint: ";
- char *p;
+ char *p, *cp;
int ret = -1;
if (options.batch_mode)
return 0;
for (msg = prompt;;msg = fingerprint ? again_fp : again) {
- p = read_passphrase(msg, RP_ECHO);
+ cp = p = read_passphrase(msg, RP_ECHO);
if (p == NULL)
return 0;
- p[strcspn(p, "\n")] = '\0';
+ p += strspn(p, " \t"); /* skip leading whitespace */
+ p[strcspn(p, " \t\n")] = '\0'; /* remove trailing whitespace */
if (p[0] == '\0' || strcasecmp(p, "no") == 0)
ret = 0;
else if (strcasecmp(p, "yes") == 0 || (fingerprint != NULL &&
strcasecmp(p, fingerprint) == 0))
ret = 1;
- free(p);
+ free(cp);
if (ret != -1)
return ret;
}
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.