diff options
| author |   markus <markus@openbsd.org> | 2001-03-12 22:02:01 +0000 |
|---|---|---|
| committer | markus <markus@openbsd.org> | 2001-03-12 22:02:01 +0000 |
| commit | 7fcff747bfdc1ad95a64ccef91486416c088a76b (patch) | |
| tree | 4c71cbe990997fe26e345479b3dc0a6b282210ab /usr.bin/ssh/sshconnect.c | |
| parent | Omega is now VAX_BTYP_1301. Also add an STYP for 4000 600. (diff) | |
| download | wireguard-openbsd-7fcff747bfdc1ad95a64ccef91486416c088a76b.tar.xz wireguard-openbsd-7fcff747bfdc1ad95a64ccef91486416c088a76b.zip | |
remove old key_fingerprint interface, s/_ex//
Diffstat (limited to 'usr.bin/ssh/sshconnect.c')
| -rw-r--r-- | usr.bin/ssh/sshconnect.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index 62a3aee17e3..99c09afeab8 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.99 2001/03/10 15:31:00 deraadt Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.100 2001/03/12 22:02:02 markus Exp $"); #include <openssl/bn.h> @@ -477,7 +477,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, Key *file_key; char *type = key_type(host_key); char *ip = NULL; - char hostline[1000], *hostp; + char hostline[1000], *hostp, *fp; HostStatus host_status; HostStatus ip_status; int local = 0, host_ip_differ = 0; @@ -604,11 +604,13 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, } else if (options.strict_host_key_checking == 2) { /* The default */ char prompt[1024]; + fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); snprintf(prompt, sizeof(prompt), "The authenticity of host '%.200s (%s)' can't be established.\n" "%s key fingerprint is %s.\n" "Are you sure you want to continue connecting (yes/no)? ", - host, ip, type, key_fingerprint(host_key)); + host, ip, type, fp); + xfree(fp); if (!read_yes_or_no(prompt, -1)) fatal("Aborted by user!"); } @@ -647,6 +649,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, error("Offending key for IP in %s:%d", ip_file, ip_line); } /* The host key has changed. */ + fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @"); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); @@ -654,11 +657,12 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); error("It is also possible that the %s host key has just been changed.", type); error("The fingerprint for the %s key sent by the remote host is\n%s.", - type, key_fingerprint(host_key)); + type, fp); error("Please contact your system administrator."); error("Add correct host key in %.100s to get rid of this message.", user_hostfile); error("Offending key in %s:%d", host_file, host_line); + xfree(fp); /* * If strict host key checking is in use, the user will have |