Bugzilla – Attachment 10 Details for
Bug 70
Allow 'authorize host' questions to be able to be answered via GUI app
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
like this?
XU (text/plain), 3.75 KB, created by
Markus Friedl
on 2002-01-17 02:19:16 AEDT
(
hide
)
Description:
like this?
Filename:
MIME Type:
Creator:
Markus Friedl
Created:
2002-01-17 02:19:16 AEDT
Size:
3.75 KB
patch
obsolete
>Index: sshconnect.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/sshconnect.c,v >retrieving revision 1.118 >diff -u -r1.118 sshconnect.c >--- sshconnect.c 19 Dec 2001 07:18:56 -0000 1.118 >+++ sshconnect.c 16 Jan 2002 15:15:51 -0000 >@@ -31,6 +31,7 @@ > #include "readconf.h" > #include "atomicio.h" > #include "misc.h" >+#include "readpass.h" > > char *client_version_string = NULL; > char *server_version_string = NULL; >@@ -480,40 +481,24 @@ > static int > confirm(const char *prompt) > { >- char buf[1024]; >- FILE *f; >- int retval = -1; >+ const char *msg, *again = "Please type 'yes' or 'no': "; >+ char *p; >+ int ret = -1; > > if (options.batch_mode) > return 0; >- if (isatty(STDIN_FILENO)) >- f = stdin; >- else >- f = fopen(_PATH_TTY, "rw"); >- if (f == NULL) >- return 0; >- fflush(stdout); >- fprintf(stderr, "%s", prompt); >- while (1) { >- if (fgets(buf, sizeof(buf), f) == NULL) { >- fprintf(stderr, "\n"); >- strlcpy(buf, "no", sizeof buf); >- } >- /* Remove newline from response. */ >- if (strchr(buf, '\n')) >- *strchr(buf, '\n') = 0; >- if (strcmp(buf, "yes") == 0) >- retval = 1; >- else if (strcmp(buf, "no") == 0) >- retval = 0; >- else >- fprintf(stderr, "Please type 'yes' or 'no': "); >- >- if (retval != -1) { >- if (f != stdin) >- fclose(f); >- return retval; >- } >+ for (msg = prompt;;msg = again) { >+ p = read_passphrase(msg, RP_ECHO); >+ if (p == NULL || >+ (p[0] == '\0') || (p[0] == '\n') || >+ strncasecmp(p, "no", 2) == 0) >+ ret = 0; >+ if (strncasecmp(p, "yes", 3) == 0) >+ ret = 1; >+ if (p) >+ xfree(p); >+ if (ret != -1) >+ return ret; > } > } > >@@ -534,7 +519,8 @@ > HostStatus ip_status; > int local = 0, host_ip_differ = 0; > char ntop[NI_MAXHOST]; >- int host_line, ip_line; >+ char msg[1024]; >+ int len, host_line, ip_line; > const char *host_file = NULL, *ip_file = NULL; > > /* >@@ -676,18 +662,16 @@ > goto fail; > } else if (options.strict_host_key_checking == 2) { > /* The default */ >- char prompt[1024]; > fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); >- snprintf(prompt, sizeof(prompt), >+ snprintf(msg, sizeof(msg), > "The authenticity of host '%.200s (%s)' can't be " > "established.\n" > "%s key fingerprint is %s.\n" > "Are you sure you want to continue connecting " > "(yes/no)? ", host, ip, type, fp); > xfree(fp); >- if (!confirm(prompt)) { >+ if (!confirm(msg)) > goto fail; >- } > } > if (options.check_host_ip && ip_status == HOST_NEW) { > snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); >@@ -791,20 +775,28 @@ > > if (options.check_host_ip && host_status != HOST_CHANGED && > ip_status == HOST_CHANGED) { >- log("Warning: the %s host key for '%.200s' " >- "differs from the key for the IP address '%.128s'", >- type, host, ip); >- if (host_status == HOST_OK) >- log("Matching host key in %s:%d", host_file, host_line); >- log("Offending key for IP in %s:%d", ip_file, ip_line); >+ snprintf(msg, sizeof(msg), >+ "Warning: the %s host key for '%.200s' " >+ "differs from the key for the IP address '%.128s'" >+ "\nOffending key for IP in %s:%d", >+ type, host, ip, ip_file, ip_line); >+ if (host_status == HOST_OK) { >+ len = strlen(msg); >+ snprintf(msg + len, sizeof(msg) - len, >+ "\nMatching host key in %s:%d", >+ host_file, host_line); >+ } > if (options.strict_host_key_checking == 1) { >+ log(msg); > error("Exiting, you have requested strict checking."); > goto fail; > } else if (options.strict_host_key_checking == 2) { >- if (!confirm("Are you sure you want " >- "to continue connecting (yes/no)? ")) { >+ strlcat(msg, "\nAre you sure you want " >+ "to continue connecting (yes/no)? ", sizeof(msg)); >+ if (!confirm(msg)) > goto fail; >- } >+ } else { >+ log(msg); > } > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=10">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 70
: 10