Attachment #2184 for bug #2040





	u_int8_t hostkey_algorithm;
	u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED;
	u_char *hostkey_digest = NULL;
	u_int hostkey_digest_len;

	u_int8_t dnskey_algorithm;

		    fingerprints->rri_nrdatas);
	}

	/* Initialize default host key parameters */
	if (!dns_read_key(&hostkey_algorithm, &hostkey_digest_type,
	    &hostkey_digest, &hostkey_digest_len, hostkey)) {
		error("Error calculating host key fingerprint.");
		freerrset(fingerprints);
		return -1;
	}

	if (fingerprints->rri_nrdatas)
		*flags |= DNS_VERIFY_FOUND;



		if (hostkey_digest_type != dnskey_digest_type) {
			hostkey_digest_type = dnskey_digest_type;
			if (hostkey_digest)
				xfree(hostkey_digest); /* from key_fingerprint_raw() */

			/* Initialize host key parameters */
			if (!dns_read_key(&hostkey_algorithm,
			    &hostkey_digest_type, &hostkey_digest,
			    &hostkey_digest_len, hostkey)) {
				debug("Error calculating key fingerprint.");
				continue;
				return -1;
			}
		}


		xfree(dnskey_digest);
	}

	if (hostkey_digest)
		xfree(hostkey_digest); /* from key_fingerprint_raw() */
	freerrset(fingerprints);

	if (*flags & DNS_VERIFY_FOUND) {
- 

Return to bug 2040

Lines 200-206 verify_host_key_dns(const char hostname, struct sockaddr address, Link Here

(-)a/dns.c (-15 / +7 lines)
200		200
201	u_int8_t hostkey_algorithm;	201	u_int8_t hostkey_algorithm;
202	u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED;	202	u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED;
203	u_char *hostkey_digest;	203	u_char *hostkey_digest = NULL;
204	u_int hostkey_digest_len;	204	u_int hostkey_digest_len;
205		205
206	u_int8_t dnskey_algorithm;	206	u_int8_t dnskey_algorithm;
Lines 240-253 verify_host_key_dns(const char hostname, struct sockaddr address, Link Here
240	fingerprints->rri_nrdatas);	240	fingerprints->rri_nrdatas);
241	}	241	}
242		242
243	/* Initialize default host key parameters */
244	if (!dns_read_key(&hostkey_algorithm, &hostkey_digest_type,
245	&hostkey_digest, &hostkey_digest_len, hostkey)) {
246	error("Error calculating host key fingerprint.");
247	freerrset(fingerprints);
248	return -1;
249	}
250
251	if (fingerprints->rri_nrdatas)	243	if (fingerprints->rri_nrdatas)
252	*flags \|= DNS_VERIFY_FOUND;	244	*flags \|= DNS_VERIFY_FOUND;
253		245
Lines 268-282 verify_host_key_dns(const char hostname, struct sockaddr address, Link Here
268		260
269	if (hostkey_digest_type != dnskey_digest_type) {	261	if (hostkey_digest_type != dnskey_digest_type) {
270	hostkey_digest_type = dnskey_digest_type;	262	hostkey_digest_type = dnskey_digest_type;
271	xfree(hostkey_digest);	263	if (hostkey_digest)
		264	xfree(hostkey_digest); /* from key_fingerprint_raw() */
272		265
273	/* Initialize host key parameters */	266	/* Initialize host key parameters */
274	if (!dns_read_key(&hostkey_algorithm,	267	if (!dns_read_key(&hostkey_algorithm,
275	&hostkey_digest_type, &hostkey_digest,	268	&hostkey_digest_type, &hostkey_digest,
276	&hostkey_digest_len, hostkey)) {	269	&hostkey_digest_len, hostkey)) {
277	error("Error calculating key fingerprint.");	270	debug("Error calculating key fingerprint.");
278	freerrset(fingerprints);	271	continue;
279	return -1;
280	}	272	}
281	}	273	}
282		274
Lines 291-297 verify_host_key_dns(const char hostname, struct sockaddr address, Link Here
291	xfree(dnskey_digest);	283	xfree(dnskey_digest);
292	}	284	}
293		285
294	xfree(hostkey_digest); /* from key_fingerprint_raw() */	286	if (hostkey_digest)
		287	xfree(hostkey_digest); /* from key_fingerprint_raw() */
295	freerrset(fingerprints);	288	freerrset(fingerprints);
296		289
297	if (*flags & DNS_VERIFY_FOUND) {	290	if (*flags & DNS_VERIFY_FOUND) {
298	-