Attachment #2403 for bug #2040





	u_int8_t hostkey_algorithm;
	u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED;
	u_char *hostkey_digest = NULL;
	u_int hostkey_digest_len;

	u_int8_t dnskey_algorithm;

		    fingerprints->rri_nrdatas);
	}

	/* Initialize default host key parameters */
	if (!dns_read_key(&hostkey_algorithm, &hostkey_digest_type,
	    &hostkey_digest, &hostkey_digest_len, hostkey)) {
		error("Error calculating host key fingerprint.");
		freerrset(fingerprints);
		return -1;
	}

	if (fingerprints->rri_nrdatas)
		*flags |= DNS_VERIFY_FOUND;



		if (hostkey_digest_type != dnskey_digest_type) {
			hostkey_digest_type = dnskey_digest_type;
			if (hostkey_digest)
				free(hostkey_digest);

			/* Initialize host key parameters */
			if (!dns_read_key(&hostkey_algorithm,
			    &hostkey_digest_type, &hostkey_digest,
			    &hostkey_digest_len, hostkey)) {
				debug("Error calculating key fingerprint.");
				continue;
				return -1;
			}
		}


		free(dnskey_digest);
	}

	if (hostkey_digest)
		free(hostkey_digest); /* from key_fingerprint_raw() */
	freerrset(fingerprints);

	if (*flags & DNS_VERIFY_FOUND) {
- 

Return to bug 2040

Lines 200-206 verify_host_key_dns(const char hostname, struct sockaddr address, Link Here

(-)a/dns.c (-15 / +7 lines)
200		200
201	u_int8_t hostkey_algorithm;	201	u_int8_t hostkey_algorithm;
202	u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED;	202	u_int8_t hostkey_digest_type = SSHFP_HASH_RESERVED;
203	u_char *hostkey_digest;	203	u_char *hostkey_digest = NULL;
204	u_int hostkey_digest_len;	204	u_int hostkey_digest_len;
205		205
206	u_int8_t dnskey_algorithm;	206	u_int8_t dnskey_algorithm;
Lines 240-253 verify_host_key_dns(const char hostname, struct sockaddr address, Link Here
240	fingerprints->rri_nrdatas);	240	fingerprints->rri_nrdatas);
241	}	241	}
242		242
243	/* Initialize default host key parameters */
244	if (!dns_read_key(&hostkey_algorithm, &hostkey_digest_type,
245	&hostkey_digest, &hostkey_digest_len, hostkey)) {
246	error("Error calculating host key fingerprint.");
247	freerrset(fingerprints);
248	return -1;
249	}
250
251	if (fingerprints->rri_nrdatas)	243	if (fingerprints->rri_nrdatas)
252	*flags \|= DNS_VERIFY_FOUND;	244	*flags \|= DNS_VERIFY_FOUND;
253		245
Lines 266-280 verify_host_key_dns(const char hostname, struct sockaddr address, Link Here
266		258
267	if (hostkey_digest_type != dnskey_digest_type) {	259	if (hostkey_digest_type != dnskey_digest_type) {
268	hostkey_digest_type = dnskey_digest_type;	260	hostkey_digest_type = dnskey_digest_type;
269	free(hostkey_digest);	261	if (hostkey_digest)
		262	free(hostkey_digest);
270		263
271	/* Initialize host key parameters */	264	/* Initialize host key parameters */
272	if (!dns_read_key(&hostkey_algorithm,	265	if (!dns_read_key(&hostkey_algorithm,
273	&hostkey_digest_type, &hostkey_digest,	266	&hostkey_digest_type, &hostkey_digest,
274	&hostkey_digest_len, hostkey)) {	267	&hostkey_digest_len, hostkey)) {
275	error("Error calculating key fingerprint.");	268	debug("Error calculating key fingerprint.");
276	freerrset(fingerprints);	269	continue;
277	return -1;
278	}	270	}
279	}	271	}
280		272
Lines 292-298 verify_host_key_dns(const char hostname, struct sockaddr address, Link Here
292	free(dnskey_digest);	284	free(dnskey_digest);
293	}	285	}
294		286
295	free(hostkey_digest); /* from key_fingerprint_raw() */	287	if (hostkey_digest)
		288	free(hostkey_digest); /* from key_fingerprint_raw() */
296	freerrset(fingerprints);	289	freerrset(fingerprints);
297		290
298	if (*flags & DNS_VERIFY_FOUND) {	291	if (*flags & DNS_VERIFY_FOUND) {
299	-