|
Lines 487-508
Link Here
|
| 487 |
|
487 |
|
| 488 |
/* defaults to 'no' */ |
488 |
/* defaults to 'no' */ |
| 489 |
static int |
489 |
static int |
| 490 |
confirm(const char *prompt) |
490 |
confirm(const char *prompt, const char *fp) |
| 491 |
{ |
491 |
{ |
| 492 |
const char *msg, *again = "Please type 'yes' or 'no': "; |
492 |
const char *msg; |
| 493 |
char *p; |
493 |
char *p; |
| 494 |
int ret = -1; |
494 |
int ret = -1; |
|
|
495 |
int checking = 0; |
| 495 |
|
496 |
|
| 496 |
if (options.batch_mode) |
497 |
if (options.batch_mode) |
| 497 |
return 0; |
498 |
return 0; |
| 498 |
for (msg = prompt;;msg = again) { |
499 |
msg = prompt; |
|
|
500 |
for (;;) { |
| 499 |
p = read_passphrase(msg, RP_ECHO); |
501 |
p = read_passphrase(msg, RP_ECHO); |
| 500 |
if (p == NULL || |
502 |
if (p == NULL || |
| 501 |
(p[0] == '\0') || (p[0] == '\n') || |
503 |
(p[0] == '\0') || (p[0] == '\n')) |
| 502 |
strncasecmp(p, "no", 2) == 0) |
|
|
| 503 |
ret = 0; |
504 |
ret = 0; |
| 504 |
if (strncasecmp(p, "yes", 3) == 0) |
505 |
else if (checking) { |
| 505 |
ret = 1; |
506 |
if (strcasecmp(p, fp) == 0) { |
|
|
507 |
log("The fingerprints match."); |
| 508 |
ret = 1; |
| 509 |
} else { |
| 510 |
log("The fingerprints do not match."); |
| 511 |
ret = 0; |
| 512 |
} |
| 513 |
} |
| 514 |
else { |
| 515 |
msg = "Please type 'yes', 'no' or 'check': "; |
| 516 |
if (strncasecmp(p, "no", 2) == 0) |
| 517 |
ret = 0; |
| 518 |
if (strncasecmp(p, "yes", 3) == 0) |
| 519 |
ret = 1; |
| 520 |
if (strncasecmp(p, "check", 5) == 0) { |
| 521 |
msg = "Enter the expected key fingerprint " |
| 522 |
"(DO NOT copy the fingerprint that might " |
| 523 |
"have been displayed earlier): "; |
| 524 |
checking = 1; |
| 525 |
} |
| 526 |
} |
| 506 |
if (p) |
527 |
if (p) |
| 507 |
xfree(p); |
528 |
xfree(p); |
| 508 |
if (ret != -1) |
529 |
if (ret != -1) |
|
Lines 680-689
Link Here
|
| 680 |
"established.\n" |
701 |
"established.\n" |
| 681 |
"%s key fingerprint is %s.\n" |
702 |
"%s key fingerprint is %s.\n" |
| 682 |
"Are you sure you want to continue connecting " |
703 |
"Are you sure you want to continue connecting " |
| 683 |
"(yes/no)? ", host, ip, type, fp); |
704 |
"(yes/no/check)? ", host, ip, type, fp); |
| 684 |
xfree(fp); |
705 |
if (!confirm(msg, fp)) { |
| 685 |
if (!confirm(msg)) |
706 |
xfree(fp); |
| 686 |
goto fail; |
707 |
goto fail; |
|
|
708 |
} |
| 709 |
xfree(fp); |
| 687 |
} |
710 |
} |
| 688 |
if (options.check_host_ip && ip_status == HOST_NEW) { |
711 |
if (options.check_host_ip && ip_status == HOST_NEW) { |
| 689 |
snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); |
712 |
snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); |
|
Lines 803-812
Link Here
|
| 803 |
error("Exiting, you have requested strict checking."); |
826 |
error("Exiting, you have requested strict checking."); |
| 804 |
goto fail; |
827 |
goto fail; |
| 805 |
} else if (options.strict_host_key_checking == 2) { |
828 |
} else if (options.strict_host_key_checking == 2) { |
|
|
829 |
fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); |
| 806 |
strlcat(msg, "\nAre you sure you want " |
830 |
strlcat(msg, "\nAre you sure you want " |
| 807 |
"to continue connecting (yes/no)? ", sizeof(msg)); |
831 |
"to continue connecting (yes/no/check)? ", sizeof(msg)); |
| 808 |
if (!confirm(msg)) |
832 |
if (!confirm(msg, fp)) { |
|
|
833 |
free(fp); |
| 809 |
goto fail; |
834 |
goto fail; |
|
|
835 |
} |
| 836 |
free(fp); |
| 810 |
} else { |
837 |
} else { |
| 811 |
log(msg); |
838 |
log(msg); |
| 812 |
} |
839 |
} |