summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormarkus@openbsd.org <markus@openbsd.org>2020-01-27 20:51:32 +0000
committerDamien Miller <djm@mindrot.org>2020-01-28 12:52:46 +1100
commitda22216b5db3613325aa7b639f40dc017e4c6f69 (patch)
tree566da7e53eb850e4236c66d88303b093a171648e
parent1e1db0544fdd788e2e3fc21d972a7ccb7de6b4ae (diff)
upstream: disable UpdateHostKeys=ask if command is specified; ok
djm@ sthen@ OpenBSD-Commit-ID: e5bcc45eadb78896637d4143d289f1e42c2ef5d7
-rw-r--r--ssh.c19
1 files changed, 13 insertions, 6 deletions
diff --git a/ssh.c b/ssh.c
index 4998ebc16..380e1e667 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.c,v 1.515 2020/01/25 00:21:08 djm Exp $ */ 1/* $OpenBSD: ssh.c,v 1.516 2020/01/27 20:51:32 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1248,11 +1248,18 @@ main(int ac, char **av)
1248 strcmp(options.proxy_command, "-") == 0 && 1248 strcmp(options.proxy_command, "-") == 0 &&
1249 options.proxy_use_fdpass) 1249 options.proxy_use_fdpass)
1250 fatal("ProxyCommand=- and ProxyUseFDPass are incompatible"); 1250 fatal("ProxyCommand=- and ProxyUseFDPass are incompatible");
1251 if (options.control_persist && options.control_path != NULL && 1251 if (options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK) {
1252 options.update_hostkeys == SSH_UPDATE_HOSTKEYS_ASK) { 1252 if (options.control_persist && options.control_path != NULL) {
1253 debug("UpdateHostKeys=ask is incompatible with ControlPersist; " 1253 debug("UpdateHostKeys=ask is incompatible with "
1254 "disabling"); 1254 "ControlPersist; disabling");
1255 options.update_hostkeys = 0; 1255 options.update_hostkeys = 0;
1256 } else if (sshbuf_len(command) != 0 ||
1257 options.remote_command != NULL ||
1258 options.request_tty == REQUEST_TTY_NO) {
1259 debug("UpdateHostKeys=ask is incompatible with "
1260 "remote command execution; disabling");
1261 options.update_hostkeys = 0;
1262 }
1256 } 1263 }
1257 if (options.connection_attempts <= 0) 1264 if (options.connection_attempts <= 0)
1258 fatal("Invalid number of ConnectionAttempts"); 1265 fatal("Invalid number of ConnectionAttempts");