diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-03-03 06:13:11 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-03-03 17:14:35 +1100 |
commit | 12d3767ba4c84c32150cbe6ff6494498780f12c9 (patch) | |
tree | 554224f6768995379f37b2964e447458b841fc03 /ssh-keygen.c | |
parent | d7abb771bd5a941b26144ba400a34563a1afa589 (diff) |
upstream commit
fix ssh-keygen -H accidentally corrupting known_hosts that
contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by
hostkeys_foreach() when hostname matching is in use, so we need to look for
the hash marker explicitly.
Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r-- | ssh-keygen.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 33d405a0d..2259b340d 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.295 2017/02/17 02:32:05 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.296 2017/03/03 06:13:11 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1084,6 +1084,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx) | |||
1084 | struct known_hosts_ctx *ctx = (struct known_hosts_ctx *)_ctx; | 1084 | struct known_hosts_ctx *ctx = (struct known_hosts_ctx *)_ctx; |
1085 | char *hashed, *cp, *hosts, *ohosts; | 1085 | char *hashed, *cp, *hosts, *ohosts; |
1086 | int has_wild = l->hosts && strcspn(l->hosts, "*?!") != strlen(l->hosts); | 1086 | int has_wild = l->hosts && strcspn(l->hosts, "*?!") != strlen(l->hosts); |
1087 | int was_hashed = l->hosts[0] == HASH_DELIM; | ||
1087 | 1088 | ||
1088 | switch (l->status) { | 1089 | switch (l->status) { |
1089 | case HKF_STATUS_OK: | 1090 | case HKF_STATUS_OK: |
@@ -1092,8 +1093,7 @@ known_hosts_hash(struct hostkey_foreach_line *l, void *_ctx) | |||
1092 | * Don't hash hosts already already hashed, with wildcard | 1093 | * Don't hash hosts already already hashed, with wildcard |
1093 | * characters or a CA/revocation marker. | 1094 | * characters or a CA/revocation marker. |
1094 | */ | 1095 | */ |
1095 | if ((l->match & HKF_MATCH_HOST_HASHED) != 0 || | 1096 | if (was_hashed || has_wild || l->marker != MRK_NONE) { |
1096 | has_wild || l->marker != MRK_NONE) { | ||
1097 | fprintf(ctx->out, "%s\n", l->line); | 1097 | fprintf(ctx->out, "%s\n", l->line); |
1098 | if (has_wild && !find_host) { | 1098 | if (has_wild && !find_host) { |
1099 | logit("%s:%ld: ignoring host name " | 1099 | logit("%s:%ld: ignoring host name " |