- jakob@cvs.openbsd.org 2003/11/03 09:09:41

[sshconnect.c] move changed key warning into warn_changed_key(). ok markus@
author: Damien Miller <djm@mindrot.org> 2003-11-17 21:10:47 +1100
committer: Damien Miller <djm@mindrot.org> 2003-11-17 21:10:47 +1100
commit: 5a38897dbb417d2dacaaeae5bd5ce0718a7f3fb1 (patch)
tree: ab0747b7021ba2146f6d4e11fb68daf7d71b3e7c /sshconnect.c
parent: 3e8f41e6ac9b4c39c667067e4bad8160095743f9 (diff)
1 files changed, 25 insertions, 12 deletions
diff --git a/sshconnect.c b/sshconnect.c
index 2c028f3a6..3c8f480ed 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -13,7 +13,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.149 2003/10/14 19:42:10 jakob Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.150 2003/11/03 09:09:41 jakob Exp $");
 #include <openssl/bn.h>
@@ -52,6 +52,7 @@ extern pid_t proxy_command_pid;
 #endif
 static int show_other_keys(const char *, Key *);
+static void warn_changed_key(Key *);
 /*
 * Connect to the given ssh server using a proxy command.
@@ -785,20 +786,10 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
                                error("Offending key for IP in %s:%d", ip_file, ip_line);
                }
                /* The host key has changed. */
-                fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
+                warn_changed_key(host_key);
-                error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
-                error("@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @");
-                error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
-                error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");
-                error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
-                error("It is also possible that the %s host key has just been changed.", type);
-                error("The fingerprint for the %s key sent by the remote host is\n%s.",
-                    type, fp);
-                error("Please contact your system administrator.");
                error("Add correct host key in %.100s to get rid of this message.",
                    user_hostfile);
                error("Offending key in %s:%d", host_file, host_line);
-                xfree(fp);
                /*
                 * If strict host key checking is in use, the user will have
@@ -1045,3 +1036,25 @@ show_other_keys(const char *host, Key *key)
        }
        return (found);
 }
+static void
+warn_changed_key(Key *host_key)
+{
+        char *fp;
+        char *type = key_type(host_key);
+        fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
+        error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
+        error("@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @");
+        error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
+        error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!");
+        error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!");
+        error("It is also possible that the %s host key has just been changed.", type);
+        error("The fingerprint for the %s key sent by the remote host is\n%s.",
+            type, fp);
+        error("Please contact your system administrator.");
+        xfree(fp);
+        xfree(type);
+}
author	Damien Miller <djm@mindrot.org>	2003-11-17 21:10:47 +1100
committer	Damien Miller <djm@mindrot.org>	2003-11-17 21:10:47 +1100
commit	5a38897dbb417d2dacaaeae5bd5ce0718a7f3fb1 (patch)
tree	ab0747b7021ba2146f6d4e11fb68daf7d71b3e7c /sshconnect.c
parent	3e8f41e6ac9b4c39c667067e4bad8160095743f9 (diff)