diff options
author | Damien Miller <djm@mindrot.org> | 2003-11-17 21:10:47 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-11-17 21:10:47 +1100 |
commit | 5a38897dbb417d2dacaaeae5bd5ce0718a7f3fb1 (patch) | |
tree | ab0747b7021ba2146f6d4e11fb68daf7d71b3e7c /sshconnect.c | |
parent | 3e8f41e6ac9b4c39c667067e4bad8160095743f9 (diff) |
- jakob@cvs.openbsd.org 2003/11/03 09:09:41
[sshconnect.c]
move changed key warning into warn_changed_key(). ok markus@
Diffstat (limited to 'sshconnect.c')
-rw-r--r-- | sshconnect.c | 37 |
1 files changed, 25 insertions, 12 deletions
diff --git a/sshconnect.c b/sshconnect.c index 2c028f3a6..3c8f480ed 100644 --- a/sshconnect.c +++ b/sshconnect.c | |||
@@ -13,7 +13,7 @@ | |||
13 | */ | 13 | */ |
14 | 14 | ||
15 | #include "includes.h" | 15 | #include "includes.h" |
16 | RCSID("$OpenBSD: sshconnect.c,v 1.149 2003/10/14 19:42:10 jakob Exp $"); | 16 | RCSID("$OpenBSD: sshconnect.c,v 1.150 2003/11/03 09:09:41 jakob Exp $"); |
17 | 17 | ||
18 | #include <openssl/bn.h> | 18 | #include <openssl/bn.h> |
19 | 19 | ||
@@ -52,6 +52,7 @@ extern pid_t proxy_command_pid; | |||
52 | #endif | 52 | #endif |
53 | 53 | ||
54 | static int show_other_keys(const char *, Key *); | 54 | static int show_other_keys(const char *, Key *); |
55 | static void warn_changed_key(Key *); | ||
55 | 56 | ||
56 | /* | 57 | /* |
57 | * Connect to the given ssh server using a proxy command. | 58 | * Connect to the given ssh server using a proxy command. |
@@ -785,20 +786,10 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, | |||
785 | error("Offending key for IP in %s:%d", ip_file, ip_line); | 786 | error("Offending key for IP in %s:%d", ip_file, ip_line); |
786 | } | 787 | } |
787 | /* The host key has changed. */ | 788 | /* The host key has changed. */ |
788 | fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); | 789 | warn_changed_key(host_key); |
789 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); | ||
790 | error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @"); | ||
791 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); | ||
792 | error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!"); | ||
793 | error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); | ||
794 | error("It is also possible that the %s host key has just been changed.", type); | ||
795 | error("The fingerprint for the %s key sent by the remote host is\n%s.", | ||
796 | type, fp); | ||
797 | error("Please contact your system administrator."); | ||
798 | error("Add correct host key in %.100s to get rid of this message.", | 790 | error("Add correct host key in %.100s to get rid of this message.", |
799 | user_hostfile); | 791 | user_hostfile); |
800 | error("Offending key in %s:%d", host_file, host_line); | 792 | error("Offending key in %s:%d", host_file, host_line); |
801 | xfree(fp); | ||
802 | 793 | ||
803 | /* | 794 | /* |
804 | * If strict host key checking is in use, the user will have | 795 | * If strict host key checking is in use, the user will have |
@@ -1045,3 +1036,25 @@ show_other_keys(const char *host, Key *key) | |||
1045 | } | 1036 | } |
1046 | return (found); | 1037 | return (found); |
1047 | } | 1038 | } |
1039 | |||
1040 | static void | ||
1041 | warn_changed_key(Key *host_key) | ||
1042 | { | ||
1043 | char *fp; | ||
1044 | char *type = key_type(host_key); | ||
1045 | |||
1046 | fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); | ||
1047 | |||
1048 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); | ||
1049 | error("@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @"); | ||
1050 | error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); | ||
1051 | error("IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!"); | ||
1052 | error("Someone could be eavesdropping on you right now (man-in-the-middle attack)!"); | ||
1053 | error("It is also possible that the %s host key has just been changed.", type); | ||
1054 | error("The fingerprint for the %s key sent by the remote host is\n%s.", | ||
1055 | type, fp); | ||
1056 | error("Please contact your system administrator."); | ||
1057 | |||
1058 | xfree(fp); | ||
1059 | xfree(type); | ||
1060 | } | ||