summaryrefslogtreecommitdiff
path: root/sshconnect.c
diff options
context:
space:
mode:
Diffstat (limited to 'sshconnect.c')
-rw-r--r--sshconnect.c25
1 files changed, 15 insertions, 10 deletions
diff --git a/sshconnect.c b/sshconnect.c
index 3bc455eb4..f8450eadf 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect.c,v 1.188 2006/07/06 16:03:53 stevesk Exp $ */ 1/* $OpenBSD: sshconnect.c,v 1.189 2006/07/10 12:46:51 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -514,12 +514,12 @@ confirm(const char *prompt)
514 * is not valid. the user_hostfile will not be updated if 'readonly' is true. 514 * is not valid. the user_hostfile will not be updated if 'readonly' is true.
515 */ 515 */
516static int 516static int
517check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, 517check_host_key(char *hostname, struct sockaddr *hostaddr, Key *host_key,
518 int readonly, const char *user_hostfile, const char *system_hostfile) 518 int readonly, const char *user_hostfile, const char *system_hostfile)
519{ 519{
520 Key *file_key; 520 Key *file_key;
521 const char *type = key_type(host_key); 521 const char *type = key_type(host_key);
522 char *ip = NULL; 522 char *ip = NULL, *host = NULL;
523 char hostline[1000], *hostp, *fp; 523 char hostline[1000], *hostp, *fp;
524 HostStatus host_status; 524 HostStatus host_status;
525 HostStatus ip_status; 525 HostStatus ip_status;
@@ -570,7 +570,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
570 if (getnameinfo(hostaddr, salen, ntop, sizeof(ntop), 570 if (getnameinfo(hostaddr, salen, ntop, sizeof(ntop),
571 NULL, 0, NI_NUMERICHOST) != 0) 571 NULL, 0, NI_NUMERICHOST) != 0)
572 fatal("check_host_key: getnameinfo failed"); 572 fatal("check_host_key: getnameinfo failed");
573 ip = xstrdup(ntop); 573 ip = put_host_port(ntop, options.port);
574 } else { 574 } else {
575 ip = xstrdup("<no hostip for proxy command>"); 575 ip = xstrdup("<no hostip for proxy command>");
576 } 576 }
@@ -578,18 +578,21 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
578 * Turn off check_host_ip if the connection is to localhost, via proxy 578 * Turn off check_host_ip if the connection is to localhost, via proxy
579 * command or if we don't have a hostname to compare with 579 * command or if we don't have a hostname to compare with
580 */ 580 */
581 if (options.check_host_ip && 581 if (options.check_host_ip && (local ||
582 (local || strcmp(host, ip) == 0 || options.proxy_command != NULL)) 582 strcmp(hostname, ip) == 0 || options.proxy_command != NULL))
583 options.check_host_ip = 0; 583 options.check_host_ip = 0;
584 584
585 /* 585 /*
586 * Allow the user to record the key under a different name. This is 586 * Allow the user to record the key under a different name or
587 * useful for ssh tunneling over forwarded connections or if you run 587 * differentiate a non-standard port. This is useful for ssh
588 * multiple sshd's on different ports on the same machine. 588 * tunneling over forwarded connections or if you run multiple
589 * sshd's on different ports on the same machine.
589 */ 590 */
590 if (options.host_key_alias != NULL) { 591 if (options.host_key_alias != NULL) {
591 host = options.host_key_alias; 592 host = xstrdup(options.host_key_alias);
592 debug("using hostkeyalias: %s", host); 593 debug("using hostkeyalias: %s", host);
594 } else {
595 host = put_host_port(hostname, options.port);
593 } 596 }
594 597
595 /* 598 /*
@@ -851,10 +854,12 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
851 } 854 }
852 855
853 xfree(ip); 856 xfree(ip);
857 xfree(host);
854 return 0; 858 return 0;
855 859
856fail: 860fail:
857 xfree(ip); 861 xfree(ip);
862 xfree(host);
858 return -1; 863 return -1;
859} 864}
860 865
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-02 04:32:43 +0000