From 78913e0059a7f5ff1770488cdf49823e290daa45 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 13 Jun 2008 04:47:34 +1000 Subject: - grunk@cvs.openbsd.org 2008/06/12 00:13:55 [sshconnect.c] Make ssh print the random art also when ssh'ing to a host using IP only. spotted by naddy@, ok and help djm@ dtucker@ --- ChangeLog | 19 ++++++++++++++++++- sshconnect.c | 12 ++++++++++-- 2 files changed, 28 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index c62492eb1..83b74d13b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -47,6 +47,23 @@ will cause trouble in some cases. Also do a computation of -1 once, and not in a loop several times. spotted by otto@ + - dtucker@cvs.openbsd.org 2008/06/12 00:03:49 + [dns.c canohost.c sshconnect.c] + Do not pass "0" strings as ports to getaddrinfo because the lookups + can slow things down and we never use the service info anyway. bz + #859, patch from YOSHIFUJI Hideaki and John Devitofranceschi. ok + deraadt@ djm@ + djm belives that the reason for the "0" strings is to ensure that + it's not possible to call getaddrinfo with both host and port being + NULL. In the case of canohost.c host is a local array. In the + case of sshconnect.c, it's checked for null immediately before use. + In dns.c it ultimately comes from ssh.c:main() and is guaranteed to + be non-null but it's not obvious, so I added a warning message in + case it is ever passed a null. + - grunk@cvs.openbsd.org 2008/06/12 00:13:55 + [sshconnect.c] + Make ssh print the random art also when ssh'ing to a host using IP only. + spotted by naddy@, ok and help djm@ dtucker@ 20080611 - (djm) [channels.c configure.ac] @@ -4209,4 +4226,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4974 2008/06/12 18:45:50 dtucker Exp $ +$Id: ChangeLog,v 1.4975 2008/06/12 18:47:34 dtucker Exp $ diff --git a/sshconnect.c b/sshconnect.c index 0a4bf36b6..7602da340 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.205 2008/06/12 00:03:49 dtucker Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.206 2008/06/12 00:13:55 grunk Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -611,6 +611,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, char msg[1024]; int len, host_line, ip_line; const char *host_file = NULL, *ip_file = NULL; + int display_randomart; /* * Force accepting of the host key for loopback/localhost. The @@ -656,6 +657,13 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, } else { ip = xstrdup(""); } + + /* + * check_host_ip may be set to zero in the next step, so if it + * conveys a request to display the random art, save it away. + */ + display_randomart = (options.check_host_ip == SSHCTL_CHECKHOSTIP_FPR); + /* * Turn off check_host_ip if the connection is to localhost, via proxy * command or if we don't have a hostname to compare with @@ -740,7 +748,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, logit("Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts.", type, ip); - } else if (options.check_host_ip == SSHCTL_CHECKHOSTIP_FPR) { + } else if (display_randomart) { fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); ra = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_RANDOMART); -- cgit v1.2.3