ViewMTN: Diff from [e73ee8f7..] to [be0d8378..]

ViewMTN — Everything : Branches | Tags | Help | About | Change DB
Revision [e73ee8f7..]: Info | Browse Files | Download (tar)
The unified diff between revisions [e73ee8f7..] and [be0d8378..] is displayed below. It can also be downloaded as a raw diff.
#
#
# patch "cli-kex.c"
#  from [28231814a32f302b4dc82265fecf9d4850e5a001]
#    to [8cac0dbd66fc5cb3d910bef9595bf5f0a8c56e66]
#
# patch "cli-runopts.c"
#  from [6a6f634337cefabf1ad42bd5a70bd38473f6f0de]
#    to [9b3c952520dd745de479bb17ce3c7d7d8d871c37]
#
# patch "configure.in"
#  from [0e6fcb908e32067628ef609f0676eb6580ef68a2]
#    to [63e5a7cdd159500cc7a91fc3b4750f97be61e57f]
#
# patch "runopts.h"
#  from [96bb6e259d26d49dd72be4d57bed9b6f0ea58753]
#    to [d32c789e8ea28ff0f75b3e36cce106da2a831923]
#
============================================================
--- cli-kex.c	28231814a32f302b4dc82265fecf9d4850e5a001
+++ cli-kex.c	8cac0dbd66fc5cb3d910bef9595bf5f0a8c56e66
@@ -119,6 +119,13 @@ static void ask_to_confirm(unsigned char
 	char response = 'z';

 	fp = sign_key_fingerprint(keyblob, keybloblen);
+	if (cli_opts.always_accept_key) {
+		fprintf(stderr, "\nHost '%s' key accepted unconditionally.\n(fingerprint %s)\n",
+				cli_opts.remotehost,
+				fp);
+		m_free(fp);
+		return;
+	}
 	fprintf(stderr, "\nHost '%s' is not in the trusted hosts file.\n(fingerprint %s)\nDo you want to continue connecting? (y/n)\n",
 			cli_opts.remotehost,
 			fp);
@@ -268,24 +275,26 @@ static void checkhostkey(unsigned char*
 		goto out;
 	}

-	/* put the new entry in the file */
-	fseek(hostsfile, 0, SEEK_END); /* In case it wasn't opened append */
-	buf_setpos(line, 0);
-	buf_setlen(line, 0);
-	buf_putbytes(line, ses.remotehost, hostlen);
-	buf_putbyte(line, ' ');
-	buf_putbytes(line, algoname, algolen);
-	buf_putbyte(line, ' ');
-	len = line->size - line->pos;
-	TRACE(("keybloblen %d, len %d", keybloblen, len))
-	/* The only failure with base64 is buffer_overflow, but buf_getwriteptr
-	 * will die horribly in the case anyway */
-	base64_encode(keyblob, keybloblen, buf_getwriteptr(line, len), &len);
-	buf_incrwritepos(line, len);
-	buf_putbyte(line, '\n');
-	buf_setpos(line, 0);
-	fwrite(buf_getptr(line, line->len), line->len, 1, hostsfile);
-	/* We ignore errors, since there's not much we can do about them */
+	if (!cli_opts.always_accept_key) {
+		/* put the new entry in the file */
+		fseek(hostsfile, 0, SEEK_END); /* In case it wasn't opened append */
+		buf_setpos(line, 0);
+		buf_setlen(line, 0);
+		buf_putbytes(line, ses.remotehost, hostlen);
+		buf_putbyte(line, ' ');
+		buf_putbytes(line, algoname, algolen);
+		buf_putbyte(line, ' ');
+		len = line->size - line->pos;
+		TRACE(("keybloblen %d, len %d", keybloblen, len))
+		/* The only failure with base64 is buffer_overflow, but buf_getwriteptr
+		 * will die horribly in the case anyway */
+		base64_encode(keyblob, keybloblen, buf_getwriteptr(line, len), &len);
+		buf_incrwritepos(line, len);
+		buf_putbyte(line, '\n');
+		buf_setpos(line, 0);
+		fwrite(buf_getptr(line, line->len), line->len, 1, hostsfile);
+		/* We ignore errors, since there's not much we can do about them */
+	}

 out:
 	if (hostsfile != NULL) {
============================================================
--- cli-runopts.c	6a6f634337cefabf1ad42bd5a70bd38473f6f0de
+++ cli-runopts.c	9b3c952520dd745de479bb17ce3c7d7d8d871c37
@@ -52,6 +52,7 @@ static void printhelp() {
 					"-T    Don't allocate a pty\n"
 					"-N    Don't run a remote command\n"
 					"-f    Run in background after auth\n"
+					"-y    Always accept remote host key if unknown\n"
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 					"-i <identityfile>   (multiple allowed)\n"
 #endif
@@ -93,6 +94,7 @@ void cli_getopts(int argc, char ** argv)
 	cli_opts.no_cmd = 0;
 	cli_opts.backgrounded = 0;
 	cli_opts.wantpty = 9; /* 9 means "it hasn't been touched", gets set later */
+	cli_opts.always_accept_key = 0;
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 	cli_opts.privkeys = NULL;
 #endif
@@ -148,6 +150,9 @@ void cli_getopts(int argc, char ** argv)
 			/* A flag *waves* */

 			switch (argv[i][1]) {
+				case 'y': /* always accept the remote hostkey */
+					cli_opts.always_accept_key = 1;
+					break;
 				case 'p': /* remoteport */
 					next = &cli_opts.remoteport;
 					break;
============================================================
--- configure.in	0e6fcb908e32067628ef609f0676eb6580ef68a2
+++ configure.in	63e5a7cdd159500cc7a91fc3b4750f97be61e57f
@@ -612,7 +612,7 @@ if test -z "$no_ptc_check" ; then
 	if test x"$cross_compiling" = x"no" ; then
 		AC_CHECK_FILE("/dev/ptc", AC_DEFINE(HAVE_DEV_PTS_AND_PTC,,Use /dev/ptc & /dev/pts))
 	else
-		AC_MSG_NOTICE(Not checking for /dev/ptc & /dev/pts\, we're cross-compiling)
+		AC_MSG_NOTICE(Not checking for /dev/ptc & /dev/pts since we're cross-compiling)
 	fi
 fi

============================================================
--- runopts.h	96bb6e259d26d49dd72be4d57bed9b6f0ea58753
+++ runopts.h	d32c789e8ea28ff0f75b3e36cce106da2a831923
@@ -102,6 +102,7 @@ typedef struct cli_runopts {

 	char *cmd;
 	int wantpty;
+	int always_accept_key;
 	int no_cmd;
 	int backgrounded;
 #ifdef ENABLE_CLI_PUBKEY_AUTH