From: dtucker@openbsd.org Date: Wed, 22 Jan 2020 07:38:30 +0000 (+0000) Subject: upstream: Ignore whitespace when checking explict fingerprint. X-Git-Tag: V_8_2_P1~100 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=65cf8730de6876a56595eef296e07a86c52534a6;p=thirdparty%2Fopenssh-portable.git upstream: Ignore whitespace when checking explict fingerprint. When confirming a host key using the fingerprint itself, ignore leading and trailing whitespace. ok deraadt@ djm@ OpenBSD-Commit-ID: cafd7f803bbdcd40c3a8f8f1a77747e6b6d8c011 --- diff --git a/sshconnect.c b/sshconnect.c index 2b9ce9ddd..a2d759819 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.325 2020/01/11 16:23:10 naddy Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.326 2020/01/22 07:38:30 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -580,22 +580,23 @@ confirm(const char *prompt, const char *fingerprint) { const char *msg, *again = "Please type 'yes' or 'no': "; const char *again_fp = "Please type 'yes', 'no' or the fingerprint: "; - char *p; + char *p, *cp; int ret = -1; if (options.batch_mode) return 0; for (msg = prompt;;msg = fingerprint ? again_fp : again) { - p = read_passphrase(msg, RP_ECHO); + cp = p = read_passphrase(msg, RP_ECHO); if (p == NULL) return 0; - p[strcspn(p, "\n")] = '\0'; + p += strspn(p, " \t"); /* skip leading whitespace */ + p[strcspn(p, " \t\n")] = '\0'; /* remove trailing whitespace */ if (p[0] == '\0' || strcasecmp(p, "no") == 0) ret = 0; else if (strcasecmp(p, "yes") == 0 || (fingerprint != NULL && strcasecmp(p, fingerprint) == 0)) ret = 1; - free(p); + free(cp); if (ret != -1) return ret; }