From: djm@openbsd.org Date: Thu, 30 Jan 2020 22:19:32 +0000 (+0000) Subject: upstream: enable UpdateKnownHosts=yes if the configuration X-Git-Tag: V_8_2_P1~32 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d53a518536c552672c00e8892e2aea28f664148c;p=thirdparty%2Fopenssh-portable.git upstream: enable UpdateKnownHosts=yes if the configuration specifies only the default known_hosts files, otherwise select UpdateKnownHosts=ask; ok markus@ OpenBSD-Commit-ID: ab401a5ec4a33d2e1a9449eae6202e4b6d427df7 --- diff --git a/readconf.c b/readconf.c index 36312d583..a6a160182 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.323 2020/01/25 00:22:31 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.324 2020/01/30 22:19:32 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2110,6 +2110,19 @@ fill_default_options(Options * options) options->system_hostfiles[options->num_system_hostfiles++] = xstrdup(_PATH_SSH_SYSTEM_HOSTFILE2); } + if (options->update_hostkeys == -1) { + /* + * Enable UpdateHostKeys non-interactively if the user has + * not overridden the default known_hosts selection, or has + * overridden it with the default. Otherwise, prompt. + */ + if (options->num_user_hostfiles == 0 || + (options->num_user_hostfiles == 1 && strcmp(options-> + user_hostfiles[0], _PATH_SSH_USER_HOSTFILE) == 0)) + options->update_hostkeys = SSH_UPDATE_HOSTKEYS_YES; + else + options->update_hostkeys = SSH_UPDATE_HOSTKEYS_ASK; + } if (options->num_user_hostfiles == 0) { options->user_hostfiles[options->num_user_hostfiles++] = xstrdup(_PATH_SSH_USER_HOSTFILE); @@ -2170,8 +2183,6 @@ fill_default_options(Options * options) options->canonicalize_hostname = SSH_CANONICALISE_NO; if (options->fingerprint_hash == -1) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; - if (options->update_hostkeys == -1) - options->update_hostkeys = SSH_UPDATE_HOSTKEYS_ASK; #ifdef ENABLE_SK_INTERNAL if (options->sk_provider == NULL) options->sk_provider = xstrdup("internal");