-/* $OpenBSD: sshconnect.c,v 1.311 2019/01/19 21:36:38 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.312 2019/01/24 17:00:29 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
/* defaults to 'no' */
static int
-confirm(const char *prompt)
+confirm(const char *prompt, const char *fingerprint)
{
const char *msg, *again = "Please type 'yes' or 'no': ";
+ const char *again_fp = "Please type 'yes', 'no' or the fingerprint: ";
char *p;
int ret = -1;
if (options.batch_mode)
return 0;
- for (msg = prompt;;msg = again) {
+ for (msg = prompt;;msg = fingerprint ? again_fp : again) {
p = read_passphrase(msg, RP_ECHO);
if (p == NULL)
return 0;
p[strcspn(p, "\n")] = '\0';
if (p[0] == '\0' || strcasecmp(p, "no") == 0)
ret = 0;
- else if (strcasecmp(p, "yes") == 0)
+ else if (strcasecmp(p, "yes") == 0 || (fingerprint != NULL &&
+ strcasecmp(p, fingerprint) == 0))
ret = 1;
free(p);
if (ret != -1)
char msg[1024];
const char *type;
const struct hostkey_entry *host_found, *ip_found;
- int len, cancelled_forwarding = 0;
+ int len, cancelled_forwarding = 0, confirmed;
int local = sockaddr_is_local(hostaddr);
int r, want_cert = sshkey_is_cert(host_key), host_ip_differ = 0;
int hostkey_trusted = 0; /* Known or explicitly accepted by user */
"established%s\n"
"%s key fingerprint is %s.%s%s\n%s"
"Are you sure you want to continue connecting "
- "(yes/no)? ",
+ "(yes/no/[fingerprint])? ",
host, ip, msg1, type, fp,
options.visual_host_key ? "\n" : "",
options.visual_host_key ? ra : "",
msg2);
free(ra);
+ confirmed = confirm(msg, fp);
free(fp);
- if (!confirm(msg))
+ if (!confirmed)
goto fail;
hostkey_trusted = 1; /* user explicitly confirmed */
}
SSH_STRICT_HOSTKEY_ASK) {
strlcat(msg, "\nAre you sure you want "
"to continue connecting (yes/no)? ", sizeof(msg));
- if (!confirm(msg))
+ if (!confirm(msg, NULL))
goto fail;
} else if (options.strict_host_key_checking !=
SSH_STRICT_HOSTKEY_OFF) {
projects / thirdparty / openssh-portable.git / commitdiff
