tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-27 15:54:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

upstream: allow UserKnownHostsFile=none; feedback and ok markus@

Browse Source 
OpenBSD-Commit-ID: c46d515eac94a35a1d50d5fd71c4b1ca53334b48
This commit is contained in:
djm@openbsd.org 2020-12-20 23:38:00 +00:00 committed by Damien Miller
parent b4c7cd1185
commit 729b05f59d
2 changed files with 35 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
ssh.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh.c,v 1.544 2020/12/17 23:26:11 djm Exp $ */ /* $OpenBSD: ssh.c,v 1.545 2020/12/20 23:38:00 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1441,18 +1441,36 @@ main(int ac, char **av)
options.forward_agent_sock_path = cp; options.forward_agent_sock_path = cp;
} }
if (options.num_system_hostfiles > 0 &&
strcasecmp(options.system_hostfiles[0], "none") == 0) {
if (options.num_system_hostfiles > 1)
fatal("Invalid GlobalKnownHostsFiles: \"none\" "
"appears with other entries");
free(options.system_hostfiles[0]);
options.system_hostfiles[0] = NULL;
options.num_system_hostfiles = 0;
}
if (options.num_user_hostfiles > 0 &&
strcasecmp(options.user_hostfiles[0], "none") == 0) {
if (options.num_user_hostfiles > 1)
fatal("Invalid UserKnownHostsFiles: \"none\" "
"appears with other entries");
free(options.user_hostfiles[0]);
options.user_hostfiles[0] = NULL;
options.num_user_hostfiles = 0;
}
for (j = 0; j < options.num_user_hostfiles; j++) { for (j = 0; j < options.num_user_hostfiles; j++) {
if (options.user_hostfiles[j] != NULL) { if (options.user_hostfiles[j] == NULL)
cp = tilde_expand_filename(options.user_hostfiles[j], continue;
getuid()); cp = tilde_expand_filename(options.user_hostfiles[j], getuid());
p = default_client_percent_dollar_expand(cp, cinfo); p = default_client_percent_dollar_expand(cp, cinfo);
if (strcmp(options.user_hostfiles[j], p) != 0) if (strcmp(options.user_hostfiles[j], p) != 0)
debug3("expanded UserKnownHostsFile '%s' -> " debug3("expanded UserKnownHostsFile '%s' -> "
"'%s'", options.user_hostfiles[j], p); "'%s'", options.user_hostfiles[j], p);
free(options.user_hostfiles[j]); free(options.user_hostfiles[j]);
free(cp); free(cp);
options.user_hostfiles[j] = p; options.user_hostfiles[j] = p;
}
} }
for (i = 0; i < options.num_local_forwards; i++) { for (i = 0; i < options.num_local_forwards; i++) {

6
sshconnect.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshconnect.c,v 1.346 2020/12/20 23:36:51 djm Exp $ */ /* $OpenBSD: sshconnect.c,v 1.347 2020/12/20 23:38:00 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -949,6 +949,10 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
host_status = check_key_in_hostkeys(host_hostkeys, host_key, host_status = check_key_in_hostkeys(host_hostkeys, host_key,
&host_found); &host_found);
/* If no host files were specified, then don't try to touch them */
if (!readonly && num_user_hostfiles == 0)
readonly = RDONLY;
/* /*
* Also perform check for the ip address, skip the check if we are * Also perform check for the ip address, skip the check if we are
* localhost, looking for a certificate, or the hostname was an ip * localhost, looking for a certificate, or the hostname was an ip