upstream: enable UpdateKnownHosts=yes if the configuration

specifies only the default known_hosts files, otherwise select UpdateKnownHosts=ask; ok markus@ OpenBSD-Commit-ID: ab401a5ec4a33d2e1a9449eae6202e4b6d427df7
2020-01-30 22:19:32 +00:00 · 2020-01-30 22:19:32 +00:00 · d53a518536
parent bb63ff844e
commit d53a518536
1 changed files with 14 additions and 3 deletions
--- a/readconf.c
+++ b/readconf.c
@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.323 2020/01/25 00:22:31 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.324 2020/01/30 22:19:32 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -2110,6 +2110,19 @@ fill_default_options(Options * options)
 		options->system_hostfiles[options->num_system_hostfiles++] =
 		    xstrdup(_PATH_SSH_SYSTEM_HOSTFILE2);
 	}
+	if (options->update_hostkeys == -1) {
+		/*
+		 * Enable UpdateHostKeys non-interactively if the user has
+		 * not overridden the default known_hosts selection, or has
+		 * overridden it with the default. Otherwise, prompt.
+		 */
+		if (options->num_user_hostfiles == 0 ||
+		    (options->num_user_hostfiles == 1 && strcmp(options->
+		    user_hostfiles[0], _PATH_SSH_USER_HOSTFILE) == 0))
+			options->update_hostkeys = SSH_UPDATE_HOSTKEYS_YES;
+		else
+			options->update_hostkeys = SSH_UPDATE_HOSTKEYS_ASK;
+	}
 	if (options->num_user_hostfiles == 0) {
 		options->user_hostfiles[options->num_user_hostfiles++] =
 		    xstrdup(_PATH_SSH_USER_HOSTFILE);
@ -2170,8 +2183,6 @@ fill_default_options(Options * options)
 		options->canonicalize_hostname = SSH_CANONICALISE_NO;
 	if (options->fingerprint_hash == -1)
 		options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
-	if (options->update_hostkeys == -1)
-		options->update_hostkeys = SSH_UPDATE_HOSTKEYS_ASK;
 #ifdef ENABLE_SK_INTERNAL
 	if (options->sk_provider == NULL)
 		options->sk_provider = xstrdup("internal");