Add '-y' option to dbclient to accept the host key without checking

- patch from Luciano Miguel Ferreira Rocha. --HG-- extra : convert_revision : 924b731b50d4147eed8e9382c98a2573259a6cad
author: Matt Johnston <matt@ucc.asn.au> 2007-02-11 08:50:21 +0000
committer: Matt Johnston <matt@ucc.asn.au> 2007-02-11 08:50:21 +0000
commit: cd0a08896c83ab20f7cc04e755ce38b1525d47a3 (patch)
tree: 627e0a8c374d5c3dd2699470756b5267b34ee587 /cli-kex.c
parent: fc0e723805fa1940c15d4ffafbf950a7e1790af8 (diff)
1 files changed, 27 insertions, 18 deletions
diff --git a/cli-kex.c b/cli-kex.c
index 467ae23..d8e15b6 100644
--- a/cli-kex.c
+++ b/cli-kex.c
@@ -119,6 +119,13 @@ static void ask_to_confirm(unsigned char* keyblob, unsigned int keybloblen) {
 	char response = 'z';
 
 	fp = sign_key_fingerprint(keyblob, keybloblen);
+	if (cli_opts.always_accept_key) {
+		fprintf(stderr, "\nHost '%s' key accepted unconditionally.\n(fingerprint %s)\n",
+				cli_opts.remotehost,
+				fp);
+		m_free(fp);
+		return;
+	}
 	fprintf(stderr, "\nHost '%s' is not in the trusted hosts file.\n(fingerprint %s)\nDo you want to continue connecting? (y/n)\n", 
 			cli_opts.remotehost, 
 			fp);
@@ -268,24 +275,26 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
 		goto out;
 	}
 
-	/* put the new entry in the file */
-	fseek(hostsfile, 0, SEEK_END); /* In case it wasn't opened append */
-	buf_setpos(line, 0);
-	buf_setlen(line, 0);
-	buf_putbytes(line, ses.remotehost, hostlen);
-	buf_putbyte(line, ' ');
-	buf_putbytes(line, algoname, algolen);
-	buf_putbyte(line, ' ');
-	len = line->size - line->pos;
-	TRACE(("keybloblen %d, len %d", keybloblen, len))
-	/* The only failure with base64 is buffer_overflow, but buf_getwriteptr
-	 * will die horribly in the case anyway */
-	base64_encode(keyblob, keybloblen, buf_getwriteptr(line, len), &len);
-	buf_incrwritepos(line, len);
-	buf_putbyte(line, '\n');
-	buf_setpos(line, 0);
-	fwrite(buf_getptr(line, line->len), line->len, 1, hostsfile);
-	/* We ignore errors, since there's not much we can do about them */
+	if (!cli_opts.always_accept_key) {
+		/* put the new entry in the file */
+		fseek(hostsfile, 0, SEEK_END); /* In case it wasn't opened append */
+		buf_setpos(line, 0);
+		buf_setlen(line, 0);
+		buf_putbytes(line, ses.remotehost, hostlen);
+		buf_putbyte(line, ' ');
+		buf_putbytes(line, algoname, algolen);
+		buf_putbyte(line, ' ');
+		len = line->size - line->pos;
+		TRACE(("keybloblen %d, len %d", keybloblen, len))
+		/* The only failure with base64 is buffer_overflow, but buf_getwriteptr
+		 * will die horribly in the case anyway */
+		base64_encode(keyblob, keybloblen, buf_getwriteptr(line, len), &len);
+		buf_incrwritepos(line, len);
+		buf_putbyte(line, '\n');
+		buf_setpos(line, 0);
+		fwrite(buf_getptr(line, line->len), line->len, 1, hostsfile);
+		/* We ignore errors, since there's not much we can do about them */
+	}
 
 out:
 	if (hostsfile != NULL) {
author	Matt Johnston <matt@ucc.asn.au>	2007-02-11 08:50:21 +0000
committer	Matt Johnston <matt@ucc.asn.au>	2007-02-11 08:50:21 +0000
commit	cd0a08896c83ab20f7cc04e755ce38b1525d47a3 (patch)
tree	627e0a8c374d5c3dd2699470756b5267b34ee587 /cli-kex.c
parent	fc0e723805fa1940c15d4ffafbf950a7e1790af8 (diff)