[openssh-commits] [openssh] 01/02: upstream: Ignore whitespace when checking explict fingerprint.
git+noreply at mindrot.org
git+noreply at mindrot.org
Thu Jan 23 13:45:28 AEDT 2020
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 65cf8730de6876a56595eef296e07a86c52534a6
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date: Wed Jan 22 07:38:30 2020 +0000
upstream: Ignore whitespace when checking explict fingerprint.
When confirming a host key using the fingerprint itself, ignore leading and
trailing whitespace. ok deraadt@ djm@
OpenBSD-Commit-ID: cafd7f803bbdcd40c3a8f8f1a77747e6b6d8c011
---
sshconnect.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/sshconnect.c b/sshconnect.c
index 2b9ce9dd..a2d75981 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.325 2020/01/11 16:23:10 naddy Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.326 2020/01/22 07:38:30 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -580,22 +580,23 @@ confirm(const char *prompt, const char *fingerprint)
{
const char *msg, *again = "Please type 'yes' or 'no': ";
const char *again_fp = "Please type 'yes', 'no' or the fingerprint: ";
- char *p;
+ char *p, *cp;
int ret = -1;
if (options.batch_mode)
return 0;
for (msg = prompt;;msg = fingerprint ? again_fp : again) {
- p = read_passphrase(msg, RP_ECHO);
+ cp = p = read_passphrase(msg, RP_ECHO);
if (p == NULL)
return 0;
- p[strcspn(p, "\n")] = '\0';
+ p += strspn(p, " \t"); /* skip leading whitespace */
+ p[strcspn(p, " \t\n")] = '\0'; /* remove trailing whitespace */
if (p[0] == '\0' || strcasecmp(p, "no") == 0)
ret = 0;
else if (strcasecmp(p, "yes") == 0 || (fingerprint != NULL &&
strcasecmp(p, fingerprint) == 0))
ret = 1;
- free(p);
+ free(cp);
if (ret != -1)
return ret;
}
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list