PATCH: incorrect behaviour of 'ssh-keygen -HF'

Jan Pechanec Jan.Pechanec at Sun.COM
Thu Oct 11 02:08:11 EST 2007


	hi, the corner case of '-HF' hashes the whole hostline and not just 
the host xor IP address which means that usually it will hash "HOST,IP". 
This will never be matched if manually included into the known_host file. 
Patch against 4.7p1 attached.

	J.

-- 
Jan Pechanec
-------------- next part --------------
--- openssh-4.7p1/ssh-keygen.c	Mon Feb 19 12:10:25 2007
+++ openssh-4.7p1-patched/ssh-keygen.c	Wed Oct 10 17:38:05 2007
@@ -598,7 +598,7 @@
 }
 
 static void
-print_host(FILE *f, char *name, Key *public, int hash)
+print_host(FILE *f, const char *name, Key *public, int hash)
 {
 	if (hash && (name = host_hash(name, NULL, 0)) == NULL)
 		fatal("hash_host failed");
@@ -726,7 +726,7 @@
 					printf("# Host %s found: "
 					    "line %d type %s\n", name,
 					    num, key_type(public));
-					print_host(out, cp, public, hash_hosts);
+					print_host(out, name, public, hash_hosts);
 				}
 				if (delete_host && !c)
 					print_host(out, cp, public, 0);


More information about the openssh-unix-dev mailing list