experimental DNS fingerprint
Roumen Petrov
openssh at roumenpetrov.info
Mon Jun 30 19:19:23 EST 2003
P.S.: libresolv is from glibc 2.2.5. Work with 2.2.4 and 2.2.3 too.
Roumen Petrov wrote:
> Please find attached file "configure.ac+dns.patch".
> This patch allow to compile current (30 Jun 2003) with options
> --with-dns on my platform.
>
> Output from "ssh -v -o VerifyHostKeyDNS=yes ..." follow:
> ...
> debug1: found 1 fingerprints in DNS
> debug1: matching host key fingerprint found in DNS
> ...
>
>------------------------------------------------------------------------
>
>Index: configure.ac
>===================================================================
>RCS file: /cvs/openssh/configure.ac,v
>retrieving revision 1.129
>diff -u -r1.129 configure.ac
>--- configure.ac 29 Jun 2003 11:30:41 -0000 1.129
>+++ configure.ac 30 Jun 2003 08:57:40 -0000
>@@ -1876,7 +1876,13 @@
> DNS_MSG="yes"
> AC_DEFINE(DNS)
> AC_SEARCH_LIBS(getrrsetbyname, resolv,
>- [AC_DEFINE(HAVE_GETRRSETBYNAME)])
>+ [AC_DEFINE(HAVE_GETRRSETBYNAME)],
>+ [
>+ dnl getrrsetbyname implementation need next functions
>+ AC_SEARCH_LIBS(res_query, resolv)
>+ AC_SEARCH_LIBS(dn_expand, resolv)
>+ ]
>+ )
> fi
> ]
> )
>
>
--
Get X.509 certificate support in OpenSSH:
http://roumenpetrov.info/openssh
More information about the openssh-unix-dev
mailing list