Add '-y' option to dbclient to accept the host key without checking

- patch from Luciano Miguel Ferreira Rocha. --HG-- extra : convert_revision : 924b731b50d4147eed8e9382c98a2573259a6cad
2025-01-31 10:57:01 +00:00 · 2007-02-11 08:50:21 +00:00 · 2007-02-11 08:50:21 +00:00 · cd0a08896c
commit cd0a08896c
parent fc0e723805
3 changed files with 33 additions and 18 deletions
--- a/cli-kex.c
+++ b/cli-kex.c
@ -119,6 +119,13 @@ static void ask_to_confirm(unsigned char* keyblob, unsigned int keybloblen) {
 	char response = 'z';

 	fp = sign_key_fingerprint(keyblob, keybloblen);
+	if (cli_opts.always_accept_key) {
+		fprintf(stderr, "\nHost '%s' key accepted unconditionally.\n(fingerprint %s)\n",
+				cli_opts.remotehost,
+				fp);
+		m_free(fp);
+		return;
+	}
 	fprintf(stderr, "\nHost '%s' is not in the trusted hosts file.\n(fingerprint %s)\nDo you want to continue connecting? (y/n)\n", 
 			cli_opts.remotehost, 
 			fp);
@ -268,6 +275,7 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
 		goto out;
 	}

+	if (!cli_opts.always_accept_key) {
 		/* put the new entry in the file */
 		fseek(hostsfile, 0, SEEK_END); /* In case it wasn't opened append */
 		buf_setpos(line, 0);
@ -286,6 +294,7 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) {
 		buf_setpos(line, 0);
 		fwrite(buf_getptr(line, line->len), line->len, 1, hostsfile);
 		/* We ignore errors, since there's not much we can do about them */
+	}

 out:
 	if (hostsfile != NULL) {
--- a/cli-runopts.c
+++ b/cli-runopts.c
@ -52,6 +52,7 @@ static void printhelp() {
 					"-T    Don't allocate a pty\n"
 					"-N    Don't run a remote command\n"
 					"-f    Run in background after auth\n"
+					"-y    Always accept remote host key if unknown\n"
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 					"-i <identityfile>   (multiple allowed)\n"
 #endif
@ -93,6 +94,7 @@ void cli_getopts(int argc, char ** argv) {
 	cli_opts.no_cmd = 0;
 	cli_opts.backgrounded = 0;
 	cli_opts.wantpty = 9; /* 9 means "it hasn't been touched", gets set later */
+	cli_opts.always_accept_key = 0;
 #ifdef ENABLE_CLI_PUBKEY_AUTH
 	cli_opts.privkeys = NULL;
 #endif
@ -148,6 +150,9 @@ void cli_getopts(int argc, char ** argv) {
 			/* A flag *waves* */

 			switch (argv[i][1]) {
+				case 'y': /* always accept the remote hostkey */
+					cli_opts.always_accept_key = 1;
+					break;
 				case 'p': /* remoteport */
 					next = &cli_opts.remoteport;
 					break;
--- a/runopts.h
+++ b/runopts.h
@ -102,6 +102,7 @@ typedef struct cli_runopts {

 	char *cmd;
 	int wantpty;
+	int always_accept_key;
 	int no_cmd;
 	int backgrounded;
 #ifdef ENABLE_CLI_PUBKEY_AUTH