svnno****@sourc*****
svnno****@sourc*****
2015年 5月 9日 (土) 18:26:25 JST
Tera TermRevision: 5854
http://sourceforge.jp/projects/ttssh2/scm/svn/commits/5854
Author: yutakapon
Date: 2015-05-09 18:26:23 +0900 (Sat, 09 May 2015)
Log Message:
-----------
チケット #35047 SSH サーバホスト公開鍵の自動更新
ポップアップメッセージの指摘事項をフィードバックした。
http://logmett.com/forum/viewtopic.php?f=2&t=2740
Ticket Links:
------------
http://sourceforge.jp/projects/ttssh2/tracker/detail/35047
Modified Paths:
--------------
trunk/ttssh2/ttxssh/key.c
-------------- next part --------------
Modified: trunk/ttssh2/ttxssh/key.c
===================================================================
--- trunk/ttssh2/ttxssh/key.c 2015-05-07 16:38:03 UTC (rev 5853)
+++ trunk/ttssh2/ttxssh/key.c 2015-05-09 09:26:23 UTC (rev 5854)
@@ -1916,9 +1916,12 @@
{
size_t i;
int dlgresult;
- char msg[1024];
+ char msg[1024], tmp[128];
char *fp;
+ char *host;
+ host = pvar->ssh_state.hostname;
+
// "/nosecuritywarning"\x82\xAA\x8Ew\x92肳\x82\xEA\x82Ă\xA2\x82\xE9\x8Fꍇ\x81A\x8DX\x90V\x82͈\xEA\x90؍s\x82\xED\x82Ȃ\xA2\x81B
if (pvar->nocheck_known_hosts) {
_snprintf_s(msg, sizeof(msg), _TRUNCATE, "Hostkey was not updated because `/nosecuritywarning' option was specified.");
@@ -1929,24 +1932,28 @@
// known_hosts\x83t\x83@\x83C\x83\x8B\x82̍X\x90V\x82\xF0\x8Ds\x82\xA4\x82\xBD\x82߁A\x83\x86\x81[\x83U\x82ɖ₢\x8D\x87\x82킹\x82\xF0\x8Ds\x82\xA4\x81B
if (pvar->settings.UpdateHostkeys == SSH_UPDATE_HOSTKEYS_ASK) {
_snprintf_s(msg, sizeof(msg), _TRUNCATE,
- "Are you sure you want to accept updated hostkeys?\n\n"
- "A user has been received complete hostkeys from a remote server.\n"
- "Your known_hosts file can be updated to the latest public hostkeys \n"
- "because the file does not contain in the following keys:\n\n"
+ "Remote server \"%s\" sent the set of host keys which are absent in your list of known hosts. \n"
+ "The machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\n"
+ "If you approve to add %u latest keys and remove %u osbolete keys from this machine to the known hosts list and continue, then you will not receive this warning again.\n\n"
+ , host, ctx->nnew, ctx->nold
);
- for (i = 0; i < ctx->nkeys; i++) {
- if (ctx->keys_seen[i])
- continue;
- fp = key_fingerprint(ctx->keys[i], SSH_FP_HEX);
- strcat_s(msg, sizeof(msg), get_sshname_from_key(ctx->keys[i]));
- strcat_s(msg, sizeof(msg), " ");
- strcat_s(msg, sizeof(msg), fp);
- strcat_s(msg, sizeof(msg), "\n");
- free(fp);
+ if (ctx->nnew > 0) {
+ _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, "%u latest keys:\n", ctx->nnew);
+ strcat_s(msg, sizeof(msg), tmp);
+ for (i = 0; i < ctx->nkeys; i++) {
+ if (ctx->keys_seen[i])
+ continue;
+ fp = key_fingerprint(ctx->keys[i], SSH_FP_HEX);
+ strcat_s(msg, sizeof(msg), get_sshname_from_key(ctx->keys[i]));
+ strcat_s(msg, sizeof(msg), " ");
+ strcat_s(msg, sizeof(msg), fp);
+ strcat_s(msg, sizeof(msg), "\n");
+ free(fp);
+ }
}
- dlgresult = MessageBox(NULL, msg, "TTSSH: confirm", MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2);
+ dlgresult = MessageBox(NULL, msg, "TTSSH: SECURITY WARNING", MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2);
if (dlgresult != IDYES) {
_snprintf_s(msg, sizeof(msg), _TRUNCATE, "Hostkey was not updated because a user cancelled.");
notify_verbose_message(pvar, msg, LOG_LEVEL_VERBOSE);