From 374c4f45cc8823a7bd7de12528b74dd860541d6c Mon Sep 17 00:00:00 2001 From: Jan Cholasta Date: Mon, 27 May 2013 17:10:59 +0200 Subject: SSH: Update known_hosts file after unsuccessful requests as well. https://fedorahosted.org/sssd/ticket/1949 --- src/responder/ssh/sshsrv_cmd.c | 56 +++++++++++++++++++++++++++--------------- 1 file changed, 36 insertions(+), 20 deletions(-) (limited to 'src') diff --git a/src/responder/ssh/sshsrv_cmd.c b/src/responder/ssh/sshsrv_cmd.c index bb765c628..76c364350 100644 --- a/src/responder/ssh/sshsrv_cmd.c +++ b/src/responder/ssh/sshsrv_cmd.c @@ -37,12 +37,11 @@ static errno_t ssh_cmd_parse_request(struct ssh_cmd_ctx *cmd_ctx); -static errno_t -ssh_cmd_done(struct ssh_cmd_ctx *cmd_ctx, - errno_t ret); - static errno_t ssh_user_pubkeys_search(struct ssh_cmd_ctx *cmd_ctx); +static errno_t +ssh_cmd_get_user_pubkeys_done(struct ssh_cmd_ctx *cmd_ctx, + errno_t ret); int sss_ssh_cmd_get_user_pubkeys(struct cli_ctx *cctx) @@ -85,11 +84,14 @@ sss_ssh_cmd_get_user_pubkeys(struct cli_ctx *cctx) ret = ssh_user_pubkeys_search(cmd_ctx); done: - return ssh_cmd_done(cmd_ctx, ret); + return ssh_cmd_get_user_pubkeys_done(cmd_ctx, ret); } static errno_t ssh_host_pubkeys_search(struct ssh_cmd_ctx *cmd_ctx); +static errno_t +ssh_cmd_get_host_pubkeys_done(struct ssh_cmd_ctx *cmd_ctx, + errno_t ret); static int sss_ssh_cmd_get_host_pubkeys(struct cli_ctx *cctx) @@ -128,7 +130,7 @@ sss_ssh_cmd_get_host_pubkeys(struct cli_ctx *cctx) ret = ssh_host_pubkeys_search(cmd_ctx); done: - return ssh_cmd_done(cmd_ctx, ret); + return ssh_cmd_get_host_pubkeys_done(cmd_ctx, ret); } static void @@ -283,7 +285,7 @@ ssh_user_pubkeys_search_dp_callback(uint16_t err_maj, } ret = ssh_user_pubkeys_search_next(cmd_ctx); - ssh_cmd_done(cmd_ctx, ret); + ssh_cmd_get_user_pubkeys_done(cmd_ctx, ret); } static errno_t @@ -337,9 +339,6 @@ ssh_host_pubkeys_search(struct ssh_cmd_ctx *cmd_ctx) return ssh_host_pubkeys_search_next(cmd_ctx); } -static errno_t -ssh_host_pubkeys_update_known_hosts(struct ssh_cmd_ctx *cmd_ctx); - static errno_t ssh_host_pubkeys_search_next(struct ssh_cmd_ctx *cmd_ctx) { @@ -379,9 +378,6 @@ ssh_host_pubkeys_search_next(struct ssh_cmd_ctx *cmd_ctx) return ENOENT; } - /* one result found */ - ssh_host_pubkeys_update_known_hosts(cmd_ctx); - return EOK; } @@ -402,7 +398,7 @@ ssh_host_pubkeys_search_dp_callback(uint16_t err_maj, } ret = ssh_host_pubkeys_search_next(cmd_ctx); - ssh_cmd_done(cmd_ctx, ret); + ssh_cmd_get_host_pubkeys_done(cmd_ctx, ret); } static char * @@ -568,12 +564,14 @@ ssh_host_pubkeys_update_known_hosts(struct ssh_cmd_ctx *cmd_ctx) return ENOMEM; } - ret = sysdb_update_ssh_known_host_expire(cmd_ctx->domain->sysdb, - cmd_ctx->domain, - cmd_ctx->name, now, - ssh_ctx->known_hosts_timeout); - if (ret != EOK) { - goto done; + if (cmd_ctx->domain) { + ret = sysdb_update_ssh_known_host_expire(cmd_ctx->domain->sysdb, + cmd_ctx->domain, + cmd_ctx->name, now, + ssh_ctx->known_hosts_timeout); + if (ret != EOK && ret != ENOENT) { + goto done; + } } /* write known_hosts file */ @@ -936,6 +934,24 @@ ssh_cmd_done(struct ssh_cmd_ctx *cmd_ctx, return EOK; } +static errno_t +ssh_cmd_get_user_pubkeys_done(struct ssh_cmd_ctx *cmd_ctx, + errno_t ret) +{ + return ssh_cmd_done(cmd_ctx, ret); +} + +static errno_t +ssh_cmd_get_host_pubkeys_done(struct ssh_cmd_ctx *cmd_ctx, + errno_t ret) +{ + if (ret == EOK || ret == ENOENT) { + ssh_host_pubkeys_update_known_hosts(cmd_ctx); + } + + return ssh_cmd_done(cmd_ctx, ret); +} + struct cli_protocol_version *register_cli_protocol_version(void) { static struct cli_protocol_version ssh_cli_protocol_version[] = { -- cgit