SSH: Expire hosts in known_hosts

author: Jan Cholasta <jcholast@redhat.com> 2012-09-25 04:29:29 -0400
committer: Jakub Hrozek <jhrozek@redhat.com> 2012-10-05 10:51:55 +0200
commit: 3882325ff60f89d0c312e9519bdfd1351978fd73 (patch)
tree: 1eb9a5b850ced04673a69c53f46d40d51384caa4 /src/responder/ssh/sshsrv.c
parent: 2d6836a90bd326391782a5753f70e8ba666b5def (diff)
download: sssd-3882325ff60f89d0c312e9519bdfd1351978fd73.tar.gz
sssd-3882325ff60f89d0c312e9519bdfd1351978fd73.tar.xz
sssd-3882325ff60f89d0c312e9519bdfd1351978fd73.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/src/responder/ssh/sshsrv.c b/src/responder/ssh/sshsrv.c
index a423231b..fe01f81f 100644
--- a/src/responder/ssh/sshsrv.c
+++ b/src/responder/ssh/sshsrv.c
@@ -141,6 +141,17 @@ int ssh_process_init(TALLOC_CTX *mem_ctx,
         return ret;
     }
 
+    /* Get ssh_known_hosts_timeout option */
+    ret = confdb_get_int(ssh_ctx->rctx->cdb,
+                         CONFDB_SSH_CONF_ENTRY, CONFDB_SSH_KNOWN_HOSTS_TIMEOUT,
+                         CONFDB_DEFAULT_SSH_KNOWN_HOSTS_TIMEOUT,
+                         &ssh_ctx->known_hosts_timeout);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_FATAL_FAILURE, ("Error reading from confdb (%d) [%s]\n",
+              ret, strerror(ret)));
+        return ret;
+    }
+
     DEBUG(SSSDBG_TRACE_FUNC, ("SSH Initialization complete\n"));
 
     return EOK;
author	Jan Cholasta <jcholast@redhat.com>	2012-09-25 04:29:29 -0400
committer	Jakub Hrozek <jhrozek@redhat.com>	2012-10-05 10:51:55 +0200
commit	3882325ff60f89d0c312e9519bdfd1351978fd73 (patch)
tree	1eb9a5b850ced04673a69c53f46d40d51384caa4 /src/responder/ssh/sshsrv.c
parent	2d6836a90bd326391782a5753f70e8ba666b5def (diff)
download	sssd-3882325ff60f89d0c312e9519bdfd1351978fd73.tar.gz sssd-3882325ff60f89d0c312e9519bdfd1351978fd73.tar.xz sssd-3882325ff60f89d0c312e9519bdfd1351978fd73.zip