Displaying 1 result from an estimated 1 matches for "dns_secure".
2015 Jun 22
2
Small issue with DNSSEC / SSHFP
...Better diagnostic when DNSSEC validation fails.
diff --git a/sshconnect.c b/sshconnect.c
index f41960c..9f1eafa 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -71,6 +71,7 @@ char *server_version_string = NULL;
Key *previous_host_key = NULL;
static int matching_host_key_dns = 0;
+static int dns_secure = 0;
static pid_t proxy_command_pid = 0;
@@ -972,13 +973,18 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
fatal("%s: sshkey_fingerprint fail", __func__);
msg2[0] = '\0';
if (options.verify_host_key_dns) {
- if (matching_host_key_dn...