Displaying 3 results from an estimated 3 matches for "dns_verify_secure".
2014 Mar 26
1
SSHFP issue
Have you seen this?
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742513
--mancha
2015 Jun 22
2
Small issue with DNSSEC / SSHFP
...ey fingerprint"
+ "Matching host key fingerprint"
" found in DNS.\n");
}
snprintf(msg, sizeof(msg),
@@ -1295,6 +1301,9 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
r = 0;
goto out;
}
+ if (flags & DNS_VERIFY_SECURE) {
+ dns_secure = 1;
+ }
if (flags & DNS_VERIFY_MATCH) {
matching_host_key_dns = 1;
} else {
2010 Nov 28
2
[PATCH] Use canonical hostname for DNS SSHFP lookup
...lt) {
verbose("DNS lookup error: %s", dns_result_totext(result));
diff -ur openssh/dns.h openssh-sshfp/dns.h
--- openssh/dns.h 2010-02-26 21:55:05.000000000 +0100
+++ openssh-sshfp/dns.h 2010-11-28 10:34:56.536431386 +0100
@@ -46,7 +46,8 @@
#define DNS_VERIFY_MATCH 0x00000002
#define DNS_VERIFY_SECURE 0x00000004
-int verify_host_key_dns(const char *, struct sockaddr *, Key *, int *);
+int verify_host_key_dns(const char *, struct sockaddr *, Key *, int *,
+ const char *);
int export_dns_rr(const char *, Key *, FILE *, int);
#endif /* DNS_H */
diff -ur openssh/openbsd-compat/fake-rfc2553....