[PATCH] unconditionally accept host key

[Luciano Miguel Ferreira Rocha]

Hello,

The attached patch adds a new option, -y, to the dropbear client,
version 0.48.1.

I need it when running dropbear in scripts (as rsync transport
mechanism, for example).

Note, the patch adds to usage() the line:
"-y accept remote host keys, if unknown\n", but, as far as I can tell,
dropbear considers unknown and unmatched host keys simply as unknown.

-- 
lfr
0/0

diff -ur dropbear-0.48.1.orig/cli-kex.c dropbear-0.48.1/cli-kex.c
--- dropbear-0.48.1.orig/cli-kex.c      2006-03-12 04:52:52.000000000 +0000
+++ dropbear-0.48.1/cli-kex.c   2006-12-20 19:29:17.000000000 +0000
@@ -119,6 +119,13 @@
        char response = 'z';
 
        fp = sign_key_fingerprint(keyblob, keybloblen);
+       if (cli_opts.acceptkey) {
+               fprintf(stderr, "\nHost '%s' unconditionally added to the 
trusted hosts file.\n(fingerprint %s)\n",
+                               cli_opts.remotehost,
+                               fp);
+               m_free(fp);
+               return;
+       }
        fprintf(stderr, "\nHost '%s' is not in the trusted hosts 
file.\n(fingerprint %s)\nDo you want to continue connecting? (y/n)\n", 
                        cli_opts.remotehost, 
                        fp);
diff -ur dropbear-0.48.1.orig/cli-runopts.c dropbear-0.48.1/cli-runopts.c
--- dropbear-0.48.1.orig/cli-runopts.c  2006-03-12 04:52:52.000000000 +0000
+++ dropbear-0.48.1/cli-runopts.c       2006-12-20 20:29:06.000000000 +0000
@@ -46,6 +46,7 @@
        fprintf(stderr, "Dropbear client v%s\n"
                                        "Usage: %s [options] [EMAIL PROTECTED]"
                                        "Options are:\n"
+                                       "-y accept remote host keys, if 
unknown\n"
                                        "-p <remoteport>\n"
                                        "-l <username>\n"
                                        "-t    Allocate a pty\n"
@@ -89,6 +90,7 @@
        cli_opts.username = NULL;
        cli_opts.cmd = NULL;
        cli_opts.wantpty = 9; /* 9 means "it hasn't been touched", gets set 
later */
+       cli_opts.acceptkey = 0;
 #ifdef ENABLE_CLI_PUBKEY_AUTH
        cli_opts.privkeys = NULL;
 #endif
@@ -144,6 +146,9 @@
                        /* A flag *waves* */
 
                        switch (argv[i][1]) {
+                               case 'y': /* we want a pty */
+                                       cli_opts.acceptkey = 1;
+                                       break;
                                case 'p': /* remoteport */
                                        next = &cli_opts.remoteport;
                                        break;
diff -ur dropbear-0.48.1.orig/runopts.h dropbear-0.48.1/runopts.h
--- dropbear-0.48.1.orig/runopts.h      2006-03-12 04:52:51.000000000 +0000
+++ dropbear-0.48.1/runopts.h   2006-12-20 19:22:21.000000000 +0000
@@ -101,6 +101,7 @@
 
        char *cmd;
        int wantpty;
+       int acceptkey;
 #ifdef ENABLE_CLI_PUBKEY_AUTH
        struct SignKeyList *privkeys; /* Keys to use for public-key auth */
 #endif

pgpfUJ3wxg5Gq.pgp
Description: PGP signature