diff options
author | dtucker@openbsd.org <dtucker@openbsd.org> | 2021-07-19 03:13:28 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2021-07-19 13:46:13 +1000 |
commit | b75a80fa8369864916d4c93a50576155cad4df03 (patch) | |
tree | 547b6cc175b03a9603d4123a1133425f39e210b3 /dns.h | |
parent | 1cc1fd095393663cd72ddac927d82c6384c622ba (diff) | |
download | openssh-git-b75a80fa8369864916d4c93a50576155cad4df03.tar.gz |
upstream: Ensure that all returned SSHFP records for the specified host
name and hostkey type match instead of only one. While there, simplify the
code somewhat and add some debugging. Based on discussion in bz#3322, ok
djm@.
OpenBSD-Commit-ID: 0a6a0a476eb7f9dfe8fe2c05a1a395e3e9b22ee4
Diffstat (limited to 'dns.h')
-rw-r--r-- | dns.h | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: dns.h,v 1.18 2018/02/23 15:58:37 markus Exp $ */ +/* $OpenBSD: dns.h,v 1.19 2021/07/19 03:13:28 dtucker Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -50,6 +50,7 @@ enum sshfp_hashes { #define DNS_VERIFY_FOUND 0x00000001 #define DNS_VERIFY_MATCH 0x00000002 #define DNS_VERIFY_SECURE 0x00000004 +#define DNS_VERIFY_FAILED 0x00000008 int verify_host_key_dns(const char *, struct sockaddr *, struct sshkey *, int *); |