summaryrefslogtreecommitdiff
path: root/dns.h
diff options
context:
space:
mode:
authordtucker@openbsd.org <dtucker@openbsd.org>2021-07-19 03:13:28 +0000
committerDarren Tucker <dtucker@dtucker.net>2021-07-19 13:46:13 +1000
commitb75a80fa8369864916d4c93a50576155cad4df03 (patch)
tree547b6cc175b03a9603d4123a1133425f39e210b3 /dns.h
parent1cc1fd095393663cd72ddac927d82c6384c622ba (diff)
downloadopenssh-git-b75a80fa8369864916d4c93a50576155cad4df03.tar.gz
upstream: Ensure that all returned SSHFP records for the specified host
name and hostkey type match instead of only one. While there, simplify the code somewhat and add some debugging. Based on discussion in bz#3322, ok djm@. OpenBSD-Commit-ID: 0a6a0a476eb7f9dfe8fe2c05a1a395e3e9b22ee4
Diffstat (limited to 'dns.h')
-rw-r--r--dns.h3
1 files changed, 2 insertions, 1 deletions
diff --git a/dns.h b/dns.h
index 91f3c632..c9b61c4f 100644
--- a/dns.h
+++ b/dns.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dns.h,v 1.18 2018/02/23 15:58:37 markus Exp $ */
+/* $OpenBSD: dns.h,v 1.19 2021/07/19 03:13:28 dtucker Exp $ */
/*
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -50,6 +50,7 @@ enum sshfp_hashes {
#define DNS_VERIFY_FOUND 0x00000001
#define DNS_VERIFY_MATCH 0x00000002
#define DNS_VERIFY_SECURE 0x00000004
+#define DNS_VERIFY_FAILED 0x00000008
int verify_host_key_dns(const char *, struct sockaddr *,
struct sshkey *, int *);
View Lorry Controller Status