private void checkHost(String host, KeyExchange kex)
{
String shkc=getConfig("StrictHostKeyChecking");
//System.Console.WriteLine("shkc: "+shkc);
byte[] K_S=kex.getHostKey();
String key_type=kex.getKeyType();
String key_fprint=kex.getFingerPrint();
hostkey=new HostKey(host, K_S);
HostKeyRepository hkr=jsch.getHostKeyRepository();
int i=0;
lock(hkr)
{
i=hkr.check(host, K_S);
}
bool insert=false;
if((shkc.equals("ask") || shkc.equals("yes")) &&
i==HostKeyRepository.CHANGED)
{
String file=null;
lock(hkr)
{
file=hkr.getKnownHostsRepositoryID();
}
if(file==null){file="known_hosts";}
String message=
"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\n"+
"@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @\n"+
"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\n"+
"IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! \n"+
"Someone could be eavesdropping on you right now (man-in-the-middle attack)!\n"+
"It is also possible that the "+key_type+" host key has just been changed.\n"+
"The fingerprint for the "+key_type+" key sent by the remote host is\n"+
key_fprint+".\n"+
"Please contact your system administrator.\n"+
"Add correct host key in "+file+" to get rid of this message.";
bool b=false;
if(userinfo!=null)
{
//userinfo.showMessage(message);
b=userinfo.promptYesNo(message+
"\nDo you want to delete the old key and insert the new key?");
}
//throw new JSchException("HostKey has been changed: "+host);
if(!b)
{
throw new JSchException("HostKey has been changed: "+host);
}
else
{
lock(hkr)
{
hkr.remove(host, null);
insert=true;
}
}
}
// bool insert=false;
if((shkc.equals("ask") || shkc.equals("yes")) &&
(i!=HostKeyRepository.OK) && !insert)
{
if(shkc.equals("yes"))
{
throw new JSchException("reject HostKey: "+host);
}
//System.Console.WriteLine("finger-print: "+key_fprint);
if(userinfo!=null)
{
bool foo=userinfo.promptYesNo(
"The authenticity of host '"+host+"' can't be established.\n"+
key_type+" key fingerprint is "+key_fprint+".\n"+
"Are you sure you want to continue connecting?"
);
if(!foo)
{
throw new JSchException("reject HostKey: "+host);
}
insert=true;
}
else
{
if(i==HostKeyRepository.NOT_INCLUDED)
throw new JSchException("UnknownHostKey: "+host);
else throw new JSchException("HostKey has been changed: "+host);
}
}
if(shkc.equals("no") &&
HostKeyRepository.NOT_INCLUDED==i)
{
insert=true;
}
if(insert)
{
lock(hkr)
{
hkr.add(host, K_S, userinfo);
}
}
}
