From 87d79282941de06a9b0c464df87c8d0456c145ce Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Thu, 5 Mar 2015 12:14:43 -0500 Subject: gnu: lftp: Don't save unknown SSH host fingerprints to known_hosts by default. * gnu/packages/patches/lftp-dont-save-unknown-host-fingerprint.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/ftp.scm (lftp): Add patch. --- gnu-system.am | 1 + gnu/packages/ftp.scm | 6 +- .../lftp-dont-save-unknown-host-fingerprint.patch | 81 ++++++++++++++++++++++ 3 files changed, 87 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/lftp-dont-save-unknown-host-fingerprint.patch diff --git a/gnu-system.am b/gnu-system.am index 21930cdfb9..6129226a47 100644 --- a/gnu-system.am +++ b/gnu-system.am @@ -442,6 +442,7 @@ dist_patch_DATA = \ gnu/packages/patches/irrlicht-mesa-10.patch \ gnu/packages/patches/jbig2dec-ignore-testtest.patch \ gnu/packages/patches/kmod-module-directory.patch \ + gnu/packages/patches/lftp-dont-save-unknown-host-fingerprint.patch \ gnu/packages/patches/libarchive-CVE-2013-0211.patch \ gnu/packages/patches/libarchive-fix-lzo-test-case.patch \ gnu/packages/patches/libarchive-mtree-filename-length-fix.patch \ diff --git a/gnu/packages/ftp.scm b/gnu/packages/ftp.scm index f002122bb6..22ea1af965 100644 --- a/gnu/packages/ftp.scm +++ b/gnu/packages/ftp.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2014 Ludovic Courtès ;;; Copyright © 2015 Andreas Enge +;;; Copyright © 2015 Mark H Weaver ;;; ;;; This file is part of GNU Guix. ;;; @@ -39,7 +40,10 @@ (define-public lftp version ".tar.xz")) (sha256 (base32 - "1grmp8zg7cjgjinz66mrh53whigkqzl90nlxj05hapnhk3ns3vni")))) + "1grmp8zg7cjgjinz66mrh53whigkqzl90nlxj05hapnhk3ns3vni")) + (patches + (list (search-patch + "lftp-dont-save-unknown-host-fingerprint.patch"))))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/packages/patches/lftp-dont-save-unknown-host-fingerprint.patch b/gnu/packages/patches/lftp-dont-save-unknown-host-fingerprint.patch new file mode 100644 index 0000000000..e170d11308 --- /dev/null +++ b/gnu/packages/patches/lftp-dont-save-unknown-host-fingerprint.patch @@ -0,0 +1,81 @@ +Fixes "saves unknown host's fingerprint in known_hosts without any prompt". +See: + + https://github.com/lavv17/lftp/issues/116 + https://bugs.debian.org/774769 + +From bc7b476e782d77839765f56bbdb4cee9f36b54ec Mon Sep 17 00:00:00 2001 +From: "Alexander V. Lukyanov" +Date: Tue, 13 Jan 2015 15:33:54 +0300 +Subject: [PATCH] add settings fish:auto-confirm and sftp:auto-confirm + +New host keys are now not confirmed by default, this should improve security. +Suggested by Marcin Szewczyk +--- + doc/lftp.1 | 8 ++++++++ + src/SSH_Access.cc | 5 +++-- + src/resource.cc | 2 ++ + 3 files changed, 13 insertions(+), 2 deletions(-) + +diff --git a/doc/lftp.1 b/doc/lftp.1 +index cabc1be..ed6c388 100644 +--- a/doc/lftp.1 ++++ b/doc/lftp.1 +@@ -1384,6 +1384,10 @@ address family in dns:order. + .BR file:charset \ (string) + local character set. It is set from current locale initially. + .TP ++.BR fish:auto-confirm \ (boolean) ++when true, lftp answers ``yes'' to all ssh questions, in particular to the ++question about a new host key. Otherwise it answers ``no''. ++.TP + .BR fish:charset \ (string) + the character set used by fish server in requests, replies and file listings. + Default is empty which means the same as local. +@@ -1952,6 +1956,10 @@ minimal chunk size to split the file to. + save pget transfer status this often. Set to `never' to disable saving of the status file. + The status is saved to a file with suffix \fI.lftp-pget-status\fP. + .TP ++.BR sftp:auto-confirm \ (boolean) ++when true, lftp answers ``yes'' to all ssh questions, in particular to the ++question about a new host key. Otherwise it answers ``no''. ++.TP + .BR sftp:charset \ (string) + the character set used by SFTP server in file names and file listings. + Default is empty which means the same as local. This setting is only used +diff --git a/src/SSH_Access.cc b/src/SSH_Access.cc +index 706fc6a..17c716d 100644 +--- a/src/SSH_Access.cc ++++ b/src/SSH_Access.cc +@@ -72,8 +72,9 @@ int SSH_Access::HandleSSHMessage() + } + if(s>=y_len && !strncasecmp(b+s-y_len,y,y_len)) + { +- pty_recv_buf->Put("yes\n"); +- pty_send_buf->Put("yes\n"); ++ const char *answer=QueryBool("auto-confirm",hostname)?"yes\n":"no\n"; ++ pty_recv_buf->Put(answer); ++ pty_send_buf->Put(answer); + return m; + } + if(!received_greeting && recv_buf->Size()>0) +diff --git a/src/resource.cc b/src/resource.cc +index 91b2e60..3a5e8b9 100644 +--- a/src/resource.cc ++++ b/src/resource.cc +@@ -339,6 +339,7 @@ static ResType lftp_vars[] = { + {"mirror:no-empty-dirs", "no", ResMgr::BoolValidate,ResMgr::NoClosure}, + {"mirror:require-source", "no", ResMgr::BoolValidate,ResMgr::NoClosure}, + ++ {"sftp:auto-confirm", "no", ResMgr::BoolValidate,0}, + {"sftp:max-packets-in-flight","16", ResMgr::UNumberValidate,0}, + {"sftp:protocol-version", "6", ResMgr::UNumberValidate,0}, + {"sftp:size-read", "32k", ResMgr::UNumberValidate,0}, +@@ -367,6 +368,7 @@ static ResType lftp_vars[] = { + {"dns:strict-dnssec", "no", ResMgr::BoolValidate,0}, + #endif + ++ {"fish:auto-confirm", "no", ResMgr::BoolValidate,0}, + {"fish:shell", "/bin/sh",0,0}, + {"fish:connect-program", "ssh -a -x",0,0}, + {"fish:charset", "", ResMgr::CharsetValidate,0}, -- cgit v1.2.3