From 1b1a91fa3d544c062f78310b0503062a6a67dc55 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Sat, 13 Mar 2021 11:03:23 +0000
Subject: [PATCH] Console host key prompts: add 'more info' action.

Now you can press 'i' at the host key prompt, and it will print all
the key fingerprints we know about, plus the full public key. So if
you wanted to check against a fingerprint type that wasn't the one
shown in the default prompt, you can see all the ones we've got.
---
 console.c         |  6 ++++--
 unix/uxcons.c     | 35 ++++++++++++++++++++++++-----------
 windows/wincons.c | 32 +++++++++++++++++++++++---------
 3 files changed, 51 insertions(+), 22 deletions(-)

diff --git a/console.c b/console.c
index 2431bccb..7155b9f0 100644
--- a/console.c
+++ b/console.c
@@ -22,7 +22,8 @@ const char hk_absentmsg_interactive_intro[] =
     "If you do not trust this host, press Return to abandon the\n"
     "connection.\n";
 const char hk_absentmsg_interactive_prompt[] =
-    "Store key in cache? (y/n, Return cancels connection) ";
+    "Store key in cache? (y/n, Return cancels connection, "
+    "i for more info) ";
 
 const char hk_wrongmsg_common_fmt[] =
     "WARNING - POTENTIAL SECURITY BREACH!\n"
@@ -41,7 +42,8 @@ const char hk_wrongmsg_interactive_intro[] =
     "Return to cancel. Pressing Return is the ONLY guaranteed\n"
     "safe choice.\n";
 const char hk_wrongmsg_interactive_prompt[] =
-    "Update cached key? (y/n, Return cancels connection) ";
+    "Update cached key? (y/n, Return cancels connection, "
+    "i for more info) ";
 
 const char weakcrypto_msg_common_fmt[] =
     "The first %s supported by the server is\n"
diff --git a/unix/uxcons.c b/unix/uxcons.c
index 7dd2b411..90e73a98 100644
--- a/unix/uxcons.c
+++ b/unix/uxcons.c
@@ -143,19 +143,32 @@ int console_verify_ssh_host_key(
 
     fputs(intro, stderr);
     fflush(stderr);
+    while (true) {
+        fputs(prompt, stderr);
+        fflush(stderr);
 
-    fputs(prompt, stderr);
-    fflush(stderr);
+        struct termios oldmode, newmode;
+        tcgetattr(0, &oldmode);
+        newmode = oldmode;
+        newmode.c_lflag |= ECHO | ISIG | ICANON;
+        tcsetattr(0, TCSANOW, &newmode);
+        line[0] = '\0';
+        if (block_and_read(0, line, sizeof(line) - 1) <= 0)
+            /* handled below */;
+        tcsetattr(0, TCSANOW, &oldmode);
 
-    struct termios oldmode, newmode;
-    tcgetattr(0, &oldmode);
-    newmode = oldmode;
-    newmode.c_lflag |= ECHO | ISIG | ICANON;
-    tcsetattr(0, TCSANOW, &newmode);
-    line[0] = '\0';
-    if (block_and_read(0, line, sizeof(line) - 1) <= 0)
-        /* handled below */;
-    tcsetattr(0, TCSANOW, &oldmode);
+        if (line[0] == 'i' || line[0] == 'I') {
+            fprintf(stderr, "Full public key:\n%s\n", keydisp);
+            if (fingerprints[SSH_FPTYPE_SHA256])
+                fprintf(stderr, "SHA256 key fingerprint:\n%s\n",
+                        fingerprints[SSH_FPTYPE_SHA256]);
+            if (fingerprints[SSH_FPTYPE_MD5])
+                fprintf(stderr, "MD5 key fingerprint:\n%s\n",
+                        fingerprints[SSH_FPTYPE_MD5]);
+        } else {
+            break;
+        }
+    }
 
     /* In case of misplaced reflexes from another program, also recognise 'q'
      * as 'abandon connection rather than trust this key' */
diff --git a/windows/wincons.c b/windows/wincons.c
index 69cfe09a..414167b4 100644
--- a/windows/wincons.c
+++ b/windows/wincons.c
@@ -74,17 +74,31 @@ int console_verify_ssh_host_key(
     fputs(intro, stderr);
     fflush(stderr);
 
-    fputs(prompt, stderr);
-    fflush(stderr);
+    while (true) {
+        fputs(prompt, stderr);
+        fflush(stderr);
 
-    line[0] = '\0';    /* fail safe if ReadFile returns no data */
+        line[0] = '\0';    /* fail safe if ReadFile returns no data */
 
-    hin = GetStdHandle(STD_INPUT_HANDLE);
-    GetConsoleMode(hin, &savemode);
-    SetConsoleMode(hin, (savemode | ENABLE_ECHO_INPUT |
-                         ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT));
-    ReadFile(hin, line, sizeof(line) - 1, &i, NULL);
-    SetConsoleMode(hin, savemode);
+        hin = GetStdHandle(STD_INPUT_HANDLE);
+        GetConsoleMode(hin, &savemode);
+        SetConsoleMode(hin, (savemode | ENABLE_ECHO_INPUT |
+                             ENABLE_PROCESSED_INPUT | ENABLE_LINE_INPUT));
+        ReadFile(hin, line, sizeof(line) - 1, &i, NULL);
+        SetConsoleMode(hin, savemode);
+
+        if (line[0] == 'i' || line[0] == 'I') {
+            fprintf(stderr, "Full public key:\n%s\n", keydisp);
+            if (fingerprints[SSH_FPTYPE_SHA256])
+                fprintf(stderr, "SHA256 key fingerprint:\n%s\n",
+                        fingerprints[SSH_FPTYPE_SHA256]);
+            if (fingerprints[SSH_FPTYPE_MD5])
+                fprintf(stderr, "MD5 key fingerprint:\n%s\n",
+                        fingerprints[SSH_FPTYPE_MD5]);
+        } else {
+            break;
+        }
+    }
 
     /* In case of misplaced reflexes from another program, also recognise 'q'
      * as 'abandon connection rather than trust this key' */