Reorganise host key checking and confirmation.

Previously, checking the host key against the persistent cache managed
by the storage.h API was done as part of the seat_verify_ssh_host_key
method, i.e. separately by each Seat.

Now that check is done by verify_ssh_host_key(), which is a new
function in ssh/common.c that centralises all the parts of host key
checking that don't need an interactive prompt. It subsumes the
previous verify_ssh_manual_host_key() that checked against the Conf,
and it does the check against the storage API that each Seat was
previously doing separately. If it can't confirm or definitively
reject the host key by itself, _then_ it calls out to the Seat, once
an interactive prompt is definitely needed.

The main point of doing this is so that when SshProxy forwards a Seat
call from the proxy SSH connection to the primary Seat, it won't print
an announcement of which connection is involved unless it's actually
going to do something interactive. (Not that we're printing those
announcements _yet_ anyway, but this is a piece of groundwork that
works towards doing so.)

But while I'm at it, I've also taken the opportunity to clean things
up a bit by renaming functions sensibly. Previously we had three very
similarly named functions verify_ssh_manual_host_key(), SeatVtable's
'verify_ssh_host_key' method, and verify_host_key() in storage.h. Now
the Seat method is called 'confirm' rather than 'verify' (since its
job is now always to print an interactive prompt, so it looks more
like the other confirm_foo methods), and the storage.h function is
called check_stored_host_key(), which goes better with store_host_key
and avoids having too many functions with similar names. And the
'manual' function is subsumed into the new centralised code, so
there's now just *one* host key function with 'verify' in the name.

Several functions are reindented in this commit. Best viewed with
whitespace changes ignored.

windows/console.c

@@ -32,12 +32,11 @@ void console_print_error_msg(const char *prefix, const char *msg)
     fflush(stderr);
 }
 
-int console_verify_ssh_host_key(
+int console_confirm_ssh_host_key(
     Seat *seat, const char *host, int port, const char *keytype,
-    char *keystr, const char *keydisp, char **fingerprints,
+    char *keystr, const char *keydisp, char **fingerprints, bool mismatch,
     void (*callback)(void *ctx, int result), void *ctx)
 {
-    int ret;
     HANDLE hin;
     DWORD savemode, i;
     char *common;
@@ -45,18 +44,10 @@ int console_verify_ssh_host_key(
 
     char line[32];
 
-    /*
-     * Verify the key against the registry.
-     */
-    ret = verify_host_key(host, port, keytype, keystr);
-
-    if (ret == 0)                      /* success - key matched OK */
-        return 1;
-
     FingerprintType fptype_default =
         ssh2_pick_default_fingerprint(fingerprints);
 
-    if (ret == 2) {                    /* key was different */
+    if (mismatch) {                    /* key was different */
         common = hk_wrongmsg_common(host, port, keytype,
                                     fingerprints[fptype_default]);
         intro = hk_wrongmsg_interactive_intro;

windows/dialog.c

@@ -976,52 +976,43 @@ static INT_PTR CALLBACK HostKeyDialogProc(HWND hwnd, UINT msg,
     return 0;
 }
 
-int win_seat_verify_ssh_host_key(
+int win_seat_confirm_ssh_host_key(
     Seat *seat, const char *host, int port, const char *keytype,
-    char *keystr, const char *keydisp, char **fingerprints,
-    void (*callback)(void *ctx, int result), void *ctx)
+    char *keystr, const char *keydisp, char **fingerprints, bool mismatch,
+    void (*callback)(void *ctx, int result), void *vctx)
 {
-    int ret;
-
     WinGuiSeat *wgs = container_of(seat, WinGuiSeat, seat);
 
-    /*
-     * Verify the key against the registry.
-     */
-    ret = verify_host_key(host, port, keytype, keystr);
+    static const char *const keywords[] =
+        { "{KEYTYPE}", "{APPNAME}", NULL };
 
-    if (ret == 0)                      /* success - key matched OK */
+    const char *values[2];
+    values[0] = keytype;
+    values[1] = appname;
+
+    struct hostkey_dialog_ctx ctx[1];
+    ctx->keywords = keywords;
+    ctx->values = values;
+    ctx->fingerprints = fingerprints;
+    ctx->fptype_default = ssh2_pick_default_fingerprint(fingerprints);
+    ctx->keydisp = keydisp;
+    ctx->iconid = (mismatch ? IDI_WARNING : IDI_QUESTION);
+    ctx->helpctx = (mismatch ? WINHELP_CTX_errors_hostkey_changed :
+                    WINHELP_CTX_errors_hostkey_absent);
+    ctx->host = host;
+    ctx->port = port;
+    int dlgid = (mismatch ? IDD_HK_WRONG : IDD_HK_ABSENT);
+    int mbret = DialogBoxParam(
+        hinst, MAKEINTRESOURCE(dlgid), wgs->term_hwnd,
+        HostKeyDialogProc, (LPARAM)ctx);
+    assert(mbret==IDC_HK_ACCEPT || mbret==IDC_HK_ONCE || mbret==IDCANCEL);
+    if (mbret == IDC_HK_ACCEPT) {
+        store_host_key(host, port, keytype, keystr);
+        return 1;
+    } else if (mbret == IDC_HK_ONCE) {
         return 1;
-    else {
-        static const char *const keywords[] =
-            { "{KEYTYPE}", "{APPNAME}", NULL };
-
-        const char *values[2];
-        values[0] = keytype;
-        values[1] = appname;
-
-        struct hostkey_dialog_ctx ctx[1];
-        ctx->keywords = keywords;
-        ctx->values = values;
-        ctx->fingerprints = fingerprints;
-        ctx->fptype_default = ssh2_pick_default_fingerprint(fingerprints);
-        ctx->keydisp = keydisp;
-        ctx->iconid = (ret == 2 ? IDI_WARNING : IDI_QUESTION);
-        ctx->helpctx = (ret == 2 ? WINHELP_CTX_errors_hostkey_changed :
-                        WINHELP_CTX_errors_hostkey_absent);
-        ctx->host = host;
-        ctx->port = port;
-        int dlgid = (ret == 2 ? IDD_HK_WRONG : IDD_HK_ABSENT);
-        int mbret = DialogBoxParam(
-            hinst, MAKEINTRESOURCE(dlgid), wgs->term_hwnd,
-            HostKeyDialogProc, (LPARAM)ctx);
-        assert(mbret==IDC_HK_ACCEPT || mbret==IDC_HK_ONCE || mbret==IDCANCEL);
-        if (mbret == IDC_HK_ACCEPT) {
-            store_host_key(host, port, keytype, keystr);
-            return 1;
-        } else if (mbret == IDC_HK_ONCE)
-            return 1;
     }
+
     return 0;   /* abandon the connection */
 }
 

windows/platform.h

@@ -220,9 +220,9 @@ int has_embedded_chm(void);            /* 1 = yes, 0 = no, -1 = N/A */
  * GUI seat methods in windlg.c, so that the vtable definition in
  * window.c can refer to them.
  */
-int win_seat_verify_ssh_host_key(
+int win_seat_confirm_ssh_host_key(
     Seat *seat, const char *host, int port, const char *keytype,
-    char *keystr, const char *keydisp, char **key_fingerprints,
+    char *keystr, const char *keydisp, char **key_fingerprints, bool mismatch,
     void (*callback)(void *ctx, int result), void *ctx);
 int win_seat_confirm_weak_crypto_primitive(
     Seat *seat, const char *algtype, const char *algname,

windows/plink.c

@@ -93,7 +93,7 @@ static const SeatVtable plink_seat_vt = {
     .update_specials_menu = nullseat_update_specials_menu,
     .get_ttymode = nullseat_get_ttymode,
     .set_busy_status = nullseat_set_busy_status,
-    .verify_ssh_host_key = console_verify_ssh_host_key,
+    .confirm_ssh_host_key = console_confirm_ssh_host_key,
     .confirm_weak_crypto_primitive = console_confirm_weak_crypto_primitive,
     .confirm_weak_cached_hostkey = console_confirm_weak_cached_hostkey,
     .is_utf8 = nullseat_is_never_utf8,

windows/storage.c

@@ -322,8 +322,8 @@ static void hostkey_regname(strbuf *sb, const char *hostname,
     escape_registry_key(hostname, sb);
 }
 
-int verify_host_key(const char *hostname, int port,
-                    const char *keytype, const char *key)
+int check_stored_host_key(const char *hostname, int port,
+                          const char *keytype, const char *key)
 {
     char *otherstr;
     strbuf *regname;
@@ -437,10 +437,10 @@ bool have_ssh_host_key(const char *hostname, int port,
                       const char *keytype)
 {
     /*
-     * If we have a host key, verify_host_key will return 0 or 2.
+     * If we have a host key, check_stored_host_key will return 0 or 2.
      * If we don't have one, it'll return 1.
      */
-    return verify_host_key(hostname, port, keytype, "") != 1;
+    return check_stored_host_key(hostname, port, keytype, "") != 1;
 }
 
 void store_host_key(const char *hostname, int port,

windows/window.c

@@ -340,7 +340,7 @@ static const SeatVtable win_seat_vt = {
     .update_specials_menu = win_seat_update_specials_menu,
     .get_ttymode = win_seat_get_ttymode,
     .set_busy_status = win_seat_set_busy_status,
-    .verify_ssh_host_key = win_seat_verify_ssh_host_key,
+    .confirm_ssh_host_key = win_seat_confirm_ssh_host_key,
     .confirm_weak_crypto_primitive = win_seat_confirm_weak_crypto_primitive,
     .confirm_weak_cached_hostkey = win_seat_confirm_weak_cached_hostkey,
     .is_utf8 = win_seat_is_utf8,