From: Heinrich Schuchardt <xypron.glpk@gmx.de> The appended patch allows to updated changed host keys. It does not include the necessary changes for the translations. Best regards Heinrich Schuchardt Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> --- onmainwindow.cpp | 67 +++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 46 insertions(+), 21 deletions(-) diff --git a/onmainwindow.cpp b/onmainwindow.cpp index b707d84..d0993f2 100644 --- a/onmainwindow.cpp +++ b/onmainwindow.cpp @@ -2953,33 +2953,58 @@ void ONMainWindow::slotSshServerAuthError ( int error, QString sshMessage, SshMa { case SSH_SERVER_KNOWN_CHANGED: errMsg=tr ( "Host key for server changed.\nIt is now: " ) +sshMessage+"\n"+ - tr ( "For security reasons, connection will be stopped" ); - connection->writeKnownHosts(false); - connection->wait(); - if(sshConnection && sshConnection !=connection) + tr ( "This can be an indication of a man-in-the-middle attack.\n" + "Somebody might be eavesdropping on you.\n" + "For security reasons, it is recommended to stop the connection.\n" + "Do you want to terminate the connection?\n" ); + if ( !QMessageBox::warning( 0, tr( "Host key verification failed" ), + errMsg, tr( "Yes" ), tr( "No" ) ) != 0) + { + connection->writeKnownHosts(false); + connection->wait(); + if(sshConnection && sshConnection !=connection) + { + sshConnection->wait(); + delete sshConnection; + } + slotSshUserAuthError ( tr ( "Host key verification failed" ) ); + sshConnection=0; + return; + } + else { - sshConnection->wait(); - delete sshConnection; + errMsg = tr( "If you accept the new host key the security of your " + "connection may be compromised.\n" + "Do you want to update the host key?" ); } - sshConnection=0; - slotSshUserAuthError ( errMsg ); - return; - + break; case SSH_SERVER_FOUND_OTHER: errMsg=tr ( "The host key for this server was not found but an other" - "type of key exists.An attacker might change the default server key to" - "confuse your client into thinking the key does not exist" ); - connection->writeKnownHosts(false); - connection->wait(); - if(sshConnection && sshConnection !=connection) + "type of key exists. An attacker might change the default server key to " + "confuse your client into thinking the key does not exist. \n" + "For security reasons, it is recommended to stop the connection.\n" + "Do you want to terminate the connection?\n"); + if ( !QMessageBox::warning( 0, tr( "Host key verification failed" ), + errMsg, tr( "Yes" ), tr( "No" ) ) != 0) + { + connection->writeKnownHosts(false); + connection->wait(); + if(sshConnection && sshConnection !=connection) + { + sshConnection->wait(); + delete sshConnection; + } + slotSshUserAuthError ( tr ( "Host key verification failed" ) ); + sshConnection=0; + return; + } + else { - sshConnection->wait(); - delete sshConnection; + errMsg = tr( "If you accept the new host key the security of your " + "connection may be compromised.\n" + "Do you want to update the host key?" ); } - sshConnection=0; - slotSshUserAuthError ( errMsg ); - return ; - + break; case SSH_SERVER_ERROR: connection->writeKnownHosts(false); connection->wait(); -- 1.7.10.4