svnno****@sourc*****
svnno****@sourc*****
2015年 5月 11日 (月) 00:41:54 JST
Revision: 5857 http://sourceforge.jp/projects/ttssh2/scm/svn/commits/5857 Author: yutakapon Date: 2015-05-11 00:41:48 +0900 (Mon, 11 May 2015) Log Message: ----------- チケット #35047 SSH サーバホスト公開鍵の自動更新 ポップアップメッセージの2回目の指摘事項をフィードバックした。 http://logmett.com/forum/viewtopic.php?f=2&t=2740 Ticket Links: ------------ http://sourceforge.jp/projects/ttssh2/tracker/detail/35047 Modified Paths: -------------- trunk/installer/release/lang/English.lng trunk/installer/release/lang/French.lng trunk/installer/release/lang/German.lng trunk/installer/release/lang/Japanese.lng trunk/installer/release/lang/Korean.lng trunk/installer/release/lang/Russian.lng trunk/installer/release/lang/Simplified Chinese.lng trunk/installer/release/lang/Traditional Chinese.lng trunk/ttssh2/ttxssh/key.c -------------- next part -------------- Modified: trunk/installer/release/lang/English.lng =================================================================== --- trunk/installer/release/lang/English.lng 2015-05-09 10:52:52 UTC (rev 5856) +++ trunk/installer/release/lang/English.lng 2015-05-10 15:41:48 UTC (rev 5857) @@ -721,7 +721,7 @@ DLG_HOSTKEY_DNSSEC_NG=Found insecure fingerprint in DNS. DLG_HOSTKEY_DNSSEC_OK=Found secure fingerprint in DNS. -DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you approve to add %u latest keys and remove %u obsolete keys from this machine to the known hosts list and continue, then you will not receive this warning again.\n\n +DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you choose to add %u latest key(s) and remove %u obsolete key(s) from this machine to the known hosts list and continue, then you will not receive this warning again.\n\nDo you want to update known hosts file with new key(s)?\n\n ; crypt.c MSG_ENCRYPT_ERROR1=%s encrypt error(1): bytes %d (%d) Modified: trunk/installer/release/lang/French.lng =================================================================== --- trunk/installer/release/lang/French.lng 2015-05-09 10:52:52 UTC (rev 5856) +++ trunk/installer/release/lang/French.lng 2015-05-10 15:41:48 UTC (rev 5857) @@ -721,7 +721,7 @@ DLG_HOSTKEY_DNSSEC_NG=Found insecure fingerprint in DNS. DLG_HOSTKEY_DNSSEC_OK=Found secure fingerprint in DNS. -DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you approve to add %u latest keys and remove %u obsolete keys from this machine to the known hosts list and continue, then you will not receive this warning again.\n\n +DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you choose to add %u latest key(s) and remove %u obsolete key(s) from this machine to the known hosts list and continue, then you will not receive this warning again.\n\nDo you want to update known hosts file with new key(s)?\n\n ; crypt.c MSG_ENCRYPT_ERROR1=%s erreur cryptage(1): octets %d (%d) Modified: trunk/installer/release/lang/German.lng =================================================================== --- trunk/installer/release/lang/German.lng 2015-05-09 10:52:52 UTC (rev 5856) +++ trunk/installer/release/lang/German.lng 2015-05-10 15:41:48 UTC (rev 5857) @@ -720,7 +720,7 @@ DLG_HOSTKEY_DNSSEC_NG=Found insecure fingerprint in DNS. DLG_HOSTKEY_DNSSEC_OK=Found secure fingerprint in DNS. -DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you approve to add %u latest keys and remove %u obsolete keys from this machine to the known hosts list and continue, then you will not receive this warning again.\n\n +DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you choose to add %u latest key(s) and remove %u obsolete key(s) from this machine to the known hosts list and continue, then you will not receive this warning again.\n\nDo you want to update known hosts file with new key(s)?\n\n ; crypt.c MSG_ENCRYPT_ERROR1=%s encrypt error(1): bytes %d (%d) Modified: trunk/installer/release/lang/Japanese.lng =================================================================== --- trunk/installer/release/lang/Japanese.lng 2015-05-09 10:52:52 UTC (rev 5856) +++ trunk/installer/release/lang/Japanese.lng 2015-05-10 15:41:48 UTC (rev 5857) @@ -721,7 +721,7 @@ DLG_HOSTKEY_DNSSEC_NG=DNS\x82̌\xAE\x8Ew\x96\xE4\x8F\xEE\x95\xF1\x82\xCDDNSSEC\x82ŔF\x8F\xB3\x82\xEA\x82\xC4*\x82\xA2\x82܂\xB9\x82\xF1*\x81B DLG_HOSTKEY_DNSSEC_OK=DNS\x82̌\xAE\x8Ew\x96\xE4\x8F\xEE\x95\xF1\x82\xCDDNSSEC\x82ŔF\x8F\xB3\x82\xEA\x82Ă\xA2\x82܂\xB7\x81B -DLG_HOSTKEY_ROTATION_WARNING=\x90ڑ\xB1\x90\xE6\x82̃T\x81[\x83o"%s"\x82\xAAknown hosts\x83\x8A\x83X\x83g\x82ɑ\xB6\x8D݂\xB5\x82Ȃ\xA2\x83z\x83X\x83g\x8C\xAE\x82𑗕t\x82\xB5\x82Ă\xAB\x82܂\xB5\x82\xBD\x81B\n\x88\xAB\x88ӂ\xF0\x8E\x9D\x82\xC1\x82\xBD\x83z\x83X\x83g\x82\xAA, \x90ڑ\xB1\x82\xB5\x82悤\x82Ƃ\xB5\x82Ă\xA2\x82\xE9\x83T\x81[\x83o\x82̂ӂ\xE8\x82\xF0\x82\xB5\x82Ă\xA2\x82\xE9\x89\\x90\xAB\x82\xAA\x82\xA0\x82\xE8\x82܂\xB7. \x82\xE0\x82\xB5\x82\xAD\x82\xCD, \x90\xB3\x8BK\x82̃T\x81[\x83o\x82\xAA\x83T\x81[\x83o\x83z\x83X\x83g\x8C\xAE\x82̎\xA9\x93\xAE\x8DX\x90V\x8B@\x94\\x82\xF0\x83T\x83|\x81[\x83g\x82\xB5\x82Ă\xA2\x82܂\xB7.\n\n\x8E\xA9\x93\xAE\x8DX\x90V\x82\xF0\x8B\x96\x89\xB7\x82\xE9\x82\xC6, %u\x82̍ŐV\x83z\x83X\x83g\x8C\xAE\x82̒lj\xC1\x82\xA8\x82\xE6\x82\xD1%u\x82̋\x8C\x8E\xAE\x83z\x83X\x83g\x8C\xAE\x82̍폜\x82\xF0\x8Ds\x82\xA2, \x8E\x9F\x89炱\x82̌x\x8D\x90\x82͏o\x82Ȃ\xAD\x82Ȃ\xE8\x82܂\xB7.\n\n +DLG_HOSTKEY_ROTATION_WARNING=\x90ڑ\xB1\x90\xE6\x82̃T\x81[\x83o"%s"\x82\xAA, \x83T\x81[\x83o\x83z\x83X\x83g\x8C\xAE\x82̎\xA9\x93\xAE\x8DX\x90V\x8B@\x94\\x82𗘗p\x82\xB5\x82\xC4, known hosts\x83\x8A\x83X\x83g\x82ɑ\xB6\x8D݂\xB5\x82Ȃ\xA2\x83z\x83X\x83g\x8C\xAE\x82𑗕t\x82\xB5\x82Ă\xAB\x82܂\xB5\x82\xBD.\n\x88\xAB\x88ӂ\xF0\x8E\x9D\x82\xC1\x82\xBD\x83z\x83X\x83g\x82\xAA, \x90ڑ\xB1\x82\xB5\x82悤\x82Ƃ\xB5\x82Ă\xA2\x82\xE9\x83T\x81[\x83o\x82̂ӂ\xE8\x82\xF0\x82\xB5\x82Ă\xA2\x82\xE9\x89\\x90\xAB\x82\xAA\x82\xA0\x82\xE8\x82܂\xB7\x82̂\xC5, \x8F\\x95\xAA\x92\x8D\x88ӂ\xB5\x82Ă\xAD\x82\xBE\x82\xB3\x82\xA2. \n\n\x8E\xA9\x93\xAE\x8DX\x90V\x82\xF0\x8B\x96\x89\xB7\x82\xE9\x82\xC6, %u\x8C̍ŐV\x83z\x83X\x83g\x8C\xAE\x82̒lj\xC1\x82\xA8\x82\xE6\x82\xD1%u\x8C̋\x8C\x8E\xAE\x83z\x83X\x83g\x8C\xAE\x82̍폜\x82\xF0\x8Ds\x82\xA2, \x8E\x9F\x89炱\x82̌x\x8D\x90\x82͏o\x82Ȃ\xAD\x82Ȃ\xE8\x82܂\xB7.\n\nknown hosts\x83\x8A\x83X\x83g\x82\xF0\x8DX\x90V\x82\xB5\x82܂\xB7\x82\xA9?\n\n ; crypt.c MSG_ENCRYPT_ERROR1=%s\x88Í\x86\x89\xBB\x83G\x83\x89\x81[(1): bytes %d (%d) Modified: trunk/installer/release/lang/Korean.lng =================================================================== --- trunk/installer/release/lang/Korean.lng 2015-05-09 10:52:52 UTC (rev 5856) +++ trunk/installer/release/lang/Korean.lng 2015-05-10 15:41:48 UTC (rev 5857) @@ -722,7 +722,7 @@ DLG_HOSTKEY_DNSSEC_NG=DNS\xBF\xA1\xBC\xAD \xBE\xC8\xC0\xFC\xC7\xCF\xC1\xF6 \xBE\xCA\xC0\xBA \xC1\xF6\xB9\xAE \xB9߰\xDF. DLG_HOSTKEY_DNSSEC_OK=DNS\xBF\xA1\xBC\xAD \xBE\xC8\xC0\xFC\xC7\xD1 \xC1\xF6\xB9\xAE \xB9߰\xDF. -DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you approve to add %u latest keys and remove %u obsolete keys from this machine to the known hosts list and continue, then you will not receive this warning again.\n\n +DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you choose to add %u latest key(s) and remove %u obsolete key(s) from this machine to the known hosts list and continue, then you will not receive this warning again.\n\nDo you want to update known hosts file with new key(s)?\n\n ; crypt.c MSG_ENCRYPT_ERROR1=%s \xBE\xCFȣ \xBF\xC0\xB7\xF9(1): \xB9\xD9\xC0\xCCƮ %d (%d) Modified: trunk/installer/release/lang/Russian.lng =================================================================== --- trunk/installer/release/lang/Russian.lng 2015-05-09 10:52:52 UTC (rev 5856) +++ trunk/installer/release/lang/Russian.lng 2015-05-10 15:41:48 UTC (rev 5857) @@ -722,7 +722,7 @@ DLG_HOSTKEY_DNSSEC_NG=\xCD\xE0\xE9\xE4\xE5\xED \xED\xE5\xED\xE0\xE4\xE5\xE6\xED\xFB\xE9 \xEF\xE0\xF0\xEE\xEB\xFC \xE2 DNS. DLG_HOSTKEY_DNSSEC_OK=\xCD\xE0\xE9\xE4\xE5\xED \xED\xE0\xE4\xE5\xE6\xED\xFB\xE9 \xEF\xE0\xF0\xEE\xEB\xFC \xE2 DNS. -DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you approve to add %u latest keys and remove %u obsolete keys from this machine to the known hosts list and continue, then you will not receive this warning again.\n\n +DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you choose to add %u latest key(s) and remove %u obsolete key(s) from this machine to the known hosts list and continue, then you will not receive this warning again.\n\nDo you want to update known hosts file with new key(s)?\n\n ; crypt.c MSG_ENCRYPT_ERROR1=%s \xEE\xF8\xE8\xE1\xEA\xE0 \xF8\xE8\xF4\xF0\xEE\xE2\xE0\xED\xE8\xFF(1): \xE1\xE0\xE9\xF2\xFB %d (%d) Modified: trunk/installer/release/lang/Simplified Chinese.lng =================================================================== --- trunk/installer/release/lang/Simplified Chinese.lng 2015-05-09 10:52:52 UTC (rev 5856) +++ trunk/installer/release/lang/Simplified Chinese.lng 2015-05-10 15:41:48 UTC (rev 5857) @@ -722,7 +722,7 @@ DLG_HOSTKEY_DNSSEC_NG=DNS\xD6з\xA2\xCF\xD6\xC8\xF5\xC3\xDC\xC2롣 DLG_HOSTKEY_DNSSEC_OK=DNS\xD6з\xA2\xCF\xD6ǿ\xC3\xDC\xC2롣 -DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you approve to add %u latest keys and remove %u obsolete keys from this machine to the known hosts list and continue, then you will not receive this warning again.\n\n +DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you choose to add %u latest key(s) and remove %u obsolete key(s) from this machine to the known hosts list and continue, then you will not receive this warning again.\n\nDo you want to update known hosts file with new key(s)?\n\n ; crypt.c MSG_ENCRYPT_ERROR1=%s\xBC\xD3\xC3ܴ\xED\xCE\xF3(1): bytes %d (%d) Modified: trunk/installer/release/lang/Traditional Chinese.lng =================================================================== --- trunk/installer/release/lang/Traditional Chinese.lng 2015-05-09 10:52:52 UTC (rev 5856) +++ trunk/installer/release/lang/Traditional Chinese.lng 2015-05-10 15:41:48 UTC (rev 5857) @@ -722,7 +722,7 @@ DLG_HOSTKEY_DNSSEC_NG=DNS\xA4\xA4\xB5o\xB2{\xAEz\xB1K\xBDX\xA1C DLG_HOSTKEY_DNSSEC_OK=DNS\xA4\xA4\xB5o\xB2{\xB1j\xB1K\xBDX\xA1C -DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you approve to add %u latest keys and remove %u obsolete keys from this machine to the known hosts list and continue, then you will not receive this warning again.\n\n +DLG_HOSTKEY_ROTATION_WARNING=Remote server "%s" sent the set of host keys which are absent in your list of known hosts. \nThe machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\nIf you choose to add %u latest key(s) and remove %u obsolete key(s) from this machine to the known hosts list and continue, then you will not receive this warning again.\n\nDo you want to update known hosts file with new key(s)?\n\n ; crypt.c MSG_ENCRYPT_ERROR1=%s\xA5[\xB1K\xBF\xF9\xBB~(1): bytes %d (%d) Modified: trunk/ttssh2/ttxssh/key.c =================================================================== --- trunk/ttssh2/ttxssh/key.c 2015-05-09 10:52:52 UTC (rev 5856) +++ trunk/ttssh2/ttxssh/key.c 2015-05-10 15:41:48 UTC (rev 5857) @@ -1934,14 +1934,15 @@ UTIL_get_lang_msg("DLG_HOSTKEY_ROTATION_WARNING", pvar, "Remote server \"%s\" sent the set of host keys which are absent in your list of known hosts. \n" "The machine you have contacted may be a hostile machine pretending to be the server, or legitimate server supporting host key rotation. \n\n" - "If you approve to add %u latest keys and remove %u obsolete keys from this machine to the known hosts list and continue, then you will not receive this warning again.\n\n" + "If you choose to add %u latest key(s) and remove %u obsolete key(s) from this machine to the known hosts list and continue, then you will not receive this warning again.\n\n" + "Do you want to update known hosts file with new key(s)?\n\n" ); _snprintf_s(msg, sizeof(msg), _TRUNCATE, pvar->ts->UIMsg, host, ctx->nnew, ctx->nold ); if (ctx->nnew > 0) { - _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, "%u latest keys:\n", ctx->nnew); + _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, "%u latest key(s):\n", ctx->nnew); strcat_s(msg, sizeof(msg), tmp); for (i = 0; i < ctx->nkeys; i++) { if (ctx->keys_seen[i]) @@ -1955,6 +1956,21 @@ } } + if (ctx->nold > 0) { + strcat_s(msg, sizeof(msg), "\n"); + + _snprintf_s(tmp, sizeof(tmp), _TRUNCATE, "%u obsolete key(s):\n", ctx->nold); + strcat_s(msg, sizeof(msg), tmp); + for (i = 0; i < ctx->nold; i++) { + fp = key_fingerprint(ctx->old_keys[i], SSH_FP_HEX); + strcat_s(msg, sizeof(msg), get_sshname_from_key(ctx->old_keys[i])); + strcat_s(msg, sizeof(msg), " "); + strcat_s(msg, sizeof(msg), fp); + strcat_s(msg, sizeof(msg), "\n"); + free(fp); + } + } + dlgresult = MessageBox(NULL, msg, "TTSSH: SECURITY WARNING", MB_YESNO | MB_ICONWARNING | MB_DEFBUTTON2); if (dlgresult != IDYES) { _snprintf_s(msg, sizeof(msg), _TRUNCATE, "Hostkey was not updated because a user cancelled.");