From ed01a9d3f2614933d05e7d85b4bb3568c4e04cdb Mon Sep 17 00:00:00 2001
From: Hans Nilsson <hans@erlang.org>
Date: Wed, 21 Feb 2018 14:48:33 +0100
Subject: ssh: Add option save_accepted_host

---
 lib/ssh/doc/src/ssh.xml            | 12 ++++++++++++
 lib/ssh/src/ssh_options.erl        |  6 ++++++
 lib/ssh/src/ssh_transport.erl      |  5 ++++-
 lib/ssh/test/ssh_options_SUITE.erl | 37 +++++++++++++++++++++++++++++++++++--
 4 files changed, 57 insertions(+), 3 deletions(-)

(limited to 'lib')

diff --git a/lib/ssh/doc/src/ssh.xml b/lib/ssh/doc/src/ssh.xml
index 337f4094cc..acf94ff6af 100644
--- a/lib/ssh/doc/src/ssh.xml
+++ b/lib/ssh/doc/src/ssh.xml
@@ -227,6 +227,18 @@
               </item>
             </list>
 	  </item>
+
+	  <tag><c><![CDATA[{save_accepted_host, boolean()}]]></c></tag>
+	  <item>
+	    <p>If <c>true</c>, the client saves an accepted host key to avoid the
+	    accept question the next time the same host is connected. If the option
+	    <c>key_cb</c> is not present, the key is saved in the file "known_hosts".
+	    </p>
+	    <p>If <c>false</c>, the key is not saved and the key will still be unknown
+	    at the next access of the same host.
+	    </p>
+	  </item>
+
 	  <tag><c><![CDATA[{user_interaction, boolean()}]]></c></tag>
 	  <item>
 	    <p>If <c>false</c>, disables the client to connect to the server
diff --git a/lib/ssh/src/ssh_options.erl b/lib/ssh/src/ssh_options.erl
index 68c99743ee..cf1534bd78 100644
--- a/lib/ssh/src/ssh_options.erl
+++ b/lib/ssh/src/ssh_options.erl
@@ -439,6 +439,12 @@ default(client) ->
             class => user_options
            },
 
+      {save_accepted_host, def} =>
+          #{default => true,
+            chk => fun erlang:is_boolean/1,
+            class => user_options
+           },
+
       {pref_public_key_algs, def} =>
           #{default => ssh_transport:default_algorithms(public_key),
             chk => fun check_pref_public_key_algs/1,
diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl
index 154894cda8..a7f4854b4b 100644
--- a/lib/ssh/src/ssh_transport.erl
+++ b/lib/ssh/src/ssh_transport.erl
@@ -889,10 +889,13 @@ known_host_key(#ssh{opts = Opts, key_cb = {KeyCb,KeyCbOpts}, peer = {PeerName,_}
 	{_,true} ->
 	    ok;
 	{_,false} ->
+            DoAdd = ?GET_OPT(save_accepted_host, Opts),
 	    case accepted_host(Ssh, PeerName, Public, Opts) of
-		true ->
+		true when DoAdd == true ->
 		    {_,R} = add_host_key(KeyCb, PeerName, Public, [{key_cb_private,KeyCbOpts}|UserOpts]),
                     R;
+		true when DoAdd == false ->
+                    ok;
 		false ->
 		    {error, rejected_by_user};
                 {error,E} ->
diff --git a/lib/ssh/test/ssh_options_SUITE.erl b/lib/ssh/test/ssh_options_SUITE.erl
index 144ec7f8fd..18543f8cb9 100644
--- a/lib/ssh/test/ssh_options_SUITE.erl
+++ b/lib/ssh/test/ssh_options_SUITE.erl
@@ -70,7 +70,8 @@
 	 hostkey_fingerprint_check_sha256/1,
 	 hostkey_fingerprint_check_sha384/1,
 	 hostkey_fingerprint_check_sha512/1,
-	 hostkey_fingerprint_check_list/1
+	 hostkey_fingerprint_check_list/1,
+         save_accepted_host_option/1
 	]).
 
 %%% Common test callbacks
@@ -124,6 +125,7 @@ all() ->
      id_string_own_string_server,
      id_string_own_string_server_trail_space,
      id_string_random_server,
+     save_accepted_host_option,
      {group, hardening_tests}
     ].
 
@@ -211,7 +213,8 @@ init_per_testcase(_TestCase, Config) ->
 end_per_testcase(TestCase, Config) when TestCase == server_password_option;
 					TestCase == server_userpassword_option;
 					TestCase == server_pwdfun_option;
-					TestCase == server_pwdfun_4_option ->
+					TestCase == server_pwdfun_4_option ;
+                                        TestCase == save_accepted_host_option ->
     UserDir = filename:join(proplists:get_value(priv_dir, Config), nopubkey),
     ssh_test_lib:del_dirs(UserDir),
     end_per_testcase(Config);
@@ -1313,6 +1316,36 @@ try_to_connect(Connect, Host, Port, Pid, Tref, N) ->
 	     end
      end.
 
+%%--------------------------------------------------------------------
+save_accepted_host_option(Config) ->
+    PrivDir = proplists:get_value(priv_dir, Config),
+    UserDir = filename:join(PrivDir, nopubkey), % to make sure we don't use public-key-auth
+    KnownHosts = filename:join(UserDir, "known_hosts"),
+    file:make_dir(UserDir),
+    file:delete(KnownHosts),
+    SysDir = proplists:get_value(data_dir, Config),	  
+    {Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SysDir},
+					     {user_dir, UserDir},
+					     {user_passwords, [{"vego", "morot"}]}
+                                            ]),
+    {error,enoent} = file:read_file(KnownHosts),
+
+    {ok,_C1} = ssh:connect(Host, Port, [{silently_accept_hosts, true},
+                                        {user, "vego"},
+                                        {password, "morot"},
+                                        {user_interaction, false},
+                                        {save_accepted_host, false},
+                                        {user_dir, UserDir}]),
+    {error,enoent} = file:read_file(KnownHosts),
+    
+    {ok,_C2} = ssh:connect(Host, Port, [{silently_accept_hosts, true},
+                                        {user, "vego"},
+                                        {password, "morot"},
+                                        {user_interaction, false},
+                                        {user_dir, UserDir}]),
+    {ok,_} = file:read_file(KnownHosts),
+    ssh:stop_daemon(Pid).
+
 %%--------------------------------------------------------------------
 %% Internal functions ------------------------------------------------
 %%--------------------------------------------------------------------
-- 
cgit v1.2.3