- stuff[0] = sprintf((char *)(&stuff[1]),
- "The server's key fingerprint is: %s\n"
- "Continue connecting?", fingerprint);
- ParamText(stuff, NULL, NULL, NULL);
+ /* Verify the key against the cache */
+
+ ret = verify_host_key(host, port, keytype, keystr);
+
+ if (ret == 0) /* success - key matched OK */
+ return;
+ if (ret == 2) { /* key was different */
+ stuff[0] = sprintf((char *)(&stuff[1]),
+ "WARNING - POTENTIAL SECURITY BREACH\n",
+ "The key fingerprint is: %s\n"
+ "Continue connecting?", fingerprint);
+ ParamText(stuff, NULL, NULL, NULL);
+ }
+ if (ret == 1) { /* key was absent */
+ stuff[0] = sprintf((char *)(&stuff[1]),
+ "The server's key fingerprint is: %s\n"
+ "Continue connecting?", fingerprint);
+ ParamText(stuff, NULL, NULL, NULL);
+ }
+