- FILE *f;
- char line[8192];
- int linenum = 0;
- unsigned int bits, kbits, hostlen;
- char *cp, *cp2;
- HostStatus end_return;
-
- /* Open the file containing the list of known hosts. */
- f = fopen(filename, "r");
- if (!f)
- return HOST_NEW;
-
- /* Cache the length of the host name. */
- hostlen = strlen(host);
-
- /* Return value when the loop terminates. This is set to HOST_CHANGED if
- we have seen a different key for the host and have not found the proper
- one. */
- end_return = HOST_NEW;
-
- /* size of modulus 'n' */
- bits = BN_num_bits(n);
-
- /* Go trough the file. */
- while (fgets(line, sizeof(line), f))
- {
- cp = line;
- linenum++;
-
- /* Skip any leading whitespace. */
- for (; *cp == ' ' || *cp == '\t'; cp++)
- ;
-
- /* Ignore comment lines and empty lines. */
- if (!*cp || *cp == '#' || *cp == '\n')
- continue;
-
- /* Find the end of the host name portion. */
- for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++)
- ;
-
- /* Check if the host name matches. */
- if (!match_hostname(host, cp, (unsigned int)(cp2 - cp)))
- continue;
-
- /* Got a match. Skip host name. */
- cp = cp2;
-
- /* Extract the key from the line. This will skip any leading
- whitespace. Ignore badly formatted lines. */
- if (!auth_rsa_read_key(&cp, &kbits, ke, kn))
- continue;
-
- if (kbits != BN_num_bits(kn)) {
- error("Warning: error in %s, line %d: keysize mismatch for host %s: "
- "actual size %d vs. announced %d.",
- filename, linenum, host, BN_num_bits(kn), kbits);
- error("Warning: replace %d with %d in %s, line %d.",
- kbits, BN_num_bits(kn), filename, linenum);
- }
-
- /* Check if the current key is the same as the given key. */
- if (BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0)
- {
- /* Ok, they match. */
- fclose(f);
- return HOST_OK;
- }
-
- /* They do not match. We will continue to go through the file; however,
- we note that we will not return that it is new. */
- end_return = HOST_CHANGED;
- }
- /* Clear variables and close the file. */
- fclose(f);
-
- /* Return either HOST_NEW or HOST_CHANGED, depending on whether we saw a
- different key for the host. */
- return end_return;