From 055813600ed567f4227ca2d6be522c17116217f0 Mon Sep 17 00:00:00 2001
From: Manu <3916435+m3nu@users.noreply.github.com>
Date: Wed, 18 Nov 2020 15:06:10 +0800
Subject: [PATCH] Re-enable SSH host key checking for all operations except
 when adding repo (#717)

---
 src/vorta/borg/borg_thread.py | 6 +++++-
 src/vorta/borg/info.py        | 6 ++++--
 src/vorta/borg/init.py        | 4 ++++
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/vorta/borg/borg_thread.py b/src/vorta/borg/borg_thread.py
index 4a6f2938..f79fd571 100644
--- a/src/vorta/borg/borg_thread.py
+++ b/src/vorta/borg/borg_thread.py
@@ -61,6 +61,11 @@ def __init__(self, cmd, params, parent=None):
         env = os.environ.copy()
         env['BORG_HOSTNAME_IS_UNIQUE'] = '1'
         env['BORG_RELOCATED_REPO_ACCESS_IS_OK'] = '1'
+        env['BORG_RSH'] = 'ssh'
+
+        if 'additional_env' in params:
+            env = {**env, **params['additional_env']}
+
         password = params.get('password')
         if password is not None:
             env['BORG_PASSPHRASE'] = password
@@ -70,7 +75,6 @@ def __init__(self, cmd, params, parent=None):
         if env.get('BORG_PASSCOMMAND', False):
             env.pop('BORG_PASSPHRASE', None)  # Unset passphrase
 
-        env['BORG_RSH'] = 'ssh -oStrictHostKeyChecking=no'
         ssh_key = params.get('ssh_key')
         if ssh_key is not None:
             ssh_key_path = os.path.expanduser(f'~/.ssh/{ssh_key}')
diff --git a/src/vorta/borg/info.py b/src/vorta/borg/info.py
index b7550ab5..dbfd08dc 100644
--- a/src/vorta/borg/info.py
+++ b/src/vorta/borg/info.py
@@ -2,7 +2,6 @@
 from .borg_thread import BorgThread
 from vorta.models import RepoModel
 from vorta.keyring.abc import get_keyring
-import os
 
 FakeRepo = namedtuple('Repo', ['url', 'id', 'extra_borg_arguments'])
 FakeProfile = namedtuple('FakeProfile', ['repo', 'name', 'ssh_key'])
@@ -35,7 +34,10 @@ def prepare(cls, params):
         cmd = ["borg", "info", "--info", "--json", "--log-json"]
         cmd.append(profile.repo.url)
 
-        os.environ['BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK'] = "yes"
+        ret['additional_env'] = {
+            'BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK': "yes",
+            'BORG_RSH': 'ssh -oStrictHostKeyChecking=no'
+        }
 
         if params['password'] == '':
             ret['password'] = '999999'  # Dummy password if the user didn't supply one. To avoid prompt.
diff --git a/src/vorta/borg/init.py b/src/vorta/borg/init.py
index b7099836..df7b936c 100644
--- a/src/vorta/borg/init.py
+++ b/src/vorta/borg/init.py
@@ -27,6 +27,10 @@ def prepare(cls, params):
         cmd.append(f"--encryption={params['encryption']}")
         cmd.append(params['repo_url'])
 
+        ret['additional_env'] = {
+            'BORG_RSH': 'ssh -oStrictHostKeyChecking=no'
+        }
+
         ret['encryption'] = params['encryption']
         ret['password'] = params['password']
         ret['ok'] = True