diff options
author | Daniel Stenberg <daniel@haxx.se> | 2007-10-03 08:00:42 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2007-10-03 08:00:42 +0000 |
commit | 51c6a5d43b09835289a469165aa7a2bfb79dbdc6 (patch) | |
tree | 49b4c738d465d09c72fd048bb77b91514058b40c /lib/ssh.c | |
parent | 15b8da1980538f5c56115777610867230b0ac9d1 (diff) |
Based on a patch brought by Johnny Luong, libcurl now offers
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both make
the SCP or SFTP connection verify the remote host's md5 checksum of the public
key before doing a connect, to reduce the risk of a man-in-the-middle attack.
Diffstat (limited to 'lib/ssh.c')
-rw-r--r-- | lib/ssh.c | 27 |
1 files changed, 26 insertions, 1 deletions
@@ -310,7 +310,8 @@ static CURLcode ssh_statemach_act(struct connectdata *conn) #ifdef CURL_LIBSSH2_DEBUG const char *fingerprint; #endif /* CURL_LIBSSH2_DEBUG */ - int rc; + const char *host_public_key_md5; + int rc,i; long err; switch(sshc->state) { @@ -351,6 +352,30 @@ static CURLcode ssh_statemach_act(struct connectdata *conn) infof(data, "\n"); #endif /* CURL_LIBSSH2_DEBUG */ + /* Before we authenticate we check the hostkey's MD5 fingerprint + * against a known fingerprint, if available. This implementation pulls + * it from the curl option. + */ + if (data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5] && + strlen(data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5]) == 32) + { + char buf[33]; + host_public_key_md5 = libssh2_hostkey_hash(sftp_scp->ssh_session, + LIBSSH2_HOSTKEY_HASH_MD5); + for (i = 0; i < 16; i++) + snprintf(&buf[i*2], 3, "%02x", + (unsigned char) host_public_key_md5[i]); + if(!strequal(buf, data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5])) { + failf(data, + "Denied establishing ssh session: mismatch md5 fingerprint. " + "Remote %s is not equal to %s", + buf, data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5]); + state(conn, SSH_SESSION_FREE); + sshc->actualCode = CURLE_FAILED_INIT; + break; + } + } + state(conn, SSH_AUTHLIST); break; |