Based on a patch brought by Johnny Luong, libcurl now offers

CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both make the SCP or SFTP connection verify the remote host's md5 checksum of the public key before doing a connect, to reduce the risk of a man-in-the-middle attack.
author: Daniel Stenberg <daniel@haxx.se> 2007-10-03 08:00:42 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2007-10-03 08:00:42 +0000
commit: 51c6a5d43b09835289a469165aa7a2bfb79dbdc6 (patch)
tree: 49b4c738d465d09c72fd048bb77b91514058b40c /lib/url.c
parent: 15b8da1980538f5c56115777610867230b0ac9d1 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/url.c b/lib/url.c
index afb0b3837..c91d062fe 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1836,7 +1836,14 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
     result = Curl_setstropt(&data->set.str[STRING_SSH_PRIVATE_KEY],
                             va_arg(param, char *));
     break;
-
+  case CURLOPT_SSH_HOST_PUBLIC_KEY_MD5:
+    /*
+     * Option to allow for the MD5 of the host public key to be checked 
+     * for validation purposes.
+     */
+    result = Curl_setstropt(&data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5],
+                            va_arg(param, char *));
+    break;
   case CURLOPT_HTTP_TRANSFER_DECODING:
     /*
      * disable libcurl transfer encoding is used
author	Daniel Stenberg <daniel@haxx.se>	2007-10-03 08:00:42 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2007-10-03 08:00:42 +0000
commit	51c6a5d43b09835289a469165aa7a2bfb79dbdc6 (patch)
tree	49b4c738d465d09c72fd048bb77b91514058b40c /lib/url.c
parent	15b8da1980538f5c56115777610867230b0ac9d1 (diff)