diff options
| author | Nobuhiro Ban <ban_nobuhiro@users.sf.net> | 2014-11-09 15:30:06 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2014-11-09 15:43:27 +0100 |
| commit | 18e1a3022deebfa91ef022f09de3396d595f50b2 (patch) | |
| tree | e9a5f333900cb1bc016bef0a521857bb996dc76f /lib | |
| parent | 5d427004c6d985d52b18e408d837f59b88e8d0ff (diff) | |
SSH: use the port number as well for known_known checks
... if the libssh2 version is new enough.
Bug: http://curl.haxx.se/bug/view.cgi?id=1448
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/ssh.c | 19 |
1 files changed, 19 insertions, 0 deletions
@@ -99,6 +99,13 @@ # endif #endif +/* Feature detection based on version numbers to better work with + non-configure platforms */ +#if LIBSSH2_VERSION_NUM >= 0x010206 +/* libssh2_knownhost_checkp was added in 1.2.6 */ +#define HAVE_LIBSSH2_KNOWNHOST_CHECKP +#endif + #ifndef PATH_MAX #define PATH_MAX 1024 /* just an extra precaution since there are systems that have their definition hidden well */ @@ -546,6 +553,17 @@ static CURLcode ssh_knownhost(struct connectdata *conn) keybit = (keytype == LIBSSH2_HOSTKEY_TYPE_RSA)? LIBSSH2_KNOWNHOST_KEY_SSHRSA:LIBSSH2_KNOWNHOST_KEY_SSHDSS; +#ifdef HAVE_LIBSSH2_KNOWNHOST_CHECKP + keycheck = libssh2_knownhost_checkp(sshc->kh, + conn->host.name, + (conn->remote_port != PORT_SSH)? + conn->remote_port:-1, + remotekey, keylen, + LIBSSH2_KNOWNHOST_TYPE_PLAIN| + LIBSSH2_KNOWNHOST_KEYENC_RAW| + keybit, + &host); +#else keycheck = libssh2_knownhost_check(sshc->kh, conn->host.name, remotekey, keylen, @@ -553,6 +571,7 @@ static CURLcode ssh_knownhost(struct connectdata *conn) LIBSSH2_KNOWNHOST_KEYENC_RAW| keybit, &host); +#endif infof(data, "SSH host check: %d, key: %s\n", keycheck, (keycheck <= LIBSSH2_KNOWNHOST_CHECK_MISMATCH)? |