aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorNobuhiro Ban <ban_nobuhiro@users.sf.net>2014-11-09 15:30:06 +0100
committerDaniel Stenberg <daniel@haxx.se>2014-11-09 15:43:27 +0100
commit18e1a3022deebfa91ef022f09de3396d595f50b2 (patch)
treee9a5f333900cb1bc016bef0a521857bb996dc76f /lib
parent5d427004c6d985d52b18e408d837f59b88e8d0ff (diff)
SSH: use the port number as well for known_known checks
... if the libssh2 version is new enough. Bug: http://curl.haxx.se/bug/view.cgi?id=1448
Diffstat (limited to 'lib')
-rw-r--r--lib/ssh.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/lib/ssh.c b/lib/ssh.c
index 6b849c611..6fefe8aee 100644
--- a/lib/ssh.c
+++ b/lib/ssh.c
@@ -99,6 +99,13 @@
# endif
#endif
+/* Feature detection based on version numbers to better work with
+ non-configure platforms */
+#if LIBSSH2_VERSION_NUM >= 0x010206
+/* libssh2_knownhost_checkp was added in 1.2.6 */
+#define HAVE_LIBSSH2_KNOWNHOST_CHECKP
+#endif
+
#ifndef PATH_MAX
#define PATH_MAX 1024 /* just an extra precaution since there are systems that
have their definition hidden well */
@@ -546,6 +553,17 @@ static CURLcode ssh_knownhost(struct connectdata *conn)
keybit = (keytype == LIBSSH2_HOSTKEY_TYPE_RSA)?
LIBSSH2_KNOWNHOST_KEY_SSHRSA:LIBSSH2_KNOWNHOST_KEY_SSHDSS;
+#ifdef HAVE_LIBSSH2_KNOWNHOST_CHECKP
+ keycheck = libssh2_knownhost_checkp(sshc->kh,
+ conn->host.name,
+ (conn->remote_port != PORT_SSH)?
+ conn->remote_port:-1,
+ remotekey, keylen,
+ LIBSSH2_KNOWNHOST_TYPE_PLAIN|
+ LIBSSH2_KNOWNHOST_KEYENC_RAW|
+ keybit,
+ &host);
+#else
keycheck = libssh2_knownhost_check(sshc->kh,
conn->host.name,
remotekey, keylen,
@@ -553,6 +571,7 @@ static CURLcode ssh_knownhost(struct connectdata *conn)
LIBSSH2_KNOWNHOST_KEYENC_RAW|
keybit,
&host);
+#endif
infof(data, "SSH host check: %d, key: %s\n", keycheck,
(keycheck <= LIBSSH2_KNOWNHOST_CHECK_MISMATCH)?