aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--RELEASE-NOTES1
-rw-r--r--lib/ssh.c22
2 files changed, 15 insertions, 8 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index b1ae3ebbd..d8e08ad13 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -42,6 +42,7 @@ This release includes the following bugfixes:
o gnutls: do not fail on non-fatal handshake errors [15]
o SMTP: only send SIZE if supported [16]
o ftpserver: respond with a 250 to SMTP EHLO
+ o ssh: do not crash if MD5 fingerprint is not provided by libssh2
This release includes the following known bugs:
diff --git a/lib/ssh.c b/lib/ssh.c
index 4455d44e5..466566c1a 100644
--- a/lib/ssh.c
+++ b/lib/ssh.c
@@ -650,19 +650,25 @@ static bool ssh_check_fingerprint(struct connectdata *conn)
const char *fingerprint = libssh2_hostkey_hash(sshc->ssh_session,
LIBSSH2_HOSTKEY_HASH_MD5);
- /* The fingerprint points to static storage (!), don't free() it. */
- for(i = 0; i < 16; i++)
- snprintf(&md5buffer[i*2], 3, "%02x", (unsigned char) fingerprint[i]);
- infof(data, "SSH MD5 fingerprint: %s\n", md5buffer);
+ if(fingerprint) {
+ /* The fingerprint points to static storage (!), don't free() it. */
+ for(i = 0; i < 16; i++)
+ snprintf(&md5buffer[i*2], 3, "%02x", (unsigned char) fingerprint[i]);
+ infof(data, "SSH MD5 fingerprint: %s\n", md5buffer);
+ }
/* Before we authenticate we check the hostkey's MD5 fingerprint
* against a known fingerprint, if available.
*/
if(pubkey_md5 && strlen(pubkey_md5) == 32) {
- if(!strequal(md5buffer, pubkey_md5)) {
- failf(data,
- "Denied establishing ssh session: mismatch md5 fingerprint. "
- "Remote %s is not equal to %s", md5buffer, pubkey_md5);
+ if(!fingerprint || !strequal(md5buffer, pubkey_md5)) {
+ if(fingerprint)
+ failf(data,
+ "Denied establishing ssh session: mismatch md5 fingerprint. "
+ "Remote %s is not equal to %s", md5buffer, pubkey_md5);
+ else
+ failf(data,
+ "Denied establishing ssh session: md5 fingerprint not available");
state(conn, SSH_SESSION_FREE);
sshc->actualcode = CURLE_PEER_FAILED_VERIFICATION;
return sshc->actualcode;