From f05e51362f310cb04b0ad8d086b9cf693aad5c9d Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Wed, 12 Sep 2012 16:18:36 +0200 Subject: ssh: do not crash if MD5 fingerprint is not provided by libssh2 The MD5 fingerprint cannot be computed when running in FIPS mode. --- RELEASE-NOTES | 1 + lib/ssh.c | 22 ++++++++++++++-------- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index b1ae3ebbd..d8e08ad13 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -42,6 +42,7 @@ This release includes the following bugfixes: o gnutls: do not fail on non-fatal handshake errors [15] o SMTP: only send SIZE if supported [16] o ftpserver: respond with a 250 to SMTP EHLO + o ssh: do not crash if MD5 fingerprint is not provided by libssh2 This release includes the following known bugs: diff --git a/lib/ssh.c b/lib/ssh.c index 4455d44e5..466566c1a 100644 --- a/lib/ssh.c +++ b/lib/ssh.c @@ -650,19 +650,25 @@ static bool ssh_check_fingerprint(struct connectdata *conn) const char *fingerprint = libssh2_hostkey_hash(sshc->ssh_session, LIBSSH2_HOSTKEY_HASH_MD5); - /* The fingerprint points to static storage (!), don't free() it. */ - for(i = 0; i < 16; i++) - snprintf(&md5buffer[i*2], 3, "%02x", (unsigned char) fingerprint[i]); - infof(data, "SSH MD5 fingerprint: %s\n", md5buffer); + if(fingerprint) { + /* The fingerprint points to static storage (!), don't free() it. */ + for(i = 0; i < 16; i++) + snprintf(&md5buffer[i*2], 3, "%02x", (unsigned char) fingerprint[i]); + infof(data, "SSH MD5 fingerprint: %s\n", md5buffer); + } /* Before we authenticate we check the hostkey's MD5 fingerprint * against a known fingerprint, if available. */ if(pubkey_md5 && strlen(pubkey_md5) == 32) { - if(!strequal(md5buffer, pubkey_md5)) { - failf(data, - "Denied establishing ssh session: mismatch md5 fingerprint. " - "Remote %s is not equal to %s", md5buffer, pubkey_md5); + if(!fingerprint || !strequal(md5buffer, pubkey_md5)) { + if(fingerprint) + failf(data, + "Denied establishing ssh session: mismatch md5 fingerprint. " + "Remote %s is not equal to %s", md5buffer, pubkey_md5); + else + failf(data, + "Denied establishing ssh session: md5 fingerprint not available"); state(conn, SSH_SESSION_FREE); sshc->actualcode = CURLE_PEER_FAILED_VERIFICATION; return sshc->actualcode; -- cgit v1.2.3