From 51c6a5d43b09835289a469165aa7a2bfb79dbdc6 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 3 Oct 2007 08:00:42 +0000
Subject: Based on a patch brought by Johnny Luong, libcurl now offers
 CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and the curl tool --hostpubmd5. They both
 make the SCP or SFTP connection verify the remote host's md5 checksum of the
 public key before doing a connect, to reduce the risk of a man-in-the-middle
 attack.

---
 lib/url.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'lib/url.c')

diff --git a/lib/url.c b/lib/url.c
index afb0b3837..c91d062fe 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1836,7 +1836,14 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
     result = Curl_setstropt(&data->set.str[STRING_SSH_PRIVATE_KEY],
                             va_arg(param, char *));
     break;
-
+  case CURLOPT_SSH_HOST_PUBLIC_KEY_MD5:
+    /*
+     * Option to allow for the MD5 of the host public key to be checked 
+     * for validation purposes.
+     */
+    result = Curl_setstropt(&data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5],
+                            va_arg(param, char *));
+    break;
   case CURLOPT_HTTP_TRANSFER_DECODING:
     /*
      * disable libcurl transfer encoding is used
-- 
cgit v1.2.3