generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

SSH: public key can now be an empty string

Browse Source 
If an empty string is passed to CURLOPT_SSH_PUBLIC_KEYFILE, libcurl will
pass no public key to libssh2 which then tries to compute it from the
private key. This is known to work when libssh2 1.4.0+ is linked against
OpenSSL.
This commit is contained in:
Armel Asselin 2012-04-01 20:22:37 +02:00 committed by Daniel Stenberg
parent ebf315e6f3
commit 05a443adf2
2 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/libcurl/curl_easy_setopt.3
View File

@ -2380,6 +2380,9 @@ Pass a char * pointing to a file name for your public key. If not used,
libcurl defaults to \fB$HOME/.ssh/id_dsa.pub\fP if the HOME environment
variable is set, and just "id_dsa.pub" in the current directory if HOME is not
set. (Added in 7.16.1)
If an empty string is passed, libcurl will pass no public key to libssh2
which then tries to compute it from the private key, this is known to work
when libssh2 1.4.0+ is linked against OpenSSL. (Added in 7.25.1)
.IP CURLOPT_SSH_PRIVATE_KEYFILE
Pass a char * pointing to a file name for your private key. If not used,
libcurl defaults to \fB$HOME/.ssh/id_dsa\fP if the HOME environment variable

8
lib/ssh.c
View File

@ -770,6 +770,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block)
if((data->set.ssh_auth_types & CURLSSH_AUTH_PUBLICKEY) &&
(strstr(sshc->authlist, "publickey") != NULL)) {
char *home = NULL;
bool rsa_pub_empty_but_ok = FALSE;
sshc->rsa_pub = sshc->rsa = NULL;
@ -777,7 +778,10 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block)
HOME environment variable etc? */
home = curl_getenv("HOME");
if(data->set.str[STRING_SSH_PUBLIC_KEY])
if(data->set.str[STRING_SSH_PUBLIC_KEY] &&
!*data->set.str[STRING_SSH_PUBLIC_KEY])
rsa_pub_empty_but_ok = true;
else if(data->set.str[STRING_SSH_PUBLIC_KEY])
sshc->rsa_pub = aprintf("%s", data->set.str[STRING_SSH_PUBLIC_KEY]);
else if(home)
sshc->rsa_pub = aprintf("%s/.ssh/id_dsa.pub", home);
@ -785,7 +789,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block)
/* as a final resort, try current dir! */
sshc->rsa_pub = strdup("id_dsa.pub");
if(sshc->rsa_pub == NULL) {
if(!rsa_pub_empty_but_ok && (sshc->rsa_pub == NULL)) {
Curl_safefree(home);
state(conn, SSH_SESSION_FREE);
sshc->actualcode = CURLE_OUT_OF_MEMORY;