summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJay Satiro <raysatiro@yahoo.com>2020-02-23 18:37:09 -0500
committerJay Satiro <raysatiro@yahoo.com>2020-03-07 03:06:11 -0500
commit09aa807240b9dcde78a919ff712316a1daf0655e (patch)
treef94d596f877bd3b95aa0933e88b3af0f02bd6b40 /lib
parente54b1885d19dee5ed04761295020a0a84b8296ca (diff)
downloadcurl-09aa807240b9dcde78a919ff712316a1daf0655e.tar.gz
libssh: Fix matching user-specified MD5 hex key
Prior to this change a match would never be successful because it was mistakenly coded to compare binary data from libssh to a user-specified hex string (ie CURLOPT_SSH_HOST_PUBLIC_KEY_MD5). Reported-by: fds242@users.noreply.github.com Fixes https://github.com/curl/curl/issues/4971 Closes https://github.com/curl/curl/pull/4974
Diffstat (limited to 'lib')
-rw-r--r--lib/vssh/libssh.c20
1 files changed, 17 insertions, 3 deletions
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 647b4d491..08d9f9e0f 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -345,13 +345,27 @@ static int myssh_is_known(struct connectdata *conn)
return rc;
if(data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5]) {
+ int i;
+ char md5buffer[33];
+ const char *pubkey_md5 = data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5];
+
rc = ssh_get_publickey_hash(pubkey, SSH_PUBLICKEY_HASH_MD5,
&hash, &hlen);
- if(rc != SSH_OK)
+ if(rc != SSH_OK || hlen != 16) {
+ failf(data,
+ "Denied establishing ssh session: md5 fingerprint not available");
goto cleanup;
+ }
+
+ for(i = 0; i < 16; i++)
+ msnprintf(&md5buffer[i*2], 3, "%02x", (unsigned char)hash[i]);
+
+ infof(data, "SSH MD5 fingerprint: %s\n", md5buffer);
- if(hlen != strlen(data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5]) ||
- memcmp(&data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5], hash, hlen)) {
+ if(!strcasecompare(md5buffer, pubkey_md5)) {
+ failf(data,
+ "Denied establishing ssh session: mismatch md5 fingerprint. "
+ "Remote %s is not equal to %s", md5buffer, pubkey_md5);
rc = SSH_ERROR;
goto cleanup;
}