ssh: do ssh cert info before asking for credentials

We know the host's key as soon as we connect, so we should perform the check as soon as we can, before we bother with the user's credentials.
author: Carlos Martín Nieto <cmn@dwim.me> 2014-08-29 21:15:36 +0200
committer: Carlos Martín Nieto <cmn@dwim.me> 2014-09-16 17:01:31 +0200
commit: 2f5864c50c3c82d01837570cb0b7e629295c65cf (patch)
tree: 39f500e40496c66e2118591cb7a732237fb396e6
parent: 17491f6e5660b82cb8163eea58805df6398af16e (diff)
download: libgit2-2f5864c50c3c82d01837570cb0b7e629295c65cf.tar.gz
2 files changed, 47 insertions, 47 deletions
diff --git a/src/transports/ssh.c b/src/transports/ssh.c
index 8344714f3..a25ab6315 100644
--- a/src/transports/ssh.c
+++ b/src/transports/ssh.c
@@ -467,6 +467,49 @@ static int _git_ssh_setup_conn(
 		GITERR_CHECK_ALLOC(port);
 	}
 
+	if ((error = gitno_connect(&s->socket, host, port, 0)) < 0)
+		goto on_error;
+
+	if ((error = _git_ssh_session_create(&session, s->socket)) < 0)
+		goto on_error;
+
+	if (t->owner->certificate_check_cb != NULL) {
+		git_cert_hostkey cert;
+		const char *key;
+		int allow;
+		size_t certlen;
+
+		cert.type = LIBSSH2_HOSTKEY_HASH_SHA1;
+		key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
+		if (key != NULL) {
+			certlen = 20;
+			memcpy(&cert.hash, key, certlen);
+		} else {
+			cert.type = LIBSSH2_HOSTKEY_HASH_MD5;
+			key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
+			certlen = 16;
+			if (key != NULL)
+				memcpy(&cert.hash, key, certlen);
+		}
+
+		if (key == NULL) {
+			giterr_set(GITERR_SSH, "unable to get the host key");
+			return -1;
+		}
+
+		/* We don't currently trust any hostkeys */
+                allow = t->owner->certificate_check_cb(GIT_CERT_HOSTKEY_LIBSSH2, &cert, certlen, 0, t->owner->message_cb_payload);
+                if (allow < 0) {
+                        error = allow;
+                        goto on_error;
+                }
+
+                if (!allow) {
+                        error = GIT_ECERTIFICATE;
+                        goto on_error;
+                }
+        }
+
 	/* we need the username to ask for auth methods */
 	if (!user) {
 		if ((error = request_creds(&cred, t, NULL, GIT_CREDTYPE_USERNAME)) < 0)
@@ -482,12 +525,6 @@ static int _git_ssh_setup_conn(
 			goto on_error;
 	}
 
-	if ((error = gitno_connect(&s->socket, host, port, 0)) < 0)
-		goto on_error;
-
-	if ((error = _git_ssh_session_create(&session, s->socket)) < 0)
-		goto on_error;
-
 	if ((error = list_auth_methods(&auth_methods, session, user)) < 0)
 		goto on_error;
 
@@ -517,48 +554,10 @@ static int _git_ssh_setup_conn(
 	if (error < 0)
 		goto on_error;
 
-	if (t->owner->certificate_check_cb != NULL) {
-		git_cert_hostkey cert;
-		const char *key;
-		int allow;
-		size_t certlen;
-
-		cert.type = LIBSSH2_HOSTKEY_HASH_SHA1;
-		key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
-		if (key != NULL) {
-			certlen = 20;
-			memcpy(&cert.hash, key, certlen);
-		} else {
-			cert.type = LIBSSH2_HOSTKEY_HASH_MD5;
-			key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
-			certlen = 16;
-			if (key != NULL)
-				memcpy(&cert.hash, key, certlen);
-		}
-
-		if (key == NULL) {
-			giterr_set(GITERR_SSH, "unable to get the host key");
-			return -1;
-		}
-
-		/* We don't currently trust any hostkeys */
-                allow = t->owner->certificate_check_cb(GIT_CERT_HOSTKEY_LIBSSH2, &cert, certlen, 0, t->owner->message_cb_payload);
-                if (allow < 0) {
-                        error = allow;
-                        goto on_error;
-                }
-
-                if (!allow) {
-                        error = GIT_ECERTIFICATE;
-                        goto on_error;
-                }
-        }
-
 	channel = libssh2_channel_open_session(session);
 	if (!channel) {
 		error = -1;
 		ssh_error(session, "Failed to open SSH channel");
-                error = -1;
 		goto on_error;
 	}
 
@@ -634,10 +633,8 @@ static int ssh_receivepack_ls(
 {
 	const char *cmd = t->cmd_receivepack ? t->cmd_receivepack : cmd_receivepack;
 
-	if (_git_ssh_setup_conn(t, url, cmd, stream) < 0)
-		return -1;
 
-	return 0;
+	return _git_ssh_setup_conn(t, url, cmd, stream);
 }
 
 static int ssh_receivepack(
diff --git a/tests/online/clone.c b/tests/online/clone.c
index 0e9a17663..66e614e15 100644
--- a/tests/online/clone.c
+++ b/tests/online/clone.c
@@ -487,6 +487,9 @@ void test_online_clone__certificate_invalid(void)
 
 	cl_git_fail_with(git_clone(&g_repo, "http://github.com/libgit2/TestGitRepository", "./foo", &g_options),
 		GIT_ECERTIFICATE);
+
+	cl_git_fail_with(git_clone(&g_repo, "ssh://github.com/libgit2/TestGitRepository", "./foo", &g_options),
+		GIT_ECERTIFICATE);
 }
 
 static int succeed_certificate_check(git_cert_t type, void *data, size_t len, int valid, void *payload)
author	Carlos Martín Nieto <cmn@dwim.me>	2014-08-29 21:15:36 +0200
committer	Carlos Martín Nieto <cmn@dwim.me>	2014-09-16 17:01:31 +0200
commit	2f5864c50c3c82d01837570cb0b7e629295c65cf (patch)
tree	39f500e40496c66e2118591cb7a732237fb396e6
parent	17491f6e5660b82cb8163eea58805df6398af16e (diff)
download	libgit2-2f5864c50c3c82d01837570cb0b7e629295c65cf.tar.gz