diff options
author | Carlos Martín Nieto <cmn@dwim.me> | 2014-08-29 21:15:36 +0200 |
---|---|---|
committer | Carlos Martín Nieto <cmn@dwim.me> | 2014-09-16 17:01:31 +0200 |
commit | 2f5864c50c3c82d01837570cb0b7e629295c65cf (patch) | |
tree | 39f500e40496c66e2118591cb7a732237fb396e6 | |
parent | 17491f6e5660b82cb8163eea58805df6398af16e (diff) | |
download | libgit2-2f5864c50c3c82d01837570cb0b7e629295c65cf.tar.gz |
ssh: do ssh cert info before asking for credentials
We know the host's key as soon as we connect, so we should perform the
check as soon as we can, before we bother with the user's credentials.
-rw-r--r-- | src/transports/ssh.c | 91 | ||||
-rw-r--r-- | tests/online/clone.c | 3 |
2 files changed, 47 insertions, 47 deletions
diff --git a/src/transports/ssh.c b/src/transports/ssh.c index 8344714f3..a25ab6315 100644 --- a/src/transports/ssh.c +++ b/src/transports/ssh.c @@ -467,6 +467,49 @@ static int _git_ssh_setup_conn( GITERR_CHECK_ALLOC(port); } + if ((error = gitno_connect(&s->socket, host, port, 0)) < 0) + goto on_error; + + if ((error = _git_ssh_session_create(&session, s->socket)) < 0) + goto on_error; + + if (t->owner->certificate_check_cb != NULL) { + git_cert_hostkey cert; + const char *key; + int allow; + size_t certlen; + + cert.type = LIBSSH2_HOSTKEY_HASH_SHA1; + key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1); + if (key != NULL) { + certlen = 20; + memcpy(&cert.hash, key, certlen); + } else { + cert.type = LIBSSH2_HOSTKEY_HASH_MD5; + key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5); + certlen = 16; + if (key != NULL) + memcpy(&cert.hash, key, certlen); + } + + if (key == NULL) { + giterr_set(GITERR_SSH, "unable to get the host key"); + return -1; + } + + /* We don't currently trust any hostkeys */ + allow = t->owner->certificate_check_cb(GIT_CERT_HOSTKEY_LIBSSH2, &cert, certlen, 0, t->owner->message_cb_payload); + if (allow < 0) { + error = allow; + goto on_error; + } + + if (!allow) { + error = GIT_ECERTIFICATE; + goto on_error; + } + } + /* we need the username to ask for auth methods */ if (!user) { if ((error = request_creds(&cred, t, NULL, GIT_CREDTYPE_USERNAME)) < 0) @@ -482,12 +525,6 @@ static int _git_ssh_setup_conn( goto on_error; } - if ((error = gitno_connect(&s->socket, host, port, 0)) < 0) - goto on_error; - - if ((error = _git_ssh_session_create(&session, s->socket)) < 0) - goto on_error; - if ((error = list_auth_methods(&auth_methods, session, user)) < 0) goto on_error; @@ -517,48 +554,10 @@ static int _git_ssh_setup_conn( if (error < 0) goto on_error; - if (t->owner->certificate_check_cb != NULL) { - git_cert_hostkey cert; - const char *key; - int allow; - size_t certlen; - - cert.type = LIBSSH2_HOSTKEY_HASH_SHA1; - key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1); - if (key != NULL) { - certlen = 20; - memcpy(&cert.hash, key, certlen); - } else { - cert.type = LIBSSH2_HOSTKEY_HASH_MD5; - key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5); - certlen = 16; - if (key != NULL) - memcpy(&cert.hash, key, certlen); - } - - if (key == NULL) { - giterr_set(GITERR_SSH, "unable to get the host key"); - return -1; - } - - /* We don't currently trust any hostkeys */ - allow = t->owner->certificate_check_cb(GIT_CERT_HOSTKEY_LIBSSH2, &cert, certlen, 0, t->owner->message_cb_payload); - if (allow < 0) { - error = allow; - goto on_error; - } - - if (!allow) { - error = GIT_ECERTIFICATE; - goto on_error; - } - } - channel = libssh2_channel_open_session(session); if (!channel) { error = -1; ssh_error(session, "Failed to open SSH channel"); - error = -1; goto on_error; } @@ -634,10 +633,8 @@ static int ssh_receivepack_ls( { const char *cmd = t->cmd_receivepack ? t->cmd_receivepack : cmd_receivepack; - if (_git_ssh_setup_conn(t, url, cmd, stream) < 0) - return -1; - return 0; + return _git_ssh_setup_conn(t, url, cmd, stream); } static int ssh_receivepack( diff --git a/tests/online/clone.c b/tests/online/clone.c index 0e9a17663..66e614e15 100644 --- a/tests/online/clone.c +++ b/tests/online/clone.c @@ -487,6 +487,9 @@ void test_online_clone__certificate_invalid(void) cl_git_fail_with(git_clone(&g_repo, "http://github.com/libgit2/TestGitRepository", "./foo", &g_options), GIT_ECERTIFICATE); + + cl_git_fail_with(git_clone(&g_repo, "ssh://github.com/libgit2/TestGitRepository", "./foo", &g_options), + GIT_ECERTIFICATE); } static int succeed_certificate_check(git_cert_t type, void *data, size_t len, int valid, void *payload) |