From c2bdef6f3a16ca5c4ea32444b28772046da881a5 Mon Sep 17 00:00:00 2001 From: Edward Thomson Date: Fri, 24 Feb 2023 17:29:47 +0000 Subject: net: parse urls or scp style paths in the same function --- src/libgit2/transports/ssh.c | 18 +++++++----------- src/util/net.c | 7 +++++++ src/util/net.h | 6 ++++++ 3 files changed, 20 insertions(+), 11 deletions(-) diff --git a/src/libgit2/transports/ssh.c b/src/libgit2/transports/ssh.c index 60d26e802..5500ea100 100644 --- a/src/libgit2/transports/ssh.c +++ b/src/libgit2/transports/ssh.c @@ -788,15 +788,8 @@ static int _git_ssh_setup_conn( s->session = NULL; s->channel = NULL; - if (git_net_str_is_url(url)) - error = git_net_url_parse(&s->url, url); - else - error = git_net_url_parse_scp(&s->url, url); - - if (error < 0) - goto done; - - if ((error = git_socket_stream_new(&s->io, s->url.host, s->url.port)) < 0 || + if ((error = git_net_url_parse_standard_or_scp(&s->url, url)) < 0 || + (error = git_socket_stream_new(&s->io, s->url.host, s->url.port)) < 0 || (error = git_stream_connect(s->io)) < 0) goto done; @@ -806,8 +799,11 @@ static int _git_ssh_setup_conn( * as part of the stream connection, but that's not something that's * exposed. */ - if (git__strntol32(&port, s->url.port, strlen(s->url.port), NULL, 10) < 0) - port = -1; + if (git__strntol32(&port, s->url.port, strlen(s->url.port), NULL, 10) < 0) { + git_error_set(GIT_ERROR_NET, "invalid port to ssh: %s", s->url.port); + error = -1; + goto done; + } if ((error = _git_ssh_session_create(&session, &known_hosts, s->url.host, port, s->io)) < 0) goto done; diff --git a/src/util/net.c b/src/util/net.c index 43c7dc952..ac7befe07 100644 --- a/src/util/net.c +++ b/src/util/net.c @@ -646,6 +646,13 @@ int git_net_url_parse_scp(git_net_url *url, const char *given) return 0; } +int git_net_url_parse_standard_or_scp(git_net_url *url, const char *given) +{ + return git_net_str_is_url(given) ? + git_net_url_parse(url, given) : + git_net_url_parse_scp(url, given); +} + int git_net_url_joinpath( git_net_url *out, git_net_url *one, diff --git a/src/util/net.h b/src/util/net.h index 383592812..17f0bc4f0 100644 --- a/src/util/net.h +++ b/src/util/net.h @@ -34,6 +34,12 @@ extern int git_net_url_parse(git_net_url *url, const char *str); /** Parses a string containing an SCP style path into a URL structure. */ extern int git_net_url_parse_scp(git_net_url *url, const char *str); +/** + * Parses a string containing a standard URL or an SCP style path into + * a URL structure. + */ +extern int git_net_url_parse_standard_or_scp(git_net_url *url, const char *str); + /** Appends a path and/or query string to the given URL */ extern int git_net_url_joinpath( git_net_url *out, -- cgit v1.2.1 From f68b40c0af9c7c5c2c8740fe4a8fbcba367e0087 Mon Sep 17 00:00:00 2001 From: Francois-Xavier Coudert Date: Fri, 24 Feb 2023 11:05:31 +0100 Subject: Pass hostkey & port to host verify callback Co-authored-by: Stefan Karpinski --- src/libgit2/transports/ssh.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/libgit2/transports/ssh.c b/src/libgit2/transports/ssh.c index 5500ea100..d7594aa12 100644 --- a/src/libgit2/transports/ssh.c +++ b/src/libgit2/transports/ssh.c @@ -651,6 +651,8 @@ static int check_against_known_hosts( return ret; } +#define SSH_DEFAULT_PORT 22 + /* * Perform the check for the session's certificate against known hosts if * possible and then ask the user if they have a callback. @@ -748,9 +750,16 @@ static int check_certificate( if (check_cb != NULL) { git_cert_hostkey *cert_ptr = &cert; git_error_state previous_error = {0}; + const char *host_ptr = host; + git_str host_and_port = GIT_STR_INIT; + + if (port != SSH_DEFAULT_PORT) { + git_str_printf(&host_and_port, "%s:%d", host, port); + host_ptr = host_and_port.ptr; + } git_error_state_capture(&previous_error, error); - error = check_cb((git_cert *) cert_ptr, cert_valid, host, check_cb_payload); + error = check_cb((git_cert *) cert_ptr, cert_valid, host_ptr, check_cb_payload); if (error == GIT_PASSTHROUGH) { error = git_error_state_restore(&previous_error); } else if (error < 0 && !git_error_last()) { @@ -758,13 +767,12 @@ static int check_certificate( } git_error_state_free(&previous_error); + git_str_dispose(&host_and_port); } return error; } -#define SSH_DEFAULT_PORT "22" - static int _git_ssh_setup_conn( ssh_subtransport *t, const char *url, -- cgit v1.2.1 From 43e84e246cc716ac51a276945b5b112b21d802d1 Mon Sep 17 00:00:00 2001 From: Edward Thomson Date: Fri, 24 Feb 2023 16:47:39 +0000 Subject: tests: validate host and port for ssh tests when non-standard --- tests/libgit2/online/clone.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/tests/libgit2/online/clone.c b/tests/libgit2/online/clone.c index 1a4cdb520..bb704c066 100644 --- a/tests/libgit2/online/clone.c +++ b/tests/libgit2/online/clone.c @@ -787,10 +787,19 @@ static int ssh_certificate_check(git_cert *cert, int valid, const char *host, vo { git_cert_hostkey *key; git_oid expected = GIT_OID_SHA1_ZERO, actual = GIT_OID_SHA1_ZERO; + git_str expected_host = GIT_STR_INIT; + git_net_url parsed_url = GIT_NET_URL_INIT; GIT_UNUSED(valid); GIT_UNUSED(payload); + cl_git_pass(git_net_url_parse_standard_or_scp(&parsed_url, _remote_url)); + cl_git_pass(git_str_printf(&expected_host, "%s%s%s", + parsed_url.host, + git_net_url_is_default_port(&parsed_url) ? "" : ":", + git_net_url_is_default_port(&parsed_url) ? "" : parsed_url.port)); + cl_assert_equal_s(expected_host.ptr, host); + cl_assert(_remote_ssh_fingerprint); cl_git_pass(git_oid__fromstrp(&expected, _remote_ssh_fingerprint, GIT_OID_SHA1)); @@ -812,7 +821,8 @@ static int ssh_certificate_check(git_cert *cert, int valid, const char *host, vo cl_assert(!memcmp(&expected, &actual, 20)); - cl_assert_equal_s("localhost", host); + git_net_url_dispose(&parsed_url); + git_str_dispose(&expected_host); return GIT_EUSER; } -- cgit v1.2.1