[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: libssh patch
[Thread Prev] | [Thread Next]
- Subject: RE: libssh patch
- From: RUBEN GARCIA AZUARA <rubenga@xxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Tue, 06 Apr 2010 20:26:05 +0200
- To: "libssh@xxxxxxxxxx" <libssh@xxxxxxxxxx>
Hi, A new feature patch. This has two files because I forgot one file in the first patch, sorry if it is a problem. Regards. ________________________________________ De: Andreas Schneider [mail@xxxxxxxxxxxx] Enviado el: lunes, 05 de abril de 2010 18:33 Para: libssh@xxxxxxxxxx Asunto: Re: libssh patch On Monday 05 April 2010 08:02:57 you wrote: > Hello, Hi, > > I am trying delivering a new patch, but I had never used git. http://dev.libssh.org/wiki/HowToSendPatches http://book.git-scm.com/ has nice video tutorials. > The first patch include a fix bug to ignore case in HOST parameter. > > The second patch add new features: Supports StrictHostKeyChecking and > UserKnownHostsFile config parameters. > > Sorry if I make some mistakes, and, please, you tell me how could solve > them. Could you please attach them to the mail? Thanks, -- andreas
From c796144f0c5f5fd271ea387ca1a8de5f1ddb050f Mon Sep 17 00:00:00 2001
From: Ruben Garcia Azuara <rubenga@xxxxxx>
Date: Tue, 6 Apr 2010 20:07:01 +0200
Subject: [PATCH 1/2] ADD support for StrictHostKeyChecking and UserKnownHostsFile parameters
Ruben Garcia Azuara, a Telefonica I+D SAU worker, deliver a patch
to add OpenSSH parameters to libssh:
- StrictHostKeyChecking
- UserKnownHostsFile
This parameters are useful to avoid checking the fingerprint. Ej:
~/.ssh/config:
Host 192.10.20.30
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
Signed-off-by: Ruben Garcia Azuara <rubenga@xxxxxx>
---
include/libssh/libssh.h | 4 ++--
include/libssh/session.h | 2 +-
libssh/config.c | 18 +++++++++++++++++-
libssh/keyfiles.c | 5 +++++
libssh/options.c | 12 ++++++++++++
5 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h
index 462be33..d5020b5 100644
--- a/include/libssh/libssh.h
+++ b/include/libssh/libssh.h
@@ -269,11 +269,11 @@ enum ssh_options_e {
SSH_OPTIONS_SSH2,
SSH_OPTIONS_LOG_VERBOSITY,
SSH_OPTIONS_LOG_VERBOSITY_STR,
-
SSH_OPTIONS_CIPHERS_C_S,
SSH_OPTIONS_CIPHERS_S_C,
SSH_OPTIONS_COMPRESSION_C_S,
- SSH_OPTIONS_COMPRESSION_S_C
+ SSH_OPTIONS_COMPRESSION_S_C,
+ SSH_OPTIONS_HOSTKEYCHECK
};
enum {
diff --git a/include/libssh/session.h b/include/libssh/session.h
index 56352c1..c66ceec 100644
--- a/include/libssh/session.h
+++ b/include/libssh/session.h
@@ -141,7 +141,7 @@ struct ssh_session_struct {
socket_t fd;
int ssh2;
int ssh1;
-
+ int StrictHostKeyChecking;
};
int ssh_handle_packets(ssh_session session, int timeout);
diff --git a/libssh/config.c b/libssh/config.c
index e3a00ca..044b35f 100644
--- a/libssh/config.c
+++ b/libssh/config.c
@@ -38,7 +38,9 @@ enum ssh_config_opcode_e {
SOC_CIPHERS,
SOC_COMPRESSION,
SOC_TIMEOUT,
- SOC_PROTOCOL
+ SOC_PROTOCOL,
+ SOC_HOSTKEYCHECK,
+ SOC_KNOWNHOSTS
};
struct ssh_config_keyword_table_s {
@@ -56,6 +58,8 @@ static struct ssh_config_keyword_table_s ssh_config_keyword_table[] = {
{ "compression", SOC_COMPRESSION },
{ "connecttimeout", SOC_TIMEOUT },
{ "protocol", SOC_PROTOCOL },
+ { "stricthostkeychecking", SOC_HOSTKEYCHECK },
+ { "userknownhostsfile", SOC_KNOWNHOSTS },
{ NULL, SOC_UNSUPPORTED }
};
@@ -274,6 +278,18 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &i);
}
break;
+ case SOC_HOSTKEYCHECK:
+ i = ssh_config_get_yesno(&s, -1);
+ if (i >= 0 && *parsing) {
+ ssh_options_set(session, SSH_OPTIONS_HOSTKEYCHECK, &i);
+ }
+ break;
+ case SOC_KNOWNHOSTS:
+ p = ssh_config_get_str(&s, NULL);
+ if (p && *parsing) {
+ ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, p);
+ }
+ break;
case SOC_UNSUPPORTED:
fprintf(stderr, "Unsupported option: %s, line: %d\n", keyword, count);
break;
diff --git a/libssh/keyfiles.c b/libssh/keyfiles.c
index 663d508..c1bc18f 100644
--- a/libssh/keyfiles.c
+++ b/libssh/keyfiles.c
@@ -1676,6 +1676,11 @@ int ssh_is_server_known(ssh_session session) {
}
} while (1);
+ if ( (ret == SSH_SERVER_NOT_KNOWN) && (session->StrictHostKeyChecking == 0) ) {
+ ssh_write_knownhost(session);
+ ret = SSH_SERVER_KNOWN_OK;
+ }
+
SAFE_FREE(host);
if (file != NULL) {
fclose(file);
diff --git a/libssh/options.c b/libssh/options.c
index 17e6857..2b3276a 100644
--- a/libssh/options.c
+++ b/libssh/options.c
@@ -362,6 +362,10 @@ char *dir_expand_dup(ssh_session session, const char *value, int allowsshdir) {
* Set the compression to use for server to client
* communication (string, "none" or "zlib").
*
+ * - SSH_OPTIONS_HOSTKEYCHECK:
+ * Set the parameter StrictHostKeyChecking to avoid
+ * asking about a fingerprint
+ *
* @param value The value to set. This is a generic pointer and the
* datatype which is used should be set according to the
* type set.
@@ -612,6 +616,14 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
return -1;
}
break;
+ case SSH_OPTIONS_HOSTKEYCHECK:
+ if (value == NULL) {
+ ssh_set_error_invalid(session, __FUNCTION__);
+ return -1;
+ } else {
+ session->StrictHostKeyChecking = *(int*)value;
+ }
+ break;
default:
ssh_set_error(session, SSH_REQUEST_DENIED, "Unknown ssh option %d", type);
return -1;
--
1.6.3.3
From 496715c4f1eef99a2836e2b85751fc949f6e5c00 Mon Sep 17 00:00:00 2001
From: Ruben Garcia Azuara <rubenga@xxxxxx>
Date: Tue, 6 Apr 2010 20:21:38 +0200
Subject: [PATCH 2/2] Complete the last commit.
I Forgot add this file.
Signed-off-by: Ruben Garcia Azuara <rubenga@xxxxxx>
---
libssh/session.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/libssh/session.c b/libssh/session.c
index e6d9fc7..ec127f5 100644
--- a/libssh/session.c
+++ b/libssh/session.c
@@ -90,6 +90,7 @@ ssh_session ssh_new(void) {
session->maxchannel = FIRST_CHANNEL;
/* options */
+ session->StrictHostKeyChecking = 1;
session->port = 22;
session->fd = -1;
session->ssh2 = 1;
--
1.6.3.3
| Re: libssh patch | Aris Adamantiadis <aris@xxxxxxxxxxxx> |
| Re: libssh patch | Andreas Schneider <mail@xxxxxxxxxxxx> |
| libssh patch | Ruben Garcia Azuara <rubenga@xxxxxx> |
| Re: libssh patch | Andreas Schneider <mail@xxxxxxxxxxxx> |