cURL / Mailing Lists / curl-library / Single Mail

curl-library

[PATCH] SSH protocols using known_host

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Sun, 12 Jul 2009 00:24:06 +0200 (CEST)

Hello friends!

Attached to this mail is the first take at a patch introducing known_host
support. It requires that you use a fairly recent libssh2 with its
known_host-API supported. It will be available in the (hopefully) soon
released libssh2 1.2.

The new options this provides for libcurl are:

   CURLOPT_SSH_KNOWN_HOSTS [file name to openssh file]
   CURLOPT_SSH_KEYFUNCTION [key callback]
   CURLOPT_SSH_KEYDATA [custom pointer to callback]

The callback gets the info and returns to libcurl how it should behave.
Everything is not properly implemented yet, but you can get a feel for the API
etc.

This also makes the curl tool use "$HOME/.ssh/known_hosts" by default so it
will check the key of the host you connect to unless you use --insecure/-k.

I've run some simple tests successfully with this code, both with and without
known hosts.

I'm interested in all kinds of feedback (and help) to get this going.

PS. I've also been considering a forth option for allowing an app to provide
one or more known hosts without using a known_hosts file, but I've not yet
done any work on that.

-- 
  / daniel.haxx.se

Received on 2009-07-12