curl-library
RE: Re: Allowing CURLOPT_SSH_PUBLIC_KEY_FILE to be not set
From: Ellié Computing Open Source Program <opensource_at_elliecomputing.com>
Date: Mon, 19 Mar 2012 09:57:20 +0100
Date: Mon, 19 Mar 2012 09:57:20 +0100
>From: Daniel Stenberg
>On Fri, 16 Mar 2012, Elli? Computing Open Source Program wrote:
>> I propose that setting CURLOPT_SSH_PUBLIC_KEYFILE option to a zero-long
>> string be interpreted as NULL for libssh2. This value is a total nonsense
>> for a file name(==never used by anybody for something working) and would
>> be
>> thus a good candidate.
>
>Yes, that'll work and it would suit me as well. Will do write up a patch?
here it is, hope it goes through :-)
From: Armel Asselin <armelasselin_at_hotmail.com>
Date: Mon, 19 Mar 2012 09:38:19 +0100
Subject: [PATCH] public key can now be an empty string, meaning that libssh2
should compute the public key from private key
---
docs/libcurl/curl_easy_setopt.3 | 3 +++
lib/ssh.c | 8 ++++++--
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/docs/libcurl/curl_easy_setopt.3
b/docs/libcurl/curl_easy_setopt.3
index ffcf0fa..0d11184 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -2376,6 +2376,9 @@ Pass a char * pointing to a file name for your public
key. If not used,
libcurl defaults to \fB$HOME/.ssh/id_dsa.pub\fP if the HOME environment
variable is set, and just "id_dsa.pub" in the current directory if HOME is
not
set. (Added in 7.16.1)
+If an empty string is passed, libcurl will pass no public key to libssh2
+which then tries to compute it from the private key, this is known to work
+when libssh2 1.4.0+ is linked against OpenSSL. (Added in 7.25.1)
.IP CURLOPT_SSH_PRIVATE_KEYFILE
Pass a char * pointing to a file name for your private key. If not used,
libcurl defaults to \fB$HOME/.ssh/id_dsa\fP if the HOME environment variable
diff --git a/lib/ssh.c b/lib/ssh.c
index 3296f0b..d381600 100644
--- a/lib/ssh.c
+++ b/lib/ssh.c
@@ -768,6 +768,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
if((data->set.ssh_auth_types & CURLSSH_AUTH_PUBLICKEY) &&
(strstr(sshc->authlist, "publickey") != NULL)) {
char *home;
+ bool rsa_pub_empty_but_ok = false;
sshc->rsa_pub = sshc->rsa = NULL;
@@ -775,7 +776,10 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
HOME environment variable etc? */
home = curl_getenv("HOME");
- if(data->set.str[STRING_SSH_PUBLIC_KEY])
+ if(data->set.str[STRING_SSH_PUBLIC_KEY] &&
+ !*data->set.str[STRING_SSH_PUBLIC_KEY])
+ rsa_pub_empty_but_ok = true;
+ else if(data->set.str[STRING_SSH_PUBLIC_KEY])
sshc->rsa_pub = aprintf("%s",
data->set.str[STRING_SSH_PUBLIC_KEY]);
else if(home)
sshc->rsa_pub = aprintf("%s/.ssh/id_dsa.pub", home);
@@ -783,7 +787,7 @@ static CURLcode ssh_statemach_act(struct connectdata
*conn, bool *block)
/* as a final resort, try current dir! */
sshc->rsa_pub = strdup("id_dsa.pub");
- if(sshc->rsa_pub == NULL) {
+ if(!rsa_pub_empty_but_ok && sshc->rsa_pub == NULL) {
Curl_safefree(home);
home = NULL;
state(conn, SSH_SESSION_FREE);
--
1.7.9.msysgit.0
Regards
Armel
Received on 2012-03-19