[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnurl] 250/264: libssh: avoid options override by configuration files
From: |
gnunet |
Subject: |
[gnurl] 250/264: libssh: avoid options override by configuration files |
Date: |
Thu, 30 Apr 2020 16:09:13 +0200 |
This is an automated email from the git hooks/post-receive script.
nikita pushed a commit to branch master
in repository gnurl.
commit 7bc709f670237fbee49e24bc96ec3f190b8fc539
Author: Anderson Toshiyuki Sasaki <address@hidden>
AuthorDate: Wed Apr 22 14:36:31 2020 +0200
libssh: avoid options override by configuration files
Previously, options set explicitly through command line options could be
overridden by the configuration files parsed automatically when
ssh_connect() was called.
By calling ssh_options_parse_config() explicitly, the configuration
files are parsed before setting the options, avoiding the options
override. Once the configuration files are parsed, the automatic
configuration parsing is not executed.
Fixes #4972
Closes #5283
Signed-off-by: Anderson Toshiyuki Sasaki <address@hidden>
---
lib/vssh/libssh.c | 61 ++++++++++++++++++++++++++++++++++++++++++-------------
1 file changed, 47 insertions(+), 14 deletions(-)
diff --git a/lib/vssh/libssh.c b/lib/vssh/libssh.c
index 54bc5e019..8988e2392 100644
--- a/lib/vssh/libssh.c
+++ b/lib/vssh/libssh.c
@@ -2149,6 +2149,7 @@ static CURLcode myssh_connect(struct connectdata *conn,
bool *done)
CURLcode result;
curl_socket_t sock = conn->sock[FIRSTSOCKET];
struct Curl_easy *data = conn->data;
+ int rc;
/* initialize per-handle data if not already */
if(!data->req.protop)
@@ -2175,38 +2176,70 @@ static CURLcode myssh_connect(struct connectdata *conn,
bool *done)
return CURLE_FAILED_INIT;
}
- ssh_options_set(ssh->ssh_session, SSH_OPTIONS_FD, &sock);
+ rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_HOST, conn->host.name);
+ if(rc != SSH_OK) {
+ failf(data, "Could not set remote host");
+ return CURLE_FAILED_INIT;
+ }
+
+ rc = ssh_options_parse_config(ssh->ssh_session, NULL);
+ if(rc != SSH_OK) {
+ infof(data, "Could not parse SSH configuration files");
+ /* ignore */
+ }
+
+ rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_FD, &sock);
+ if(rc != SSH_OK) {
+ failf(data, "Could not set socket");
+ return CURLE_FAILED_INIT;
+ }
- if(conn->user) {
+ if(conn->user && conn->user[0] != '\0') {
infof(data, "User: %s\n", conn->user);
- ssh_options_set(ssh->ssh_session, SSH_OPTIONS_USER, conn->user);
+ rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_USER, conn->user);
+ if(rc != SSH_OK) {
+ failf(data, "Could not set user");
+ return CURLE_FAILED_INIT;
+ }
}
if(data->set.str[STRING_SSH_KNOWNHOSTS]) {
infof(data, "Known hosts: %s\n", data->set.str[STRING_SSH_KNOWNHOSTS]);
- ssh_options_set(ssh->ssh_session, SSH_OPTIONS_KNOWNHOSTS,
- data->set.str[STRING_SSH_KNOWNHOSTS]);
+ rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_KNOWNHOSTS,
+ data->set.str[STRING_SSH_KNOWNHOSTS]);
+ if(rc != SSH_OK) {
+ failf(data, "Could not set known hosts file path");
+ return CURLE_FAILED_INIT;
+ }
}
- ssh_options_set(ssh->ssh_session, SSH_OPTIONS_HOST, conn->host.name);
- if(conn->remote_port)
- ssh_options_set(ssh->ssh_session, SSH_OPTIONS_PORT,
- &conn->remote_port);
+ if(conn->remote_port) {
+ rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_PORT,
+ &conn->remote_port);
+ if(rc != SSH_OK) {
+ failf(data, "Could not set remote port");
+ return CURLE_FAILED_INIT;
+ }
+ }
if(data->set.ssh_compression) {
- ssh_options_set(ssh->ssh_session, SSH_OPTIONS_COMPRESSION,
- "zlib,address@hidden,none");
+ rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_COMPRESSION,
+ "zlib,address@hidden,none");
+ if(rc != SSH_OK) {
+ failf(data, "Could not set compression");
+ return CURLE_FAILED_INIT;
+ }
}
ssh->privkey = NULL;
ssh->pubkey = NULL;
if(data->set.str[STRING_SSH_PUBLIC_KEY]) {
- int rc = ssh_pki_import_pubkey_file(data->set.str[STRING_SSH_PUBLIC_KEY],
- &ssh->pubkey);
+ rc = ssh_pki_import_pubkey_file(data->set.str[STRING_SSH_PUBLIC_KEY],
+ &ssh->pubkey);
if(rc != SSH_OK) {
failf(data, "Could not load public key file");
- /* ignore */
+ return CURLE_FAILED_INIT;
}
}
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [gnurl] 237/264: GnuTLS: Don't skip really long certificate fields, (continued)
- [gnurl] 237/264: GnuTLS: Don't skip really long certificate fields, gnunet, 2020/04/30
- [gnurl] 239/264: RELEASE-NOTES: synced, gnunet, 2020/04/30
- [gnurl] 203/264: sockfilt: tidy variable naming and data structure in select_ws, gnunet, 2020/04/30
- [gnurl] 204/264: tests: run the sws server on "any port", gnunet, 2020/04/30
- [gnurl] 194/264: cmake: Avoid MSVC C4273 warnings in send/recv checks, gnunet, 2020/04/30
- [gnurl] 195/264: docs/MQTT: replace confusing 80 by 75, gnunet, 2020/04/30
- [gnurl] 193/264: KNOWN_BUGS: Add entry 'Blocking socket operations', gnunet, 2020/04/30
- [gnurl] 215/264: runtests: dummy init the ports variables to avoid warnings, gnunet, 2020/04/30
- [gnurl] 216/264: src: Remove C99 constructs to ensure C89 compliance, gnunet, 2020/04/30
- [gnurl] 252/264: smtp: set auth correctly, gnunet, 2020/04/30
- [gnurl] 250/264: libssh: avoid options override by configuration files,
gnunet <=
- [gnurl] 191/264: sockfilt: fix broken pipe on Windows to be ready in select_ws, gnunet, 2020/04/30
- [gnurl] 224/264: mqtt: improve the state machine, gnunet, 2020/04/30
- [gnurl] 219/264: add more alt-svc test coverage, gnunet, 2020/04/30
- [gnurl] 218/264: test1247: use http server to get the port number set, gnunet, 2020/04/30
- [gnurl] 246/264: tests: make runtests check that disabled tests exists, gnunet, 2020/04/30
- [gnurl] 200/264: mqttd: s/errno/SOCKERRNO, gnunet, 2020/04/30
- [gnurl] 201/264: appveyor: add Unicode winbuild jobs, gnunet, 2020/04/30
- [gnurl] 199/264: buildconf: use find -execdir instead, remove -print and the ares files, gnunet, 2020/04/30
- [gnurl] 197/264: copyright: bump the copyright year range, gnunet, 2020/04/30
- [gnurl] 202/264: libssh: Use new ECDSA key types to check known hosts, gnunet, 2020/04/30