Commit 286369a8 by Carlos Martín Nieto

ssh: provide our own types for host key lengths

Instead of using the libssh2 defines, provide our own, which eases usage
as we do not need to check whether libgit2 was built with libssh2 or not.
parent ebda0970
...@@ -21,6 +21,16 @@ ...@@ -21,6 +21,16 @@
GIT_BEGIN_DECL GIT_BEGIN_DECL
/** /**
* Type of SSH host fingerprint
*/
typedef enum {
/** MD5, 16 bytes */
GIT_CERT_SSH_MD5,
/** SHA-1, 20 bytes */
GIT_CERT_SSH_SHA1,
} git_cert_ssh_type ;
/**
* Hostkey information taken from libssh2 * Hostkey information taken from libssh2
*/ */
typedef struct { typedef struct {
...@@ -31,9 +41,9 @@ typedef struct { ...@@ -31,9 +41,9 @@ typedef struct {
git_cert_t cert_type; git_cert_t cert_type;
/** /**
* A hostkey type from libssh2, either * A hostkey type from libssh2, either
* `LIBSSH2_HOSTKEY_HASH_MD5` or `LIBSSH2_HOSTKEY_HASH_SHA1` * `GIT_CERT_SSH_MD5` or `GIT_CERT_SSH_SHA1`
*/ */
int type; git_cert_ssh_type type;
/** /**
* Hostkey hash. If the type is MD5, only the first 16 bytes * Hostkey hash. If the type is MD5, only the first 16 bytes
* will be set. * will be set.
......
...@@ -480,23 +480,21 @@ static int _git_ssh_setup_conn( ...@@ -480,23 +480,21 @@ static int _git_ssh_setup_conn(
goto on_error; goto on_error;
if (t->owner->certificate_check_cb != NULL) { if (t->owner->certificate_check_cb != NULL) {
git_cert_hostkey cert; git_cert_hostkey cert = { 0 };
const char *key; const char *key;
size_t certlen;
cert.cert_type = GIT_CERT_HOSTKEY_LIBSSH2; cert.cert_type = GIT_CERT_HOSTKEY_LIBSSH2;
cert.type = LIBSSH2_HOSTKEY_HASH_SHA1;
key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1); key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
if (key != NULL) { if (key != NULL) {
certlen = 20; cert.type = GIT_CERT_SSH_SHA1;
memcpy(&cert.hash, key, certlen); memcpy(&cert.hash, key, 20);
} else { } else {
cert.type = LIBSSH2_HOSTKEY_HASH_MD5;
key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5); key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
certlen = 16; if (key != NULL) {
if (key != NULL) cert.type = GIT_CERT_SSH_MD5;
memcpy(&cert.hash, key, certlen); memcpy(&cert.hash, key, 16);
}
} }
if (key == NULL) { if (key == NULL) {
......
...@@ -492,6 +492,8 @@ int ssh_certificate_check(git_cert *cert, int valid, void *payload) ...@@ -492,6 +492,8 @@ int ssh_certificate_check(git_cert *cert, int valid, void *payload)
key = (git_cert_hostkey *) cert; key = (git_cert_hostkey *) cert;
git_oid_fromraw(&actual, key->hash); git_oid_fromraw(&actual, key->hash);
cl_assert_equal_i(GIT_CERT_SSH_SHA1, key->type);
cl_assert(git_oid_equal(&expected, &actual)); cl_assert(git_oid_equal(&expected, &actual));
return GIT_EUSER; return GIT_EUSER;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment