From 05a443adf2d607a53a943d6f1df33cd765061c4e Mon Sep 17 00:00:00 2001 From: Armel Asselin Date: Sun, 1 Apr 2012 20:22:37 +0200 Subject: [PATCH] SSH: public key can now be an empty string If an empty string is passed to CURLOPT_SSH_PUBLIC_KEYFILE, libcurl will pass no public key to libssh2 which then tries to compute it from the private key. This is known to work when libssh2 1.4.0+ is linked against OpenSSL. --- docs/libcurl/curl_easy_setopt.3 | 3 +++ lib/ssh.c | 8 ++++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3 index 76b4281ca..d0e054b62 100644 --- a/docs/libcurl/curl_easy_setopt.3 +++ b/docs/libcurl/curl_easy_setopt.3 @@ -2380,6 +2380,9 @@ Pass a char * pointing to a file name for your public key. If not used, libcurl defaults to \fB$HOME/.ssh/id_dsa.pub\fP if the HOME environment variable is set, and just "id_dsa.pub" in the current directory if HOME is not set. (Added in 7.16.1) +If an empty string is passed, libcurl will pass no public key to libssh2 +which then tries to compute it from the private key, this is known to work +when libssh2 1.4.0+ is linked against OpenSSL. (Added in 7.25.1) .IP CURLOPT_SSH_PRIVATE_KEYFILE Pass a char * pointing to a file name for your private key. If not used, libcurl defaults to \fB$HOME/.ssh/id_dsa\fP if the HOME environment variable diff --git a/lib/ssh.c b/lib/ssh.c index ad251f2e0..90c8013c2 100644 --- a/lib/ssh.c +++ b/lib/ssh.c @@ -770,6 +770,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) if((data->set.ssh_auth_types & CURLSSH_AUTH_PUBLICKEY) && (strstr(sshc->authlist, "publickey") != NULL)) { char *home = NULL; + bool rsa_pub_empty_but_ok = FALSE; sshc->rsa_pub = sshc->rsa = NULL; @@ -777,7 +778,10 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) HOME environment variable etc? */ home = curl_getenv("HOME"); - if(data->set.str[STRING_SSH_PUBLIC_KEY]) + if(data->set.str[STRING_SSH_PUBLIC_KEY] && + !*data->set.str[STRING_SSH_PUBLIC_KEY]) + rsa_pub_empty_but_ok = true; + else if(data->set.str[STRING_SSH_PUBLIC_KEY]) sshc->rsa_pub = aprintf("%s", data->set.str[STRING_SSH_PUBLIC_KEY]); else if(home) sshc->rsa_pub = aprintf("%s/.ssh/id_dsa.pub", home); @@ -785,7 +789,7 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) /* as a final resort, try current dir! */ sshc->rsa_pub = strdup("id_dsa.pub"); - if(sshc->rsa_pub == NULL) { + if(!rsa_pub_empty_but_ok && (sshc->rsa_pub == NULL)) { Curl_safefree(home); state(conn, SSH_SESSION_FREE); sshc->actualcode = CURLE_OUT_OF_MEMORY;