From be538e07667e1ba880b7201014be706851428d40 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Fri, 15 Jan 2016 10:27:33 +0100 Subject: [PATCH] ssh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL The CURLOPT_SSH_PUBLIC_KEYFILE option has been documented to handle empty strings specially since curl-7_25_0-31-g05a443a but the behavior was unintentionally removed in curl-7_38_0-47-gfa7d04f. This commit restores the original behavior and clarifies it in the documentation that NULL and "" have both the same meaning when passed to CURLOPT_SSH_PUBLIC_KEYFILE. Bug: http://curl.haxx.se/mail/lib-2016-01/0072.html --- RELEASE-NOTES | 2 ++ docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3 | 8 ++++---- lib/ssh.c | 7 +++++-- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 8afa3d3e3..58259f928 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -68,6 +68,7 @@ This release includes the following bugfixes: o configure: assume IPv6 works when cross-compiled [29] o openssl: for 1.1.0+ they now provide a SSLeay() macro of their own o openssl: improved error detection/reporting + o ssh: CURLOPT_SSH_PUBLIC_KEYFILE now treats "" as NULL again [30] This release includes the following known bugs: @@ -116,4 +117,5 @@ References to bug reports and discussions on issues: [27] = http://curl.haxx.se/bug/?i=597 [28] = http://curl.haxx.se/bug/?i=584 [29] = http://curl.haxx.se/bug/?i=594 + [30] = http://curl.haxx.se/mail/lib-2016-01/0072.html diff --git a/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3 b/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3 index 35f2a1992..bd930732e 100644 --- a/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3 +++ b/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3 @@ -35,11 +35,11 @@ libcurl defaults to \fB$HOME/.ssh/id_dsa.pub\fP if the HOME environment variable is set, and just "id_dsa.pub" in the current directory if HOME is not set. -If an empty string is passed, libcurl will pass no public key to libssh2 which -then tries to compute it from the private key, this is known to work when -libssh2 1.4.0+ is linked against OpenSSL. +If NULL (or an empty string) is passed, libcurl will pass no public key to +libssh2, which then tries to compute it from the private key. This is known +to work with libssh2 1.4.0+ linked against OpenSSL. .SH DEFAULT -As explained above +NULL .SH PROTOCOLS SFTP and SCP .SH EXAMPLE diff --git a/lib/ssh.c b/lib/ssh.c index f9bbdf104..198a230af 100644 --- a/lib/ssh.c +++ b/lib/ssh.c @@ -848,7 +848,9 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) * libssh2 extract the public key from the private key file. * This is done by simply passing sshc->rsa_pub = NULL. */ - if(data->set.str[STRING_SSH_PUBLIC_KEY]) { + if(data->set.str[STRING_SSH_PUBLIC_KEY] + /* treat empty string the same way as NULL */ + && data->set.str[STRING_SSH_PUBLIC_KEY][0]) { sshc->rsa_pub = strdup(data->set.str[STRING_SSH_PUBLIC_KEY]); if(!sshc->rsa_pub) out_of_memory = TRUE; @@ -869,7 +871,8 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block) free(home); - infof(data, "Using SSH public key file '%s'\n", sshc->rsa_pub); + if(sshc->rsa_pub) + infof(data, "Using SSH public key file '%s'\n", sshc->rsa_pub); infof(data, "Using SSH private key file '%s'\n", sshc->rsa); state(conn, SSH_AUTH_PKEY);