GUACAMOLE-527: Use libssh2_knownhost_readline and remove host key type.

This commit is contained in:
Nick Couchman 2018-05-22 22:59:51 -04:00 committed by Nick Couchman
parent 42044e4279
commit 551598e0a4
11 changed files with 9 additions and 101 deletions

View File

@ -99,7 +99,7 @@ void guac_common_ssh_uninit();
*/ */
guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client, guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client,
const char* hostname, const char* port, guac_common_ssh_user* user, int keepalive, const char* hostname, const char* port, guac_common_ssh_user* user, int keepalive,
const int host_key_type, const char* host_key); const char* host_key);
/** /**
* Disconnects and destroys the given SSH session, freeing all associated * Disconnects and destroys the given SSH session, freeing all associated

View File

@ -416,7 +416,7 @@ static int guac_common_ssh_authenticate(guac_common_ssh_session* common_session)
guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client, guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client,
const char* hostname, const char* port, guac_common_ssh_user* user, int keepalive, const char* hostname, const char* port, guac_common_ssh_user* user, int keepalive,
const int host_key_type, const char* host_key) { const char* host_key) {
int retval; int retval;
@ -529,9 +529,8 @@ guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client,
/* Add host key provided from settings */ /* Add host key provided from settings */
if (host_key && strcmp(host_key, "") > 0) { if (host_key && strcmp(host_key, "") > 0) {
int kh_add = libssh2_knownhost_addc(ssh_known_hosts, hostname, NULL, host_key, strlen(host_key), int kh_add = libssh2_knownhost_readline(ssh_known_hosts, host_key, strlen(host_key),
NULL, 0, LIBSSH2_KNOWNHOST_TYPE_PLAIN|LIBSSH2_KNOWNHOST_KEYENC_BASE64| LIBSSH2_KNOWNHOST_FILE_OPENSSH);
host_key_type, NULL);
if (kh_add) if (kh_add)
guac_client_log(client, GUAC_LOG_WARNING, "Failed to add provided host key" guac_client_log(client, GUAC_LOG_WARNING, "Failed to add provided host key"
@ -564,7 +563,7 @@ guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client,
"Host key match found for %s", hostname); "Host key match found for %s", hostname);
break; break;
case LIBSSH2_KNOWNHOST_CHECK_NOTFOUND: case LIBSSH2_KNOWNHOST_CHECK_NOTFOUND:
guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, guac_client_log(client, GUAC_LOG_WARNING,
"Host key not found for %s.", hostname); "Host key not found for %s.", hostname);
break; break;
case LIBSSH2_KNOWNHOST_CHECK_MISMATCH: case LIBSSH2_KNOWNHOST_CHECK_MISMATCH:

View File

@ -975,7 +975,7 @@ void* guac_rdp_client_thread(void* data) {
rdp_client->sftp_session = rdp_client->sftp_session =
guac_common_ssh_create_session(client, settings->sftp_hostname, guac_common_ssh_create_session(client, settings->sftp_hostname,
settings->sftp_port, rdp_client->sftp_user, settings->sftp_server_alive_interval, settings->sftp_port, rdp_client->sftp_user, settings->sftp_server_alive_interval,
settings->sftp_host_key_type, settings->sftp_host_key); settings->sftp_host_key);
/* Fail if SSH connection does not succeed */ /* Fail if SSH connection does not succeed */
if (rdp_client->sftp_session == NULL) { if (rdp_client->sftp_session == NULL) {

View File

@ -360,12 +360,6 @@ enum RDP_ARGS_IDX {
*/ */
IDX_SFTP_HOSTNAME, IDX_SFTP_HOSTNAME,
/**
* The type of public SSH host key provided. If not specified, it defaults
* to SSH-RSA.
*/
IDX_SFTP_HOST_KEY_TYPE,
/** /**
* The public SSH host key of the SFTP server. Optional. * The public SSH host key of the SFTP server. Optional.
*/ */
@ -843,27 +837,6 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_SFTP_HOST_KEY, NULL); IDX_SFTP_HOST_KEY, NULL);
if(settings->sftp_host_key) {
/* Type of public SSH host key. */
char* str_host_key_type = guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_SFTP_HOST_KEY_TYPE, "ssh-rsa");
if (strcmp(str_host_key_type, "ssh-rsa") == 0)
settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHRSA;
else if (strcmp(str_host_key_type, "ssh-dss") == 0)
settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHDSS;
else if (strcmp(str_host_key_type, "rsa1") == 0)
settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_RSA1;
else {
guac_user_log(user, GUAC_LOG_WARNING, "Invalid host key type specified %s. "
"Ignoring host key.", str_host_key_type);
settings->sftp_host_key = NULL;
}
free(str_host_key_type);
}
/* Port for SFTP connection */ /* Port for SFTP connection */
settings->sftp_port = settings->sftp_port =
guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv,

View File

@ -342,11 +342,6 @@ typedef struct guac_rdp_settings {
*/ */
char* sftp_hostname; char* sftp_hostname;
/**
* The type of the public SSH hos key.
*/
int sftp_host_key_type;
/** /**
* The public SSH host key. * The public SSH host key.
*/ */

View File

@ -71,11 +71,6 @@ enum SSH_ARGS_IDX {
*/ */
IDX_HOSTNAME, IDX_HOSTNAME,
/**
* The type of public SSH host key provided. Optional.
*/
IDX_HOST_KEY_TYPE,
/** /**
* The Base64-encoded public SSH host key. Optional. * The Base64-encoded public SSH host key. Optional.
*/ */
@ -264,24 +259,6 @@ guac_ssh_settings* guac_ssh_parse_args(guac_user* user,
guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv,
IDX_HOST_KEY, NULL); IDX_HOST_KEY, NULL);
if (settings->host_key) {
char* str_host_key_type = guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv,
IDX_HOST_KEY_TYPE, "ssh-rsa");
if (strcmp(str_host_key_type, "ssh-rsa") == 0)
settings->host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHRSA;
else if (strcmp(str_host_key_type, "ssh-dss") == 0)
settings->host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHDSS;
else if (strcmp(str_host_key_type, "rsa1") == 0)
settings->host_key_type = LIBSSH2_KNOWNHOST_KEY_RSA1;
else {
guac_user_log(user, GUAC_LOG_WARNING, "Invalid host key type specified %s. "
"Ignoring host key.", str_host_key_type);
settings->host_key = NULL;
}
free(str_host_key_type);
}
settings->username = settings->username =
guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv,
IDX_USERNAME, NULL); IDX_USERNAME, NULL);

View File

@ -70,11 +70,6 @@ typedef struct guac_ssh_settings {
*/ */
char* hostname; char* hostname;
/**
* The type of public SSH host key.
*/
int host_key_type;
/** /**
* The public SSH host key. * The public SSH host key.
*/ */

View File

@ -236,7 +236,7 @@ void* ssh_client_thread(void* data) {
/* Open SSH session */ /* Open SSH session */
ssh_client->session = guac_common_ssh_create_session(client, ssh_client->session = guac_common_ssh_create_session(client,
settings->hostname, settings->port, ssh_client->user, settings->server_alive_interval, settings->hostname, settings->port, ssh_client->user, settings->server_alive_interval,
settings->host_key_type, settings->host_key); settings->host_key);
if (ssh_client->session == NULL) { if (ssh_client->session == NULL) {
/* Already aborted within guac_common_ssh_create_session() */ /* Already aborted within guac_common_ssh_create_session() */
return NULL; return NULL;
@ -277,7 +277,7 @@ void* ssh_client_thread(void* data) {
ssh_client->sftp_session = ssh_client->sftp_session =
guac_common_ssh_create_session(client, settings->hostname, guac_common_ssh_create_session(client, settings->hostname,
settings->port, ssh_client->user, settings->server_alive_interval, settings->port, ssh_client->user, settings->server_alive_interval,
settings->host_key_type, settings->host_key); settings->host_key);
if (ssh_client->sftp_session == NULL) { if (ssh_client->sftp_session == NULL) {
/* Already aborted within guac_common_ssh_create_session() */ /* Already aborted within guac_common_ssh_create_session() */
return NULL; return NULL;

View File

@ -211,11 +211,6 @@ enum VNC_ARGS_IDX {
*/ */
IDX_SFTP_USERNAME, IDX_SFTP_USERNAME,
/**
* The type of public SSH host key provided to identify the SFTP server.
*/
IDX_SFTP_HOST_KEY_TYPE,
/** /**
* The public SSH host key to identify the SFTP server. * The public SSH host key to identify the SFTP server.
*/ */
@ -429,27 +424,6 @@ guac_vnc_settings* guac_vnc_parse_args(guac_user* user,
guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv,
IDX_SFTP_HOST_KEY, NULL); IDX_SFTP_HOST_KEY, NULL);
if(settings->sftp_host_key) {
/* Type of public SSH host key. */
char* str_host_key_type = guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv,
IDX_SFTP_HOST_KEY_TYPE, "ssh-rsa");
if (strcmp(str_host_key_type, "ssh-rsa") == 0)
settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHRSA;
else if (strcmp(str_host_key_type, "ssh-dss") == 0)
settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHDSS;
else if (strcmp(str_host_key_type, "rsa1") == 0)
settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_RSA1;
else {
guac_user_log(user, GUAC_LOG_WARNING, "Invalid host key type specified %s. "
"Ignoring host key.", str_host_key_type);
settings->sftp_host_key = NULL;
}
free(str_host_key_type);
}
/* Port for SFTP connection */ /* Port for SFTP connection */
settings->sftp_port = settings->sftp_port =
guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv,

View File

@ -138,11 +138,6 @@ typedef struct guac_vnc_settings {
*/ */
char* sftp_hostname; char* sftp_hostname;
/**
* The type of public SSH host key provided.
*/
int sftp_host_key_type;
/** /**
* The public SSH host key. * The public SSH host key.
*/ */

View File

@ -262,7 +262,7 @@ void* guac_vnc_client_thread(void* data) {
vnc_client->sftp_session = vnc_client->sftp_session =
guac_common_ssh_create_session(client, settings->sftp_hostname, guac_common_ssh_create_session(client, settings->sftp_hostname,
settings->sftp_port, vnc_client->sftp_user, settings->sftp_server_alive_interval, settings->sftp_port, vnc_client->sftp_user, settings->sftp_server_alive_interval,
settings->sftp_host_key_type, settings->sftp_host_key); settings->sftp_host_key);
/* Fail if SSH connection does not succeed */ /* Fail if SSH connection does not succeed */
if (vnc_client->sftp_session == NULL) { if (vnc_client->sftp_session == NULL) {