GUACAMOLE-527: Use libssh2_knownhost_readline and remove host key type.
Project: http://git-wip-us.apache.org/repos/asf/guacamole-server/repo Commit: http://git-wip-us.apache.org/repos/asf/guacamole-server/commit/551598e0 Tree: http://git-wip-us.apache.org/repos/asf/guacamole-server/tree/551598e0 Diff: http://git-wip-us.apache.org/repos/asf/guacamole-server/diff/551598e0 Branch: refs/heads/master Commit: 551598e0a4fcea547fcd050b278e0c4e6114842f Parents: 42044e4 Author: Nick Couchman <vn...@apache.org> Authored: Tue May 22 22:59:51 2018 -0400 Committer: Nick Couchman <nick_couch...@cotyinc.com> Committed: Mon Jun 25 08:31:37 2018 -0400 ---------------------------------------------------------------------- src/common-ssh/common-ssh/ssh.h | 2 +- src/common-ssh/ssh.c | 9 ++++----- src/protocols/rdp/rdp.c | 2 +- src/protocols/rdp/rdp_settings.c | 27 --------------------------- src/protocols/rdp/rdp_settings.h | 5 ----- src/protocols/ssh/settings.c | 23 ----------------------- src/protocols/ssh/settings.h | 5 ----- src/protocols/ssh/ssh.c | 4 ++-- src/protocols/vnc/settings.c | 26 -------------------------- src/protocols/vnc/settings.h | 5 ----- src/protocols/vnc/vnc.c | 2 +- 11 files changed, 9 insertions(+), 101 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/common-ssh/common-ssh/ssh.h ---------------------------------------------------------------------- diff --git a/src/common-ssh/common-ssh/ssh.h b/src/common-ssh/common-ssh/ssh.h index 8f6f689..672e776 100644 --- a/src/common-ssh/common-ssh/ssh.h +++ b/src/common-ssh/common-ssh/ssh.h @@ -99,7 +99,7 @@ void guac_common_ssh_uninit(); */ guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client, const char* hostname, const char* port, guac_common_ssh_user* user, int keepalive, - const int host_key_type, const char* host_key); + const char* host_key); /** * Disconnects and destroys the given SSH session, freeing all associated http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/common-ssh/ssh.c ---------------------------------------------------------------------- diff --git a/src/common-ssh/ssh.c b/src/common-ssh/ssh.c index 03c4d12..54eae3b 100644 --- a/src/common-ssh/ssh.c +++ b/src/common-ssh/ssh.c @@ -416,7 +416,7 @@ static int guac_common_ssh_authenticate(guac_common_ssh_session* common_session) guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client, const char* hostname, const char* port, guac_common_ssh_user* user, int keepalive, - const int host_key_type, const char* host_key) { + const char* host_key) { int retval; @@ -529,9 +529,8 @@ guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client, /* Add host key provided from settings */ if (host_key && strcmp(host_key, "") > 0) { - int kh_add = libssh2_knownhost_addc(ssh_known_hosts, hostname, NULL, host_key, strlen(host_key), - NULL, 0, LIBSSH2_KNOWNHOST_TYPE_PLAIN|LIBSSH2_KNOWNHOST_KEYENC_BASE64| - host_key_type, NULL); + int kh_add = libssh2_knownhost_readline(ssh_known_hosts, host_key, strlen(host_key), + LIBSSH2_KNOWNHOST_FILE_OPENSSH); if (kh_add) guac_client_log(client, GUAC_LOG_WARNING, "Failed to add provided host key" @@ -564,7 +563,7 @@ guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client, "Host key match found for %s", hostname); break; case LIBSSH2_KNOWNHOST_CHECK_NOTFOUND: - guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, + guac_client_log(client, GUAC_LOG_WARNING, "Host key not found for %s.", hostname); break; case LIBSSH2_KNOWNHOST_CHECK_MISMATCH: http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/protocols/rdp/rdp.c ---------------------------------------------------------------------- diff --git a/src/protocols/rdp/rdp.c b/src/protocols/rdp/rdp.c index 30b1932..4d48432 100644 --- a/src/protocols/rdp/rdp.c +++ b/src/protocols/rdp/rdp.c @@ -975,7 +975,7 @@ void* guac_rdp_client_thread(void* data) { rdp_client->sftp_session = guac_common_ssh_create_session(client, settings->sftp_hostname, settings->sftp_port, rdp_client->sftp_user, settings->sftp_server_alive_interval, - settings->sftp_host_key_type, settings->sftp_host_key); + settings->sftp_host_key); /* Fail if SSH connection does not succeed */ if (rdp_client->sftp_session == NULL) { http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/protocols/rdp/rdp_settings.c ---------------------------------------------------------------------- diff --git a/src/protocols/rdp/rdp_settings.c b/src/protocols/rdp/rdp_settings.c index 65e79e6..2fe261c 100644 --- a/src/protocols/rdp/rdp_settings.c +++ b/src/protocols/rdp/rdp_settings.c @@ -361,12 +361,6 @@ enum RDP_ARGS_IDX { IDX_SFTP_HOSTNAME, /** - * The type of public SSH host key provided. If not specified, it defaults - * to SSH-RSA. - */ - IDX_SFTP_HOST_KEY_TYPE, - - /** * The public SSH host key of the SFTP server. Optional. */ IDX_SFTP_HOST_KEY, @@ -843,27 +837,6 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user, guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv, IDX_SFTP_HOST_KEY, NULL); - if(settings->sftp_host_key) { - /* Type of public SSH host key. */ - char* str_host_key_type = guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv, - IDX_SFTP_HOST_KEY_TYPE, "ssh-rsa"); - - if (strcmp(str_host_key_type, "ssh-rsa") == 0) - settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHRSA; - else if (strcmp(str_host_key_type, "ssh-dss") == 0) - settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHDSS; - else if (strcmp(str_host_key_type, "rsa1") == 0) - settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_RSA1; - else { - guac_user_log(user, GUAC_LOG_WARNING, "Invalid host key type specified %s. " - "Ignoring host key.", str_host_key_type); - settings->sftp_host_key = NULL; - } - - free(str_host_key_type); - - } - /* Port for SFTP connection */ settings->sftp_port = guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv, http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/protocols/rdp/rdp_settings.h ---------------------------------------------------------------------- diff --git a/src/protocols/rdp/rdp_settings.h b/src/protocols/rdp/rdp_settings.h index 0a44279..4f3839e 100644 --- a/src/protocols/rdp/rdp_settings.h +++ b/src/protocols/rdp/rdp_settings.h @@ -343,11 +343,6 @@ typedef struct guac_rdp_settings { char* sftp_hostname; /** - * The type of the public SSH hos key. - */ - int sftp_host_key_type; - - /** * The public SSH host key. */ char* sftp_host_key; http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/protocols/ssh/settings.c ---------------------------------------------------------------------- diff --git a/src/protocols/ssh/settings.c b/src/protocols/ssh/settings.c index 119d725..4a1c371 100644 --- a/src/protocols/ssh/settings.c +++ b/src/protocols/ssh/settings.c @@ -72,11 +72,6 @@ enum SSH_ARGS_IDX { IDX_HOSTNAME, /** - * The type of public SSH host key provided. Optional. - */ - IDX_HOST_KEY_TYPE, - - /** * The Base64-encoded public SSH host key. Optional. */ IDX_HOST_KEY, @@ -264,24 +259,6 @@ guac_ssh_settings* guac_ssh_parse_args(guac_user* user, guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv, IDX_HOST_KEY, NULL); - if (settings->host_key) { - char* str_host_key_type = guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv, - IDX_HOST_KEY_TYPE, "ssh-rsa"); - if (strcmp(str_host_key_type, "ssh-rsa") == 0) - settings->host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHRSA; - else if (strcmp(str_host_key_type, "ssh-dss") == 0) - settings->host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHDSS; - else if (strcmp(str_host_key_type, "rsa1") == 0) - settings->host_key_type = LIBSSH2_KNOWNHOST_KEY_RSA1; - else { - guac_user_log(user, GUAC_LOG_WARNING, "Invalid host key type specified %s. " - "Ignoring host key.", str_host_key_type); - settings->host_key = NULL; - } - - free(str_host_key_type); - } - settings->username = guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv, IDX_USERNAME, NULL); http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/protocols/ssh/settings.h ---------------------------------------------------------------------- diff --git a/src/protocols/ssh/settings.h b/src/protocols/ssh/settings.h index e47a816..761239c 100644 --- a/src/protocols/ssh/settings.h +++ b/src/protocols/ssh/settings.h @@ -71,11 +71,6 @@ typedef struct guac_ssh_settings { char* hostname; /** - * The type of public SSH host key. - */ - int host_key_type; - - /** * The public SSH host key. */ char* host_key; http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/protocols/ssh/ssh.c ---------------------------------------------------------------------- diff --git a/src/protocols/ssh/ssh.c b/src/protocols/ssh/ssh.c index 6376555..f98f222 100644 --- a/src/protocols/ssh/ssh.c +++ b/src/protocols/ssh/ssh.c @@ -236,7 +236,7 @@ void* ssh_client_thread(void* data) { /* Open SSH session */ ssh_client->session = guac_common_ssh_create_session(client, settings->hostname, settings->port, ssh_client->user, settings->server_alive_interval, - settings->host_key_type, settings->host_key); + settings->host_key); if (ssh_client->session == NULL) { /* Already aborted within guac_common_ssh_create_session() */ return NULL; @@ -277,7 +277,7 @@ void* ssh_client_thread(void* data) { ssh_client->sftp_session = guac_common_ssh_create_session(client, settings->hostname, settings->port, ssh_client->user, settings->server_alive_interval, - settings->host_key_type, settings->host_key); + settings->host_key); if (ssh_client->sftp_session == NULL) { /* Already aborted within guac_common_ssh_create_session() */ return NULL; http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/protocols/vnc/settings.c ---------------------------------------------------------------------- diff --git a/src/protocols/vnc/settings.c b/src/protocols/vnc/settings.c index 5f82b39..130c97d 100644 --- a/src/protocols/vnc/settings.c +++ b/src/protocols/vnc/settings.c @@ -212,11 +212,6 @@ enum VNC_ARGS_IDX { IDX_SFTP_USERNAME, /** - * The type of public SSH host key provided to identify the SFTP server. - */ - IDX_SFTP_HOST_KEY_TYPE, - - /** * The public SSH host key to identify the SFTP server. */ IDX_SFTP_HOST_KEY, @@ -429,27 +424,6 @@ guac_vnc_settings* guac_vnc_parse_args(guac_user* user, guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv, IDX_SFTP_HOST_KEY, NULL); - if(settings->sftp_host_key) { - /* Type of public SSH host key. */ - char* str_host_key_type = guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv, - IDX_SFTP_HOST_KEY_TYPE, "ssh-rsa"); - - if (strcmp(str_host_key_type, "ssh-rsa") == 0) - settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHRSA; - else if (strcmp(str_host_key_type, "ssh-dss") == 0) - settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_SSHDSS; - else if (strcmp(str_host_key_type, "rsa1") == 0) - settings->sftp_host_key_type = LIBSSH2_KNOWNHOST_KEY_RSA1; - else { - guac_user_log(user, GUAC_LOG_WARNING, "Invalid host key type specified %s. " - "Ignoring host key.", str_host_key_type); - settings->sftp_host_key = NULL; - } - - free(str_host_key_type); - - } - /* Port for SFTP connection */ settings->sftp_port = guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv, http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/protocols/vnc/settings.h ---------------------------------------------------------------------- diff --git a/src/protocols/vnc/settings.h b/src/protocols/vnc/settings.h index 35809f8..3e2ebd5 100644 --- a/src/protocols/vnc/settings.h +++ b/src/protocols/vnc/settings.h @@ -139,11 +139,6 @@ typedef struct guac_vnc_settings { char* sftp_hostname; /** - * The type of public SSH host key provided. - */ - int sftp_host_key_type; - - /** * The public SSH host key. */ char* sftp_host_key; http://git-wip-us.apache.org/repos/asf/guacamole-server/blob/551598e0/src/protocols/vnc/vnc.c ---------------------------------------------------------------------- diff --git a/src/protocols/vnc/vnc.c b/src/protocols/vnc/vnc.c index 1146ad4..d9f9dbb 100644 --- a/src/protocols/vnc/vnc.c +++ b/src/protocols/vnc/vnc.c @@ -262,7 +262,7 @@ void* guac_vnc_client_thread(void* data) { vnc_client->sftp_session = guac_common_ssh_create_session(client, settings->sftp_hostname, settings->sftp_port, vnc_client->sftp_user, settings->sftp_server_alive_interval, - settings->sftp_host_key_type, settings->sftp_host_key); + settings->sftp_host_key); /* Fail if SSH connection does not succeed */ if (vnc_client->sftp_session == NULL) {