Github user necouchman commented on a diff in the pull request:

    https://github.com/apache/guacamole-server/pull/164#discussion_r179728179
  
    --- Diff: src/common-ssh/ssh.c ---
    @@ -518,6 +520,64 @@ guac_common_ssh_session* 
guac_common_ssh_create_session(guac_client* client,
             return NULL;
         }
     
    +    /* Check known_hosts, start by getting known_hosts file of user 
running guacd */
    +    struct passwd *pw = getpwuid(getuid());
    +    const char *known_hosts = strcat(pw->pw_dir, "/.ssh/known_hosts");
    +    LIBSSH2_KNOWNHOSTS *ssh_known_hosts = libssh2_knownhost_init(session);
    +    libssh2_knownhost_readfile(ssh_known_hosts, known_hosts, 
LIBSSH2_KNOWNHOST_FILE_OPENSSH);
    +
    +    /* Add host key provided from settings */
    +    if (host_key && strcmp(host_key, "") > 0) {
    +
    +        int kh_add = libssh2_knownhost_addc(ssh_known_hosts, hostname, 
NULL, host_key, strlen(host_key),
    +                NULL, 0, 
LIBSSH2_KNOWNHOST_TYPE_PLAIN|LIBSSH2_KNOWNHOST_KEYENC_BASE64|
    +                         host_key_type, NULL);
    +
    +        if (kh_add)
    +            guac_client_log(client, GUAC_LOG_WARNING, "Failed to add 
provided host key"
    +                    " to known hosts store for %s.  Error was %d", 
hostname, kh_add);
    +
    --- End diff --
    
    I decided to make errors adding the known hosts key provided from the 
client non-fatal, as, if the host key is missing, it will ultimately fail below.


---

Reply via email to