Github user mike-jumper commented on a diff in the pull request: https://github.com/apache/guacamole-server/pull/164#discussion_r191093916 --- Diff: src/common-ssh/ssh.c --- @@ -518,6 +520,71 @@ guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client, return NULL; } + /* SSH known host key checking. */ + LIBSSH2_KNOWNHOSTS *ssh_known_hosts = libssh2_knownhost_init(session); + int num_known_hosts = 0; + + /* Add host key provided from settings */ + if (host_key && strcmp(host_key, "") != 0) { + + int kh_add = libssh2_knownhost_readline(ssh_known_hosts, host_key, strlen(host_key), + LIBSSH2_KNOWNHOST_FILE_OPENSSH); + num_known_hosts++; + + if (kh_add) + guac_client_log(client, GUAC_LOG_WARNING, "Failed to add provided host key" + " to known hosts store for %s. Error was %d", hostname, kh_add); + + } + + /* Otherwise, we look for a ssh_known_hosts file within GUACAMOLE_HOME and read that in. */ + else { + const char *known_hosts = "/etc/guacamole/ssh_known_hosts"; + num_known_hosts = libssh2_knownhost_readfile(ssh_known_hosts, known_hosts, LIBSSH2_KNOWNHOST_FILE_OPENSSH); + } + + /* If we've found a provided set of host keys, check against them. */ + if (num_known_hosts > 0) { + /* Get fingerprint of host we're connecting to */ + size_t fp_len; + int fp_type; + const char *fingerprint = libssh2_session_hostkey(session, &fp_len, &fp_type); + + if (!fingerprint) + guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, + "Failed to get fingerprint for host %s", hostname); + + /* Check fingerprint against known hosts */ + struct libssh2_knownhost *host; + int kh_check = libssh2_knownhost_checkp(ssh_known_hosts, hostname, atoi(port), --- End diff -- What happens here if `fingerprint` is `NULL`, as checked earlier?
---