tool_operate: fail SSH transfers without server auth

This now insists on using a server auth option unless --insecure is
provided. As an added bonus, it now also only checks for the knownhosts
file once (if found).

Ref: #16197
Closes #16205

diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
index abc2d3f602d1d39ab22f73c7ca5cb78aed19ea22..11f14d7715bb1e9ccbcf2248205391a7b1ec5798 100644 (file)
--- a/src/tool_cfgable.h
+++ b/src/tool_cfgable.h
@@ -324,6 +324,8 @@ struct GlobalConfig {
   char *libcurl;                  /* Output libcurl code to this filename */
   char *ssl_sessions;             /* file to load/save SSL session tickets */
   char *help_category;            /* The help category, if set */
+  char *knownhosts;               /* known host path, if set. curl_free()
+                                     this */
   struct tool_var *variables;
   struct OperationConfig *first;
   struct OperationConfig *current;

diff --git a/src/tool_operate.c b/src/tool_operate.c
index 341775053127d11967af1417108434684cf15bdf..95ce8a423497cdb76fef4b9d605bd5779e971da1 100644 (file)
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -1156,16 +1156,24 @@ static CURLcode config2setopts(struct GlobalConfig *global,
       my_setopt(curl, CURLOPT_SSH_COMPRESSION, 1L);
 
     if(!config->insecure_ok) {
-      char *known = findfile(".ssh/known_hosts", FALSE);
+      char *known = global->knownhosts;
+
+      if(!known)
+        known = findfile(".ssh/known_hosts", FALSE);
       if(known) {
         /* new in curl 7.19.6 */
         result = res_setopt_str(curl, CURLOPT_SSH_KNOWNHOSTS, known);
-        curl_free(known);
-        if(result == CURLE_UNKNOWN_OPTION)
-          /* libssh2 version older than 1.1.1 */
-          result = CURLE_OK;
-        if(result)
+        if(result) {
+          global->knownhosts = NULL;
+          curl_free(known);
           return result;
+        }
+        /* store it in global to avoid repeated checks */
+        global->knownhosts = known;
+      }
+      else if(!config->hostpubmd5 && !config->hostpubsha256) {
+        errorf(global, "Couldn't find a known_hosts file");
+        return CURLE_FAILED_INIT;
       }
       else
         warnf(global, "Couldn't find a known_hosts file");
@@ -3266,6 +3274,7 @@ CURLcode operate(struct GlobalConfig *global, int argc, argv_item_t argv[])
   }
 
   varcleanup(global);
+  curl_free(global->knownhosts);
 
   return result;
 }

diff --git a/tests/data/test445 b/tests/data/test445
index dbdcfe6ba4568f9d46e1c91f897936a372c5c64d..4e12367d837e921126b9eb9c19d8e0fc72883b30 100644 (file)
--- a/tests/data/test445
+++ b/tests/data/test445
@@ -46,7 +46,7 @@ http-proxy
 Refuse tunneling protocols through HTTP proxy
 </name>
 <command>
--x http://%HOSTIP:%PROXYPORT/%TESTNUMBER -p gopher://127.0.0.1 dict://127.0.0.1 http://moo https://example telnet://another ftp://yes ftps://again imap://more ldap://perhaps mqtt://yes pop3://mail rtsp://harder scp://copy sftp://files smb://wird smtp://send
+-x http://%HOSTIP:%PROXYPORT/%TESTNUMBER -p gopher://127.0.0.1 dict://127.0.0.1 http://moo https://example telnet://another ftp://yes ftps://again imap://more ldap://perhaps mqtt://yes pop3://mail rtsp://harder scp://copy sftp://files smb://wird smtp://send -k
 </command>
 </client>