From: Viktor Szakats <commit@vsz.me>
Date: Fri, 21 Mar 2025 23:47:07 +0000 (+0100)
Subject: libssh2: show crypto backend in the verbose connect log
X-Git-Tag: curl-8_13_0~14
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1dd361cde8b2b89617ac612506c04fab9e8a0338;p=thirdparty%2Fcurl.git

libssh2: show crypto backend in the verbose connect log

With libssh2 1.11.0 or newer.

Different crypto backends may offer different features, e.g. in the keys
and algos they support.

Examples:
```
*   Trying 127.0.0.1:22...
* Connected to localhost (127.0.0.1) port 22
* libssh2 crypto backend: openssl compatible
[or]
* libssh2 crypto backend: WinCNG
```

Also fix indentation and drop redundant curly braces.

Closes #16790
---

diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index 9cdfc10114..58372478f1 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -2030,13 +2030,13 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, bool *block)
         break;
       }
 
-    /* This is the last step in the SFTP connect phase. Do note that while
-       we get the homedir here, we get the "workingpath" in the DO action
-       since the homedir will remain the same between request but the
-       working path will not. */
-    DEBUGF(infof(data, "SSH CONNECT phase done"));
-    state(data, SSH_STOP);
-    break;
+      /* This is the last step in the SFTP connect phase. Do note that while
+         we get the homedir here, we get the "workingpath" in the DO action
+         since the homedir will remain the same between request but the
+         working path will not. */
+      DEBUGF(infof(data, "SSH CONNECT phase done"));
+      state(data, SSH_STOP);
+      break;
 
     case SSH_SFTP_QUOTE_INIT:
 
@@ -2299,7 +2299,6 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, bool *block)
     }
 
     case SSH_SFTP_GETINFO:
-    {
       if(data->set.get_filetime) {
         state(data, SSH_SFTP_FILETIME);
       }
@@ -2307,7 +2306,6 @@ static CURLcode ssh_statemachine(struct Curl_easy *data, bool *block)
         state(data, SSH_SFTP_TRANS_INIT);
       }
       break;
-    }
 
     case SSH_SFTP_FILETIME:
     {
@@ -3110,6 +3108,34 @@ static CURLcode ssh_connect(struct Curl_easy *data, bool *done)
   CURLcode result;
   struct connectdata *conn = data->conn;
 
+#if LIBSSH2_VERSION_NUM >= 0x010b00
+  {
+    const char *crypto_str;
+    switch(libssh2_crypto_engine()) {
+      case libssh2_gcrypt:
+        crypto_str = "libgcrypt";
+        break;
+      case libssh2_mbedtls:
+        crypto_str = "mbedTLS";
+        break;
+      case libssh2_openssl:
+        crypto_str = "openssl compatible";
+        break;
+      case libssh2_os400qc3:
+        crypto_str = "OS400QC3";
+        break;
+      case libssh2_wincng:
+        crypto_str = "WinCNG";
+        break;
+      default:
+        crypto_str = NULL;
+        break;
+    }
+    if(crypto_str)
+      infof(data, "libssh2 cryptography backend: %s", crypto_str);
+  }
+#endif
+
   /* initialize per-handle data if not already */
   if(!data->req.p.ssh) {
     result = ssh_setup_connection(data, conn);