Permalink
Browse files

SSH: check md5 fingerprint case sensitively

  • Loading branch information...
bagder committed Sep 28, 2016
1 parent b3ee26c commit ce8d09483eea2fcb1b50e323e1a8ed1f3613b2e3
Showing with 1 addition and 1 deletion.
  1. +1 −1 lib/ssh.c
View
@@ -676,7 +676,7 @@ static CURLcode ssh_check_fingerprint(struct connectdata *conn)
* against a known fingerprint, if available.
*/
if(pubkey_md5 && strlen(pubkey_md5) == 32) {
if(!fingerprint || !strequal(md5buffer, pubkey_md5)) {
if(!fingerprint || strcmp(md5buffer, pubkey_md5)) {
if(fingerprint)
failf(data,
"Denied establishing ssh session: mismatch md5 fingerprint. "

3 comments on commit ce8d094

@kdudka

This comment has been minimized.

Show comment
Hide comment
@kdudka

kdudka Nov 2, 2016

Collaborator

Why should we check MD5 fingerprint case-sensitively? Is not it going to cause regressions for nothing?

Collaborator

kdudka replied Nov 2, 2016

Why should we check MD5 fingerprint case-sensitively? Is not it going to cause regressions for nothing?

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Nov 7, 2016

Member

That was a stupid change. It should rather use strcasecompare now, as it needs to be done case insensitive to be compatible with what worked before.

Member

bagder replied Nov 7, 2016

That was a stupid change. It should rather use strcasecompare now, as it needs to be done case insensitive to be compatible with what worked before.

@kdudka

This comment has been minimized.

Show comment
Hide comment
@kdudka

kdudka Nov 7, 2016

Collaborator

Fixed via 50aded1. Thanks!

Collaborator

kdudka replied Nov 7, 2016

Fixed via 50aded1. Thanks!

Please sign in to comment.