Github user necouchman commented on a diff in the pull request:
https://github.com/apache/guacamole-server/pull/164#discussion_r197887031
--- Diff: src/common-ssh/ssh.c ---
@@ -518,6 +520,40 @@ guac_common_ssh_session*
guac_common_ssh_create_session(guac_client* client,
return NULL;
}
+ /* Get fingerprint of host we're connecting to */
+ size_t fp_len;
+ int fp_type;
+ const char *fingerprint = libssh2_session_hostkey(session, &fp_len,
&fp_type);
+
+ /* Failure to generate a fingerprint means we should abort */
+ if (!fingerprint) {
+ guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
+ "Failed to get fingerprint for host %s", hostname);
+ return NULL;
+ }
+
+ /* SSH known host key checking. */
+ int known_host_check = guac_common_ssh_verify_host_key(session,
client, host_key,
+ hostname,
atoi(port), fingerprint,
+ fp_len);
+
+ /* Abort on any error codes */
+ if (known_host_check != 0) {
+ char* err_msg;
+ int err_len;
+ libssh2_session_last_error(session, &err_msg, &err_len, 0);
+
+ if (known_host_check < 0)
+ guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
+ "Error occurred attempting to check host key: %s",
err_msg);
+
+ if (known_host_check > 0)
+ guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
+ "Host fingerprint did not match any provided known host
keys. %s", err_msg);
+
+ return NULL;
--- End diff --
Lead plugged.
---
