lib/libssh2
1
0
Fork 0
mirror of https://github.com/libssh2/libssh2.git synced 2025-07-01 11:01:40 +03:00
Code Activity

md5: allow disabling old-style encrypted private keys at build-time

Browse Source 
Before this patch, this happened at runtime when using an old (pre-3.0),
FIPS-enabled OpenSSL backend.

This patch makes it possible to disable this via the build-time option
`LIBSSH2_NO_MD5_PEM`.

Also:
- make sure to exclude all MD5 internal APIs when both the above and
  `LIBSSH2_NO_MD5` are enabled.
- fix tests to support build with`LIBSSH2_NO_MD5`, `LIBSSH2_NO_MD5_PEM`
  and `LIBSSH2_NO_3DES`.
- add FIXME to apply this change to `os400qc3.*`.

Old-style encrypted private keys require MD5 and they look like this:
```
-----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
 DEK-Info: AES-128-CBC,<MD5-hex>

 <base64>
 -----END RSA PRIVATE KEY-----
```

E.g.: `tests/key_rsa_encrypted`

Ref: https://github.com/libssh2/www/issues/20
Closes #1181
This commit is contained in:
Viktor Szakats
2023-08-26 21:56:23 +00:00
parent 4a64ca1430
commit eb9f9de2c1
15 changed files with 170 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/ci.yml vendored
View File

@ -322,7 +322,7 @@ jobs:
- name: 'make build'
if: ${{ matrix.build == 'make' }}
env:
CPPFLAGS: -DLIBSSH2_NO_MD5 -DLIBSSH2_NO_HMAC_RIPEMD -DLIBSSH2_NO_DSA -DLIBSSH2_NO_AES_CBC -DLIBSSH2_NO_AES_CTR -DLIBSSH2_NO_BLOWFISH -DLIBSSH2_NO_RC4 -DLIBSSH2_NO_CAST -DLIBSSH2_NO_3DES
CPPFLAGS: -DLIBSSH2_NO_MD5 -DLIBSSH2_NO_MD5_PEM -DLIBSSH2_NO_HMAC_RIPEMD -DLIBSSH2_NO_DSA -DLIBSSH2_NO_AES_CBC -DLIBSSH2_NO_AES_CTR -DLIBSSH2_NO_BLOWFISH -DLIBSSH2_NO_RC4 -DLIBSSH2_NO_CAST -DLIBSSH2_NO_3DES
LIBSSH2_CPPFLAGS_LIB: -DLIBSSH2_EXPORTS
ZLIB_PATH: /${{ matrix.sys }}
OPENSSL_PATH: /${{ matrix.sys }}

1
src/Makefile.inc
View File

@ -29,6 +29,7 @@ HHEADERS = \
channel.h \
comp.h \
crypto.h \
crypto_config.h \
libgcrypt.h \
libssh2_priv.h \
libssh2_setup.h \

65
src/crypto.h
View File

@ -55,71 +55,6 @@
#error "no cryptography backend selected"
#endif
#ifdef LIBSSH2_NO_MD5
#undef LIBSSH2_MD5
#define LIBSSH2_MD5 0
#endif
#ifdef LIBSSH2_NO_HMAC_RIPEMD
#undef LIBSSH2_HMAC_RIPEMD
#define LIBSSH2_HMAC_RIPEMD 0
#endif
#ifdef LIBSSH2_NO_DSA
#undef LIBSSH2_DSA
#define LIBSSH2_DSA 0
#endif
#ifdef LIBSSH2_NO_RSA
#undef LIBSSH2_RSA
#define LIBSSH2_RSA 0
#endif
#ifdef LIBSSH2_NO_RSA_SHA1
#undef LIBSSH2_RSA_SHA1
#define LIBSSH2_RSA_SHA1 0
#endif
#ifdef LIBSSH2_NO_ECDSA
#undef LIBSSH2_ECDSA
#define LIBSSH2_ECDSA 0
#endif
#ifdef LIBSSH2_NO_ED25519
#undef LIBSSH2_ED25519
#define LIBSSH2_ED25519 0
#endif
#ifdef LIBSSH2_NO_AES_CTR
#undef LIBSSH2_AES_CTR
#define LIBSSH2_AES_CTR 0
#endif
#ifdef LIBSSH2_NO_AES_CBC
#undef LIBSSH2_AES_CBC
#define LIBSSH2_AES_CBC 0
#endif
#ifdef LIBSSH2_NO_BLOWFISH
#undef LIBSSH2_BLOWFISH
#define LIBSSH2_BLOWFISH 0
#endif
#ifdef LIBSSH2_NO_RC4
#undef LIBSSH2_RC4
#define LIBSSH2_RC4 0
#endif
#ifdef LIBSSH2_NO_CAST
#undef LIBSSH2_CAST
#define LIBSSH2_CAST 0
#endif
#ifdef LIBSSH2_NO_3DES
#undef LIBSSH2_3DES
#define LIBSSH2_3DES 0
#endif
#define LIBSSH2_ED25519_KEY_LEN 32
#define LIBSSH2_ED25519_PRIVATE_KEY_LEN 64
#define LIBSSH2_ED25519_SIG_LEN 64

76
src/crypto_config.h Normal file
View File

@ -0,0 +1,76 @@
/* Copyright (C) Viktor Szakats
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#define LIBSSH2_MD5_PEM LIBSSH2_MD5
#ifdef LIBSSH2_NO_MD5
#undef LIBSSH2_MD5
#define LIBSSH2_MD5 0
#endif
#ifdef LIBSSH2_NO_MD5_PEM
#undef LIBSSH2_MD5_PEM
#define LIBSSH2_MD5_PEM 0
#endif
#ifdef LIBSSH2_NO_HMAC_RIPEMD
#undef LIBSSH2_HMAC_RIPEMD
#define LIBSSH2_HMAC_RIPEMD 0
#endif
#ifdef LIBSSH2_NO_DSA
#undef LIBSSH2_DSA
#define LIBSSH2_DSA 0
#endif
#ifdef LIBSSH2_NO_RSA
#undef LIBSSH2_RSA
#define LIBSSH2_RSA 0
#endif
#ifdef LIBSSH2_NO_RSA_SHA1
#undef LIBSSH2_RSA_SHA1
#define LIBSSH2_RSA_SHA1 0
#endif
#ifdef LIBSSH2_NO_ECDSA
#undef LIBSSH2_ECDSA
#define LIBSSH2_ECDSA 0
#endif
#ifdef LIBSSH2_NO_ED25519
#undef LIBSSH2_ED25519
#define LIBSSH2_ED25519 0
#endif
#ifdef LIBSSH2_NO_AES_CTR
#undef LIBSSH2_AES_CTR
#define LIBSSH2_AES_CTR 0
#endif
#ifdef LIBSSH2_NO_AES_CBC
#undef LIBSSH2_AES_CBC
#define LIBSSH2_AES_CBC 0
#endif
#ifdef LIBSSH2_NO_BLOWFISH
#undef LIBSSH2_BLOWFISH
#define LIBSSH2_BLOWFISH 0
#endif
#ifdef LIBSSH2_NO_RC4
#undef LIBSSH2_RC4
#define LIBSSH2_RC4 0
#endif
#ifdef LIBSSH2_NO_CAST
#undef LIBSSH2_CAST
#define LIBSSH2_CAST 0
#endif
#ifdef LIBSSH2_NO_3DES
#undef LIBSSH2_3DES
#define LIBSSH2_3DES 0
#endif

8
src/libgcrypt.h
View File

@ -66,7 +66,11 @@
#define LIBSSH2_ECDSA 0
#define LIBSSH2_ED25519 0
#include "crypto_config.h"
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
#define MD5_DIGEST_LENGTH 16
#endif
#define SHA_DIGEST_LENGTH 20
#define SHA256_DIGEST_LENGTH 32
#define SHA384_DIGEST_LENGTH 48
@ -124,6 +128,7 @@
#define libssh2_sha512(message, len, out) \
gcry_md_hash_buffer(GCRY_MD_SHA512, out, message, len)
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
#define libssh2_md5_ctx gcry_md_hd_t
/* returns 0 in case of failure */
@ -136,15 +141,18 @@
memcpy(out, gcry_md_read(ctx, 0), MD5_DIGEST_LENGTH), gcry_md_close(ctx)
#define libssh2_md5(message, len, out) \
gcry_md_hash_buffer(GCRY_MD_MD5, out, message, len)
#endif
#define libssh2_hmac_ctx gcry_md_hd_t
#define libssh2_hmac_ctx_init(ctx)
#define libssh2_hmac_sha1_init(ctx, key, keylen) \
gcry_md_open(ctx, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC), \
gcry_md_setkey(*ctx, key, keylen)
#if LIBSSH2_MD5
#define libssh2_hmac_md5_init(ctx, key, keylen) \
gcry_md_open(ctx, GCRY_MD_MD5, GCRY_MD_FLAG_HMAC), \
gcry_md_setkey(*ctx, key, keylen)
#endif
#define libssh2_hmac_ripemd160_init(ctx, key, keylen) \
gcry_md_open(ctx, GCRY_MD_RMD160, GCRY_MD_FLAG_HMAC), \
gcry_md_setkey(*ctx, key, keylen)

9
src/mbedtls.h
View File

@ -92,7 +92,11 @@
#endif
#define LIBSSH2_ED25519 0
#include "crypto_config.h"
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
#define MD5_DIGEST_LENGTH 16
#endif
#define SHA_DIGEST_LENGTH 20
#define SHA256_DIGEST_LENGTH 32
#define SHA384_DIGEST_LENGTH 48
@ -134,8 +138,10 @@
#define libssh2_hmac_sha1_init(pctx, key, keylen) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_SHA1, key, keylen)
#if LIBSSH2_MD5
#define libssh2_hmac_md5_init(pctx, key, keylen) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_MD5, key, keylen)
#endif
#define libssh2_hmac_ripemd160_init(pctx, key, keylen) \
_libssh2_mbedtls_hash_init(pctx, MBEDTLS_MD_RIPEMD160, key, keylen)
#define libssh2_hmac_sha256_init(pctx, key, keylen) \
@ -219,6 +225,7 @@
* mbedTLS backend: MD5 functions
*/
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
#define libssh2_md5_ctx mbedtls_md_context_t
#define libssh2_md5_init(pctx) \
@ -229,7 +236,7 @@
_libssh2_mbedtls_hash_final(&ctx, hash)
#define libssh2_md5(data, datalen, hash) \
_libssh2_mbedtls_hash(data, datalen, MBEDTLS_MD_MD5, hash)
#endif
/*******************************************************************/
/*

2
src/openssl.c
View File

@ -2495,6 +2495,7 @@ _libssh2_sha512(const unsigned char *message, size_t len,
return 1; /* error */
}
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
int
_libssh2_md5_init(libssh2_md5_ctx *ctx)
{
@ -2530,6 +2531,7 @@ _libssh2_md5_init(libssh2_md5_ctx *ctx)
return EVP_DigestInit(ctx, EVP_get_digestbyname("md5"));
#endif
}
#endif
#if LIBSSH2_ECDSA

4
src/openssl.h
View File

@ -194,6 +194,8 @@
# define LIBSSH2_3DES 1
#endif
#include "crypto_config.h"
#define EC_MAX_POINT_LEN ((528 * 2 / 8) + 1)
#define _libssh2_random(buf, len) \
@ -296,6 +298,7 @@ int _libssh2_sha512(const unsigned char *message, size_t len,
unsigned char *out);
#define libssh2_sha512(x,y,z) _libssh2_sha512(x,y,z)
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
#ifdef HAVE_OPAQUE_STRUCTS
#define libssh2_md5_ctx EVP_MD_CTX *
#else
@ -315,6 +318,7 @@ int _libssh2_md5_init(libssh2_md5_ctx *ctx);
#define libssh2_md5_update(ctx, data, len) EVP_DigestUpdate(&(ctx), data, len)
#define libssh2_md5_final(ctx, out) EVP_DigestFinal(&(ctx), out, NULL)
#endif
#endif
#ifdef HAVE_OPAQUE_STRUCTS
#define libssh2_hmac_ctx HMAC_CTX *

4
src/os400qc3.h
View File

@ -164,6 +164,8 @@
#undef Qc3_MK_Pending
#define Qc3_MK_Pending '\xF3' /* '3' */
/* FIXME: Disable MD5 macros/constants and functions when
LIBSSH2_MD5 and LIBSSH_MD5_PEM have the value 0. */
/* Define which features are supported. */
#define LIBSSH2_MD5 1
@ -186,6 +188,8 @@
#define LIBSSH2_ECDSA 0
#define LIBSSH2_ED25519 0
#include "crypto_config.h"
#define MD5_DIGEST_LENGTH 16
#define SHA_DIGEST_LENGTH 20
#define SHA256_DIGEST_LENGTH 32

11
src/pem.c
View File

@ -106,12 +106,6 @@ static unsigned char hex_decode(char digit)
((digit >= 'A') ? (0xA + (digit - 'A')) : (digit - '0'));
}
/* Hack to fix builds with crypto backends with MD5 support disabled.
FIXME: Honor our LIBSSH2_MD5 macro for MD5-dependent logic. */
#ifdef OPENSSL_NO_MD5
#define MD5_DIGEST_LENGTH 16
#endif
int
_libssh2_pem_parse(LIBSSH2_SESSION * session,
const char *headerbegin,
@ -215,6 +209,7 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session,
}
if(method) {
#if LIBSSH2_MD5_PEM
/* Set up decryption */
int free_iv = 0, free_secret = 0, len_decrypted = 0, padding = 0;
int blocksize = method->blocksize;
@ -292,6 +287,10 @@ _libssh2_pem_parse(LIBSSH2_SESSION * session,
/* Clean up */
_libssh2_explicit_zero((char *)secret, sizeof(secret));
method->dtor(session, &abstract);
#else
ret = -1;
goto out;
#endif
}
ret = 0;

10
src/wincng.c
View File

@ -94,9 +94,11 @@
#define BCRYPT_RNG_ALGORITHM L"RNG"
#endif
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
#ifndef BCRYPT_MD5_ALGORITHM
#define BCRYPT_MD5_ALGORITHM L"MD5"
#endif
#endif
#ifndef BCRYPT_SHA1_ALGORITHM
#define BCRYPT_SHA1_ALGORITHM L"SHA1"
@ -254,11 +256,13 @@ _libssh2_wincng_init(void)
_libssh2_wincng.hAlgRNG = NULL;
}
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashMD5,
BCRYPT_MD5_ALGORITHM, NULL, 0);
if(!BCRYPT_SUCCESS(ret)) {
_libssh2_wincng.hAlgHashMD5 = NULL;
}
#endif
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHashSHA1,
BCRYPT_SHA1_ALGORITHM, NULL, 0);
if(!BCRYPT_SUCCESS(ret)) {
@ -280,12 +284,14 @@ _libssh2_wincng_init(void)
_libssh2_wincng.hAlgHashSHA512 = NULL;
}
#if LIBSSH2_MD5
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacMD5,
BCRYPT_MD5_ALGORITHM, NULL,
BCRYPT_ALG_HANDLE_HMAC_FLAG);
if(!BCRYPT_SUCCESS(ret)) {
_libssh2_wincng.hAlgHmacMD5 = NULL;
}
#endif
ret = BCryptOpenAlgorithmProvider(&_libssh2_wincng.hAlgHmacSHA1,
BCRYPT_SHA1_ALGORITHM, NULL,
BCRYPT_ALG_HANDLE_HMAC_FLAG);
@ -395,8 +401,10 @@ _libssh2_wincng_free(void)
{
if(_libssh2_wincng.hAlgRNG)
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgRNG, 0);
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
if(_libssh2_wincng.hAlgHashMD5)
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHashMD5, 0);
#endif
if(_libssh2_wincng.hAlgHashSHA1)
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHashSHA1, 0);
if(_libssh2_wincng.hAlgHashSHA256)
@ -405,8 +413,10 @@ _libssh2_wincng_free(void)
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHashSHA384, 0);
if(_libssh2_wincng.hAlgHashSHA512)
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHashSHA512, 0);
#if LIBSSH2_MD5
if(_libssh2_wincng.hAlgHmacMD5)
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHmacMD5, 0);
#endif
if(_libssh2_wincng.hAlgHmacSHA1)
(void)BCryptCloseAlgorithmProvider(_libssh2_wincng.hAlgHmacSHA1, 0);
if(_libssh2_wincng.hAlgHmacSHA256)

8
src/wincng.h
View File

@ -74,7 +74,11 @@
#define LIBSSH2_ECDSA 0
#define LIBSSH2_ED25519 0
#include "crypto_config.h"
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
#define MD5_DIGEST_LENGTH 16
#endif
#define SHA_DIGEST_LENGTH 20
#define SHA256_DIGEST_LENGTH 32
#define SHA384_DIGEST_LENGTH 48
@ -204,6 +208,7 @@ typedef struct __libssh2_wincng_hash_ctx {
_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashSHA512, \
hash, SHA512_DIGEST_LENGTH)
#if LIBSSH2_MD5 || LIBSSH2_MD5_PEM
#define libssh2_md5_ctx _libssh2_wincng_hash_ctx
#define libssh2_md5_init(ctx) \
(_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHashMD5, \
@ -216,6 +221,7 @@ typedef struct __libssh2_wincng_hash_ctx {
#define libssh2_md5(data, datalen, hash) \
_libssh2_wincng_hash(data, datalen, _libssh2_wincng.hAlgHashMD5, \
hash, MD5_DIGEST_LENGTH)
#endif
/*
* Windows CNG backend: HMAC functions
@ -226,9 +232,11 @@ typedef struct __libssh2_wincng_hash_ctx {
#define libssh2_hmac_sha1_init(ctx, key, keylen) \
_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacSHA1, \
SHA_DIGEST_LENGTH, key, (ULONG) keylen)
#if LIBSSH2_MD5
#define libssh2_hmac_md5_init(ctx, key, keylen) \
_libssh2_wincng_hash_init(ctx, _libssh2_wincng.hAlgHmacMD5, \
MD5_DIGEST_LENGTH, key, (ULONG) keylen)
#endif
#define libssh2_hmac_ripemd160_init(ctx, key, keylen)
/* not implemented */
#define libssh2_hmac_sha256_init(ctx, key, keylen) \

35
tests/session_fixture.c
View File

@ -91,6 +91,10 @@ static char const *skip_crypt[] = {
"rijndael-cbc@lysator.liu.se",
#endif
#if !LIBSSH2_3DES
"3des-cbc",
#endif
#if defined(LIBSSH2_LIBGCRYPT) || defined(LIBSSH2_OS400QC3) || \
defined(LIBSSH2_WINCNG)
/* Support for AES-GCM hasn't been added to these back-ends yet */
@ -101,6 +105,15 @@ static char const *skip_crypt[] = {
NULL
};
/* List of MAC protocols for which tests are skipped */
static char const *skip_mac[] = {
#if !LIBSSH2_MD5
"hmac-md5",
"hmac-md5-96",
#endif
NULL
};
LIBSSH2_SESSION *start_session_fixture(int *skipped, int *err)
{
int rc;
@ -112,11 +125,23 @@ LIBSSH2_SESSION *start_session_fixture(int *skipped, int *err)
*err = LIBSSH2_ERROR_NONE;
if(crypt) {
char const * const *cr;
for(cr = skip_crypt; *cr; ++cr) {
if(strcmp(*cr, crypt) == 0) {
fprintf(stderr, "crypt algorithm (%s) skipped "
"for this crypto backend.\n", crypt);
char const * const *sk;
for(sk = skip_crypt; *sk; ++sk) {
if(strcmp(*sk, crypt) == 0) {
fprintf(stderr, "unsupported crypt algorithm (%s) skipped.\n",
crypt);
*skipped = 1;
return NULL;
}
}
}
if(mac) {
char const * const *sk;
for(sk = skip_mac; *sk; ++sk) {
if(strcmp(*sk, mac) == 0) {
fprintf(stderr, "unsupported MAC algorithm (%s) skipped.\n",
mac);
*skipped = 1;
return NULL;
}

2
tests/test_auth_pubkey_ok_rsa_encrypted.c
View File

@ -7,7 +7,7 @@
int test(LIBSSH2_SESSION *session)
{
#if LIBSSH2_RSA_SHA1
#if LIBSSH2_RSA_SHA1 && LIBSSH2_MD5_PEM
/* set in Dockerfile */
return test_auth_pubkey(session, 0,
"libssh2",

12
tests/test_hostkey_hash.c
View File

@ -20,8 +20,10 @@ static const char *EXPECTED_ECDSA_HOSTKEY =
static const char *EXPECTED_ED25519_HOSTKEY =
"AAAAC3NzaC1lZDI1NTE5AAAAIIxtdyg2ZRXE70UwyPVUH3UyfDBV8GX5cPF636P6hjom";
#if LIBSSH2_MD5
static const char *EXPECTED_RSA_MD5_HASH_DIGEST =
"0C0ED1A5BB10275F76924CE187CE5C5E";
#endif
static const char *EXPECTED_RSA_SHA1_HASH_DIGEST =
"F3CD59E2913F4422B80F7B0A82B2B89EAE449387";
@ -29,8 +31,10 @@ static const char *EXPECTED_RSA_SHA1_HASH_DIGEST =
static const char *EXPECTED_RSA_SHA256_HASH_DIGEST =
"92E3DA49DF3C7F99A828F505ED8239397A5D1F62914459760F878F7510F563A3";
#if LIBSSH2_MD5
static const char *EXPECTED_ECDSA_MD5_HASH_DIGEST =
"0402E4D897580BBC911379CBD88BCD3D";
#endif
static const char *EXPECTED_ECDSA_SHA1_HASH_DIGEST =
"12FDAD1E3B31B10BABB00F2A8D1B9A62C326BD2F";
@ -41,7 +45,9 @@ static const char *EXPECTED_ECDSA_SHA256_HASH_DIGEST =
static const char *EXPECTED_ED25519_SHA256_HASH_DIGEST =
"2638B020F6121FA750A7F4754B718419F621814C6E779D68ADF26AA68814ADDF";
#if LIBSSH2_MD5
static const int MD5_HASH_SIZE = 16;
#endif
static const int SHA1_HASH_SIZE = 20;
static const int SHA256_HASH_SIZE = 32;
@ -62,7 +68,9 @@ int test(LIBSSH2_SESSION *session)
char buf[BUFSIZ];
const char *hostkey;
#if LIBSSH2_MD5
const char *md5_hash;
#endif
const char *sha1_hash;
const char *sha256_hash;
int type;
@ -100,6 +108,7 @@ int test(LIBSSH2_SESSION *session)
}
else if(type == LIBSSH2_HOSTKEY_TYPE_ECDSA_256) {
#if LIBSSH2_MD5
md5_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
if(!md5_hash) {
print_last_session_error(
@ -115,6 +124,7 @@ int test(LIBSSH2_SESSION *session)
buf, EXPECTED_ECDSA_MD5_HASH_DIGEST);
return 1;
}
#endif
sha1_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
if(!sha1_hash) {
@ -151,6 +161,7 @@ int test(LIBSSH2_SESSION *session)
}
else if(type == LIBSSH2_HOSTKEY_TYPE_RSA) {
#if LIBSSH2_MD5
md5_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
if(!md5_hash) {
print_last_session_error(
@ -166,6 +177,7 @@ int test(LIBSSH2_SESSION *session)
buf, EXPECTED_RSA_MD5_HASH_DIGEST);
return 1;
}
#endif
sha1_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
if(!sha1_hash) {