SSH: use the port number as well for known_known checks

... if the libssh2 version is new enough. Bug: http://curl.haxx.se/bug/view.cgi?id=1448
2014-11-09 15:30:06 +01:00 · 2014-11-09 15:30:06 +01:00 · 18e1a3022d
--- a/lib/ssh.c
+++ b/lib/ssh.c
@ -99,6 +99,13 @@
 #  endif
 #endif

+/* Feature detection based on version numbers to better work with
+   non-configure platforms */
+#if LIBSSH2_VERSION_NUM >= 0x010206
+/* libssh2_knownhost_checkp was added in 1.2.6 */
+#define HAVE_LIBSSH2_KNOWNHOST_CHECKP
+#endif
+
 #ifndef PATH_MAX
 #define PATH_MAX 1024 /* just an extra precaution since there are systems that
                         have their definition hidden well */
@ -546,6 +553,17 @@ static CURLcode ssh_knownhost(struct connectdata *conn)
      keybit = (keytype == LIBSSH2_HOSTKEY_TYPE_RSA)?
        LIBSSH2_KNOWNHOST_KEY_SSHRSA:LIBSSH2_KNOWNHOST_KEY_SSHDSS;

+#ifdef HAVE_LIBSSH2_KNOWNHOST_CHECKP
+      keycheck = libssh2_knownhost_checkp(sshc->kh,
+                                          conn->host.name,
+                                          (conn->remote_port != PORT_SSH)?
+                                          conn->remote_port:-1,
+                                          remotekey, keylen,
+                                          LIBSSH2_KNOWNHOST_TYPE_PLAIN|
+                                          LIBSSH2_KNOWNHOST_KEYENC_RAW|
+                                          keybit,
+                                          &host);
+#else
      keycheck = libssh2_knownhost_check(sshc->kh,
                                         conn->host.name,
                                         remotekey, keylen,
@ -553,6 +571,7 @@ static CURLcode ssh_knownhost(struct connectdata *conn)
                                         LIBSSH2_KNOWNHOST_KEYENC_RAW|
                                         keybit,
                                         &host);
+#endif

      infof(data, "SSH host check: %d, key: %s\n", keycheck,
            (keycheck <= LIBSSH2_KNOWNHOST_CHECK_MISMATCH)?