ssh: make CURLOPT_SSH_PUBLIC_KEYFILE treat "" as NULL

The CURLOPT_SSH_PUBLIC_KEYFILE option has been documented to handle
empty strings specially since curl-7_25_0-31-g05a443a but the behavior
was unintentionally removed in curl-7_38_0-47-gfa7d04f.

This commit restores the original behavior and clarifies it in the
documentation that NULL and "" have both the same meaning when passed
to CURLOPT_SSH_PUBLIC_KEYFILE.

Bug: http://curl.haxx.se/mail/lib-2016-01/0072.html

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 8afa3d3e3a85d0e9d27ef5810a070b6fe3e36df1..58259f92827b929088b0c8b194d874858a597437 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -68,6 +68,7 @@ This release includes the following bugfixes:
  o configure: assume IPv6 works when cross-compiled [29]
  o openssl: for 1.1.0+ they now provide a SSLeay() macro of their own
  o openssl: improved error detection/reporting
+ o ssh: CURLOPT_SSH_PUBLIC_KEYFILE now treats "" as NULL again [30]
 
 This release includes the following known bugs:
 
@@ -116,4 +117,5 @@ References to bug reports and discussions on issues:
  [27] = http://curl.haxx.se/bug/?i=597
  [28] = http://curl.haxx.se/bug/?i=584
  [29] = http://curl.haxx.se/bug/?i=594
+ [30] = http://curl.haxx.se/mail/lib-2016-01/0072.html
 

diff --git a/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3 b/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3
index 35f2a1992919fdd77bb233222d48363a6e44fadb..bd930732e614b5bc24e43d120fedca9bffe868ad 100644 (file)
--- a/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3
+++ b/docs/libcurl/opts/CURLOPT_SSH_PUBLIC_KEYFILE.3
@@ -35,11 +35,11 @@ libcurl defaults to \fB$HOME/.ssh/id_dsa.pub\fP if the HOME environment
 variable is set, and just "id_dsa.pub" in the current directory if HOME is not
 set.
 
-If an empty string is passed, libcurl will pass no public key to libssh2 which
-then tries to compute it from the private key, this is known to work when
-libssh2 1.4.0+ is linked against OpenSSL.
+If NULL (or an empty string) is passed, libcurl will pass no public key to
+libssh2, which then tries to compute it from the private key.  This is known
+to work with libssh2 1.4.0+ linked against OpenSSL.
 .SH DEFAULT
-As explained above
+NULL
 .SH PROTOCOLS
 SFTP and SCP
 .SH EXAMPLE

diff --git a/lib/ssh.c b/lib/ssh.c
index f9bbdf104c0d1713225214b4c0b537b3b8cf9d25..198a230af7ef629935d9196fb11e764625f98ca3 100644 (file)
--- a/lib/ssh.c
+++ b/lib/ssh.c
@@ -848,7 +848,9 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block)
          * libssh2 extract the public key from the private key file.
          * This is done by simply passing sshc->rsa_pub = NULL.
          */
-        if(data->set.str[STRING_SSH_PUBLIC_KEY]) {
+        if(data->set.str[STRING_SSH_PUBLIC_KEY]
+            /* treat empty string the same way as NULL */
+            && data->set.str[STRING_SSH_PUBLIC_KEY][0]) {
           sshc->rsa_pub = strdup(data->set.str[STRING_SSH_PUBLIC_KEY]);
           if(!sshc->rsa_pub)
             out_of_memory = TRUE;
@@ -869,7 +871,8 @@ static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block)
 
         free(home);
 
-        infof(data, "Using SSH public key file '%s'\n", sshc->rsa_pub);
+        if(sshc->rsa_pub)
+          infof(data, "Using SSH public key file '%s'\n", sshc->rsa_pub);
         infof(data, "Using SSH private key file '%s'\n", sshc->rsa);
 
         state(conn, SSH_AUTH_PKEY);