Use SSH more safely from configure

diff --git a/configure.ac b/configure.ac
index f1a30ead21174de3fc0ed15863a29735f9b96b5f..3f625f1d598ab8f4bdeaecbcaaf498d69694841e 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -202,6 +202,7 @@ AM_CONDITIONAL(HAVE_GETOPT_BINARY, $VAR_GETOPT_BINARY)
 
 AC_CHECK_PROG(VAR_SSH_BINARY,ssh,true,false)
 AM_CONDITIONAL(HAVE_SSH_BINARY, $VAR_SSH_BINARY)
+AM_CONDITIONAL(HAVE_SSH_KEY,  ssh -D 12345 -o "BatchMode yes" -o "UserKnownHostsFile /tmp/gnunet_test_cosks_ssh_garbage" -o "StrictHostKeyChecking no" 127.0.0.1 echo -n)
 
 
 AC_CHECK_MEMBER(struct tm.tm_gmtoff,

diff --git a/src/util/Makefile.am b/src/util/Makefile.am
index 896ef17eba6869fa2c39ec5e58bc5985d07b1ac8..65b53b91dbb79082515ee0060799a1721f822488 100644 (file)
--- a/src/util/Makefile.am
+++ b/src/util/Makefile.am
@@ -256,7 +256,7 @@ if HAVE_BENCHMARKS
   perf_malloc
 endif
 
-if HAVE_SSH_BINARY
+if HAVE_SSH_KEY
  SSH_USING_TESTS = test_socks.nc
 endif
 

diff --git a/src/util/test_socks.c b/src/util/test_socks.c
index 5ca086ee18a15fceaead8f3558845f5a206c8f87..97f614cd4e70f66772fae0f0fdd791b767c4ca3c 100644 (file)
--- a/src/util/test_socks.c
+++ b/src/util/test_socks.c
@@ -186,13 +186,12 @@ main (int argc, char *argv[])
   if (pid == 0) 
   {
     execlp ("ssh",
-           "ssh",
-           "-D", 
-           socksport,
-           "127.0.0.1",
-           "-N",
-           NULL);
-    perror ("execlp (\"ssh\",\"ssh\",\"-D\",\"1081\",\"127.0.0.1\",\"-N\") ");
+            "ssh","-D",socksport,
+            "-o","BatchMode yes",
+            "-o","UserKnownHostsFile /tmp/gnunet_test_socks_ssh_garbage",
+            "-o","StrictHostKeyChecking no",
+            "127.0.0.1","-N",(char*)NULL);
+    perror ("execlp (\"ssh\",\"ssh\",...,\"-D\",\"1081\",\"127.0.0.1\",\"-N\") ");
     printf (""
 "Please ensure you have ssh installed and have sshd installed and running :\n"
 "\tsudo apt-get install openssh-client openssh-server\n"