From 572ed5a20edf2e273ae377473b52bfee98eca24e Mon Sep 17 00:00:00 2001 From: Jeff Burdges Date: Tue, 27 Oct 2015 11:12:14 +0000 Subject: [PATCH] Use SSH more safely from configure --- configure.ac | 1 + src/util/Makefile.am | 2 +- src/util/test_socks.c | 13 ++++++------- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/configure.ac b/configure.ac index f1a30ead2..3f625f1d5 100644 --- a/configure.ac +++ b/configure.ac @@ -202,6 +202,7 @@ AM_CONDITIONAL(HAVE_GETOPT_BINARY, $VAR_GETOPT_BINARY) AC_CHECK_PROG(VAR_SSH_BINARY,ssh,true,false) AM_CONDITIONAL(HAVE_SSH_BINARY, $VAR_SSH_BINARY) +AM_CONDITIONAL(HAVE_SSH_KEY, ssh -D 12345 -o "BatchMode yes" -o "UserKnownHostsFile /tmp/gnunet_test_cosks_ssh_garbage" -o "StrictHostKeyChecking no" 127.0.0.1 echo -n) AC_CHECK_MEMBER(struct tm.tm_gmtoff, diff --git a/src/util/Makefile.am b/src/util/Makefile.am index 896ef17eb..65b53b91d 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am @@ -256,7 +256,7 @@ if HAVE_BENCHMARKS perf_malloc endif -if HAVE_SSH_BINARY +if HAVE_SSH_KEY SSH_USING_TESTS = test_socks.nc endif diff --git a/src/util/test_socks.c b/src/util/test_socks.c index 5ca086ee1..97f614cd4 100644 --- a/src/util/test_socks.c +++ b/src/util/test_socks.c @@ -186,13 +186,12 @@ main (int argc, char *argv[]) if (pid == 0) { execlp ("ssh", - "ssh", - "-D", - socksport, - "127.0.0.1", - "-N", - NULL); - perror ("execlp (\"ssh\",\"ssh\",\"-D\",\"1081\",\"127.0.0.1\",\"-N\") "); + "ssh","-D",socksport, + "-o","BatchMode yes", + "-o","UserKnownHostsFile /tmp/gnunet_test_socks_ssh_garbage", + "-o","StrictHostKeyChecking no", + "127.0.0.1","-N",(char*)NULL); + perror ("execlp (\"ssh\",\"ssh\",...,\"-D\",\"1081\",\"127.0.0.1\",\"-N\") "); printf ("" "Please ensure you have ssh installed and have sshd installed and running :\n" "\tsudo apt-get install openssh-client openssh-server\n" -- 2.25.1