curl tries to read known_hosts from wrong location #8033
Comments
jeffrson
changed the title
Is this practice/order documented or mandated somewhere official? curl has preferred |
|
Well, that's interesting. I'm just using curl with SFTP for the first time and I stumbled across the certificate warning. So I was going to research. So what does it mean "official"? Also, there hasn't been "official" SSH until a few years ago in some Windows 10 update. Now, this ssh is using %USERPROFILE%\.ssh and I think it's practical to use the same data in curl as well, isn't it? It's not really useful to have two different known_hosts. BTW, IMO it's not too well documented that curl is using %APPDATA%. I actually had used Procmon to check whether it reads my known_hosts file. Do you know of other apps search .ssh at %APPDATA%? Maybe you could read %USERPROFILE%\.ssh, if the other does not exist? Or if it doesn't contain known_hosts? |
|
curl also never actually use |
The homedir() function now iterates over all the environment variables trying to access the file in question until it finds it. Last resort is then getpwuid() if available. Previously it would first try to find a home directory and if that was set, insist on checking only that directory for the file. The Windows specific checks are now done differently too and in this order: 1 - %USERPROFILE% 2 - %APPDATA% 3 - %USERPROFILE%\\Application Data\\ The windows order is modified to match how the Windows 10 ssh tool works when it searches for .ssh/known_hosts. Reported-by: jeffrson on github Fixes #8033
The homedir() function now iterates over all the environment variables trying to access the file in question until it finds it. Last resort is then getpwuid() if available. Previously it would first try to find a home directory and if that was set, insist on checking only that directory for the file. The Windows specific checks are now done differently too and in this order: 1 - %USERPROFILE% 2 - %APPDATA% 3 - %USERPROFILE%\\Application Data\\ The windows order is modified to match how the Windows 10 ssh tool works when it searches for .ssh/known_hosts. Reported-by: jeffrson on github Fixes #8033
The homedir() function now iterates over all the environment variables trying to access the file in question until it finds it. Last resort is then getpwuid() if available. Previously it would first try to find a home directory and if that was set, insist on checking only that directory for the file. The Windows specific checks are now done differently too and in this order: 1 - %USERPROFILE% 2 - %APPDATA% 3 - %USERPROFILE%\\Application Data\\ The windows order is modified to match how the Windows 10 ssh tool works when it searches for .ssh/known_hosts. Reported-by: jeffrson on github Fixes #8033
The homedir() function is now renamed into findfile() and iterates over all the environment variables trying to access the file in question until it finds it. Last resort is then getpwuid() if available. Previously it would first try to find a home directory and if that was set, insist on checking only that directory for the file. This now returns the full file name it finds. The Windows specific checks are now done differently too and in this order: 1 - %USERPROFILE% 2 - %APPDATA% 3 - %USERPROFILE%\\Application Data\\ The windows order is modified to match how the Windows 10 ssh tool works when it searches for .ssh/known_hosts. Reported-by: jeffrson on github Fixes #8033 Closes #8035
|
Great work, thank you very much! Unfortunately I don't have any local builds for curl :-( and I'm afraid I can't set it up in the short term either. Also I could not find a nightly or autobuild version - can you recommend one? |
The homedir() function is now renamed into findfile() and iterates over all the environment variables trying to access the file in question until it finds it. Last resort is then getpwuid() if available. Previously it would first try to find a home directory and if that was set, insist on checking only that directory for the file. This now returns the full file name it finds. The Windows specific checks are now done differently too and in this order: 1 - %USERPROFILE% 2 - %APPDATA% 3 - %USERPROFILE%\\Application Data\\ The windows order is modified to match how the Windows 10 ssh tool works when it searches for .ssh/known_hosts. Reported-by: jeffrson on github Fixes #8033 Closes #8035
I did this
curl -u user:pass -T file.dat sftp://host.domain.tld/folder
I expected the following
upload "file.dat" to host.domain.tld/folder
what happened
although host.domain.tld is contained in known_hosts there's an error message:
curl: (60) SSL peer certificate or SSH remote key was not OK
AFAICT, curl tries to load known_hosts from %APPDATA%\.ssh (user\AppData\Roaming\.ssh), while it should look at %USERPROFILE%\.ssh (user\.ssh), which is user's actual home folder and is used by OpenSSH integrated in Windows as well.
BTW, would be great to have an example of how to get the hash for --hostpubmd5 and --hostpubsha256 in the documentation (ie, what data to hash exactly).
curl/libcurl version
[curl -V output]
operating system
Windows 10 21H1
The text was updated successfully, but these errors were encountered: