cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: curl+sftp+man-in-the-middle-attck.

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Sat, 15 Mar 2014 12:05:46 +0100 (CET)

On Fri, 14 Mar 2014, san d wrote:

> curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_ANY);
> curl_easy_setopt(curl, CURLOPT_USERNAME, userName);
> curl_easy_setopt(curl, CURLOPT_PASSWORD, Passwd);
> curl_easy_setopt(curl, CURLOPT_KEYPASSWD, Passwd);

CURLOPT_SSH_KNOWNHOSTS perhaps? (Dan also already mentioned
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5)

>>> Does the connection establishment/negotiation happen every call to
>>> curl_easy_perform()?
>
>> Unless it can re-use an existing connection, yes.

> You meant if curl handle was not cleaned up.

Yes, and if the previous connection was actually left alive and that the
subsequent request is made in a way that can re-use the previous one.

If you keep using the same host, the same protocol and the same user
credentials and the server doesn't close the connection then yes it will be
re-used. The CURLOPT_VERBOSE output will tell you.

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2014-03-15

This message: [ Message body ]
Next message: Kamil Dudka: "Re: [PATCH 3/3] nss: allow to enable/disable new AES GCM cipher-suites"
Previous message: Fabian Frank: "Re: [PATCH 3/3] nss: allow to enable/disable new AES GCM cipher-suites"
In reply to: san d: "Re: curl+sftp+man-in-the-middle-attck."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]