vendor/libgit2/src/transports/ssh.c in rugged-1.1.1 vs vendor/libgit2/src/transports/ssh.c in rugged-1.2.0

@@ -9,11 +9,11 @@
 
 #ifdef GIT_SSH
 #include <libssh2.h>
 #endif
 
-#include "global.h"
+#include "runtime.h"
 #include "git2.h"
 #include "buffer.h"
 #include "net.h"
 #include "netops.h"
 #include "smart.h"
@@ -236,11 +236,11 @@
 	const char *cmd,
 	git_smart_subtransport_stream **stream)
 {
 	ssh_stream *s;
 
-	assert(stream);
+	GIT_ASSERT_ARG(stream);
 
 	s = git__calloc(sizeof(ssh_stream), 1);
 	GIT_ERROR_CHECK_ALLOC(s);
 
 	s->parent.subtransport = &t->parent;
@@ -402,12 +402,12 @@
 		}
 #ifdef GIT_SSH_MEMORY_CREDENTIALS
 		case GIT_CREDENTIAL_SSH_MEMORY: {
 			git_credential_ssh_key *c = (git_credential_ssh_key *)cred;
 
-			assert(c->username);
-			assert(c->privatekey);
+			GIT_ASSERT(c->username);
+			GIT_ASSERT(c->privatekey);
 
 			rc = libssh2_userauth_publickey_frommemory(
 				session,
 				c->username,
 				strlen(c->username),
@@ -459,17 +459,17 @@
 		}
 	}
 
 	if (no_callback) {
 		git_error_set(GIT_ERROR_SSH, "authentication required but no callback set");
-		return -1;
+		return GIT_EAUTH;
 	}
 
 	if (!(cred->credtype & auth_methods)) {
 		cred->free(cred);
-		git_error_set(GIT_ERROR_SSH, "callback returned unsupported credentials type");
-		return -1;
+		git_error_set(GIT_ERROR_SSH, "authentication callback returned unsupported credentials type");
+		return GIT_EAUTH;
 	}
 
 	*out = cred;
 
 	return 0;
@@ -481,11 +481,11 @@
 {
 	int rc = 0;
 	LIBSSH2_SESSION* s;
 	git_socket_stream *socket = GIT_CONTAINER_OF(io, git_socket_stream, parent);
 
-	assert(session);
+	GIT_ASSERT_ARG(session);
 
 	s = libssh2_session_init();
 	if (!s) {
 		git_error_set(GIT_ERROR_NET, "failed to initialize SSH session");
 		return -1;
@@ -561,13 +561,50 @@
 		goto done;
 
 	if (t->owner->certificate_check_cb != NULL) {
 		git_cert_hostkey cert = {{ 0 }}, *cert_ptr;
 		const char *key;
+		size_t cert_len;
+		int cert_type;
 
 		cert.parent.cert_type = GIT_CERT_HOSTKEY_LIBSSH2;
 
+		key = libssh2_session_hostkey(session, &cert_len, &cert_type);
+		if (key != NULL) {
+			cert.type |= GIT_CERT_SSH_RAW;
+			cert.hostkey = key;
+			cert.hostkey_len = cert_len;
+			switch (cert_type) {
+				case LIBSSH2_HOSTKEY_TYPE_RSA:
+					cert.raw_type = GIT_CERT_SSH_RAW_TYPE_RSA;
+					break;
+				case LIBSSH2_HOSTKEY_TYPE_DSS:
+					cert.raw_type = GIT_CERT_SSH_RAW_TYPE_DSS;
+					break;
+					
+#ifdef LIBSSH2_HOSTKEY_TYPE_ECDSA_256
+				case LIBSSH2_HOSTKEY_TYPE_ECDSA_256:
+					cert.raw_type = GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_256;
+					break;
+				case LIBSSH2_HOSTKEY_TYPE_ECDSA_384:
+					cert.raw_type = GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_384;
+					break;
+				case LIBSSH2_KNOWNHOST_KEY_ECDSA_521:
+					cert.raw_type = GIT_CERT_SSH_RAW_TYPE_KEY_ECDSA_521;
+					break;
+#endif
+					
+#ifdef LIBSSH2_HOSTKEY_TYPE_ED25519
+				case LIBSSH2_HOSTKEY_TYPE_ED25519:
+					cert.raw_type = GIT_CERT_SSH_RAW_TYPE_KEY_ED25519;
+					break;
+#endif
+				default:
+					cert.raw_type = GIT_CERT_SSH_RAW_TYPE_UNKNOWN;
+			}
+		}
+
 #ifdef LIBSSH2_HOSTKEY_HASH_SHA256
 		key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA256);
 		if (key != NULL) {
 			cert.type |= GIT_CERT_SSH_SHA256;
 			memcpy(&cert.hash_sha256, key, 32);
@@ -770,23 +807,21 @@
 
 static int _ssh_close(git_smart_subtransport *subtransport)
 {
 	ssh_subtransport *t = GIT_CONTAINER_OF(subtransport, ssh_subtransport, parent);
 
-	assert(!t->current_stream);
+	GIT_ASSERT(!t->current_stream);
 
 	GIT_UNUSED(t);
 
 	return 0;
 }
 
 static void _ssh_free(git_smart_subtransport *subtransport)
 {
 	ssh_subtransport *t = GIT_CONTAINER_OF(subtransport, ssh_subtransport, parent);
 
-	assert(!t->current_stream);
-
 	git__free(t->cmd_uploadpack);
 	git__free(t->cmd_receivepack);
 	git__free(t);
 }
 
@@ -803,11 +838,11 @@
 	list = libssh2_userauth_list(session, username, strlen(username));
 
 	/* either error, or the remote accepts NONE auth, which is bizarre, let's punt */
 	if (list == NULL && !libssh2_userauth_authenticated(session)) {
 		ssh_error(session, "Failed to retrieve list of SSH authentication methods");
-		return -1;
+		return GIT_EAUTH;
 	}
 
 	ptr = list;
 	while (ptr) {
 		if (*ptr == ',')
@@ -847,11 +882,11 @@
 	git_smart_subtransport **out, git_transport *owner, void *param)
 {
 #ifdef GIT_SSH
 	ssh_subtransport *t;
 
-	assert(out);
+	GIT_ASSERT_ARG(out);
 
 	GIT_UNUSED(param);
 
 	t = git__calloc(sizeof(ssh_subtransport), 1);
 	GIT_ERROR_CHECK_ALLOC(t);
@@ -865,11 +900,11 @@
 	return 0;
 #else
 	GIT_UNUSED(owner);
 	GIT_UNUSED(param);
 
-	assert(out);
+	GIT_ASSERT_ARG(out);
 	*out = NULL;
 
 	git_error_set(GIT_ERROR_INVALID, "cannot create SSH transport. Library was built without SSH support");
 	return -1;
 #endif
@@ -909,11 +944,11 @@
 	return 0;
 #else
 	GIT_UNUSED(owner);
 	GIT_UNUSED(payload);
 
-	assert(out);
+	GIT_ASSERT_ARG(out);
 	*out = NULL;
 
 	git_error_set(GIT_ERROR_INVALID, "cannot create SSH transport. Library was built without SSH support");
 	return -1;
 #endif
@@ -932,11 +967,10 @@
 	if (libssh2_init(0) < 0) {
 		git_error_set(GIT_ERROR_SSH, "unable to initialize libssh2");
 		return -1;
 	}
 
-	git__on_shutdown(shutdown_ssh);
-	return 0;
+	return git_runtime_shutdown_register(shutdown_ssh);
 
 #else
 
 	/* Nothing to initialize */
 	return 0;