upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-09 08:44:07 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

Merge pull request #9718 from owncloud/sftp-early-login

Browse source 
SFTP: login() must be called after getServerPublicHostKey().
This commit is contained in:
blizzz 2014-07-18 13:34:28 +02:00
commit 6c28c9b141
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
apps/files_external/lib/sftp.php
View file

@ -54,12 +54,8 @@ class SFTP extends \OC\Files\Storage\Common {
$hostKeys = $this->readHostKeys();
$this->client = new \Net_SFTP($this->host);
if (!$this->client->login($this->user, $this->password)) {
throw new \Exception('Login failed');
}
// The SSH Host Key MUST be verified before login().
$currentHostKey = $this->client->getServerPublicHostKey();
if (array_key_exists($this->host, $hostKeys)) {
if ($hostKeys[$this->host] != $currentHostKey) {
throw new \Exception('Host public key does not match known key');
@ -68,6 +64,10 @@ class SFTP extends \OC\Files\Storage\Common {
$hostKeys[$this->host] = $currentHostKey;
$this->writeHostKeys($hostKeys);
}
if (!$this->client->login($this->user, $this->password)) {
throw new \Exception('Login failed');
}
}
public function test() {