lib/libssh2
1
0
Fork 0
mirror of https://github.com/libssh2/libssh2.git synced 2025-04-26 16:48:48 +03:00
Code
libssh2/example/ssh2.c
Viktor Szakats 2efdb6747a
tidy-up: example, tests continued 
- fix skip auth if `userauthlist` is NULL.
  Closes #836 (Reported-by: @sudipm-mukherjee on github)
- fix most silenced `checksrc` warnings.
- sync examples/tests code between each other.
  (output messages, error handling, declaration order, comments)
- stop including unnecessary headers.
- always deinitialize in case of error.
- drop some redundant variables.
- add error handling where missing.
- show more error codes.
- switch `perror()` to `fprintf()`.
- fix some `printf()`s to be `fprintf()`.
- formatting.

Closes #960
2023-04-14 11:07:53 +00:00

358 lines
11 KiB
C
Raw Blame History

/*
* Sample showing how to do SSH2 connect.
*
* The sample code has default values for host name, user name, password
* and path to copy, but you can specify them on the command line like:
*
* $ ./ssh2 hostip user password [[-p|-i|-k] [command]]
*
* -p authenticate using password
* -i authenticate using keyboard-interactive
* -k authenticate using public key (password argument decrypts keyfile)
* command executes on the remote machine
*/
#include "libssh2_setup.h"
#include <libssh2.h>
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#include <sys/types.h>
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
#if defined(_MSC_VER) && _MSC_VER < 1900
#define snprintf _snprintf
#endif
static const char *pubkey = ".ssh/id_rsa.pub";
static const char *privkey = ".ssh/id_rsa";
static const char *username = "username";
static const char *password = "password";
static void kbd_callback(const char *name, int name_len,
const char *instruction, int instruction_len,
int num_prompts,
const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
void **abstract)
{
(void)name;
(void)name_len;
(void)instruction;
(void)instruction_len;
if(num_prompts == 1) {
responses[0].text = strdup(password);
responses[0].length = (unsigned int)strlen(password);
}
(void)prompts;
(void)abstract;
}
int main(int argc, char *argv[])
{
uint32_t hostaddr;
libssh2_socket_t sock;
int i, auth_pw = 0;
struct sockaddr_in sin;
const char *fingerprint;
char *userauthlist;
int rc;
LIBSSH2_SESSION *session = NULL;
LIBSSH2_CHANNEL *channel;
#ifdef WIN32
WSADATA wsadata;
rc = WSAStartup(MAKEWORD(2, 0), &wsadata);
if(rc) {
fprintf(stderr, "WSAStartup failed with error: %d\n", rc);
return 1;
}
#endif
if(argc > 1) {
hostaddr = inet_addr(argv[1]);
}
else {
hostaddr = htonl(0x7F000001);
}
if(argc > 2) {
username = argv[2];
}
if(argc > 3) {
password = argv[3];
}
rc = libssh2_init(0);
if(rc) {
fprintf(stderr, "libssh2 initialization failed (%d)\n", rc);
return 1;
}
/* Ultra basic "connect to port 22 on localhost". Your code is
* responsible for creating the socket establishing the connection
*/
sock = socket(AF_INET, SOCK_STREAM, 0);
if(sock == LIBSSH2_INVALID_SOCKET) {
fprintf(stderr, "failed to create socket!\n");
rc = 1;
goto shutdown;
}
sin.sin_family = AF_INET;
sin.sin_port = htons(22);
sin.sin_addr.s_addr = hostaddr;
fprintf(stderr, "Connecting to %s:%d as user %s\n",
inet_ntoa(sin.sin_addr), ntohs(sin.sin_port), username);
if(connect(sock, (struct sockaddr*)(&sin), sizeof(struct sockaddr_in))) {
fprintf(stderr, "failed to connect!\n");
goto shutdown;
}
/* Create a session instance and start it up. This will trade welcome
* banners, exchange keys, and setup crypto, compression, and MAC layers
*/
session = libssh2_session_init();
if(!session) {
fprintf(stderr, "Could not initialize SSH session!\n");
goto shutdown;
}
/* Enable all debugging when libssh2 was built with debugging enabled */
libssh2_trace(session, ~0);
rc = libssh2_session_handshake(session, sock);
if(rc) {
fprintf(stderr, "Failure establishing SSH session: %d\n", rc);
goto shutdown;
}
/* At this point we have not yet authenticated. The first thing to do
* is check the hostkey's fingerprint against our known hosts Your app
* may have it hard coded, may go to a file, may present it to the
* user, that's your call
*/
fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
fprintf(stderr, "Fingerprint: ");
for(i = 0; i < 20; i++) {
fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
}
fprintf(stderr, "\n");
/* check what authentication methods are available */
userauthlist = libssh2_userauth_list(session, username,
(unsigned int)strlen(username));
if(userauthlist) {
fprintf(stderr, "Authentication methods: %s\n", userauthlist);
if(strstr(userauthlist, "password")) {
auth_pw |= 1;
}
if(strstr(userauthlist, "keyboard-interactive")) {
auth_pw |= 2;
}
if(strstr(userauthlist, "publickey")) {
auth_pw |= 4;
}
/* check for options */
if(argc > 4) {
if((auth_pw & 1) && !strcmp(argv[4], "-p")) {
auth_pw = 1;
}
if((auth_pw & 2) && !strcmp(argv[4], "-i")) {
auth_pw = 2;
}
if((auth_pw & 4) && !strcmp(argv[4], "-k")) {
auth_pw = 4;
}
}
if(auth_pw & 1) {
/* We could authenticate via password */
if(libssh2_userauth_password(session, username, password)) {
fprintf(stderr, "Authentication by password failed!\n");
goto shutdown;
}
else {
fprintf(stderr, "Authentication by password succeeded.\n");
}
}
else if(auth_pw & 2) {
/* Or via keyboard-interactive */
if(libssh2_userauth_keyboard_interactive(session, username,
&kbd_callback) ) {
fprintf(stderr,
"Authentication by keyboard-interactive failed!\n");
goto shutdown;
}
else {
fprintf(stderr,
"Authentication by keyboard-interactive succeeded.\n");
}
}
else if(auth_pw & 4) {
/* Or by public key */
size_t fn1sz, fn2sz;
char *fn1, *fn2;
char const *h = getenv("HOME");
if(!h || !*h)
h = ".";
fn1sz = strlen(h) + strlen(pubkey) + 2;
fn2sz = strlen(h) + strlen(privkey) + 2;
fn1 = malloc(fn1sz);
fn2 = malloc(fn2sz);
if(!fn1 || !fn2) {
free(fn2);
free(fn1);
fprintf(stderr, "out of memory\n");
goto shutdown;
}
/* Using asprintf() here would be much cleaner,
but less portable */
snprintf(fn1, fn1sz, "%s/%s", h, pubkey);
snprintf(fn2, fn2sz, "%s/%s", h, privkey);
if(libssh2_userauth_publickey_fromfile(session, username,
fn1, fn2,
password)) {
fprintf(stderr, "Authentication by public key failed!\n");
free(fn2);
free(fn1);
goto shutdown;
}
else {
fprintf(stderr, "Authentication by public key succeeded.\n");
}
free(fn2);
free(fn1);
}
else {
fprintf(stderr, "No supported authentication methods found!\n");
goto shutdown;
}
}
/* Request a session channel on which to run a shell */
channel = libssh2_channel_open_session(session);
if(!channel) {
fprintf(stderr, "Unable to open a session\n");
goto shutdown;
}
/* Some environment variables may be set,
* It's up to the server which ones it'll allow though
*/
libssh2_channel_setenv(channel, "FOO", "bar");
/* Request a terminal with 'vanilla' terminal emulation
* See /etc/termcap for more options. This is useful when opening
* an interactive shell.
*/
#if 0
if(libssh2_channel_request_pty(channel, "vanilla")) {
fprintf(stderr, "Failed requesting pty\n");
}
#endif
if(argc > 5) {
if(libssh2_channel_exec(channel, argv[5])) {
fprintf(stderr, "Unable to request command on channel\n");
goto shutdown;
}
/* Instead of just running a single command with libssh2_channel_exec,
* a shell can be opened on the channel instead, for interactive use.
* You usually want a pty allocated first in that case (see above). */
#if 0
if(libssh2_channel_shell(channel)) {
fprintf(stderr, "Unable to request shell on allocated pty\n");
goto shutdown;
}
#endif
/* At this point the shell can be interacted with using
* libssh2_channel_read()
* libssh2_channel_read_stderr()
* libssh2_channel_write()
* libssh2_channel_write_stderr()
*
* Blocking mode may be (en|dis)abled with:
* libssh2_channel_set_blocking()
* If the server send EOF, libssh2_channel_eof() will return non-0
* To send EOF to the server use: libssh2_channel_send_eof()
* A channel can be closed with: libssh2_channel_close()
* A channel can be freed with: libssh2_channel_free()
*/
/* Read and display all the data received on stdout (ignoring stderr)
* until the channel closes. This will eventually block if the command
* produces too much data on stderr; the loop must be rewritten to use
* non-blocking mode and include interspersed calls to
* libssh2_channel_read_stderr() to avoid this. See ssh2_echo.c for
* an idea of how such a loop might look.
*/
while(!libssh2_channel_eof(channel)) {
char buf[1024];
ssize_t err = libssh2_channel_read(channel, buf, sizeof(buf));
if(err < 0)
fprintf(stderr, "Unable to read response: %d\n", (int)err);
else {
fwrite(buf, 1, err, stdout);
}
}
}
rc = libssh2_channel_get_exit_status(channel);
if(libssh2_channel_close(channel))
fprintf(stderr, "Unable to close channel\n");
if(channel) {
libssh2_channel_free(channel);
channel = NULL;
}
/* Other channel types are supported via:
* libssh2_scp_send()
* libssh2_scp_recv2()
* libssh2_channel_direct_tcpip()
*/
shutdown:
if(session) {
libssh2_session_disconnect(session, "Normal Shutdown");
libssh2_session_free(session);
}
if(sock != LIBSSH2_INVALID_SOCKET) {
#ifdef WIN32
closesocket(sock);
#else
close(sock);
#endif
}
fprintf(stderr, "all done\n");
libssh2_exit();
return rc;
}
View Git Blame Copy Permalink