libssh.c 86 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) Red Hat, Inc.
  9. *
  10. * Authors: Nikos Mavrogiannopoulos, Tomas Mraz, Stanislav Zidek,
  11. * Robert Kolcun, Andreas Schneider
  12. *
  13. * This software is licensed as described in the file COPYING, which
  14. * you should have received as part of this distribution. The terms
  15. * are also available at https://curl.se/docs/copyright.html.
  16. *
  17. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  18. * copies of the Software, and permit persons to whom the Software is
  19. * furnished to do so, under the terms of the COPYING file.
  20. *
  21. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  22. * KIND, either express or implied.
  23. *
  24. * SPDX-License-Identifier: curl
  25. *
  26. ***************************************************************************/
  27. #include "curl_setup.h"
  28. #ifdef USE_LIBSSH
  29. #include <limits.h>
  30. #ifdef HAVE_NETINET_IN_H
  31. #include <netinet/in.h>
  32. #endif
  33. #ifdef HAVE_ARPA_INET_H
  34. #include <arpa/inet.h>
  35. #endif
  36. #ifdef HAVE_NETDB_H
  37. #include <netdb.h>
  38. #endif
  39. #ifdef __VMS
  40. #include <in.h>
  41. #include <inet.h>
  42. #endif
  43. #include <curl/curl.h>
  44. #include "urldata.h"
  45. #include "sendf.h"
  46. #include "hostip.h"
  47. #include "progress.h"
  48. #include "transfer.h"
  49. #include "escape.h"
  50. #include "http.h" /* for HTTP proxy tunnel stuff */
  51. #include "ssh.h"
  52. #include "url.h"
  53. #include "speedcheck.h"
  54. #include "getinfo.h"
  55. #include "strdup.h"
  56. #include "strcase.h"
  57. #include "vtls/vtls.h"
  58. #include "cfilters.h"
  59. #include "connect.h"
  60. #include "inet_ntop.h"
  61. #include "parsedate.h" /* for the week day and month names */
  62. #include "sockaddr.h" /* required for Curl_sockaddr_storage */
  63. #include "strtoofft.h"
  64. #include "multiif.h"
  65. #include "select.h"
  66. #include "warnless.h"
  67. #include "curl_path.h"
  68. #ifdef HAVE_SYS_STAT_H
  69. #include <sys/stat.h>
  70. #endif
  71. #ifdef HAVE_UNISTD_H
  72. #include <unistd.h>
  73. #endif
  74. #ifdef HAVE_FCNTL_H
  75. #include <fcntl.h>
  76. #endif
  77. /* The last 3 #include files should be in this order */
  78. #include "curl_printf.h"
  79. #include "curl_memory.h"
  80. #include "memdebug.h"
  81. /* A recent macro provided by libssh. Or make our own. */
  82. #ifndef SSH_STRING_FREE_CHAR
  83. #define SSH_STRING_FREE_CHAR(x) \
  84. do { \
  85. if(x) { \
  86. ssh_string_free_char(x); \
  87. x = NULL; \
  88. } \
  89. } while(0)
  90. #endif
  91. /* These stat values may not be the same as the user's S_IFMT / S_IFLNK */
  92. #ifndef SSH_S_IFMT
  93. #define SSH_S_IFMT 00170000
  94. #endif
  95. #ifndef SSH_S_IFLNK
  96. #define SSH_S_IFLNK 0120000
  97. #endif
  98. /* Local functions: */
  99. static CURLcode myssh_connect(struct Curl_easy *data, bool *done);
  100. static CURLcode myssh_multi_statemach(struct Curl_easy *data,
  101. bool *done);
  102. static CURLcode myssh_do_it(struct Curl_easy *data, bool *done);
  103. static CURLcode scp_done(struct Curl_easy *data,
  104. CURLcode, bool premature);
  105. static CURLcode scp_doing(struct Curl_easy *data, bool *dophase_done);
  106. static CURLcode scp_disconnect(struct Curl_easy *data,
  107. struct connectdata *conn,
  108. bool dead_connection);
  109. static CURLcode sftp_done(struct Curl_easy *data,
  110. CURLcode, bool premature);
  111. static CURLcode sftp_doing(struct Curl_easy *data,
  112. bool *dophase_done);
  113. static CURLcode sftp_disconnect(struct Curl_easy *data,
  114. struct connectdata *conn,
  115. bool dead);
  116. static
  117. CURLcode sftp_perform(struct Curl_easy *data,
  118. bool *connected,
  119. bool *dophase_done);
  120. static void sftp_quote(struct Curl_easy *data);
  121. static void sftp_quote_stat(struct Curl_easy *data);
  122. static int myssh_getsock(struct Curl_easy *data,
  123. struct connectdata *conn, curl_socket_t *sock);
  124. static void myssh_block2waitfor(struct connectdata *conn, bool block);
  125. static CURLcode myssh_setup_connection(struct Curl_easy *data,
  126. struct connectdata *conn);
  127. /*
  128. * SCP protocol handler.
  129. */
  130. const struct Curl_handler Curl_handler_scp = {
  131. "SCP", /* scheme */
  132. myssh_setup_connection, /* setup_connection */
  133. myssh_do_it, /* do_it */
  134. scp_done, /* done */
  135. ZERO_NULL, /* do_more */
  136. myssh_connect, /* connect_it */
  137. myssh_multi_statemach, /* connecting */
  138. scp_doing, /* doing */
  139. myssh_getsock, /* proto_getsock */
  140. myssh_getsock, /* doing_getsock */
  141. ZERO_NULL, /* domore_getsock */
  142. myssh_getsock, /* perform_getsock */
  143. scp_disconnect, /* disconnect */
  144. ZERO_NULL, /* write_resp */
  145. ZERO_NULL, /* write_resp_hd */
  146. ZERO_NULL, /* connection_check */
  147. ZERO_NULL, /* attach connection */
  148. PORT_SSH, /* defport */
  149. CURLPROTO_SCP, /* protocol */
  150. CURLPROTO_SCP, /* family */
  151. PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY /* flags */
  152. };
  153. /*
  154. * SFTP protocol handler.
  155. */
  156. const struct Curl_handler Curl_handler_sftp = {
  157. "SFTP", /* scheme */
  158. myssh_setup_connection, /* setup_connection */
  159. myssh_do_it, /* do_it */
  160. sftp_done, /* done */
  161. ZERO_NULL, /* do_more */
  162. myssh_connect, /* connect_it */
  163. myssh_multi_statemach, /* connecting */
  164. sftp_doing, /* doing */
  165. myssh_getsock, /* proto_getsock */
  166. myssh_getsock, /* doing_getsock */
  167. ZERO_NULL, /* domore_getsock */
  168. myssh_getsock, /* perform_getsock */
  169. sftp_disconnect, /* disconnect */
  170. ZERO_NULL, /* write_resp */
  171. ZERO_NULL, /* write_resp_hd */
  172. ZERO_NULL, /* connection_check */
  173. ZERO_NULL, /* attach connection */
  174. PORT_SSH, /* defport */
  175. CURLPROTO_SFTP, /* protocol */
  176. CURLPROTO_SFTP, /* family */
  177. PROTOPT_DIRLOCK | PROTOPT_CLOSEACTION
  178. | PROTOPT_NOURLQUERY /* flags */
  179. };
  180. static CURLcode sftp_error_to_CURLE(int err)
  181. {
  182. switch(err) {
  183. case SSH_FX_OK:
  184. return CURLE_OK;
  185. case SSH_FX_NO_SUCH_FILE:
  186. case SSH_FX_NO_SUCH_PATH:
  187. return CURLE_REMOTE_FILE_NOT_FOUND;
  188. case SSH_FX_PERMISSION_DENIED:
  189. case SSH_FX_WRITE_PROTECT:
  190. return CURLE_REMOTE_ACCESS_DENIED;
  191. case SSH_FX_FILE_ALREADY_EXISTS:
  192. return CURLE_REMOTE_FILE_EXISTS;
  193. default:
  194. break;
  195. }
  196. return CURLE_SSH;
  197. }
  198. #ifndef DEBUGBUILD
  199. #define state(x,y) mystate(x,y)
  200. #else
  201. #define state(x,y) mystate(x,y, __LINE__)
  202. #endif
  203. /*
  204. * SSH State machine related code
  205. */
  206. /* This is the ONLY way to change SSH state! */
  207. static void mystate(struct Curl_easy *data, sshstate nowstate
  208. #ifdef DEBUGBUILD
  209. , int lineno
  210. #endif
  211. )
  212. {
  213. struct connectdata *conn = data->conn;
  214. struct ssh_conn *sshc = &conn->proto.sshc;
  215. #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
  216. /* for debug purposes */
  217. static const char *const names[] = {
  218. "SSH_STOP",
  219. "SSH_INIT",
  220. "SSH_S_STARTUP",
  221. "SSH_HOSTKEY",
  222. "SSH_AUTHLIST",
  223. "SSH_AUTH_PKEY_INIT",
  224. "SSH_AUTH_PKEY",
  225. "SSH_AUTH_PASS_INIT",
  226. "SSH_AUTH_PASS",
  227. "SSH_AUTH_AGENT_INIT",
  228. "SSH_AUTH_AGENT_LIST",
  229. "SSH_AUTH_AGENT",
  230. "SSH_AUTH_HOST_INIT",
  231. "SSH_AUTH_HOST",
  232. "SSH_AUTH_KEY_INIT",
  233. "SSH_AUTH_KEY",
  234. "SSH_AUTH_GSSAPI",
  235. "SSH_AUTH_DONE",
  236. "SSH_SFTP_INIT",
  237. "SSH_SFTP_REALPATH",
  238. "SSH_SFTP_QUOTE_INIT",
  239. "SSH_SFTP_POSTQUOTE_INIT",
  240. "SSH_SFTP_QUOTE",
  241. "SSH_SFTP_NEXT_QUOTE",
  242. "SSH_SFTP_QUOTE_STAT",
  243. "SSH_SFTP_QUOTE_SETSTAT",
  244. "SSH_SFTP_QUOTE_SYMLINK",
  245. "SSH_SFTP_QUOTE_MKDIR",
  246. "SSH_SFTP_QUOTE_RENAME",
  247. "SSH_SFTP_QUOTE_RMDIR",
  248. "SSH_SFTP_QUOTE_UNLINK",
  249. "SSH_SFTP_QUOTE_STATVFS",
  250. "SSH_SFTP_GETINFO",
  251. "SSH_SFTP_FILETIME",
  252. "SSH_SFTP_TRANS_INIT",
  253. "SSH_SFTP_UPLOAD_INIT",
  254. "SSH_SFTP_CREATE_DIRS_INIT",
  255. "SSH_SFTP_CREATE_DIRS",
  256. "SSH_SFTP_CREATE_DIRS_MKDIR",
  257. "SSH_SFTP_READDIR_INIT",
  258. "SSH_SFTP_READDIR",
  259. "SSH_SFTP_READDIR_LINK",
  260. "SSH_SFTP_READDIR_BOTTOM",
  261. "SSH_SFTP_READDIR_DONE",
  262. "SSH_SFTP_DOWNLOAD_INIT",
  263. "SSH_SFTP_DOWNLOAD_STAT",
  264. "SSH_SFTP_CLOSE",
  265. "SSH_SFTP_SHUTDOWN",
  266. "SSH_SCP_TRANS_INIT",
  267. "SSH_SCP_UPLOAD_INIT",
  268. "SSH_SCP_DOWNLOAD_INIT",
  269. "SSH_SCP_DOWNLOAD",
  270. "SSH_SCP_DONE",
  271. "SSH_SCP_SEND_EOF",
  272. "SSH_SCP_WAIT_EOF",
  273. "SSH_SCP_WAIT_CLOSE",
  274. "SSH_SCP_CHANNEL_FREE",
  275. "SSH_SESSION_DISCONNECT",
  276. "SSH_SESSION_FREE",
  277. "QUIT"
  278. };
  279. if(sshc->state != nowstate) {
  280. infof(data, "SSH %p state change from %s to %s (line %d)",
  281. (void *) sshc, names[sshc->state], names[nowstate],
  282. lineno);
  283. }
  284. #endif
  285. sshc->state = nowstate;
  286. }
  287. /* Multiple options:
  288. * 1. data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5] is set with an MD5
  289. * hash (90s style auth, not sure we should have it here)
  290. * 2. data->set.ssh_keyfunc callback is set. Then we do trust on first
  291. * use. We even save on knownhosts if CURLKHSTAT_FINE_ADD_TO_FILE
  292. * is returned by it.
  293. * 3. none of the above. We only accept if it is present on known hosts.
  294. *
  295. * Returns SSH_OK or SSH_ERROR.
  296. */
  297. static int myssh_is_known(struct Curl_easy *data)
  298. {
  299. int rc;
  300. struct connectdata *conn = data->conn;
  301. struct ssh_conn *sshc = &conn->proto.sshc;
  302. ssh_key pubkey;
  303. size_t hlen;
  304. unsigned char *hash = NULL;
  305. char *found_base64 = NULL;
  306. char *known_base64 = NULL;
  307. int vstate;
  308. enum curl_khmatch keymatch;
  309. struct curl_khkey foundkey;
  310. struct curl_khkey *knownkeyp = NULL;
  311. curl_sshkeycallback func =
  312. data->set.ssh_keyfunc;
  313. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,9,0)
  314. struct ssh_knownhosts_entry *knownhostsentry = NULL;
  315. struct curl_khkey knownkey;
  316. #endif
  317. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,8,0)
  318. rc = ssh_get_server_publickey(sshc->ssh_session, &pubkey);
  319. #else
  320. rc = ssh_get_publickey(sshc->ssh_session, &pubkey);
  321. #endif
  322. if(rc != SSH_OK)
  323. return rc;
  324. if(data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5]) {
  325. int i;
  326. char md5buffer[33];
  327. const char *pubkey_md5 = data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5];
  328. rc = ssh_get_publickey_hash(pubkey, SSH_PUBLICKEY_HASH_MD5,
  329. &hash, &hlen);
  330. if(rc != SSH_OK || hlen != 16) {
  331. failf(data,
  332. "Denied establishing ssh session: md5 fingerprint not available");
  333. goto cleanup;
  334. }
  335. for(i = 0; i < 16; i++)
  336. msnprintf(&md5buffer[i*2], 3, "%02x", (unsigned char)hash[i]);
  337. infof(data, "SSH MD5 fingerprint: %s", md5buffer);
  338. if(!strcasecompare(md5buffer, pubkey_md5)) {
  339. failf(data,
  340. "Denied establishing ssh session: mismatch md5 fingerprint. "
  341. "Remote %s is not equal to %s", md5buffer, pubkey_md5);
  342. rc = SSH_ERROR;
  343. goto cleanup;
  344. }
  345. rc = SSH_OK;
  346. goto cleanup;
  347. }
  348. if(data->set.str[STRING_SSH_KNOWNHOSTS]) {
  349. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,9,0)
  350. /* Get the known_key from the known hosts file */
  351. vstate = ssh_session_get_known_hosts_entry(sshc->ssh_session,
  352. &knownhostsentry);
  353. /* Case an entry was found in a known hosts file */
  354. if(knownhostsentry) {
  355. if(knownhostsentry->publickey) {
  356. rc = ssh_pki_export_pubkey_base64(knownhostsentry->publickey,
  357. &known_base64);
  358. if(rc != SSH_OK) {
  359. goto cleanup;
  360. }
  361. knownkey.key = known_base64;
  362. knownkey.len = strlen(known_base64);
  363. switch(ssh_key_type(knownhostsentry->publickey)) {
  364. case SSH_KEYTYPE_RSA:
  365. knownkey.keytype = CURLKHTYPE_RSA;
  366. break;
  367. case SSH_KEYTYPE_RSA1:
  368. knownkey.keytype = CURLKHTYPE_RSA1;
  369. break;
  370. case SSH_KEYTYPE_ECDSA:
  371. case SSH_KEYTYPE_ECDSA_P256:
  372. case SSH_KEYTYPE_ECDSA_P384:
  373. case SSH_KEYTYPE_ECDSA_P521:
  374. knownkey.keytype = CURLKHTYPE_ECDSA;
  375. break;
  376. case SSH_KEYTYPE_ED25519:
  377. knownkey.keytype = CURLKHTYPE_ED25519;
  378. break;
  379. case SSH_KEYTYPE_DSS:
  380. knownkey.keytype = CURLKHTYPE_DSS;
  381. break;
  382. default:
  383. rc = SSH_ERROR;
  384. goto cleanup;
  385. }
  386. knownkeyp = &knownkey;
  387. }
  388. }
  389. switch(vstate) {
  390. case SSH_KNOWN_HOSTS_OK:
  391. keymatch = CURLKHMATCH_OK;
  392. break;
  393. case SSH_KNOWN_HOSTS_OTHER:
  394. case SSH_KNOWN_HOSTS_NOT_FOUND:
  395. case SSH_KNOWN_HOSTS_UNKNOWN:
  396. case SSH_KNOWN_HOSTS_ERROR:
  397. keymatch = CURLKHMATCH_MISSING;
  398. break;
  399. default:
  400. keymatch = CURLKHMATCH_MISMATCH;
  401. break;
  402. }
  403. #else
  404. vstate = ssh_is_server_known(sshc->ssh_session);
  405. switch(vstate) {
  406. case SSH_SERVER_KNOWN_OK:
  407. keymatch = CURLKHMATCH_OK;
  408. break;
  409. case SSH_SERVER_FILE_NOT_FOUND:
  410. case SSH_SERVER_NOT_KNOWN:
  411. keymatch = CURLKHMATCH_MISSING;
  412. break;
  413. default:
  414. keymatch = CURLKHMATCH_MISMATCH;
  415. break;
  416. }
  417. #endif
  418. if(func) { /* use callback to determine action */
  419. rc = ssh_pki_export_pubkey_base64(pubkey, &found_base64);
  420. if(rc != SSH_OK)
  421. goto cleanup;
  422. foundkey.key = found_base64;
  423. foundkey.len = strlen(found_base64);
  424. switch(ssh_key_type(pubkey)) {
  425. case SSH_KEYTYPE_RSA:
  426. foundkey.keytype = CURLKHTYPE_RSA;
  427. break;
  428. case SSH_KEYTYPE_RSA1:
  429. foundkey.keytype = CURLKHTYPE_RSA1;
  430. break;
  431. case SSH_KEYTYPE_ECDSA:
  432. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,9,0)
  433. case SSH_KEYTYPE_ECDSA_P256:
  434. case SSH_KEYTYPE_ECDSA_P384:
  435. case SSH_KEYTYPE_ECDSA_P521:
  436. #endif
  437. foundkey.keytype = CURLKHTYPE_ECDSA;
  438. break;
  439. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,7,0)
  440. case SSH_KEYTYPE_ED25519:
  441. foundkey.keytype = CURLKHTYPE_ED25519;
  442. break;
  443. #endif
  444. case SSH_KEYTYPE_DSS:
  445. foundkey.keytype = CURLKHTYPE_DSS;
  446. break;
  447. default:
  448. rc = SSH_ERROR;
  449. goto cleanup;
  450. }
  451. Curl_set_in_callback(data, TRUE);
  452. rc = func(data, knownkeyp, /* from the knownhosts file */
  453. &foundkey, /* from the remote host */
  454. keymatch, data->set.ssh_keyfunc_userp);
  455. Curl_set_in_callback(data, FALSE);
  456. switch(rc) {
  457. case CURLKHSTAT_FINE_ADD_TO_FILE:
  458. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,8,0)
  459. rc = ssh_session_update_known_hosts(sshc->ssh_session);
  460. #else
  461. rc = ssh_write_knownhost(sshc->ssh_session);
  462. #endif
  463. if(rc != SSH_OK) {
  464. goto cleanup;
  465. }
  466. break;
  467. case CURLKHSTAT_FINE:
  468. break;
  469. default: /* REJECT/DEFER */
  470. rc = SSH_ERROR;
  471. goto cleanup;
  472. }
  473. }
  474. else {
  475. if(keymatch != CURLKHMATCH_OK) {
  476. rc = SSH_ERROR;
  477. goto cleanup;
  478. }
  479. }
  480. }
  481. rc = SSH_OK;
  482. cleanup:
  483. if(found_base64) {
  484. (free)(found_base64);
  485. }
  486. if(known_base64) {
  487. (free)(known_base64);
  488. }
  489. if(hash)
  490. ssh_clean_pubkey_hash(&hash);
  491. ssh_key_free(pubkey);
  492. #if LIBSSH_VERSION_INT >= SSH_VERSION_INT(0,9,0)
  493. if(knownhostsentry) {
  494. ssh_knownhosts_entry_free(knownhostsentry);
  495. }
  496. #endif
  497. return rc;
  498. }
  499. #define MOVE_TO_ERROR_STATE(_r) do { \
  500. state(data, SSH_SESSION_DISCONNECT); \
  501. sshc->actualcode = _r; \
  502. rc = SSH_ERROR; \
  503. } while(0)
  504. #define MOVE_TO_SFTP_CLOSE_STATE() do { \
  505. state(data, SSH_SFTP_CLOSE); \
  506. sshc->actualcode = \
  507. sftp_error_to_CURLE(sftp_get_error(sshc->sftp_session)); \
  508. rc = SSH_ERROR; \
  509. } while(0)
  510. #define MOVE_TO_PASSWD_AUTH do { \
  511. if(sshc->auth_methods & SSH_AUTH_METHOD_PASSWORD) { \
  512. rc = SSH_OK; \
  513. state(data, SSH_AUTH_PASS_INIT); \
  514. } \
  515. else { \
  516. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED); \
  517. } \
  518. } while(0)
  519. #define MOVE_TO_KEY_AUTH do { \
  520. if(sshc->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) { \
  521. rc = SSH_OK; \
  522. state(data, SSH_AUTH_KEY_INIT); \
  523. } \
  524. else { \
  525. MOVE_TO_PASSWD_AUTH; \
  526. } \
  527. } while(0)
  528. #define MOVE_TO_GSSAPI_AUTH do { \
  529. if(sshc->auth_methods & SSH_AUTH_METHOD_GSSAPI_MIC) { \
  530. rc = SSH_OK; \
  531. state(data, SSH_AUTH_GSSAPI); \
  532. } \
  533. else { \
  534. MOVE_TO_KEY_AUTH; \
  535. } \
  536. } while(0)
  537. static
  538. int myssh_auth_interactive(struct connectdata *conn)
  539. {
  540. int rc;
  541. struct ssh_conn *sshc = &conn->proto.sshc;
  542. int nprompts;
  543. restart:
  544. switch(sshc->kbd_state) {
  545. case 0:
  546. rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
  547. if(rc == SSH_AUTH_AGAIN)
  548. return SSH_AGAIN;
  549. if(rc != SSH_AUTH_INFO)
  550. return SSH_ERROR;
  551. nprompts = ssh_userauth_kbdint_getnprompts(sshc->ssh_session);
  552. if(nprompts != 1)
  553. return SSH_ERROR;
  554. rc = ssh_userauth_kbdint_setanswer(sshc->ssh_session, 0, conn->passwd);
  555. if(rc < 0)
  556. return SSH_ERROR;
  557. FALLTHROUGH();
  558. case 1:
  559. sshc->kbd_state = 1;
  560. rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
  561. if(rc == SSH_AUTH_AGAIN)
  562. return SSH_AGAIN;
  563. else if(rc == SSH_AUTH_SUCCESS)
  564. rc = SSH_OK;
  565. else if(rc == SSH_AUTH_INFO) {
  566. nprompts = ssh_userauth_kbdint_getnprompts(sshc->ssh_session);
  567. if(nprompts)
  568. return SSH_ERROR;
  569. sshc->kbd_state = 2;
  570. goto restart;
  571. }
  572. else
  573. rc = SSH_ERROR;
  574. break;
  575. case 2:
  576. sshc->kbd_state = 2;
  577. rc = ssh_userauth_kbdint(sshc->ssh_session, NULL, NULL);
  578. if(rc == SSH_AUTH_AGAIN)
  579. return SSH_AGAIN;
  580. else if(rc == SSH_AUTH_SUCCESS)
  581. rc = SSH_OK;
  582. else
  583. rc = SSH_ERROR;
  584. break;
  585. default:
  586. return SSH_ERROR;
  587. }
  588. sshc->kbd_state = 0;
  589. return rc;
  590. }
  591. /*
  592. * ssh_statemach_act() runs the SSH state machine as far as it can without
  593. * blocking and without reaching the end. The data the pointer 'block' points
  594. * to will be set to TRUE if the libssh function returns SSH_AGAIN
  595. * meaning it wants to be called again when the socket is ready
  596. */
  597. static CURLcode myssh_statemach_act(struct Curl_easy *data, bool *block)
  598. {
  599. CURLcode result = CURLE_OK;
  600. struct connectdata *conn = data->conn;
  601. struct SSHPROTO *protop = data->req.p.ssh;
  602. struct ssh_conn *sshc = &conn->proto.sshc;
  603. curl_socket_t sock = conn->sock[FIRSTSOCKET];
  604. int rc = SSH_NO_ERROR, err;
  605. int seekerr = CURL_SEEKFUNC_OK;
  606. const char *err_msg;
  607. *block = 0; /* we are not blocking by default */
  608. do {
  609. switch(sshc->state) {
  610. case SSH_INIT:
  611. sshc->secondCreateDirs = 0;
  612. sshc->nextstate = SSH_NO_STATE;
  613. sshc->actualcode = CURLE_OK;
  614. #if 0
  615. ssh_set_log_level(SSH_LOG_PROTOCOL);
  616. #endif
  617. /* Set libssh to non-blocking, since everything internally is
  618. non-blocking */
  619. ssh_set_blocking(sshc->ssh_session, 0);
  620. state(data, SSH_S_STARTUP);
  621. FALLTHROUGH();
  622. case SSH_S_STARTUP:
  623. rc = ssh_connect(sshc->ssh_session);
  624. myssh_block2waitfor(conn, (rc == SSH_AGAIN));
  625. if(rc == SSH_AGAIN) {
  626. DEBUGF(infof(data, "ssh_connect -> EAGAIN"));
  627. break;
  628. }
  629. if(rc != SSH_OK) {
  630. failf(data, "Failure establishing ssh session");
  631. MOVE_TO_ERROR_STATE(CURLE_FAILED_INIT);
  632. break;
  633. }
  634. state(data, SSH_HOSTKEY);
  635. FALLTHROUGH();
  636. case SSH_HOSTKEY:
  637. rc = myssh_is_known(data);
  638. if(rc != SSH_OK) {
  639. MOVE_TO_ERROR_STATE(CURLE_PEER_FAILED_VERIFICATION);
  640. break;
  641. }
  642. state(data, SSH_AUTHLIST);
  643. FALLTHROUGH();
  644. case SSH_AUTHLIST:{
  645. sshc->authed = FALSE;
  646. rc = ssh_userauth_none(sshc->ssh_session, NULL);
  647. if(rc == SSH_AUTH_AGAIN) {
  648. rc = SSH_AGAIN;
  649. break;
  650. }
  651. if(rc == SSH_AUTH_SUCCESS) {
  652. sshc->authed = TRUE;
  653. infof(data, "Authenticated with none");
  654. state(data, SSH_AUTH_DONE);
  655. break;
  656. }
  657. else if(rc == SSH_AUTH_ERROR) {
  658. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  659. break;
  660. }
  661. sshc->auth_methods =
  662. (unsigned int)ssh_userauth_list(sshc->ssh_session, NULL);
  663. if(sshc->auth_methods)
  664. infof(data, "SSH authentication methods available: %s%s%s%s",
  665. sshc->auth_methods & SSH_AUTH_METHOD_PUBLICKEY ?
  666. "public key, ": "",
  667. sshc->auth_methods & SSH_AUTH_METHOD_GSSAPI_MIC ?
  668. "GSSAPI, " : "",
  669. sshc->auth_methods & SSH_AUTH_METHOD_INTERACTIVE ?
  670. "keyboard-interactive, " : "",
  671. sshc->auth_methods & SSH_AUTH_METHOD_PASSWORD ?
  672. "password": "");
  673. if(sshc->auth_methods & SSH_AUTH_METHOD_PUBLICKEY) {
  674. state(data, SSH_AUTH_PKEY_INIT);
  675. infof(data, "Authentication using SSH public key file");
  676. }
  677. else if(sshc->auth_methods & SSH_AUTH_METHOD_GSSAPI_MIC) {
  678. state(data, SSH_AUTH_GSSAPI);
  679. }
  680. else if(sshc->auth_methods & SSH_AUTH_METHOD_INTERACTIVE) {
  681. state(data, SSH_AUTH_KEY_INIT);
  682. }
  683. else if(sshc->auth_methods & SSH_AUTH_METHOD_PASSWORD) {
  684. state(data, SSH_AUTH_PASS_INIT);
  685. }
  686. else { /* unsupported authentication method */
  687. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  688. break;
  689. }
  690. break;
  691. }
  692. case SSH_AUTH_PKEY_INIT:
  693. if(!(data->set.ssh_auth_types & CURLSSH_AUTH_PUBLICKEY)) {
  694. MOVE_TO_GSSAPI_AUTH;
  695. break;
  696. }
  697. /* Two choices, (1) private key was given on CMD,
  698. * (2) use the "default" keys. */
  699. if(data->set.str[STRING_SSH_PRIVATE_KEY]) {
  700. if(sshc->pubkey && !data->set.ssl.key_passwd) {
  701. rc = ssh_userauth_try_publickey(sshc->ssh_session, NULL,
  702. sshc->pubkey);
  703. if(rc == SSH_AUTH_AGAIN) {
  704. rc = SSH_AGAIN;
  705. break;
  706. }
  707. if(rc != SSH_OK) {
  708. MOVE_TO_GSSAPI_AUTH;
  709. break;
  710. }
  711. }
  712. rc = ssh_pki_import_privkey_file(data->
  713. set.str[STRING_SSH_PRIVATE_KEY],
  714. data->set.ssl.key_passwd, NULL,
  715. NULL, &sshc->privkey);
  716. if(rc != SSH_OK) {
  717. failf(data, "Could not load private key file %s",
  718. data->set.str[STRING_SSH_PRIVATE_KEY]);
  719. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  720. break;
  721. }
  722. state(data, SSH_AUTH_PKEY);
  723. break;
  724. }
  725. else {
  726. rc = ssh_userauth_publickey_auto(sshc->ssh_session, NULL,
  727. data->set.ssl.key_passwd);
  728. if(rc == SSH_AUTH_AGAIN) {
  729. rc = SSH_AGAIN;
  730. break;
  731. }
  732. if(rc == SSH_AUTH_SUCCESS) {
  733. rc = SSH_OK;
  734. sshc->authed = TRUE;
  735. infof(data, "Completed public key authentication");
  736. state(data, SSH_AUTH_DONE);
  737. break;
  738. }
  739. MOVE_TO_GSSAPI_AUTH;
  740. }
  741. break;
  742. case SSH_AUTH_PKEY:
  743. rc = ssh_userauth_publickey(sshc->ssh_session, NULL, sshc->privkey);
  744. if(rc == SSH_AUTH_AGAIN) {
  745. rc = SSH_AGAIN;
  746. break;
  747. }
  748. if(rc == SSH_AUTH_SUCCESS) {
  749. sshc->authed = TRUE;
  750. infof(data, "Completed public key authentication");
  751. state(data, SSH_AUTH_DONE);
  752. break;
  753. }
  754. else {
  755. infof(data, "Failed public key authentication (rc: %d)", rc);
  756. MOVE_TO_GSSAPI_AUTH;
  757. }
  758. break;
  759. case SSH_AUTH_GSSAPI:
  760. if(!(data->set.ssh_auth_types & CURLSSH_AUTH_GSSAPI)) {
  761. MOVE_TO_KEY_AUTH;
  762. break;
  763. }
  764. rc = ssh_userauth_gssapi(sshc->ssh_session);
  765. if(rc == SSH_AUTH_AGAIN) {
  766. rc = SSH_AGAIN;
  767. break;
  768. }
  769. if(rc == SSH_AUTH_SUCCESS) {
  770. rc = SSH_OK;
  771. sshc->authed = TRUE;
  772. infof(data, "Completed gssapi authentication");
  773. state(data, SSH_AUTH_DONE);
  774. break;
  775. }
  776. MOVE_TO_KEY_AUTH;
  777. break;
  778. case SSH_AUTH_KEY_INIT:
  779. if(data->set.ssh_auth_types & CURLSSH_AUTH_KEYBOARD) {
  780. state(data, SSH_AUTH_KEY);
  781. }
  782. else {
  783. MOVE_TO_PASSWD_AUTH;
  784. }
  785. break;
  786. case SSH_AUTH_KEY:
  787. /* keyboard-interactive authentication */
  788. rc = myssh_auth_interactive(conn);
  789. if(rc == SSH_AGAIN) {
  790. break;
  791. }
  792. if(rc == SSH_OK) {
  793. sshc->authed = TRUE;
  794. infof(data, "completed keyboard interactive authentication");
  795. state(data, SSH_AUTH_DONE);
  796. }
  797. else {
  798. MOVE_TO_PASSWD_AUTH;
  799. }
  800. break;
  801. case SSH_AUTH_PASS_INIT:
  802. if(!(data->set.ssh_auth_types & CURLSSH_AUTH_PASSWORD)) {
  803. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  804. break;
  805. }
  806. state(data, SSH_AUTH_PASS);
  807. FALLTHROUGH();
  808. case SSH_AUTH_PASS:
  809. rc = ssh_userauth_password(sshc->ssh_session, NULL, conn->passwd);
  810. if(rc == SSH_AUTH_AGAIN) {
  811. rc = SSH_AGAIN;
  812. break;
  813. }
  814. if(rc == SSH_AUTH_SUCCESS) {
  815. sshc->authed = TRUE;
  816. infof(data, "Completed password authentication");
  817. state(data, SSH_AUTH_DONE);
  818. }
  819. else {
  820. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  821. }
  822. break;
  823. case SSH_AUTH_DONE:
  824. if(!sshc->authed) {
  825. failf(data, "Authentication failure");
  826. MOVE_TO_ERROR_STATE(CURLE_LOGIN_DENIED);
  827. break;
  828. }
  829. /*
  830. * At this point we have an authenticated ssh session.
  831. */
  832. infof(data, "Authentication complete");
  833. Curl_pgrsTime(data, TIMER_APPCONNECT); /* SSH is connected */
  834. conn->sockfd = sock;
  835. conn->writesockfd = CURL_SOCKET_BAD;
  836. if(conn->handler->protocol == CURLPROTO_SFTP) {
  837. state(data, SSH_SFTP_INIT);
  838. break;
  839. }
  840. infof(data, "SSH CONNECT phase done");
  841. state(data, SSH_STOP);
  842. break;
  843. case SSH_SFTP_INIT:
  844. ssh_set_blocking(sshc->ssh_session, 1);
  845. sshc->sftp_session = sftp_new(sshc->ssh_session);
  846. if(!sshc->sftp_session) {
  847. failf(data, "Failure initializing sftp session: %s",
  848. ssh_get_error(sshc->ssh_session));
  849. MOVE_TO_ERROR_STATE(CURLE_COULDNT_CONNECT);
  850. break;
  851. }
  852. rc = sftp_init(sshc->sftp_session);
  853. if(rc != SSH_OK) {
  854. failf(data, "Failure initializing sftp session: %s",
  855. ssh_get_error(sshc->ssh_session));
  856. MOVE_TO_ERROR_STATE(sftp_error_to_CURLE(SSH_FX_FAILURE));
  857. break;
  858. }
  859. state(data, SSH_SFTP_REALPATH);
  860. FALLTHROUGH();
  861. case SSH_SFTP_REALPATH:
  862. /*
  863. * Get the "home" directory
  864. */
  865. sshc->homedir = sftp_canonicalize_path(sshc->sftp_session, ".");
  866. if(!sshc->homedir) {
  867. MOVE_TO_ERROR_STATE(CURLE_COULDNT_CONNECT);
  868. break;
  869. }
  870. data->state.most_recent_ftp_entrypath = sshc->homedir;
  871. /* This is the last step in the SFTP connect phase. Do note that while
  872. we get the homedir here, we get the "workingpath" in the DO action
  873. since the homedir will remain the same between request but the
  874. working path will not. */
  875. DEBUGF(infof(data, "SSH CONNECT phase done"));
  876. state(data, SSH_STOP);
  877. break;
  878. case SSH_SFTP_QUOTE_INIT:
  879. result = Curl_getworkingpath(data, sshc->homedir, &protop->path);
  880. if(result) {
  881. sshc->actualcode = result;
  882. state(data, SSH_STOP);
  883. break;
  884. }
  885. if(data->set.quote) {
  886. infof(data, "Sending quote commands");
  887. sshc->quote_item = data->set.quote;
  888. state(data, SSH_SFTP_QUOTE);
  889. }
  890. else {
  891. state(data, SSH_SFTP_GETINFO);
  892. }
  893. break;
  894. case SSH_SFTP_POSTQUOTE_INIT:
  895. if(data->set.postquote) {
  896. infof(data, "Sending quote commands");
  897. sshc->quote_item = data->set.postquote;
  898. state(data, SSH_SFTP_QUOTE);
  899. }
  900. else {
  901. state(data, SSH_STOP);
  902. }
  903. break;
  904. case SSH_SFTP_QUOTE:
  905. /* Send any quote commands */
  906. sftp_quote(data);
  907. break;
  908. case SSH_SFTP_NEXT_QUOTE:
  909. Curl_safefree(sshc->quote_path1);
  910. Curl_safefree(sshc->quote_path2);
  911. sshc->quote_item = sshc->quote_item->next;
  912. if(sshc->quote_item) {
  913. state(data, SSH_SFTP_QUOTE);
  914. }
  915. else {
  916. if(sshc->nextstate != SSH_NO_STATE) {
  917. state(data, sshc->nextstate);
  918. sshc->nextstate = SSH_NO_STATE;
  919. }
  920. else {
  921. state(data, SSH_SFTP_GETINFO);
  922. }
  923. }
  924. break;
  925. case SSH_SFTP_QUOTE_STAT:
  926. sftp_quote_stat(data);
  927. break;
  928. case SSH_SFTP_QUOTE_SETSTAT:
  929. rc = sftp_setstat(sshc->sftp_session, sshc->quote_path2,
  930. sshc->quote_attrs);
  931. if(rc && !sshc->acceptfail) {
  932. Curl_safefree(sshc->quote_path1);
  933. Curl_safefree(sshc->quote_path2);
  934. failf(data, "Attempt to set SFTP stats failed: %s",
  935. ssh_get_error(sshc->ssh_session));
  936. state(data, SSH_SFTP_CLOSE);
  937. sshc->nextstate = SSH_NO_STATE;
  938. sshc->actualcode = CURLE_QUOTE_ERROR;
  939. /* sshc->actualcode = sftp_error_to_CURLE(err);
  940. * we do not send the actual error; we return
  941. * the error the libssh2 backend is returning */
  942. break;
  943. }
  944. state(data, SSH_SFTP_NEXT_QUOTE);
  945. break;
  946. case SSH_SFTP_QUOTE_SYMLINK:
  947. rc = sftp_symlink(sshc->sftp_session, sshc->quote_path2,
  948. sshc->quote_path1);
  949. if(rc && !sshc->acceptfail) {
  950. Curl_safefree(sshc->quote_path1);
  951. Curl_safefree(sshc->quote_path2);
  952. failf(data, "symlink command failed: %s",
  953. ssh_get_error(sshc->ssh_session));
  954. state(data, SSH_SFTP_CLOSE);
  955. sshc->nextstate = SSH_NO_STATE;
  956. sshc->actualcode = CURLE_QUOTE_ERROR;
  957. break;
  958. }
  959. state(data, SSH_SFTP_NEXT_QUOTE);
  960. break;
  961. case SSH_SFTP_QUOTE_MKDIR:
  962. rc = sftp_mkdir(sshc->sftp_session, sshc->quote_path1,
  963. (mode_t)data->set.new_directory_perms);
  964. if(rc && !sshc->acceptfail) {
  965. Curl_safefree(sshc->quote_path1);
  966. failf(data, "mkdir command failed: %s",
  967. ssh_get_error(sshc->ssh_session));
  968. state(data, SSH_SFTP_CLOSE);
  969. sshc->nextstate = SSH_NO_STATE;
  970. sshc->actualcode = CURLE_QUOTE_ERROR;
  971. break;
  972. }
  973. state(data, SSH_SFTP_NEXT_QUOTE);
  974. break;
  975. case SSH_SFTP_QUOTE_RENAME:
  976. rc = sftp_rename(sshc->sftp_session, sshc->quote_path1,
  977. sshc->quote_path2);
  978. if(rc && !sshc->acceptfail) {
  979. Curl_safefree(sshc->quote_path1);
  980. Curl_safefree(sshc->quote_path2);
  981. failf(data, "rename command failed: %s",
  982. ssh_get_error(sshc->ssh_session));
  983. state(data, SSH_SFTP_CLOSE);
  984. sshc->nextstate = SSH_NO_STATE;
  985. sshc->actualcode = CURLE_QUOTE_ERROR;
  986. break;
  987. }
  988. state(data, SSH_SFTP_NEXT_QUOTE);
  989. break;
  990. case SSH_SFTP_QUOTE_RMDIR:
  991. rc = sftp_rmdir(sshc->sftp_session, sshc->quote_path1);
  992. if(rc && !sshc->acceptfail) {
  993. Curl_safefree(sshc->quote_path1);
  994. failf(data, "rmdir command failed: %s",
  995. ssh_get_error(sshc->ssh_session));
  996. state(data, SSH_SFTP_CLOSE);
  997. sshc->nextstate = SSH_NO_STATE;
  998. sshc->actualcode = CURLE_QUOTE_ERROR;
  999. break;
  1000. }
  1001. state(data, SSH_SFTP_NEXT_QUOTE);
  1002. break;
  1003. case SSH_SFTP_QUOTE_UNLINK:
  1004. rc = sftp_unlink(sshc->sftp_session, sshc->quote_path1);
  1005. if(rc && !sshc->acceptfail) {
  1006. Curl_safefree(sshc->quote_path1);
  1007. failf(data, "rm command failed: %s",
  1008. ssh_get_error(sshc->ssh_session));
  1009. state(data, SSH_SFTP_CLOSE);
  1010. sshc->nextstate = SSH_NO_STATE;
  1011. sshc->actualcode = CURLE_QUOTE_ERROR;
  1012. break;
  1013. }
  1014. state(data, SSH_SFTP_NEXT_QUOTE);
  1015. break;
  1016. case SSH_SFTP_QUOTE_STATVFS:
  1017. {
  1018. sftp_statvfs_t statvfs;
  1019. statvfs = sftp_statvfs(sshc->sftp_session, sshc->quote_path1);
  1020. if(!statvfs && !sshc->acceptfail) {
  1021. Curl_safefree(sshc->quote_path1);
  1022. failf(data, "statvfs command failed: %s",
  1023. ssh_get_error(sshc->ssh_session));
  1024. state(data, SSH_SFTP_CLOSE);
  1025. sshc->nextstate = SSH_NO_STATE;
  1026. sshc->actualcode = CURLE_QUOTE_ERROR;
  1027. break;
  1028. }
  1029. else if(statvfs) {
  1030. #ifdef _MSC_VER
  1031. #define CURL_LIBSSH_VFS_SIZE_MASK "I64u"
  1032. #else
  1033. #define CURL_LIBSSH_VFS_SIZE_MASK PRIu64
  1034. #endif
  1035. char *tmp = aprintf("statvfs:\n"
  1036. "f_bsize: %" CURL_LIBSSH_VFS_SIZE_MASK "\n"
  1037. "f_frsize: %" CURL_LIBSSH_VFS_SIZE_MASK "\n"
  1038. "f_blocks: %" CURL_LIBSSH_VFS_SIZE_MASK "\n"
  1039. "f_bfree: %" CURL_LIBSSH_VFS_SIZE_MASK "\n"
  1040. "f_bavail: %" CURL_LIBSSH_VFS_SIZE_MASK "\n"
  1041. "f_files: %" CURL_LIBSSH_VFS_SIZE_MASK "\n"
  1042. "f_ffree: %" CURL_LIBSSH_VFS_SIZE_MASK "\n"
  1043. "f_favail: %" CURL_LIBSSH_VFS_SIZE_MASK "\n"
  1044. "f_fsid: %" CURL_LIBSSH_VFS_SIZE_MASK "\n"
  1045. "f_flag: %" CURL_LIBSSH_VFS_SIZE_MASK "\n"
  1046. "f_namemax: %" CURL_LIBSSH_VFS_SIZE_MASK "\n",
  1047. statvfs->f_bsize, statvfs->f_frsize,
  1048. statvfs->f_blocks, statvfs->f_bfree,
  1049. statvfs->f_bavail, statvfs->f_files,
  1050. statvfs->f_ffree, statvfs->f_favail,
  1051. statvfs->f_fsid, statvfs->f_flag,
  1052. statvfs->f_namemax);
  1053. sftp_statvfs_free(statvfs);
  1054. if(!tmp) {
  1055. result = CURLE_OUT_OF_MEMORY;
  1056. state(data, SSH_SFTP_CLOSE);
  1057. sshc->nextstate = SSH_NO_STATE;
  1058. break;
  1059. }
  1060. result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp));
  1061. free(tmp);
  1062. if(result) {
  1063. state(data, SSH_SFTP_CLOSE);
  1064. sshc->nextstate = SSH_NO_STATE;
  1065. sshc->actualcode = result;
  1066. }
  1067. }
  1068. state(data, SSH_SFTP_NEXT_QUOTE);
  1069. break;
  1070. }
  1071. case SSH_SFTP_GETINFO:
  1072. if(data->set.get_filetime) {
  1073. state(data, SSH_SFTP_FILETIME);
  1074. }
  1075. else {
  1076. state(data, SSH_SFTP_TRANS_INIT);
  1077. }
  1078. break;
  1079. case SSH_SFTP_FILETIME:
  1080. {
  1081. sftp_attributes attrs;
  1082. attrs = sftp_stat(sshc->sftp_session, protop->path);
  1083. if(attrs) {
  1084. data->info.filetime = attrs->mtime;
  1085. sftp_attributes_free(attrs);
  1086. }
  1087. state(data, SSH_SFTP_TRANS_INIT);
  1088. break;
  1089. }
  1090. case SSH_SFTP_TRANS_INIT:
  1091. if(data->state.upload)
  1092. state(data, SSH_SFTP_UPLOAD_INIT);
  1093. else {
  1094. if(protop->path[strlen(protop->path)-1] == '/')
  1095. state(data, SSH_SFTP_READDIR_INIT);
  1096. else
  1097. state(data, SSH_SFTP_DOWNLOAD_INIT);
  1098. }
  1099. break;
  1100. case SSH_SFTP_UPLOAD_INIT:
  1101. {
  1102. int flags;
  1103. if(data->state.resume_from) {
  1104. sftp_attributes attrs;
  1105. if(data->state.resume_from < 0) {
  1106. attrs = sftp_stat(sshc->sftp_session, protop->path);
  1107. if(attrs) {
  1108. curl_off_t size = attrs->size;
  1109. if(size < 0) {
  1110. failf(data, "Bad file size (%" FMT_OFF_T ")", size);
  1111. MOVE_TO_ERROR_STATE(CURLE_BAD_DOWNLOAD_RESUME);
  1112. break;
  1113. }
  1114. data->state.resume_from = attrs->size;
  1115. sftp_attributes_free(attrs);
  1116. }
  1117. else {
  1118. data->state.resume_from = 0;
  1119. }
  1120. }
  1121. }
  1122. if(data->set.remote_append)
  1123. /* Try to open for append, but create if nonexisting */
  1124. flags = O_WRONLY|O_CREAT|O_APPEND;
  1125. else if(data->state.resume_from > 0)
  1126. /* If we have restart position then open for append */
  1127. flags = O_WRONLY|O_APPEND;
  1128. else
  1129. /* Clear file before writing (normal behavior) */
  1130. flags = O_WRONLY|O_CREAT|O_TRUNC;
  1131. if(sshc->sftp_file)
  1132. sftp_close(sshc->sftp_file);
  1133. sshc->sftp_file =
  1134. sftp_open(sshc->sftp_session, protop->path,
  1135. flags, (mode_t)data->set.new_file_perms);
  1136. if(!sshc->sftp_file) {
  1137. err = sftp_get_error(sshc->sftp_session);
  1138. if(((err == SSH_FX_NO_SUCH_FILE || err == SSH_FX_FAILURE ||
  1139. err == SSH_FX_NO_SUCH_PATH)) &&
  1140. (data->set.ftp_create_missing_dirs &&
  1141. (strlen(protop->path) > 1))) {
  1142. /* try to create the path remotely */
  1143. rc = 0;
  1144. sshc->secondCreateDirs = 1;
  1145. state(data, SSH_SFTP_CREATE_DIRS_INIT);
  1146. break;
  1147. }
  1148. else {
  1149. MOVE_TO_SFTP_CLOSE_STATE();
  1150. break;
  1151. }
  1152. }
  1153. /* If we have a restart point then we need to seek to the correct
  1154. position. */
  1155. if(data->state.resume_from > 0) {
  1156. /* Let's read off the proper amount of bytes from the input. */
  1157. if(data->set.seek_func) {
  1158. Curl_set_in_callback(data, TRUE);
  1159. seekerr = data->set.seek_func(data->set.seek_client,
  1160. data->state.resume_from, SEEK_SET);
  1161. Curl_set_in_callback(data, FALSE);
  1162. }
  1163. if(seekerr != CURL_SEEKFUNC_OK) {
  1164. curl_off_t passed = 0;
  1165. if(seekerr != CURL_SEEKFUNC_CANTSEEK) {
  1166. failf(data, "Could not seek stream");
  1167. return CURLE_FTP_COULDNT_USE_REST;
  1168. }
  1169. /* seekerr == CURL_SEEKFUNC_CANTSEEK (cannot seek to offset) */
  1170. do {
  1171. char scratch[4*1024];
  1172. size_t readthisamountnow =
  1173. (data->state.resume_from - passed >
  1174. (curl_off_t)sizeof(scratch)) ?
  1175. sizeof(scratch) : curlx_sotouz(data->state.resume_from - passed);
  1176. size_t actuallyread =
  1177. data->state.fread_func(scratch, 1,
  1178. readthisamountnow, data->state.in);
  1179. passed += actuallyread;
  1180. if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
  1181. /* this checks for greater-than only to make sure that the
  1182. CURL_READFUNC_ABORT return code still aborts */
  1183. failf(data, "Failed to read data");
  1184. MOVE_TO_ERROR_STATE(CURLE_FTP_COULDNT_USE_REST);
  1185. break;
  1186. }
  1187. } while(passed < data->state.resume_from);
  1188. if(rc)
  1189. break;
  1190. }
  1191. /* now, decrease the size of the read */
  1192. if(data->state.infilesize > 0) {
  1193. data->state.infilesize -= data->state.resume_from;
  1194. data->req.size = data->state.infilesize;
  1195. Curl_pgrsSetUploadSize(data, data->state.infilesize);
  1196. }
  1197. rc = sftp_seek64(sshc->sftp_file, data->state.resume_from);
  1198. if(rc) {
  1199. MOVE_TO_SFTP_CLOSE_STATE();
  1200. break;
  1201. }
  1202. }
  1203. if(data->state.infilesize > 0) {
  1204. data->req.size = data->state.infilesize;
  1205. Curl_pgrsSetUploadSize(data, data->state.infilesize);
  1206. }
  1207. /* upload data */
  1208. Curl_xfer_setup1(data, CURL_XFER_SEND, -1, FALSE);
  1209. /* not set by Curl_xfer_setup to preserve keepon bits */
  1210. conn->sockfd = conn->writesockfd;
  1211. /* store this original bitmask setup to use later on if we cannot
  1212. figure out a "real" bitmask */
  1213. sshc->orig_waitfor = data->req.keepon;
  1214. /* we want to use the _sending_ function even when the socket turns
  1215. out readable as the underlying libssh sftp send function will deal
  1216. with both accordingly */
  1217. data->state.select_bits = CURL_CSELECT_OUT;
  1218. /* since we do not really wait for anything at this point, we want the
  1219. state machine to move on as soon as possible so we set a very short
  1220. timeout here */
  1221. Curl_expire(data, 0, EXPIRE_RUN_NOW);
  1222. state(data, SSH_STOP);
  1223. break;
  1224. }
  1225. case SSH_SFTP_CREATE_DIRS_INIT:
  1226. if(strlen(protop->path) > 1) {
  1227. sshc->slash_pos = protop->path + 1; /* ignore the leading '/' */
  1228. state(data, SSH_SFTP_CREATE_DIRS);
  1229. }
  1230. else {
  1231. state(data, SSH_SFTP_UPLOAD_INIT);
  1232. }
  1233. break;
  1234. case SSH_SFTP_CREATE_DIRS:
  1235. sshc->slash_pos = strchr(sshc->slash_pos, '/');
  1236. if(sshc->slash_pos) {
  1237. *sshc->slash_pos = 0;
  1238. infof(data, "Creating directory '%s'", protop->path);
  1239. state(data, SSH_SFTP_CREATE_DIRS_MKDIR);
  1240. break;
  1241. }
  1242. state(data, SSH_SFTP_UPLOAD_INIT);
  1243. break;
  1244. case SSH_SFTP_CREATE_DIRS_MKDIR:
  1245. /* 'mode' - parameter is preliminary - default to 0644 */
  1246. rc = sftp_mkdir(sshc->sftp_session, protop->path,
  1247. (mode_t)data->set.new_directory_perms);
  1248. *sshc->slash_pos = '/';
  1249. ++sshc->slash_pos;
  1250. if(rc < 0) {
  1251. /*
  1252. * Abort if failure was not that the dir already exists or the
  1253. * permission was denied (creation might succeed further down the
  1254. * path) - retry on unspecific FAILURE also
  1255. */
  1256. err = sftp_get_error(sshc->sftp_session);
  1257. if((err != SSH_FX_FILE_ALREADY_EXISTS) &&
  1258. (err != SSH_FX_FAILURE) &&
  1259. (err != SSH_FX_PERMISSION_DENIED)) {
  1260. MOVE_TO_SFTP_CLOSE_STATE();
  1261. break;
  1262. }
  1263. rc = 0; /* clear rc and continue */
  1264. }
  1265. state(data, SSH_SFTP_CREATE_DIRS);
  1266. break;
  1267. case SSH_SFTP_READDIR_INIT:
  1268. Curl_pgrsSetDownloadSize(data, -1);
  1269. if(data->req.no_body) {
  1270. state(data, SSH_STOP);
  1271. break;
  1272. }
  1273. /*
  1274. * This is a directory that we are trying to get, so produce a directory
  1275. * listing
  1276. */
  1277. sshc->sftp_dir = sftp_opendir(sshc->sftp_session,
  1278. protop->path);
  1279. if(!sshc->sftp_dir) {
  1280. failf(data, "Could not open directory for reading: %s",
  1281. ssh_get_error(sshc->ssh_session));
  1282. MOVE_TO_SFTP_CLOSE_STATE();
  1283. break;
  1284. }
  1285. state(data, SSH_SFTP_READDIR);
  1286. break;
  1287. case SSH_SFTP_READDIR:
  1288. Curl_dyn_reset(&sshc->readdir_buf);
  1289. if(sshc->readdir_attrs)
  1290. sftp_attributes_free(sshc->readdir_attrs);
  1291. sshc->readdir_attrs = sftp_readdir(sshc->sftp_session, sshc->sftp_dir);
  1292. if(sshc->readdir_attrs) {
  1293. sshc->readdir_filename = sshc->readdir_attrs->name;
  1294. sshc->readdir_longentry = sshc->readdir_attrs->longname;
  1295. sshc->readdir_len = strlen(sshc->readdir_filename);
  1296. if(data->set.list_only) {
  1297. char *tmpLine;
  1298. tmpLine = aprintf("%s\n", sshc->readdir_filename);
  1299. if(!tmpLine) {
  1300. state(data, SSH_SFTP_CLOSE);
  1301. sshc->actualcode = CURLE_OUT_OF_MEMORY;
  1302. break;
  1303. }
  1304. result = Curl_client_write(data, CLIENTWRITE_BODY,
  1305. tmpLine, sshc->readdir_len + 1);
  1306. free(tmpLine);
  1307. if(result) {
  1308. state(data, SSH_STOP);
  1309. break;
  1310. }
  1311. }
  1312. else {
  1313. if(Curl_dyn_add(&sshc->readdir_buf, sshc->readdir_longentry)) {
  1314. sshc->actualcode = CURLE_OUT_OF_MEMORY;
  1315. state(data, SSH_STOP);
  1316. break;
  1317. }
  1318. if((sshc->readdir_attrs->flags & SSH_FILEXFER_ATTR_PERMISSIONS) &&
  1319. ((sshc->readdir_attrs->permissions & SSH_S_IFMT) ==
  1320. SSH_S_IFLNK)) {
  1321. sshc->readdir_linkPath = aprintf("%s%s", protop->path,
  1322. sshc->readdir_filename);
  1323. if(!sshc->readdir_linkPath) {
  1324. state(data, SSH_SFTP_CLOSE);
  1325. sshc->actualcode = CURLE_OUT_OF_MEMORY;
  1326. break;
  1327. }
  1328. state(data, SSH_SFTP_READDIR_LINK);
  1329. break;
  1330. }
  1331. state(data, SSH_SFTP_READDIR_BOTTOM);
  1332. break;
  1333. }
  1334. }
  1335. else if(sftp_dir_eof(sshc->sftp_dir)) {
  1336. state(data, SSH_SFTP_READDIR_DONE);
  1337. break;
  1338. }
  1339. else {
  1340. failf(data, "Could not open remote file for reading: %s",
  1341. ssh_get_error(sshc->ssh_session));
  1342. MOVE_TO_SFTP_CLOSE_STATE();
  1343. break;
  1344. }
  1345. break;
  1346. case SSH_SFTP_READDIR_LINK:
  1347. if(sshc->readdir_link_attrs)
  1348. sftp_attributes_free(sshc->readdir_link_attrs);
  1349. sshc->readdir_link_attrs = sftp_lstat(sshc->sftp_session,
  1350. sshc->readdir_linkPath);
  1351. if(sshc->readdir_link_attrs == 0) {
  1352. failf(data, "Could not read symlink for reading: %s",
  1353. ssh_get_error(sshc->ssh_session));
  1354. MOVE_TO_SFTP_CLOSE_STATE();
  1355. break;
  1356. }
  1357. if(!sshc->readdir_link_attrs->name) {
  1358. sshc->readdir_tmp = sftp_readlink(sshc->sftp_session,
  1359. sshc->readdir_linkPath);
  1360. if(!sshc->readdir_filename)
  1361. sshc->readdir_len = 0;
  1362. else
  1363. sshc->readdir_len = strlen(sshc->readdir_tmp);
  1364. sshc->readdir_longentry = NULL;
  1365. sshc->readdir_filename = sshc->readdir_tmp;
  1366. }
  1367. else {
  1368. sshc->readdir_len = strlen(sshc->readdir_link_attrs->name);
  1369. sshc->readdir_filename = sshc->readdir_link_attrs->name;
  1370. sshc->readdir_longentry = sshc->readdir_link_attrs->longname;
  1371. }
  1372. Curl_safefree(sshc->readdir_linkPath);
  1373. if(Curl_dyn_addf(&sshc->readdir_buf, " -> %s",
  1374. sshc->readdir_filename)) {
  1375. sshc->actualcode = CURLE_OUT_OF_MEMORY;
  1376. break;
  1377. }
  1378. sftp_attributes_free(sshc->readdir_link_attrs);
  1379. sshc->readdir_link_attrs = NULL;
  1380. sshc->readdir_filename = NULL;
  1381. sshc->readdir_longentry = NULL;
  1382. state(data, SSH_SFTP_READDIR_BOTTOM);
  1383. FALLTHROUGH();
  1384. case SSH_SFTP_READDIR_BOTTOM:
  1385. if(Curl_dyn_addn(&sshc->readdir_buf, "\n", 1))
  1386. result = CURLE_OUT_OF_MEMORY;
  1387. else
  1388. result = Curl_client_write(data, CLIENTWRITE_BODY,
  1389. Curl_dyn_ptr(&sshc->readdir_buf),
  1390. Curl_dyn_len(&sshc->readdir_buf));
  1391. ssh_string_free_char(sshc->readdir_tmp);
  1392. sshc->readdir_tmp = NULL;
  1393. if(result) {
  1394. state(data, SSH_STOP);
  1395. }
  1396. else
  1397. state(data, SSH_SFTP_READDIR);
  1398. break;
  1399. case SSH_SFTP_READDIR_DONE:
  1400. sftp_closedir(sshc->sftp_dir);
  1401. sshc->sftp_dir = NULL;
  1402. /* no data to transfer */
  1403. Curl_xfer_setup_nop(data);
  1404. state(data, SSH_STOP);
  1405. break;
  1406. case SSH_SFTP_DOWNLOAD_INIT:
  1407. /*
  1408. * Work on getting the specified file
  1409. */
  1410. if(sshc->sftp_file)
  1411. sftp_close(sshc->sftp_file);
  1412. sshc->sftp_file = sftp_open(sshc->sftp_session, protop->path,
  1413. O_RDONLY, (mode_t)data->set.new_file_perms);
  1414. if(!sshc->sftp_file) {
  1415. failf(data, "Could not open remote file for reading: %s",
  1416. ssh_get_error(sshc->ssh_session));
  1417. MOVE_TO_SFTP_CLOSE_STATE();
  1418. break;
  1419. }
  1420. sftp_file_set_nonblocking(sshc->sftp_file);
  1421. state(data, SSH_SFTP_DOWNLOAD_STAT);
  1422. break;
  1423. case SSH_SFTP_DOWNLOAD_STAT:
  1424. {
  1425. sftp_attributes attrs;
  1426. curl_off_t size;
  1427. attrs = sftp_fstat(sshc->sftp_file);
  1428. if(!attrs ||
  1429. !(attrs->flags & SSH_FILEXFER_ATTR_SIZE) ||
  1430. (attrs->size == 0)) {
  1431. /*
  1432. * sftp_fstat did not return an error, so maybe the server
  1433. * just does not support stat()
  1434. * OR the server does not return a file size with a stat()
  1435. * OR file size is 0
  1436. */
  1437. data->req.size = -1;
  1438. data->req.maxdownload = -1;
  1439. Curl_pgrsSetDownloadSize(data, -1);
  1440. size = 0;
  1441. }
  1442. else {
  1443. size = attrs->size;
  1444. sftp_attributes_free(attrs);
  1445. if(size < 0) {
  1446. failf(data, "Bad file size (%" FMT_OFF_T ")", size);
  1447. return CURLE_BAD_DOWNLOAD_RESUME;
  1448. }
  1449. if(data->state.use_range) {
  1450. curl_off_t from, to;
  1451. char *ptr;
  1452. char *ptr2;
  1453. CURLofft to_t;
  1454. CURLofft from_t;
  1455. from_t = curlx_strtoofft(data->state.range, &ptr, 10, &from);
  1456. if(from_t == CURL_OFFT_FLOW) {
  1457. return CURLE_RANGE_ERROR;
  1458. }
  1459. while(*ptr && (ISBLANK(*ptr) || (*ptr == '-')))
  1460. ptr++;
  1461. to_t = curlx_strtoofft(ptr, &ptr2, 10, &to);
  1462. if(to_t == CURL_OFFT_FLOW) {
  1463. return CURLE_RANGE_ERROR;
  1464. }
  1465. if((to_t == CURL_OFFT_INVAL) /* no "to" value given */
  1466. || (to >= size)) {
  1467. to = size - 1;
  1468. }
  1469. if(from_t) {
  1470. /* from is relative to end of file */
  1471. from = size - to;
  1472. to = size - 1;
  1473. }
  1474. if(from > size) {
  1475. failf(data, "Offset (%" FMT_OFF_T ") was beyond file size (%"
  1476. FMT_OFF_T ")", from, size);
  1477. return CURLE_BAD_DOWNLOAD_RESUME;
  1478. }
  1479. if(from > to) {
  1480. from = to;
  1481. size = 0;
  1482. }
  1483. else {
  1484. if((to - from) == CURL_OFF_T_MAX)
  1485. return CURLE_RANGE_ERROR;
  1486. size = to - from + 1;
  1487. }
  1488. rc = sftp_seek64(sshc->sftp_file, from);
  1489. if(rc) {
  1490. MOVE_TO_SFTP_CLOSE_STATE();
  1491. break;
  1492. }
  1493. }
  1494. data->req.size = size;
  1495. data->req.maxdownload = size;
  1496. Curl_pgrsSetDownloadSize(data, size);
  1497. }
  1498. /* We can resume if we can seek to the resume position */
  1499. if(data->state.resume_from) {
  1500. if(data->state.resume_from < 0) {
  1501. /* We are supposed to download the last abs(from) bytes */
  1502. if((curl_off_t)size < -data->state.resume_from) {
  1503. failf(data, "Offset (%" FMT_OFF_T ") was beyond file size (%"
  1504. FMT_OFF_T ")", data->state.resume_from, size);
  1505. return CURLE_BAD_DOWNLOAD_RESUME;
  1506. }
  1507. /* download from where? */
  1508. data->state.resume_from += size;
  1509. }
  1510. else {
  1511. if((curl_off_t)size < data->state.resume_from) {
  1512. failf(data, "Offset (%" FMT_OFF_T
  1513. ") was beyond file size (%" FMT_OFF_T ")",
  1514. data->state.resume_from, size);
  1515. return CURLE_BAD_DOWNLOAD_RESUME;
  1516. }
  1517. }
  1518. /* Now store the number of bytes we are expected to download */
  1519. data->req.size = size - data->state.resume_from;
  1520. data->req.maxdownload = size - data->state.resume_from;
  1521. Curl_pgrsSetDownloadSize(data,
  1522. size - data->state.resume_from);
  1523. rc = sftp_seek64(sshc->sftp_file, data->state.resume_from);
  1524. if(rc) {
  1525. MOVE_TO_SFTP_CLOSE_STATE();
  1526. break;
  1527. }
  1528. }
  1529. }
  1530. /* Setup the actual download */
  1531. if(data->req.size == 0) {
  1532. /* no data to transfer */
  1533. Curl_xfer_setup_nop(data);
  1534. infof(data, "File already completely downloaded");
  1535. state(data, SSH_STOP);
  1536. break;
  1537. }
  1538. Curl_xfer_setup1(data, CURL_XFER_RECV, data->req.size, FALSE);
  1539. /* not set by Curl_xfer_setup to preserve keepon bits */
  1540. conn->writesockfd = conn->sockfd;
  1541. /* we want to use the _receiving_ function even when the socket turns
  1542. out writableable as the underlying libssh recv function will deal
  1543. with both accordingly */
  1544. data->state.select_bits = CURL_CSELECT_IN;
  1545. if(result) {
  1546. /* this should never occur; the close state should be entered
  1547. at the time the error occurs */
  1548. state(data, SSH_SFTP_CLOSE);
  1549. sshc->actualcode = result;
  1550. }
  1551. else {
  1552. sshc->sftp_recv_state = 0;
  1553. state(data, SSH_STOP);
  1554. }
  1555. break;
  1556. case SSH_SFTP_CLOSE:
  1557. if(sshc->sftp_file) {
  1558. sftp_close(sshc->sftp_file);
  1559. sshc->sftp_file = NULL;
  1560. }
  1561. Curl_safefree(protop->path);
  1562. DEBUGF(infof(data, "SFTP DONE done"));
  1563. /* Check if nextstate is set and move .nextstate could be POSTQUOTE_INIT
  1564. After nextstate is executed, the control should come back to
  1565. SSH_SFTP_CLOSE to pass the correct result back */
  1566. if(sshc->nextstate != SSH_NO_STATE &&
  1567. sshc->nextstate != SSH_SFTP_CLOSE) {
  1568. state(data, sshc->nextstate);
  1569. sshc->nextstate = SSH_SFTP_CLOSE;
  1570. }
  1571. else {
  1572. state(data, SSH_STOP);
  1573. result = sshc->actualcode;
  1574. }
  1575. break;
  1576. case SSH_SFTP_SHUTDOWN:
  1577. /* during times we get here due to a broken transfer and then the
  1578. sftp_handle might not have been taken down so make sure that is done
  1579. before we proceed */
  1580. if(sshc->sftp_file) {
  1581. sftp_close(sshc->sftp_file);
  1582. sshc->sftp_file = NULL;
  1583. }
  1584. if(sshc->sftp_session) {
  1585. sftp_free(sshc->sftp_session);
  1586. sshc->sftp_session = NULL;
  1587. }
  1588. SSH_STRING_FREE_CHAR(sshc->homedir);
  1589. data->state.most_recent_ftp_entrypath = NULL;
  1590. state(data, SSH_SESSION_DISCONNECT);
  1591. break;
  1592. case SSH_SCP_TRANS_INIT:
  1593. result = Curl_getworkingpath(data, sshc->homedir, &protop->path);
  1594. if(result) {
  1595. sshc->actualcode = result;
  1596. state(data, SSH_STOP);
  1597. break;
  1598. }
  1599. /* Functions from the SCP subsystem cannot handle/return SSH_AGAIN */
  1600. ssh_set_blocking(sshc->ssh_session, 1);
  1601. if(data->state.upload) {
  1602. if(data->state.infilesize < 0) {
  1603. failf(data, "SCP requires a known file size for upload");
  1604. sshc->actualcode = CURLE_UPLOAD_FAILED;
  1605. MOVE_TO_ERROR_STATE(CURLE_UPLOAD_FAILED);
  1606. break;
  1607. }
  1608. sshc->scp_session =
  1609. ssh_scp_new(sshc->ssh_session, SSH_SCP_WRITE, protop->path);
  1610. state(data, SSH_SCP_UPLOAD_INIT);
  1611. }
  1612. else {
  1613. sshc->scp_session =
  1614. ssh_scp_new(sshc->ssh_session, SSH_SCP_READ, protop->path);
  1615. state(data, SSH_SCP_DOWNLOAD_INIT);
  1616. }
  1617. if(!sshc->scp_session) {
  1618. err_msg = ssh_get_error(sshc->ssh_session);
  1619. failf(data, "%s", err_msg);
  1620. MOVE_TO_ERROR_STATE(CURLE_UPLOAD_FAILED);
  1621. }
  1622. break;
  1623. case SSH_SCP_UPLOAD_INIT:
  1624. rc = ssh_scp_init(sshc->scp_session);
  1625. if(rc != SSH_OK) {
  1626. err_msg = ssh_get_error(sshc->ssh_session);
  1627. failf(data, "%s", err_msg);
  1628. MOVE_TO_ERROR_STATE(CURLE_UPLOAD_FAILED);
  1629. break;
  1630. }
  1631. rc = ssh_scp_push_file(sshc->scp_session, protop->path,
  1632. data->state.infilesize,
  1633. (int)data->set.new_file_perms);
  1634. if(rc != SSH_OK) {
  1635. err_msg = ssh_get_error(sshc->ssh_session);
  1636. failf(data, "%s", err_msg);
  1637. MOVE_TO_ERROR_STATE(CURLE_UPLOAD_FAILED);
  1638. break;
  1639. }
  1640. /* upload data */
  1641. Curl_xfer_setup1(data, CURL_XFER_SEND, -1, FALSE);
  1642. /* not set by Curl_xfer_setup to preserve keepon bits */
  1643. conn->sockfd = conn->writesockfd;
  1644. /* store this original bitmask setup to use later on if we cannot
  1645. figure out a "real" bitmask */
  1646. sshc->orig_waitfor = data->req.keepon;
  1647. /* we want to use the _sending_ function even when the socket turns
  1648. out readable as the underlying libssh scp send function will deal
  1649. with both accordingly */
  1650. data->state.select_bits = CURL_CSELECT_OUT;
  1651. state(data, SSH_STOP);
  1652. break;
  1653. case SSH_SCP_DOWNLOAD_INIT:
  1654. rc = ssh_scp_init(sshc->scp_session);
  1655. if(rc != SSH_OK) {
  1656. err_msg = ssh_get_error(sshc->ssh_session);
  1657. failf(data, "%s", err_msg);
  1658. MOVE_TO_ERROR_STATE(CURLE_COULDNT_CONNECT);
  1659. break;
  1660. }
  1661. state(data, SSH_SCP_DOWNLOAD);
  1662. FALLTHROUGH();
  1663. case SSH_SCP_DOWNLOAD:{
  1664. curl_off_t bytecount;
  1665. rc = ssh_scp_pull_request(sshc->scp_session);
  1666. if(rc != SSH_SCP_REQUEST_NEWFILE) {
  1667. err_msg = ssh_get_error(sshc->ssh_session);
  1668. failf(data, "%s", err_msg);
  1669. MOVE_TO_ERROR_STATE(CURLE_REMOTE_FILE_NOT_FOUND);
  1670. break;
  1671. }
  1672. /* download data */
  1673. bytecount = ssh_scp_request_get_size(sshc->scp_session);
  1674. data->req.maxdownload = (curl_off_t) bytecount;
  1675. Curl_xfer_setup1(data, CURL_XFER_RECV, bytecount, FALSE);
  1676. /* not set by Curl_xfer_setup to preserve keepon bits */
  1677. conn->writesockfd = conn->sockfd;
  1678. /* we want to use the _receiving_ function even when the socket turns
  1679. out writableable as the underlying libssh recv function will deal
  1680. with both accordingly */
  1681. data->state.select_bits = CURL_CSELECT_IN;
  1682. state(data, SSH_STOP);
  1683. break;
  1684. }
  1685. case SSH_SCP_DONE:
  1686. if(data->state.upload)
  1687. state(data, SSH_SCP_SEND_EOF);
  1688. else
  1689. state(data, SSH_SCP_CHANNEL_FREE);
  1690. break;
  1691. case SSH_SCP_SEND_EOF:
  1692. if(sshc->scp_session) {
  1693. rc = ssh_scp_close(sshc->scp_session);
  1694. if(rc == SSH_AGAIN) {
  1695. /* Currently the ssh_scp_close handles waiting for EOF in
  1696. * blocking way.
  1697. */
  1698. break;
  1699. }
  1700. if(rc != SSH_OK) {
  1701. infof(data, "Failed to close libssh scp channel: %s",
  1702. ssh_get_error(sshc->ssh_session));
  1703. }
  1704. }
  1705. state(data, SSH_SCP_CHANNEL_FREE);
  1706. break;
  1707. case SSH_SCP_CHANNEL_FREE:
  1708. if(sshc->scp_session) {
  1709. ssh_scp_free(sshc->scp_session);
  1710. sshc->scp_session = NULL;
  1711. }
  1712. DEBUGF(infof(data, "SCP DONE phase complete"));
  1713. ssh_set_blocking(sshc->ssh_session, 0);
  1714. state(data, SSH_SESSION_DISCONNECT);
  1715. FALLTHROUGH();
  1716. case SSH_SESSION_DISCONNECT:
  1717. /* during weird times when we have been prematurely aborted, the channel
  1718. is still alive when we reach this state and we MUST kill the channel
  1719. properly first */
  1720. if(sshc->scp_session) {
  1721. ssh_scp_free(sshc->scp_session);
  1722. sshc->scp_session = NULL;
  1723. }
  1724. ssh_disconnect(sshc->ssh_session);
  1725. if(!ssh_version(SSH_VERSION_INT(0, 10, 0))) {
  1726. /* conn->sock[FIRSTSOCKET] is closed by ssh_disconnect behind our back,
  1727. tell the connection to forget about it. This libssh
  1728. bug is fixed in 0.10.0. */
  1729. Curl_conn_forget_socket(data, FIRSTSOCKET);
  1730. }
  1731. SSH_STRING_FREE_CHAR(sshc->homedir);
  1732. data->state.most_recent_ftp_entrypath = NULL;
  1733. state(data, SSH_SESSION_FREE);
  1734. FALLTHROUGH();
  1735. case SSH_SESSION_FREE:
  1736. if(sshc->ssh_session) {
  1737. ssh_free(sshc->ssh_session);
  1738. sshc->ssh_session = NULL;
  1739. }
  1740. /* worst-case scenario cleanup */
  1741. DEBUGASSERT(sshc->ssh_session == NULL);
  1742. DEBUGASSERT(sshc->scp_session == NULL);
  1743. if(sshc->readdir_tmp) {
  1744. ssh_string_free_char(sshc->readdir_tmp);
  1745. sshc->readdir_tmp = NULL;
  1746. }
  1747. if(sshc->quote_attrs)
  1748. sftp_attributes_free(sshc->quote_attrs);
  1749. if(sshc->readdir_attrs)
  1750. sftp_attributes_free(sshc->readdir_attrs);
  1751. if(sshc->readdir_link_attrs)
  1752. sftp_attributes_free(sshc->readdir_link_attrs);
  1753. if(sshc->privkey)
  1754. ssh_key_free(sshc->privkey);
  1755. if(sshc->pubkey)
  1756. ssh_key_free(sshc->pubkey);
  1757. Curl_safefree(sshc->rsa_pub);
  1758. Curl_safefree(sshc->rsa);
  1759. Curl_safefree(sshc->quote_path1);
  1760. Curl_safefree(sshc->quote_path2);
  1761. Curl_dyn_free(&sshc->readdir_buf);
  1762. Curl_safefree(sshc->readdir_linkPath);
  1763. SSH_STRING_FREE_CHAR(sshc->homedir);
  1764. /* the code we are about to return */
  1765. result = sshc->actualcode;
  1766. memset(sshc, 0, sizeof(struct ssh_conn));
  1767. connclose(conn, "SSH session free");
  1768. sshc->state = SSH_SESSION_FREE; /* current */
  1769. sshc->nextstate = SSH_NO_STATE;
  1770. state(data, SSH_STOP);
  1771. break;
  1772. case SSH_QUIT:
  1773. default:
  1774. /* internal error */
  1775. sshc->nextstate = SSH_NO_STATE;
  1776. state(data, SSH_STOP);
  1777. break;
  1778. }
  1779. } while(!rc && (sshc->state != SSH_STOP));
  1780. if(rc == SSH_AGAIN) {
  1781. /* we would block, we need to wait for the socket to be ready (in the
  1782. right direction too)! */
  1783. *block = TRUE;
  1784. }
  1785. return result;
  1786. }
  1787. /* called by the multi interface to figure out what socket(s) to wait for and
  1788. for what actions in the DO_DONE, PERFORM and WAITPERFORM states */
  1789. static int myssh_getsock(struct Curl_easy *data,
  1790. struct connectdata *conn,
  1791. curl_socket_t *sock)
  1792. {
  1793. int bitmap = GETSOCK_BLANK;
  1794. (void)data;
  1795. sock[0] = conn->sock[FIRSTSOCKET];
  1796. if(conn->waitfor & KEEP_RECV)
  1797. bitmap |= GETSOCK_READSOCK(FIRSTSOCKET);
  1798. if(conn->waitfor & KEEP_SEND)
  1799. bitmap |= GETSOCK_WRITESOCK(FIRSTSOCKET);
  1800. if(!conn->waitfor)
  1801. bitmap |= GETSOCK_WRITESOCK(FIRSTSOCKET);
  1802. DEBUGF(infof(data, "ssh_getsock -> %x", bitmap));
  1803. return bitmap;
  1804. }
  1805. static void myssh_block2waitfor(struct connectdata *conn, bool block)
  1806. {
  1807. struct ssh_conn *sshc = &conn->proto.sshc;
  1808. /* If it did not block, or nothing was returned by ssh_get_poll_flags
  1809. * have the original set */
  1810. conn->waitfor = sshc->orig_waitfor;
  1811. if(block) {
  1812. int dir = ssh_get_poll_flags(sshc->ssh_session);
  1813. conn->waitfor = 0;
  1814. /* translate the libssh define bits into our own bit defines */
  1815. if(dir & SSH_READ_PENDING)
  1816. conn->waitfor |= KEEP_RECV;
  1817. if(dir & SSH_WRITE_PENDING)
  1818. conn->waitfor |= KEEP_SEND;
  1819. }
  1820. }
  1821. /* called repeatedly until done from multi.c */
  1822. static CURLcode myssh_multi_statemach(struct Curl_easy *data,
  1823. bool *done)
  1824. {
  1825. struct connectdata *conn = data->conn;
  1826. struct ssh_conn *sshc = &conn->proto.sshc;
  1827. bool block; /* we store the status and use that to provide a ssh_getsock()
  1828. implementation */
  1829. CURLcode result = myssh_statemach_act(data, &block);
  1830. *done = (sshc->state == SSH_STOP);
  1831. myssh_block2waitfor(conn, block);
  1832. return result;
  1833. }
  1834. static CURLcode myssh_block_statemach(struct Curl_easy *data,
  1835. bool disconnect)
  1836. {
  1837. struct connectdata *conn = data->conn;
  1838. struct ssh_conn *sshc = &conn->proto.sshc;
  1839. CURLcode result = CURLE_OK;
  1840. while((sshc->state != SSH_STOP) && !result) {
  1841. bool block;
  1842. timediff_t left = 1000;
  1843. struct curltime now = Curl_now();
  1844. result = myssh_statemach_act(data, &block);
  1845. if(result)
  1846. break;
  1847. if(!disconnect) {
  1848. if(Curl_pgrsUpdate(data))
  1849. return CURLE_ABORTED_BY_CALLBACK;
  1850. result = Curl_speedcheck(data, now);
  1851. if(result)
  1852. break;
  1853. left = Curl_timeleft(data, NULL, FALSE);
  1854. if(left < 0) {
  1855. failf(data, "Operation timed out");
  1856. return CURLE_OPERATION_TIMEDOUT;
  1857. }
  1858. }
  1859. if(block) {
  1860. curl_socket_t fd_read = conn->sock[FIRSTSOCKET];
  1861. /* wait for the socket to become ready */
  1862. (void) Curl_socket_check(fd_read, CURL_SOCKET_BAD,
  1863. CURL_SOCKET_BAD, left > 1000 ? 1000 : left);
  1864. }
  1865. }
  1866. return result;
  1867. }
  1868. /*
  1869. * SSH setup connection
  1870. */
  1871. static CURLcode myssh_setup_connection(struct Curl_easy *data,
  1872. struct connectdata *conn)
  1873. {
  1874. struct SSHPROTO *ssh;
  1875. struct ssh_conn *sshc = &conn->proto.sshc;
  1876. data->req.p.ssh = ssh = calloc(1, sizeof(struct SSHPROTO));
  1877. if(!ssh)
  1878. return CURLE_OUT_OF_MEMORY;
  1879. Curl_dyn_init(&sshc->readdir_buf, CURL_PATH_MAX * 2);
  1880. return CURLE_OK;
  1881. }
  1882. static Curl_recv scp_recv, sftp_recv;
  1883. static Curl_send scp_send, sftp_send;
  1884. /*
  1885. * Curl_ssh_connect() gets called from Curl_protocol_connect() to allow us to
  1886. * do protocol-specific actions at connect-time.
  1887. */
  1888. static CURLcode myssh_connect(struct Curl_easy *data, bool *done)
  1889. {
  1890. struct ssh_conn *ssh;
  1891. CURLcode result;
  1892. struct connectdata *conn = data->conn;
  1893. curl_socket_t sock = conn->sock[FIRSTSOCKET];
  1894. int rc;
  1895. /* initialize per-handle data if not already */
  1896. if(!data->req.p.ssh)
  1897. myssh_setup_connection(data, conn);
  1898. /* We default to persistent connections. We set this already in this connect
  1899. function to make the reuse checks properly be able to check this bit. */
  1900. connkeep(conn, "SSH default");
  1901. if(conn->handler->protocol & CURLPROTO_SCP) {
  1902. conn->recv[FIRSTSOCKET] = scp_recv;
  1903. conn->send[FIRSTSOCKET] = scp_send;
  1904. }
  1905. else {
  1906. conn->recv[FIRSTSOCKET] = sftp_recv;
  1907. conn->send[FIRSTSOCKET] = sftp_send;
  1908. }
  1909. ssh = &conn->proto.sshc;
  1910. ssh->ssh_session = ssh_new();
  1911. if(!ssh->ssh_session) {
  1912. failf(data, "Failure initialising ssh session");
  1913. return CURLE_FAILED_INIT;
  1914. }
  1915. if(conn->bits.ipv6_ip) {
  1916. char ipv6[MAX_IPADR_LEN];
  1917. msnprintf(ipv6, sizeof(ipv6), "[%s]", conn->host.name);
  1918. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_HOST, ipv6);
  1919. }
  1920. else
  1921. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_HOST, conn->host.name);
  1922. if(rc != SSH_OK) {
  1923. failf(data, "Could not set remote host");
  1924. return CURLE_FAILED_INIT;
  1925. }
  1926. rc = ssh_options_parse_config(ssh->ssh_session, NULL);
  1927. if(rc != SSH_OK) {
  1928. infof(data, "Could not parse SSH configuration files");
  1929. /* ignore */
  1930. }
  1931. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_FD, &sock);
  1932. if(rc != SSH_OK) {
  1933. failf(data, "Could not set socket");
  1934. return CURLE_FAILED_INIT;
  1935. }
  1936. if(conn->user && conn->user[0] != '\0') {
  1937. infof(data, "User: %s", conn->user);
  1938. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_USER, conn->user);
  1939. if(rc != SSH_OK) {
  1940. failf(data, "Could not set user");
  1941. return CURLE_FAILED_INIT;
  1942. }
  1943. }
  1944. if(data->set.str[STRING_SSH_KNOWNHOSTS]) {
  1945. infof(data, "Known hosts: %s", data->set.str[STRING_SSH_KNOWNHOSTS]);
  1946. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_KNOWNHOSTS,
  1947. data->set.str[STRING_SSH_KNOWNHOSTS]);
  1948. if(rc != SSH_OK) {
  1949. failf(data, "Could not set known hosts file path");
  1950. return CURLE_FAILED_INIT;
  1951. }
  1952. }
  1953. if(conn->remote_port) {
  1954. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_PORT,
  1955. &conn->remote_port);
  1956. if(rc != SSH_OK) {
  1957. failf(data, "Could not set remote port");
  1958. return CURLE_FAILED_INIT;
  1959. }
  1960. }
  1961. if(data->set.ssh_compression) {
  1962. rc = ssh_options_set(ssh->ssh_session, SSH_OPTIONS_COMPRESSION,
  1963. "zlib,zlib@openssh.com,none");
  1964. if(rc != SSH_OK) {
  1965. failf(data, "Could not set compression");
  1966. return CURLE_FAILED_INIT;
  1967. }
  1968. }
  1969. ssh->privkey = NULL;
  1970. ssh->pubkey = NULL;
  1971. if(data->set.str[STRING_SSH_PUBLIC_KEY]) {
  1972. rc = ssh_pki_import_pubkey_file(data->set.str[STRING_SSH_PUBLIC_KEY],
  1973. &ssh->pubkey);
  1974. if(rc != SSH_OK) {
  1975. failf(data, "Could not load public key file");
  1976. return CURLE_FAILED_INIT;
  1977. }
  1978. }
  1979. /* we do not verify here, we do it at the state machine,
  1980. * after connection */
  1981. state(data, SSH_INIT);
  1982. result = myssh_multi_statemach(data, done);
  1983. return result;
  1984. }
  1985. /* called from multi.c while DOing */
  1986. static CURLcode scp_doing(struct Curl_easy *data, bool *dophase_done)
  1987. {
  1988. CURLcode result;
  1989. result = myssh_multi_statemach(data, dophase_done);
  1990. if(*dophase_done) {
  1991. DEBUGF(infof(data, "DO phase is complete"));
  1992. }
  1993. return result;
  1994. }
  1995. /*
  1996. ***********************************************************************
  1997. *
  1998. * scp_perform()
  1999. *
  2000. * This is the actual DO function for SCP. Get a file according to
  2001. * the options previously setup.
  2002. */
  2003. static
  2004. CURLcode scp_perform(struct Curl_easy *data,
  2005. bool *connected, bool *dophase_done)
  2006. {
  2007. CURLcode result = CURLE_OK;
  2008. DEBUGF(infof(data, "DO phase starts"));
  2009. *dophase_done = FALSE; /* not done yet */
  2010. /* start the first command in the DO phase */
  2011. state(data, SSH_SCP_TRANS_INIT);
  2012. result = myssh_multi_statemach(data, dophase_done);
  2013. *connected = Curl_conn_is_connected(data->conn, FIRSTSOCKET);
  2014. if(*dophase_done) {
  2015. DEBUGF(infof(data, "DO phase is complete"));
  2016. }
  2017. return result;
  2018. }
  2019. static CURLcode myssh_do_it(struct Curl_easy *data, bool *done)
  2020. {
  2021. CURLcode result;
  2022. bool connected = FALSE;
  2023. struct connectdata *conn = data->conn;
  2024. struct ssh_conn *sshc = &conn->proto.sshc;
  2025. *done = FALSE; /* default to false */
  2026. data->req.size = -1; /* make sure this is unknown at this point */
  2027. sshc->actualcode = CURLE_OK; /* reset error code */
  2028. sshc->secondCreateDirs = 0; /* reset the create dir attempt state
  2029. variable */
  2030. Curl_pgrsSetUploadCounter(data, 0);
  2031. Curl_pgrsSetDownloadCounter(data, 0);
  2032. Curl_pgrsSetUploadSize(data, -1);
  2033. Curl_pgrsSetDownloadSize(data, -1);
  2034. if(conn->handler->protocol & CURLPROTO_SCP)
  2035. result = scp_perform(data, &connected, done);
  2036. else
  2037. result = sftp_perform(data, &connected, done);
  2038. return result;
  2039. }
  2040. /* BLOCKING, but the function is using the state machine so the only reason
  2041. this is still blocking is that the multi interface code has no support for
  2042. disconnecting operations that takes a while */
  2043. static CURLcode scp_disconnect(struct Curl_easy *data,
  2044. struct connectdata *conn,
  2045. bool dead_connection)
  2046. {
  2047. CURLcode result = CURLE_OK;
  2048. struct ssh_conn *ssh = &conn->proto.sshc;
  2049. (void) dead_connection;
  2050. if(ssh->ssh_session) {
  2051. /* only if there is a session still around to use! */
  2052. state(data, SSH_SESSION_DISCONNECT);
  2053. result = myssh_block_statemach(data, TRUE);
  2054. }
  2055. return result;
  2056. }
  2057. /* generic done function for both SCP and SFTP called from their specific
  2058. done functions */
  2059. static CURLcode myssh_done(struct Curl_easy *data, CURLcode status)
  2060. {
  2061. CURLcode result = CURLE_OK;
  2062. struct SSHPROTO *protop = data->req.p.ssh;
  2063. if(!status) {
  2064. /* run the state-machine */
  2065. result = myssh_block_statemach(data, FALSE);
  2066. }
  2067. else
  2068. result = status;
  2069. if(protop)
  2070. Curl_safefree(protop->path);
  2071. if(Curl_pgrsDone(data))
  2072. return CURLE_ABORTED_BY_CALLBACK;
  2073. data->req.keepon = 0; /* clear all bits */
  2074. return result;
  2075. }
  2076. static CURLcode scp_done(struct Curl_easy *data, CURLcode status,
  2077. bool premature)
  2078. {
  2079. (void) premature; /* not used */
  2080. if(!status)
  2081. state(data, SSH_SCP_DONE);
  2082. return myssh_done(data, status);
  2083. }
  2084. static ssize_t scp_send(struct Curl_easy *data, int sockindex,
  2085. const void *mem, size_t len, bool eos, CURLcode *err)
  2086. {
  2087. int rc;
  2088. struct connectdata *conn = data->conn;
  2089. (void) sockindex; /* we only support SCP on the fixed known primary socket */
  2090. (void) err;
  2091. (void)eos;
  2092. rc = ssh_scp_write(conn->proto.sshc.scp_session, mem, len);
  2093. #if 0
  2094. /* The following code is misleading, mostly added as wishful thinking
  2095. * that libssh at some point will implement non-blocking ssh_scp_write/read.
  2096. * Currently rc can only be number of bytes read or SSH_ERROR. */
  2097. myssh_block2waitfor(conn, (rc == SSH_AGAIN));
  2098. if(rc == SSH_AGAIN) {
  2099. *err = CURLE_AGAIN;
  2100. return 0;
  2101. }
  2102. else
  2103. #endif
  2104. if(rc != SSH_OK) {
  2105. *err = CURLE_SSH;
  2106. return -1;
  2107. }
  2108. return len;
  2109. }
  2110. static ssize_t scp_recv(struct Curl_easy *data, int sockindex,
  2111. char *mem, size_t len, CURLcode *err)
  2112. {
  2113. ssize_t nread;
  2114. struct connectdata *conn = data->conn;
  2115. (void) err;
  2116. (void) sockindex; /* we only support SCP on the fixed known primary socket */
  2117. /* libssh returns int */
  2118. nread = ssh_scp_read(conn->proto.sshc.scp_session, mem, len);
  2119. #if 0
  2120. /* The following code is misleading, mostly added as wishful thinking
  2121. * that libssh at some point will implement non-blocking ssh_scp_write/read.
  2122. * Currently rc can only be SSH_OK or SSH_ERROR. */
  2123. myssh_block2waitfor(conn, (nread == SSH_AGAIN));
  2124. if(nread == SSH_AGAIN) {
  2125. *err = CURLE_AGAIN;
  2126. nread = -1;
  2127. }
  2128. #endif
  2129. return nread;
  2130. }
  2131. /*
  2132. * =============== SFTP ===============
  2133. */
  2134. /*
  2135. ***********************************************************************
  2136. *
  2137. * sftp_perform()
  2138. *
  2139. * This is the actual DO function for SFTP. Get a file/directory according to
  2140. * the options previously setup.
  2141. */
  2142. static
  2143. CURLcode sftp_perform(struct Curl_easy *data,
  2144. bool *connected,
  2145. bool *dophase_done)
  2146. {
  2147. CURLcode result = CURLE_OK;
  2148. DEBUGF(infof(data, "DO phase starts"));
  2149. *dophase_done = FALSE; /* not done yet */
  2150. /* start the first command in the DO phase */
  2151. state(data, SSH_SFTP_QUOTE_INIT);
  2152. /* run the state-machine */
  2153. result = myssh_multi_statemach(data, dophase_done);
  2154. *connected = Curl_conn_is_connected(data->conn, FIRSTSOCKET);
  2155. if(*dophase_done) {
  2156. DEBUGF(infof(data, "DO phase is complete"));
  2157. }
  2158. return result;
  2159. }
  2160. /* called from multi.c while DOing */
  2161. static CURLcode sftp_doing(struct Curl_easy *data,
  2162. bool *dophase_done)
  2163. {
  2164. CURLcode result = myssh_multi_statemach(data, dophase_done);
  2165. if(*dophase_done) {
  2166. DEBUGF(infof(data, "DO phase is complete"));
  2167. }
  2168. return result;
  2169. }
  2170. /* BLOCKING, but the function is using the state machine so the only reason
  2171. this is still blocking is that the multi interface code has no support for
  2172. disconnecting operations that takes a while */
  2173. static CURLcode sftp_disconnect(struct Curl_easy *data,
  2174. struct connectdata *conn,
  2175. bool dead_connection)
  2176. {
  2177. CURLcode result = CURLE_OK;
  2178. (void) dead_connection;
  2179. DEBUGF(infof(data, "SSH DISCONNECT starts now"));
  2180. if(conn->proto.sshc.ssh_session) {
  2181. /* only if there is a session still around to use! */
  2182. state(data, SSH_SFTP_SHUTDOWN);
  2183. result = myssh_block_statemach(data, TRUE);
  2184. }
  2185. DEBUGF(infof(data, "SSH DISCONNECT is done"));
  2186. return result;
  2187. }
  2188. static CURLcode sftp_done(struct Curl_easy *data, CURLcode status,
  2189. bool premature)
  2190. {
  2191. struct connectdata *conn = data->conn;
  2192. struct ssh_conn *sshc = &conn->proto.sshc;
  2193. if(!status) {
  2194. /* Post quote commands are executed after the SFTP_CLOSE state to avoid
  2195. errors that could happen due to open file handles during POSTQUOTE
  2196. operation */
  2197. if(!premature && data->set.postquote && !conn->bits.retry)
  2198. sshc->nextstate = SSH_SFTP_POSTQUOTE_INIT;
  2199. state(data, SSH_SFTP_CLOSE);
  2200. }
  2201. return myssh_done(data, status);
  2202. }
  2203. /* return number of sent bytes */
  2204. static ssize_t sftp_send(struct Curl_easy *data, int sockindex,
  2205. const void *mem, size_t len, bool eos,
  2206. CURLcode *err)
  2207. {
  2208. ssize_t nwrite;
  2209. struct connectdata *conn = data->conn;
  2210. (void)sockindex;
  2211. (void)eos;
  2212. /* limit the writes to the maximum specified in Section 3 of
  2213. * https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-02
  2214. */
  2215. if(len > 32768)
  2216. len = 32768;
  2217. nwrite = sftp_write(conn->proto.sshc.sftp_file, mem, len);
  2218. myssh_block2waitfor(conn, FALSE);
  2219. #if 0 /* not returned by libssh on write */
  2220. if(nwrite == SSH_AGAIN) {
  2221. *err = CURLE_AGAIN;
  2222. nwrite = 0;
  2223. }
  2224. else
  2225. #endif
  2226. if(nwrite < 0) {
  2227. *err = CURLE_SSH;
  2228. nwrite = -1;
  2229. }
  2230. return nwrite;
  2231. }
  2232. /*
  2233. * Return number of received (decrypted) bytes
  2234. * or <0 on error
  2235. */
  2236. static ssize_t sftp_recv(struct Curl_easy *data, int sockindex,
  2237. char *mem, size_t len, CURLcode *err)
  2238. {
  2239. ssize_t nread;
  2240. struct connectdata *conn = data->conn;
  2241. (void)sockindex;
  2242. DEBUGASSERT(len < CURL_MAX_READ_SIZE);
  2243. switch(conn->proto.sshc.sftp_recv_state) {
  2244. case 0:
  2245. conn->proto.sshc.sftp_file_index =
  2246. sftp_async_read_begin(conn->proto.sshc.sftp_file,
  2247. (uint32_t)len);
  2248. if(conn->proto.sshc.sftp_file_index < 0) {
  2249. *err = CURLE_RECV_ERROR;
  2250. return -1;
  2251. }
  2252. FALLTHROUGH();
  2253. case 1:
  2254. conn->proto.sshc.sftp_recv_state = 1;
  2255. nread = sftp_async_read(conn->proto.sshc.sftp_file,
  2256. mem, (uint32_t)len,
  2257. (uint32_t)conn->proto.sshc.sftp_file_index);
  2258. myssh_block2waitfor(conn, (nread == SSH_AGAIN));
  2259. if(nread == SSH_AGAIN) {
  2260. *err = CURLE_AGAIN;
  2261. return -1;
  2262. }
  2263. else if(nread < 0) {
  2264. *err = CURLE_RECV_ERROR;
  2265. return -1;
  2266. }
  2267. conn->proto.sshc.sftp_recv_state = 0;
  2268. return nread;
  2269. default:
  2270. /* we never reach here */
  2271. return -1;
  2272. }
  2273. }
  2274. static void sftp_quote(struct Curl_easy *data)
  2275. {
  2276. const char *cp;
  2277. struct connectdata *conn = data->conn;
  2278. struct SSHPROTO *protop = data->req.p.ssh;
  2279. struct ssh_conn *sshc = &conn->proto.sshc;
  2280. CURLcode result;
  2281. /*
  2282. * Support some of the "FTP" commands
  2283. */
  2284. char *cmd = sshc->quote_item->data;
  2285. sshc->acceptfail = FALSE;
  2286. /* if a command starts with an asterisk, which a legal SFTP command never
  2287. can, the command will be allowed to fail without it causing any
  2288. aborts or cancels etc. It will cause libcurl to act as if the command
  2289. is successful, whatever the server responds. */
  2290. if(cmd[0] == '*') {
  2291. cmd++;
  2292. sshc->acceptfail = TRUE;
  2293. }
  2294. if(strcasecompare("pwd", cmd)) {
  2295. /* output debug output if that is requested */
  2296. char *tmp = aprintf("257 \"%s\" is current directory.\n",
  2297. protop->path);
  2298. if(!tmp) {
  2299. sshc->actualcode = CURLE_OUT_OF_MEMORY;
  2300. state(data, SSH_SFTP_CLOSE);
  2301. sshc->nextstate = SSH_NO_STATE;
  2302. return;
  2303. }
  2304. Curl_debug(data, CURLINFO_HEADER_OUT, (char *) "PWD\n", 4);
  2305. Curl_debug(data, CURLINFO_HEADER_IN, tmp, strlen(tmp));
  2306. /* this sends an FTP-like "header" to the header callback so that the
  2307. current directory can be read very similar to how it is read when
  2308. using ordinary FTP. */
  2309. result = Curl_client_write(data, CLIENTWRITE_HEADER, tmp, strlen(tmp));
  2310. free(tmp);
  2311. if(result) {
  2312. state(data, SSH_SFTP_CLOSE);
  2313. sshc->nextstate = SSH_NO_STATE;
  2314. sshc->actualcode = result;
  2315. }
  2316. else
  2317. state(data, SSH_SFTP_NEXT_QUOTE);
  2318. return;
  2319. }
  2320. /*
  2321. * the arguments following the command must be separated from the
  2322. * command with a space so we can check for it unconditionally
  2323. */
  2324. cp = strchr(cmd, ' ');
  2325. if(!cp) {
  2326. failf(data, "Syntax error in SFTP command. Supply parameter(s)");
  2327. state(data, SSH_SFTP_CLOSE);
  2328. sshc->nextstate = SSH_NO_STATE;
  2329. sshc->actualcode = CURLE_QUOTE_ERROR;
  2330. return;
  2331. }
  2332. /*
  2333. * also, every command takes at least one argument so we get that
  2334. * first argument right now
  2335. */
  2336. result = Curl_get_pathname(&cp, &sshc->quote_path1, sshc->homedir);
  2337. if(result) {
  2338. if(result == CURLE_OUT_OF_MEMORY)
  2339. failf(data, "Out of memory");
  2340. else
  2341. failf(data, "Syntax error: Bad first parameter");
  2342. state(data, SSH_SFTP_CLOSE);
  2343. sshc->nextstate = SSH_NO_STATE;
  2344. sshc->actualcode = result;
  2345. return;
  2346. }
  2347. /*
  2348. * SFTP is a binary protocol, so we do not send text commands
  2349. * to the server. Instead, we scan for commands used by
  2350. * OpenSSH's sftp program and call the appropriate libssh
  2351. * functions.
  2352. */
  2353. if(strncasecompare(cmd, "chgrp ", 6) ||
  2354. strncasecompare(cmd, "chmod ", 6) ||
  2355. strncasecompare(cmd, "chown ", 6) ||
  2356. strncasecompare(cmd, "atime ", 6) ||
  2357. strncasecompare(cmd, "mtime ", 6)) {
  2358. /* attribute change */
  2359. /* sshc->quote_path1 contains the mode to set */
  2360. /* get the destination */
  2361. result = Curl_get_pathname(&cp, &sshc->quote_path2, sshc->homedir);
  2362. if(result) {
  2363. if(result == CURLE_OUT_OF_MEMORY)
  2364. failf(data, "Out of memory");
  2365. else
  2366. failf(data, "Syntax error in chgrp/chmod/chown/atime/mtime: "
  2367. "Bad second parameter");
  2368. Curl_safefree(sshc->quote_path1);
  2369. state(data, SSH_SFTP_CLOSE);
  2370. sshc->nextstate = SSH_NO_STATE;
  2371. sshc->actualcode = result;
  2372. return;
  2373. }
  2374. sshc->quote_attrs = NULL;
  2375. state(data, SSH_SFTP_QUOTE_STAT);
  2376. return;
  2377. }
  2378. if(strncasecompare(cmd, "ln ", 3) ||
  2379. strncasecompare(cmd, "symlink ", 8)) {
  2380. /* symbolic linking */
  2381. /* sshc->quote_path1 is the source */
  2382. /* get the destination */
  2383. result = Curl_get_pathname(&cp, &sshc->quote_path2, sshc->homedir);
  2384. if(result) {
  2385. if(result == CURLE_OUT_OF_MEMORY)
  2386. failf(data, "Out of memory");
  2387. else
  2388. failf(data, "Syntax error in ln/symlink: Bad second parameter");
  2389. Curl_safefree(sshc->quote_path1);
  2390. state(data, SSH_SFTP_CLOSE);
  2391. sshc->nextstate = SSH_NO_STATE;
  2392. sshc->actualcode = result;
  2393. return;
  2394. }
  2395. state(data, SSH_SFTP_QUOTE_SYMLINK);
  2396. return;
  2397. }
  2398. else if(strncasecompare(cmd, "mkdir ", 6)) {
  2399. /* create dir */
  2400. state(data, SSH_SFTP_QUOTE_MKDIR);
  2401. return;
  2402. }
  2403. else if(strncasecompare(cmd, "rename ", 7)) {
  2404. /* rename file */
  2405. /* first param is the source path */
  2406. /* second param is the dest. path */
  2407. result = Curl_get_pathname(&cp, &sshc->quote_path2, sshc->homedir);
  2408. if(result) {
  2409. if(result == CURLE_OUT_OF_MEMORY)
  2410. failf(data, "Out of memory");
  2411. else
  2412. failf(data, "Syntax error in rename: Bad second parameter");
  2413. Curl_safefree(sshc->quote_path1);
  2414. state(data, SSH_SFTP_CLOSE);
  2415. sshc->nextstate = SSH_NO_STATE;
  2416. sshc->actualcode = result;
  2417. return;
  2418. }
  2419. state(data, SSH_SFTP_QUOTE_RENAME);
  2420. return;
  2421. }
  2422. else if(strncasecompare(cmd, "rmdir ", 6)) {
  2423. /* delete dir */
  2424. state(data, SSH_SFTP_QUOTE_RMDIR);
  2425. return;
  2426. }
  2427. else if(strncasecompare(cmd, "rm ", 3)) {
  2428. state(data, SSH_SFTP_QUOTE_UNLINK);
  2429. return;
  2430. }
  2431. #ifdef HAS_STATVFS_SUPPORT
  2432. else if(strncasecompare(cmd, "statvfs ", 8)) {
  2433. state(data, SSH_SFTP_QUOTE_STATVFS);
  2434. return;
  2435. }
  2436. #endif
  2437. failf(data, "Unknown SFTP command");
  2438. Curl_safefree(sshc->quote_path1);
  2439. Curl_safefree(sshc->quote_path2);
  2440. state(data, SSH_SFTP_CLOSE);
  2441. sshc->nextstate = SSH_NO_STATE;
  2442. sshc->actualcode = CURLE_QUOTE_ERROR;
  2443. }
  2444. static void sftp_quote_stat(struct Curl_easy *data)
  2445. {
  2446. struct connectdata *conn = data->conn;
  2447. struct ssh_conn *sshc = &conn->proto.sshc;
  2448. char *cmd = sshc->quote_item->data;
  2449. sshc->acceptfail = FALSE;
  2450. /* if a command starts with an asterisk, which a legal SFTP command never
  2451. can, the command will be allowed to fail without it causing any
  2452. aborts or cancels etc. It will cause libcurl to act as if the command
  2453. is successful, whatever the server responds. */
  2454. if(cmd[0] == '*') {
  2455. cmd++;
  2456. sshc->acceptfail = TRUE;
  2457. }
  2458. /* We read the file attributes, store them in sshc->quote_attrs
  2459. * and modify them accordingly to command. Then we switch to
  2460. * QUOTE_SETSTAT state to write new ones.
  2461. */
  2462. if(sshc->quote_attrs)
  2463. sftp_attributes_free(sshc->quote_attrs);
  2464. sshc->quote_attrs = sftp_stat(sshc->sftp_session, sshc->quote_path2);
  2465. if(!sshc->quote_attrs) {
  2466. Curl_safefree(sshc->quote_path1);
  2467. Curl_safefree(sshc->quote_path2);
  2468. failf(data, "Attempt to get SFTP stats failed: %d",
  2469. sftp_get_error(sshc->sftp_session));
  2470. state(data, SSH_SFTP_CLOSE);
  2471. sshc->nextstate = SSH_NO_STATE;
  2472. sshc->actualcode = CURLE_QUOTE_ERROR;
  2473. return;
  2474. }
  2475. /* Now set the new attributes... */
  2476. if(strncasecompare(cmd, "chgrp", 5)) {
  2477. sshc->quote_attrs->gid = (uint32_t)strtoul(sshc->quote_path1, NULL, 10);
  2478. if(sshc->quote_attrs->gid == 0 && !ISDIGIT(sshc->quote_path1[0]) &&
  2479. !sshc->acceptfail) {
  2480. Curl_safefree(sshc->quote_path1);
  2481. Curl_safefree(sshc->quote_path2);
  2482. failf(data, "Syntax error: chgrp gid not a number");
  2483. state(data, SSH_SFTP_CLOSE);
  2484. sshc->nextstate = SSH_NO_STATE;
  2485. sshc->actualcode = CURLE_QUOTE_ERROR;
  2486. return;
  2487. }
  2488. sshc->quote_attrs->flags |= SSH_FILEXFER_ATTR_UIDGID;
  2489. }
  2490. else if(strncasecompare(cmd, "chmod", 5)) {
  2491. mode_t perms;
  2492. perms = (mode_t)strtoul(sshc->quote_path1, NULL, 8);
  2493. /* permissions are octal */
  2494. if(perms == 0 && !ISDIGIT(sshc->quote_path1[0])) {
  2495. Curl_safefree(sshc->quote_path1);
  2496. Curl_safefree(sshc->quote_path2);
  2497. failf(data, "Syntax error: chmod permissions not a number");
  2498. state(data, SSH_SFTP_CLOSE);
  2499. sshc->nextstate = SSH_NO_STATE;
  2500. sshc->actualcode = CURLE_QUOTE_ERROR;
  2501. return;
  2502. }
  2503. sshc->quote_attrs->permissions = perms;
  2504. sshc->quote_attrs->flags |= SSH_FILEXFER_ATTR_PERMISSIONS;
  2505. }
  2506. else if(strncasecompare(cmd, "chown", 5)) {
  2507. sshc->quote_attrs->uid = (uint32_t)strtoul(sshc->quote_path1, NULL, 10);
  2508. if(sshc->quote_attrs->uid == 0 && !ISDIGIT(sshc->quote_path1[0]) &&
  2509. !sshc->acceptfail) {
  2510. Curl_safefree(sshc->quote_path1);
  2511. Curl_safefree(sshc->quote_path2);
  2512. failf(data, "Syntax error: chown uid not a number");
  2513. state(data, SSH_SFTP_CLOSE);
  2514. sshc->nextstate = SSH_NO_STATE;
  2515. sshc->actualcode = CURLE_QUOTE_ERROR;
  2516. return;
  2517. }
  2518. sshc->quote_attrs->flags |= SSH_FILEXFER_ATTR_UIDGID;
  2519. }
  2520. else if(strncasecompare(cmd, "atime", 5) ||
  2521. strncasecompare(cmd, "mtime", 5)) {
  2522. time_t date = Curl_getdate_capped(sshc->quote_path1);
  2523. bool fail = FALSE;
  2524. if(date == -1) {
  2525. failf(data, "incorrect date format for %.*s", 5, cmd);
  2526. fail = TRUE;
  2527. }
  2528. #if SIZEOF_TIME_T > 4
  2529. else if(date > 0xffffffff) {
  2530. failf(data, "date overflow");
  2531. fail = TRUE; /* avoid setting a capped time */
  2532. }
  2533. #endif
  2534. if(fail) {
  2535. Curl_safefree(sshc->quote_path1);
  2536. Curl_safefree(sshc->quote_path2);
  2537. state(data, SSH_SFTP_CLOSE);
  2538. sshc->nextstate = SSH_NO_STATE;
  2539. sshc->actualcode = CURLE_QUOTE_ERROR;
  2540. return;
  2541. }
  2542. if(strncasecompare(cmd, "atime", 5))
  2543. sshc->quote_attrs->atime = (uint32_t)date;
  2544. else /* mtime */
  2545. sshc->quote_attrs->mtime = (uint32_t)date;
  2546. sshc->quote_attrs->flags |= SSH_FILEXFER_ATTR_ACMODTIME;
  2547. }
  2548. /* Now send the completed structure... */
  2549. state(data, SSH_SFTP_QUOTE_SETSTAT);
  2550. return;
  2551. }
  2552. CURLcode Curl_ssh_init(void)
  2553. {
  2554. if(ssh_init()) {
  2555. DEBUGF(fprintf(stderr, "Error: libssh_init failed\n"));
  2556. return CURLE_FAILED_INIT;
  2557. }
  2558. return CURLE_OK;
  2559. }
  2560. void Curl_ssh_cleanup(void)
  2561. {
  2562. (void)ssh_finalize();
  2563. }
  2564. void Curl_ssh_version(char *buffer, size_t buflen)
  2565. {
  2566. (void)msnprintf(buffer, buflen, "libssh/%s", ssh_version(0));
  2567. }
  2568. #endif /* USE_LIBSSH */