libssh  0.9.5
The SSH library
Data Structures | Macros | Typedefs | Enumerations | Functions
The libssh server API

Data Structures

struct  ssh_bind_callbacks_struct
 These are the callbacks exported by the ssh_bind structure. More...
 

Macros

#define SERVERBANNER   CLIENTBANNER
 
#define SOCKOPT_TYPE_ARG4   int
 

Typedefs

typedef struct ssh_bind_structssh_bind
 
typedef void(* ssh_bind_incoming_connection_callback) (ssh_bind sshbind, void *userdata)
 Incoming connection callback. This callback is called when a ssh_bind has a new incoming connection. More...
 
typedef struct ssh_bind_callbacks_structssh_bind_callbacks
 

Enumerations

enum  ssh_bind_options_e {
  SSH_BIND_OPTIONS_BINDADDR, SSH_BIND_OPTIONS_BINDPORT, SSH_BIND_OPTIONS_BINDPORT_STR, SSH_BIND_OPTIONS_HOSTKEY,
  SSH_BIND_OPTIONS_DSAKEY, SSH_BIND_OPTIONS_RSAKEY, SSH_BIND_OPTIONS_BANNER, SSH_BIND_OPTIONS_LOG_VERBOSITY,
  SSH_BIND_OPTIONS_LOG_VERBOSITY_STR, SSH_BIND_OPTIONS_ECDSAKEY, SSH_BIND_OPTIONS_IMPORT_KEY, SSH_BIND_OPTIONS_KEY_EXCHANGE,
  SSH_BIND_OPTIONS_CIPHERS_C_S, SSH_BIND_OPTIONS_CIPHERS_S_C, SSH_BIND_OPTIONS_HMAC_C_S, SSH_BIND_OPTIONS_HMAC_S_C,
  SSH_BIND_OPTIONS_CONFIG_DIR, SSH_BIND_OPTIONS_PUBKEY_ACCEPTED_KEY_TYPES, SSH_BIND_OPTIONS_HOSTKEY_ALGORITHMS, SSH_BIND_OPTIONS_PROCESS_CONFIG
}
 

Functions

LIBSSH_API ssh_bind ssh_bind_new (void)
 Creates a new SSH server bind. More...
 
LIBSSH_API int ssh_bind_options_set (ssh_bind sshbind, enum ssh_bind_options_e type, const void *value)
 Set options for an SSH server bind. More...
 
LIBSSH_API int ssh_bind_options_parse_config (ssh_bind sshbind, const char *filename)
 Parse a ssh bind options configuration file. More...
 
LIBSSH_API int ssh_bind_listen (ssh_bind ssh_bind_o)
 Start listening to the socket. More...
 
LIBSSH_API int ssh_bind_set_callbacks (ssh_bind sshbind, ssh_bind_callbacks callbacks, void *userdata)
 Set the callback for this bind. More...
 
LIBSSH_API void ssh_bind_set_blocking (ssh_bind ssh_bind_o, int blocking)
 Set the session to blocking/nonblocking mode. More...
 
LIBSSH_API socket_t ssh_bind_get_fd (ssh_bind ssh_bind_o)
 Recover the file descriptor from the session. More...
 
LIBSSH_API void ssh_bind_set_fd (ssh_bind ssh_bind_o, socket_t fd)
 Set the file descriptor for a session. More...
 
LIBSSH_API void ssh_bind_fd_toaccept (ssh_bind ssh_bind_o)
 Allow the file descriptor to accept new sessions. More...
 
LIBSSH_API int ssh_bind_accept (ssh_bind ssh_bind_o, ssh_session session)
 Accept an incoming ssh connection and initialize the session. More...
 
LIBSSH_API int ssh_bind_accept_fd (ssh_bind ssh_bind_o, ssh_session session, socket_t fd)
 Accept an incoming ssh connection on the given file descriptor and initialize the session. More...
 
LIBSSH_API ssh_gssapi_creds ssh_gssapi_get_creds (ssh_session session)
 returns the client credentials of the connected client. If the client has given a forwardable token, the SSH server will retrieve it. More...
 
LIBSSH_API int ssh_handle_key_exchange (ssh_session session)
 Handles the key exchange and set up encryption. More...
 
LIBSSH_API int ssh_server_init_kex (ssh_session session)
 Initialize the set of key exchange, hostkey, ciphers, MACs, and compression algorithms for the given ssh_session. More...
 
LIBSSH_API void ssh_bind_free (ssh_bind ssh_bind_o)
 Free a ssh servers bind. More...
 
LIBSSH_API void ssh_set_auth_methods (ssh_session session, int auth_methods)
 Set the acceptable authentication methods to be sent to the client. More...
 
LIBSSH_API int ssh_message_reply_default (ssh_message msg)
 Reply with a standard reject message. More...
 
LIBSSH_API const char * ssh_message_auth_user (ssh_message msg)
 Get the name of the authenticated user. More...
 
LIBSSH_API const char * ssh_message_auth_password (ssh_message msg)
 Get the password of the authenticated user. More...
 
LIBSSH_API ssh_key ssh_message_auth_pubkey (ssh_message msg)
 Get the publickey of the authenticated user. More...
 
LIBSSH_API int ssh_message_auth_kbdint_is_response (ssh_message msg)
 
LIBSSH_API enum ssh_publickey_state_e ssh_message_auth_publickey_state (ssh_message msg)
 
LIBSSH_API int ssh_message_auth_reply_success (ssh_message msg, int partial)
 
LIBSSH_API int ssh_message_auth_reply_pk_ok (ssh_message msg, ssh_string algo, ssh_string pubkey)
 
LIBSSH_API int ssh_message_auth_reply_pk_ok_simple (ssh_message msg)
 
LIBSSH_API int ssh_message_auth_set_methods (ssh_message msg, int methods)
 
LIBSSH_API int ssh_message_auth_interactive_request (ssh_message msg, const char *name, const char *instruction, unsigned int num_prompts, const char **prompts, char *echo)
 
LIBSSH_API int ssh_message_service_reply_success (ssh_message msg)
 
LIBSSH_API const char * ssh_message_service_service (ssh_message msg)
 
LIBSSH_API int ssh_message_global_request_reply_success (ssh_message msg, uint16_t bound_port)
 
LIBSSH_API void ssh_set_message_callback (ssh_session session, int(*ssh_bind_message_callback)(ssh_session session, ssh_message msg, void *data), void *data)
 defines the ssh_message callback More...
 
LIBSSH_API int ssh_execute_message_callbacks (ssh_session session)
 
LIBSSH_API const char * ssh_message_channel_request_open_originator (ssh_message msg)
 
LIBSSH_API int ssh_message_channel_request_open_originator_port (ssh_message msg)
 
LIBSSH_API const char * ssh_message_channel_request_open_destination (ssh_message msg)
 
LIBSSH_API int ssh_message_channel_request_open_destination_port (ssh_message msg)
 
LIBSSH_API ssh_channel ssh_message_channel_request_channel (ssh_message msg)
 
LIBSSH_API const char * ssh_message_channel_request_pty_term (ssh_message msg)
 
LIBSSH_API int ssh_message_channel_request_pty_width (ssh_message msg)
 
LIBSSH_API int ssh_message_channel_request_pty_height (ssh_message msg)
 
LIBSSH_API int ssh_message_channel_request_pty_pxwidth (ssh_message msg)
 
LIBSSH_API int ssh_message_channel_request_pty_pxheight (ssh_message msg)
 
LIBSSH_API const char * ssh_message_channel_request_env_name (ssh_message msg)
 
LIBSSH_API const char * ssh_message_channel_request_env_value (ssh_message msg)
 
LIBSSH_API const char * ssh_message_channel_request_command (ssh_message msg)
 
LIBSSH_API const char * ssh_message_channel_request_subsystem (ssh_message msg)
 
LIBSSH_API int ssh_message_channel_request_x11_single_connection (ssh_message msg)
 
LIBSSH_API const char * ssh_message_channel_request_x11_auth_protocol (ssh_message msg)
 
LIBSSH_API const char * ssh_message_channel_request_x11_auth_cookie (ssh_message msg)
 
LIBSSH_API int ssh_message_channel_request_x11_screen_number (ssh_message msg)
 
LIBSSH_API const char * ssh_message_global_request_address (ssh_message msg)
 
LIBSSH_API int ssh_message_global_request_port (ssh_message msg)
 
LIBSSH_API int ssh_channel_open_reverse_forward (ssh_channel channel, const char *remotehost, int remoteport, const char *sourcehost, int localport)
 Open a TCP/IP reverse forwarding channel. More...
 
LIBSSH_API int ssh_channel_open_x11 (ssh_channel channel, const char *orig_addr, int orig_port)
 Open a X11 channel. More...
 
LIBSSH_API int ssh_channel_request_send_exit_status (ssh_channel channel, int exit_status)
 Send the exit status to the remote process. More...
 
LIBSSH_API int ssh_channel_request_send_exit_signal (ssh_channel channel, const char *signum, int core, const char *errmsg, const char *lang)
 Send an exit signal to remote process (RFC 4254, section 6.10). More...
 
LIBSSH_API int ssh_send_keepalive (ssh_session session)
 
SSH_DEPRECATED LIBSSH_API int ssh_accept (ssh_session session)
 
SSH_DEPRECATED LIBSSH_API int channel_write_stderr (ssh_channel channel, const void *data, uint32_t len)
 
ssh_poll_handle ssh_bind_get_poll (ssh_bind sshbind)
 
int server_set_kex (ssh_session session)
 
 SSH_PACKET_CALLBACK (ssh_packet_kexdh_init)
 
int ssh_get_key_params (ssh_session session, ssh_key *privkey, enum ssh_digest_e *digest)
 
int ssh_auth_reply_default (ssh_session session, int partial)
 
ssh_public_key ssh_message_auth_publickey (ssh_message msg)
 
int ssh_auth_reply_success (ssh_session session, int partial)
 

Detailed Description

Typedef Documentation

◆ ssh_bind_incoming_connection_callback

typedef void(* ssh_bind_incoming_connection_callback) (ssh_bind sshbind, void *userdata)

Incoming connection callback. This callback is called when a ssh_bind has a new incoming connection.

Parameters
sshbindCurrent sshbind session handler
userdataUserdata to be passed to the callback function.

Function Documentation

◆ ssh_bind_accept()

int ssh_bind_accept ( ssh_bind  ssh_bind_o,
ssh_session  session 
)

Accept an incoming ssh connection and initialize the session.

Parameters
ssh_bind_oThe ssh server bind to accept a connection.
sessionA preallocated ssh session
See also
ssh_new
Returns
SSH_OK when a connection is established

◆ ssh_bind_accept_fd()

int ssh_bind_accept_fd ( ssh_bind  ssh_bind_o,
ssh_session  session,
socket_t  fd 
)

Accept an incoming ssh connection on the given file descriptor and initialize the session.

Parameters
ssh_bind_oThe ssh server bind to accept a connection.
sessionA preallocated ssh session
fdA file descriptor of an already established TCP inbound connection
See also
ssh_new
ssh_bind_accept
Returns
SSH_OK when a connection is established

◆ ssh_bind_fd_toaccept()

void ssh_bind_fd_toaccept ( ssh_bind  ssh_bind_o)

Allow the file descriptor to accept new sessions.

Parameters
ssh_bind_oThe ssh server bind to use.

◆ ssh_bind_free()

void ssh_bind_free ( ssh_bind  ssh_bind_o)

Free a ssh servers bind.

Parameters
ssh_bind_oThe ssh server bind to free.

◆ ssh_bind_get_fd()

socket_t ssh_bind_get_fd ( ssh_bind  ssh_bind_o)

Recover the file descriptor from the session.

Parameters
ssh_bind_oThe ssh server bind to get the fd from.
Returns
The file descriptor.

◆ ssh_bind_listen()

int ssh_bind_listen ( ssh_bind  ssh_bind_o)

Start listening to the socket.

Parameters
ssh_bind_oThe ssh server bind to use.
Returns
0 on success, < 0 on error.

◆ ssh_bind_new()

ssh_bind ssh_bind_new ( void  )

Creates a new SSH server bind.

Returns
A newly allocated ssh_bind session pointer.

◆ ssh_bind_options_parse_config()

int ssh_bind_options_parse_config ( ssh_bind  sshbind,
const char *  filename 
)

Parse a ssh bind options configuration file.

This parses the options file and set them to the ssh_bind handle provided. If an option was previously set, it is overridden. If the global configuration hasn't been processed yet, it is processed prior to the provided file.

Parameters
sshbindSSH bind handle
filenameThe options file to use; if NULL only the global configuration is parsed and applied (if it haven't been processed before).
Returns
0 on success, < 0 on error.

◆ ssh_bind_options_set()

int ssh_bind_options_set ( ssh_bind  sshbind,
enum ssh_bind_options_e  type,
const void *  value 
)

Set options for an SSH server bind.

Parameters
sshbindThe ssh server bind to configure.
typeThe option type to set. This should be one of the following:
  • SSH_BIND_OPTIONS_HOSTKEY: Set the path to an ssh host key, regardless of type. Only one key from per key type (RSA, DSA, ECDSA) is allowed in an ssh_bind at a time, and later calls to this function with this option for the same key type will override prior calls (const char *).
  • SSH_BIND_OPTIONS_BINDADDR: Set the IP address to bind (const char *).
  • SSH_BIND_OPTIONS_BINDPORT: Set the port to bind (unsigned int *).
  • SSH_BIND_OPTIONS_BINDPORT_STR: Set the port to bind (const char *).
  • SSH_BIND_OPTIONS_LOG_VERBOSITY: Set the session logging verbosity (int *). The logging verbosity should have one of the following values, which are listed in order of increasing verbosity. Every log message with verbosity less than or equal to the logging verbosity will be shown.
    • SSH_LOG_NOLOG: No logging
    • SSH_LOG_WARNING: Only warnings
    • SSH_LOG_PROTOCOL: High level protocol information
    • SSH_LOG_PACKET: Lower level protocol infomations, packet level
    • SSH_LOG_FUNCTIONS: Every function path
  • SSH_BIND_OPTIONS_LOG_VERBOSITY_STR: Set the session logging verbosity via a string that will be converted to a numerical value (e.g. "3") and interpreted according to the values of SSH_BIND_OPTIONS_LOG_VERBOSITY above (const char *).
  • SSH_BIND_OPTIONS_DSAKEY: Set the path to the ssh host dsa key, SSHv2 only (const char *).
  • SSH_BIND_OPTIONS_RSAKEY: Set the path to the ssh host rsa key, SSHv2 only (const char *).
  • SSH_BIND_OPTIONS_ECDSAKEY: Set the path to the ssh host ecdsa key, SSHv2 only (const char *).
  • SSH_BIND_OPTIONS_BANNER: Set the server banner sent to clients (const char *).
  • SSH_BIND_OPTIONS_IMPORT_KEY: Set the Private Key for the server directly (ssh_key)
  • SSH_BIND_OPTIONS_CIPHERS_C_S: Set the symmetric cipher client to server (const char *, comma-separated list).
  • SSH_BIND_OPTIONS_CIPHERS_S_C: Set the symmetric cipher server to client (const char *, comma-separated list).
  • SSH_BIND_OPTIONS_KEY_EXCHANGE: Set the key exchange method to be used (const char *, comma-separated list). ex: "ecdh-sha2-nistp256,diffie-hellman-group14-sha1"
  • SSH_BIND_OPTIONS_HMAC_C_S: Set the Message Authentication Code algorithm client to server (const char *, comma-separated list).
  • SSH_BIND_OPTIONS_HMAC_S_C: Set the Message Authentication Code algorithm server to client (const char *, comma-separated list).
  • SSH_BIND_OPTIONS_CONFIG_DIR: Set the directory (const char *, format string) to be used when the "%d" scape is used when providing paths of configuration files to ssh_bind_options_parse_config().
  • SSH_BIND_OPTIONS_PROCESS_CONFIG Set it to false to disable automatic processing of system-wide configuration files. LibSSH automatically uses these configuration files otherwise. This option will only have effect if set before any call to ssh_bind_options_parse_config() (bool).
  • SSH_BIND_OPTIONS_PUBKEY_ACCEPTED_KEY_TYPES: Set the public key algorithm accepted by the server (const char *, comma-separated list).
  • SSH_BIND_OPTIONS_HOSTKEY_ALGORITHMS: Set the list of allowed hostkey signatures algorithms to offer to the client, ordered by preference. This list is used as a filter when creating the list of algorithms to offer to the client: first the list of possible algorithms is created from the list of keys set and then filtered against this list. (const char *, comma-separated list).
Parameters
valueThe value to set. This is a generic pointer and the datatype which should be used is described at the corresponding value of type above.
Returns
0 on success, < 0 on error, invalid option, or parameter.

◆ ssh_bind_set_blocking()

void ssh_bind_set_blocking ( ssh_bind  ssh_bind_o,
int  blocking 
)

Set the session to blocking/nonblocking mode.

Parameters
ssh_bind_oThe ssh server bind to use.
blockingZero for nonblocking mode.

◆ ssh_bind_set_callbacks()

int ssh_bind_set_callbacks ( ssh_bind  sshbind,
ssh_bind_callbacks  callbacks,
void *  userdata 
)

Set the callback for this bind.

Parameters
[in]sshbindThe bind to set the callback on.
[in]callbacksAn already set up ssh_bind_callbacks instance.
[in]userdataA pointer to private data to pass to the callbacks.
Returns
SSH_OK on success, SSH_ERROR if an error occured.
struct ssh_callbacks_struct cb = {
.userdata = data,
.auth_function = my_auth_function
};
ssh_bind_set_callbacks(session, &cb);

◆ ssh_bind_set_fd()

void ssh_bind_set_fd ( ssh_bind  ssh_bind_o,
socket_t  fd 
)

Set the file descriptor for a session.

Parameters
ssh_bind_oThe ssh server bind to set the fd.
fdThe file descriptssh_bind B

◆ ssh_channel_open_reverse_forward()

LIBSSH_API int ssh_channel_open_reverse_forward ( ssh_channel  channel,
const char *  remotehost,
int  remoteport,
const char *  sourcehost,
int  localport 
)

Open a TCP/IP reverse forwarding channel.

Parameters
[in]channelAn allocated channel.
[in]remotehostThe remote host to connected (host name or IP).
[in]remoteportThe remote port.
[in]sourcehostThe source host (your local computer). It's optional and for logging purpose.
[in]localportThe source port (your local computer). It's optional and for logging purpose.
Returns
SSH_OK on success, SSH_ERROR if an error occurred, SSH_AGAIN if in nonblocking mode and call has to be done again.
Warning
This function does not bind the local port and does not automatically forward the content of a socket to the channel. You still have to use channel_read and channel_write for this.

◆ ssh_channel_open_x11()

LIBSSH_API int ssh_channel_open_x11 ( ssh_channel  channel,
const char *  orig_addr,
int  orig_port 
)

Open a X11 channel.

Parameters
[in]channelAn allocated channel.
[in]orig_addrThe source host (the local server).
[in]orig_portThe source port (the local server).
Returns
SSH_OK on success, SSH_ERROR if an error occurred, SSH_AGAIN if in nonblocking mode and call has to be done again.
Warning
This function does not bind the local port and does not automatically forward the content of a socket to the channel. You still have to use channel_read and channel_write for this.

◆ ssh_channel_request_send_exit_signal()

LIBSSH_API int ssh_channel_request_send_exit_signal ( ssh_channel  channel,
const char *  sig,
int  core,
const char *  errmsg,
const char *  lang 
)

Send an exit signal to remote process (RFC 4254, section 6.10).

This sends the exit status of the remote process. Note, that remote system may not support signals concept. In such a case this request will be silently ignored. Only SSH-v2 is supported (I'm not sure about SSH-v1).

Parameters
[in]channelThe channel to send signal.
[in]sigThe signal to send (without SIG prefix) (e.g. "TERM" or "KILL").
[in]coreA boolean to tell if a core was dumped
[in]errmsgA CRLF explanation text about the error condition
[in]langThe language used in the message (format: RFC 3066)
Returns
SSH_OK on success, SSH_ERROR if an error occurred (including attempts to send signal via SSH-v1 session).

◆ ssh_channel_request_send_exit_status()

LIBSSH_API int ssh_channel_request_send_exit_status ( ssh_channel  channel,
int  exit_status 
)

Send the exit status to the remote process.

Sends the exit status to the remote process (as described in RFC 4254, section 6.10). Only SSH-v2 is supported (I'm not sure about SSH-v1).

Parameters
[in]channelThe channel to send exit status.
[in]exit_statusThe exit status to send
Returns
SSH_OK on success, SSH_ERROR if an error occurred. (including attempts to send exit status via SSH-v1 session).

◆ ssh_gssapi_get_creds()

LIBSSH_API ssh_gssapi_creds ssh_gssapi_get_creds ( ssh_session  session)

returns the client credentials of the connected client. If the client has given a forwardable token, the SSH server will retrieve it.

Returns
gssapi credentials handle.
NULL if no forwardable token is available.

◆ ssh_handle_key_exchange()

int ssh_handle_key_exchange ( ssh_session  session)

Handles the key exchange and set up encryption.

Parameters
sessionA connected ssh session
See also
ssh_bind_accept
Returns
SSH_OK if the key exchange was successful

◆ ssh_message_auth_password()

const char * ssh_message_auth_password ( ssh_message  msg)

Get the password of the authenticated user.

Parameters
[in]msgThe message to get the password from.
Returns
The username or NULL if an error occured.
See also
ssh_message_get()
ssh_message_type()

◆ ssh_message_auth_pubkey()

ssh_key ssh_message_auth_pubkey ( ssh_message  msg)

Get the publickey of the authenticated user.

If you need the key for later user you should duplicate it.

Parameters
[in]msgThe message to get the public key from.
Returns
The public key or NULL.
See also
ssh_key_dup()
ssh_key_cmp()
ssh_message_get()
ssh_message_type()

◆ ssh_message_auth_user()

const char * ssh_message_auth_user ( ssh_message  msg)

Get the name of the authenticated user.

Parameters
[in]msgThe message to get the username from.
Returns
The username or NULL if an error occured.
See also
ssh_message_get()
ssh_message_type()

◆ ssh_message_reply_default()

int ssh_message_reply_default ( ssh_message  msg)

Reply with a standard reject message.

Use this function if you don't know what to respond or if you want to reject a request.

Parameters
[in]msgThe message to use for the reply.
Returns
0 on success, -1 on error.
See also
ssh_message_get()

◆ ssh_server_init_kex()

int ssh_server_init_kex ( ssh_session  session)

Initialize the set of key exchange, hostkey, ciphers, MACs, and compression algorithms for the given ssh_session.

The selection of algorithms and keys used are determined by the options that are currently set in the given ssh_session structure. May only be called before the initial key exchange has begun.

Parameters
sessionThe session structure to initialize.
See also
ssh_handle_key_exchange
ssh_options_set
Returns
SSH_OK if initialization succeeds.

◆ ssh_set_auth_methods()

void ssh_set_auth_methods ( ssh_session  session,
int  auth_methods 
)

Set the acceptable authentication methods to be sent to the client.

Parameters
[in]sessionThe server session
[in]auth_methodsThe authentication methods we will support, which can be bitwise-or'd.

Supported methods are:

SSH_AUTH_METHOD_PASSWORD SSH_AUTH_METHOD_PUBLICKEY SSH_AUTH_METHOD_HOSTBASED SSH_AUTH_METHOD_INTERACTIVE SSH_AUTH_METHOD_GSSAPI_MIC

◆ ssh_set_message_callback()

void ssh_set_message_callback ( ssh_session  session,
int(*)(ssh_session session, ssh_message msg, void *data)  ssh_bind_message_callback,
void *  data 
)

defines the ssh_message callback

Parameters
sessionthe current ssh session
[in]ssh_bind_message_callbacka function pointer to a callback taking the current ssh session and received message as parameters. the function returns 0 if the message has been parsed and treated successfully, 1 otherwise (libssh must take care of the response).
[in]datavoid pointer to be passed to callback functions
ssh_callbacks_struct
Definition: callbacks.h:142
ssh_server_callbacks_struct::userdata
void * userdata
Definition: callbacks.h:310
ssh_bind_set_callbacks
LIBSSH_API int ssh_bind_set_callbacks(ssh_bind sshbind, ssh_bind_callbacks callbacks, void *userdata)
Set the callback for this bind.
Definition: bind.c:302
ssh_callbacks_init
#define ssh_callbacks_init(p)
Initializes an ssh_callbacks_struct A call to this macro is mandatory when you have set a new ssh_cal...
Definition: callbacks.h:420