The libssh server API

Data Structures

struct  ssh_bind_callbacks
 These are the callbacks exported by the ssh_bind structure. More...

Typedefs

typedef void(* ssh_bind_incoming_connection_callback )(ssh_bind sshbind, void *userdata)
 Incoming connection callback.

Functions

int ssh_bind_accept (ssh_bind ssh_bind_o, ssh_session session)
 Accept an incoming ssh connection and initialize the session.
int ssh_bind_accept_fd (ssh_bind ssh_bind_o, ssh_session session, socket_t fd)
 Accept an incoming ssh connection on the given file descriptor and initialize the session.
void ssh_bind_fd_toaccept (ssh_bind ssh_bind_o)
 Allow the file descriptor to accept new sessions.
void ssh_bind_free (ssh_bind ssh_bind_o)
 Free a ssh servers bind.
socket_t ssh_bind_get_fd (ssh_bind ssh_bind_o)
 Recover the file descriptor from the session.
int ssh_bind_listen (ssh_bind ssh_bind_o)
 Start listening to the socket.
ssh_bind ssh_bind_new (void)
 Creates a new SSH server bind.
int ssh_bind_options_set (ssh_bind sshbind, enum ssh_bind_options_e type, const void *value)
 Set options for an SSH server bind.
void ssh_bind_set_blocking (ssh_bind ssh_bind_o, int blocking)
 Set the session to blocking/nonblocking mode.
int ssh_bind_set_callbacks (ssh_bind sshbind, ssh_bind_callbacks callbacks, void *userdata)
 Set the callback for this bind.
void ssh_bind_set_fd (ssh_bind ssh_bind_o, socket_t fd)
 Set the file descriptor for a session.
int ssh_channel_open_reverse_forward (ssh_channel channel, const char *remotehost, int remoteport, const char *sourcehost, int localport)
 Open a TCP/IP reverse forwarding channel.
int ssh_channel_open_x11 (ssh_channel channel, const char *orig_addr, int orig_port)
 Open a X11 channel.
int ssh_channel_request_send_exit_signal (ssh_channel channel, const char *signum, int core, const char *errmsg, const char *lang)
 Send an exit signal to remote process (RFC 4254, section 6.10).
int ssh_channel_request_send_exit_status (ssh_channel channel, int exit_status)
 Send the exit status to the remote process.
int ssh_channel_write_stderr (ssh_channel channel, const void *data, uint32_t len)
 Blocking write on a channel stderr.
ssh_gssapi_creds ssh_gssapi_get_creds (ssh_session session)
 returns the client credentials of the connected client.
int ssh_handle_key_exchange (ssh_session session)
 Handles the key exchange and set up encryption.
const char * ssh_message_auth_password (ssh_message msg)
 Get the password of the authenticated user.
ssh_key ssh_message_auth_pubkey (ssh_message msg)
 Get the publickey of the authenticated user.
const char * ssh_message_auth_user (ssh_message msg)
 Get the name of the authenticated user.
int ssh_message_reply_default (ssh_message msg)
 Reply with a standard reject message.
void ssh_set_auth_methods (ssh_session session, int auth_methods)
 Set the acceptable authentication methods to be sent to client.
void ssh_set_message_callback (ssh_session session, int(*ssh_bind_message_callback)(ssh_session session, ssh_message msg, void *data), void *data)
 defines the ssh_message callback

Typedef Documentation

typedef void(* ssh_bind_incoming_connection_callback)(ssh_bind sshbind, void *userdata)

Incoming connection callback.

This callback is called when a ssh_bind has a new incoming connection.

Parameters:
sshbind Current sshbind session handler
userdata Userdata to be passed to the callback function.

Function Documentation

int ssh_bind_accept ( ssh_bind  ssh_bind_o,
ssh_session  session 
)

Accept an incoming ssh connection and initialize the session.

Parameters:
ssh_bind_o The ssh server bind to accept a connection.
session A preallocated ssh session
See also:
ssh_new
Returns:
SSH_OK when a connection is established

References ssh_bind_accept_fd().

int ssh_bind_accept_fd ( ssh_bind  ssh_bind_o,
ssh_session  session,
socket_t  fd 
)

Accept an incoming ssh connection on the given file descriptor and initialize the session.

Parameters:
ssh_bind_o The ssh server bind to accept a connection.
session A preallocated ssh session
fd A file descriptor of an already established TCP inbound connection
See also:
ssh_new
ssh_bind_accept
Returns:
SSH_OK when a connection is established

Referenced by ssh_bind_accept().

void ssh_bind_fd_toaccept ( ssh_bind  ssh_bind_o  ) 

Allow the file descriptor to accept new sessions.

Parameters:
ssh_bind_o The ssh server bind to use.
void ssh_bind_free ( ssh_bind  ssh_bind_o  ) 

Free a ssh servers bind.

Parameters:
ssh_bind_o The ssh server bind to free.

References ssh_key_free().

socket_t ssh_bind_get_fd ( ssh_bind  ssh_bind_o  ) 

Recover the file descriptor from the session.

Parameters:
ssh_bind_o The ssh server bind to get the fd from.
Returns:
The file descriptor.
int ssh_bind_listen ( ssh_bind  ssh_bind_o  ) 

Start listening to the socket.

Parameters:
ssh_bind_o The ssh server bind to use.
Returns:
0 on success, < 0 on error.

References ssh_init(), and ssh_key_free().

ssh_bind ssh_bind_new ( void   ) 

Creates a new SSH server bind.

Returns:
A newly allocated ssh_bind session pointer.
int ssh_bind_options_set ( ssh_bind  sshbind,
enum ssh_bind_options_e  type,
const void *  value 
)

Set options for an SSH server bind.

Parameters:
sshbind The ssh server bind to configure.
type The option type to set. This should be one of the following:
  • SSH_BIND_OPTIONS_HOSTKEY: Set the path to an ssh host key, regardless of type. Only one key from per key type (RSA, DSA, ECDSA) is allowed in an ssh_bind at a time, and later calls to this function with this option for the same key type will override prior calls (const char *).
  • SSH_BIND_OPTIONS_BINDADDR: Set the IP address to bind (const char *).
  • SSH_BIND_OPTIONS_BINDPORT: Set the port to bind (unsigned int *).
  • SSH_BIND_OPTIONS_BINDPORT_STR: Set the port to bind (const char *).
  • SSH_BIND_OPTIONS_LOG_VERBOSITY: Set the session logging verbosity (int *). The logging verbosity should have one of the following values, which are listed in order of increasing verbosity. Every log message with verbosity less than or equal to the logging verbosity will be shown.
    • SSH_LOG_NOLOG: No logging
    • SSH_LOG_RARE: Rare conditions or warnings
    • SSH_LOG_ENTRY: API-accessible entrypoints
    • SSH_LOG_PACKET: Packet id and size
    • SSH_LOG_FUNCTIONS: Function entering and leaving
  • SSH_BIND_OPTIONS_LOG_VERBOSITY_STR: Set the session logging verbosity via a string that will be converted to a numerical value (e.g. "3") and interpreted according to the values of SSH_BIND_OPTIONS_LOG_VERBOSITY above (const char *).
  • SSH_BIND_OPTIONS_DSAKEY: Set the path to the ssh host dsa key, SSHv2 only (const char *).
  • SSH_BIND_OPTIONS_RSAKEY: Set the path to the ssh host rsa key, SSHv2 only (const char *).
  • SSH_BIND_OPTIONS_ECDSAKEY: Set the path to the ssh host ecdsa key, SSHv2 only (const char *).
  • SSH_BIND_OPTIONS_BANNER: Set the server banner sent to clients (const char *).
Parameters:
value The value to set. This is a generic pointer and the datatype which should be used is described at the corresponding value of type above.
Returns:
0 on success, < 0 on error, invalid option, or parameter.

References ssh_key_free(), ssh_key_type(), ssh_pki_import_privkey_file(), and ssh_set_log_level().

void ssh_bind_set_blocking ( ssh_bind  ssh_bind_o,
int  blocking 
)

Set the session to blocking/nonblocking mode.

Parameters:
ssh_bind_o The ssh server bind to use.
blocking Zero for nonblocking mode.
int ssh_bind_set_callbacks ( ssh_bind  sshbind,
ssh_bind_callbacks  callbacks,
void *  userdata 
)

Set the callback for this bind.

Parameters:
[in] sshbind The bind to set the callback on.
[in] callbacks An already set up ssh_bind_callbacks instance.
[in] userdata A pointer to private data to pass to the callbacks.
Returns:
SSH_OK on success, SSH_ERROR if an error occured.
     struct ssh_callbacks_struct cb = {
         .userdata = data,
         .auth_function = my_auth_function
     };
     ssh_callbacks_init(&cb);
     ssh_bind_set_callbacks(session, &cb);
void ssh_bind_set_fd ( ssh_bind  ssh_bind_o,
socket_t  fd 
)

Set the file descriptor for a session.

Parameters:
ssh_bind_o The ssh server bind to set the fd.
fd The file descriptssh_bind B
int ssh_channel_open_reverse_forward ( ssh_channel  channel,
const char *  remotehost,
int  remoteport,
const char *  sourcehost,
int  localport 
)

Open a TCP/IP reverse forwarding channel.

Parameters:
[in] channel An allocated channel.
[in] remotehost The remote host to connected (host name or IP).
[in] remoteport The remote port.
[in] sourcehost The source host (your local computer). It's optional and for logging purpose.
[in] localport The source port (your local computer). It's optional and for logging purpose.
Returns:
SSH_OK on success, SSH_ERROR if an error occurred, SSH_AGAIN if in nonblocking mode and call has to be done again.
Warning:
This function does not bind the local port and does not automatically forward the content of a socket to the channel. You still have to use channel_read and channel_write for this.

References ssh_buffer_free(), and ssh_buffer_new().

int ssh_channel_open_x11 ( ssh_channel  channel,
const char *  orig_addr,
int  orig_port 
)

Open a X11 channel.

Parameters:
[in] channel An allocated channel.
[in] orig_addr The source host (the local server).
[in] orig_port The source port (the local server).
Returns:
SSH_OK on success, SSH_ERROR if an error occurred, SSH_AGAIN if in nonblocking mode and call has to be done again.
Warning:
This function does not bind the local port and does not automatically forward the content of a socket to the channel. You still have to use channel_read and channel_write for this.

References ssh_buffer_free(), and ssh_buffer_new().

int ssh_channel_request_send_exit_signal ( ssh_channel  channel,
const char *  sig,
int  core,
const char *  errmsg,
const char *  lang 
)

Send an exit signal to remote process (RFC 4254, section 6.10).

This sends the exit status of the remote process. Note, that remote system may not support signals concept. In such a case this request will be silently ignored. Only SSH-v2 is supported (I'm not sure about SSH-v1).

Parameters:
[in] channel The channel to send signal.
[in] sig The signal to send (without SIG prefix) (e.g. "TERM" or "KILL").
[in] core A boolean to tell if a core was dumped
[in] errmsg A CRLF explanation text about the error condition
[in] lang The language used in the message (format: RFC 3066)
Returns:
SSH_OK on success, SSH_ERROR if an error occurred (including attempts to send signal via SSH-v1 session).

References ssh_buffer_free(), and ssh_buffer_new().

int ssh_channel_request_send_exit_status ( ssh_channel  channel,
int  exit_status 
)

Send the exit status to the remote process.

Sends the exit status to the remote process (as described in RFC 4254, section 6.10). Only SSH-v2 is supported (I'm not sure about SSH-v1).

Parameters:
[in] channel The channel to send exit status.
[in] exit_status The exit status to send
Returns:
SSH_OK on success, SSH_ERROR if an error occurred. (including attempts to send exit status via SSH-v1 session).

References ssh_buffer_free(), and ssh_buffer_new().

int ssh_channel_write_stderr ( ssh_channel  channel,
const void *  data,
uint32_t  len 
)

Blocking write on a channel stderr.

Parameters:
[in] channel The channel to write to.
[in] data A pointer to the data to write.
[in] len The length of the buffer to write to.
Returns:
The number of bytes written, SSH_ERROR on error.
See also:
ssh_channel_read()

Referenced by ssh::Channel::write().

ssh_gssapi_creds ssh_gssapi_get_creds ( ssh_session  session  ) 

returns the client credentials of the connected client.

If the client has given a forwardable token, the SSH server will retrieve it.

Returns:
gssapi credentials handle.
NULL if no forwardable token is available.
int ssh_handle_key_exchange ( ssh_session  session  ) 

Handles the key exchange and set up encryption.

Parameters:
session A connected ssh session
See also:
ssh_bind_accept
Returns:
SSH_OK if the key exchange was successful

References SSH_LOG_PACKET.

const char * ssh_message_auth_password ( ssh_message  msg  ) 

Get the password of the authenticated user.

Parameters:
[in] msg The message to get the password from.
Returns:
The username or NULL if an error occured.
See also:
ssh_message_get()
ssh_message_type()
ssh_key ssh_message_auth_pubkey ( ssh_message  msg  ) 

Get the publickey of the authenticated user.

If you need the key for later user you should duplicate it.

Parameters:
[in] msg The message to get the public key from.
Returns:
The public key or NULL.
See also:
ssh_key_dup()
ssh_key_cmp()
ssh_message_get()
ssh_message_type()
const char * ssh_message_auth_user ( ssh_message  msg  ) 

Get the name of the authenticated user.

Parameters:
[in] msg The message to get the username from.
Returns:
The username or NULL if an error occured.
See also:
ssh_message_get()
ssh_message_type()
int ssh_message_reply_default ( ssh_message  msg  ) 

Reply with a standard reject message.

Use this function if you don't know what to respond or if you want to reject a request.

Parameters:
[in] msg The message to use for the reply.
Returns:
0 on success, -1 on error.
See also:
ssh_message_get()

References SSH_LOG_PACKET.

void ssh_set_auth_methods ( ssh_session  session,
int  auth_methods 
)

Set the acceptable authentication methods to be sent to client.

Parameters:
[in] session the SSH server session
[in] auth_methods Bitfield of authentication methods to be accepted, e.g. SSH_AUTH_METHOD_PUBLICKEY
void ssh_set_message_callback ( ssh_session  session,
int(*)(ssh_session session, ssh_message msg, void *data)  ssh_bind_message_callback,
void *  data 
)

defines the ssh_message callback

Parameters:
session the current ssh session
[in] ssh_bind_message_callback a function pointer to a callback taking the current ssh session and received message as parameters. the function returns 0 if the message has been parsed and treated successfully, 1 otherwise (libssh must take care of the response).
[in] data void pointer to be passed to callback functions

Generated on 24 Jun 2015 for libssh by  doxygen 1.6.1