LIBSSH2_SESSION *start_session_fixture()
{
int rc;
setup_fixture_workdir();
rc = start_openssh_fixture();
if(rc != 0) {
return NULL;
}
rc = libssh2_init(0);
if(rc != 0) {
fprintf(stderr, "libssh2_init failed (%d)\n", rc);
return NULL;
}
connected_session = libssh2_session_init_ex(NULL, NULL, NULL, NULL);
libssh2_session_set_blocking(connected_session, 1);
if(connected_session == NULL) {
fprintf(stderr, "libssh2_session_init_ex failed\n");
return NULL;
}
rc = connect_to_server();
if(rc != 0) {
return NULL;
}
return connected_session;
}
static LIBSSH2_SESSION* __guac_ssh_create_session(guac_client* client,
int* socket_fd) {
int retval;
int fd;
struct addrinfo* addresses;
struct addrinfo* current_address;
char connected_address[1024];
char connected_port[64];
ssh_guac_client_data* client_data = (ssh_guac_client_data*) client->data;
struct addrinfo hints = {
.ai_family = AF_UNSPEC,
.ai_socktype = SOCK_STREAM,
.ai_protocol = IPPROTO_TCP
};
/* Get socket */
fd = socket(AF_INET, SOCK_STREAM, 0);
/* Get addresses connection */
if ((retval = getaddrinfo(client_data->hostname, client_data->port,
&hints, &addresses))) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, "Error parsing given address or port: %s",
gai_strerror(retval));
return NULL;
}
/* Attempt connection to each address until success */
current_address = addresses;
while (current_address != NULL) {
int retval;
/* Resolve hostname */
if ((retval = getnameinfo(current_address->ai_addr,
current_address->ai_addrlen,
connected_address, sizeof(connected_address),
connected_port, sizeof(connected_port),
NI_NUMERICHOST | NI_NUMERICSERV)))
guac_client_log_info(client, "Unable to resolve host: %s", gai_strerror(retval));
/* Connect */
if (connect(fd, current_address->ai_addr,
current_address->ai_addrlen) == 0) {
guac_client_log_info(client, "Successfully connected to "
"host %s, port %s", connected_address, connected_port);
/* Done if successful connect */
break;
}
/* Otherwise log information regarding bind failure */
else
guac_client_log_info(client, "Unable to connect to "
"host %s, port %s: %s",
connected_address, connected_port, strerror(errno));
current_address = current_address->ai_next;
}
/* If unable to connect to anything, fail */
if (current_address == NULL) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR, "Unable to connect to any addresses.");
return NULL;
}
/* Free addrinfo */
freeaddrinfo(addresses);
/* Open SSH session */
LIBSSH2_SESSION* session = libssh2_session_init_ex(NULL, NULL,
NULL, client);
if (session == NULL) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, "Session allocation failed.");
return NULL;
}
/* Perform handshake */
if (libssh2_session_handshake(session, fd)) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR, "SSH handshake failed.");
return NULL;
}
/* Save file descriptor */
if (socket_fd != NULL)
*socket_fd = fd;
/* Authenticate with key if available */
if (client_data->key != NULL) {
if (!libssh2_userauth_publickey(session, client_data->username,
(unsigned char*) client_data->key->public_key,
client_data->key->public_key_length,
__sign_callback, (void**) client_data->key))
return session;
else {
char* error_message;
libssh2_session_last_error(session, &error_message, NULL, 0);
guac_client_abort(client, GUAC_PROTOCOL_STATUS_CLIENT_UNAUTHORIZED,
"Public key authentication failed: %s", error_message);
return NULL;
}
}
/* Authenticate with password */
if (!libssh2_userauth_password(session, client_data->username,
client_data->password))
return session;
else {
char* error_message;
libssh2_session_last_error(session, &error_message, NULL, 0);
guac_client_abort(client, GUAC_PROTOCOL_STATUS_CLIENT_UNAUTHORIZED,
"Password authentication failed: %s", error_message);
return NULL;
}
}
/* {{{ php_ssh2_session_connect
* Connect to an SSH server with requested methods
*/
LIBSSH2_SESSION *php_ssh2_session_connect(char *host, int port, zval *methods, zval *callbacks)
{
LIBSSH2_SESSION *session;
int socket;
php_ssh2_session_data *data;
struct timeval tv;
zend_string *hash_lookup_zstring;
tv.tv_sec = FG(default_socket_timeout);
tv.tv_usec = 0;
socket = php_network_connect_socket_to_host(host, port, SOCK_STREAM, 0, &tv, NULL, NULL, NULL, 0, STREAM_SOCKOP_NONE);
if (socket <= 0) {
php_error_docref(NULL, E_WARNING, "Unable to connect to %s on port %d", host, port);
return NULL;
}
data = ecalloc(1, sizeof(php_ssh2_session_data));
data->socket = socket;
session = libssh2_session_init_ex(php_ssh2_alloc_cb, php_ssh2_free_cb, php_ssh2_realloc_cb, data);
if (!session) {
php_error_docref(NULL, E_WARNING, "Unable to initialize SSH2 session");
efree(data);
closesocket(socket);
return NULL;
}
libssh2_banner_set(session, LIBSSH2_SSH_DEFAULT_BANNER " PHP");
/* Override method preferences */
if (methods) {
zval *container;
if (php_ssh2_set_method(session, HASH_OF(methods), "kex", sizeof("kex") - 1, LIBSSH2_METHOD_KEX)) {
php_error_docref(NULL, E_WARNING, "Failed overriding KEX method");
}
if (php_ssh2_set_method(session, HASH_OF(methods), "hostkey", sizeof("hostkey") - 1, LIBSSH2_METHOD_HOSTKEY)) {
php_error_docref(NULL, E_WARNING, "Failed overriding HOSTKEY method");
}
hash_lookup_zstring = zend_string_init("client_to_server", sizeof("client_to_server") - 1, 0);
if ((container = zend_hash_find(HASH_OF(methods), hash_lookup_zstring)) != NULL && Z_TYPE_P(container) == IS_ARRAY) {
if (php_ssh2_set_method(session, HASH_OF(container), "crypt", sizeof("crypt") - 1, LIBSSH2_METHOD_CRYPT_CS)) {
php_error_docref(NULL, E_WARNING, "Failed overriding client to server CRYPT method");
}
if (php_ssh2_set_method(session, HASH_OF(container), "mac", sizeof("mac") - 1, LIBSSH2_METHOD_MAC_CS)) {
php_error_docref(NULL, E_WARNING, "Failed overriding client to server MAC method");
}
if (php_ssh2_set_method(session, HASH_OF(container), "comp", sizeof("comp") - 1, LIBSSH2_METHOD_COMP_CS)) {
php_error_docref(NULL, E_WARNING, "Failed overriding client to server COMP method");
}
if (php_ssh2_set_method(session, HASH_OF(container), "lang", sizeof("lang") - 1, LIBSSH2_METHOD_LANG_CS)) {
php_error_docref(NULL, E_WARNING, "Failed overriding client to server LANG method");
}
}
zend_string_release(hash_lookup_zstring);
hash_lookup_zstring = zend_string_init("server_to_client", sizeof("server_to_client") - 1, 0);
if ((container = zend_hash_find(HASH_OF(methods), hash_lookup_zstring)) != NULL && Z_TYPE_P(container) == IS_ARRAY) {
if (php_ssh2_set_method(session, HASH_OF(container), "crypt", sizeof("crypt") - 1, LIBSSH2_METHOD_CRYPT_SC)) {
php_error_docref(NULL, E_WARNING, "Failed overriding server to client CRYPT method");
}
if (php_ssh2_set_method(session, HASH_OF(container), "mac", sizeof("mac") - 1, LIBSSH2_METHOD_MAC_SC)) {
php_error_docref(NULL, E_WARNING, "Failed overriding server to client MAC method");
}
if (php_ssh2_set_method(session, HASH_OF(container), "comp", sizeof("comp") - 1, LIBSSH2_METHOD_COMP_SC)) {
php_error_docref(NULL, E_WARNING, "Failed overriding server to client COMP method");
}
if (php_ssh2_set_method(session, HASH_OF(container), "lang", sizeof("lang") - 1, LIBSSH2_METHOD_LANG_SC)) {
php_error_docref(NULL, E_WARNING, "Failed overriding server to client LANG method");
}
}
zend_string_release(hash_lookup_zstring);
}
/* Register Callbacks */
if (callbacks) {
/* ignore debug disconnect macerror */
if (php_ssh2_set_callback(session, HASH_OF(callbacks), "ignore", sizeof("ignore") - 1, LIBSSH2_CALLBACK_IGNORE, data)) {
php_error_docref(NULL, E_WARNING, "Failed setting IGNORE callback");
}
if (php_ssh2_set_callback(session, HASH_OF(callbacks), "debug", sizeof("debug") - 1, LIBSSH2_CALLBACK_DEBUG, data)) {
php_error_docref(NULL, E_WARNING, "Failed setting DEBUG callback");
}
if (php_ssh2_set_callback(session, HASH_OF(callbacks), "macerror", sizeof("macerror") - 1, LIBSSH2_CALLBACK_MACERROR, data)) {
php_error_docref(NULL, E_WARNING, "Failed setting MACERROR callback");
}
if (php_ssh2_set_callback(session, HASH_OF(callbacks), "disconnect", sizeof("disconnect") - 1, LIBSSH2_CALLBACK_DISCONNECT, data)) {
php_error_docref(NULL, E_WARNING, "Failed setting DISCONNECT callback");
}
}
if (libssh2_session_startup(session, socket)) {
int last_error = 0;
char *error_msg = NULL;
last_error = libssh2_session_last_error(session, &error_msg, NULL, 0);
php_error_docref(NULL, E_WARNING, "Error starting up SSH connection(%d): %s", last_error, error_msg);
closesocket(socket);
libssh2_session_free(session);
efree(data);
return NULL;
}
return session;
}
guac_common_ssh_session* guac_common_ssh_create_session(guac_client* client,
const char* hostname, const char* port, guac_common_ssh_user* user) {
int retval;
int fd;
struct addrinfo* addresses;
struct addrinfo* current_address;
char connected_address[1024];
char connected_port[64];
struct addrinfo hints = {
.ai_family = AF_UNSPEC,
.ai_socktype = SOCK_STREAM,
.ai_protocol = IPPROTO_TCP
};
/* Get socket */
fd = socket(AF_INET, SOCK_STREAM, 0);
if (fd < 0) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
"Unable to create socket: %s", strerror(errno));
return NULL;
}
/* Get addresses connection */
if ((retval = getaddrinfo(hostname, port, &hints, &addresses))) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
"Error parsing given address or port: %s",
gai_strerror(retval));
close(fd);
return NULL;
}
/* Attempt connection to each address until success */
current_address = addresses;
while (current_address != NULL) {
/* Resolve hostname */
if ((retval = getnameinfo(current_address->ai_addr,
current_address->ai_addrlen,
connected_address, sizeof(connected_address),
connected_port, sizeof(connected_port),
NI_NUMERICHOST | NI_NUMERICSERV)))
guac_client_log(client, GUAC_LOG_DEBUG,
"Unable to resolve host: %s", gai_strerror(retval));
/* Connect */
if (connect(fd, current_address->ai_addr,
current_address->ai_addrlen) == 0) {
guac_client_log(client, GUAC_LOG_DEBUG,
"Successfully connected to host %s, port %s",
connected_address, connected_port);
/* Done if successful connect */
break;
}
/* Otherwise log information regarding bind failure */
else
guac_client_log(client, GUAC_LOG_DEBUG, "Unable to connect to "
"host %s, port %s: %s",
connected_address, connected_port, strerror(errno));
current_address = current_address->ai_next;
}
/* If unable to connect to anything, fail */
if (current_address == NULL) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR,
"Unable to connect to any addresses.");
close(fd);
return NULL;
}
/* Free addrinfo */
freeaddrinfo(addresses);
/* Allocate new session */
guac_common_ssh_session* common_session =
malloc(sizeof(guac_common_ssh_session));
/* Open SSH session */
LIBSSH2_SESSION* session = libssh2_session_init_ex(NULL, NULL,
NULL, common_session);
if (session == NULL) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR,
"Session allocation failed.");
free(common_session);
close(fd);
return NULL;
}
/* Perform handshake */
if (libssh2_session_handshake(session, fd)) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR,
"SSH handshake failed.");
free(common_session);
close(fd);
return NULL;
}
/* Store basic session data */
common_session->client = client;
common_session->user = user;
common_session->session = session;
common_session->fd = fd;
/* Attempt authentication */
if (guac_common_ssh_authenticate(common_session)) {
free(common_session);
close(fd);
return NULL;
}
/* Return created session */
return common_session;
}
/*
* Curl_ssh_connect() gets called from Curl_protocol_connect() to allow us to
* do protocol-specific actions at connect-time.
*/
CURLcode Curl_ssh_connect(struct connectdata *conn, bool *done)
{
int i;
struct SSHPROTO *ssh;
const char *fingerprint;
const char *authlist;
char *home;
char rsa_pub[PATH_MAX];
char rsa[PATH_MAX];
char tempHome[PATH_MAX];
curl_socket_t sock;
char *real_path;
char *working_path;
int working_path_len;
bool authed = FALSE;
CURLcode result;
struct SessionHandle *data = conn->data;
rsa_pub[0] = rsa[0] = '\0';
result = ssh_init(conn);
if (result)
return result;
ssh = data->reqdata.proto.ssh;
working_path = curl_easy_unescape(data, data->reqdata.path, 0,
&working_path_len);
if (!working_path)
return CURLE_OUT_OF_MEMORY;
#ifdef CURL_LIBSSH2_DEBUG
if (ssh->user) {
infof(data, "User: %s\n", ssh->user);
}
if (ssh->passwd) {
infof(data, "Password: %s\n", ssh->passwd);
}
#endif /* CURL_LIBSSH2_DEBUG */
sock = conn->sock[FIRSTSOCKET];
ssh->ssh_session = libssh2_session_init_ex(libssh2_malloc, libssh2_free,
libssh2_realloc, ssh);
if (ssh->ssh_session == NULL) {
failf(data, "Failure initialising ssh session\n");
Curl_safefree(ssh->path);
return CURLE_FAILED_INIT;
}
#ifdef CURL_LIBSSH2_DEBUG
infof(data, "SSH socket: %d\n", sock);
#endif /* CURL_LIBSSH2_DEBUG */
if (libssh2_session_startup(ssh->ssh_session, sock)) {
failf(data, "Failure establishing ssh session\n");
libssh2_session_free(ssh->ssh_session);
ssh->ssh_session = NULL;
Curl_safefree(ssh->path);
return CURLE_FAILED_INIT;
}
/*
* Before we authenticate we should check the hostkey's fingerprint against
* our known hosts. How that is handled (reading from file, whatever) is
* up to us. As for know not much is implemented, besides showing how to
* get the fingerprint.
*/
fingerprint = libssh2_hostkey_hash(ssh->ssh_session,
LIBSSH2_HOSTKEY_HASH_MD5);
#ifdef CURL_LIBSSH2_DEBUG
/* The fingerprint points to static storage (!), don't free() it. */
infof(data, "Fingerprint: ");
for (i = 0; i < 16; i++) {
infof(data, "%02X ", (unsigned char) fingerprint[i]);
}
infof(data, "\n");
#endif /* CURL_LIBSSH2_DEBUG */
/* TBD - methods to check the host keys need to be done */
/*
* Figure out authentication methods
* NB: As soon as we have provided a username to an openssh server we must
* never change it later. Thus, always specify the correct username here,
* even though the libssh2 docs kind of indicate that it should be possible
* to get a 'generic' list (not user-specific) of authentication methods,
* presumably with a blank username. That won't work in my experience.
* So always specify it here.
*/
authlist = libssh2_userauth_list(ssh->ssh_session, ssh->user,
strlen(ssh->user));
/*
* Check the supported auth types in the order I feel is most secure with the
* requested type of authentication
*/
if ((data->set.ssh_auth_types & CURLSSH_AUTH_PUBLICKEY) &&
(strstr(authlist, "publickey") != NULL)) {
/* To ponder about: should really the lib be messing about with the HOME
environment variable etc? */
home = curl_getenv("HOME");
if (data->set.ssh_public_key)
snprintf(rsa_pub, sizeof(rsa_pub), "%s", data->set.ssh_public_key);
else if (home)
snprintf(rsa_pub, sizeof(rsa_pub), "%s/.ssh/id_dsa.pub", home);
if (data->set.ssh_private_key)
snprintf(rsa, sizeof(rsa), "%s", data->set.ssh_private_key);
else if (home)
snprintf(rsa, sizeof(rsa), "%s/.ssh/id_dsa", home);
curl_free(home);
if (rsa_pub[0]) {
/* The function below checks if the files exists, no need to stat() here.
*/
if (libssh2_userauth_publickey_fromfile(ssh->ssh_session, ssh->user,
rsa_pub, rsa, "") == 0) {
authed = TRUE;
}
}
}
if (!authed &&
(data->set.ssh_auth_types & CURLSSH_AUTH_PASSWORD) &&
(strstr(authlist, "password") != NULL)) {
if (!libssh2_userauth_password(ssh->ssh_session, ssh->user, ssh->passwd))
authed = TRUE;
}
if (!authed && (data->set.ssh_auth_types & CURLSSH_AUTH_HOST) &&
(strstr(authlist, "hostbased") != NULL)) {
}
if (!authed && (data->set.ssh_auth_types & CURLSSH_AUTH_KEYBOARD)
&& (strstr(authlist, "keyboard-interactive") != NULL)) {
/* Authentication failed. Continue with keyboard-interactive now. */
if (libssh2_userauth_keyboard_interactive_ex(ssh->ssh_session, ssh->user,
strlen(ssh->user),
&kbd_callback) == 0) {
authed = TRUE;
}
}
if (!authed) {
failf(data, "Authentication failure\n");
libssh2_session_free(ssh->ssh_session);
ssh->ssh_session = NULL;
Curl_safefree(ssh->path);
return CURLE_FAILED_INIT;
}
/*
* At this point we have an authenticated ssh session.
*/
conn->sockfd = sock;
conn->writesockfd = CURL_SOCKET_BAD;
if (conn->protocol == PROT_SFTP) {
/*
* Start the libssh2 sftp session
*/
ssh->sftp_session = libssh2_sftp_init(ssh->ssh_session);
if (ssh->sftp_session == NULL) {
failf(data, "Failure initialising sftp session\n");
libssh2_sftp_shutdown(ssh->sftp_session);
ssh->sftp_session = NULL;
libssh2_session_free(ssh->ssh_session);
ssh->ssh_session = NULL;
return CURLE_FAILED_INIT;
}
/*
* Get the "home" directory
*/
i = libssh2_sftp_realpath(ssh->sftp_session, ".", tempHome, PATH_MAX-1);
if (i > 0) {
/* It seems that this string is not always NULL terminated */
tempHome[i] = '\0';
ssh->homedir = (char *)strdup(tempHome);
if (!ssh->homedir) {
libssh2_sftp_shutdown(ssh->sftp_session);
ssh->sftp_session = NULL;
libssh2_session_free(ssh->ssh_session);
ssh->ssh_session = NULL;
return CURLE_OUT_OF_MEMORY;
}
}
else {
/* Return the error type */
i = libssh2_sftp_last_error(ssh->sftp_session);
DEBUGF(infof(data, "error = %d\n", i));
}
}
/* Check for /~/ , indicating realative to the users home directory */
if (conn->protocol == PROT_SCP) {
real_path = (char *)malloc(working_path_len+1);
if (real_path == NULL) {
Curl_safefree(working_path);
libssh2_session_free(ssh->ssh_session);
ssh->ssh_session = NULL;
return CURLE_OUT_OF_MEMORY;
}
if (working_path[1] == '~')
/* It is referenced to the home directory, so strip the leading '/' */
memcpy(real_path, working_path+1, 1 + working_path_len-1);
else
memcpy(real_path, working_path, 1 + working_path_len);
}
else if (conn->protocol == PROT_SFTP) {
if (working_path[1] == '~') {
real_path = (char *)malloc(strlen(ssh->homedir) +
working_path_len + 1);
if (real_path == NULL) {
libssh2_sftp_shutdown(ssh->sftp_session);
ssh->sftp_session = NULL;
libssh2_session_free(ssh->ssh_session);
ssh->ssh_session = NULL;
Curl_safefree(working_path);
return CURLE_OUT_OF_MEMORY;
}
/* It is referenced to the home directory, so strip the leading '/' */
memcpy(real_path, ssh->homedir, strlen(ssh->homedir));
real_path[strlen(ssh->homedir)] = '/';
real_path[strlen(ssh->homedir)+1] = '\0';
if (working_path_len > 3) {
memcpy(real_path+strlen(ssh->homedir)+1, working_path + 3,
1 + working_path_len -3);
}
}
else {
real_path = (char *)malloc(working_path_len+1);
if (real_path == NULL) {
libssh2_session_free(ssh->ssh_session);
ssh->ssh_session = NULL;
Curl_safefree(working_path);
return CURLE_OUT_OF_MEMORY;
}
memcpy(real_path, working_path, 1+working_path_len);
}
}
else
return CURLE_FAILED_INIT;
Curl_safefree(working_path);
ssh->path = real_path;
*done = TRUE;
return CURLE_OK;
}
static int
ssh_new_connection(obfsproxyssh_client_session_t *session,
struct sockaddr_in *addr, const char *args)
{
obfsproxyssh_t *state = session->client->state;
char addr_buf[INET_ADDRSTRLEN];
char *cached_arg;
uint32_t tmp;
bstring tmp_addr;
int rval;
evutil_inet_ntop(AF_INET, &addr->sin_addr, addr_buf, INET_ADDRSTRLEN);
tmp_addr = bformat("%s:%d", addr_buf, ntohs(addr->sin_port));
if (0 == state->unsafe_logging) {
tmp = ntohl(addr->sin_addr.s_addr);
tmp &= 0x000000ff;
session->ssh_addr = bformat("xxx.xxx.xxx.%d:%d", tmp,
ntohs(addr->sin_port));
} else {
session->ssh_addr = bstrcpy(tmp_addr);
}
log_f(state, "SOCKS: %s SOCKS 4 CONNECT -> %s",
bdata(session->socks_addr), bdata(session->ssh_addr));
cached_arg = client_arg_cache(session->client, tmp_addr, args);
bdestroy(tmp_addr);
rval = ssh_parse_args(session, cached_arg);
if (rval) {
log_f(state, "SOCKS: Error: %s Invalid arguments in CONNECT",
bdata(session->socks_addr));
return -1;
}
/* Note: Yes, this needs defered callbacks */
session->ssh_ev = bufferevent_socket_new(state->base, -1,
BEV_OPT_CLOSE_ON_FREE | BEV_OPT_DEFER_CALLBACKS);
if (NULL == session->ssh_ev) {
log_f(state, "SOCKS: Error: %s Failed to allocate ssh event",
bdata(session->socks_addr));
return -1;
}
bufferevent_setcb(session->ssh_ev, NULL, NULL, ssh_event_cb, session);
rval = bufferevent_socket_connect(session->ssh_ev,
(struct sockaddr *) addr, sizeof (struct sockaddr_in));
if (rval < 0) {
log_f(state, "SOCKS: Error: %s Failed to connect ssh socket",
bdata(session->socks_addr));
return -1;
}
session->ssh_session = libssh2_session_init_ex(NULL, NULL, NULL, session);
if (NULL == session->ssh_session) {
log_f(state, "SOCKS: Error: %s Failed to initialize libssh2 session",
bdata(session->socks_addr));
return -1;
}
libssh2_session_callback_set(session->ssh_session,
LIBSSH2_CALLBACK_RECV, libssh2_recv_cb);
libssh2_session_callback_set(session->ssh_session,
LIBSSH2_CALLBACK_SEND, libssh2_send_cb);
libssh2_session_set_blocking(session->ssh_session, 0);
rval = ssh_client_profile_set(session);
if (rval < 0) {
log_f(state, "SOCKS: Error: Failed to enable fingerprint resistance",
bdata(session->socks_addr));
return -1;
}
/*
* This only works with debug builds of libssh2 and creates an
* astronomical amount of log spam.
*/
#ifdef TRACE_LIBSSH2
if (1 == state->unsafe_logging) {
libssh2_trace(session->ssh_session, LIBSSH2_TRACE_SOCKET |
LIBSSH2_TRACE_TRANS | LIBSSH2_TRACE_KEX |
LIBSSH2_TRACE_AUTH | LIBSSH2_TRACE_CONN |
LIBSSH2_TRACE_ERROR);
libssh2_trace_sethandler(session->ssh_session, state,
libssh2_trace_cb);
}
#endif
return 0;
}
