static void php_ssh2_session_dtor(zend_resource *rsrc)
{
LIBSSH2_SESSION *session = (LIBSSH2_SESSION*)rsrc->ptr;
php_ssh2_session_data **data = (php_ssh2_session_data**)libssh2_session_abstract(session);
libssh2_session_disconnect(session, "PECL/ssh2 (http://pecl.php.net/packages/ssh2)");
if (*data) {
if ((*data)->ignore_cb) {
zval_ptr_dtor((*data)->ignore_cb);
}
if ((*data)->debug_cb) {
zval_ptr_dtor((*data)->debug_cb);
}
if ((*data)->macerror_cb) {
zval_ptr_dtor((*data)->macerror_cb);
}
if ((*data)->disconnect_cb) {
zval_ptr_dtor((*data)->disconnect_cb);
}
closesocket((*data)->socket);
efree(*data);
*data = NULL;
}
libssh2_session_free(session);
}
/*
* Constructor for Session objects, never called by Python code directly
*
* Arguments: cert - A "real" Session certificate object
* Returns: The newly created Session object
*/
SSH2_SessionObj *
SSH2_Session_New(LIBSSH2_SESSION *session)
{
SSH2_SessionObj *self;
if ((self = PyObject_New(SSH2_SessionObj, &SSH2_Session_Type)) == NULL)
return NULL;
self->session = session;
self->opened = 0;
self->socket = Py_None;
self->cb_ignore = Py_None;
self->cb_debug = Py_None;
self->cb_disconnect = Py_None;
self->cb_macerror = Py_None;
self->cb_x11 = Py_None;
self->cb_passwd_changereq = Py_None;
self->cb_kbdint_response = Py_None;
Py_INCREF(Py_None);
Py_INCREF(Py_None);
Py_INCREF(Py_None);
Py_INCREF(Py_None);
Py_INCREF(Py_None);
Py_INCREF(Py_None);
Py_INCREF(Py_None);
Py_INCREF(Py_None);
*libssh2_session_abstract(session) = self;
libssh2_banner_set(session, LIBSSH2_SSH_DEFAULT_BANNER " Python");
return self;
}
void client_d::connect() {
try {
if( libssh2_init(0) < 0 ) {
MACE_SSH_THROW( "Unable to init libssh2" );
}
slog( "resolve %1%:%2%", hostname, port );
std::vector<mace::cmt::asio::tcp::endpoint> eps
= mace::cmt::asio::tcp::resolve( hostname, boost::lexical_cast<std::string>(port));
slog( "resolved %1% options", eps.size() );
if( eps.size() == 0 ) {
MACE_SSH_THROW( "Hostname '%1%' didn't resolve to any endpoints", %hostname );
}
m_sock.reset( new boost::asio::ip::tcp::socket( mace::cmt::asio::default_io_service() ) );
for( uint32_t i = 0; i < eps.size(); ++i ) {
try {
mace::cmt::asio::tcp::connect( *m_sock, eps[i] );
endpt = eps[i];
break;
} catch ( ... ) {}
}
slog( "Creating session" );
m_session = libssh2_session_init();
*libssh2_session_abstract(m_session) = this;
BOOST_ASSERT( m_session );
// use non-blocking calls so that we know when to call wait_on_socket
libssh2_session_set_blocking( m_session, 0 );
// perform the session handshake, and keep trying while EAGAIN
int ec = libssh2_session_handshake( m_session, m_sock->native() );
while( ec == LIBSSH2_ERROR_EAGAIN ) {
wait_on_socket();
ec = libssh2_session_handshake( m_session, m_sock->native() );
}
// if there was an error, throw it.
if( ec < 0 ) {
char* msg;
libssh2_session_last_error( m_session, &msg, 0, 0 );
MACE_SSH_THROW( "Handshake error: %1% - %2%", %ec %msg );
}
static int _git_ssh_authenticate_session(
LIBSSH2_SESSION* session,
git_cred* cred)
{
int rc;
do {
giterr_clear();
switch (cred->credtype) {
case GIT_CREDTYPE_USERPASS_PLAINTEXT: {
git_cred_userpass_plaintext *c = (git_cred_userpass_plaintext *)cred;
rc = libssh2_userauth_password(session, c->username, c->password);
break;
}
case GIT_CREDTYPE_SSH_KEY: {
git_cred_ssh_key *c = (git_cred_ssh_key *)cred;
if (c->privatekey)
rc = libssh2_userauth_publickey_fromfile(
session, c->username, c->publickey,
c->privatekey, c->passphrase);
else
rc = ssh_agent_auth(session, c);
break;
}
case GIT_CREDTYPE_SSH_CUSTOM: {
git_cred_ssh_custom *c = (git_cred_ssh_custom *)cred;
rc = libssh2_userauth_publickey(
session, c->username, (const unsigned char *)c->publickey,
c->publickey_len, c->sign_callback, &c->payload);
break;
}
case GIT_CREDTYPE_SSH_INTERACTIVE: {
void **abstract = libssh2_session_abstract(session);
git_cred_ssh_interactive *c = (git_cred_ssh_interactive *)cred;
/* ideally, we should be able to set this by calling
* libssh2_session_init_ex() instead of libssh2_session_init().
* libssh2's API is inconsistent here i.e. libssh2_userauth_publickey()
* allows you to pass the `abstract` as part of the call, whereas
* libssh2_userauth_keyboard_interactive() does not!
*
* The only way to set the `abstract` pointer is by calling
* libssh2_session_abstract(), which will replace the existing
* pointer as is done below. This is safe for now (at time of writing),
* but may not be valid in future.
*/
*abstract = c->payload;
rc = libssh2_userauth_keyboard_interactive(
session, c->username, c->prompt_callback);
break;
}
#ifdef GIT_SSH_MEMORY_CREDENTIALS
case GIT_CREDTYPE_SSH_MEMORY: {
git_cred_ssh_key *c = (git_cred_ssh_key *)cred;
assert(c->username);
assert(c->privatekey);
rc = libssh2_userauth_publickey_frommemory(
session,
c->username,
strlen(c->username),
c->publickey,
c->publickey ? strlen(c->publickey) : 0,
c->privatekey,
strlen(c->privatekey),
c->passphrase);
break;
}
#endif
default:
rc = LIBSSH2_ERROR_AUTHENTICATION_FAILED;
}
} while (LIBSSH2_ERROR_EAGAIN == rc || LIBSSH2_ERROR_TIMEOUT == rc);
if (rc == LIBSSH2_ERROR_PASSWORD_EXPIRED || rc == LIBSSH2_ERROR_AUTHENTICATION_FAILED)
return GIT_EAUTH;
if (rc != LIBSSH2_ERROR_NONE) {
if (!giterr_last())
ssh_error(session, "Failed to authenticate SSH session");
return -1;
}
return 0;
}
