int open_shell(LIBSSH2_SESSION *session, LIBSSH2_CHANNEL **channel, int sock)
{
int rc;
//while((*channel = libssh2_channel_open_session(session)) == NULL && libssh2_session_last_error(session,NULL,NULL,0) == LIBSSH2_ERROR_EAGAIN ) waitsocket(sock, session);
*channel = libssh2_channel_open_session(session);
if( *channel == NULL )
{
fprintf(stderr,"Error\n");
exit(1);
}
// while((rc=libssh2_channel_request_pty(*channel, "vanilla")) == LIBSSH2_ERROR_EAGAIN ) waitsocket(sock, session);
rc=libssh2_channel_request_pty(*channel, "vanilla");
if( rc != 0 )
{
fprintf(stderr,"get pty Error %d\n", rc);
exit(1);
}
// while((rc=libssh2_channel_shell(*channel)) == LIBSSH2_ERROR_EAGAIN ) waitsocket(sock, session);
rc=libssh2_channel_shell(*channel);
if( rc != 0 )
{
fprintf(stderr,"get shell Error %d\n", rc);
exit(1);
}
return rc;
}
int SSH2Utils::exec(const char *cmd) {
m_execResultStr.clear();
int rc = -1;
LIBSSH2_CHANNEL *channel;
/* Exec non-blocking on the remove host */
while ((channel = libssh2_channel_open_session(m_session)) == NULL
&& libssh2_session_last_error(m_session, NULL, NULL, 0)
== LIBSSH2_ERROR_EAGAIN) {
waitsocket();
}
if (channel == NULL) {
fprintf(stderr, "Channel Error\n");
m_errCode = 9;
return -1;
}
/* Request a terminal with 'vanilla' terminal emulation
* See /etc/termcap for more options
*/
if (libssh2_channel_request_pty(channel, "vanilla")) {
fprintf(stderr, "Failed requesting pty\n");
}
/* Open a SHELL on that pty */
if (libssh2_channel_shell(channel)) {
fprintf(stderr, "Unable to request shell on allocated pty\n");
}
libssh2_channel_write(channel, cmd, strlen(cmd));
libssh2_channel_send_eof(channel);
char buffer[BUF_SIZE];
memset(buffer, 0, BUF_SIZE);
rc = libssh2_channel_read(channel, buffer, BUF_SIZE);
if (rc > 0) {
m_execResultStr.append(buffer);
}
m_channelExitCode = 127;
while ((rc = libssh2_channel_close(channel)) == LIBSSH2_ERROR_EAGAIN)
waitsocket();
if (rc == 0) {
m_channelExitCode = libssh2_channel_get_exit_status(channel);
}
skip_shell:
if (channel) {
libssh2_channel_free(channel);
channel = NULL;
}
return rc;
}
int main(int argc, char *argv[])
{
const char *hostname = "127.0.0.1";
const char *commandline = "uptime";
const char *username = "******";
const char *password = "******";
unsigned long hostaddr;
int sock;
struct sockaddr_in sin;
const char *fingerprint;
LIBSSH2_SESSION *session;
LIBSSH2_CHANNEL *channel;
int rc;
int exitcode;
char *exitsignal=(char *)"none";
int bytecount = 0;
size_t len;
LIBSSH2_KNOWNHOSTS *nh;
int type;
#ifdef WIN32
WSADATA wsadata;
int err;
err = WSAStartup(MAKEWORD(2,0), &wsadata);
if (err != 0) {
fprintf(stderr, "WSAStartup failed with error: %d\n", err);
return 1;
}
#endif
if (argc > 1)
/* must be ip address only */
hostname = argv[1];
if (argc > 2) {
username = argv[2];
}
if (argc > 3) {
password = argv[3];
}
if (argc > 4) {
commandline = argv[4];
}
rc = libssh2_init (0);
if (rc != 0) {
fprintf (stderr, "libssh2 initialization failed (%d)\n", rc);
return 1;
}
hostaddr = inet_addr(hostname);
/* Ultra basic "connect to port 22 on localhost"
* Your code is responsible for creating the socket establishing the
* connection
*/
sock = socket(AF_INET, SOCK_STREAM, 0);
sin.sin_family = AF_INET;
sin.sin_port = htons(22);
sin.sin_addr.s_addr = hostaddr;
if (connect(sock, (struct sockaddr*)(&sin),
sizeof(struct sockaddr_in)) != 0) {
fprintf(stderr, "failed to connect!\n");
return -1;
}
/* Create a session instance */
session = libssh2_session_init();
if (!session)
return -1;
/* tell libssh2 we want it all done non-blocking */
libssh2_session_set_blocking(session, 0);
/* ... start it up. This will trade welcome banners, exchange keys,
* and setup crypto, compression, and MAC layers
*/
while ((rc = libssh2_session_handshake(session, sock)) ==
LIBSSH2_ERROR_EAGAIN);
if (rc) {
fprintf(stderr, "Failure establishing SSH session: %d\n", rc);
return -1;
}
nh = libssh2_knownhost_init(session);
if(!nh) {
/* eeek, do cleanup here */
return 2;
}
/* read all hosts from here */
libssh2_knownhost_readfile(nh, "known_hosts",
LIBSSH2_KNOWNHOST_FILE_OPENSSH);
/* store all known hosts to here */
libssh2_knownhost_writefile(nh, "dumpfile",
LIBSSH2_KNOWNHOST_FILE_OPENSSH);
fingerprint = libssh2_session_hostkey(session, &len, &type);
if(fingerprint) {
struct libssh2_knownhost *host;
#if LIBSSH2_VERSION_NUM >= 0x010206
/* introduced in 1.2.6 */
int check = libssh2_knownhost_checkp(nh, hostname, 22,
fingerprint, len,
LIBSSH2_KNOWNHOST_TYPE_PLAIN|
LIBSSH2_KNOWNHOST_KEYENC_RAW,
&host);
#else
/* 1.2.5 or older */
int check = libssh2_knownhost_check(nh, hostname,
fingerprint, len,
LIBSSH2_KNOWNHOST_TYPE_PLAIN|
LIBSSH2_KNOWNHOST_KEYENC_RAW,
&host);
#endif
fprintf(stderr, "Host check: %d, key: %s\n", check,
(check <= LIBSSH2_KNOWNHOST_CHECK_MISMATCH)?
host->key:"<none>");
/*****
* At this point, we could verify that 'check' tells us the key is
* fine or bail out.
*****/
}
else {
/* eeek, do cleanup here */
return 3;
}
libssh2_knownhost_free(nh);
if ( strlen(password) != 0 ) {
/* We could authenticate via password */
while ((rc = libssh2_userauth_password(session, username, password)) ==
LIBSSH2_ERROR_EAGAIN);
if (rc) {
fprintf(stderr, "Authentication by password failed.\n");
goto shutdown;
}
}
else {
/* Or by public key */
while ((rc = libssh2_userauth_publickey_fromfile(session, username,
"/home/user/"
".ssh/id_rsa.pub",
"/home/user/"
".ssh/id_rsa",
password)) ==
LIBSSH2_ERROR_EAGAIN);
if (rc) {
fprintf(stderr, "\tAuthentication by public key failed\n");
goto shutdown;
}
}
#if 0
libssh2_trace(session, ~0 );
#endif
/* Exec non-blocking on the remove host */
while( (channel = libssh2_channel_open_session(session)) == NULL &&
libssh2_session_last_error(session,NULL,NULL,0) ==
LIBSSH2_ERROR_EAGAIN )
{
waitsocket(sock, session);
}
if( channel == NULL )
{
fprintf(stderr,"Error\n");
exit( 1 );
}
while( (rc = libssh2_channel_exec(channel, commandline)) ==
LIBSSH2_ERROR_EAGAIN )
{
waitsocket(sock, session);
}
if( rc != 0 )
{
fprintf(stderr,"Error\n");
exit( 1 );
}
for( ;; )
{
/* loop until we block */
int rc;
do
{
char buffer[0x4000];
rc = libssh2_channel_read( channel, buffer, sizeof(buffer) );
if( rc > 0 )
{
int i;
bytecount += rc;
fprintf(stderr, "We read:\n");
for( i=0; i < rc; ++i )
fputc( buffer[i], stderr);
fprintf(stderr, "\n");
}
else {
if( rc != LIBSSH2_ERROR_EAGAIN )
/* no need to output this for the EAGAIN case */
fprintf(stderr, "libssh2_channel_read returned %d\n", rc);
}
}
while( rc > 0 );
/* this is due to blocking that would occur otherwise so we loop on
this condition */
if( rc == LIBSSH2_ERROR_EAGAIN )
{
waitsocket(sock, session);
}
else
break;
}
exitcode = 127;
while( (rc = libssh2_channel_close(channel)) == LIBSSH2_ERROR_EAGAIN )
waitsocket(sock, session);
if( rc == 0 )
{
exitcode = libssh2_channel_get_exit_status( channel );
libssh2_channel_get_exit_signal(channel, &exitsignal,
NULL, NULL, NULL, NULL, NULL);
}
if (exitsignal)
fprintf(stderr, "\nGot signal: %s\n", exitsignal);
else
fprintf(stderr, "\nEXIT: %d bytecount: %d\n", exitcode, bytecount);
libssh2_channel_free(channel);
channel = NULL;
shutdown:
libssh2_session_disconnect(session,
"Normal Shutdown, Thank you for playing");
libssh2_session_free(session);
#ifdef WIN32
closesocket(sock);
#else
close(sock);
#endif
fprintf(stderr, "all done\n");
libssh2_exit();
return 0;
}
x11_req() -- requests an X11 Forwarding channel\n\
");
static PyObject *
PYLIBSSH2_Channel(PyObject *self, PyObject *args)
{
PYLIBSSH2_SESSION *session;
LIBSSH2_CHANNEL *channel;
int dealloc = 1;
if (!PyArg_ParseTuple(args, "O|i:Channel", &session, &dealloc)) {
return NULL;
}
channel = libssh2_channel_open_session(session->session);
if (channel== NULL){
if (libssh2_session_last_error(session->session,NULL,NULL,0) ==
LIBSSH2_ERROR_EAGAIN){
return Py_BuildValue("");
}
else{
PyErr_SetString(PYLIBSSH2_Error, "Failed to open channel");
return NULL;
}
}
else {
return (PyObject *)PYLIBSSH2_Channel_New(channel, dealloc);
}
}
void* CLibssh2::open_ssh_channel()
{
LIBSSH2_CHANNEL* channel = NULL;
LIBSSH2_SESSION* session = static_cast<LIBSSH2_SESSION*>(_session);
// 建立会话通道
while (true)
{
channel = libssh2_channel_open_session(session);
if (channel != NULL)
break;
int errcode = get_session_errcode();
if (errcode != LIBSSH2_ERROR_EAGAIN)
{
THROW_EXCEPTION(get_session_errmsg(), errcode);
}
else
{
if (!timedwait_socket())
{
THROW_SYSCALL_EXCEPTION("open session timeout", ETIMEDOUT, "poll");
}
}
}
return channel;
}
void PJSSH::ExecuteCmd(const char* aCommand) const
{
if( !SessionIsOk )
{
std::ostringstream o;
o<<"Can not execute command since the SSH session is not set up ok. "
"Last error message: ";
throw std::logic_error(o.str());
}
// Try to open a channel to be used for executing the command.
LIBSSH2_CHANNEL* channel = libssh2_channel_open_session(mSession);
if( NULL == channel )
{
throw std::runtime_error("Could not open communication channel for "
"executing remote command.");
}
// Execute the command.
if( -1 == libssh2_channel_exec(channel,aCommand))
{
throw std::runtime_error("Failed to execute the remote command.");
}
// Close the channel.
libssh2_channel_close(channel);
// Free resources.
libssh2_channel_free(channel);
}
@rtype libssh2.Channel";
static PyObject *
PYLIBSSH2_Session_open_session(PYLIBSSH2_SESSION *self, PyObject *args)
{
int dealloc = 1;
LIBSSH2_CHANNEL *channel;
if (!PyArg_ParseTuple(args, "|i:open_session", &dealloc)) {
return NULL;
}
channel = libssh2_channel_open_session(self->session);
if (channel== NULL){
if (libssh2_session_last_error(self->session,NULL,NULL,0) ==
LIBSSH2_ERROR_EAGAIN){
return Py_BuildValue("");
}
else{
PyErr_SetString(PYLIBSSH2_Error, "Failed to open channel");
return NULL;
}
}
else {
return (PyObject *)PYLIBSSH2_Channel_New(channel, dealloc);
}
}
bool RunCommand(const char *aCommand) {
if (!mSessionOK) {
return false;
}
LIBSSH2_CHANNEL *channel = libssh2_channel_open_session(mSession);
if (channel == NULL) {
strcpy(mErrorMessage, "Could not open SSH2 channel");
return false;
}
#ifdef libssh2_session_set_timeout
libssh2_session_set_timeout(mTimeout);
#endif
if (libssh2_channel_exec(channel, aCommand) == -1) {
strcpy(mErrorMessage, "Could not execute SSH2 command");
return false;
}
std::string response;
char buf[1025];
ssize_t size = 1024;
while (size == 1024) {
size = libssh2_channel_read(channel, buf, 1024);
buf[size] = '\0';
response += buf;
}
if (mResponse) {
delete [] mResponse;
}
mResponse = new char[response.size()+1];
strcpy(mResponse, response.c_str());
libssh2_channel_close(channel);
mExitCode = libssh2_channel_get_exit_status(channel);
libssh2_channel_free(channel);
return true;
}
void cql_ccm_bridge_t::start_ssh_connection(const cql_ccm_bridge_configuration_t& settings) {
_ssh_internals->_session = libssh2_session_init();
if (!_ssh_internals->_session)
throw cql_ccm_bridge_exception_t("cannot create ssh session");
try {
if (libssh2_session_handshake(_ssh_internals->_session, _socket))
throw cql_ccm_bridge_exception_t("ssh session handshake failed");
// get authentication modes supported by server
char* auth_methods = libssh2_userauth_list(_ssh_internals->_session,
settings.ssh_username().c_str(),
settings.ssh_username().size());
int auth_result;
if (!settings.ssh_public_key_file().empty() && !settings.ssh_private_key_file().empty()) {
auth_result = libssh2_userauth_publickey_fromfile(_ssh_internals->_session,
settings.ssh_username().c_str(),
settings.ssh_public_key_file().c_str(),
settings.ssh_private_key_file().c_str(),
"");
} else {
if (strstr(auth_methods, "password") == NULL)
throw cql_ccm_bridge_exception_t("server doesn't support authentication by password");
// try to login using username and password
auth_result = libssh2_userauth_password(_ssh_internals->_session,
settings.ssh_username().c_str(),
settings.ssh_password().c_str());
}
if (auth_result != 0)
throw cql_ccm_bridge_exception_t("invalid password or user");
if (!(_ssh_internals->_channel = libssh2_channel_open_session(_ssh_internals->_session)))
throw cql_ccm_bridge_exception_t("cannot open ssh session");
try {
if (libssh2_channel_request_pty(_ssh_internals->_channel, "vanilla"))
throw cql_ccm_bridge_exception_t("pty requests failed");
if (libssh2_channel_shell(_ssh_internals->_channel))
throw cql_ccm_bridge_exception_t("cannot open shell");
//TODO: Copy SSL files to remote connection for CCM to enable SSL with Cassandra instances (or use keytool to simply generate the files remotely)
} catch (cql_ccm_bridge_exception_t&) {
// calls channel_close
libssh2_channel_free(_ssh_internals->_channel);
}
} catch (cql_ccm_bridge_exception_t&) {
close_ssh_session();
throw;
}
}
LIBSSH2_CHANNEL *waitfor_open_channel(LIBSSH2_SESSION *session, int sock)
{
LIBSSH2_CHANNEL *chan = NULL;
while (!(chan = libssh2_channel_open_session(session))) {
int err = libssh2_session_last_error(session, NULL, NULL, 0);
if (err != LIBSSH2_ERROR_EAGAIN)
break;
waitsocket(session, sock);
}
return chan;
}
static PyObject *
session_channel(SSH2_SessionObj *self)
{
LIBSSH2_CHANNEL *channel;
Py_BEGIN_ALLOW_THREADS
channel = libssh2_channel_open_session(self->session);
Py_END_ALLOW_THREADS
CHECK_RETURN_POINTER(channel, self)
return (PyObject *)SSH2_Channel_New(channel, self);
}
int ssh_exec_channel_open(void* ssh_session, Boolean async_mode)
{
SSH_SESSION* p_session;
LIBSSH2_CHANNEL* channel;
p_session = (SSH_SESSION*)ssh_session;
if(!(login_check(p_session)))
{
debug_log(SSH_TERMINAL_NO_SESSION_ERROR, "ssh_exec_channel_open : no session.");
return SSH_TERMINAL_NO_SESSION_ERROR;
}
if(p_session->session_param->channel != NULL)
{
debug_log(SSH_TERMINAL_ALREADY_CHANNEL_OPEN, "ssh_exec_channel_open : already channel open.");
return SSH_TERMINAL_ALREADY_CHANNEL_OPEN;
}
while((channel = libssh2_channel_open_session(p_session->session_param->session)) == NULL &&
libssh2_session_last_error(p_session->session_param->session, NULL, NULL, 0) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
if(channel == NULL)
{
debug_log(SSH_TERMINAL_CHANNEL_OPEN_ERROR, "ssh_exec_channel_open : channel open failed.");
return SSH_TERMINAL_CHANNEL_OPEN_ERROR;
}
p_session->session_param->channel = channel;
p_session->session_param->channel_type = CHANNEL_TYPE_EXEC;
p_session->session_param->async_mode = async_mode;
return 0;
}
int exec_one_cmd(char* cmd, LIBSSH2_SESSION *session, LIBSSH2_CHANNEL **channel, int sock)
{
int rc;
//while((*channel = libssh2_channel_open_session(session)) == NULL && libssh2_session_last_error(session,NULL,NULL,0) == LIBSSH2_ERROR_EAGAIN ) waitsocket(sock, session);
*channel = libssh2_channel_open_session(session);
if( *channel == NULL )
{
fprintf(stderr,"Error\n");
exit(1);
}
// while((rc = libssh2_channel_exec(*channel, cmd)) == LIBSSH2_ERROR_EAGAIN ) waitsocket(sock, session);
rc = libssh2_channel_exec(*channel, cmd);
if(rc!=0)
{
fprintf(stderr,"Error\n");
exit(1);
}
read_channel(session, *channel, sock);
// while((rc = libssh2_channel_close(*channel)) == LIBSSH2_ERROR_EAGAIN) waitsocket(sock, session);
rc = libssh2_channel_close(*channel);
return rc;
}
bool StartLineProcessCollector::collect(MONITORING::leaseProcessStart *sample, StartLineProcessConnector *conn) {
if (NULL == sample) {
g_cSystemLogger.LogMessage("(%s:%s:%d):: sample is NULL \n \n ", LOG_LOCATION);
return false;
}
int i=0;
ItrServerDetails serIter;
lineDetails ld;
g_cSystemLogger.LogMessage("(%s:%s:%d)::cancelid %d \n ", LOG_LOCATION,sample->ip_info[i].CancelOrderId);
if(sample->ip_info[i].CancelOrderId!=0)
{
char buf[50]={0};
char recvbuf[512]={0};
int recvLen;
g_cSystemLogger.LogMessage("(%s:%s:%d):: size of order vector %d \n ",LOG_LOCATION,conn->orderIds.size());
for(i=0;i<conn->orderIds.size();i++)
{
//g_cSystemLogger.LogMessage("(%s:%s(:%d)::Inside CancelOrder %d \n", LOG_LOCATION,sample->ip_info[i].CancelOrderId);
int pos;
int j;
pos+=sprintf(buf+5,"%s%d%s","#",conn->orderIds[i],"#");
g_cSystemLogger.LogMessage("(%s:%s(:%d)::order length %d buf %s \n", LOG_LOCATION,pos,buf);
char c='0';
for(j=0;j<=3;j++)
{
buf[j]=c;
//g_cSystemLogger.LogMessage("(%s:%s(:%d)::Inside CancelOrder buf %c \n", LOG_LOCATION,buf[j]);
}
char p=(char)(((int)'0')+pos);
buf[j]=p;
g_cSystemLogger.LogMessage("(%s:%s(:%d)::Inside CancelOrder buf %s socketId %d \n", LOG_LOCATION,buf,CControllerThread::getInstance()->socketId);
if(recvLen==write(CControllerThread::getInstance()->socketId,buf,sizeof(buf)))
{
g_cSystemLogger.LogMessage("(%s:%s(:%d)::writeLen %d \n", LOG_LOCATION,recvLen);
//CControllerThread::getInstance()->makeSocketConnection();
}
g_cSystemLogger.LogMessage("(%s:%s(:%d)::write sucessfull writeLen %d \n", LOG_LOCATION,recvLen);
if(recvLen=recv(CControllerThread::getInstance()->socketId,recvbuf,sizeof(recvbuf),0)<0)
{
g_cSystemLogger.LogMessage("(%s:%s(:%d)::Recv Error \n", LOG_LOCATION);
}
g_cSystemLogger.LogMessage("(%s:%s(:%d)::RecvLen %d recvbuf %s \n", LOG_LOCATION,recvLen,recvbuf);
strncpy(ld.CancelOrderStatus,recvbuf,sizeof(recvbuf));
CcopyStructure::copyCommandData(ld, ld.line_count);
memset(buf,0,sizeof(buf));
pos=0;
sleep(1);
}
return true;
}
else
{
for(i=0;i<sample->ip_info.length();i++)
{
if(strcmp(sample->ip_info[i].ipadress,"")==0)
break;
LIBSSH2_CHANNEL *channel2;
LIBSSH2_SESSION *session;
char* userName;
char* passWord;
struct sockaddr_in sin;
int rc, sock, auth_pw = 0;
char *exitsignal = (char *) "none";
size_t lnReturnCode;
char command[12324] = {0};
char processes[8024] = {0};
char *lpUserAuthList;
g_cSystemLogger.LogMessage("(%s:%s:%d):: Debug", LOG_LOCATION);
rc = libssh2_init(0);
strcpy(ld.ipadress,sample->ip_info[i].ipadress);
g_cSystemLogger.LogMessage("(%s:%s:%d)::Sequence Length %d ipadress %s,and psl %s cancelOrderId %d value of i %d \n", LOG_LOCATION, sample->ip_info._length,sample->ip_info[i].ipadress,sample->ip_info[i].psl,sample->ip_info[i].CancelOrderId,i);
sock = socket(AF_INET, SOCK_STREAM, 0);
sin.sin_family = AF_INET;
sin.sin_port = htons(22);
sin.sin_addr.s_addr = inet_addr(sample->ip_info[i].ipadress);
if (connect(sock, (struct sockaddr*) (&sin),
sizeof (struct sockaddr_in)) != 0) {
g_cSystemLogger.LogMessage("(%s:%s(:%d)::failure establishing ssh", LOG_LOCATION);
return -1;
}
session = libssh2_session_init();
if (libssh2_session_handshake(session, sock)) {
g_cSystemLogger.LogMessage("(%s:%s(:%d):: failure ssh session initiation", LOG_LOCATION);
}
/* if((strcmp(sample->ip_info[i].ipadress,"192.168.30.32")==0)|| (strcmp(sample->ip_info[i].psl,"192.168.30.231")==0))
{
userName = "******";
passWord = "******";
}
else*/
userName = "******";
passWord = "******";
lpUserAuthList = libssh2_userauth_list(session, userName, strlen(userName));
if (NULL == lpUserAuthList) {
g_cSystemLogger.LogMessage("(%s:%s(:%d):: get user auth list failed", LOG_LOCATION);
}
char lcPreferredAuthMethod[20] = "password";
g_cSystemLogger.LogMessage("(%s:%s(:%d)::authentication methods(%s)", LOG_LOCATION, lpUserAuthList);
if (strstr(lpUserAuthList, lcPreferredAuthMethod) != NULL) {
auth_pw |= 1;
g_cSystemLogger.LogMessage("(%s:%s(:%d)::authentication methods(%d)", LOG_LOCATION, auth_pw);
}
if (auth_pw & 1) {
if (libssh2_userauth_password(session, userName, passWord)) {
g_cSystemLogger.LogMessage("(%s:%s(:%d)::Authentation by password failed\n", LOG_LOCATION);
}
else {
g_cSystemLogger.LogMessage("(%s:%s(:%d)::Authentation by mint succesded\n", LOG_LOCATION);
}
}
while ((channel2 = libssh2_channel_open_session(session)) == NULL &&
libssh2_session_last_error(session, NULL, NULL, 0) == LIBSSH2_ERROR_EAGAIN) {
waitsocket(sock, session);
}
if (channel2 == NULL) {
g_cSystemLogger.LogMessage("(%s:%s(:%d))ssh channel opening fail", LOG_LOCATION);
}
if(strcmp(sample->ip_info[i].psl,"Process")==0)
{
g_cSystemLogger.LogMessage("(%s:%s(:%d)) Inside Process", LOG_LOCATION);
for(serIter=conn->getServerInfo().begin();serIter!=conn->getServerInfo().end();serIter++)
{
g_cSystemLogger.LogMessage("(%s:%s(:%d)) ipadress from iter %s", LOG_LOCATION,serIter->ipAdress);
tagServerInfo &tagServ = *serIter;
g_cSystemLogger.LogMessage("(%s:%s(:%d)) ipadress from tagserver %s sampeip %s \n", LOG_LOCATION,tagServ.ipAdress,sample->ip_info[i].ipadress);
if(strcmp(tagServ.ipAdress,sample->ip_info[i].ipadress)==0)
{
int pos=0;
g_cSystemLogger.LogMessage("(%s:%s(:%d)) tagServ %s sample %s processLen %d \n", LOG_LOCATION,tagServ.ipAdress,sample->ip_info[i].ipadress,tagServ.noOfProcess);
for(int j=1;j<tagServ.noOfProcess;j++)
{
g_cSystemLogger.LogMessage("(%s:%s(:%d)) Process %s \n", LOG_LOCATION,tagServ.processes[j].name);
if(j==(tagServ.noOfProcess-1))
{
sprintf(processes+pos,tagServ.processes[j].name);
}
else
{
pos+=sprintf(processes+pos,"%s%s",tagServ.processes[j].name,"|");
}
}
sprintf(command,"%s %s%s%s%s %s%s%s%s","ps -ef | egrep -v ","\"", "egrep|vi|tail|cat|emacs|more|nohup","\"" ,"| egrep","\"",processes,"\"","| grep -v daemon");
g_cSystemLogger.LogMessage("(%s:%s(:%d)) command %s", LOG_LOCATION,command);
while ((rc = libssh2_channel_exec(channel2, command)) == LIBSSH2_ERROR_EAGAIN) {
waitsocket(sock, session);
}
lnReturnCode = libssh2_channel_read(channel2, command, sizeof (command));
g_cSystemLogger.LogMessage("(%s:%s(:%d)) lnReturnCode %d command %s", LOG_LOCATION,lnReturnCode,command);
strncpy(ld.processInfo,command,sizeof(command));
memset(command, 0, sizeof (command));
libssh2_channel_free(channel2);
channel2 = NULL;
}
}
}
else if((strcmp(sample->ip_info[i].psl,"Space"))==0)
{
while ((rc = libssh2_channel_exec(channel2, "df -kh |grep -v grep")) == LIBSSH2_ERROR_EAGAIN) {
waitsocket(sock, session);
}
lnReturnCode = libssh2_channel_read(channel2, command, sizeof (command));
g_cSystemLogger.LogMessage("(%s:%s(:%d)lnReturnCode %d command after executing %s\n", LOG_LOCATION, lnReturnCode, command);
strcpy(ld.spaceInfo,command);
memset(command, 0, sizeof (command));
libssh2_channel_free(channel2);
channel2 = NULL;
}
else if((strcmp(sample->ip_info[i].psl,"Line"))==0)
{
DBConnection lDBConnectionObject;
char* dbUserName = "******";
char* dbPassWord = "******";
char* dbName = "mani";
char* dbPort = "5432";
if(0==lDBConnectionObject.getFoPiQueryResult(dbUserName,dbPassWord,dbName,dbPort,sample->ip_info[i].ipadress,ld))
{
g_cSystemLogger.LogMessage("(%s:%s(:%d) Failed DB query \n", LOG_LOCATION);
}
g_cSystemLogger.LogMessage("(%s:%s(:%d) LineId %d Product details %s line count %d\n", LOG_LOCATION,ld.ld[0].fo_id,ld.ld[0].product_details,ld.line_count);
lDBConnectionObject.Close();
}
iterMap = conn->getPath().find(sample->ip_info[i].ipadress);
g_cSystemLogger.LogMessage("(%s:%s(:%d))Path %s \n", LOG_LOCATION,iterMap->second.c_str());
if (sample->ip_info[i].status == true)
{
sprintf(command, "%s%s",iterMap->second.c_str(),"/clear_server.sh >> /tmp/LOGS/cronlog 2>&1 &");
while ((rc = libssh2_channel_exec(channel2, command)) == LIBSSH2_ERROR_EAGAIN) {
waitsocket(sock, session);
}
lnReturnCode = libssh2_channel_read(channel2, command, sizeof (command));
g_cSystemLogger.LogMessage("(%s:%s(:%d)lnReturnCode %d command after executing %s\n", LOG_LOCATION, lnReturnCode, command);
memset(command, 0, sizeof (command));
libssh2_channel_free(channel2);
channel2 = NULL;
}
else if((sample->ip_info[i].status==false) && ((strcmp(sample->ip_info[i].psl,""))==0) && (sample->ip_info[i].CancelOrderId==0))
{
sprintf(command, "%s", "cd /home/mint/ga/bin; nohup ./shutdownall.sh >> /tmp/LOGS/cronlog1 2>&1 &");
g_cSystemLogger.LogMessage("(%s:%s(:%d)%s\n", LOG_LOCATION, command);
while ((rc = libssh2_channel_exec(channel2, command)) == LIBSSH2_ERROR_EAGAIN) {
g_cSystemLogger.LogMessage("(%s:%s(:%d) ERROR Running command %d\n", LOG_LOCATION, rc);
waitsocket(sock, session);
}
size_t lnReturnCode;
lnReturnCode = libssh2_channel_read(channel2, command, sizeof (command));
g_cSystemLogger.LogMessage("(%s:%s(:%d)lnReturnCode %d commandBuffer %s\n", LOG_LOCATION, lnReturnCode, command);
memset(command, 0, sizeof (command));
libssh2_channel_free(channel2);
channel2 = NULL;
}
g_cSystemLogger.LogMessage("(%s:%s(:%d)space %s\n", LOG_LOCATION,ld.spaceInfo);
CcopyStructure::copyCommandData(ld, ld.line_count);
}
}
return true;
}
bool QxtSshChannelPrivate::activate(){
//session
if(d_state==1){
d_channel=libssh2_channel_open_session(d_session);
if(d_channel==NULL){
if(libssh2_session_last_error(d_session,NULL,NULL,0)==LIBSSH2_ERROR_EAGAIN) {
return true;
}else{
return false;
}
}
#ifdef QXT_DEBUG_SSH
qDebug("session opened");
#endif
d_state=2;
return activate();
//transition to allow early cmd
}else if (d_state==2){
if(!d_next_actions.isEmpty()){
d_state=d_next_actions.takeFirst();
return activate();
}else{
return true;
}
//request pty
}else if (d_state==5){
int r=libssh2_channel_request_pty(d_channel,d_pty.data());
if(r){
if(r==LIBSSH2_ERROR_EAGAIN){
return true;
}else{
qWarning("QxtSshChannel: pty allocation failed");
return false;
}
}
#ifdef QXT_DEBUG_SSH
qDebug("pty opened");
#endif
d_state=2;
return activate();
//start
}else if (d_state==3){
int r=libssh2_channel_exec(d_channel,qPrintable(d_cmd));
if(r){
if(r==LIBSSH2_ERROR_EAGAIN){
return true;
}else{
#ifdef QXT_DEBUG_SSH
qDebug("exec failed");
#endif
return false;
}
}
#ifdef QXT_DEBUG_SSH
qDebug("exec opened");
#endif
p->setOpenMode(QIODevice::ReadWrite);
d_state=66;
emit p->connected();
return true;
//start shell
}else if (d_state==4){
int r=libssh2_channel_shell(d_channel);
if(r){
if(r==LIBSSH2_ERROR_EAGAIN){
return true;
}else{
#ifdef QXT_DEBUG_SSH
qDebug("exec failed");
#endif
return false;
}
}
#ifdef QXT_DEBUG_SSH
qDebug("shell opened");
#endif
p->setOpenMode(QIODevice::ReadWrite);
d_state=9999;
emit p->connected();
return true;
// tcp channel
}else if (d_state==10){
d_channel=libssh2_channel_direct_tcpip(d_session, qPrintable(d_host),d_port);
if(d_channel==NULL){
if(libssh2_session_last_error(d_session,NULL,NULL,0)==LIBSSH2_ERROR_EAGAIN) {
return true;
}else{
return false;
}
}
#ifdef QXT_DEBUG_SSH
qDebug("tcp channel opened");
#endif
p->setOpenMode(QIODevice::ReadWrite);
d_state=9999;
return activate();
//read channel
}else if (d_state==9999){
emit p->readyRead();
}
return true;
}
int ssh_cmd(SSH * pSsh,char * pCmdstr)
{
int ret=0;
int exitcode;
char *exitsignal=(char *)"none";
if (NULL==pSsh || NULL==pCmdstr)
{
return 0;
}
while( (pSsh->channel = libssh2_channel_open_session(pSsh->session)) == NULL &&
libssh2_session_last_error(pSsh->session,NULL,NULL,0) ==
LIBSSH2_ERROR_EAGAIN )
{
waitsocket(pSsh->sock_fd, pSsh->session);
}
if( pSsh->channel == NULL )
{
fprintf(stderr,"Error\n");
exit( 1 );
}
while( (ret = libssh2_channel_exec(pSsh->channel, pCmdstr)) ==
LIBSSH2_ERROR_EAGAIN )
{
waitsocket(pSsh->sock_fd, pSsh->session);
}
if( ret != 0 )
{
fprintf(stderr,"Error\n");
exit( 1 );
}
for( ;; )
{
/* loop until we block */
int rc;
do
{
char buffer[0x4000];
rc = libssh2_channel_read( pSsh->channel, buffer, sizeof(buffer) );
if( rc > 0 )
{
int i;
for( i=0; i < rc; ++i )
fputc( buffer[i], stdout);
fprintf(stderr, "\n");
}
else {
if( ret != LIBSSH2_ERROR_EAGAIN )
/* no need to output this for the EAGAIN case */
fprintf(stderr, "libssh2_channel_read returned %d\n", rc);
}
}
while( ret > 0 );
/* this is due to blocking that would occur otherwise so we loop on
this condition */
if( rc == LIBSSH2_ERROR_EAGAIN )
{
waitsocket(pSsh->sock_fd, pSsh->session);
}
else
break;
}
exitcode = 127;
while( (ret = libssh2_channel_close(pSsh->channel)) == LIBSSH2_ERROR_EAGAIN )
waitsocket(pSsh->sock_fd, pSsh->session);
if( ret == 0 )
{
exitcode = libssh2_channel_get_exit_status( pSsh->channel );
libssh2_channel_get_exit_signal(pSsh->channel, &exitsignal,
NULL, NULL, NULL, NULL, NULL);
}
if (exitsignal)
fprintf(stderr, "\nGot signal: %s\n", exitsignal);
fprintf(stderr,"\n*ssh_cmd::pcmdstr=%s\n",pCmdstr);
return 0;
}
int Parser::runCommand(QString command)
{
// command channel
//------------setup channel ----------------------
LIBSSH2_CHANNEL *channel = NULL;
channel = libssh2_channel_open_session(session_);
if ( channel == NULL )
{
qDebug()<<"Failed to open a new channel\n";
socket_->disconnectFromHost();
return -1;
}
/* Force Data to on STDOUT and STDERR to be on seperate channels
* read individually with *_read and *_read_stderr functions */
libssh2_channel_handle_extended_data(channel,LIBSSH2_CHANNEL_EXTENDED_DATA_NORMAL);
libssh2_channel_set_blocking(channel, 1);
{
int rc;
while ((rc=libssh2_channel_exec(channel, command.toLocal8Bit().constData()))==LIBSSH2_ERROR_EAGAIN );
if (rc)
{
return -1;
}
//-------read channel-----------
int read;
QString stdout_str;
QString stderr_str;
while(true)
{
//qDebug("libssh2_channel_read() >>>");
{
QByteArray byte_array;
byte_array.resize(4096);
char* buffer=byte_array.data();
int buffer_size=byte_array.size();
read = libssh2_channel_read(channel, buffer, buffer_size-10);
if(read>0)
{
QByteArray debug = QByteArray(buffer, read);
stdout_str.append(debug);
}
if(LIBSSH2_ERROR_EAGAIN == read)
{
qDebug("LIBSSH2_ERROR_EAGAIN");
break;
}
else if(read < 0)
{
qDebug(" error reading from std channel");
closeChannel(channel);
goto next_channel;
}
}
{
QByteArray byte_array;
byte_array.resize(4096);
char* buffer=byte_array.data();
int buffer_size=byte_array.size();
read = libssh2_channel_read_stderr(channel, buffer, buffer_size-10);
if(read>0)
{
QByteArray debug = QByteArray(buffer, read);
stderr_str.append(debug);
}
if(LIBSSH2_ERROR_EAGAIN == read)
{
qDebug("LIBSSH2_ERROR_EAGAIN");
break;
}
else if(read < 0)
{
qDebug(" error reading from stderr channel");
closeChannel(channel);
goto next_channel;
}
}
int i = libssh2_channel_eof(channel);
if(i)
{
//qDebug("libssh2_channel_eof %i", i);
closeChannel(channel);
goto next_channel;
}
}
next_channel:
if(!stdout_str.isEmpty())
{
qDebug()<<"STDOUT:\n"<<stdout_str;
}
if(!stderr_str.isEmpty())
{
qDebug()<<"STDERR:\n"<<stderr_str;
}
}
return 1;
}
int main(int argc, char *argv[])
{
unsigned long hostaddr;
int sock = -1, i, rc;
struct sockaddr_in sin;
const char *fingerprint;
char *userauthlist;
LIBSSH2_SESSION *session = NULL;
LIBSSH2_CHANNEL *channel;
LIBSSH2_AGENT *agent = NULL;
struct libssh2_agent_publickey *identity, *prev_identity = NULL;
#ifdef WIN32
WSADATA wsadata;
WSAStartup(MAKEWORD(2,0), &wsadata);
#endif
if (argc > 1) {
hostaddr = inet_addr(argv[1]);
} else {
hostaddr = htonl(0x7F000001);
}
if(argc > 2) {
username = argv[2];
}
rc = libssh2_init (0);
if (rc != 0) {
fprintf (stderr, "libssh2 initialization failed (%d)\n", rc);
return 1;
}
/* Ultra basic "connect to port 22 on localhost". Your code is
* responsible for creating the socket establishing the connection
*/
sock = socket(AF_INET, SOCK_STREAM, 0);
if (sock == -1) {
fprintf(stderr, "failed to create socket!\n");
rc = 1;
goto shutdown;
}
sin.sin_family = AF_INET;
sin.sin_port = htons(22);
sin.sin_addr.s_addr = hostaddr;
if (connect(sock, (struct sockaddr*)(&sin),
sizeof(struct sockaddr_in)) != 0) {
fprintf(stderr, "failed to connect!\n");
goto shutdown;
}
/* Create a session instance and start it up. This will trade welcome
* banners, exchange keys, and setup crypto, compression, and MAC layers
*/
session = libssh2_session_init();
if (libssh2_session_handshake(session, sock)) {
fprintf(stderr, "Failure establishing SSH session\n");
return 1;
}
/* At this point we havn't authenticated. The first thing to do is check
* the hostkey's fingerprint against our known hosts Your app may have it
* hard coded, may go to a file, may present it to the user, that's your
* call
*/
fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
fprintf(stderr, "Fingerprint: ");
for(i = 0; i < 20; i++) {
fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
}
fprintf(stderr, "\n");
/* check what authentication methods are available */
userauthlist = libssh2_userauth_list(session, username, strlen(username));
fprintf(stderr, "Authentication methods: %s\n", userauthlist);
if (strstr(userauthlist, "publickey") == NULL) {
fprintf(stderr, "\"publickey\" authentication is not supported\n");
goto shutdown;
}
/* Connect to the ssh-agent */
agent = libssh2_agent_init(session);
if (!agent) {
fprintf(stderr, "Failure initializing ssh-agent support\n");
rc = 1;
goto shutdown;
}
if (libssh2_agent_connect(agent)) {
fprintf(stderr, "Failure connecting to ssh-agent\n");
rc = 1;
goto shutdown;
}
if (libssh2_agent_list_identities(agent)) {
fprintf(stderr, "Failure requesting identities to ssh-agent\n");
rc = 1;
goto shutdown;
}
while (1) {
rc = libssh2_agent_get_identity(agent, &identity, prev_identity);
if (rc == 1)
break;
if (rc < 0) {
fprintf(stderr,
"Failure obtaining identity from ssh-agent support\n");
rc = 1;
goto shutdown;
}
if (libssh2_agent_userauth(agent, username, identity)) {
fprintf(stderr, "\tAuthentication with username %s and "
"public key %s failed!\n",
username, identity->comment);
} else {
fprintf(stderr, "\tAuthentication with username %s and "
"public key %s succeeded!\n",
username, identity->comment);
break;
}
prev_identity = identity;
}
if (rc) {
fprintf(stderr, "Couldn't continue authentication\n");
goto shutdown;
}
/* We're authenticated now. */
/* Request a shell */
if (!(channel = libssh2_channel_open_session(session))) {
fprintf(stderr, "Unable to open a session\n");
goto shutdown;
}
/* Some environment variables may be set,
* It's up to the server which ones it'll allow though
*/
libssh2_channel_setenv(channel, "FOO", "bar");
/* Request a terminal with 'vanilla' terminal emulation
* See /etc/termcap for more options
*/
if (libssh2_channel_request_pty(channel, "vanilla")) {
fprintf(stderr, "Failed requesting pty\n");
goto skip_shell;
}
/* Open a SHELL on that pty */
if (libssh2_channel_shell(channel)) {
fprintf(stderr, "Unable to request shell on allocated pty\n");
goto shutdown;
}
/* At this point the shell can be interacted with using
* libssh2_channel_read()
* libssh2_channel_read_stderr()
* libssh2_channel_write()
* libssh2_channel_write_stderr()
*
* Blocking mode may be (en|dis)abled with: libssh2_channel_set_blocking()
* If the server send EOF, libssh2_channel_eof() will return non-0
* To send EOF to the server use: libssh2_channel_send_eof()
* A channel can be closed with: libssh2_channel_close()
* A channel can be freed with: libssh2_channel_free()
*/
skip_shell:
if (channel) {
libssh2_channel_free(channel);
channel = NULL;
}
/* Other channel types are supported via:
* libssh2_scp_send()
* libssh2_scp_recv()
* libssh2_channel_direct_tcpip()
*/
shutdown:
libssh2_agent_disconnect(agent);
libssh2_agent_free(agent);
if(session) {
libssh2_session_disconnect(session,
"Normal Shutdown, Thank you for playing");
libssh2_session_free(session);
}
if (sock != -1) {
#ifdef WIN32
closesocket(sock);
#else
close(sock);
#endif
}
fprintf(stderr, "all done!\n");
libssh2_exit();
return rc;
}
static int _git_ssh_setup_conn(
ssh_subtransport *t,
const char *url,
const char *cmd,
git_smart_subtransport_stream **stream)
{
char *host=NULL, *port=NULL, *path=NULL, *user=NULL, *pass=NULL;
const char *default_port="22";
int auth_methods, error = 0;
ssh_stream *s;
git_cred *cred = NULL;
LIBSSH2_SESSION* session=NULL;
LIBSSH2_CHANNEL* channel=NULL;
*stream = NULL;
if (ssh_stream_alloc(t, url, cmd, stream) < 0)
return -1;
s = (ssh_stream *)*stream;
if (!git__prefixcmp(url, prefix_ssh)) {
if ((error = gitno_extract_url_parts(&host, &port, &path, &user, &pass, url, default_port)) < 0)
goto on_error;
} else {
if ((error = git_ssh_extract_url_parts(&host, &user, url)) < 0)
goto on_error;
port = git__strdup(default_port);
GITERR_CHECK_ALLOC(port);
}
/* we need the username to ask for auth methods */
if (!user) {
if ((error = request_creds(&cred, t, NULL, GIT_CREDTYPE_USERNAME)) < 0)
goto on_error;
user = git__strdup(((git_cred_username *) cred)->username);
cred->free(cred);
cred = NULL;
if (!user)
goto on_error;
} else if (user && pass) {
if ((error = git_cred_userpass_plaintext_new(&cred, user, pass)) < 0)
goto on_error;
}
if ((error = gitno_connect(&s->socket, host, port, 0)) < 0)
goto on_error;
if ((error = _git_ssh_session_create(&session, s->socket)) < 0)
goto on_error;
if ((error = list_auth_methods(&auth_methods, session, user)) < 0)
goto on_error;
error = GIT_EAUTH;
/* if we already have something to try */
if (cred && auth_methods & cred->credtype)
error = _git_ssh_authenticate_session(session, cred);
while (error == GIT_EAUTH) {
if (cred) {
cred->free(cred);
cred = NULL;
}
if ((error = request_creds(&cred, t, user, auth_methods)) < 0)
goto on_error;
if (strcmp(user, git_cred__username(cred))) {
giterr_set(GITERR_SSH, "username does not match previous request");
error = -1;
goto on_error;
}
error = _git_ssh_authenticate_session(session, cred);
}
if (error < 0)
goto on_error;
channel = libssh2_channel_open_session(session);
if (!channel) {
error = -1;
ssh_error(session, "Failed to open SSH channel");
goto on_error;
}
libssh2_channel_set_blocking(channel, 1);
s->session = session;
s->channel = channel;
t->current_stream = s;
if (cred)
cred->free(cred);
git__free(host);
git__free(port);
git__free(path);
git__free(user);
git__free(pass);
return 0;
on_error:
s->session = NULL;
s->channel = NULL;
t->current_stream = NULL;
if (*stream)
ssh_stream_free(*stream);
if (cred)
cred->free(cred);
git__free(host);
git__free(port);
git__free(user);
git__free(pass);
if (session)
libssh2_session_free(session);
return error;
}
/* example ssh.run["ls /"] */
static int ssh_run(DC_ITEM *item, AGENT_RESULT *result, const char *encoding)
{
const char *__function_name = "ssh_run";
zbx_sock_t s;
LIBSSH2_SESSION *session;
LIBSSH2_CHANNEL *channel;
int auth_pw = 0, rc, ret = NOTSUPPORTED,
exitcode, bytecount = 0;
char buffer[MAX_BUFFER_LEN], buf[16], *userauthlist,
*publickey = NULL, *privatekey = NULL, *ssherr;
size_t sz;
zabbix_log(LOG_LEVEL_DEBUG, "In %s()", __function_name);
if (FAIL == zbx_tcp_connect(&s, CONFIG_SOURCE_IP, item->interface.addr, item->interface.port, 0))
{
SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Cannot connect to SSH server: %s",
zbx_tcp_strerror()));
goto close;
}
/* initializes an SSH session object */
if (NULL == (session = libssh2_session_init()))
{
SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot initialize SSH session"));
goto tcp_close;
}
/* set blocking mode on session */
libssh2_session_set_blocking(session, 1);
/* Create a session instance and start it up. This will trade welcome */
/* banners, exchange keys, and setup crypto, compression, and MAC layers */
if (0 != libssh2_session_startup(session, s.socket))
{
libssh2_session_last_error(session, &ssherr, NULL, 0);
SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Cannot establish SSH session: %s", ssherr));
goto session_free;
}
/* check what authentication methods are available */
if (NULL != (userauthlist = libssh2_userauth_list(session, item->username, strlen(item->username))))
{
if (NULL != strstr(userauthlist, "password"))
auth_pw |= 1;
if (NULL != strstr(userauthlist, "keyboard-interactive"))
auth_pw |= 2;
if (NULL != strstr(userauthlist, "publickey"))
auth_pw |= 4;
}
else
{
libssh2_session_last_error(session, &ssherr, NULL, 0);
SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Cannot obtain authentication methods: %s", ssherr));
goto session_close;
}
zabbix_log(LOG_LEVEL_DEBUG, "%s() supported authentication methods:'%s'", __function_name, userauthlist);
switch (item->authtype)
{
case ITEM_AUTHTYPE_PASSWORD:
if (auth_pw & 1)
{
/* we could authenticate via password */
if (0 != libssh2_userauth_password(session, item->username, item->password))
{
libssh2_session_last_error(session, &ssherr, NULL, 0);
SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Password authentication failed: %s",
ssherr));
goto session_close;
}
else
zabbix_log(LOG_LEVEL_DEBUG, "%s() password authentication succeeded",
__function_name);
}
else if (auth_pw & 2)
{
/* or via keyboard-interactive */
password = item->password;
if (0 != libssh2_userauth_keyboard_interactive(session, item->username, &kbd_callback))
{
libssh2_session_last_error(session, &ssherr, NULL, 0);
SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Keyboard-interactive authentication"
" failed: %s", ssherr));
goto session_close;
}
else
zabbix_log(LOG_LEVEL_DEBUG, "%s() keyboard-interactive authentication succeeded",
__function_name);
}
else
{
SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Unsupported authentication method."
" Supported methods: %s", userauthlist));
goto session_close;
}
break;
case ITEM_AUTHTYPE_PUBLICKEY:
if (auth_pw & 4)
{
if (NULL == CONFIG_SSH_KEY_LOCATION)
{
SET_MSG_RESULT(result, zbx_strdup(NULL, "Authentication by public key failed."
" SSHKeyLocation option is not set"));
goto session_close;
}
/* or by public key */
publickey = zbx_dsprintf(publickey, "%s/%s", CONFIG_SSH_KEY_LOCATION, item->publickey);
privatekey = zbx_dsprintf(privatekey, "%s/%s", CONFIG_SSH_KEY_LOCATION,
item->privatekey);
if (SUCCEED != zbx_is_regular_file(publickey))
{
SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Cannot access public key file %s",
publickey));
goto session_close;
}
if (SUCCEED != zbx_is_regular_file(privatekey))
{
SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Cannot access private key file %s",
privatekey));
goto session_close;
}
rc = libssh2_userauth_publickey_fromfile(session, item->username, publickey,
privatekey, item->password);
zbx_free(publickey);
zbx_free(privatekey);
if (0 != rc)
{
libssh2_session_last_error(session, &ssherr, NULL, 0);
SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Public key authentication failed:"
" %s", ssherr));
goto session_close;
}
else
zabbix_log(LOG_LEVEL_DEBUG, "%s() authentication by public key succeeded",
__function_name);
}
else
{
SET_MSG_RESULT(result, zbx_dsprintf(NULL, "Unsupported authentication method."
" Supported methods: %s", userauthlist));
goto session_close;
}
break;
}
/* exec non-blocking on the remove host */
while (NULL == (channel = libssh2_channel_open_session(session)))
{
switch (libssh2_session_last_error(session, NULL, NULL, 0))
{
/* marked for non-blocking I/O but the call would block. */
case LIBSSH2_ERROR_EAGAIN:
waitsocket(s.socket, session);
continue;
default:
SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot establish generic session channel"));
goto session_close;
}
}
dos2unix(item->params); /* CR+LF (Windows) => LF (Unix) */
/* request a shell on a channel and execute command */
while (0 != (rc = libssh2_channel_exec(channel, item->params)))
{
switch (rc)
{
case LIBSSH2_ERROR_EAGAIN:
waitsocket(s.socket, session);
continue;
default:
SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot request a shell"));
goto channel_close;
}
}
for (;;)
{
/* loop until we block */
do
{
if (0 < (rc = libssh2_channel_read(channel, buf, sizeof(buf))))
{
sz = (size_t)rc;
if (sz > MAX_BUFFER_LEN - (bytecount + 1))
sz = MAX_BUFFER_LEN - (bytecount + 1);
if (0 == sz)
continue;
memcpy(buffer + bytecount, buf, sz);
bytecount += sz;
}
}
while (rc > 0);
/* this is due to blocking that would occur otherwise so we loop on
* this condition
*/
if (LIBSSH2_ERROR_EAGAIN == rc)
waitsocket(s.socket, session);
else if (rc < 0)
{
SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot read data from SSH server"));
goto channel_close;
}
else
break;
}
buffer[bytecount] = '\0';
SET_STR_RESULT(result, convert_to_utf8(buffer, bytecount, encoding));
ret = SYSINFO_RET_OK;
channel_close:
/* close an active data channel */
exitcode = 127;
while (0 != (rc = libssh2_channel_close(channel)))
{
switch (rc)
{
case LIBSSH2_ERROR_EAGAIN:
waitsocket(s.socket, session);
continue;
default:
libssh2_session_last_error(session, &ssherr, NULL, 0);
zabbix_log(LOG_LEVEL_WARNING, "%s() cannot close generic session channel: %s",
__function_name, ssherr);
break;
}
}
if (0 == rc)
exitcode = libssh2_channel_get_exit_status(channel);
zabbix_log(LOG_LEVEL_DEBUG, "%s() exitcode: %d bytecount: %d",
__function_name, exitcode, bytecount);
libssh2_channel_free(channel);
channel = NULL;
session_close:
libssh2_session_disconnect(session, "Normal Shutdown");
session_free:
libssh2_session_free(session);
tcp_close:
zbx_tcp_close(&s);
close:
zabbix_log(LOG_LEVEL_DEBUG, "End of %s():%s", __function_name, zbx_result_string(ret));
return ret;
}
void* ssh_client_thread(void* data) {
guac_client* client = (guac_client*) data;
ssh_guac_client_data* client_data = (ssh_guac_client_data*) client->data;
char name[1024];
guac_socket* socket = client->socket;
char buffer[8192];
int bytes_read = -1234;
int socket_fd;
int stdout_fd = client_data->term->stdout_pipe_fd[1];
pthread_t input_thread;
libssh2_init(0);
/* Get username */
if (client_data->username[0] == 0)
prompt(client, "Login as: ", client_data->username, sizeof(client_data->username), true);
/* Send new name */
snprintf(name, sizeof(name)-1, "%s@%s", client_data->username, client_data->hostname);
guac_protocol_send_name(socket, name);
/* If key specified, import */
if (client_data->key_base64[0] != 0) {
/* Attempt to read key without passphrase */
client_data->key = ssh_key_alloc(client_data->key_base64,
strlen(client_data->key_base64), "");
/* On failure, attempt with passphrase */
if (client_data->key == NULL) {
/* Prompt for passphrase if missing */
if (client_data->key_passphrase[0] == 0)
prompt(client, "Key passphrase: ", client_data->key_passphrase,
sizeof(client_data->key_passphrase), false);
/* Import key with passphrase */
client_data->key = ssh_key_alloc(client_data->key_base64,
strlen(client_data->key_base64),
client_data->key_passphrase);
/* If still failing, give up */
if (client_data->key == NULL) {
guac_client_log_error(client, "Auth key import failed.");
return NULL;
}
} /* end decrypt key with passphrase */
/* Success */
guac_client_log_info(client, "Auth key successfully imported.");
} /* end if key given */
/* Otherwise, get password if not provided */
else if (client_data->password[0] == 0)
prompt(client, "Password: "******"\x1B[H\x1B[J", 6);
/* Open SSH session */
client_data->session = __guac_ssh_create_session(client, &socket_fd);
if (client_data->session == NULL) {
/* Already aborted within __guac_ssh_create_session() */
return NULL;
}
/* Open channel for terminal */
client_data->term_channel = libssh2_channel_open_session(client_data->session);
if (client_data->term_channel == NULL) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR, "Unable to open terminal channel.");
return NULL;
}
#ifdef ENABLE_SSH_AGENT
/* Start SSH agent forwarding, if enabled */
if (client_data->enable_agent) {
libssh2_session_callback_set(client_data->session,
LIBSSH2_CALLBACK_AUTH_AGENT, (void*) ssh_auth_agent_callback);
/* Request agent forwarding */
if (libssh2_channel_request_auth_agent(client_data->term_channel))
guac_client_log_error(client, "Agent forwarding request failed");
else
guac_client_log_info(client, "Agent forwarding enabled.");
}
client_data->auth_agent = NULL;
#endif
/* Start SFTP session as well, if enabled */
if (client_data->enable_sftp) {
/* Create SSH session specific for SFTP */
guac_client_log_info(client, "Reconnecting for SFTP...");
client_data->sftp_ssh_session = __guac_ssh_create_session(client, NULL);
if (client_data->sftp_ssh_session == NULL) {
/* Already aborted within __guac_ssh_create_session() */
return NULL;
}
/* Request SFTP */
client_data->sftp_session = libssh2_sftp_init(client_data->sftp_ssh_session);
if (client_data->sftp_session == NULL) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR, "Unable to start SFTP session.");
return NULL;
}
/* Set file handler */
client->file_handler = guac_sftp_file_handler;
guac_client_log_info(client, "SFTP session initialized");
}
/* Request PTY */
if (libssh2_channel_request_pty_ex(client_data->term_channel, "linux", sizeof("linux")-1, NULL, 0,
client_data->term->term_width, client_data->term->term_height, 0, 0)) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR, "Unable to allocate PTY.");
return NULL;
}
/* Request shell */
if (libssh2_channel_shell(client_data->term_channel)) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_UPSTREAM_ERROR, "Unable to associate shell with PTY.");
return NULL;
}
/* Logged in */
guac_client_log_info(client, "SSH connection successful.");
/* Start input thread */
if (pthread_create(&(input_thread), NULL, ssh_input_thread, (void*) client)) {
guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, "Unable to start input thread");
return NULL;
}
/* Set non-blocking */
libssh2_session_set_blocking(client_data->session, 0);
/* While data available, write to terminal */
bytes_read = 0;
while (!libssh2_channel_eof(client_data->term_channel)) {
/* Track total amount of data read */
int total_read = 0;
/* Read terminal data */
bytes_read = libssh2_channel_read(client_data->term_channel,
buffer, sizeof(buffer));
/* Attempt to write data received. Exit on failure. */
if (bytes_read > 0) {
int written = guac_terminal_write_all(stdout_fd, buffer, bytes_read);
if (written < 0)
break;
total_read += bytes_read;
}
else if (bytes_read < 0 && bytes_read != LIBSSH2_ERROR_EAGAIN)
break;
#ifdef ENABLE_SSH_AGENT
/* If agent open, handle any agent packets */
if (client_data->auth_agent != NULL) {
bytes_read = ssh_auth_agent_read(client_data->auth_agent);
if (bytes_read > 0)
total_read += bytes_read;
else if (bytes_read < 0 && bytes_read != LIBSSH2_ERROR_EAGAIN)
client_data->auth_agent = NULL;
}
#endif
/* Wait for more data if reads turn up empty */
if (total_read == 0) {
fd_set fds;
struct timeval timeout;
FD_ZERO(&fds);
FD_SET(socket_fd, &fds);
/* Wait for one second */
timeout.tv_sec = 1;
timeout.tv_usec = 0;
if (select(socket_fd+1, &fds, NULL, NULL, &timeout) < 0)
break;
}
}
/* Kill client and Wait for input thread to die */
guac_client_stop(client);
pthread_join(input_thread, NULL);
guac_client_log_info(client, "SSH connection ended.");
return NULL;
}
int main(int argc, char *argv[])
{
unsigned long hostaddr;
int sock, i, auth_pw = 0;
struct sockaddr_in sin;
const char *fingerprint;
char *userauthlist;
LIBSSH2_SESSION *session;
LIBSSH2_CHANNEL *channel;
#ifdef WIN32
WSADATA wsadata;
WSAStartup(MAKEWORD(2,0), &wsadata);
#endif
const char *pubkeyfile="etc/user.pub";
const char *privkeyfile="etc/user";
const char *username="******";
const char *password="******";
int ec = 1;
(void)argc;
(void)argv;
if (getenv ("USER"))
username = getenv ("USER");
if (getenv ("PRIVKEY"))
privkeyfile = getenv ("PRIVKEY");
if (getenv ("PRIVKEY"))
pubkeyfile = getenv ("PUBKEY");
hostaddr = htonl(0x7F000001);
sock = socket(AF_INET, SOCK_STREAM, 0);
#ifndef WIN32
fcntl(sock, F_SETFL, 0);
#endif
sin.sin_family = AF_INET;
sin.sin_port = htons(4711);
sin.sin_addr.s_addr = hostaddr;
if (connect(sock, (struct sockaddr*)(&sin),
sizeof(struct sockaddr_in)) != 0) {
fprintf(stderr, "failed to connect!\n");
return -1;
}
/* Create a session instance and start it up
* This will trade welcome banners, exchange keys, and setup crypto, compression, and MAC layers
*/
session = libssh2_session_init();
if (libssh2_session_startup(session, sock)) {
fprintf(stderr, "Failure establishing SSH session\n");
return -1;
}
/* At this point we havn't authenticated,
* The first thing to do is check the hostkey's fingerprint against our known hosts
* Your app may have it hard coded, may go to a file, may present it to the user, that's your call
*/
fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
printf("Fingerprint: ");
for(i = 0; i < 16; i++) {
printf("%02X ", (unsigned char)fingerprint[i]);
}
printf("\n");
/* check what authentication methods are available */
userauthlist = libssh2_userauth_list(session, username, strlen(username));
printf("Authentication methods: %s\n", userauthlist);
if (strstr(userauthlist, "password") != NULL) {
auth_pw |= 1;
}
if (strstr(userauthlist, "keyboard-interactive") != NULL) {
auth_pw |= 2;
}
if (strstr(userauthlist, "publickey") != NULL) {
auth_pw |= 4;
}
if (auth_pw & 4) {
/* Authenticate by public key */
if (libssh2_userauth_publickey_fromfile(session, username, pubkeyfile, privkeyfile, password)) {
printf("\tAuthentication by public key failed!\n");
goto shutdown;
} else {
printf("\tAuthentication by public key succeeded.\n");
}
} else {
printf("No supported authentication methods found!\n");
goto shutdown;
}
/* Request a shell */
if (!(channel = libssh2_channel_open_session(session))) {
fprintf(stderr, "Unable to open a session\n");
goto shutdown;
}
/* Some environment variables may be set,
* It's up to the server which ones it'll allow though
*/
libssh2_channel_setenv(channel, "FOO", "bar");
/* Request a terminal with 'vanilla' terminal emulation
* See /etc/termcap for more options
*/
if (libssh2_channel_request_pty(channel, "vanilla")) {
fprintf(stderr, "Failed requesting pty\n");
goto skip_shell;
}
/* Open a SHELL on that pty */
if (libssh2_channel_shell(channel)) {
fprintf(stderr, "Unable to request shell on allocated pty\n");
goto shutdown;
}
ec = 0;
skip_shell:
if (channel) {
libssh2_channel_free(channel);
channel = NULL;
}
shutdown:
libssh2_session_disconnect(session, "Normal Shutdown");
libssh2_session_free(session);
#ifdef WIN32
Sleep(1000);
closesocket(sock);
#else
sleep(1);
close(sock);
#endif
return ec;
}
static int _git_ssh_setup_conn(
ssh_subtransport *t,
const char *url,
const char *cmd,
git_smart_subtransport_stream **stream)
{
char *host=NULL, *port=NULL, *path=NULL, *user=NULL, *pass=NULL;
const char *default_port="22";
int auth_methods, error = 0;
size_t i;
ssh_stream *s;
git_cred *cred = NULL;
LIBSSH2_SESSION* session=NULL;
LIBSSH2_CHANNEL* channel=NULL;
t->current_stream = NULL;
*stream = NULL;
if (ssh_stream_alloc(t, url, cmd, stream) < 0)
return -1;
s = (ssh_stream *)*stream;
s->session = NULL;
s->channel = NULL;
for (i = 0; i < ARRAY_SIZE(ssh_prefixes); ++i) {
const char *p = ssh_prefixes[i];
if (!git__prefixcmp(url, p)) {
if ((error = gitno_extract_url_parts(&host, &port, &path, &user, &pass, url, default_port)) < 0)
goto done;
goto post_extract;
}
}
if ((error = git_ssh_extract_url_parts(&host, &user, url)) < 0)
goto done;
port = git__strdup(default_port);
GITERR_CHECK_ALLOC(port);
post_extract:
if ((error = git_socket_stream_new(&s->io, host, port)) < 0 ||
(error = git_stream_connect(s->io)) < 0)
goto done;
if ((error = _git_ssh_session_create(&session, s->io)) < 0)
goto done;
if (t->owner->certificate_check_cb != NULL) {
git_cert_hostkey cert = {{ 0 }}, *cert_ptr;
const char *key;
cert.parent.cert_type = GIT_CERT_HOSTKEY_LIBSSH2;
key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
if (key != NULL) {
cert.type |= GIT_CERT_SSH_SHA1;
memcpy(&cert.hash_sha1, key, 20);
}
key = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
if (key != NULL) {
cert.type |= GIT_CERT_SSH_MD5;
memcpy(&cert.hash_md5, key, 16);
}
if (cert.type == 0) {
giterr_set(GITERR_SSH, "unable to get the host key");
error = -1;
goto done;
}
/* We don't currently trust any hostkeys */
giterr_clear();
cert_ptr = &cert;
error = t->owner->certificate_check_cb((git_cert *) cert_ptr, 0, host, t->owner->message_cb_payload);
if (error < 0) {
if (!giterr_last())
giterr_set(GITERR_NET, "user cancelled hostkey check");
goto done;
}
}
/* we need the username to ask for auth methods */
if (!user) {
if ((error = request_creds(&cred, t, NULL, GIT_CREDTYPE_USERNAME)) < 0)
goto done;
user = git__strdup(((git_cred_username *) cred)->username);
cred->free(cred);
cred = NULL;
if (!user)
goto done;
} else if (user && pass) {
if ((error = git_cred_userpass_plaintext_new(&cred, user, pass)) < 0)
goto done;
}
if ((error = list_auth_methods(&auth_methods, session, user)) < 0)
goto done;
error = GIT_EAUTH;
/* if we already have something to try */
if (cred && auth_methods & cred->credtype)
error = _git_ssh_authenticate_session(session, cred);
while (error == GIT_EAUTH) {
if (cred) {
cred->free(cred);
cred = NULL;
}
if ((error = request_creds(&cred, t, user, auth_methods)) < 0)
goto done;
if (strcmp(user, git_cred__username(cred))) {
giterr_set(GITERR_SSH, "username does not match previous request");
error = -1;
goto done;
}
error = _git_ssh_authenticate_session(session, cred);
}
if (error < 0)
goto done;
channel = libssh2_channel_open_session(session);
if (!channel) {
error = -1;
ssh_error(session, "Failed to open SSH channel");
goto done;
}
libssh2_channel_set_blocking(channel, 1);
s->session = session;
s->channel = channel;
t->current_stream = s;
done:
if (error < 0) {
ssh_stream_free(*stream);
if (session)
libssh2_session_free(session);
}
if (cred)
cred->free(cred);
git__free(host);
git__free(port);
git__free(path);
git__free(user);
git__free(pass);
return error;
}
int ssh_exec(ssh_conn_t *conn, param_t *params)
{
LIBSSH2_CHANNEL *channel;
int rc;
int exitcode = 127;
char *exitsignal=(char *)"none";
const char *commandline = params->command;
/* Exec non-blocking on the remove host */
while( (channel = libssh2_channel_open_session(conn->session)) == NULL &&
libssh2_session_last_error(conn->session,NULL,NULL,0) ==
LIBSSH2_ERROR_EAGAIN )
{
waitsocket(conn);
}
if( channel == NULL )
{
fprintf(stderr,"Error\n");
return ( 1 );
}
rc = ssh_setenv(channel, params);
if(rc<0)
{
if(rc==LIBSSH2_ERROR_CHANNEL_REQUEST_DENIED)
printf("Error: Environment variable is not accepted by target SSH server.");
goto shutdown;
}
while( (rc = libssh2_channel_exec(channel, commandline)) ==
LIBSSH2_ERROR_EAGAIN )
{
waitsocket(conn);
}
if( rc != 0 )
{
fprintf(stderr,"Error\n");
return ( 1 );
}
int stream_id = 0;
for( ;; )
{
/* loop until we block */
int rc;
do
{
char buffer[0x4000];
rc = libssh2_channel_read_ex( channel, stream_id, buffer, sizeof(buffer) );
if( rc > 0 )
{
fwrite(buffer, sizeof(char), rc, stream_id==0?stdout:stderr);
}else{
if( rc != LIBSSH2_ERROR_EAGAIN ) goto shutdown;
}
}
while( rc > 0 );
/* this is due to blocking that would occur otherwise so we loop on
this condition */
if( rc == LIBSSH2_ERROR_EAGAIN )
{
waitsocket(conn);
}
else
break;
stream_id = stream_id==0?1:0;
}
while( (rc = libssh2_channel_close(channel)) == LIBSSH2_ERROR_EAGAIN )
waitsocket(conn);
if( rc == 0 )
{
exitcode = libssh2_channel_get_exit_status( channel );
libssh2_channel_get_exit_signal(channel, &exitsignal,
NULL, NULL, NULL, NULL, NULL);
}
shutdown:
libssh2_channel_free(channel);
channel = NULL;
return exitcode;
}
static int _git_ssh_setup_conn(
ssh_subtransport *t,
const char *url,
const char *cmd,
git_smart_subtransport_stream **stream)
{
char *host=NULL, *port=NULL, *path=NULL, *user=NULL, *pass=NULL;
const char *default_port="22";
ssh_stream *s;
LIBSSH2_SESSION* session=NULL;
LIBSSH2_CHANNEL* channel=NULL;
*stream = NULL;
if (ssh_stream_alloc(t, url, cmd, stream) < 0)
return -1;
s = (ssh_stream *)*stream;
if (!git__prefixcmp(url, prefix_ssh)) {
if (gitno_extract_url_parts(&host, &port, &path, &user, &pass, url, default_port) < 0)
goto on_error;
} else {
if (git_ssh_extract_url_parts(&host, &user, url) < 0)
goto on_error;
port = git__strdup(default_port);
GITERR_CHECK_ALLOC(port);
}
if (gitno_connect(&s->socket, host, port, 0) < 0)
goto on_error;
if (user && pass) {
if (git_cred_userpass_plaintext_new(&t->cred, user, pass) < 0)
goto on_error;
} else if (t->owner->cred_acquire_cb) {
if (t->owner->cred_acquire_cb(
&t->cred, t->owner->url, user,
GIT_CREDTYPE_USERPASS_PLAINTEXT |
GIT_CREDTYPE_SSH_KEY |
GIT_CREDTYPE_SSH_CUSTOM,
t->owner->cred_acquire_payload) < 0)
goto on_error;
if (!t->cred) {
giterr_set(GITERR_SSH, "Callback failed to initialize SSH credentials");
goto on_error;
}
} else {
giterr_set(GITERR_SSH, "Cannot set up SSH connection without credentials");
goto on_error;
}
assert(t->cred);
if (!user && !git_cred_has_username(t->cred)) {
giterr_set_str(GITERR_NET, "Cannot authenticate without a username");
goto on_error;
}
if (_git_ssh_session_create(&session, s->socket) < 0)
goto on_error;
if (_git_ssh_authenticate_session(session, user, t->cred) < 0)
goto on_error;
channel = libssh2_channel_open_session(session);
if (!channel) {
ssh_error(session, "Failed to open SSH channel");
goto on_error;
}
libssh2_channel_set_blocking(channel, 1);
s->session = session;
s->channel = channel;
t->current_stream = s;
git__free(host);
git__free(port);
git__free(path);
git__free(user);
git__free(pass);
return 0;
on_error:
s->session = NULL;
s->channel = NULL;
t->current_stream = NULL;
if (*stream)
ssh_stream_free(*stream);
git__free(host);
git__free(port);
git__free(user);
git__free(pass);
if (session)
libssh2_session_free(session);
return -1;
}
int execute_command(struct remote *rm)
{
/* Sets up the pthread functionality of gcrypt
* libssh2 doesn't do this for us so we have to do it ourselves*/
gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
openlog("remote-monitor-base",LOG_PID|LOG_CONS,LOG_USER);
syslog(LOG_DEBUG,"Starting SSH execution on rm->hostname: %s with rm->username: %s and port: %d",rm->hostname,rm->username,rm->port);
size_t len;
int type;
unsigned long hostaddress;
int sock;
const char *fingerprint;
int bytecount = 0;
struct sockaddr_in sin;
LIBSSH2_SESSION *session;
LIBSSH2_CHANNEL *channel;
LIBSSH2_KNOWNHOSTS *nh;
/* results stores the output from the commands after they're executed
* Each command has a corresponding result so the results array is set to the same length as the commands array */
rm->results = malloc(rm->num_commands * sizeof(char*));
for(int i = 0; i < rm->num_commands; i++)
rm->results[i] = malloc(2048 * sizeof(char));
/* Initialise libssh2 and check to see if it was initialized properly
* libssh2_init isn't thread safe so we need to lock the thread while it executes*/
pthread_mutex_lock(&sshinit_lock);
int rc = libssh2_init(0);
pthread_mutex_unlock(&sshinit_lock);
if(rc!=0) {
syslog(LOG_ERR,"libssh2 initilization failed");
return 1;
}
/* Creates a socket connection to the specified host on the specified port */
hostaddress = inet_addr(rm->hostname);
sock = socket(AF_INET, SOCK_STREAM, 0);
sin.sin_family = AF_INET;
sin.sin_port = htons(rm->port);
sin.sin_addr.s_addr = hostaddress;
/* Check to see if the connection was successful */
if(connect(sock, (struct sockaddr*)(&sin), sizeof(struct sockaddr_in)) != 0) {
syslog(LOG_ERR,"Failed to connect to %s on port %d", rm->hostname, rm->port);
return 1;
}
/* Initialise the session and check for success */
session = libssh2_session_init();
if(!session) {
syslog(LOG_ERR,"Error creating session on host %s", rm->hostname);
return 1;
}
/* Disable blocking for this session */
libssh2_session_set_blocking(session,0);
/* Start the session on the specified socket and check for success */
while( (rc = libssh2_session_startup(session,sock)) == LIBSSH2_ERROR_EAGAIN);
if(rc) {
syslog(LOG_ERR,"Failure establishing SSH session %d on host %s", rc, rm->hostname);
goto error;
}
/* Get the current host key and check to see if it matches with any known hosts */
nh = libssh2_knownhost_init(session);
if(!nh) {
syslog(LOG_ERR,"Error while initialising known hosts collection on host %s",rm->hostname);
goto error;
}
libssh2_knownhost_readfile(nh,"known_hosts",LIBSSH2_KNOWNHOST_FILE_OPENSSH);
//libssh2_knownhost_writefile(nh,"dumpfile",LIBSSH2_KNOWNHOST_FILE_OPENSSH);
fingerprint = libssh2_session_hostkey(session,&len,&type);
if(fingerprint) {
struct libssh2_knownhost *host;
int check = libssh2_knownhost_checkp(nh,rm->hostname,rm->port,fingerprint,len
,LIBSSH2_KNOWNHOST_TYPE_PLAIN|LIBSSH2_KNOWNHOST_KEYENC_RAW,&host);
if(check == LIBSSH2_KNOWNHOST_CHECK_MATCH)
syslog(LOG_DEBUG,"Found matching host key for host %s",rm->hostname);
else if(check == LIBSSH2_KNOWNHOST_CHECK_MISMATCH)
syslog(LOG_ERR,"Host key was found but the key's didn't match for host %s",rm->hostname);
//TODO Some sort of critical error will need to be generated here
else if(check == LIBSSH2_KNOWNHOST_CHECK_NOTFOUND)
syslog(LOG_ERR,"No host match was found for %s",rm->hostname);
//TODO Have the ability to add the host key here
else
syslog(LOG_ERR,"There was a failure while attempting to match host keys for host %s",rm->hostname);
}
else {
syslog(LOG_ERR,"Couldn't get host key for host: %s",rm->hostname);
goto error;
}
libssh2_knownhost_free(nh);
/* Authenticate with the specified rm->username and passwod and check for success */
// TODO Add ability to authenticate with a private key
if( (strlen(rm->password)) != 0 ) {
syslog(LOG_DEBUG,"Using rm->password authentication for host %s",rm->hostname);
while( (rc = libssh2_userauth_password(session,rm->username,rm->password)) == LIBSSH2_ERROR_EAGAIN);
if(rc) {
syslog(LOG_ERR,"Authentication to host %s failed",rm->hostname);
goto error;
}
}
else if( ( (strlen(rm->publickey)) != 0 ) && ( ( strlen(rm->privatekey)) != 0) ) {
syslog(LOG_DEBUG,"Using public key authentication for host %s",rm->hostname);
while( (rc = libssh2_userauth_publickey_fromfile(session,rm->username,rm->publickey,rm->privatekey,NULL)) == LIBSSH2_ERROR_EAGAIN);
switch(rc) {
case 0:
break;
case LIBSSH2_ERROR_AUTHENTICATION_FAILED:
syslog(LOG_ERR,"Authentication using the supplied key for host %s was not accepted",rm->hostname);
goto error;
case LIBSSH2_ERROR_PUBLICKEY_UNVERIFIED:
syslog(LOG_ERR,"The rm->username/public key combination was invalid for host %s",rm->hostname);
goto error;
default:
syslog(LOG_ERR,"Authentication to host %s failed",rm->hostname);
goto error;
}
}
/* Open a session for each command */
for(int i = 0; i < rm->num_commands; i++) {
/* Open a channel on the current channel and check for success */
while( (channel = libssh2_channel_open_session(session)) == NULL && libssh2_session_last_error(session,NULL,NULL,0) == LIBSSH2_ERROR_EAGAIN) {
waitsocket(sock,session);
}
if(channel == NULL) {
syslog(LOG_ERR,"Error opening SSH channel on host %s",rm->hostname);
asprintf(&(rm->results[i]),NULL);
break;
}
/* Execute the command and check for success */
while( (rc = libssh2_channel_exec(channel,rm->commands[i])) == LIBSSH2_ERROR_EAGAIN) {
waitsocket(sock,session);
}
if(rc!=0) {
syslog(LOG_ERR,"Error while executing %s in channel on host %s",rm->commands[i],rm->hostname);
asprintf(&(rm->results[i]),NULL);
break;
}
/* Continuously read the returned stream and break once the stream has been read */
for(;;) {
int rc;
do
{
char buffer[2048];
rc = libssh2_channel_read(channel,buffer,sizeof(buffer));
if(rc > 0) {
bytecount += rc;
char *output;
output = buffer;
syslog(LOG_ERR,"Got output from command %s on host %s:%s",rm->commands[i],rm->hostname,output);
/* Store the output in the results array */
asprintf(&(rm->results[i]),"%s",output);
memset(buffer,0,2048);
}
} while(rc > 0);
if(rc == LIBSSH2_ERROR_EAGAIN) {
waitsocket(sock,session);
}
else
break;
}
/* Close the channel and check for success */
while( (rc = libssh2_channel_close(channel)) == LIBSSH2_ERROR_EAGAIN) {
waitsocket(sock,session);
}
if( (libssh2_channel_free(channel)) < 0)
syslog(LOG_ERR,"Error while freeing channel on host %s",rm->hostname);
channel = NULL;
}
shutdown:
syslog(LOG_DEBUG,"Disconnecting SSH session for host %s",rm->hostname);
libssh2_session_disconnect(session,"Normal SSH disconnection");
libssh2_session_free(session);
close(sock);
libssh2_exit();
closelog();
return 0;
error:
syslog(LOG_DEBUG,"Disconnection SSH session for host %s",rm->hostname);
libssh2_session_disconnect(session,"Normal SSH disconnection");
libssh2_session_free(session);
close(sock);
libssh2_exit();
closelog();
return 1;
}
int main(int argc, char *argv[])
{
unsigned long hostaddr;
int rc, sock, i, auth_pw = 0;
struct sockaddr_in sin;
const char *fingerprint;
char *userauthlist;
LIBSSH2_SESSION *session;
LIBSSH2_CHANNEL *channel;
#ifdef WIN32
WSADATA wsadata;
int err;
err = WSAStartup(MAKEWORD(2,0), &wsadata);
if (err != 0) {
fprintf(stderr, "WSAStartup failed with error: %d\n", err);
return 1;
}
#endif
if (argc > 1) {
hostaddr = inet_addr(argv[1]);
} else {
hostaddr = htonl(0x7F000001);
}
if(argc > 2) {
username = argv[2];
}
if(argc > 3) {
password = argv[3];
}
rc = libssh2_init (0);
if (rc != 0) {
fprintf (stderr, "libssh2 initialization failed (%d)\n", rc);
return 1;
}
/* Ultra basic "connect to port 22 on localhost". Your code is
* responsible for creating the socket establishing the connection
*/
sock = socket(AF_INET, SOCK_STREAM, 0);
sin.sin_family = AF_INET;
sin.sin_port = htons(22);
sin.sin_addr.s_addr = hostaddr;
if (connect(sock, (struct sockaddr*)(&sin),
sizeof(struct sockaddr_in)) != 0) {
fprintf(stderr, "failed to connect!\n");
return -1;
}
/* Create a session instance and start it up. This will trade welcome
* banners, exchange keys, and setup crypto, compression, and MAC layers
*/
session = libssh2_session_init();
if (libssh2_session_handshake(session, sock)) {
fprintf(stderr, "Failure establishing SSH session\n");
return -1;
}
/* At this point we havn't authenticated. The first thing to do is check
* the hostkey's fingerprint against our known hosts Your app may have it
* hard coded, may go to a file, may present it to the user, that's your
* call
*/
fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
fprintf(stderr, "Fingerprint: ");
for(i = 0; i < 20; i++) {
fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
}
fprintf(stderr, "\n");
/* check what authentication methods are available */
userauthlist = libssh2_userauth_list(session, username, strlen(username));
fprintf(stderr, "Authentication methods: %s\n", userauthlist);
if (strstr(userauthlist, "password") != NULL) {
auth_pw |= 1;
}
if (strstr(userauthlist, "keyboard-interactive") != NULL) {
auth_pw |= 2;
}
if (strstr(userauthlist, "publickey") != NULL) {
auth_pw |= 4;
}
/* if we got an 4. argument we set this option if supported */
if(argc > 4) {
if ((auth_pw & 1) && !strcasecmp(argv[4], "-p")) {
auth_pw = 1;
}
if ((auth_pw & 2) && !strcasecmp(argv[4], "-i")) {
auth_pw = 2;
}
if ((auth_pw & 4) && !strcasecmp(argv[4], "-k")) {
auth_pw = 4;
}
}
if (auth_pw & 1) {
/* We could authenticate via password */
if (libssh2_userauth_password(session, username, password)) {
fprintf(stderr, "\tAuthentication by password failed!\n");
goto shutdown;
} else {
fprintf(stderr, "\tAuthentication by password succeeded.\n");
}
} else if (auth_pw & 2) {
/* Or via keyboard-interactive */
if (libssh2_userauth_keyboard_interactive(session, username,
&kbd_callback) ) {
fprintf(stderr,
"\tAuthentication by keyboard-interactive failed!\n");
goto shutdown;
} else {
fprintf(stderr,
"\tAuthentication by keyboard-interactive succeeded.\n");
}
} else if (auth_pw & 4) {
/* Or by public key */
if (libssh2_userauth_publickey_fromfile(session, username, keyfile1,
keyfile2, password)) {
fprintf(stderr, "\tAuthentication by public key failed!\n");
goto shutdown;
} else {
fprintf(stderr, "\tAuthentication by public key succeeded.\n");
}
} else {
fprintf(stderr, "No supported authentication methods found!\n");
goto shutdown;
}
/* Request a shell */
if (!(channel = libssh2_channel_open_session(session))) {
fprintf(stderr, "Unable to open a session\n");
goto shutdown;
}
/* Some environment variables may be set,
* It's up to the server which ones it'll allow though
*/
libssh2_channel_setenv(channel, "FOO", "bar");
/* Request a terminal with 'vanilla' terminal emulation
* See /etc/termcap for more options
*/
if (libssh2_channel_request_pty(channel, "vanilla")) {
fprintf(stderr, "Failed requesting pty\n");
goto skip_shell;
}
/* Open a SHELL on that pty */
if (libssh2_channel_shell(channel)) {
fprintf(stderr, "Unable to request shell on allocated pty\n");
goto shutdown;
}
/* At this point the shell can be interacted with using
* libssh2_channel_read()
* libssh2_channel_read_stderr()
* libssh2_channel_write()
* libssh2_channel_write_stderr()
*
* Blocking mode may be (en|dis)abled with: libssh2_channel_set_blocking()
* If the server send EOF, libssh2_channel_eof() will return non-0
* To send EOF to the server use: libssh2_channel_send_eof()
* A channel can be closed with: libssh2_channel_close()
* A channel can be freed with: libssh2_channel_free()
*/
skip_shell:
if (channel) {
libssh2_channel_free(channel);
channel = NULL;
}
/* Other channel types are supported via:
* libssh2_scp_send()
* libssh2_scp_recv()
* libssh2_channel_direct_tcpip()
*/
shutdown:
libssh2_session_disconnect(session,
"Normal Shutdown, Thank you for playing");
libssh2_session_free(session);
#ifdef WIN32
closesocket(sock);
#else
close(sock);
#endif
fprintf(stderr, "all done!\n");
libssh2_exit();
return 0;
}
int ssh_shell_channel_open(void* ssh_session)
{
SSH_SESSION* p_session;
LIBSSH2_CHANNEL* channel;
int ec;
p_session = (SSH_SESSION*)ssh_session;
if(!(login_check(p_session)))
{
debug_log(SSH_TERMINAL_NO_SESSION_ERROR, "ssh_shell_channel_open : no session.");
return SSH_TERMINAL_NO_SESSION_ERROR;
}
if(p_session->session_param->channel != NULL)
{
debug_log(SSH_TERMINAL_ALREADY_CHANNEL_OPEN, "ssh_shell_channel_open : already channel open.");
return SSH_TERMINAL_ALREADY_CHANNEL_OPEN;
}
while((channel = libssh2_channel_open_session(p_session->session_param->session)) == NULL &&
libssh2_session_last_error(p_session->session_param->session, NULL, NULL, 0) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
if(channel == NULL)
{
debug_log(SSH_TERMINAL_CHANNEL_OPEN_ERROR, "ssh_shell_channel_open : channel open failed.");
return SSH_TERMINAL_CHANNEL_OPEN_ERROR;
}
while((ec = libssh2_channel_request_pty(channel, "vt100")) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);;
}
if(ec < 0){
debug_log(SSH_TERMINAL_REQUEST_PTY_ERROR, "ssh_shell_channel_open : request pty failed.");
while(libssh2_channel_close(channel) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
libssh2_channel_free(channel);
return SSH_TERMINAL_REQUEST_PTY_ERROR;
}
while((ec = libssh2_channel_request_pty_size(channel, DEFAULT_PTY_SIZE_WIDTH, DEFAULT_PTY_SIZE_HEIGHT)) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
if(ec < 0){
debug_log(SSH_TERMINAL_REQUEST_PTY_ERROR, "ssh_shell_channel_open : request pty failed.");
while(libssh2_channel_close(channel) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
libssh2_channel_free(channel);
return SSH_TERMINAL_REQUEST_PTY_ERROR;
}
while((ec = libssh2_channel_shell(channel)) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
if(ec < 0)
{
debug_log(SSH_TERMINAL_SHELL_ERROR, "ssh_shell_channel_open : channel shell failed.");
while(libssh2_channel_close(channel) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
libssh2_channel_free(channel);
return SSH_TERMINAL_SHELL_ERROR;
}
p_session->session_param->channel = channel;
p_session->session_param->channel_type = CHANNEL_TYPE_SHELL;
return 0;
}
static int exec_channel_command_exec(SSH_SESSION* p_session, const char* command, int (*callback)(char*, const char*, void*), void* obj)
{
char* buffer;
int buffer_length = COMMAND_RESULT_BUFFER_LENGTH;
int ec;
int result_code;
LIBSSH2_CHANNEL* channel;
while((ec = libssh2_channel_exec(p_session->session_param->channel, command)) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
if(ec < 0)
{
debug_log(SSH_TERMINAL_COMMAND_EXEC_ERROR, "sync_command_exec : channel exec failed.");
return SSH_TERMINAL_COMMAND_EXEC_ERROR;
}
buffer = (char*)malloc(sizeof(char) * (buffer_length + 1));
while(1)
{
do{
memset(buffer, 0, buffer_length + 1);
ec = libssh2_channel_read(p_session->session_param->channel, buffer, buffer_length);
if(ec == 0)
{
ec = libssh2_channel_read_stderr(p_session->session_param->channel, buffer, buffer_length);
}
if(ec > 0)
{
callback(buffer, command, obj);
}
}
while(ec > 0);
if(ec == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
else
{
break;
}
}
free(buffer);
if(ec < 0)
{
debug_log(SSH_TERMINAL_CHANNEL_READ_ERROR, "sync_command_exec : channel read failed.");
result_code = SSH_TERMINAL_CHANNEL_READ_ERROR;
}
else
{
result_code = 0;
}
while(libssh2_channel_close(p_session->session_param->channel) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
libssh2_channel_free(p_session->session_param->channel);
while((channel = libssh2_channel_open_session(p_session->session_param->session)) == NULL &&
libssh2_session_last_error(p_session->session_param->session, NULL, NULL, 0) == LIBSSH2_ERROR_EAGAIN)
{
waitsocket(p_session->session_param->sock, p_session->session_param->session, TIMEOUT_SEC);
}
if(channel == NULL)
{
result_code = SSH_TERMINAL_CHANNEL_OPEN_ERROR;
}
p_session->session_param->channel = channel;
return result_code;
}
QString Parser::sshRequest(QString commandline)
{
QString host_ip(this->sharedHost);
QString user_name=this->sharedUser;
QString pass_word=this->sharedPass;
//---------- connection --------------
int libssh2_error = libssh2_init(0);
if(libssh2_error)
{
qDebug("libssh2_init() error: %d", libssh2_error);
//return -2;
}
QTcpSocket socket;
socket.connectToHost(host_ip, 22);
if(!socket.waitForConnected())
{
qDebug("Error connecting to host %s", host_ip.toLocal8Bit().constData());
//return -1;
}
LIBSSH2_SESSION *session = libssh2_session_init();
if(!session)
{
qDebug("libssh2_session_init() failed");
//return -2;
}
libssh2_error = libssh2_session_startup(session, socket.socketDescriptor());
if(libssh2_error)
{
qDebug("libssh2_session_startup() error: %d", libssh2_error);
//return -3;
}
{
/* At this point we havn't yet authenticated. The first thing to do
* is check the hostkey's fingerprint against our known hosts Your app
* may have it hard coded, may go to a file, may present it to the
* user, that's your call
*/
const char *fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
}
libssh2_userauth_list(session, user_name.toLocal8Bit().constData(), user_name.toLocal8Bit().length());
if(libssh2_userauth_password(
session,
user_name.toLocal8Bit().constData(),
pass_word.toLocal8Bit().constData()
))
{
qDebug("Password authentication failed");
socket.disconnectFromHost();
libssh2_session_disconnect(session, "Client disconnecting for error");
libssh2_session_free(session);
libssh2_exit();
//return -4;
}
// command channel
//------------setup channel ----------------------
LIBSSH2_CHANNEL *channel = NULL;
channel = libssh2_channel_open_session(session);
int rc;
if ( channel == NULL )
{
qDebug()<<"Failed to open a new channel\n";
socket.disconnectFromHost();
//return -1;
}
libssh2_channel_set_blocking(channel, 1);
while ((rc=libssh2_channel_exec(channel, commandline.toLocal8Bit().constData()))==LIBSSH2_ERROR_EAGAIN );
if (rc)
{
//return -1;
}
//-------read channel-----------
int read;
QByteArray byte_array;
byte_array.resize(4096);
char* buffer=byte_array.data();
int buffer_size=byte_array.size();
QString myOutPut;
while(true)
{
{
read = libssh2_channel_read(channel, buffer, buffer_size);
QByteArray debug = QByteArray(buffer, read);
//qDebug()<<"STDOUT: "<<debug.constData();
myOutPut = debug.constData();
qDebug() << myOutPut;
if(LIBSSH2_ERROR_EAGAIN == read)
{
qDebug("LIBSSH2_ERROR_EAGAIN");
break;
}
else if(read < 0)
{
qDebug(" error reading from channel");
closeChannel(channel);
goto next_channel;
}
}
{
read = libssh2_channel_read_stderr(channel, buffer, buffer_size);
QByteArray debug = QByteArray(buffer, read);
qDebug()<<"STDERR: "<<debug.constData();
if(LIBSSH2_ERROR_EAGAIN == read)
{
qDebug("LIBSSH2_ERROR_EAGAIN");
break;
}
else if(read < 0)
{
qDebug(" error reading from channel");
closeChannel(channel);
goto next_channel;
}
}
int i=0;
i = libssh2_channel_eof(channel);
if(i)
{
qDebug("libssh2_channel_eof %i", i);
closeChannel(channel);
goto next_channel;
}
}
next_channel:
//------------ clean session
socket.disconnectFromHost();
libssh2_session_disconnect(session, "Client disconnecting normally");
libssh2_session_free(session);
libssh2_exit();
return myOutPut;
}