* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
- * are also available at http://curl.haxx.se/docs/copyright.html.
+ * are also available at https://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
#include "url.h"
#include "speedcheck.h"
#include "getinfo.h"
-
-#include "strequal.h"
+#include "strdup.h"
+#include "strcase.h"
#include "vtls/vtls.h"
#include "connect.h"
#include "strerror.h"
#include "multiif.h"
#include "select.h"
#include "warnless.h"
+
+/* The last 3 #include files should be in this order */
#include "curl_printf.h"
#include "curl_memory.h"
-/* The last #include file should be: */
#include "memdebug.h"
#ifdef WIN32
have their definition hidden well */
#endif
+#if LIBSSH2_VERSION_NUM >= 0x010206
+/* libssh2_sftp_statvfs and friends were added in 1.2.6 */
+#define HAS_STATVFS_SUPPORT 1
+#endif
+
#define sftp_libssh2_last_error(s) curlx_ultosi(libssh2_sftp_last_error(s))
#define sftp_libssh2_realpath(s,p,t,m) \
static CURLcode sftp_libssh2_error_to_CURLE(int err)
{
- switch (err) {
+ switch(err) {
case LIBSSH2_FX_OK:
return CURLE_OK;
static CURLcode libssh2_session_error_to_CURLE(int err)
{
- switch (err) {
+ switch(err) {
/* Ordered by order of appearance in libssh2.h */
case LIBSSH2_ERROR_NONE:
return CURLE_OK;
"SSH_SFTP_QUOTE_RENAME",
"SSH_SFTP_QUOTE_RMDIR",
"SSH_SFTP_QUOTE_UNLINK",
+ "SSH_SFTP_QUOTE_STATVFS",
+ "SSH_SFTP_GETINFO",
+ "SSH_SFTP_FILETIME",
"SSH_SFTP_TRANS_INIT",
"SSH_SFTP_UPLOAD_INIT",
"SSH_SFTP_CREATE_DIRS_INIT",
char **path) /* returns the allocated
real path to work with */
{
- struct SessionHandle *data = conn->data;
+ struct Curl_easy *data = conn->data;
char *real_path = NULL;
char *working_path;
- int working_path_len;
-
- working_path = curl_easy_unescape(data, data->state.path, 0,
- &working_path_len);
- if(!working_path)
- return CURLE_OUT_OF_MEMORY;
-
- /* Check for /~/ , indicating relative to the user's home directory */
+ size_t working_path_len;
+ CURLcode result =
+ Curl_urldecode(data, data->state.path, 0, &working_path,
+ &working_path_len, FALSE);
+ if(result)
+ return result;
+
+ /* Check for /~/, indicating relative to the user's home directory */
if(conn->handler->protocol & CURLPROTO_SCP) {
real_path = malloc(working_path_len+1);
if(real_path == NULL) {
}
#ifdef HAVE_LIBSSH2_KNOWNHOST_API
-static int sshkeycallback(CURL *easy,
+static int sshkeycallback(struct Curl_easy *easy,
const struct curl_khkey *knownkey, /* known */
const struct curl_khkey *foundkey, /* found */
enum curl_khmatch match,
CURLcode result = CURLE_OK;
#ifdef HAVE_LIBSSH2_KNOWNHOST_API
- struct SessionHandle *data = conn->data;
+ struct Curl_easy *data = conn->data;
if(data->set.str[STRING_SSH_KNOWNHOSTS]) {
/* we're asked to verify the host against a file */
static CURLcode ssh_check_fingerprint(struct connectdata *conn)
{
struct ssh_conn *sshc = &conn->proto.sshc;
- struct SessionHandle *data = conn->data;
+ struct Curl_easy *data = conn->data;
const char *pubkey_md5 = data->set.str[STRING_SSH_HOST_PUBLIC_KEY_MD5];
char md5buffer[33];
int i;
* against a known fingerprint, if available.
*/
if(pubkey_md5 && strlen(pubkey_md5) == 32) {
- if(!fingerprint || !strequal(md5buffer, pubkey_md5)) {
+ if(!fingerprint || !strcasecompare(md5buffer, pubkey_md5)) {
if(fingerprint)
failf(data,
"Denied establishing ssh session: mismatch md5 fingerprint. "
static CURLcode ssh_statemach_act(struct connectdata *conn, bool *block)
{
CURLcode result = CURLE_OK;
- struct SessionHandle *data = conn->data;
+ struct Curl_easy *data = conn->data;
struct SSHPROTO *sftp_scp = data->req.protop;
struct ssh_conn *sshc = &conn->proto.sshc;
curl_socket_t sock = conn->sock[FIRSTSOCKET];
state(conn, SSH_AUTH_DONE);
break;
}
- else if((err = libssh2_session_last_errno(sshc->ssh_session)) ==
- LIBSSH2_ERROR_EAGAIN) {
- rc = LIBSSH2_ERROR_EAGAIN;
- break;
- }
else {
- state(conn, SSH_SESSION_FREE);
- sshc->actualcode = libssh2_session_error_to_CURLE(err);
+ err = libssh2_session_last_errno(sshc->ssh_session);
+ if(err == LIBSSH2_ERROR_EAGAIN)
+ rc = LIBSSH2_ERROR_EAGAIN;
+ else {
+ state(conn, SSH_SESSION_FREE);
+ sshc->actualcode = libssh2_session_error_to_CURLE(err);
+ }
break;
}
}
* libssh2 extract the public key from the private key file.
* This is done by simply passing sshc->rsa_pub = NULL.
*/
- if(data->set.str[STRING_SSH_PUBLIC_KEY]) {
+ if(data->set.str[STRING_SSH_PUBLIC_KEY]
+ /* treat empty string the same way as NULL */
+ && data->set.str[STRING_SSH_PUBLIC_KEY][0]) {
sshc->rsa_pub = strdup(data->set.str[STRING_SSH_PUBLIC_KEY]);
if(!sshc->rsa_pub)
out_of_memory = TRUE;
break;
}
- sshc->passphrase = data->set.str[STRING_KEY_PASSWD];
+ sshc->passphrase = data->set.ssl.key_passwd;
if(!sshc->passphrase)
sshc->passphrase = "";
free(home);
- infof(data, "Using SSH public key file '%s'\n", sshc->rsa_pub);
+ if(sshc->rsa_pub)
+ infof(data, "Using SSH public key file '%s'\n", sshc->rsa_pub);
infof(data, "Using SSH private key file '%s'\n", sshc->rsa);
state(conn, SSH_AUTH_PKEY);
&err_msg, NULL, 0);
infof(data, "SSH public key authentication failed: %s\n", err_msg);
state(conn, SSH_AUTH_PASS_INIT);
+ rc = 0; /* clear rc and continue */
}
break;
}
else {
state(conn, SSH_AUTH_HOST_INIT);
+ rc = 0; /* clear rc and continue */
}
break;
if(rc < 0) {
infof(data, "Failure connecting to agent\n");
state(conn, SSH_AUTH_KEY_INIT);
+ rc = 0; /* clear rc and continue */
}
else {
state(conn, SSH_AUTH_AGENT_LIST);
if(rc < 0) {
infof(data, "Failure requesting identities to agent\n");
state(conn, SSH_AUTH_KEY_INIT);
+ rc = 0; /* clear rc and continue */
}
else {
state(conn, SSH_AUTH_AGENT);
else {
/* Return the error type */
err = sftp_libssh2_last_error(sshc->sftp_session);
- result = sftp_libssh2_error_to_CURLE(err);
- sshc->actualcode = result?result:CURLE_SSH;
+ if(err)
+ result = sftp_libssh2_error_to_CURLE(err);
+ else
+ /* in this case, the error wasn't in the SFTP level but for example
+ a time-out or similar */
+ result = CURLE_SSH;
+ sshc->actualcode = result;
DEBUGF(infof(data, "error = %d makes libcurl = %d\n",
err, (int)result));
state(conn, SSH_STOP);
state(conn, SSH_SFTP_QUOTE);
}
else {
- state(conn, SSH_SFTP_TRANS_INIT);
+ state(conn, SSH_SFTP_GETINFO);
}
break;
sshc->acceptfail = TRUE;
}
- if(curl_strequal("pwd", cmd)) {
+ if(strcasecompare("pwd", cmd)) {
/* output debug output if that is requested */
char *tmp = aprintf("257 \"%s\" is current directory.\n",
sftp_scp->path);
* OpenSSH's sftp program and call the appropriate libssh2
* functions.
*/
- if(curl_strnequal(cmd, "chgrp ", 6) ||
- curl_strnequal(cmd, "chmod ", 6) ||
- curl_strnequal(cmd, "chown ", 6) ) {
+ if(strncasecompare(cmd, "chgrp ", 6) ||
+ strncasecompare(cmd, "chmod ", 6) ||
+ strncasecompare(cmd, "chown ", 6) ) {
/* attribute change */
/* sshc->quote_path1 contains the mode to set */
state(conn, SSH_SFTP_QUOTE_STAT);
break;
}
- else if(curl_strnequal(cmd, "ln ", 3) ||
- curl_strnequal(cmd, "symlink ", 8)) {
+ else if(strncasecompare(cmd, "ln ", 3) ||
+ strncasecompare(cmd, "symlink ", 8)) {
/* symbolic linking */
/* sshc->quote_path1 is the source */
/* get the destination */
state(conn, SSH_SFTP_QUOTE_SYMLINK);
break;
}
- else if(curl_strnequal(cmd, "mkdir ", 6)) {
+ else if(strncasecompare(cmd, "mkdir ", 6)) {
/* create dir */
state(conn, SSH_SFTP_QUOTE_MKDIR);
break;
}
- else if(curl_strnequal(cmd, "rename ", 7)) {
+ else if(strncasecompare(cmd, "rename ", 7)) {
/* rename file */
/* first param is the source path */
/* second param is the dest. path */
state(conn, SSH_SFTP_QUOTE_RENAME);
break;
}
- else if(curl_strnequal(cmd, "rmdir ", 6)) {
+ else if(strncasecompare(cmd, "rmdir ", 6)) {
/* delete dir */
state(conn, SSH_SFTP_QUOTE_RMDIR);
break;
}
- else if(curl_strnequal(cmd, "rm ", 3)) {
+ else if(strncasecompare(cmd, "rm ", 3)) {
state(conn, SSH_SFTP_QUOTE_UNLINK);
break;
}
+#ifdef HAS_STATVFS_SUPPORT
+ else if(strncasecompare(cmd, "statvfs ", 8)) {
+ state(conn, SSH_SFTP_QUOTE_STATVFS);
+ break;
+ }
+#endif
failf(data, "Unknown SFTP command");
Curl_safefree(sshc->quote_path1);
}
}
if(!sshc->quote_item) {
- state(conn, SSH_SFTP_TRANS_INIT);
+ state(conn, SSH_SFTP_GETINFO);
}
break;
sshc->nextstate = SSH_NO_STATE;
}
else {
- state(conn, SSH_SFTP_TRANS_INIT);
+ state(conn, SSH_SFTP_GETINFO);
}
}
break;
sshc->acceptfail = TRUE;
}
- if(!curl_strnequal(cmd, "chmod", 5)) {
+ if(!strncasecompare(cmd, "chmod", 5)) {
/* Since chown and chgrp only set owner OR group but libssh2 wants to
* set them both at once, we need to obtain the current ownership
* first. This takes an extra protocol round trip.
}
/* Now set the new attributes... */
- if(curl_strnequal(cmd, "chgrp", 5)) {
+ if(strncasecompare(cmd, "chgrp", 5)) {
sshc->quote_attrs.gid = strtoul(sshc->quote_path1, NULL, 10);
sshc->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID;
if(sshc->quote_attrs.gid == 0 && !ISDIGIT(sshc->quote_path1[0]) &&
break;
}
}
- else if(curl_strnequal(cmd, "chmod", 5)) {
+ else if(strncasecompare(cmd, "chmod", 5)) {
sshc->quote_attrs.permissions = strtoul(sshc->quote_path1, NULL, 8);
sshc->quote_attrs.flags = LIBSSH2_SFTP_ATTR_PERMISSIONS;
/* permissions are octal */
break;
}
}
- else if(curl_strnequal(cmd, "chown", 5)) {
+ else if(strncasecompare(cmd, "chown", 5)) {
sshc->quote_attrs.uid = strtoul(sshc->quote_path1, NULL, 10);
sshc->quote_attrs.flags = LIBSSH2_SFTP_ATTR_UIDGID;
if(sshc->quote_attrs.uid == 0 && !ISDIGIT(sshc->quote_path1[0]) &&
state(conn, SSH_SFTP_NEXT_QUOTE);
break;
+#ifdef HAS_STATVFS_SUPPORT
+ case SSH_SFTP_QUOTE_STATVFS:
+ {
+ LIBSSH2_SFTP_STATVFS statvfs;
+ rc = libssh2_sftp_statvfs(sshc->sftp_session, sshc->quote_path1,
+ curlx_uztoui(strlen(sshc->quote_path1)),
+ &statvfs);
+
+ if(rc == LIBSSH2_ERROR_EAGAIN) {
+ break;
+ }
+ else if(rc != 0 && !sshc->acceptfail) {
+ err = sftp_libssh2_last_error(sshc->sftp_session);
+ Curl_safefree(sshc->quote_path1);
+ failf(data, "statvfs command failed: %s", sftp_libssh2_strerror(err));
+ state(conn, SSH_SFTP_CLOSE);
+ sshc->nextstate = SSH_NO_STATE;
+ sshc->actualcode = CURLE_QUOTE_ERROR;
+ break;
+ }
+ else if(rc == 0) {
+ char *tmp = aprintf("statvfs:\n"
+ "f_bsize: %llu\n" "f_frsize: %llu\n"
+ "f_blocks: %llu\n" "f_bfree: %llu\n"
+ "f_bavail: %llu\n" "f_files: %llu\n"
+ "f_ffree: %llu\n" "f_favail: %llu\n"
+ "f_fsid: %llu\n" "f_flag: %llu\n"
+ "f_namemax: %llu\n",
+ statvfs.f_bsize, statvfs.f_frsize,
+ statvfs.f_blocks, statvfs.f_bfree,
+ statvfs.f_bavail, statvfs.f_files,
+ statvfs.f_ffree, statvfs.f_favail,
+ statvfs.f_fsid, statvfs.f_flag,
+ statvfs.f_namemax);
+ if(!tmp) {
+ result = CURLE_OUT_OF_MEMORY;
+ state(conn, SSH_SFTP_CLOSE);
+ sshc->nextstate = SSH_NO_STATE;
+ break;
+ }
+
+ result = Curl_client_write(conn, CLIENTWRITE_HEADER, tmp, strlen(tmp));
+ free(tmp);
+ if(result) {
+ state(conn, SSH_SFTP_CLOSE);
+ sshc->nextstate = SSH_NO_STATE;
+ sshc->actualcode = result;
+ }
+ }
+ state(conn, SSH_SFTP_NEXT_QUOTE);
+ break;
+ }
+#endif
+ case SSH_SFTP_GETINFO:
+ {
+ if(data->set.get_filetime) {
+ state(conn, SSH_SFTP_FILETIME);
+ }
+ else {
+ state(conn, SSH_SFTP_TRANS_INIT);
+ }
+ break;
+ }
+
+ case SSH_SFTP_FILETIME:
+ {
+ LIBSSH2_SFTP_ATTRIBUTES attrs;
+
+ rc = libssh2_sftp_stat_ex(sshc->sftp_session, sftp_scp->path,
+ curlx_uztoui(strlen(sftp_scp->path)),
+ LIBSSH2_SFTP_STAT, &attrs);
+ if(rc == LIBSSH2_ERROR_EAGAIN) {
+ break;
+ }
+ else if(rc == 0) {
+ data->info.filetime = (long)attrs.mtime;
+ }
+
+ state(conn, SSH_SFTP_TRANS_INIT);
+ break;
+ }
+
case SSH_SFTP_TRANS_INIT:
if(data->set.upload)
state(conn, SSH_SFTP_UPLOAD_INIT);
(data->set.ftp_create_missing_dirs &&
(strlen(sftp_scp->path) > 1))) {
/* try to create the path remotely */
+ rc = 0; /* clear rc and continue */
sshc->secondCreateDirs = 1;
state(conn, SSH_SFTP_CREATE_DIRS_INIT);
break;
BUFSIZE : curlx_sotouz(data->state.resume_from - passed);
size_t actuallyread =
- data->set.fread_func(data->state.buffer, 1, readthisamountnow,
- data->set.in);
+ data->state.fread_func(data->state.buffer, 1,
+ readthisamountnow, data->state.in);
passed += actuallyread;
if((actuallyread == 0) || (actuallyread > readthisamountnow)) {
/* since we don't really wait for anything at this point, we want the
state machine to move on as soon as possible so we set a very short
timeout here */
- Curl_expire(data, 1);
+ Curl_expire(data, 0);
state(conn, SSH_STOP);
}
}
*sshc->slash_pos = '/';
++sshc->slash_pos;
- if(rc == -1) {
+ if(rc < 0) {
/*
* Abort if failure wasn't that the dir already exists or the
* permission was denied (creation might succeed further down the
sshc->actualcode = result?result:CURLE_SSH;
break;
}
+ else {
+ rc = 0; /* clear rc and continue */
+ }
}
state(conn, SSH_SFTP_CREATE_DIRS);
break;
break;
}
}
- if((sshc->readdir_filename = malloc(PATH_MAX+1)) == NULL) {
+ sshc->readdir_filename = malloc(PATH_MAX+1);
+ if(!sshc->readdir_filename) {
state(conn, SSH_SFTP_CLOSE);
sshc->actualcode = CURLE_OUT_OF_MEMORY;
break;
}
- if((sshc->readdir_longentry = malloc(PATH_MAX+1)) == NULL) {
+ sshc->readdir_longentry = malloc(PATH_MAX+1);
+ if(!sshc->readdir_longentry) {
Curl_safefree(sshc->readdir_filename);
state(conn, SSH_SFTP_CLOSE);
sshc->actualcode = CURLE_OUT_OF_MEMORY;
/* get room for the filename and extra output */
sshc->readdir_totalLen += 4 + sshc->readdir_len;
- new_readdir_line = realloc(sshc->readdir_line, sshc->readdir_totalLen);
+ new_readdir_line = Curl_saferealloc(sshc->readdir_line,
+ sshc->readdir_totalLen);
if(!new_readdir_line) {
- Curl_safefree(sshc->readdir_line);
+ sshc->readdir_line = NULL;
Curl_safefree(sshc->readdir_filename);
Curl_safefree(sshc->readdir_longentry);
state(conn, SSH_SFTP_CLOSE);
case SSH_SCP_DOWNLOAD_INIT:
{
+ curl_off_t bytecount;
+
/*
* We must check the remote file; if it is a directory no values will
* be set in sb
*/
- struct stat sb;
- curl_off_t bytecount;
- /* clear the struct scp recv will fill in */
- memset(&sb, 0, sizeof(struct stat));
+ /*
+ * If support for >2GB files exists, use it.
+ */
/* get a fresh new channel from the ssh layer */
+#if LIBSSH2_VERSION_NUM < 0x010700
+ struct stat sb;
+ memset(&sb, 0, sizeof(struct stat));
sshc->ssh_channel = libssh2_scp_recv(sshc->ssh_session,
sftp_scp->path, &sb);
+#else
+ libssh2_struct_stat sb;
+ memset(&sb, 0, sizeof(libssh2_struct_stat));
+ sshc->ssh_channel = libssh2_scp_recv2(sshc->ssh_session,
+ sftp_scp->path, &sb);
+#endif
+
if(!sshc->ssh_channel) {
if(libssh2_session_last_errno(sshc->ssh_session) ==
LIBSSH2_ERROR_EAGAIN) {
else if(rc < 0) {
infof(data, "Failed to disconnect from libssh2 agent\n");
}
- libssh2_agent_free (sshc->ssh_agent);
+ libssh2_agent_free(sshc->ssh_agent);
sshc->ssh_agent = NULL;
/* NB: there is no need to free identities, they are part of internal
static void ssh_block2waitfor(struct connectdata *conn, bool block)
{
struct ssh_conn *sshc = &conn->proto.sshc;
- int dir;
- if(block && (dir = libssh2_session_block_directions(sshc->ssh_session))) {
- /* translate the libssh2 define bits into our own bit defines */
- conn->waitfor = ((dir&LIBSSH2_SESSION_BLOCK_INBOUND)?KEEP_RECV:0) |
- ((dir&LIBSSH2_SESSION_BLOCK_OUTBOUND)?KEEP_SEND:0);
+ int dir = 0;
+ if(block) {
+ dir = libssh2_session_block_directions(sshc->ssh_session);
+ if(dir) {
+ /* translate the libssh2 define bits into our own bit defines */
+ conn->waitfor = ((dir&LIBSSH2_SESSION_BLOCK_INBOUND)?KEEP_RECV:0) |
+ ((dir&LIBSSH2_SESSION_BLOCK_OUTBOUND)?KEEP_SEND:0);
+ }
}
- else
+ if(!dir)
/* It didn't block or libssh2 didn't reveal in which direction, put back
the original set */
conn->waitfor = sshc->orig_waitfor;
{
struct ssh_conn *sshc = &conn->proto.sshc;
CURLcode result = CURLE_OK;
- struct SessionHandle *data = conn->data;
+ struct Curl_easy *data = conn->data;
while((sshc->state != SSH_STOP) && !result) {
bool block;
if(LIBSSH2_SESSION_BLOCK_OUTBOUND & dir)
fd_write = sock;
/* wait for the socket to become ready */
- Curl_socket_ready(fd_read, fd_write,
- left>1000?1000:left); /* ignore result */
+ (void)Curl_socket_check(fd_read, CURL_SOCKET_BAD, fd_write,
+ left>1000?1000:left); /* ignore result */
}
#endif
#endif
struct ssh_conn *ssh;
CURLcode result;
- struct SessionHandle *data = conn->data;
+ struct Curl_easy *data = conn->data;
/* initialize per-handle data if not already */
if(!data->req.protop)
{
CURLcode result;
bool connected = 0;
- struct SessionHandle *data = conn->data;
+ struct Curl_easy *data = conn->data;
struct ssh_conn *sshc = &conn->proto.sshc;
*done = FALSE; /* default to false */
struct ssh_conn *ssh = &conn->proto.sshc;
(void) dead_connection;
- Curl_safefree(conn->data->req.protop);
-
if(ssh->ssh_session) {
/* only if there's a session still around to use! */
TODO: when the multi interface is used, this _really_ should be using
the ssh_multi_statemach function but we have no general support for
- non-blocking DONE operations, not in the multi state machine and with
- Curl_done() invokes on several places in the code!
+ non-blocking DONE operations!
*/
result = ssh_block_statemach(conn, FALSE);
}
}
-/* return number of received (decrypted) bytes */
static ssize_t scp_send(struct connectdata *conn, int sockindex,
const void *mem, size_t len, CURLcode *err)
{
return nwrite;
}
-/*
- * If the read would block (EWOULDBLOCK) we return -1. Otherwise we return
- * a regular CURLcode value.
- */
static ssize_t scp_recv(struct connectdata *conn, int sockindex,
char *mem, size_t len, CURLcode *err)
{
DEBUGF(infof(conn->data, "SSH DISCONNECT starts now\n"));
- Curl_safefree(conn->data->req.protop);
-
if(conn->proto.sshc.ssh_session) {
/* only if there's a session still around to use! */
state(conn, SSH_SFTP_SHUTDOWN);
static const char *sftp_libssh2_strerror(int err)
{
- switch (err) {
+ switch(err) {
case LIBSSH2_FX_NO_SUCH_FILE:
return "No such file or directory";