1 /* Public include file for server support */
2 /*
3  * This file is part of the SSH Library
4  *
5  * Copyright (c) 2003-2008 by Aris Adamantiadis
6  *
7  * This library is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU Lesser General Public
9  * License as published by the Free Software Foundation; either
10  * version 2.1 of the License, or (at your option) any later version.
11  *
12  * This library is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15  * Lesser General Public License for more details.
16  *
17  * You should have received a copy of the GNU Lesser General Public
18  * License along with this library; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
20  */
21 
22 /**
23  * @defgroup libssh_server The libssh server API
24  *
25  * @{
26  */
27 
28 #ifndef SERVER_H
29 #define SERVER_H
30 
31 #include "libssh/libssh.h"
32 #define SERVERBANNER CLIENTBANNER
33 
34 #ifdef __cplusplus
35 extern "C" {
36 #endif
37 
38 enum ssh_bind_options_e {
39   SSH_BIND_OPTIONS_BINDADDR,
40   SSH_BIND_OPTIONS_BINDPORT,
41   SSH_BIND_OPTIONS_BINDPORT_STR,
42   SSH_BIND_OPTIONS_HOSTKEY,
43   SSH_BIND_OPTIONS_DSAKEY,
44   SSH_BIND_OPTIONS_RSAKEY,
45   SSH_BIND_OPTIONS_BANNER,
46   SSH_BIND_OPTIONS_LOG_VERBOSITY,
47   SSH_BIND_OPTIONS_LOG_VERBOSITY_STR,
48   SSH_BIND_OPTIONS_ECDSAKEY,
49   SSH_BIND_OPTIONS_IMPORT_KEY,
50   SSH_BIND_OPTIONS_KEY_EXCHANGE,
51   SSH_BIND_OPTIONS_CIPHERS_C_S,
52   SSH_BIND_OPTIONS_CIPHERS_S_C,
53   SSH_BIND_OPTIONS_HMAC_C_S,
54   SSH_BIND_OPTIONS_HMAC_S_C,
55   SSH_BIND_OPTIONS_CONFIG_DIR,
56   SSH_BIND_OPTIONS_PUBKEY_ACCEPTED_KEY_TYPES,
57   SSH_BIND_OPTIONS_HOSTKEY_ALGORITHMS,
58   SSH_BIND_OPTIONS_PROCESS_CONFIG,
59 };
60 
61 typedef struct ssh_bind_struct* ssh_bind;
62 
63 /* Callback functions */
64 
65 /**
66  * @brief Incoming connection callback. This callback is called when a ssh_bind
67  *        has a new incoming connection.
68  * @param sshbind Current sshbind session handler
69  * @param userdata Userdata to be passed to the callback function.
70  */
71 typedef void (*ssh_bind_incoming_connection_callback) (ssh_bind sshbind,
72     void *userdata);
73 
74 /**
75  * @brief These are the callbacks exported by the ssh_bind structure.
76  *
77  * They are called by the server module when events appear on the network.
78  */
79 struct ssh_bind_callbacks_struct {
80   /** DON'T SET THIS use ssh_callbacks_init() instead. */
81   size_t size;
82   /** A new connection is available. */
83   ssh_bind_incoming_connection_callback incoming_connection;
84 };
85 typedef struct ssh_bind_callbacks_struct *ssh_bind_callbacks;
86 
87 /**
88  * @brief Creates a new SSH server bind.
89  *
90  * @return A newly allocated ssh_bind session pointer.
91  */
92 LIBSSH_API ssh_bind ssh_bind_new(void);
93 
94 LIBSSH_API int ssh_bind_options_set(ssh_bind sshbind,
95     enum ssh_bind_options_e type, const void *value);
96 
97 LIBSSH_API int ssh_bind_options_parse_config(ssh_bind sshbind,
98     const char *filename);
99 
100 /**
101  * @brief Start listening to the socket.
102  *
103  * @param  ssh_bind_o     The ssh server bind to use.
104  *
105  * @return 0 on success, < 0 on error.
106  */
107 LIBSSH_API int ssh_bind_listen(ssh_bind ssh_bind_o);
108 
109 /**
110  * @brief Set the callback for this bind.
111  *
112  * @param[in] sshbind   The bind to set the callback on.
113  *
114  * @param[in] callbacks An already set up ssh_bind_callbacks instance.
115  *
116  * @param[in] userdata  A pointer to private data to pass to the callbacks.
117  *
118  * @return              SSH_OK on success, SSH_ERROR if an error occured.
119  *
120  * @code
121  *     struct ssh_callbacks_struct cb = {
122  *         .userdata = data,
123  *         .auth_function = my_auth_function
124  *     };
125  *     ssh_callbacks_init(&cb);
126  *     ssh_bind_set_callbacks(session, &cb);
127  * @endcode
128  */
129 LIBSSH_API int ssh_bind_set_callbacks(ssh_bind sshbind, ssh_bind_callbacks callbacks,
130     void *userdata);
131 
132 /**
133  * @brief  Set the session to blocking/nonblocking mode.
134  *
135  * @param  ssh_bind_o     The ssh server bind to use.
136  *
137  * @param  blocking     Zero for nonblocking mode.
138  */
139 LIBSSH_API void ssh_bind_set_blocking(ssh_bind ssh_bind_o, int blocking);
140 
141 /**
142  * @brief Recover the file descriptor from the session.
143  *
144  * @param  ssh_bind_o     The ssh server bind to get the fd from.
145  *
146  * @return The file descriptor.
147  */
148 LIBSSH_API socket_t ssh_bind_get_fd(ssh_bind ssh_bind_o);
149 
150 /**
151  * @brief Set the file descriptor for a session.
152  *
153  * @param  ssh_bind_o     The ssh server bind to set the fd.
154  *
155  * @param  fd           The file descriptssh_bind B
156  */
157 LIBSSH_API void ssh_bind_set_fd(ssh_bind ssh_bind_o, socket_t fd);
158 
159 /**
160  * @brief Allow the file descriptor to accept new sessions.
161  *
162  * @param  ssh_bind_o     The ssh server bind to use.
163  */
164 LIBSSH_API void ssh_bind_fd_toaccept(ssh_bind ssh_bind_o);
165 
166 /**
167  * @brief Accept an incoming ssh connection and initialize the session.
168  *
169  * @param  ssh_bind_o     The ssh server bind to accept a connection.
170  * @param  session			A preallocated ssh session
171  * @see ssh_new
172  * @return SSH_OK when a connection is established
173  */
174 LIBSSH_API int ssh_bind_accept(ssh_bind ssh_bind_o, ssh_session session);
175 
176 /**
177  * @brief Accept an incoming ssh connection on the given file descriptor
178  *        and initialize the session.
179  *
180  * @param  ssh_bind_o     The ssh server bind to accept a connection.
181  * @param  session        A preallocated ssh session
182  * @param  fd             A file descriptor of an already established TCP
183  *                          inbound connection
184  * @see ssh_new
185  * @see ssh_bind_accept
186  * @return SSH_OK when a connection is established
187  */
188 LIBSSH_API int ssh_bind_accept_fd(ssh_bind ssh_bind_o, ssh_session session,
189         socket_t fd);
190 
191 LIBSSH_API ssh_gssapi_creds ssh_gssapi_get_creds(ssh_session session);
192 
193 /**
194  * @brief Handles the key exchange and set up encryption
195  *
196  * @param  session			A connected ssh session
197  * @see ssh_bind_accept
198  * @return SSH_OK if the key exchange was successful
199  */
200 LIBSSH_API int ssh_handle_key_exchange(ssh_session session);
201 
202 /**
203  * @brief Initialize the set of key exchange, hostkey, ciphers, MACs, and
204  *        compression algorithms for the given ssh_session.
205  *
206  * The selection of algorithms and keys used are determined by the
207  * options that are currently set in the given ssh_session structure.
208  * May only be called before the initial key exchange has begun.
209  *
210  * @param session  The session structure to initialize.
211  *
212  * @see ssh_handle_key_exchange
213  * @see ssh_options_set
214  *
215  * @return SSH_OK if initialization succeeds.
216  */
217 
218 LIBSSH_API int ssh_server_init_kex(ssh_session session);
219 
220 /**
221  * @brief Free a ssh servers bind.
222  *
223  * @param  ssh_bind_o     The ssh server bind to free.
224  */
225 LIBSSH_API void ssh_bind_free(ssh_bind ssh_bind_o);
226 
227 /**
228  * @brief Set the acceptable authentication methods to be sent to the client.
229  *
230  *
231  * @param[in]  session  The server session
232  *
233  * @param[in]  auth_methods The authentication methods we will support, which
234  *                          can be bitwise-or'd.
235  *
236  *                          Supported methods are:
237  *
238  *                          SSH_AUTH_METHOD_PASSWORD
239  *                          SSH_AUTH_METHOD_PUBLICKEY
240  *                          SSH_AUTH_METHOD_HOSTBASED
241  *                          SSH_AUTH_METHOD_INTERACTIVE
242  *                          SSH_AUTH_METHOD_GSSAPI_MIC
243  */
244 LIBSSH_API void ssh_set_auth_methods(ssh_session session, int auth_methods);
245 
246 /**********************************************************
247  * SERVER MESSAGING
248  **********************************************************/
249 
250 /**
251  * @brief Reply with a standard reject message.
252  *
253  * Use this function if you don't know what to respond or if you want to reject
254  * a request.
255  *
256  * @param[in] msg       The message to use for the reply.
257  *
258  * @return              0 on success, -1 on error.
259  *
260  * @see ssh_message_get()
261  */
262 LIBSSH_API int ssh_message_reply_default(ssh_message msg);
263 
264 /**
265  * @brief Get the name of the authenticated user.
266  *
267  * @param[in] msg       The message to get the username from.
268  *
269  * @return              The username or NULL if an error occured.
270  *
271  * @see ssh_message_get()
272  * @see ssh_message_type()
273  */
274 LIBSSH_API const char *ssh_message_auth_user(ssh_message msg);
275 
276 /**
277  * @brief Get the password of the authenticated user.
278  *
279  * @param[in] msg       The message to get the password from.
280  *
281  * @return              The username or NULL if an error occured.
282  *
283  * @see ssh_message_get()
284  * @see ssh_message_type()
285  */
286 LIBSSH_API const char *ssh_message_auth_password(ssh_message msg);
287 
288 /**
289  * @brief Get the publickey of the authenticated user.
290  *
291  * If you need the key for later user you should duplicate it.
292  *
293  * @param[in] msg       The message to get the public key from.
294  *
295  * @return              The public key or NULL.
296  *
297  * @see ssh_key_dup()
298  * @see ssh_key_cmp()
299  * @see ssh_message_get()
300  * @see ssh_message_type()
301  */
302 LIBSSH_API ssh_key ssh_message_auth_pubkey(ssh_message msg);
303 
304 LIBSSH_API int ssh_message_auth_kbdint_is_response(ssh_message msg);
305 LIBSSH_API enum ssh_publickey_state_e ssh_message_auth_publickey_state(ssh_message msg);
306 LIBSSH_API int ssh_message_auth_reply_success(ssh_message msg,int partial);
307 LIBSSH_API int ssh_message_auth_reply_pk_ok(ssh_message msg, ssh_string algo, ssh_string pubkey);
308 LIBSSH_API int ssh_message_auth_reply_pk_ok_simple(ssh_message msg);
309 
310 LIBSSH_API int ssh_message_auth_set_methods(ssh_message msg, int methods);
311 
312 LIBSSH_API int ssh_message_auth_interactive_request(ssh_message msg,
313                     const char *name, const char *instruction,
314                     unsigned int num_prompts, const char **prompts, char *echo);
315 
316 LIBSSH_API int ssh_message_service_reply_success(ssh_message msg);
317 LIBSSH_API const char *ssh_message_service_service(ssh_message msg);
318 
319 LIBSSH_API int ssh_message_global_request_reply_success(ssh_message msg,
320                                                         uint16_t bound_port);
321 
322 LIBSSH_API void ssh_set_message_callback(ssh_session session,
323     int(*ssh_bind_message_callback)(ssh_session session, ssh_message msg, void *data),
324     void *data);
325 LIBSSH_API int ssh_execute_message_callbacks(ssh_session session);
326 
327 LIBSSH_API const char *ssh_message_channel_request_open_originator(ssh_message msg);
328 LIBSSH_API int ssh_message_channel_request_open_originator_port(ssh_message msg);
329 LIBSSH_API const char *ssh_message_channel_request_open_destination(ssh_message msg);
330 LIBSSH_API int ssh_message_channel_request_open_destination_port(ssh_message msg);
331 
332 LIBSSH_API ssh_channel ssh_message_channel_request_channel(ssh_message msg);
333 
334 LIBSSH_API const char *ssh_message_channel_request_pty_term(ssh_message msg);
335 LIBSSH_API int ssh_message_channel_request_pty_width(ssh_message msg);
336 LIBSSH_API int ssh_message_channel_request_pty_height(ssh_message msg);
337 LIBSSH_API int ssh_message_channel_request_pty_pxwidth(ssh_message msg);
338 LIBSSH_API int ssh_message_channel_request_pty_pxheight(ssh_message msg);
339 
340 LIBSSH_API const char *ssh_message_channel_request_env_name(ssh_message msg);
341 LIBSSH_API const char *ssh_message_channel_request_env_value(ssh_message msg);
342 
343 LIBSSH_API const char *ssh_message_channel_request_command(ssh_message msg);
344 
345 LIBSSH_API const char *ssh_message_channel_request_subsystem(ssh_message msg);
346 
347 LIBSSH_API int ssh_message_channel_request_x11_single_connection(ssh_message msg);
348 LIBSSH_API const char *ssh_message_channel_request_x11_auth_protocol(ssh_message msg);
349 LIBSSH_API const char *ssh_message_channel_request_x11_auth_cookie(ssh_message msg);
350 LIBSSH_API int ssh_message_channel_request_x11_screen_number(ssh_message msg);
351 
352 LIBSSH_API const char *ssh_message_global_request_address(ssh_message msg);
353 LIBSSH_API int ssh_message_global_request_port(ssh_message msg);
354 
355 LIBSSH_API int ssh_channel_open_reverse_forward(ssh_channel channel, const char *remotehost,
356     int remoteport, const char *sourcehost, int localport);
357 LIBSSH_API int ssh_channel_open_x11(ssh_channel channel,
358                                         const char *orig_addr, int orig_port);
359 
360 LIBSSH_API int ssh_channel_request_send_exit_status(ssh_channel channel,
361                                                 int exit_status);
362 LIBSSH_API int ssh_channel_request_send_exit_signal(ssh_channel channel,
363                                                 const char *signum,
364                                                 int core,
365                                                 const char *errmsg,
366                                                 const char *lang);
367 
368 LIBSSH_API int ssh_send_keepalive(ssh_session session);
369 
370 /* deprecated functions */
371 SSH_DEPRECATED LIBSSH_API int ssh_accept(ssh_session session);
372 SSH_DEPRECATED LIBSSH_API int channel_write_stderr(ssh_channel channel,
373         const void *data, uint32_t len);
374 
375 #ifdef __cplusplus
376 }
377 #endif /* __cplusplus */
378 
379 #endif /* SERVER_H */
380 
381 /** @} */
382