// calogSsh.c -- calog SSH library (see calogSsh.h). SSH command execution and SFTP file // transfer over the shared typed handle table, bound to libssh2. Every blocking call is an // inline native, so it stalls only the calling script's context thread. Sessions run in // libssh2 blocking mode; each connection handle is owner-scoped to the context that created // it (see SshConnT.ownerId). #define _GNU_SOURCE #include "calogSsh.h" #include "calogHandle.h" #include #include #include #include #include #include #include #include #include #include #include // Sole handle type tag for this library, distinct so a stray handle of another kind fails to // resolve here. #define SSH_TYPE_CONN 1u #define SSH_PORT_MAX 65535 // Upper bound on a single read-to-EOF transfer (sshExec output, sftpGet file), matching // calogNet/calogHttp: without it a huge/endless remote source would grow an unbounded buffer // and OOM-kill the shared host process. Exceeding it fails with calogErrRangeE. #define SSH_MAX_TRANSFER (64 * 1024 * 1024) // What a connection handle owns: the socket, the libssh2 session, a lazily-opened+cached SFTP // subsystem, and the id of the context that created it. ONLY that owner may operate on it. typedef struct SshConnT { int sock; LIBSSH2_SESSION *session; LIBSSH2_SFTP *sftp; uint64_t ownerId; } SshConnT; // Process-wide SSH library state shared by every runtime that registers the natives; refCount // is one per registered runtime, so libssh2_exit runs (and the table is destroyed) only when // the LAST runtime shuts down. typedef struct SshLibT { CalogHandleTableT *handles; int32_t refCount; } SshLibT; static pthread_mutex_t gSshLibMutex = PTHREAD_MUTEX_INITIALIZER; static SshLibT *gSshLib = NULL; static int32_t sftpGet(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static int32_t sftpList(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static int32_t sftpMkdir(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static int32_t sftpPut(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static int32_t sftpRemove(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static int32_t sftpStat(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static int32_t sshAuthKey(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static int32_t sshAuthPassword(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static int32_t sshClose(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static void sshCloser(uint32_t type, void *resource); static int32_t sshConnect(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static int32_t sshDrain(LIBSSH2_CHANNEL *channel, int streamId, char **bytesOut, int64_t *lengthOut); static int32_t sshEnsureSftp(SshConnT *conn, CalogValueT *result); static int32_t sshExec(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData); static int32_t sshMapSetBool(CalogAggT *map, const char *key, bool value); static int32_t sshMapSetInt(CalogAggT *map, const char *key, int64_t value); static int32_t sshMapSetStr(CalogAggT *map, const char *key, const char *bytes, int64_t length); static int32_t sshResolve(SshLibT *lib, int64_t handle, CalogValueT *result, SshConnT **out); int32_t calogSshRegister(CalogT *calog) { pthread_mutex_lock(&gSshLibMutex); if (gSshLib == NULL) { SshLibT *lib; lib = (SshLibT *)calloc(1, sizeof(*lib)); if (lib == NULL) { pthread_mutex_unlock(&gSshLibMutex); return calogErrOomE; } lib->handles = calogHandleTableCreate(); if (lib->handles == NULL) { free(lib); pthread_mutex_unlock(&gSshLibMutex); return calogErrOomE; } // libssh2_init uses global state and is not thread safe; the lib mutex serialises it. if (libssh2_init(0) != 0) { calogHandleTableDestroy(lib->handles, NULL); free(lib); pthread_mutex_unlock(&gSshLibMutex); return calogErrUnsupportedE; } gSshLib = lib; } gSshLib->refCount++; pthread_mutex_unlock(&gSshLibMutex); calogRegisterInline(calog, "sshConnect", sshConnect, gSshLib); calogRegisterInline(calog, "sshAuthPassword", sshAuthPassword, gSshLib); calogRegisterInline(calog, "sshAuthKey", sshAuthKey, gSshLib); calogRegisterInline(calog, "sshExec", sshExec, gSshLib); calogRegisterInline(calog, "sshClose", sshClose, gSshLib); calogRegisterInline(calog, "sftpGet", sftpGet, gSshLib); calogRegisterInline(calog, "sftpPut", sftpPut, gSshLib); calogRegisterInline(calog, "sftpList", sftpList, gSshLib); calogRegisterInline(calog, "sftpStat", sftpStat, gSshLib); calogRegisterInline(calog, "sftpRemove", sftpRemove, gSshLib); calogRegisterInline(calog, "sftpMkdir", sftpMkdir, gSshLib); return calogOkE; } void calogSshShutdown(void) { pthread_mutex_lock(&gSshLibMutex); if (gSshLib == NULL) { pthread_mutex_unlock(&gSshLibMutex); return; } gSshLib->refCount--; if (gSshLib->refCount <= 0) { calogHandleTableDestroy(gSshLib->handles, sshCloser); libssh2_exit(); free(gSshLib); gSshLib = NULL; } pthread_mutex_unlock(&gSshLibMutex); } static int32_t sftpGet(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; LIBSSH2_SFTP_HANDLE *file; char *buffer; size_t cap; size_t length; int32_t status; lib = (SshLibT *)userData; calogValueNil(result); if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) { return calogFail(result, calogErrArgE, "sftpGet expects (handle, remotePath)"); } status = sshResolve(lib, args[0].as.i, result, &conn); if (status != calogOkE) { return status; } status = sshEnsureSftp(conn, result); if (status != calogOkE) { return status; } file = libssh2_sftp_open(conn->sftp, args[1].as.s.bytes, LIBSSH2_FXF_READ, 0); if (file == NULL) { return calogFail(result, calogErrNotFoundE, "sftpGet: could not open the remote file"); } buffer = NULL; cap = 0; length = 0; for (;;) { ssize_t n; if (length == cap) { size_t want; char *grown; if (cap >= SSH_MAX_TRANSFER) { free(buffer); libssh2_sftp_close(file); return calogFail(result, calogErrRangeE, "sftpGet: file exceeds the maximum transfer size"); } want = (cap == 0) ? 65536 : cap * CALOG_GROWTH_FACTOR; if (want > SSH_MAX_TRANSFER) { want = SSH_MAX_TRANSFER; } grown = (char *)realloc(buffer, want); if (grown == NULL) { free(buffer); libssh2_sftp_close(file); return calogFail(result, calogErrOomE, "sftpGet: out of memory"); } buffer = grown; cap = want; } n = libssh2_sftp_read(file, buffer + length, cap - length); if (n > 0) { length += (size_t)n; } else if (n == 0) { break; } else if (n == LIBSSH2_ERROR_EAGAIN) { continue; } else { free(buffer); libssh2_sftp_close(file); return calogFail(result, calogErrArgE, "sftpGet: read failed"); } } libssh2_sftp_close(file); status = calogValueString(result, (buffer != NULL) ? buffer : "", (int64_t)length); free(buffer); return status; } static int32_t sftpList(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; LIBSSH2_SFTP_HANDLE *dir; CalogAggT *list; int32_t status; lib = (SshLibT *)userData; calogValueNil(result); if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) { return calogFail(result, calogErrArgE, "sftpList expects (handle, path)"); } status = sshResolve(lib, args[0].as.i, result, &conn); if (status != calogOkE) { return status; } status = sshEnsureSftp(conn, result); if (status != calogOkE) { return status; } dir = libssh2_sftp_opendir(conn->sftp, args[1].as.s.bytes); if (dir == NULL) { return calogFail(result, calogErrArgE, "sftpList: could not open the directory"); } status = calogAggCreate(&list, calogListE); if (status != calogOkE) { libssh2_sftp_closedir(dir); return calogFail(result, status, "sftpList: out of memory"); } for (;;) { LIBSSH2_SFTP_ATTRIBUTES attrs; CalogAggT *entry; CalogValueT entryValue; char name[512]; int rc; rc = libssh2_sftp_readdir(dir, name, sizeof(name), &attrs); if (rc == 0) { break; } if (rc == LIBSSH2_ERROR_EAGAIN) { continue; } if (rc < 0) { calogAggFree(list); libssh2_sftp_closedir(dir); return calogFail(result, calogErrArgE, "sftpList: read failed"); } // Skip "." and ".." so callers see only real entries. if ((rc == 1 && name[0] == '.') || (rc == 2 && name[0] == '.' && name[1] == '.')) { continue; } status = calogAggCreate(&entry, calogMapE); if (status != calogOkE) { calogAggFree(list); libssh2_sftp_closedir(dir); return calogFail(result, status, "sftpList: out of memory"); } status = sshMapSetStr(entry, "name", name, (int64_t)rc); if (status == calogOkE) { int64_t size; size = (attrs.flags & LIBSSH2_SFTP_ATTR_SIZE) ? (int64_t)attrs.filesize : 0; status = sshMapSetInt(entry, "size", size); } if (status == calogOkE) { bool isDir; isDir = (attrs.flags & LIBSSH2_SFTP_ATTR_PERMISSIONS) && LIBSSH2_SFTP_S_ISDIR(attrs.permissions); status = sshMapSetBool(entry, "isDir", isDir); } if (status != calogOkE) { calogAggFree(entry); calogAggFree(list); libssh2_sftp_closedir(dir); return calogFail(result, status, "sftpList: failed to build an entry"); } calogValueAgg(&entryValue, entry); status = calogAggPush(list, &entryValue); if (status != calogOkE) { calogValueFree(&entryValue); calogAggFree(list); libssh2_sftp_closedir(dir); return calogFail(result, status, "sftpList: out of memory"); } } libssh2_sftp_closedir(dir); calogValueAgg(result, list); return calogOkE; } static int32_t sftpMkdir(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; int32_t status; lib = (SshLibT *)userData; calogValueNil(result); if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) { return calogFail(result, calogErrArgE, "sftpMkdir expects (handle, path)"); } status = sshResolve(lib, args[0].as.i, result, &conn); if (status != calogOkE) { return status; } status = sshEnsureSftp(conn, result); if (status != calogOkE) { return status; } if (libssh2_sftp_mkdir(conn->sftp, args[1].as.s.bytes, 0755) != 0) { return calogFail(result, calogErrArgE, "sftpMkdir: could not create the directory"); } return calogOkE; } static int32_t sftpPut(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; LIBSSH2_SFTP_HANDLE *file; int64_t total; int32_t status; lib = (SshLibT *)userData; calogValueNil(result); if (argCount != 3 || args[0].type != calogIntE || args[1].type != calogStringE || args[2].type != calogStringE) { return calogFail(result, calogErrArgE, "sftpPut expects (handle, remotePath, data)"); } status = sshResolve(lib, args[0].as.i, result, &conn); if (status != calogOkE) { return status; } status = sshEnsureSftp(conn, result); if (status != calogOkE) { return status; } file = libssh2_sftp_open(conn->sftp, args[1].as.s.bytes, LIBSSH2_FXF_WRITE | LIBSSH2_FXF_CREAT | LIBSSH2_FXF_TRUNC, 0644); if (file == NULL) { return calogFail(result, calogErrArgE, "sftpPut: could not open the remote file"); } total = 0; while (total < args[2].as.s.length) { ssize_t n; n = libssh2_sftp_write(file, args[2].as.s.bytes + total, (size_t)(args[2].as.s.length - total)); if (n < 0) { if (n == LIBSSH2_ERROR_EAGAIN) { continue; } libssh2_sftp_close(file); return calogFail(result, calogErrArgE, "sftpPut: write failed"); } total += (int64_t)n; } libssh2_sftp_close(file); return calogOkE; } static int32_t sftpRemove(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; int32_t status; lib = (SshLibT *)userData; calogValueNil(result); if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) { return calogFail(result, calogErrArgE, "sftpRemove expects (handle, path)"); } status = sshResolve(lib, args[0].as.i, result, &conn); if (status != calogOkE) { return status; } status = sshEnsureSftp(conn, result); if (status != calogOkE) { return status; } if (libssh2_sftp_unlink(conn->sftp, args[1].as.s.bytes) != 0) { return calogFail(result, calogErrArgE, "sftpRemove: could not remove the path"); } return calogOkE; } static int32_t sftpStat(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; LIBSSH2_SFTP_ATTRIBUTES attrs; CalogAggT *map; int64_t size; bool isDir; int rc; int32_t status; lib = (SshLibT *)userData; calogValueNil(result); if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) { return calogFail(result, calogErrArgE, "sftpStat expects (handle, path)"); } status = sshResolve(lib, args[0].as.i, result, &conn); if (status != calogOkE) { return status; } status = sshEnsureSftp(conn, result); if (status != calogOkE) { return status; } rc = libssh2_sftp_stat(conn->sftp, args[1].as.s.bytes, &attrs); if (rc < 0) { // A missing path (or any stat failure) reports as nil rather than an error. return calogOkE; } status = calogAggCreate(&map, calogMapE); if (status != calogOkE) { return calogFail(result, status, "sftpStat: out of memory"); } size = (attrs.flags & LIBSSH2_SFTP_ATTR_SIZE) ? (int64_t)attrs.filesize : 0; isDir = (attrs.flags & LIBSSH2_SFTP_ATTR_PERMISSIONS) && LIBSSH2_SFTP_S_ISDIR(attrs.permissions); status = sshMapSetInt(map, "size", size); if (status == calogOkE) { status = sshMapSetBool(map, "isDir", isDir); } if (status != calogOkE) { calogAggFree(map); return calogFail(result, status, "sftpStat: failed to build the result"); } calogValueAgg(result, map); return calogOkE; } static int32_t sshAuthKey(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; const char *publicKey; const char *passphrase; int rc; int32_t status; lib = (SshLibT *)userData; calogValueNil(result); if (argCount < 3 || argCount > 5 || args[0].type != calogIntE || args[1].type != calogStringE || args[2].type != calogStringE) { return calogFail(result, calogErrArgE, "sshAuthKey expects (handle, user, privateKeyPath[, publicKeyPath, passphrase])"); } publicKey = NULL; passphrase = NULL; if (argCount >= 4) { if (args[3].type != calogStringE) { return calogFail(result, calogErrArgE, "sshAuthKey: publicKeyPath must be a string"); } if (args[3].as.s.length > 0) { publicKey = args[3].as.s.bytes; } } if (argCount == 5) { if (args[4].type != calogStringE) { return calogFail(result, calogErrArgE, "sshAuthKey: passphrase must be a string"); } if (args[4].as.s.length > 0) { passphrase = args[4].as.s.bytes; } } status = sshResolve(lib, args[0].as.i, result, &conn); if (status != calogOkE) { return status; } rc = libssh2_userauth_publickey_fromfile_ex(conn->session, args[1].as.s.bytes, (unsigned int)args[1].as.s.length, publicKey, args[2].as.s.bytes, passphrase); calogValueBool(result, rc == 0); return calogOkE; } static int32_t sshAuthPassword(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; int rc; int32_t status; lib = (SshLibT *)userData; calogValueNil(result); if (argCount != 3 || args[0].type != calogIntE || args[1].type != calogStringE || args[2].type != calogStringE) { return calogFail(result, calogErrArgE, "sshAuthPassword expects (handle, user, password)"); } status = sshResolve(lib, args[0].as.i, result, &conn); if (status != calogOkE) { return status; } rc = libssh2_userauth_password_ex(conn->session, args[1].as.s.bytes, (unsigned int)args[1].as.s.length, args[2].as.s.bytes, (unsigned int)args[2].as.s.length, NULL); calogValueBool(result, rc == 0); return calogOkE; } static int32_t sshClose(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; lib = (SshLibT *)userData; calogValueNil(result); if (argCount != 1 || args[0].type != calogIntE) { return calogFail(result, calogErrArgE, "sshClose expects (handle)"); } // Peek first to enforce owner-scoping; because the owner is a single thread, the peek and // the remove below cannot race another context claiming this handle. conn = (SshConnT *)calogHandleGet(lib->handles, args[0].as.i, SSH_TYPE_CONN); if (conn == NULL) { return calogFail(result, calogErrNotFoundE, "sshClose: invalid ssh handle"); } if (conn->ownerId != calogCurrentId()) { return calogFail(result, calogErrArgE, "sshClose: ssh handle belongs to another context"); } conn = (SshConnT *)calogHandleRemove(lib->handles, args[0].as.i, SSH_TYPE_CONN); if (conn == NULL) { return calogFail(result, calogErrNotFoundE, "sshClose: invalid ssh handle"); } if (conn->sftp != NULL) { libssh2_sftp_shutdown(conn->sftp); } libssh2_session_disconnect(conn->session, "calog: closing"); libssh2_session_free(conn->session); close(conn->sock); free(conn); return calogOkE; } static void sshCloser(uint32_t type, void *resource) { SshConnT *conn; (void)type; conn = (SshConnT *)resource; if (conn->sftp != NULL) { libssh2_sftp_shutdown(conn->sftp); } libssh2_session_disconnect(conn->session, "calog: shutdown"); libssh2_session_free(conn->session); close(conn->sock); free(conn); } static int32_t sshConnect(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; LIBSSH2_SESSION *session; struct addrinfo hints; struct addrinfo *res; struct addrinfo *rp; char portBuffer[8]; int64_t port; int64_t handle; int fd; int rc; lib = (SshLibT *)userData; calogValueNil(result); if (argCount < 1 || argCount > 2 || args[0].type != calogStringE) { return calogFail(result, calogErrArgE, "sshConnect expects (host[, port])"); } port = 22; if (argCount == 2) { if (args[1].type != calogIntE) { return calogFail(result, calogErrArgE, "sshConnect expects (host[, port])"); } port = args[1].as.i; } if (port < 1 || port > SSH_PORT_MAX) { return calogFail(result, calogErrArgE, "sshConnect: port out of range"); } memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; snprintf(portBuffer, sizeof(portBuffer), "%u", (unsigned int)port); rc = getaddrinfo(args[0].as.s.bytes, portBuffer, &hints, &res); if (rc != 0) { return calogFail(result, calogErrArgE, gai_strerror(rc)); } fd = -1; for (rp = res; rp != NULL; rp = rp->ai_next) { fd = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol); if (fd < 0) { continue; } if (connect(fd, rp->ai_addr, rp->ai_addrlen) == 0) { break; } close(fd); fd = -1; } freeaddrinfo(res); if (fd < 0) { return calogFail(result, calogErrArgE, "sshConnect: could not connect"); } session = libssh2_session_init(); if (session == NULL) { close(fd); return calogFail(result, calogErrOomE, "sshConnect: could not create a session"); } libssh2_session_set_blocking(session, 1); if (libssh2_session_handshake(session, fd) != 0) { libssh2_session_free(session); close(fd); return calogFail(result, calogErrArgE, "sshConnect: SSH handshake failed"); } conn = (SshConnT *)calloc(1, sizeof(*conn)); if (conn == NULL) { libssh2_session_disconnect(session, "out of memory"); libssh2_session_free(session); close(fd); return calogFail(result, calogErrOomE, "sshConnect: out of memory"); } conn->sock = fd; conn->session = session; conn->sftp = NULL; conn->ownerId = calogCurrentId(); handle = calogHandleAdd(lib->handles, SSH_TYPE_CONN, conn); if (handle == 0) { libssh2_session_disconnect(session, "out of memory"); libssh2_session_free(session); close(fd); free(conn); return calogFail(result, calogErrOomE, "sshConnect: out of memory"); } calogValueInt(result, handle); return calogOkE; } // Drain one channel stream (0 = stdout, SSH_EXTENDED_DATA_STDERR = stderr) into a fresh // growable buffer, binary-safe. Returns calogOkE with *bytesOut owned by the caller (freed on // every path), or an error (the buffer is released here on failure). static int32_t sshDrain(LIBSSH2_CHANNEL *channel, int streamId, char **bytesOut, int64_t *lengthOut) { char *buffer; size_t cap; size_t length; buffer = NULL; cap = 0; length = 0; for (;;) { ssize_t n; if (length == cap) { size_t want; char *grown; if (cap >= SSH_MAX_TRANSFER) { free(buffer); return calogErrRangeE; } want = (cap == 0) ? 4096 : cap * CALOG_GROWTH_FACTOR; if (want > SSH_MAX_TRANSFER) { want = SSH_MAX_TRANSFER; } grown = (char *)realloc(buffer, want); if (grown == NULL) { free(buffer); return calogErrOomE; } buffer = grown; cap = want; } n = libssh2_channel_read_ex(channel, streamId, buffer + length, cap - length); if (n > 0) { length += (size_t)n; } else if (n == 0) { break; } else if (n == LIBSSH2_ERROR_EAGAIN) { continue; } else { free(buffer); return calogErrArgE; } } *bytesOut = buffer; *lengthOut = (int64_t)length; return calogOkE; } // Open the SFTP subsystem on the connection if not already open, caching it for reuse. static int32_t sshEnsureSftp(SshConnT *conn, CalogValueT *result) { LIBSSH2_SFTP *sftp; if (conn->sftp != NULL) { return calogOkE; } sftp = libssh2_sftp_init(conn->session); if (sftp == NULL) { return calogFail(result, calogErrArgE, "could not start an SFTP session"); } conn->sftp = sftp; return calogOkE; } static int32_t sshExec(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) { SshLibT *lib; SshConnT *conn; LIBSSH2_CHANNEL *channel; CalogAggT *map; char *outBytes; char *errBytes; int64_t outLength; int64_t errLength; int exitCode; int32_t status; lib = (SshLibT *)userData; calogValueNil(result); if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) { return calogFail(result, calogErrArgE, "sshExec expects (handle, command)"); } status = sshResolve(lib, args[0].as.i, result, &conn); if (status != calogOkE) { return status; } channel = libssh2_channel_open_session(conn->session); if (channel == NULL) { return calogFail(result, calogErrArgE, "sshExec: could not open a channel"); } if (args[1].as.s.length > SSH_MAX_TRANSFER) { libssh2_channel_free(channel); return calogFail(result, calogErrRangeE, "sshExec: command too long"); } // Not libssh2_channel_exec (it derives the length with strlen, truncating a command with an // embedded NUL); pass the binary-safe length explicitly. if (libssh2_channel_process_startup(channel, "exec", 4u, args[1].as.s.bytes, (unsigned int)args[1].as.s.length) != 0) { libssh2_channel_free(channel); return calogFail(result, calogErrArgE, "sshExec: could not start the command"); } // Blocking reads: drain stdout to EOF, then stderr (libssh2 buffers the other stream). status = sshDrain(channel, 0, &outBytes, &outLength); if (status != calogOkE) { libssh2_channel_free(channel); return calogFail(result, status, "sshExec: out of memory"); } status = sshDrain(channel, SSH_EXTENDED_DATA_STDERR, &errBytes, &errLength); if (status != calogOkE) { free(outBytes); libssh2_channel_free(channel); return calogFail(result, status, "sshExec: out of memory"); } libssh2_channel_close(channel); exitCode = libssh2_channel_get_exit_status(channel); libssh2_channel_free(channel); status = calogAggCreate(&map, calogMapE); if (status != calogOkE) { free(outBytes); free(errBytes); return calogFail(result, status, "sshExec: out of memory"); } status = sshMapSetStr(map, "stdout", outBytes, outLength); if (status == calogOkE) { status = sshMapSetStr(map, "stderr", errBytes, errLength); } if (status == calogOkE) { status = sshMapSetInt(map, "exitCode", (int64_t)exitCode); } free(outBytes); free(errBytes); if (status != calogOkE) { calogAggFree(map); return calogFail(result, status, "sshExec: failed to build the result"); } calogValueAgg(result, map); return calogOkE; } // Set map[key] = boolean. On failure the (freshly built) key is released; the scalar needs // none. static int32_t sshMapSetBool(CalogAggT *map, const char *key, bool value) { CalogValueT keyValue; CalogValueT boolValue; int32_t status; status = calogValueString(&keyValue, key, (int64_t)strlen(key)); if (status != calogOkE) { return status; } calogValueBool(&boolValue, value); status = calogAggSet(map, &keyValue, &boolValue); if (status != calogOkE) { calogValueFree(&keyValue); } return status; } // Set map[key] = integer. On failure the (freshly built) key is released; the scalar needs // none. static int32_t sshMapSetInt(CalogAggT *map, const char *key, int64_t value) { CalogValueT keyValue; CalogValueT intValue; int32_t status; status = calogValueString(&keyValue, key, (int64_t)strlen(key)); if (status != calogOkE) { return status; } calogValueInt(&intValue, value); status = calogAggSet(map, &keyValue, &intValue); if (status != calogOkE) { calogValueFree(&keyValue); } return status; } // Set map[key] = binary-safe string. On failure any built values are released. static int32_t sshMapSetStr(CalogAggT *map, const char *key, const char *bytes, int64_t length) { CalogValueT keyValue; CalogValueT stringValue; int32_t status; status = calogValueString(&keyValue, key, (int64_t)strlen(key)); if (status != calogOkE) { return status; } status = calogValueString(&stringValue, bytes, length); if (status != calogOkE) { calogValueFree(&keyValue); return status; } status = calogAggSet(map, &keyValue, &stringValue); if (status != calogOkE) { calogValueFree(&keyValue); calogValueFree(&stringValue); } return status; } // Look up a connection handle and enforce owner-scoping. Not-found resolves to // calogErrNotFoundE; a handle owned by another context resolves to calogErrArgE. static int32_t sshResolve(SshLibT *lib, int64_t handle, CalogValueT *result, SshConnT **out) { SshConnT *conn; conn = (SshConnT *)calogHandleGet(lib->handles, handle, SSH_TYPE_CONN); if (conn == NULL) { return calogFail(result, calogErrNotFoundE, "invalid ssh handle"); } if (conn->ownerId != calogCurrentId()) { return calogFail(result, calogErrArgE, "ssh handle belongs to another context"); } *out = conn; return calogOkE; }