calog/libs/calogSsh.c

854 lines
No EOL
30 KiB
C

// calogSsh.c -- calog SSH library (see calogSsh.h). SSH command execution and SFTP file
// transfer over the shared typed handle table, bound to libssh2. Every blocking call is an
// inline native, so it stalls only the calling script's context thread. Sessions run in
// libssh2 blocking mode; each connection handle is owner-scoped to the context that created
// it (see SshConnT.ownerId).
#define _GNU_SOURCE
#include "calogSsh.h"
#include "calogHandle.h"
#include <netdb.h>
#include <pthread.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <unistd.h>
#include <libssh2.h>
#include <libssh2_sftp.h>
// Sole handle type tag for this library, distinct so a stray handle of another kind fails to
// resolve here.
#define SSH_TYPE_CONN 1u
#define SSH_PORT_MAX 65535
// Upper bound on a single read-to-EOF transfer (sshExec output, sftpGet file), matching
// calogNet/calogHttp: without it a huge/endless remote source would grow an unbounded buffer
// and OOM-kill the shared host process. Exceeding it fails with calogErrRangeE.
#define SSH_MAX_TRANSFER (64 * 1024 * 1024)
// What a connection handle owns: the socket, the libssh2 session, a lazily-opened+cached SFTP
// subsystem, and the id of the context that created it. ONLY that owner may operate on it.
typedef struct SshConnT {
int sock;
LIBSSH2_SESSION *session;
LIBSSH2_SFTP *sftp;
uint64_t ownerId;
} SshConnT;
// Process-wide SSH library state shared by every runtime that registers the natives; refCount
// is one per registered runtime, so libssh2_exit runs (and the table is destroyed) only when
// the LAST runtime shuts down.
typedef struct SshLibT {
CalogHandleTableT *handles;
int32_t refCount;
} SshLibT;
static pthread_mutex_t gSshLibMutex = PTHREAD_MUTEX_INITIALIZER;
static SshLibT *gSshLib = NULL;
static int32_t sftpGet(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static int32_t sftpList(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static int32_t sftpMkdir(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static int32_t sftpPut(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static int32_t sftpRemove(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static int32_t sftpStat(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static int32_t sshAuthKey(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static int32_t sshAuthPassword(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static int32_t sshClose(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static void sshCloser(uint32_t type, void *resource);
static int32_t sshConnect(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static int32_t sshDrain(LIBSSH2_CHANNEL *channel, int streamId, char **bytesOut, int64_t *lengthOut);
static int32_t sshEnsureSftp(SshConnT *conn, CalogValueT *result);
static int32_t sshExec(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData);
static int32_t sshMapSetBool(CalogAggT *map, const char *key, bool value);
static int32_t sshMapSetInt(CalogAggT *map, const char *key, int64_t value);
static int32_t sshMapSetStr(CalogAggT *map, const char *key, const char *bytes, int64_t length);
static int32_t sshResolve(SshLibT *lib, int64_t handle, CalogValueT *result, SshConnT **out);
int32_t calogSshRegister(CalogT *calog) {
pthread_mutex_lock(&gSshLibMutex);
if (gSshLib == NULL) {
SshLibT *lib;
lib = (SshLibT *)calloc(1, sizeof(*lib));
if (lib == NULL) {
pthread_mutex_unlock(&gSshLibMutex);
return calogErrOomE;
}
lib->handles = calogHandleTableCreate();
if (lib->handles == NULL) {
free(lib);
pthread_mutex_unlock(&gSshLibMutex);
return calogErrOomE;
}
// libssh2_init uses global state and is not thread safe; the lib mutex serialises it.
if (libssh2_init(0) != 0) {
calogHandleTableDestroy(lib->handles, NULL);
free(lib);
pthread_mutex_unlock(&gSshLibMutex);
return calogErrUnsupportedE;
}
gSshLib = lib;
}
gSshLib->refCount++;
pthread_mutex_unlock(&gSshLibMutex);
calogRegisterInline(calog, "sshConnect", sshConnect, gSshLib);
calogRegisterInline(calog, "sshAuthPassword", sshAuthPassword, gSshLib);
calogRegisterInline(calog, "sshAuthKey", sshAuthKey, gSshLib);
calogRegisterInline(calog, "sshExec", sshExec, gSshLib);
calogRegisterInline(calog, "sshClose", sshClose, gSshLib);
calogRegisterInline(calog, "sftpGet", sftpGet, gSshLib);
calogRegisterInline(calog, "sftpPut", sftpPut, gSshLib);
calogRegisterInline(calog, "sftpList", sftpList, gSshLib);
calogRegisterInline(calog, "sftpStat", sftpStat, gSshLib);
calogRegisterInline(calog, "sftpRemove", sftpRemove, gSshLib);
calogRegisterInline(calog, "sftpMkdir", sftpMkdir, gSshLib);
return calogOkE;
}
void calogSshShutdown(void) {
pthread_mutex_lock(&gSshLibMutex);
if (gSshLib == NULL) {
pthread_mutex_unlock(&gSshLibMutex);
return;
}
gSshLib->refCount--;
if (gSshLib->refCount <= 0) {
calogHandleTableDestroy(gSshLib->handles, sshCloser);
libssh2_exit();
free(gSshLib);
gSshLib = NULL;
}
pthread_mutex_unlock(&gSshLibMutex);
}
static int32_t sftpGet(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
LIBSSH2_SFTP_HANDLE *file;
char *buffer;
size_t cap;
size_t length;
int32_t status;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) {
return calogFail(result, calogErrArgE, "sftpGet expects (handle, remotePath)");
}
status = sshResolve(lib, args[0].as.i, result, &conn);
if (status != calogOkE) {
return status;
}
status = sshEnsureSftp(conn, result);
if (status != calogOkE) {
return status;
}
file = libssh2_sftp_open(conn->sftp, args[1].as.s.bytes, LIBSSH2_FXF_READ, 0);
if (file == NULL) {
return calogFail(result, calogErrNotFoundE, "sftpGet: could not open the remote file");
}
buffer = NULL;
cap = 0;
length = 0;
for (;;) {
ssize_t n;
if (length == cap) {
size_t want;
char *grown;
if (cap >= SSH_MAX_TRANSFER) {
free(buffer);
libssh2_sftp_close(file);
return calogFail(result, calogErrRangeE, "sftpGet: file exceeds the maximum transfer size");
}
want = (cap == 0) ? 65536 : cap * CALOG_GROWTH_FACTOR;
if (want > SSH_MAX_TRANSFER) {
want = SSH_MAX_TRANSFER;
}
grown = (char *)realloc(buffer, want);
if (grown == NULL) {
free(buffer);
libssh2_sftp_close(file);
return calogFail(result, calogErrOomE, "sftpGet: out of memory");
}
buffer = grown;
cap = want;
}
n = libssh2_sftp_read(file, buffer + length, cap - length);
if (n > 0) {
length += (size_t)n;
} else if (n == 0) {
break;
} else if (n == LIBSSH2_ERROR_EAGAIN) {
continue;
} else {
free(buffer);
libssh2_sftp_close(file);
return calogFail(result, calogErrArgE, "sftpGet: read failed");
}
}
libssh2_sftp_close(file);
status = calogValueString(result, (buffer != NULL) ? buffer : "", (int64_t)length);
free(buffer);
return status;
}
static int32_t sftpList(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
LIBSSH2_SFTP_HANDLE *dir;
CalogAggT *list;
int32_t status;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) {
return calogFail(result, calogErrArgE, "sftpList expects (handle, path)");
}
status = sshResolve(lib, args[0].as.i, result, &conn);
if (status != calogOkE) {
return status;
}
status = sshEnsureSftp(conn, result);
if (status != calogOkE) {
return status;
}
dir = libssh2_sftp_opendir(conn->sftp, args[1].as.s.bytes);
if (dir == NULL) {
return calogFail(result, calogErrArgE, "sftpList: could not open the directory");
}
status = calogAggCreate(&list, calogListE);
if (status != calogOkE) {
libssh2_sftp_closedir(dir);
return calogFail(result, status, "sftpList: out of memory");
}
for (;;) {
LIBSSH2_SFTP_ATTRIBUTES attrs;
CalogAggT *entry;
CalogValueT entryValue;
char name[512];
int rc;
rc = libssh2_sftp_readdir(dir, name, sizeof(name), &attrs);
if (rc == 0) {
break;
}
if (rc == LIBSSH2_ERROR_EAGAIN) {
continue;
}
if (rc < 0) {
calogAggFree(list);
libssh2_sftp_closedir(dir);
return calogFail(result, calogErrArgE, "sftpList: read failed");
}
// Skip "." and ".." so callers see only real entries.
if ((rc == 1 && name[0] == '.') || (rc == 2 && name[0] == '.' && name[1] == '.')) {
continue;
}
status = calogAggCreate(&entry, calogMapE);
if (status != calogOkE) {
calogAggFree(list);
libssh2_sftp_closedir(dir);
return calogFail(result, status, "sftpList: out of memory");
}
status = sshMapSetStr(entry, "name", name, (int64_t)rc);
if (status == calogOkE) {
int64_t size;
size = (attrs.flags & LIBSSH2_SFTP_ATTR_SIZE) ? (int64_t)attrs.filesize : 0;
status = sshMapSetInt(entry, "size", size);
}
if (status == calogOkE) {
bool isDir;
isDir = (attrs.flags & LIBSSH2_SFTP_ATTR_PERMISSIONS) && LIBSSH2_SFTP_S_ISDIR(attrs.permissions);
status = sshMapSetBool(entry, "isDir", isDir);
}
if (status != calogOkE) {
calogAggFree(entry);
calogAggFree(list);
libssh2_sftp_closedir(dir);
return calogFail(result, status, "sftpList: failed to build an entry");
}
calogValueAgg(&entryValue, entry);
status = calogAggPush(list, &entryValue);
if (status != calogOkE) {
calogValueFree(&entryValue);
calogAggFree(list);
libssh2_sftp_closedir(dir);
return calogFail(result, status, "sftpList: out of memory");
}
}
libssh2_sftp_closedir(dir);
calogValueAgg(result, list);
return calogOkE;
}
static int32_t sftpMkdir(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
int32_t status;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) {
return calogFail(result, calogErrArgE, "sftpMkdir expects (handle, path)");
}
status = sshResolve(lib, args[0].as.i, result, &conn);
if (status != calogOkE) {
return status;
}
status = sshEnsureSftp(conn, result);
if (status != calogOkE) {
return status;
}
if (libssh2_sftp_mkdir(conn->sftp, args[1].as.s.bytes, 0755) != 0) {
return calogFail(result, calogErrArgE, "sftpMkdir: could not create the directory");
}
return calogOkE;
}
static int32_t sftpPut(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
LIBSSH2_SFTP_HANDLE *file;
int64_t total;
int32_t status;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount != 3 || args[0].type != calogIntE || args[1].type != calogStringE || args[2].type != calogStringE) {
return calogFail(result, calogErrArgE, "sftpPut expects (handle, remotePath, data)");
}
status = sshResolve(lib, args[0].as.i, result, &conn);
if (status != calogOkE) {
return status;
}
status = sshEnsureSftp(conn, result);
if (status != calogOkE) {
return status;
}
file = libssh2_sftp_open(conn->sftp, args[1].as.s.bytes,
LIBSSH2_FXF_WRITE | LIBSSH2_FXF_CREAT | LIBSSH2_FXF_TRUNC, 0644);
if (file == NULL) {
return calogFail(result, calogErrArgE, "sftpPut: could not open the remote file");
}
total = 0;
while (total < args[2].as.s.length) {
ssize_t n;
n = libssh2_sftp_write(file, args[2].as.s.bytes + total, (size_t)(args[2].as.s.length - total));
if (n < 0) {
if (n == LIBSSH2_ERROR_EAGAIN) {
continue;
}
libssh2_sftp_close(file);
return calogFail(result, calogErrArgE, "sftpPut: write failed");
}
total += (int64_t)n;
}
libssh2_sftp_close(file);
return calogOkE;
}
static int32_t sftpRemove(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
int32_t status;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) {
return calogFail(result, calogErrArgE, "sftpRemove expects (handle, path)");
}
status = sshResolve(lib, args[0].as.i, result, &conn);
if (status != calogOkE) {
return status;
}
status = sshEnsureSftp(conn, result);
if (status != calogOkE) {
return status;
}
if (libssh2_sftp_unlink(conn->sftp, args[1].as.s.bytes) != 0) {
return calogFail(result, calogErrArgE, "sftpRemove: could not remove the path");
}
return calogOkE;
}
static int32_t sftpStat(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
LIBSSH2_SFTP_ATTRIBUTES attrs;
CalogAggT *map;
int64_t size;
bool isDir;
int rc;
int32_t status;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) {
return calogFail(result, calogErrArgE, "sftpStat expects (handle, path)");
}
status = sshResolve(lib, args[0].as.i, result, &conn);
if (status != calogOkE) {
return status;
}
status = sshEnsureSftp(conn, result);
if (status != calogOkE) {
return status;
}
rc = libssh2_sftp_stat(conn->sftp, args[1].as.s.bytes, &attrs);
if (rc < 0) {
// A missing path (or any stat failure) reports as nil rather than an error.
return calogOkE;
}
status = calogAggCreate(&map, calogMapE);
if (status != calogOkE) {
return calogFail(result, status, "sftpStat: out of memory");
}
size = (attrs.flags & LIBSSH2_SFTP_ATTR_SIZE) ? (int64_t)attrs.filesize : 0;
isDir = (attrs.flags & LIBSSH2_SFTP_ATTR_PERMISSIONS) && LIBSSH2_SFTP_S_ISDIR(attrs.permissions);
status = sshMapSetInt(map, "size", size);
if (status == calogOkE) {
status = sshMapSetBool(map, "isDir", isDir);
}
if (status != calogOkE) {
calogAggFree(map);
return calogFail(result, status, "sftpStat: failed to build the result");
}
calogValueAgg(result, map);
return calogOkE;
}
static int32_t sshAuthKey(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
const char *publicKey;
const char *passphrase;
int rc;
int32_t status;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount < 3 || argCount > 5 || args[0].type != calogIntE || args[1].type != calogStringE || args[2].type != calogStringE) {
return calogFail(result, calogErrArgE, "sshAuthKey expects (handle, user, privateKeyPath[, publicKeyPath, passphrase])");
}
publicKey = NULL;
passphrase = NULL;
if (argCount >= 4) {
if (args[3].type != calogStringE) {
return calogFail(result, calogErrArgE, "sshAuthKey: publicKeyPath must be a string");
}
if (args[3].as.s.length > 0) {
publicKey = args[3].as.s.bytes;
}
}
if (argCount == 5) {
if (args[4].type != calogStringE) {
return calogFail(result, calogErrArgE, "sshAuthKey: passphrase must be a string");
}
if (args[4].as.s.length > 0) {
passphrase = args[4].as.s.bytes;
}
}
status = sshResolve(lib, args[0].as.i, result, &conn);
if (status != calogOkE) {
return status;
}
rc = libssh2_userauth_publickey_fromfile_ex(conn->session, args[1].as.s.bytes, (unsigned int)args[1].as.s.length,
publicKey, args[2].as.s.bytes, passphrase);
calogValueBool(result, rc == 0);
return calogOkE;
}
static int32_t sshAuthPassword(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
int rc;
int32_t status;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount != 3 || args[0].type != calogIntE || args[1].type != calogStringE || args[2].type != calogStringE) {
return calogFail(result, calogErrArgE, "sshAuthPassword expects (handle, user, password)");
}
status = sshResolve(lib, args[0].as.i, result, &conn);
if (status != calogOkE) {
return status;
}
rc = libssh2_userauth_password_ex(conn->session, args[1].as.s.bytes, (unsigned int)args[1].as.s.length,
args[2].as.s.bytes, (unsigned int)args[2].as.s.length, NULL);
calogValueBool(result, rc == 0);
return calogOkE;
}
static int32_t sshClose(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount != 1 || args[0].type != calogIntE) {
return calogFail(result, calogErrArgE, "sshClose expects (handle)");
}
// Peek first to enforce owner-scoping; because the owner is a single thread, the peek and
// the remove below cannot race another context claiming this handle.
conn = (SshConnT *)calogHandleGet(lib->handles, args[0].as.i, SSH_TYPE_CONN);
if (conn == NULL) {
return calogFail(result, calogErrNotFoundE, "sshClose: invalid ssh handle");
}
if (conn->ownerId != calogCurrentId()) {
return calogFail(result, calogErrArgE, "sshClose: ssh handle belongs to another context");
}
conn = (SshConnT *)calogHandleRemove(lib->handles, args[0].as.i, SSH_TYPE_CONN);
if (conn == NULL) {
return calogFail(result, calogErrNotFoundE, "sshClose: invalid ssh handle");
}
if (conn->sftp != NULL) {
libssh2_sftp_shutdown(conn->sftp);
}
libssh2_session_disconnect(conn->session, "calog: closing");
libssh2_session_free(conn->session);
close(conn->sock);
free(conn);
return calogOkE;
}
static void sshCloser(uint32_t type, void *resource) {
SshConnT *conn;
(void)type;
conn = (SshConnT *)resource;
if (conn->sftp != NULL) {
libssh2_sftp_shutdown(conn->sftp);
}
libssh2_session_disconnect(conn->session, "calog: shutdown");
libssh2_session_free(conn->session);
close(conn->sock);
free(conn);
}
static int32_t sshConnect(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
LIBSSH2_SESSION *session;
struct addrinfo hints;
struct addrinfo *res;
struct addrinfo *rp;
char portBuffer[8];
int64_t port;
int64_t handle;
int fd;
int rc;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount < 1 || argCount > 2 || args[0].type != calogStringE) {
return calogFail(result, calogErrArgE, "sshConnect expects (host[, port])");
}
port = 22;
if (argCount == 2) {
if (args[1].type != calogIntE) {
return calogFail(result, calogErrArgE, "sshConnect expects (host[, port])");
}
port = args[1].as.i;
}
if (port < 1 || port > SSH_PORT_MAX) {
return calogFail(result, calogErrArgE, "sshConnect: port out of range");
}
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
snprintf(portBuffer, sizeof(portBuffer), "%u", (unsigned int)port);
rc = getaddrinfo(args[0].as.s.bytes, portBuffer, &hints, &res);
if (rc != 0) {
return calogFail(result, calogErrArgE, gai_strerror(rc));
}
fd = -1;
for (rp = res; rp != NULL; rp = rp->ai_next) {
fd = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol);
if (fd < 0) {
continue;
}
if (connect(fd, rp->ai_addr, rp->ai_addrlen) == 0) {
break;
}
close(fd);
fd = -1;
}
freeaddrinfo(res);
if (fd < 0) {
return calogFail(result, calogErrArgE, "sshConnect: could not connect");
}
session = libssh2_session_init();
if (session == NULL) {
close(fd);
return calogFail(result, calogErrOomE, "sshConnect: could not create a session");
}
libssh2_session_set_blocking(session, 1);
if (libssh2_session_handshake(session, fd) != 0) {
libssh2_session_free(session);
close(fd);
return calogFail(result, calogErrArgE, "sshConnect: SSH handshake failed");
}
conn = (SshConnT *)calloc(1, sizeof(*conn));
if (conn == NULL) {
libssh2_session_disconnect(session, "out of memory");
libssh2_session_free(session);
close(fd);
return calogFail(result, calogErrOomE, "sshConnect: out of memory");
}
conn->sock = fd;
conn->session = session;
conn->sftp = NULL;
conn->ownerId = calogCurrentId();
handle = calogHandleAdd(lib->handles, SSH_TYPE_CONN, conn);
if (handle == 0) {
libssh2_session_disconnect(session, "out of memory");
libssh2_session_free(session);
close(fd);
free(conn);
return calogFail(result, calogErrOomE, "sshConnect: out of memory");
}
calogValueInt(result, handle);
return calogOkE;
}
// Drain one channel stream (0 = stdout, SSH_EXTENDED_DATA_STDERR = stderr) into a fresh
// growable buffer, binary-safe. Returns calogOkE with *bytesOut owned by the caller (freed on
// every path), or an error (the buffer is released here on failure).
static int32_t sshDrain(LIBSSH2_CHANNEL *channel, int streamId, char **bytesOut, int64_t *lengthOut) {
char *buffer;
size_t cap;
size_t length;
buffer = NULL;
cap = 0;
length = 0;
for (;;) {
ssize_t n;
if (length == cap) {
size_t want;
char *grown;
if (cap >= SSH_MAX_TRANSFER) {
free(buffer);
return calogErrRangeE;
}
want = (cap == 0) ? 4096 : cap * CALOG_GROWTH_FACTOR;
if (want > SSH_MAX_TRANSFER) {
want = SSH_MAX_TRANSFER;
}
grown = (char *)realloc(buffer, want);
if (grown == NULL) {
free(buffer);
return calogErrOomE;
}
buffer = grown;
cap = want;
}
n = libssh2_channel_read_ex(channel, streamId, buffer + length, cap - length);
if (n > 0) {
length += (size_t)n;
} else if (n == 0) {
break;
} else if (n == LIBSSH2_ERROR_EAGAIN) {
continue;
} else {
free(buffer);
return calogErrArgE;
}
}
*bytesOut = buffer;
*lengthOut = (int64_t)length;
return calogOkE;
}
// Open the SFTP subsystem on the connection if not already open, caching it for reuse.
static int32_t sshEnsureSftp(SshConnT *conn, CalogValueT *result) {
LIBSSH2_SFTP *sftp;
if (conn->sftp != NULL) {
return calogOkE;
}
sftp = libssh2_sftp_init(conn->session);
if (sftp == NULL) {
return calogFail(result, calogErrArgE, "could not start an SFTP session");
}
conn->sftp = sftp;
return calogOkE;
}
static int32_t sshExec(CalogValueT *args, int32_t argCount, CalogValueT *result, void *userData) {
SshLibT *lib;
SshConnT *conn;
LIBSSH2_CHANNEL *channel;
CalogAggT *map;
char *outBytes;
char *errBytes;
int64_t outLength;
int64_t errLength;
int exitCode;
int32_t status;
lib = (SshLibT *)userData;
calogValueNil(result);
if (argCount != 2 || args[0].type != calogIntE || args[1].type != calogStringE) {
return calogFail(result, calogErrArgE, "sshExec expects (handle, command)");
}
status = sshResolve(lib, args[0].as.i, result, &conn);
if (status != calogOkE) {
return status;
}
channel = libssh2_channel_open_session(conn->session);
if (channel == NULL) {
return calogFail(result, calogErrArgE, "sshExec: could not open a channel");
}
if (args[1].as.s.length > SSH_MAX_TRANSFER) {
libssh2_channel_free(channel);
return calogFail(result, calogErrRangeE, "sshExec: command too long");
}
// Not libssh2_channel_exec (it derives the length with strlen, truncating a command with an
// embedded NUL); pass the binary-safe length explicitly.
if (libssh2_channel_process_startup(channel, "exec", 4u, args[1].as.s.bytes, (unsigned int)args[1].as.s.length) != 0) {
libssh2_channel_free(channel);
return calogFail(result, calogErrArgE, "sshExec: could not start the command");
}
// Blocking reads: drain stdout to EOF, then stderr (libssh2 buffers the other stream).
status = sshDrain(channel, 0, &outBytes, &outLength);
if (status != calogOkE) {
libssh2_channel_free(channel);
return calogFail(result, status, "sshExec: out of memory");
}
status = sshDrain(channel, SSH_EXTENDED_DATA_STDERR, &errBytes, &errLength);
if (status != calogOkE) {
free(outBytes);
libssh2_channel_free(channel);
return calogFail(result, status, "sshExec: out of memory");
}
libssh2_channel_close(channel);
exitCode = libssh2_channel_get_exit_status(channel);
libssh2_channel_free(channel);
status = calogAggCreate(&map, calogMapE);
if (status != calogOkE) {
free(outBytes);
free(errBytes);
return calogFail(result, status, "sshExec: out of memory");
}
status = sshMapSetStr(map, "stdout", outBytes, outLength);
if (status == calogOkE) {
status = sshMapSetStr(map, "stderr", errBytes, errLength);
}
if (status == calogOkE) {
status = sshMapSetInt(map, "exitCode", (int64_t)exitCode);
}
free(outBytes);
free(errBytes);
if (status != calogOkE) {
calogAggFree(map);
return calogFail(result, status, "sshExec: failed to build the result");
}
calogValueAgg(result, map);
return calogOkE;
}
// Set map[key] = boolean. On failure the (freshly built) key is released; the scalar needs
// none.
static int32_t sshMapSetBool(CalogAggT *map, const char *key, bool value) {
CalogValueT keyValue;
CalogValueT boolValue;
int32_t status;
status = calogValueString(&keyValue, key, (int64_t)strlen(key));
if (status != calogOkE) {
return status;
}
calogValueBool(&boolValue, value);
status = calogAggSet(map, &keyValue, &boolValue);
if (status != calogOkE) {
calogValueFree(&keyValue);
}
return status;
}
// Set map[key] = integer. On failure the (freshly built) key is released; the scalar needs
// none.
static int32_t sshMapSetInt(CalogAggT *map, const char *key, int64_t value) {
CalogValueT keyValue;
CalogValueT intValue;
int32_t status;
status = calogValueString(&keyValue, key, (int64_t)strlen(key));
if (status != calogOkE) {
return status;
}
calogValueInt(&intValue, value);
status = calogAggSet(map, &keyValue, &intValue);
if (status != calogOkE) {
calogValueFree(&keyValue);
}
return status;
}
// Set map[key] = binary-safe string. On failure any built values are released.
static int32_t sshMapSetStr(CalogAggT *map, const char *key, const char *bytes, int64_t length) {
CalogValueT keyValue;
CalogValueT stringValue;
int32_t status;
status = calogValueString(&keyValue, key, (int64_t)strlen(key));
if (status != calogOkE) {
return status;
}
status = calogValueString(&stringValue, bytes, length);
if (status != calogOkE) {
calogValueFree(&keyValue);
return status;
}
status = calogAggSet(map, &keyValue, &stringValue);
if (status != calogOkE) {
calogValueFree(&keyValue);
calogValueFree(&stringValue);
}
return status;
}
// Look up a connection handle and enforce owner-scoping. Not-found resolves to
// calogErrNotFoundE; a handle owned by another context resolves to calogErrArgE.
static int32_t sshResolve(SshLibT *lib, int64_t handle, CalogValueT *result, SshConnT **out) {
SshConnT *conn;
conn = (SshConnT *)calogHandleGet(lib->handles, handle, SSH_TYPE_CONN);
if (conn == NULL) {
return calogFail(result, calogErrNotFoundE, "invalid ssh handle");
}
if (conn->ownerId != calogCurrentId()) {
return calogFail(result, calogErrArgE, "ssh handle belongs to another context");
}
*out = conn;
return calogOkE;
}