Annotation of embedaddon/curl/docs/libcurl/opts/CURLOPT_SSH_KEYFUNCTION.3, revision 1.1
1.1 ! misho 1: .\" **************************************************************************
! 2: .\" * _ _ ____ _
! 3: .\" * Project ___| | | | _ \| |
! 4: .\" * / __| | | | |_) | |
! 5: .\" * | (__| |_| | _ <| |___
! 6: .\" * \___|\___/|_| \_\_____|
! 7: .\" *
! 8: .\" * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
! 9: .\" *
! 10: .\" * This software is licensed as described in the file COPYING, which
! 11: .\" * you should have received as part of this distribution. The terms
! 12: .\" * are also available at https://curl.haxx.se/docs/copyright.html.
! 13: .\" *
! 14: .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
! 15: .\" * copies of the Software, and permit persons to whom the Software is
! 16: .\" * furnished to do so, under the terms of the COPYING file.
! 17: .\" *
! 18: .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
! 19: .\" * KIND, either express or implied.
! 20: .\" *
! 21: .\" **************************************************************************
! 22: .\"
! 23: .TH CURLOPT_SSH_KEYFUNCTION 3 "May 31, 2017" "libcurl 7.70.0" "curl_easy_setopt options"
! 24:
! 25: .SH NAME
! 26: CURLOPT_SSH_KEYFUNCTION \- callback for known host matching logic
! 27: .SH SYNOPSIS
! 28: .nf
! 29: #include <curl/curl.h>
! 30:
! 31: enum curl_khstat {
! 32: CURLKHSTAT_FINE_ADD_TO_FILE,
! 33: CURLKHSTAT_FINE,
! 34: CURLKHSTAT_REJECT, /* reject the connection, return an error */
! 35: CURLKHSTAT_DEFER, /* do not accept it, but we can't answer right
! 36: now so this causes a CURLE_DEFER error but
! 37: otherwise the connection will be left intact
! 38: etc */
! 39: };
! 40:
! 41: enum curl_khmatch {
! 42: CURLKHMATCH_OK, /* match */
! 43: CURLKHMATCH_MISMATCH, /* host found, key mismatch! */
! 44: CURLKHMATCH_MISSING, /* no matching host/key found */
! 45: };
! 46:
! 47: struct curl_khkey {
! 48: const char *key; /* points to a zero-terminated string encoded with
! 49: base64 if len is zero, otherwise to the "raw"
! 50: data */
! 51: size_t len;
! 52: enum curl_khtype keytype;
! 53: };
! 54:
! 55: int ssh_keycallback(CURL *easy,
! 56: const struct curl_khkey *knownkey,
! 57: const struct curl_khkey *foundkey,
! 58: enum curl_khmatch,
! 59: void *clientp);
! 60:
! 61: CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSH_KEYFUNCTION,
! 62: ssh_keycallback);
! 63: .SH DESCRIPTION
! 64: Pass a pointer to your callback function, which should match the prototype
! 65: shown above.
! 66:
! 67: It gets called when the known_host matching has been done, to allow the
! 68: application to act and decide for libcurl how to proceed. The callback will
! 69: only be called if \fICURLOPT_SSH_KNOWNHOSTS(3)\fP is also set.
! 70:
! 71: This callback function gets passed the CURL handle, the key from the
! 72: known_hosts file \fIknownkey\fP, the key from the remote site \fIfoundkey\fP,
! 73: info from libcurl on the matching status and a custom pointer (set with
! 74: \fICURLOPT_SSH_KEYDATA(3)\fP). It MUST return one of the following return
! 75: codes to tell libcurl how to act:
! 76:
! 77: .IP CURLKHSTAT_FINE_ADD_TO_FILE
! 78: The host+key is accepted and libcurl will append it to the known_hosts file
! 79: before continuing with the connection. This will also add the host+key combo
! 80: to the known_host pool kept in memory if it wasn't already present there. The
! 81: adding of data to the file is done by completely replacing the file with a new
! 82: copy, so the permissions of the file must allow this.
! 83: .IP CURLKHSTAT_FINE
! 84: The host+key is accepted libcurl will continue with the connection. This will
! 85: also add the host+key combo to the known_host pool kept in memory if it wasn't
! 86: already present there.
! 87: .IP CURLKHSTAT_REJECT
! 88: The host+key is rejected. libcurl will deny the connection to continue and it
! 89: will be closed.
! 90: .IP CURLKHSTAT_DEFER
! 91: The host+key is rejected, but the SSH connection is asked to be kept alive.
! 92: This feature could be used when the app wants to somehow return back and act
! 93: on the host+key situation and then retry without needing the overhead of
! 94: setting it up from scratch again.
! 95: .SH DEFAULT
! 96: NULL
! 97: .SH PROTOCOLS
! 98: SFTP and SCP
! 99: .SH EXAMPLE
! 100: .nf
! 101: static int keycb(CURL *easy,
! 102: const struct curl_khkey *knownkey,
! 103: const struct curl_khkey *foundkey,
! 104: enum curl_khmatch,
! 105: void *clientp)
! 106: {
! 107: /* 'clientp' points to the callback_data struct */
! 108: /* investigate the situation and return the correct value */
! 109: return CURLKHSTAT_FINE_ADD_TO_FILE;
! 110: }
! 111: {
! 112: curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/thisfile.txt");
! 113: curl_easy_setopt(curl, CURLOPT_SSH_KEYFUNCTION, keycb);
! 114: curl_easy_setopt(curl, CURLOPT_SSH_KEYDATA, &callback_data);
! 115: curl_easy_setopt(curl, CURLOPT_SSH_KNOWNHOSTS, "/home/user/known_hosts");
! 116:
! 117: curl_easy_perform(curl);
! 118: }
! 119: .fi
! 120: .SH AVAILABILITY
! 121: Added in 7.19.6
! 122: .SH RETURN VALUE
! 123: Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
! 124: .SH "SEE ALSO"
! 125: .BR CURLOPT_SSH_KEYDATA "(3), " CURLOPT_SSH_KNOWNHOSTS "(3), "
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>