Вы не можете выбрать более 25 тем
Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
133 строки
5.3 KiB
Groff
133 строки
5.3 KiB
Groff
.\" **************************************************************************
|
|
.\" * _ _ ____ _
|
|
.\" * Project ___| | | | _ \| |
|
|
.\" * / __| | | | |_) | |
|
|
.\" * | (__| |_| | _ <| |___
|
|
.\" * \___|\___/|_| \_\_____|
|
|
.\" *
|
|
.\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
.\" *
|
|
.\" * This software is licensed as described in the file COPYING, which
|
|
.\" * you should have received as part of this distribution. The terms
|
|
.\" * are also available at https://curl.se/docs/copyright.html.
|
|
.\" *
|
|
.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
.\" * copies of the Software, and permit persons to whom the Software is
|
|
.\" * furnished to do so, under the terms of the COPYING file.
|
|
.\" *
|
|
.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
.\" * KIND, either express or implied.
|
|
.\" *
|
|
.\" **************************************************************************
|
|
.\"
|
|
.TH CURLOPT_SSH_KEYFUNCTION 3 "October 31, 2021" "libcurl 7.83.1" "curl_easy_setopt options"
|
|
|
|
.SH NAME
|
|
CURLOPT_SSH_KEYFUNCTION \- callback for known host matching logic
|
|
.SH SYNOPSIS
|
|
.nf
|
|
#include <curl/curl.h>
|
|
|
|
enum curl_khstat {
|
|
CURLKHSTAT_FINE_ADD_TO_FILE,
|
|
CURLKHSTAT_FINE,
|
|
CURLKHSTAT_REJECT, /* reject the connection, return an error */
|
|
CURLKHSTAT_DEFER, /* do not accept it, but we cannot answer right
|
|
now so this causes a CURLE_DEFER error but
|
|
otherwise the connection will be left intact
|
|
etc */
|
|
CURLKHSTAT_FINE_REPLACE
|
|
};
|
|
|
|
enum curl_khmatch {
|
|
CURLKHMATCH_OK, /* match */
|
|
CURLKHMATCH_MISMATCH, /* host found, key mismatch! */
|
|
CURLKHMATCH_MISSING, /* no matching host/key found */
|
|
};
|
|
|
|
struct curl_khkey {
|
|
const char *key; /* points to a null-terminated string encoded with
|
|
base64 if len is zero, otherwise to the "raw"
|
|
data */
|
|
size_t len;
|
|
enum curl_khtype keytype;
|
|
};
|
|
|
|
int ssh_keycallback(CURL *easy,
|
|
const struct curl_khkey *knownkey,
|
|
const struct curl_khkey *foundkey,
|
|
enum curl_khmatch,
|
|
void *clientp);
|
|
|
|
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSH_KEYFUNCTION,
|
|
ssh_keycallback);
|
|
.SH DESCRIPTION
|
|
Pass a pointer to your callback function, which should match the prototype
|
|
shown above.
|
|
|
|
It gets called when the known_host matching has been done, to allow the
|
|
application to act and decide for libcurl how to proceed. The callback will
|
|
only be called if \fICURLOPT_SSH_KNOWNHOSTS(3)\fP is also set.
|
|
|
|
This callback function gets passed the CURL handle, the key from the
|
|
known_hosts file \fIknownkey\fP, the key from the remote site \fIfoundkey\fP,
|
|
info from libcurl on the matching status and a custom pointer (set with
|
|
\fICURLOPT_SSH_KEYDATA(3)\fP). It MUST return one of the following return
|
|
codes to tell libcurl how to act:
|
|
.IP CURLKHSTAT_FINE_REPLACE
|
|
The new host+key is accepted and libcurl will replace the old host+key into
|
|
the known_hosts file before continuing with the connection. This will also
|
|
add the new host+key combo to the known_host pool kept in memory if it was not
|
|
already present there. The adding of data to the file is done by completely
|
|
replacing the file with a new copy, so the permissions of the file must allow
|
|
this. (Added in 7.73.0)
|
|
.IP CURLKHSTAT_FINE_ADD_TO_FILE
|
|
The host+key is accepted and libcurl will append it to the known_hosts file
|
|
before continuing with the connection. This will also add the host+key combo
|
|
to the known_host pool kept in memory if it was not already present there. The
|
|
adding of data to the file is done by completely replacing the file with a new
|
|
copy, so the permissions of the file must allow this.
|
|
.IP CURLKHSTAT_FINE
|
|
The host+key is accepted libcurl will continue with the connection. This will
|
|
also add the host+key combo to the known_host pool kept in memory if it was not
|
|
already present there.
|
|
.IP CURLKHSTAT_REJECT
|
|
The host+key is rejected. libcurl will deny the connection to continue and it
|
|
will be closed.
|
|
.IP CURLKHSTAT_DEFER
|
|
The host+key is rejected, but the SSH connection is asked to be kept alive.
|
|
This feature could be used when the app wants to somehow return back and act
|
|
on the host+key situation and then retry without needing the overhead of
|
|
setting it up from scratch again.
|
|
.SH DEFAULT
|
|
NULL
|
|
.SH PROTOCOLS
|
|
SFTP and SCP
|
|
.SH EXAMPLE
|
|
.nf
|
|
static int keycb(CURL *easy,
|
|
const struct curl_khkey *knownkey,
|
|
const struct curl_khkey *foundkey,
|
|
enum curl_khmatch,
|
|
void *clientp)
|
|
{
|
|
/* 'clientp' points to the callback_data struct */
|
|
/* investigate the situation and return the correct value */
|
|
return CURLKHSTAT_FINE_ADD_TO_FILE;
|
|
}
|
|
{
|
|
curl_easy_setopt(curl, CURLOPT_URL, "sftp://example.com/thisfile.txt");
|
|
curl_easy_setopt(curl, CURLOPT_SSH_KEYFUNCTION, keycb);
|
|
curl_easy_setopt(curl, CURLOPT_SSH_KEYDATA, &callback_data);
|
|
curl_easy_setopt(curl, CURLOPT_SSH_KNOWNHOSTS, "/home/user/known_hosts");
|
|
|
|
curl_easy_perform(curl);
|
|
}
|
|
.fi
|
|
.SH AVAILABILITY
|
|
Added in 7.19.6
|
|
.SH RETURN VALUE
|
|
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
|
|
.SH "SEE ALSO"
|
|
.BR CURLOPT_SSH_KEYDATA "(3), " CURLOPT_SSH_KNOWNHOSTS "(3), "
|