1 /*****************************************************************************
2 * sftp.c: SFTP input module
3 *****************************************************************************
4 * Copyright (C) 2009 VLC authors and VideoLAN
6 * Authors: RĂ©mi Duraffort <ivoire@videolan.org>
7 * Petri Hintukainen <phintuka@gmail.com>
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU Lesser General Public License as published by
11 * the Free Software Foundation; either version 2.1 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public License
20 * along with this program; if not, write to the Free Software Foundation,
21 * Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
22 *****************************************************************************/
24 /*****************************************************************************
26 *****************************************************************************/
31 #include <vlc_common.h>
32 #include <vlc_plugin.h>
36 #include <vlc_access.h>
37 #include <vlc_input_item.h>
38 #include <vlc_network.h>
40 #include <vlc_keystore.h>
43 #include <libssh2_sftp.h>
46 /*****************************************************************************
48 *****************************************************************************/
49 static int Open ( vlc_object_t
* );
50 static void Close( vlc_object_t
* );
52 #define PORT_TEXT N_("SFTP port")
53 #define PORT_LONGTEXT N_("SFTP port number to use on the server")
54 #define USER_TEXT N_("Username")
55 #define USER_LONGTEXT N_("Username that will be used for the connection, " \
56 "if no username is set in the URL.")
57 #define PASS_TEXT N_("Password")
58 #define PASS_LONGTEXT N_("Password that will be used for the connection, " \
59 "if no username or password are set in URL.")
62 set_shortname( "SFTP" )
63 set_description( N_("SFTP input") )
64 set_capability( "access", 0 )
65 set_category( CAT_INPUT
)
66 set_subcategory( SUBCAT_INPUT_ACCESS
)
67 add_integer( "sftp-port", 22, PORT_TEXT
, PORT_LONGTEXT
, true )
68 add_string( "sftp-user", NULL
, USER_TEXT
, USER_LONGTEXT
, false )
69 add_password("sftp-pwd", NULL
, PASS_TEXT
, PASS_LONGTEXT
)
70 add_shortcut( "sftp" )
71 set_callbacks( Open
, Close
)
75 /*****************************************************************************
77 *****************************************************************************/
78 static ssize_t
Read( stream_t
*, void *, size_t );
79 static int Seek( stream_t
*, uint64_t );
80 static int Control( stream_t
*, int, va_list );
82 static int DirRead( stream_t
*, input_item_node_t
* );
87 LIBSSH2_SESSION
* ssh_session
;
88 LIBSSH2_SFTP
* sftp_session
;
89 LIBSSH2_SFTP_HANDLE
* file
;
94 static int AuthKeyAgent( stream_t
*p_access
, const char *psz_username
)
96 access_sys_t
* p_sys
= p_access
->p_sys
;
97 int i_result
= VLC_EGENERIC
;
98 LIBSSH2_AGENT
*p_sshagent
= NULL
;
99 struct libssh2_agent_publickey
*p_identity
= NULL
,
100 *p_prev_identity
= NULL
;
102 if( !psz_username
|| !psz_username
[0] )
105 p_sshagent
= libssh2_agent_init( p_sys
->ssh_session
);
109 msg_Dbg( p_access
, "Failed to initialize key agent" );
112 if( libssh2_agent_connect( p_sshagent
) )
114 msg_Dbg( p_access
, "Failed to connect key agent" );
117 if( libssh2_agent_list_identities( p_sshagent
) )
119 msg_Dbg( p_access
, "Failed to request identities" );
123 while( libssh2_agent_get_identity( p_sshagent
, &p_identity
, p_prev_identity
) == 0 )
125 msg_Dbg( p_access
, "Using key %s", p_identity
->comment
);
126 if( libssh2_agent_userauth( p_sshagent
, psz_username
, p_identity
) == 0 )
128 msg_Info( p_access
, "Public key agent authentication succeeded" );
129 i_result
= VLC_SUCCESS
;
132 msg_Dbg( p_access
, "Public key agent authentication failed" );
133 p_prev_identity
= p_identity
;
139 libssh2_agent_disconnect( p_sshagent
);
140 libssh2_agent_free( p_sshagent
);
146 static int AuthPublicKey( stream_t
*p_access
, const char *psz_home
, const char *psz_username
)
148 access_sys_t
* p_sys
= p_access
->p_sys
;
149 int i_result
= VLC_EGENERIC
;
150 char *psz_keyfile1
= NULL
;
151 char *psz_keyfile2
= NULL
;
153 if( !psz_username
|| !psz_username
[0] )
156 if( asprintf( &psz_keyfile1
, "%s/.ssh/id_rsa.pub", psz_home
) == -1 ||
157 asprintf( &psz_keyfile2
, "%s/.ssh/id_rsa", psz_home
) == -1 )
160 if( libssh2_userauth_publickey_fromfile( p_sys
->ssh_session
, psz_username
, psz_keyfile1
, psz_keyfile2
, NULL
) )
162 msg_Dbg( p_access
, "Public key authentication failed" );
166 msg_Info( p_access
, "Public key authentication succeeded" );
167 i_result
= VLC_SUCCESS
;
170 free( psz_keyfile1
);
171 free( psz_keyfile2
);
175 static void SSHSessionDestroy( stream_t
*p_access
)
177 access_sys_t
* p_sys
= p_access
->p_sys
;
179 if( p_sys
->ssh_session
)
181 libssh2_session_free( p_sys
->ssh_session
);
182 p_sys
->ssh_session
= NULL
;
184 if( p_sys
->i_socket
>= 0 )
186 net_Close( p_sys
->i_socket
);
187 p_sys
->i_socket
= -1;
191 static int SSHSessionInit( stream_t
*p_access
, const char *psz_host
, int i_port
)
193 access_sys_t
* p_sys
= p_access
->p_sys
;
195 /* Connect to the server using a regular socket */
196 assert( p_sys
->i_socket
== -1 );
197 p_sys
->i_socket
= net_Connect( p_access
, psz_host
, i_port
, SOCK_STREAM
,
199 if( p_sys
->i_socket
< 0 )
202 /* Create the ssh connexion and wait until the server answer */
203 p_sys
->ssh_session
= libssh2_session_init();
204 if( p_sys
->ssh_session
== NULL
)
208 while( ( i_ret
= libssh2_session_startup( p_sys
->ssh_session
, p_sys
->i_socket
) )
209 == LIBSSH2_ERROR_EAGAIN
);
214 /* Set the socket in non-blocking mode */
215 libssh2_session_set_blocking( p_sys
->ssh_session
, 1 );
219 msg_Err( p_access
, "Impossible to open the connection to %s:%i",
221 SSHSessionDestroy( p_access
);
226 * Connect to the sftp server and ask for a file
227 * @param p_this: the vlc_object
228 * @return VLC_SUCCESS if everything was fine
230 static int Open( vlc_object_t
* p_this
)
232 stream_t
* p_access
= (stream_t
*)p_this
;
234 vlc_credential credential
;
235 char* psz_path
= NULL
;
236 char *psz_session_username
= NULL
;
237 char* psz_home
= NULL
;
242 int i_result
= VLC_EGENERIC
;
244 if( !p_access
->psz_location
)
247 p_sys
= p_access
->p_sys
= vlc_obj_calloc( p_this
, 1, sizeof( access_sys_t
) );
248 if( !p_sys
) return VLC_ENOMEM
;
250 p_sys
->i_socket
= -1;
253 if( vlc_UrlParseFixup( &url
, p_access
->psz_url
) != 0 )
255 vlc_UrlClean( &url
);
258 vlc_credential_init( &credential
, &url
);
259 if( url
.psz_path
!= NULL
)
261 psz_path
= vlc_uri_decode_duplicate( url
.psz_path
);
262 if( psz_path
== NULL
)
266 /* Check for some parameters */
267 if( EMPTY_STR( url
.psz_host
) )
269 msg_Err( p_access
, "Unable to extract host from %s", p_access
->psz_url
);
273 if( url
.i_port
<= 0 )
274 i_port
= var_InheritInteger( p_access
, "sftp-port" );
278 /* Create the ssh connexion and wait until the server answer */
279 if( SSHSessionInit( p_access
, url
.psz_host
, i_port
) != VLC_SUCCESS
)
282 /* List the know hosts */
283 LIBSSH2_KNOWNHOSTS
*ssh_knownhosts
= libssh2_knownhost_init( p_sys
->ssh_session
);
284 if( !ssh_knownhosts
)
287 psz_home
= config_GetUserDir( VLC_HOME_DIR
);
288 char *psz_knownhosts_file
;
289 if( asprintf( &psz_knownhosts_file
, "%s/.ssh/known_hosts", psz_home
) != -1 )
291 if( libssh2_knownhost_readfile( ssh_knownhosts
, psz_knownhosts_file
,
292 LIBSSH2_KNOWNHOST_FILE_OPENSSH
) < 0 )
293 msg_Err( p_access
, "Failure reading known_hosts '%s'", psz_knownhosts_file
);
294 free( psz_knownhosts_file
);
297 const char *fingerprint
= libssh2_session_hostkey( p_sys
->ssh_session
, &i_len
, &i_type
);
298 struct libssh2_knownhost
*host
;
299 int knownhost_fingerprint_algo
;
303 case LIBSSH2_HOSTKEY_TYPE_RSA
:
304 knownhost_fingerprint_algo
= LIBSSH2_KNOWNHOST_KEY_SSHRSA
;
307 case LIBSSH2_HOSTKEY_TYPE_DSS
:
308 knownhost_fingerprint_algo
= LIBSSH2_KNOWNHOST_KEY_SSHDSS
;
310 #if LIBSSH2_VERSION_NUM >= 0x010900
311 case LIBSSH2_HOSTKEY_TYPE_ECDSA_256
:
312 knownhost_fingerprint_algo
= LIBSSH2_KNOWNHOST_KEY_ECDSA_256
;
315 case LIBSSH2_HOSTKEY_TYPE_ECDSA_384
:
316 knownhost_fingerprint_algo
= LIBSSH2_KNOWNHOST_KEY_ECDSA_384
;
319 case LIBSSH2_HOSTKEY_TYPE_ECDSA_521
:
320 knownhost_fingerprint_algo
= LIBSSH2_KNOWNHOST_KEY_ECDSA_521
;
324 msg_Err( p_access
, "Host uses unrecognized session-key algorithm" );
325 libssh2_knownhost_free( ssh_knownhosts
);
330 #if LIBSSH2_VERSION_NUM >= 0x010206
331 int check
= libssh2_knownhost_checkp( ssh_knownhosts
, url
.psz_host
, i_port
,
333 LIBSSH2_KNOWNHOST_TYPE_PLAIN
|
334 LIBSSH2_KNOWNHOST_KEYENC_RAW
|
335 knownhost_fingerprint_algo
,
338 int check
= libssh2_knownhost_check( ssh_knownhosts
, url
.psz_host
,
340 LIBSSH2_KNOWNHOST_TYPE_PLAIN
|
341 LIBSSH2_KNOWNHOST_KEYENC_RAW
|
342 knownhost_fingerprint_algo
,
346 libssh2_knownhost_free( ssh_knownhosts
);
348 /* Check that it does match or at least that the host is unknown */
351 case LIBSSH2_KNOWNHOST_CHECK_FAILURE
:
352 case LIBSSH2_KNOWNHOST_CHECK_NOTFOUND
:
353 msg_Dbg( p_access
, "Unable to check the remote host" );
355 case LIBSSH2_KNOWNHOST_CHECK_MATCH
:
356 msg_Dbg( p_access
, "Succesfuly matched the host" );
358 case LIBSSH2_KNOWNHOST_CHECK_MISMATCH
:
359 msg_Err( p_access
, "The host does not match !! The remote key changed !!" );
363 vlc_credential_get( &credential
, p_access
, "sftp-user", "sftp-pwd",
365 char* psz_userauthlist
= NULL
;
366 bool b_publickey_tried
= false;
369 if (!credential
.psz_username
|| !credential
.psz_username
[0])
372 if( !psz_session_username
)
374 psz_session_username
= strdup( credential
.psz_username
);
376 libssh2_userauth_list( p_sys
->ssh_session
, credential
.psz_username
,
377 strlen( credential
.psz_username
) );
379 else if( strcmp( psz_session_username
, credential
.psz_username
) != 0 )
381 msg_Warn( p_access
, "The username changed, starting a new ssh session" );
383 SSHSessionDestroy( p_access
);
384 if( SSHSessionInit( p_access
, url
.psz_host
, i_port
) != VLC_SUCCESS
)
387 b_publickey_tried
= false;
388 free( psz_session_username
);
389 psz_session_username
= strdup( credential
.psz_username
);
391 libssh2_userauth_list( p_sys
->ssh_session
, credential
.psz_username
,
392 strlen( credential
.psz_username
) );
394 if( !psz_session_username
|| !psz_userauthlist
)
397 /* TODO: Follow PreferredAuthentications in ssh_config */
399 if( strstr( psz_userauthlist
, "publickey" ) != NULL
&& !b_publickey_tried
)
401 /* Don't try public key multiple times to avoid getting black
403 b_publickey_tried
= true;
404 if( AuthKeyAgent( p_access
, credential
.psz_username
) == VLC_SUCCESS
405 || AuthPublicKey( p_access
, psz_home
, credential
.psz_username
) == VLC_SUCCESS
)
409 if( strstr( psz_userauthlist
, "password" ) != NULL
410 && credential
.psz_password
!= NULL
411 && libssh2_userauth_password( p_sys
->ssh_session
,
412 credential
.psz_username
,
413 credential
.psz_password
) == 0 )
415 vlc_credential_store( &credential
, p_access
);
419 msg_Warn( p_access
, "sftp auth failed for %s", credential
.psz_username
);
420 } while( vlc_credential_get( &credential
, p_access
, "sftp-user", "sftp-pwd",
421 _("SFTP authentication"),
422 _("Please enter a valid login and password for "
423 "the sftp connexion to %s"), url
.psz_host
) );
425 /* Create the sftp session */
426 p_sys
->sftp_session
= libssh2_sftp_init( p_sys
->ssh_session
);
428 if( !p_sys
->sftp_session
)
430 msg_Err( p_access
, "Unable to initialize the SFTP session" );
434 /* No path, default to user Home */
437 const size_t i_size
= 1024;
440 char* psz_remote_home
= malloc( i_size
);
441 if( !psz_remote_home
)
444 i_read
= libssh2_sftp_symlink_ex( p_sys
->sftp_session
, ".", 1,
445 psz_remote_home
, i_size
- 1,
446 LIBSSH2_SFTP_REALPATH
);
449 msg_Err( p_access
, "Impossible to get the Home directory" );
450 free( psz_remote_home
);
453 psz_remote_home
[i_read
] = '\0';
454 psz_path
= psz_remote_home
;
456 /* store base url for directory read */
457 char *base
= vlc_path2uri( psz_path
, "sftp" );
460 if( -1 == asprintf( &p_sys
->psz_base_url
, "sftp://%s%s", p_access
->psz_location
, base
+ 7 ) )
468 /* Get some information */
469 LIBSSH2_SFTP_ATTRIBUTES attributes
;
470 if( libssh2_sftp_stat( p_sys
->sftp_session
, psz_path
, &attributes
) )
472 msg_Err( p_access
, "Impossible to get information about the remote path %s", psz_path
);
476 if( !LIBSSH2_SFTP_S_ISDIR( attributes
.permissions
))
478 /* Open the given file */
479 p_sys
->file
= libssh2_sftp_open( p_sys
->sftp_session
, psz_path
, LIBSSH2_FXF_READ
, 0 );
480 p_sys
->filesize
= attributes
.filesize
;
482 ACCESS_SET_CALLBACKS( Read
, NULL
, Control
, Seek
);
486 /* Open the given directory */
487 p_sys
->file
= libssh2_sftp_opendir( p_sys
->sftp_session
, psz_path
);
489 p_access
->pf_readdir
= DirRead
;
490 p_access
->pf_control
= access_vaDirectoryControlHelper
;
492 if( !p_sys
->psz_base_url
)
494 if( asprintf( &p_sys
->psz_base_url
, "sftp://%s", p_access
->psz_location
) == -1 )
497 /* trim trailing '/' */
498 size_t len
= strlen( p_sys
->psz_base_url
);
499 if( len
> 0 && p_sys
->psz_base_url
[ len
- 1 ] == '/' )
500 p_sys
->psz_base_url
[ len
- 1 ] = 0;
506 msg_Err( p_access
, "Unable to open the remote path %s", psz_path
);
510 i_result
= VLC_SUCCESS
;
514 free( psz_session_username
);
516 vlc_credential_clean( &credential
);
517 vlc_UrlClean( &url
);
518 if( i_result
!= VLC_SUCCESS
) {
525 /* Close: quit the module */
526 static void Close( vlc_object_t
* p_this
)
528 stream_t
* p_access
= (stream_t
*)p_this
;
529 access_sys_t
* p_sys
= p_access
->p_sys
;
532 libssh2_sftp_close_handle( p_sys
->file
);
533 if( p_sys
->sftp_session
)
534 libssh2_sftp_shutdown( p_sys
->sftp_session
);
535 SSHSessionDestroy( p_access
);
537 free( p_sys
->psz_base_url
);
541 static ssize_t
Read( stream_t
*p_access
, void *buf
, size_t len
)
543 access_sys_t
*p_sys
= p_access
->p_sys
;
545 ssize_t val
= libssh2_sftp_read( p_sys
->file
, buf
, len
);
548 msg_Err( p_access
, "read failed" );
556 static int Seek( stream_t
* p_access
, uint64_t i_pos
)
558 access_sys_t
*sys
= p_access
->p_sys
;
560 libssh2_sftp_seek( sys
->file
, i_pos
);
565 static int Control( stream_t
* p_access
, int i_query
, va_list args
)
567 access_sys_t
*sys
= p_access
->p_sys
;
572 case STREAM_CAN_SEEK
:
573 pb_bool
= va_arg( args
, bool * );
577 case STREAM_CAN_FASTSEEK
:
578 pb_bool
= va_arg( args
, bool * );
582 case STREAM_CAN_PAUSE
:
583 case STREAM_CAN_CONTROL_PACE
:
584 pb_bool
= va_arg( args
, bool * );
588 case STREAM_GET_SIZE
:
589 if( p_access
->pf_readdir
!= NULL
)
591 *va_arg( args
, uint64_t * ) = sys
->filesize
;
594 case STREAM_GET_PTS_DELAY
:
595 *va_arg( args
, vlc_tick_t
* ) =
596 VLC_TICK_FROM_MS(var_InheritInteger( p_access
, "network-caching" ));
599 case STREAM_SET_PAUSE_STATE
:
610 /*****************************************************************************
612 *****************************************************************************/
614 static int DirRead (stream_t
*p_access
, input_item_node_t
*p_current_node
)
616 access_sys_t
*p_sys
= p_access
->p_sys
;
617 LIBSSH2_SFTP_ATTRIBUTES attrs
;
618 int i_ret
= VLC_SUCCESS
;
620 /* Allocate 1024 bytes for file name. Longer names are skipped.
621 * libssh2 does not support seeking in directory streams.
622 * Retrying with larger buffer is possible, but would require
623 * re-opening the directory stream.
625 size_t i_size
= 1024;
626 char *psz_file
= malloc( i_size
);
631 struct vlc_readdir_helper rdh
;
632 vlc_readdir_helper_init( &rdh
, p_access
, p_current_node
);
634 while( i_ret
== VLC_SUCCESS
635 && 0 != ( err
= libssh2_sftp_readdir( p_sys
->file
, psz_file
, i_size
, &attrs
) ) )
639 if( err
== LIBSSH2_ERROR_BUFFER_TOO_SMALL
)
641 /* seeking back is not possible ... */
642 msg_Dbg( p_access
, "skipped too long file name" );
645 if( err
== LIBSSH2_ERROR_EAGAIN
)
649 msg_Err( p_access
, "directory read failed" );
653 /* Create an input item for the current entry */
655 char *psz_full_uri
, *psz_uri
;
657 psz_uri
= vlc_uri_encode( psz_file
);
658 if( psz_uri
== NULL
)
664 if( asprintf( &psz_full_uri
, "%s/%s", p_sys
->psz_base_url
, psz_uri
) == -1 )
672 int i_type
= LIBSSH2_SFTP_S_ISDIR( attrs
.permissions
) ? ITEM_TYPE_DIRECTORY
: ITEM_TYPE_FILE
;
673 i_ret
= vlc_readdir_helper_additem( &rdh
, psz_full_uri
, NULL
, psz_file
,
675 free( psz_full_uri
);
678 vlc_readdir_helper_finish( &rdh
, i_ret
== VLC_SUCCESS
);