/* * Copyright (C) the libgit2 contributors. All rights reserved. * * This file is part of libgit2, distributed under the GNU GPL v2 with * a Linking Exception. For full terms see the included COPYING file. */ #ifndef INCLUDE_git_transport_h__ #define INCLUDE_git_transport_h__ #include "indexer.h" #include "net.h" #include "types.h" /** * @file git2/transport.h * @brief Git transport interfaces and functions * @defgroup git_transport interfaces and functions * @ingroup Git * @{ */ GIT_BEGIN_DECL /** Signature of a function which creates a transport */ typedef int (*git_transport_cb)(git_transport **out, git_remote *owner, void *param); /** * Type of SSH host fingerprint */ typedef enum { /** MD5 is available */ GIT_CERT_SSH_MD5 = (1 << 0), /** SHA-1 is available */ GIT_CERT_SSH_SHA1 = (1 << 1), } git_cert_ssh_t; /** * Hostkey information taken from libssh2 */ typedef struct { git_cert parent; /** * A hostkey type from libssh2, either * `GIT_CERT_SSH_MD5` or `GIT_CERT_SSH_SHA1` */ git_cert_ssh_t type; /** * Hostkey hash. If type has `GIT_CERT_SSH_MD5` set, this will * have the MD5 hash of the hostkey. */ unsigned char hash_md5[16]; /** * Hostkey hash. If type has `GIT_CERT_SSH_SHA1` set, this will * have the SHA-1 hash of the hostkey. */ unsigned char hash_sha1[20]; } git_cert_hostkey; /** * X.509 certificate information */ typedef struct { git_cert parent; /** * Pointer to the X.509 certificate data */ void *data; /** * Length of the memory block pointed to by `data`. */ size_t len; } git_cert_x509; /* *** Begin interface for credentials acquisition *** */ /** Authentication type requested */ typedef enum { /* git_cred_userpass_plaintext */ GIT_CREDTYPE_USERPASS_PLAINTEXT = (1u << 0), /* git_cred_ssh_key */ GIT_CREDTYPE_SSH_KEY = (1u << 1), /* git_cred_ssh_custom */ GIT_CREDTYPE_SSH_CUSTOM = (1u << 2), /* git_cred_default */ GIT_CREDTYPE_DEFAULT = (1u << 3), /* git_cred_ssh_interactive */ GIT_CREDTYPE_SSH_INTERACTIVE = (1u << 4), /** * Username-only information * * If the SSH transport does not know which username to use, * it will ask via this credential type. */ GIT_CREDTYPE_USERNAME = (1u << 5), /** * Credentials read from memory. * * Only available for libssh2+OpenSSL for now. */ GIT_CREDTYPE_SSH_MEMORY = (1u << 6), } git_credtype_t; /* The base structure for all credential types */ typedef struct git_cred git_cred; struct git_cred { git_credtype_t credtype; void (*free)(git_cred *cred); }; /** A plaintext username and password */ typedef struct { git_cred parent; char *username; char *password; } git_cred_userpass_plaintext; /* * If the user hasn't included libssh2.h before git2.h, we need to * define a few types for the callback signatures. */ #ifndef LIBSSH2_VERSION typedef struct _LIBSSH2_SESSION LIBSSH2_SESSION; typedef struct _LIBSSH2_USERAUTH_KBDINT_PROMPT LIBSSH2_USERAUTH_KBDINT_PROMPT; typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE LIBSSH2_USERAUTH_KBDINT_RESPONSE; #endif typedef int (*git_cred_sign_callback)(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, const unsigned char *data, size_t data_len, void **abstract); typedef void (*git_cred_ssh_interactive_callback)(const char* name, int name_len, const char* instruction, int instruction_len, int num_prompts, const LIBSSH2_USERAUTH_KBDINT_PROMPT* prompts, LIBSSH2_USERAUTH_KBDINT_RESPONSE* responses, void **abstract); /** * A ssh key from disk */ typedef struct git_cred_ssh_key { git_cred parent; char *username; char *publickey; char *privatekey; char *passphrase; } git_cred_ssh_key; /** * Keyboard-interactive based ssh authentication */ typedef struct git_cred_ssh_interactive { git_cred parent; char *username; git_cred_ssh_interactive_callback prompt_callback; void *payload; } git_cred_ssh_interactive; /** * A key with a custom signature function */ typedef struct git_cred_ssh_custom { git_cred parent; char *username; char *publickey; size_t publickey_len; git_cred_sign_callback sign_callback; void *payload; } git_cred_ssh_custom; /** A key for NTLM/Kerberos "default" credentials */ typedef struct git_cred git_cred_default; /** Username-only credential information */ typedef struct git_cred_username { git_cred parent; char username[1]; } git_cred_username; /** * Check whether a credential object contains username information. * * @param cred object to check * @return 1 if the credential object has non-NULL username, 0 otherwise */ GIT_EXTERN(int) git_cred_has_username(git_cred *cred); /** * Create a new plain-text username and password credential object. * The supplied credential parameter will be internally duplicated. * * @param out The newly created credential object. * @param username The username of the credential. * @param password The password of the credential. * @return 0 for success or an error code for failure */ GIT_EXTERN(int) git_cred_userpass_plaintext_new( git_cred **out, const char *username, const char *password); /** * Create a new passphrase-protected ssh key credential object. * The supplied credential parameter will be internally duplicated. * * @param out The newly created credential object. * @param username username to use to authenticate * @param publickey The path to the public key of the credential. * @param privatekey The path to the private key of the credential. * @param passphrase The passphrase of the credential. * @return 0 for success or an error code for failure */ GIT_EXTERN(int) git_cred_ssh_key_new( git_cred **out, const char *username, const char *publickey, const char *privatekey, const char *passphrase); /** * Create a new ssh keyboard-interactive based credential object. * The supplied credential parameter will be internally duplicated. * * @param username Username to use to authenticate. * @param prompt_callback The callback method used for prompts. * @param payload Additional data to pass to the callback. * @return 0 for success or an error code for failure. */ GIT_EXTERN(int) git_cred_ssh_interactive_new( git_cred **out, const char *username, git_cred_ssh_interactive_callback prompt_callback, void *payload); /** * Create a new ssh key credential object used for querying an ssh-agent. * The supplied credential parameter will be internally duplicated. * * @param out The newly created credential object. * @param username username to use to authenticate * @return 0 for success or an error code for failure */ GIT_EXTERN(int) git_cred_ssh_key_from_agent( git_cred **out, const char *username); /** * Create an ssh key credential with a custom signing function. * * This lets you use your own function to sign the challenge. * * This function and its credential type is provided for completeness * and wraps `libssh2_userauth_publickey()`, which is undocumented. * * The supplied credential parameter will be internally duplicated. * * @param out The newly created credential object. * @param username username to use to authenticate * @param publickey The bytes of the public key. * @param publickey_len The length of the public key in bytes. * @param sign_callback The callback method to sign the data during the challenge. * @param payload Additional data to pass to the callback. * @return 0 for success or an error code for failure */ GIT_EXTERN(int) git_cred_ssh_custom_new( git_cred **out, const char *username, const char *publickey, size_t publickey_len, git_cred_sign_callback sign_callback, void *payload); /** * Create a "default" credential usable for Negotiate mechanisms like NTLM * or Kerberos authentication. * * @return 0 for success or an error code for failure */ GIT_EXTERN(int) git_cred_default_new(git_cred **out); /** * Create a credential to specify a username. * * This is used with ssh authentication to query for the username if * none is specified in the url. */ GIT_EXTERN(int) git_cred_username_new(git_cred **cred, const char *username); /** * Create a new ssh key credential object reading the keys from memory. * * @param out The newly created credential object. * @param username username to use to authenticate. * @param publickey The public key of the credential. * @param privatekey The private key of the credential. * @param passphrase The passphrase of the credential. * @return 0 for success or an error code for failure */ GIT_EXTERN(int) git_cred_ssh_key_memory_new( git_cred **out, const char *username, const char *publickey, const char *privatekey, const char *passphrase); /** * Free a credential. * * This is only necessary if you own the object; that is, if you are a * transport. * * @param cred the object to free */ GIT_EXTERN(void) git_cred_free(git_cred *cred); /** * Signature of a function which acquires a credential object. * * - cred: The newly created credential object. * - url: The resource for which we are demanding a credential. * - username_from_url: The username that was embedded in a "user\@host" * remote url, or NULL if not included. * - allowed_types: A bitmask stating which cred types are OK to return. * - payload: The payload provided when specifying this callback. * - returns 0 for success, < 0 to indicate an error, > 0 to indicate * no credential was acquired */ typedef int (*git_cred_acquire_cb)( git_cred **cred, const char *url, const char *username_from_url, unsigned int allowed_types, void *payload); /** @} */ GIT_END_DECL #endif