[libgit2.git] / include / git2 / transport.h

/*
 * Copyright (C) the libgit2 contributors. All rights reserved.
 *
 * This file is part of libgit2, distributed under the GNU GPL v2 with
 * a Linking Exception. For full terms see the included COPYING file.
 */
#ifndef INCLUDE_git_transport_h__
#define INCLUDE_git_transport_h__

#include "indexer.h"
#include "net.h"
#include "types.h"

/**
 * @file git2/transport.h
 * @brief Git transport interfaces and functions
 * @defgroup git_transport interfaces and functions
 * @ingroup Git
 * @{
 */
GIT_BEGIN_DECL

/** Signature of a function which creates a transport */
typedef int (*git_transport_cb)(git_transport **out, git_remote *owner, void *param);

/**
 * Type of SSH host fingerprint
 */
typedef enum {
	/** MD5 is available */
	GIT_CERT_SSH_MD5 = (1 << 0),
	/** SHA-1 is available */
	GIT_CERT_SSH_SHA1 = (1 << 1),
} git_cert_ssh_t;

/**
 * Hostkey information taken from libssh2
 */
typedef struct {
	git_cert parent;

	/**
	 * A hostkey type from libssh2, either
	 * `GIT_CERT_SSH_MD5` or `GIT_CERT_SSH_SHA1`
	 */
	git_cert_ssh_t type;

	/**
	 * Hostkey hash. If type has `GIT_CERT_SSH_MD5` set, this will
	 * have the MD5 hash of the hostkey.
	 */
	unsigned char hash_md5[16];

	/**
	 * Hostkey hash. If type has `GIT_CERT_SSH_SHA1` set, this will
	 * have the SHA-1 hash of the hostkey.
	 */
	unsigned char hash_sha1[20];
} git_cert_hostkey;

/**
 * X.509 certificate information
 */
typedef struct {
	git_cert parent;
	/**
	 * Pointer to the X.509 certificate data
	 */
	void *data;
	/**
	 * Length of the memory block pointed to by `data`.
	 */
	size_t len;
} git_cert_x509;

/*
 *** Begin interface for credentials acquisition ***
 */

/** Authentication type requested */
typedef enum {
	/* git_cred_userpass_plaintext */
	GIT_CREDTYPE_USERPASS_PLAINTEXT = (1u << 0),

	/* git_cred_ssh_key */
	GIT_CREDTYPE_SSH_KEY = (1u << 1),

	/* git_cred_ssh_custom */
	GIT_CREDTYPE_SSH_CUSTOM = (1u << 2),

	/* git_cred_default */
	GIT_CREDTYPE_DEFAULT = (1u << 3),

	/* git_cred_ssh_interactive */
	GIT_CREDTYPE_SSH_INTERACTIVE = (1u << 4),

	/**
	 * Username-only information
	 *
	 * If the SSH transport does not know which username to use,
	 * it will ask via this credential type.
	 */
	GIT_CREDTYPE_USERNAME = (1u << 5),

	/**
	 * Credentials read from memory.
	 *
	 * Only available for libssh2+OpenSSL for now.
	 */
	GIT_CREDTYPE_SSH_MEMORY = (1u << 6),
} git_credtype_t;

/* The base structure for all credential types */
typedef struct git_cred git_cred;

struct git_cred {
	git_credtype_t credtype;
	void (*free)(git_cred *cred);
};

/** A plaintext username and password */
typedef struct {
	git_cred parent;
	char *username;
	char *password;
} git_cred_userpass_plaintext;


/*
 * If the user hasn't included libssh2.h before git2.h, we need to
 * define a few types for the callback signatures.
 */
#ifndef LIBSSH2_VERSION
typedef struct _LIBSSH2_SESSION LIBSSH2_SESSION;
typedef struct _LIBSSH2_USERAUTH_KBDINT_PROMPT LIBSSH2_USERAUTH_KBDINT_PROMPT;
typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE LIBSSH2_USERAUTH_KBDINT_RESPONSE;
#endif

typedef int (*git_cred_sign_callback)(LIBSSH2_SESSION *session, unsigned char **sig, size_t *sig_len, const unsigned char *data, size_t data_len, void **abstract);
typedef void (*git_cred_ssh_interactive_callback)(const char* name, int name_len, const char* instruction, int instruction_len, int num_prompts, const LIBSSH2_USERAUTH_KBDINT_PROMPT* prompts, LIBSSH2_USERAUTH_KBDINT_RESPONSE* responses, void **abstract);

/**
 * A ssh key from disk
 */
typedef struct git_cred_ssh_key {
	git_cred parent;
	char *username;
	char *publickey;
	char *privatekey;
	char *passphrase;
} git_cred_ssh_key;

/**
 * Keyboard-interactive based ssh authentication
 */
typedef struct git_cred_ssh_interactive {
	git_cred parent;
	char *username;
	git_cred_ssh_interactive_callback prompt_callback;
	void *payload;
} git_cred_ssh_interactive;

/**
 * A key with a custom signature function
 */
typedef struct git_cred_ssh_custom {
	git_cred parent;
	char *username;
	char *publickey;
	size_t publickey_len;
	git_cred_sign_callback sign_callback;
	void *payload;
} git_cred_ssh_custom;

/** A key for NTLM/Kerberos "default" credentials */
typedef struct git_cred git_cred_default;

/** Username-only credential information */
typedef struct git_cred_username {
	git_cred parent;
	char username[1];
} git_cred_username;

/**
 * Check whether a credential object contains username information.
 *
 * @param cred object to check
 * @return 1 if the credential object has non-NULL username, 0 otherwise
 */
GIT_EXTERN(int) git_cred_has_username(git_cred *cred);

/**
 * Create a new plain-text username and password credential object.
 * The supplied credential parameter will be internally duplicated.
 *
 * @param out The newly created credential object.
 * @param username The username of the credential.
 * @param password The password of the credential.
 * @return 0 for success or an error code for failure
 */
GIT_EXTERN(int) git_cred_userpass_plaintext_new(
	git_cred **out,
	const char *username,
	const char *password);

/**
 * Create a new passphrase-protected ssh key credential object.
 * The supplied credential parameter will be internally duplicated.
 *
 * @param out The newly created credential object.
 * @param username username to use to authenticate
 * @param publickey The path to the public key of the credential.
 * @param privatekey The path to the private key of the credential.
 * @param passphrase The passphrase of the credential.
 * @return 0 for success or an error code for failure
 */
GIT_EXTERN(int) git_cred_ssh_key_new(
	git_cred **out,
	const char *username,
	const char *publickey,
	const char *privatekey,
	const char *passphrase);

/**
 * Create a new ssh keyboard-interactive based credential object.
 * The supplied credential parameter will be internally duplicated.
 *
 * @param username Username to use to authenticate.
 * @param prompt_callback The callback method used for prompts.
 * @param payload Additional data to pass to the callback.
 * @return 0 for success or an error code for failure.
 */
GIT_EXTERN(int) git_cred_ssh_interactive_new(
	git_cred **out,
	const char *username,
	git_cred_ssh_interactive_callback prompt_callback,
	void *payload);

/**
 * Create a new ssh key credential object used for querying an ssh-agent.
 * The supplied credential parameter will be internally duplicated.
 *
 * @param out The newly created credential object.
 * @param username username to use to authenticate
 * @return 0 for success or an error code for failure
 */
GIT_EXTERN(int) git_cred_ssh_key_from_agent(
	git_cred **out,
	const char *username);

/**
 * Create an ssh key credential with a custom signing function.
 *
 * This lets you use your own function to sign the challenge.
 *
 * This function and its credential type is provided for completeness
 * and wraps `libssh2_userauth_publickey()`, which is undocumented.
 *
 * The supplied credential parameter will be internally duplicated.
 *
 * @param out The newly created credential object.
 * @param username username to use to authenticate
 * @param publickey The bytes of the public key.
 * @param publickey_len The length of the public key in bytes.
 * @param sign_callback The callback method to sign the data during the challenge.
 * @param payload Additional data to pass to the callback.
 * @return 0 for success or an error code for failure
 */
GIT_EXTERN(int) git_cred_ssh_custom_new(
	git_cred **out,
	const char *username,
	const char *publickey,
	size_t publickey_len,
	git_cred_sign_callback sign_callback,
	void *payload);

/**
 * Create a "default" credential usable for Negotiate mechanisms like NTLM
 * or Kerberos authentication.
 *
 * @return 0 for success or an error code for failure
 */
GIT_EXTERN(int) git_cred_default_new(git_cred **out);

/**
 * Create a credential to specify a username.
 *
 * This is used with ssh authentication to query for the username if
 * none is specified in the url.
 */
GIT_EXTERN(int) git_cred_username_new(git_cred **cred, const char *username);

/**
 * Create a new ssh key credential object reading the keys from memory.
 *
 * @param out The newly created credential object.
 * @param username username to use to authenticate.
 * @param publickey The public key of the credential.
 * @param privatekey The private key of the credential.
 * @param passphrase The passphrase of the credential.
 * @return 0 for success or an error code for failure
 */
GIT_EXTERN(int) git_cred_ssh_key_memory_new(
	git_cred **out,
	const char *username,
	const char *publickey,
	const char *privatekey,
	const char *passphrase);


/**
 * Free a credential.
 *
 * This is only necessary if you own the object; that is, if you are a
 * transport.
 *
 * @param cred the object to free
 */
GIT_EXTERN(void) git_cred_free(git_cred *cred);

/**
 * Signature of a function which acquires a credential object.
 *
 * @param cred The newly created credential object.
 * @param url The resource for which we are demanding a credential.
 * @param username_from_url The username that was embedded in a "user\@host"
 *                          remote url, or NULL if not included.
 * @param allowed_types A bitmask stating which cred types are OK to return.
 * @param payload The payload provided when specifying this callback.
 * @return 0 for success, < 0 to indicate an error, > 0 to indicate
 *       no credential was acquired
 */
typedef int (*git_cred_acquire_cb)(
	git_cred **cred,
	const char *url,
	const char *username_from_url,
	unsigned int allowed_types,
	void *payload);

/** @} */
GIT_END_DECL
#endif
Commit	Line	Data
41fb1ca0	1	/*
359fc2d2	2	* Copyright (C) the libgit2 contributors. All rights reserved.
41fb1ca0 PK	3	*
	4	* This file is part of libgit2, distributed under the GNU GPL v2 with
	5	* a Linking Exception. For full terms see the included COPYING file.
	6	*/
	7	#ifndef INCLUDE_git_transport_h__
	8	#define INCLUDE_git_transport_h__
	9
	10	#include "indexer.h"
	11	#include "net.h"
613d5eb9	12	#include "types.h"
41fb1ca0 PK	13
	14	/**
	15	* @file git2/transport.h
	16	* @brief Git transport interfaces and functions
	17	* @defgroup git_transport interfaces and functions
	18	* @ingroup Git
	19	* @{
	20	*/
	21	GIT_BEGIN_DECL
	22
058b753c CMN	23	/** Signature of a function which creates a transport */
	24	typedef int (git_transport_cb)(git_transport out, git_remote owner, void *param);
	25
286369a8 CMN	26	/**
	27	* Type of SSH host fingerprint
	28	*/
	29	typedef enum {
1e0aa105 CMN	30	/** MD5 is available */
	31	GIT_CERT_SSH_MD5 = (1 << 0),
	32	/** SHA-1 is available */
	33	GIT_CERT_SSH_SHA1 = (1 << 1),
	34	} git_cert_ssh_t;
286369a8	35
9b940586 CMN	36	/**
	37	* Hostkey information taken from libssh2
	38	*/
	39	typedef struct {
79698030 ET	40	git_cert parent;
79698030 ET	41
0782fc43	42	/**
79698030 ET	43	* A hostkey type from libssh2, either
79698030 ET	44	* `GIT_CERT_SSH_MD5` or `GIT_CERT_SSH_SHA1`
0782fc43	45	*/
1e0aa105 CMN	46	git_cert_ssh_t type;
1e0aa105 CMN	47
79698030 ET	48	/**
	49	* Hostkey hash. If type has `GIT_CERT_SSH_MD5` set, this will
	50	* have the MD5 hash of the hostkey.
	51	*/
1e0aa105 CMN	52	unsigned char hash_md5[16];
1e0aa105 CMN	53
79698030 ET	54	/**
	55	* Hostkey hash. If type has `GIT_CERT_SSH_SHA1` set, this will
	56	* have the SHA-1 hash of the hostkey.
	57	*/
	58	unsigned char hash_sha1[20];
9b940586 CMN	59	} git_cert_hostkey;
9b940586 CMN	60
0782fc43 CMN	61	/**
	62	* X.509 certificate information
	63	*/
	64	typedef struct {
79698030	65	git_cert parent;
0782fc43 CMN	66	/**
	67	* Pointer to the X.509 certificate data
	68	*/
	69	void *data;
	70	/**
	71	* Length of the memory block pointed to by `data`.
	72	*/
	73	size_t len;
	74	} git_cert_x509;
	75
9b940586 CMN	76	/*
	77	* Begin interface for credentials acquisition *
	78	*/
	79
2648dc1a	80	/** Authentication type requested */
091361f5 PK	81	typedef enum {
091361f5 PK	82	/* git_cred_userpass_plaintext */
84efffc3	83	GIT_CREDTYPE_USERPASS_PLAINTEXT = (1u << 0),
2648dc1a	84
70a8c78f CMN	85	/* git_cred_ssh_key */
70a8c78f CMN	86	GIT_CREDTYPE_SSH_KEY = (1u << 1),
2648dc1a	87
70a8c78f	88	/* git_cred_ssh_custom */
84efffc3 ET	89	GIT_CREDTYPE_SSH_CUSTOM = (1u << 2),
	90
	91	/* git_cred_default */
	92	GIT_CREDTYPE_DEFAULT = (1u << 3),
478408c0 JG	93
	94	/* git_cred_ssh_interactive */
	95	GIT_CREDTYPE_SSH_INTERACTIVE = (1u << 4),
54da6958 CMN	96
	97	/**
	98	* Username-only information
	99	*
	100	* If the SSH transport does not know which username to use,
	101	* it will ask via this credential type.
	102	*/
	103	GIT_CREDTYPE_USERNAME = (1u << 5),
7a8b8503	104
7a8b8503 DC	105	/**
	106	* Credentials read from memory.
	107	*
	108	* Only available for libssh2+OpenSSL for now.
	109	*/
	110	GIT_CREDTYPE_SSH_MEMORY = (1u << 6),
091361f5 PK	111	} git_credtype_t;
	112
	113	/* The base structure for all credential types */
a3c062db RB	114	typedef struct git_cred git_cred;
	115
	116	struct git_cred {
091361f5	117	git_credtype_t credtype;
a3c062db RB	118	void (free)(git_cred cred);
a3c062db RB	119	};
091361f5	120
84efffc3	121	/** A plaintext username and password */
a3c062db	122	typedef struct {
091361f5 PK	123	git_cred parent;
	124	char *username;
	125	char *password;
	126	} git_cred_userpass_plaintext;
	127
00b8c216	128
eac63e67	129	/*
00b8c216 CMN	130	* If the user hasn't included libssh2.h before git2.h, we need to
00b8c216 CMN	131	* define a few types for the callback signatures.
eac63e67	132	*/
00b8c216 CMN	133	#ifndef LIBSSH2_VERSION
	134	typedef struct _LIBSSH2_SESSION LIBSSH2_SESSION;
	135	typedef struct _LIBSSH2_USERAUTH_KBDINT_PROMPT LIBSSH2_USERAUTH_KBDINT_PROMPT;
	136	typedef struct _LIBSSH2_USERAUTH_KBDINT_RESPONSE LIBSSH2_USERAUTH_KBDINT_RESPONSE;
a3c062db	137	#endif
b4d81a00	138
00b8c216	139	typedef int (git_cred_sign_callback)(LIBSSH2_SESSION session, unsigned char *sig, size_t sig_len, const unsigned char data, size_t data_len, void *abstract);
268dafa2	140	typedef void (git_cred_ssh_interactive_callback)(const char name, int name_len, const char* instruction, int instruction_len, int num_prompts, const LIBSSH2_USERAUTH_KBDINT_PROMPT* prompts, LIBSSH2_USERAUTH_KBDINT_RESPONSE* responses, void **abstract);
b4d81a00	141
70a8c78f CMN	142	/**
	143	* A ssh key from disk
	144	*/
	145	typedef struct git_cred_ssh_key {
f7158cd7	146	git_cred parent;
7affc2f7	147	char *username;
f7158cd7 BM	148	char *publickey;
	149	char *privatekey;
	150	char *passphrase;
70a8c78f	151	} git_cred_ssh_key;
f7158cd7	152
478408c0 JG	153	/**
	154	* Keyboard-interactive based ssh authentication
	155	*/
	156	typedef struct git_cred_ssh_interactive {
	157	git_cred parent;
	158	char *username;
043112dc	159	git_cred_ssh_interactive_callback prompt_callback;
478408c0 JG	160	void *payload;
	161	} git_cred_ssh_interactive;
	162
70a8c78f CMN	163	/**
	164	* A key with a custom signature function
	165	*/
	166	typedef struct git_cred_ssh_custom {
c36565c0	167	git_cred parent;
7affc2f7	168	char *username;
c36565c0	169	char *publickey;
7affc2f7	170	size_t publickey_len;
043112dc	171	git_cred_sign_callback sign_callback;
8ec0a552	172	void *payload;
70a8c78f	173	} git_cred_ssh_custom;
c36565c0	174
84efffc3 ET	175	/** A key for NTLM/Kerberos "default" credentials */
	176	typedef struct git_cred git_cred_default;
	177
54da6958 CMN	178	/** Username-only credential information */
	179	typedef struct git_cred_username {
	180	git_cred parent;
	181	char username[1];
	182	} git_cred_username;
	183
7affc2f7 CMN	184	/**
	185	* Check whether a credential object contains username information.
	186	*
	187	* @param cred object to check
	188	* @return 1 if the credential object has non-NULL username, 0 otherwise
	189	*/
	190	GIT_EXTERN(int) git_cred_has_username(git_cred *cred);
	191
091361f5	192	/**
70a8c78f	193	* Create a new plain-text username and password credential object.
62d4fa23	194	* The supplied credential parameter will be internally duplicated.
091361f5	195	*
336d1275	196	* @param out The newly created credential object.
091361f5 PK	197	* @param username The username of the credential.
091361f5 PK	198	* @param password The password of the credential.
62d4fa23	199	* @return 0 for success or an error code for failure
091361f5 PK	200	*/
091361f5 PK	201	GIT_EXTERN(int) git_cred_userpass_plaintext_new(
336d1275	202	git_cred **out,
091361f5 PK	203	const char *username,
	204	const char *password);
	205
f7158cd7	206	/**
70a8c78f	207	* Create a new passphrase-protected ssh key credential object.
f7158cd7 BM	208	* The supplied credential parameter will be internally duplicated.
	209	*
	210	* @param out The newly created credential object.
7affc2f7	211	* @param username username to use to authenticate
f7158cd7 BM	212	* @param publickey The path to the public key of the credential.
	213	* @param privatekey The path to the private key of the credential.
	214	* @param passphrase The passphrase of the credential.
	215	* @return 0 for success or an error code for failure
	216	*/
70a8c78f	217	GIT_EXTERN(int) git_cred_ssh_key_new(
f7158cd7	218	git_cred **out,
7affc2f7	219	const char *username,
f7158cd7 BM	220	const char *publickey,
f7158cd7 BM	221	const char *privatekey,
70a8c78f	222	const char *passphrase);
f7158cd7	223
478408c0 JG	224	/**
	225	* Create a new ssh keyboard-interactive based credential object.
	226	* The supplied credential parameter will be internally duplicated.
	227	*
	228	* @param username Username to use to authenticate.
	229	* @param prompt_callback The callback method used for prompts.
	230	* @param payload Additional data to pass to the callback.
	231	* @return 0 for success or an error code for failure.
	232	*/
	233	GIT_EXTERN(int) git_cred_ssh_interactive_new(
	234	git_cred **out,
	235	const char *username,
	236	git_cred_ssh_interactive_callback prompt_callback,
	237	void *payload);
	238
138e014c AG	239	/**
	240	* Create a new ssh key credential object used for querying an ssh-agent.
	241	* The supplied credential parameter will be internally duplicated.
	242	*
	243	* @param out The newly created credential object.
	244	* @param username username to use to authenticate
	245	* @return 0 for success or an error code for failure
	246	*/
	247	GIT_EXTERN(int) git_cred_ssh_key_from_agent(
	248	git_cred **out,
	249	const char *username);
	250
c36565c0	251	/**
70a8c78f CMN	252	* Create an ssh key credential with a custom signing function.
	253	*
	254	* This lets you use your own function to sign the challenge.
	255	*
	256	* This function and its credential type is provided for completeness
	257	* and wraps `libssh2_userauth_publickey()`, which is undocumented.
	258	*
c36565c0 BM	259	* The supplied credential parameter will be internally duplicated.
	260	*
	261	* @param out The newly created credential object.
7affc2f7	262	* @param username username to use to authenticate
c36565c0 BM	263	* @param publickey The bytes of the public key.
c36565c0 BM	264	* @param publickey_len The length of the public key in bytes.
8ec0a552 JG	265	* @param sign_callback The callback method to sign the data during the challenge.
8ec0a552 JG	266	* @param payload Additional data to pass to the callback.
c36565c0 BM	267	* @return 0 for success or an error code for failure
c36565c0 BM	268	*/
70a8c78f	269	GIT_EXTERN(int) git_cred_ssh_custom_new(
c36565c0	270	git_cred **out,
7affc2f7	271	const char *username,
c36565c0	272	const char *publickey,
2648dc1a	273	size_t publickey_len,
8ec0a552 JG	274	git_cred_sign_callback sign_callback,
8ec0a552 JG	275	void *payload);
c36565c0	276
84efffc3 ET	277	/**
	278	* Create a "default" credential usable for Negotiate mechanisms like NTLM
	279	* or Kerberos authentication.
	280	*
	281	* @return 0 for success or an error code for failure
	282	*/
	283	GIT_EXTERN(int) git_cred_default_new(git_cred **out);
	284
d1c281a5 CMN	285	/**
	286	* Create a credential to specify a username.
	287	*
	288	* This is used with ssh authentication to query for the username if
	289	* none is specified in the url.
	290	*/
	291	GIT_EXTERN(int) git_cred_username_new(git_cred *cred, const char username);
	292
7a8b8503 DC	293	/**
	294	* Create a new ssh key credential object reading the keys from memory.
	295	*
	296	* @param out The newly created credential object.
	297	* @param username username to use to authenticate.
	298	* @param publickey The public key of the credential.
	299	* @param privatekey The private key of the credential.
	300	* @param passphrase The passphrase of the credential.
	301	* @return 0 for success or an error code for failure
	302	*/
	303	GIT_EXTERN(int) git_cred_ssh_key_memory_new(
	304	git_cred **out,
	305	const char *username,
	306	const char *publickey,
	307	const char *privatekey,
	308	const char *passphrase);
7a8b8503	309
57af0b92 CMN	310
	311	/**
	312	* Free a credential.
	313	*
	314	* This is only necessary if you own the object; that is, if you are a
	315	* transport.
	316	*
	317	* @param cred the object to free
	318	*/
	319	GIT_EXTERN(void) git_cred_free(git_cred *cred);
	320
091361f5 PK	321	/**
	322	* Signature of a function which acquires a credential object.
	323	*
84b4e573 RS	324	* @param cred The newly created credential object.
	325	* @param url The resource for which we are demanding a credential.
	326	* @param username_from_url The username that was embedded in a "user\@host"
7602cb7c	327	* remote url, or NULL if not included.
84b4e573 RS	328	* @param allowed_types A bitmask stating which cred types are OK to return.
	329	* @param payload The payload provided when specifying this callback.
	330	* @return 0 for success, < 0 to indicate an error, > 0 to indicate
1392418e	331	* no credential was acquired
091361f5 PK	332	*/
	333	typedef int (*git_cred_acquire_cb)(
	334	git_cred **cred,
	335	const char *url,
7602cb7c	336	const char *username_from_url,
59bccf33 BS	337	unsigned int allowed_types,
59bccf33 BS	338	void *payload);
091361f5	339
41fb1ca0 PK	340	/** @} */
	341	GIT_END_DECL
	342	#endif