文章介绍了SFTP(安全文件传输协议)在实际项目中的应用,它是基于SSH的网络协议。libssh2是一个提供SSH协议开发的库,支持多种加密和压缩算法。文章还给出了使用libssh2库进行SFTP文件上传的C语言示例代码。
在实际项目中,很多时候我们需要使用sftp来传输文件,SFTP 是 Secure File Transfer Protocol 的缩写,也叫作安全文件传送协议, SFTP 是基于网络协议SSH(安全外壳)的协议。SFTP 不使用单独的命令通道和数据通道,而是数据和命令都会通过单个连接以特殊格式的数据包进行传输。SFTP 提供了两种验证连接的方法:连接时只需要验证用户 ID 和密码就可以了,这些凭据是加密的,这是 SFTP 最主要的安全优势;除密码外,还可以通过 SSH 密钥来验证并通过 SFTP 协议连接。
libssh2提供了开发基于SSH的应用程序的API,官网介绍如下:
许可证: 3条款BSD许可证
开发:C(30218 SLOC),sh(1102 SLOC),Perl(65 SLOC),Lisp(33 SLOC),AWK(23 SLOC)
密钥交换方法:diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256
主机类型:ssh-rsa,ssh-dss
密码:aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc(rijndael-cbc@lysator.liu.se),aes192-cbc,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour ,arcfour128,无
压缩方案:zlib,zlib @ openssh.com,无
MAC哈希值:hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160(hmac-ripemd160@openssh.com),无
身份验证:无,密码,公钥,基于主机,键盘交互
频道:shell,exec(包括SCP包装器),direct-tcpip,子系统
全局请求:tcpip-forward
频道请求:x11,pty,exit-signal,keepalive @ openssh.com
子系统:sftp(版本3),publickey(版本2)
SFTP:statvfs@openssh.com,fstatvfs@openssh.com
线程安全:只是不要同时共享句柄
非阻塞:它既可以用于阻塞,也可以用于非阻塞
您的套接字:应用程序移交套接字,调用select()等。
OpenSSL,Libgcrypt或WinCNG(自Windows Vista以来的本机):使用其中任何一个构建
libssh2依赖openssl,首先需要编译好openssl,然后再编译libssh2,编译命令如下:
./configure --with-libssl-prefix=/opt/openssl-1.0.2t \
LDFLAGS="-Wl,-rpath-link,/opt/openssl-1.0.2t/lib" \
--prefix=/opt/libssh2_build_pc
make
make install使用libssh2编写sftp上传文件小工具的代码如下:
#include "libssh2_config.h"
#include <libssh2.h>
#include <libssh2_sftp.h>
# include <sys/socket.h>
# include <netinet/in.h>
#include <unistd.h>
# include <arpa/inet.h>
#include <sys/types.h>
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <ctype.h>
int main(int argc, char *argv[])
{
unsigned long hostaddr;
int sock, i, auth_pw = 1;
struct sockaddr_in sin;
const char *fingerprint;
LIBSSH2_SESSION *session;
const char *username = "root";
const char *password = "root";
const char *loclfile = "/opt/aaa.tar";
const char *sftppath = "/home/bbb.tar";
int rc;
FILE *local;
LIBSSH2_SFTP *sftp_session;
LIBSSH2_SFTP_HANDLE *sftp_handle;
char mem[1024*100];
size_t nread;
char *ptr;
hostaddr = inet_addr("192.168.1.131");
rc = libssh2_init(0);
if(rc != 0) {
fprintf(stderr, "libssh2 initialization failed (%d)\n", rc);
return 1;
}
local = fopen(loclfile, "rb");
if(!local)
{
fprintf(stderr, "Can't open local file %s\n", loclfile);
return -1;
}
/*
* The application code is responsible for creating the socket
* and establishing the connection
*/
sock = socket(AF_INET, SOCK_STREAM, 0);
sin.sin_family = AF_INET;
sin.sin_port = htons(22);
sin.sin_addr.s_addr = (in_addr_t)hostaddr;
if(connect(sock, (struct sockaddr*)(&sin),sizeof(struct sockaddr_in)) != 0)
{
fprintf(stderr, "failed to connect!\n");
return -1;
}
/* Create a session instance
*/
session = libssh2_session_init();
if(!session)
return -1;
/* Since we have set non-blocking, tell libssh2 we are blocking */
libssh2_session_set_blocking(session, 1);
/* ... start it up. This will trade welcome banners, exchange keys,
* and setup crypto, compression, and MAC layers
*/
rc = libssh2_session_handshake(session, sock);
if(rc)
{
fprintf(stderr, "Failure establishing SSH session: %d\n", rc);
return -1;
}
/* At this point we havn't yet authenticated. The first thing to do
* is check the hostkey's fingerprint against our known hosts Your app
* may have it hard coded, may go to a file, may present it to the
* user, that's your call
*/
fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
fprintf(stderr, "Fingerprint: ");
for(i = 0; i < 20; i++)
{
fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
}
fprintf(stderr, "\n");
if(auth_pw)
{
/* We could authenticate via password */
if(libssh2_userauth_password(session, username, password))
{
fprintf(stderr, "Authentication by password failed.\n");
goto shutdown;
}
}
fprintf(stderr, "libssh2_sftp_init()!\n");
sftp_session = libssh2_sftp_init(session);
if(!sftp_session)
{
fprintf(stderr, "Unable to init SFTP session\n");
goto shutdown;
}
fprintf(stderr, "libssh2_sftp_open()!\n");
/* Request a file via SFTP */
sftp_handle =
libssh2_sftp_open(sftp_session, sftppath,
LIBSSH2_FXF_WRITE|LIBSSH2_FXF_CREAT|LIBSSH2_FXF_TRUNC,
LIBSSH2_SFTP_S_IRUSR|LIBSSH2_SFTP_S_IWUSR|
LIBSSH2_SFTP_S_IRGRP|LIBSSH2_SFTP_S_IROTH);
if(!sftp_handle)
{
fprintf(stderr, "Unable to open file with SFTP\n");
goto shutdown;
}
fprintf(stderr, "libssh2_sftp_open() is done, now send data!\n");
do {
nread = fread(mem, 1, sizeof(mem), local);
if(nread <= 0)
{
/* end of file */
break;
}
ptr = mem;
do {
/* write data in a loop until we block */
rc = libssh2_sftp_write(sftp_handle, ptr, nread);
if(rc < 0)
break;
ptr += rc;
nread -= rc;
} while(nread);
} while(rc > 0);
libssh2_sftp_close(sftp_handle);
libssh2_sftp_shutdown(sftp_session);
shutdown:
libssh2_session_disconnect(session,
"Normal Shutdown, Thank you for playing");
libssh2_session_free(session);
close(sock);
if(local)
fclose(local);
fprintf(stderr, "all done\n");
libssh2_exit();
return 0;
}
输出日志显示上传成功:
---------------------
作者:dql2015
链接:https://bbs.21ic.com/icview-3288026-1-1.html
来源:21ic.com
此文章已获得原创/原创奖标签,著作权归21ic所有,任何人未经允许禁止转载。
6175
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
