[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Question about using libssh as a layer in another library
[Thread Prev] | [Thread Next]
- Subject: Question about using libssh as a layer in another library
- From: Corey Minyard <minyard@xxxxxxx>
- Reply-to: minyard@xxxxxxx
- Reply-to: libssh@xxxxxxxxxx
- Date: Mon, 3 Dec 2018 20:41:28 -0600
- To: libssh@xxxxxxxxxx
I'm the author of ser2net, a proxy for making network connections to serial ports.
I have been working on providing encrypted access and password access to ser2net, and I am not going to send passwords unencrypted over the net. Well, I suppose it's happening if people log in to something over the serial port, and I want it to stop.
I have rewritten it to have a stream oriented library sitting under ser2net with a bunch of different stream types (telnet, serial port, SSL/TLS, IPMI serial over LAN, TCP, UDP, ....). Ser2net is now a converter from any of these types as an input to an output.
I would like to make it easy for users to make encrypted connections, and ssh is the obvious candidate for that. Unfortunately, no ssh libraries that I have found are really suitable. libssh appears to be the closest to what I need, but lacks at least the following things:
* I need something where I can provide the lower layer I/O myself, to make it a layer in a stack. * I need to provide my own poll implementation. Other libraries I use have their own interfaces for this, so I have to provide a generic one that fits them all, and the libssh one is not sufficient to provide the services I need. Plus it has no capability to use epoll, which I really need for scalability. * From what I can tell, libssh doesn't take data pushed from the lower layer, it wants to poll for data when it wants it. Since I'm going to need to support many sessions simultaneously, I can't really do a poll kind of thing, it has to be push-oriented.There are other issues I know of that are more fundamental to ssh itself, but I think I can handle those. I'd have to figure those out for any implementation.
From what I can tell, modifying libssh to have an abstract I/O layer should be fairly easy.
libssh's poll implementation is not a clean layer, so that issue is tougher. It's wrapped around the session/socket/event code pretty tightly. That doesn't look insurmountable, though.
The last issue seems the hardest. I'm not sure what it would take to make libssh push oriented.
I am loath to write my own ssh implementation. I could pull code from something else, modify it to meet my needs, but that's only a little better.
Any ideas on this? Thanks, -corey
| Re: Question about using libssh as a layer in another library | Andreas Schneider <asn@xxxxxxxxxxxxxx> |