SSHCLIENTSUPPORT for ClearPath MCP provides an Application Program Interface (API) for users with special requirements to develop SSH client programs capable of issuing an EXEC command to a remote server. A user can exercise most features provided by the SSH client by modifying the provided example program, or by writing their own.
Linking to the SSHClient Library
The SSHClient functions are provided by the system library SYSTEM/SSHCLIENT/SUPPORT with the function name SSHCLIENTSUPPORT. For example, from the sample programs, linking to SSHCLIENTSUPPORT is done, as follows:
Library SSHCLIENTSUPPORT (LIBACCESS = BYFUNCTION,
FUNCTIONNAME = "SSHCLIENTSUPPORT.”);Opening an SSH Client Session
After you have linked to the SSHCLIENTSUPPORT library, you can create an SSH session request with a remote system. This is done by calling the DCOpenSSHSession procedure, as follows:
Integer Procedure DCOpenSSHSession(
iVersion, % input
UserAuth, % input
RemoteLogin, % input
RemotePassword, % input
SecureKeyContainer, % input
iPortNumber, % input
iVerbose, % input
Hostname, % input
RemoteCommand, % input
rUserTag, % input
iResponseType, % input
rResponseQueueToken, % input
rErrorQueueToken, % input
iQueueVersion, % input
iFlags, % input/output
iSessionType, % input
bSSHCauseExceptionEvent, % input
SSHSessionHandle, % ouput
SSHSessionResultText % ouput
);
VALUE iVersion, iPortNumber, iVerbose,
rUserTag, iResponseType,
rResponseQueueToken, rErrorQueueToken,
iQueueVersion, iSessionType,
bSSHCauseExceptionEvent;
EBCDIC ARRAY UserAuth[0], RemoteLogin[0],
RemotePassword [0], SecureKeyContainer[0],
Hostname[0], RemoteCommand[0],
SSHSessionHandle[0], SSHSessionResultText[0];
BOOLEAN bSSHCauseExceptionEvent;
INTEGER iVersion, iPortNumber, iVerbose,
iResponseType, iQueueVersion, iFlags,
iSessionType;
REAL rUserTag, rResponseQueueToken, rErrorQueueToken;
LIBRARY SSHCLIENTSUPPORT;
The following table describes the parameters used to call DCOpenSSHSession:
| Parameter | Purpose | ||
|---|---|---|---|
|
iVersion |
Reserved for future use. Value must equal 1. |
||
|
UserAuth |
The user authentication method offered during the SSH handshake. When both password and publickey are offered, the password is prefered. UserAuth is case-sensitive and must be one of the follow options, if specified:
|
||
|
RemoteLogin |
The remote username used during authentication. |
||
|
RemotePassword |
The remote password used for authentication by password. |
||
|
SecureKeyContainer |
The key container used for authentication by public key. The key container must be owned by the calling process. |
||
|
iPortNumber |
The remote port number used for the connection.
|
||
|
iVerbose |
Sets the level of verbosity, including information additional to the SSH message responses. 0 = None 1 = Only alert messages 2 = Information related to SSH client protocol associated with the execution of the SSH command. 3 = Includes the information reported from the SSH client protocol and the SSH command execution. Also includes information related to the specifics of the SSH command. |
||
|
Hostname |
The IP address or Hostname of the remote host. |
||
|
RemoteCommand |
The remote command. |
||
|
rUserTag |
The user tag that is returned by the Response Queue and Error Queue messages. A value will only be returned if iResponseType equals Token Queue (iResponseType = 3). |
||
|
iResponseType |
Indicates the type of response requested by the user. 0 = None 1 = Display 2 = Remote File. This is the recommended setting. 3 = Token Queue 4 = Port File
|
||
|
rResponseQueueToken |
An Anonymous Token denoting the DCALGOL queue to insert the remote command responses. Required if iResponseType equals Token Queue (iResponseType = 3) and deselected for other response types. |
||
|
rErrorQueueToken |
An Anonymous Token denoting the DCALGOL in which to insert the remote command errors. Required iResponseType equals Token Queue (iResponseType = 3) and deselected for other response types. |
||
|
iQueueVersion |
Reserved for future use. Value must equal 1. |
||
|
iFlags |
Reserved for future use. Value must equal 0. |
||
|
iSessionType |
Reserved for future use. Value must equal 2. |
||
|
bSSHCauseExceptionEvent |
Use a value of TRUE to specify that the MYSELF.EXCEPTIONEVENT of the initiating task is caused by SSHClient when a final status is available for an accepted SSH Open Session Request. |
||
|
SSHSessionHandle |
If the SSH request is successful, a 20 digit request number will be returned. |
||
|
SSHSessionResultText |
Contains the Null terminated result text from this status request. |
DCOpenSSHSession returns an integer as the procedure result. A return value of 0 indicates a successful result. Any other value represents an error. See “Tracing an Error Detection” for a detailed list of error codes.
Query the SSH Request Status
After DCOpenSSHSession has completed, the request may be queried to determine the state of the connection. Use GetSSHSessionStatus to query the connection state, as follows:
Integer Procedure GetSSHSessionStatus ( iVersion, % input iFlags, % input SSHSessionHandle, % input SSHSessionResultText, % output iSSHSessionSubResult % output ); VALUE iVersion; EBCDIC ARRAY SSHSessionHandle[0], SSHSessionResultText[0]; INTEGER iVersion, iFlags, iSSHSessionSubResult; LIBRARY SSHCLIENTSUPPORT;
The parameters for GetSSHSessionStatus are described below:
| Parameter | Purpose |
|
iVersion |
Reserved for future use. Value must equal 1. |
|
iFlags |
Reserved for future use. Value must equal 0. |
|
SSHSessionHandle |
A 20-digit request number. The value returned from DCOpenSSHSession should be used. |
|
SSHSessionResultText |
Contains the Null terminated result text returned from the status request. |
|
iSSHSessionSubResult |
Contains the detailed result code returned from the status request. |
The following table describes the procedure results of GetSSHSession status.
|
Numeric Value |
Status Request Category |
Description |
|---|---|---|
|
1 |
Queued |
The request is queued and waiting to be started. |
|
2 |
In Progress |
The request is in an active state. |
|
3 |
Completed |
The request has completed successfully. |
|
4 |
Not Running |
The SSHClientSupport Library is not running. |
|
5 |
Waiting Retry |
The request was tried, but encountered a non-fatal error and is waiting to be retried. |
|
9 |
Error |
The request completed in error. The iSSHSessionSubResult parameter contains the exact error number, and the SSHSessionResultText contains the error message. |
Canceling the SSH Request
If a status request is pending or active, the request can be cancelled and the SSH session can be closed using the CloseSSHSession procedure. Requests that have completed, encountered an error, or are run when the library is not running are automatically closed and should not be closed by CloseSSHSession.
The CloseSSHSession procedure is declared, as follows:
Integer Procedure CloseSSHSession (
iVersion, % input
iFlags, % input
SSHSessionHandle, % input
SSHSessionResultText %output
);
VALUE iVersion;
EBCDIC ARRAY SSHSessionHandle[0], SSHSessionResultText[0];
INTEGER iVersion, iFlags;
LIBRARY SSHCLIENTSUPPORT;The following table describes the parameters of the CloseSSHSession procedure:
|
Parameter |
Description |
|---|---|
|
iVersion |
Reserved for future use. Value must equal 1. |
|
iFlags |
Reserved for future use. Value must equal 0. |
|
SSHSessionHandle |
A 20-digit request number. The value returned from DCOpenSSHSession should be used. |
|
SSHSessionResultText |
Contains the Null terminated result text returned from the status request |
CloseSSHSession returns an integer as the procedure result. A return value of 0 indicates a successful result. Any other value represents an error. See “Tracing an Error Detection” for a detailed list of error codes.
Tracing and Error Detection
The iVerbose parameter of DCOpenSSHSession is used to enable diagnostic tracing of an SSH session. Using an iVerbose setting of 2 or 3 provides additional diagnostic information which might be needed to determine the cause of an error. To determine the cause of an error, each procedure produces an error message string in the SSHSessionResultText. The procedure GetSSHSessionStatus also returns iSSHSessionSubResult with a detailed return code.
For the DCOpenSSHSession and CloseSSHSession procedures, a return value of 0 indicates a successful result. Any other value represents an error. Use the following table of error codes to determine the cause of any received error code.
|
Error # |
Description |
|
|---|---|---|
|
117 |
Reports an error from opening an SSH session and also reports one of the following sub-results in the SSHSessionResultText, returned by the procedure: |
|
|
0 |
Software Version |
|
|
1 |
iVersion value |
|
|
2 |
UserAuth value |
|
|
3 |
UserAuth size |
|
|
4 |
RemoteLogin size |
|
|
5 |
RemotePassword size |
|
|
6 |
SecureKeyContainer size |
|
|
7 |
iPortNumber |
|
|
8 |
iVerbose value |
|
|
9 |
Hostname size |
|
|
10 |
RemoteCommand size |
|
|
11 |
iResponse type |
|
|
12 |
rResponseQueueToken value |
|
|
13 |
rErrorQueueToken value |
|
|
14 |
iQueueVersion value |
|
|
15 |
iFlags value |
|
|
16 |
iSessionType value |
|
|
17 |
SSHSessionHandle size |
|
|
18 |
SSHSessionResultText size |
|
|
118 |
Reports a CloseSSHSession and reports one of the following sub-results in the SSHSessionResultText returned by the procedure. |
|
|
0 |
Software Version |
|
|
1 |
iVersion value |
|
|
2 |
iFlags value |
|
|
3 |
SSHSessionHandle size |
|
|
4 |
SSHSessionResultText size |
|
|
119 |
Reports an error from a GetSSHSessionStatus query and reports one of the following sub-results in the SSHSessionResultText returned by the procedure. |
|
|
0 |
Software Version |
|
|
1 |
iVersion value |
|
|
2 |
iFlags value |
|
|
3 |
SSHSessionHandle size |
|
|
4 |
SSHSessionResultText size |
|
|
217 |
The SSH Client Support Library is not running. |
|
|
218 |
The SSH Client Support Library is shutting down. |
|
|
220 |
The SSH Request was cancelled. |
|
|
221 |
The SSH Request is in a queued state. |
|
|
222 |
The SSH Request is in progress. |
|
|
223 |
The SSH Request Completed successfully. |
|
|
224 |
The SSH Request is waiting to be retried. |
|
|
225 |
The SSH Request completed in error. |
|
|
230 |
The TCPIP Port closed abnormally. |
|
|
231 |
The process was aborted. |
|
SSHClient Example Program
The following example shows a sample SSHClient program.
BEGIN
DEFINE
SSH_SSHSessionResultText_LengthV = 126 # % in bytes
,SSH_SSHSessionHandle_LengthV = 20 # % in bytes
,SSH_RemoteLogin_LengthV = 257 # % in bytes
,SSH_RemotePassword_LengthV = 257 # % in bytes
,SSH_Hostname_LengthV = 257 # % in bytes
,SSH_RemoteCommand_LengthV = 342 # % in bytes
,SSH_UserAuth_LengthV = 57 # % in bytes
,SEC_SecureKeyContainer_LengthV = 257 # % in bytes
,SSH_Result_Ok = 00 #
% STATUS Request Category
,SSH_Status_Queued = 1 #
,SSH_Status_InProgress = 2 #
,SSH_Status_Completed = 3 #
,SSH_Status_Down = 4 #
,SSH_Status_WaitingRetry = 5 #
,SSH_Status_Error = 9 #
;
EBCDIC ARRAY
UserAuth [0:SSH_UserAuth_LengthV-1]
,RemoteLogin [0:SSH_RemoteLogin_LengthV-1]
,RemotePassword [0:SSH_RemotePassword_LengthV-1]
,SecureKeyContainer [0:SEC_SecureKeyContainer_LengthV-1]
,Hostname [0:SSH_Hostname_LengthV-1]
,RemoteCommand [0:SSH_RemoteCommand_LengthV-1]
,SSHSessionHandle [0:SSH_SSHSessionHandle_LengthV-1]
,SSHSessionResultText [0:SSH_SSHSessionResultText_LengthV-1]
;
BOOLEAN
bSSHCauseExceptionEvent;
INTEGER
iVersion
,iPortNumber
,iVerbose
,iResponseType
,iQueueVersion
,iFlags
,iSessionType
,iSSHSessionSubResult
;
REAL
rUserTag,
rResponseQueueToken,
rErrorQueueToken;
Library SSHCLIENTSUPPORT
(LIBACCESS = BYFUNCTION, FUNCTIONNAME = "SSHCLIENTSUPPORT."
);
Integer Procedure DCOpenSSHSession (
%================================%
iVersion,
UserAuth,
RemoteLogin,
RemotePassword,
SecureKeyContainer,
iPortNumber,
iVerbose,
Hostname,
RemoteCommand,
rUserTag,
iResponseType,
rResponseQueueToken,
rErrorQueueToken,
iQueueVersion,
iFlags,
iSessionType,
bSSHCauseExceptionEvent,
SSHSessionHandle,
SSHSessionResultText);
VALUE iVersion, iPortNumber, iVerbose, rUserTag,
iResponseType, rResponseQueueToken, rErrorQueueToken,
iQueueVersion, iSessionType, bSSHCauseExceptionEvent;
EBCDIC ARRAY UserAuth [0], RemoteLogin [0], RemotePassword [0],
SecureKeyContainer [0], Hostname [0], RemoteCommand [0],
SSHSessionHandle [0], SSHSessionResultText [0];
BOOLEAN bSSHCauseExceptionEvent;
INTEGER iVersion, iPortNumber, iVerbose, iResponseType, iQueueVersion,
iFlags, iSessionType;
REAL rUserTag, rResponseQueueToken, rErrorQueueToken;
Library SSHCLIENTSUPPORT;
Integer Procedure CloseSSHSession (
%===============================%
iVersion,
iFlags,
SSHSessionHandle,
SSHSessionResultText);
VALUE iVersion;
EBCDIC ARRAY SSHSessionHandle [0], SSHSessionResultText [0];
INTEGER iVersion, iFlags;
Library SSHCLIENTSUPPORT;
Integer Procedure GetSSHSessionStatus (
%===================================%
iVersion,
iFlags
SSHSessionHandle,
SSHSessionResultText,
iSSHSessionSubResult);
VALUE iVersion;
EBCDIC ARRAY SSHSessionHandle [0], SSHSessionResultText [0];
INTEGER iVersion, iFlags, iSSHSessionSubResult;
Library SSHCLIENTSUPPORT;
Integer Result;
iVersion := 1; % reserved for future use, must equal 1.
iResponseType := 2; % remote File response.
% other valid responses are: 0 - No response %%
% 1 - Display %%
% 2 - Remote File %%
% 3 - Anonymous Token ** advanced ** %%
% 4 - Port Files ** advanced ** %%
iSessionType := 2; % EXEC. Shell/Subfile are not supported.
iQueueVersion := 1; % reserved for future use, must equal 1.
iVerbose := 1; % request verbose response
% valid Verbose options are : 0 - None
% 1 - Client Verbose Output
% 2 - Client and Library Verbose Output
% 3 - Most Verbose Output
bSSHCauseExceptionEvent := TRUE;
replace RemoteLogin by "<usercode>", 48"00";
replace RemotePassword by "<password>", 48"00";
replace Hostname by "<hostname or ip>", 48"00";
replace RemoteCommand by "<command>", 48"00";
% replace SecureKeyContainer by "<SSH Key Container>", 48"00";
%% uncomment the prior line and comment the line for RemotePassword %%
%% to use public key authentication as opposed to password. %%
% See SSHCLIENT API documentation for Parameter Descriptions
Result := DCOpenSSHSession(iVersion,
UserAuth,
RemoteLogin,
RemotePassword,
SecureKeyContainer,
iPortNumber,
iVerbose,
Hostname,
RemoteCommand,
rUserTag,
iResponseType,
rResponseQueueToken,
rErrorQueueToken,
iQueueVersion,
iFlags,
iSessionType,
bSSHCauseExceptionEvent,
SSHSessionHandle,
SSHSessionResultText);
Display(SSHSessionResultText);
Display(SSHSessionHandle);
IF Result = SSH_Result_Ok Then
Begin
%% A timeout may be specified by uncommenting the following line and %%
%% commenting out the current WAIT statement. %%
% Wait((4),MYSELF.EXCEPTIONEVENT);
Wait(MYSELF.EXCEPTIONEVENT); % Waits for bSSHCauseExceptionEvent
Reset(MYSELF.EXCEPTIONEVENT);
% See SSHCLIENT API Documentation for Parameter Descriptions
Result := GetSSHSessionStatus(
iVersion,
iFlags,
SSHSessionHandle,
SSHSessionResultText,
iSSHSessionSubResult);
Case Result Of
Begin % status has completed succesfully or in error.
SSH_Status_Completed:
SSH_Status_Down:
SSH_Status_Error:
Display(SSHSessionResultText);
% status is active or pending. Cancel the request and close session
SSH_Status_Queued:
SSH_Status_InProgress:
SSH_Status_WaitingRetry:
Display(SSHSessionResultText);
Result := CloseSSHSession(
iVersion,
iFlags,
SSHSessionHandle,
SSHSessionResultText);
If Result = SSH_Result_Ok Then
Display(SSHSessionResultText);
Else:
End Of Case;
End
Else
Display(SSHSessionResultText);
End;
End.