//private byte[] f;
public override void init(Session session,
byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C)
{
this.session = session;
this.V_S = V_S;
this.V_C = V_C;
this.I_S = I_S;
this.I_C = I_C;
try
{
Type c = Type.GetType(session.getConfig("sha-1"));
sha = (HASH)(c.newInstance());
sha.init();
}
catch (Exception e)
{
Console.Error.WriteLine(e);
}
buf = new Buffer();
packet = new Packet(buf);
try
{
Type c = Type.GetType(session.getConfig("dh"));
dh = (DH)(c.newInstance());
dh.init();
}
catch (Exception e)
{
// Console.Error.WriteLine(e);
throw e;
}
packet.reset();
buf.putByte((byte)SSH_MSG_KEX_DH_GEX_REQUEST);
buf.putInt(min);
buf.putInt(preferred);
buf.putInt(max);
session.write(packet);
if (JSch.getLogger().isEnabled(Logger.INFO))
{
JSch.getLogger().log(Logger.INFO,
"SSH_MSG_KEX_DH_GEX_REQUEST(" + min + "<" + preferred + "<" + max + ") sent");
JSch.getLogger().log(Logger.INFO,
"expecting SSH_MSG_KEX_DH_GEX_GROUP");
}
state = SSH_MSG_KEX_DH_GEX_GROUP;
}
public override bool start(Session session)
{
base.start(session);
byte[] _username = Util.str2byte(username);
packet.reset();
// byte SSH_MSG_USERAUTH_REQUEST(50)
// string user name(in ISO-10646 UTF-8 encoding)
// string service name(in US-ASCII)
// string "gssapi"(US-ASCII)
// uint32 n, the number of OIDs client supports
// string[n] mechanism OIDS
buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
buf.putString(_username);
buf.putString("ssh-connection".getBytes());
buf.putString("gssapi-with-mic".getBytes());
buf.putInt(supported_oid.Length);
for (int i = 0; i < supported_oid.Length; i++)
{
buf.putString(supported_oid.getRow(i));
}
session.write(packet);
string method = null;
int command;
while (true)
{
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
if (command == SSH_MSG_USERAUTH_FAILURE)
{
return false;
}
if (command == SSH_MSG_USERAUTH_GSSAPI_RESPONSE)
{
buf.getInt(); buf.getByte(); buf.getByte();
byte[] message = buf.getString();
for (int i = 0; i < supported_oid.Length; i++)
{
if (Util.array_equals(message, supported_oid.getRow(i)))
{
method = supported_method[i];
break;
}
}
if (method == null)
{
return false;
}
break; // success
}
if (command == SSH_MSG_USERAUTH_BANNER)
{
buf.getInt(); buf.getByte(); buf.getByte();
byte[] _message = buf.getString();
byte[] lang = buf.getString();
string message = Util.byte2str(_message);
if (userinfo != null)
{
userinfo.showMessage(message);
}
continue;
}
return false;
}
GSSContext context = null;
try
{
Type c = Type.GetType(session.getConfig(method));
context = (GSSContext)(c.newInstance());
}
catch //(Exception e)
{
return false;
}
try
{
context.create(username, session.host);
}
catch (JSchException )
{
return false;
}
byte[] token = new byte[0];
while (!context.isEstablished())
{
try
{
token = context.init(token, 0, token.Length);
}
catch (JSchException )
{
// TODO
// ERRTOK should be sent?
// byte SSH_MSG_USERAUTH_GSSAPI_ERRTOK
// string error token
return false;
}
if (token != null)
{
packet.reset();
buf.putByte((byte)SSH_MSG_USERAUTH_GSSAPI_TOKEN);
buf.putString(token);
session.write(packet);
}
if (!context.isEstablished())
{
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
if (command == SSH_MSG_USERAUTH_GSSAPI_ERROR)
{
// uint32 major_status
// uint32 minor_status
// string message
// string language tag
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
//return false;
}
else if (command == SSH_MSG_USERAUTH_GSSAPI_ERRTOK)
{
// string error token
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
//return false;
}
if (command == SSH_MSG_USERAUTH_FAILURE)
{
return false;
}
buf.getInt(); buf.getByte(); buf.getByte();
token = buf.getString();
}
}
Buffer mbuf = new Buffer();
// string session identifier
// byte SSH_MSG_USERAUTH_REQUEST
// string user name
// string service
// string "gssapi-with-mic"
mbuf.putString(session.getSessionId());
mbuf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
mbuf.putString(_username);
mbuf.putString("ssh-connection".getBytes());
mbuf.putString("gssapi-with-mic".getBytes());
byte[] mic = context.getMIC(mbuf.buffer, 0, mbuf.getLength());
if (mic == null)
{
return false;
}
packet.reset();
buf.putByte((byte)SSH_MSG_USERAUTH_GSSAPI_MIC);
buf.putString(mic);
session.write(packet);
context.dispose();
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
if (command == SSH_MSG_USERAUTH_SUCCESS)
{
return true;
}
else if (command == SSH_MSG_USERAUTH_FAILURE)
{
buf.getInt(); buf.getByte(); buf.getByte();
byte[] foo = buf.getString();
int partial_success = buf.getByte();
//Console.Error.WriteLine(Encoding.UTF8.GetString(foo)+
// " partial_success:"+(partial_success!=0));
if (partial_success != 0)
{
throw new JSchPartialAuthException(Encoding.UTF8.GetString(foo));
}
}
return false;
}
public override void init(Session session,
byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C)
{
this.session = session;
this.V_S = V_S;
this.V_C = V_C;
this.I_S = I_S;
this.I_C = I_C;
// sha=new SHA1();
// sha.init();
try
{
Type c = Type.GetType(session.getConfig("sha-1"));
sha = (HASH)(c.newInstance());
sha.init();
}
catch (Exception ee)
{
Console.Error.WriteLine(ee);
}
buf = new Buffer();
packet = new Packet(buf);
try
{
Type c = Type.GetType(session.getConfig("dh"));
dh = (DH)(c.newInstance());
dh.init();
}
catch (Exception ee)
{
//Console.Error.WriteLine(e);
throw ee;
}
dh.setP(p);
dh.setG(g);
// The client responds with:
// byte SSH_MSG_KEXDH_INIT(30)
// mpint e <- g^x mod p
// x is a random number (1 < x < (p-1)/2)
e = dh.getE();
packet.reset();
buf.putByte((byte)SSH_MSG_KEXDH_INIT);
buf.putMPInt(e);
session.write(packet);
if (JSch.getLogger().isEnabled(Logger.INFO))
{
JSch.getLogger().log(Logger.INFO,
"SSH_MSG_KEXDH_INIT sent");
JSch.getLogger().log(Logger.INFO,
"expecting SSH_MSG_KEXDH_REPLY");
}
state = SSH_MSG_KEXDH_REPLY;
}