public override bool start(Session session) { base.start(session); byte[] _username = Util.str2byte(username); packet.reset(); // byte SSH_MSG_USERAUTH_REQUEST(50) // string user name(in ISO-10646 UTF-8 encoding) // string service name(in US-ASCII) // string "gssapi"(US-ASCII) // uint32 n, the number of OIDs client supports // string[n] mechanism OIDS buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST); buf.putString(_username); buf.putString("ssh-connection".getBytes()); buf.putString("gssapi-with-mic".getBytes()); buf.putInt(supported_oid.Length); for (int i = 0; i < supported_oid.Length; i++) { buf.putString(supported_oid.getRow(i)); } session.write(packet); string method = null; int command; while (true) { buf = session.Read(buf); command = buf.getCommand() & 0xff; if (command == SSH_MSG_USERAUTH_FAILURE) { return false; } if (command == SSH_MSG_USERAUTH_GSSAPI_RESPONSE) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] message = buf.getString(); for (int i = 0; i < supported_oid.Length; i++) { if (Util.array_equals(message, supported_oid.getRow(i))) { method = supported_method[i]; break; } } if (method == null) { return false; } break; // success } if (command == SSH_MSG_USERAUTH_BANNER) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] _message = buf.getString(); byte[] lang = buf.getString(); string message = Util.byte2str(_message); if (userinfo != null) { userinfo.showMessage(message); } continue; } return false; } GSSContext context = null; try { Type c = Type.GetType(session.getConfig(method)); context = (GSSContext)(c.newInstance()); } catch //(Exception e) { return false; } try { context.create(username, session.host); } catch (JSchException ) { return false; } byte[] token = new byte[0]; while (!context.isEstablished()) { try { token = context.init(token, 0, token.Length); } catch (JSchException ) { // TODO // ERRTOK should be sent? // byte SSH_MSG_USERAUTH_GSSAPI_ERRTOK // string error token return false; } if (token != null) { packet.reset(); buf.putByte((byte)SSH_MSG_USERAUTH_GSSAPI_TOKEN); buf.putString(token); session.write(packet); } if (!context.isEstablished()) { buf = session.Read(buf); command = buf.getCommand() & 0xff; if (command == SSH_MSG_USERAUTH_GSSAPI_ERROR) { // uint32 major_status // uint32 minor_status // string message // string language tag buf = session.Read(buf); command = buf.getCommand() & 0xff; //return false; } else if (command == SSH_MSG_USERAUTH_GSSAPI_ERRTOK) { // string error token buf = session.Read(buf); command = buf.getCommand() & 0xff; //return false; } if (command == SSH_MSG_USERAUTH_FAILURE) { return false; } buf.getInt(); buf.getByte(); buf.getByte(); token = buf.getString(); } } Buffer mbuf = new Buffer(); // string session identifier // byte SSH_MSG_USERAUTH_REQUEST // string user name // string service // string "gssapi-with-mic" mbuf.putString(session.getSessionId()); mbuf.putByte((byte)SSH_MSG_USERAUTH_REQUEST); mbuf.putString(_username); mbuf.putString("ssh-connection".getBytes()); mbuf.putString("gssapi-with-mic".getBytes()); byte[] mic = context.getMIC(mbuf.buffer, 0, mbuf.getLength()); if (mic == null) { return false; } packet.reset(); buf.putByte((byte)SSH_MSG_USERAUTH_GSSAPI_MIC); buf.putString(mic); session.write(packet); context.dispose(); buf = session.Read(buf); command = buf.getCommand() & 0xff; if (command == SSH_MSG_USERAUTH_SUCCESS) { return true; } else if (command == SSH_MSG_USERAUTH_FAILURE) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] foo = buf.getString(); int partial_success = buf.getByte(); //Console.Error.WriteLine(Encoding.UTF8.GetString(foo)+ // " partial_success:"+(partial_success!=0)); if (partial_success != 0) { throw new JSchPartialAuthException(Encoding.UTF8.GetString(foo)); } } return false; }
public override bool start(Session session) { base.start(session); byte[] password = session.password; string dest = username + "@" + session.host; if (session.port != 22) { dest += (":" + session.port); } try { while (true) { if (password == null) { if (userinfo == null) { //throw new JSchException("USERAUTH fail"); return false; } if (!userinfo.promptPassword("Password for " + dest)) { throw new JSchAuthCancelException("password"); //break; } string _password = userinfo.getPassword(); if (_password == null) { throw new JSchAuthCancelException("password"); //break; } password = Util.str2byte(_password); } byte[] _username = null; _username = Util.str2byte(username); // send // byte SSH_MSG_USERAUTH_REQUEST(50) // string user name // string service name ("ssh-connection") // string "password" // boolen FALSE // string plaintext password (ISO-10646 UTF-8) packet.reset(); buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST); buf.putString(_username); buf.putString("ssh-connection".getBytes()); buf.putString("password".getBytes()); buf.putByte((byte)0); buf.putString(password); session.write(packet); while (true) { buf = session.Read(buf); int command = buf.getCommand() & 0xff; if (command == SSH_MSG_USERAUTH_SUCCESS) { return true; } if (command == SSH_MSG_USERAUTH_BANNER) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] _message = buf.getString(); byte[] lang = buf.getString(); string message = Util.byte2str(_message); if (userinfo != null) { userinfo.showMessage(message); } goto loop; } if (command == SSH_MSG_USERAUTH_PASSWD_CHANGEREQ) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] instruction = buf.getString(); byte[] tag = buf.getString(); if (userinfo == null || !(userinfo is UIKeyboardInteractive)) { if (userinfo != null) { userinfo.showMessage("Password must be changed."); } return false; } UIKeyboardInteractive kbi = (UIKeyboardInteractive)userinfo; string[] response; string name = "Password Change Required"; string[] prompt = { "New Password: "******"password"); } byte[] newpassword = response[0].getBytes(); // send // byte SSH_MSG_USERAUTH_REQUEST(50) // string user name // string service name ("ssh-connection") // string "password" // boolen TRUE // string plaintext old password (ISO-10646 UTF-8) // string plaintext new password (ISO-10646 UTF-8) packet.reset(); buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST); buf.putString(_username); buf.putString("ssh-connection".getBytes()); buf.putString("password".getBytes()); buf.putByte((byte)1); buf.putString(password); buf.putString(newpassword); Util.bzero(newpassword); response = null; session.write(packet); goto loop; } if (command == SSH_MSG_USERAUTH_FAILURE) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] foo = buf.getString(); int partial_success = buf.getByte(); //Console.Error.WriteLine(Encoding.UTF8.GetString(foo)+ // " partial_success:"+(partial_success!=0)); if (partial_success != 0) { throw new JSchPartialAuthException(Encoding.UTF8.GetString(foo)); } break; } else { //Console.Error.WriteLine("USERAUTH fail ("+buf.getCommand()+")"); // throw new JSchException("USERAUTH fail ("+buf.getCommand()+")"); return false; } loop: new object(); } if (password != null) { Util.bzero(password); password = null; } } } finally { if (password != null) { Util.bzero(password); password = null; } } //throw new JSchException("USERAUTH fail"); //return false; }
internal static void delPort(Session session, string address_to_bind, int rport) { lock (pool) { object[] foo = null; for (int i = 0; i < pool.Count; i++) { object[] bar = (object[])(pool[i]); if (bar[0] != session) continue; if (((int)bar[1]) != rport) continue; foo = bar; break; } if (foo == null) return; pool.Remove(foo); if (address_to_bind == null) { address_to_bind = (string)foo[4]; } if (address_to_bind == null) { address_to_bind = "0.0.0.0"; } } Buffer buf = new Buffer(100); // ?? Packet packet = new Packet(buf); try { // byte SSH_MSG_GLOBAL_REQUEST 80 // string "cancel-tcpip-forward" // bool want_reply // string address_to_bind (e.g. "127.0.0.1") // uint32 port number to bind packet.reset(); buf.putByte((byte)80/*SSH_MSG_GLOBAL_REQUEST*/); buf.putString("cancel-tcpip-forward".getBytes()); buf.putByte((byte)0); buf.putString(address_to_bind.getBytes()); buf.putInt(rport); session.write(packet); } catch //(Exception e) { // throw new JSchException(e.ToString()); } }
public override bool start(Session session) { base.start(session); List<Identity> identities = session.jsch.identities; byte[] passphrase = null; byte[] _username = null; int command; lock (identities) { if (identities.Count <= 0) { return false; } _username = Util.str2byte(username); for (int i = 0; i < identities.Count; i++) { Identity identity = identities[i]; byte[] pubkeyblob = identity.getPublicKeyBlob(); //Console.Error.WriteLine("UserAuthPublicKey: "+identity+" "+pubkeyblob); if (pubkeyblob != null) { // send // byte SSH_MSG_USERAUTH_REQUEST(50) // string user name // string service name ("ssh-connection") // string "publickey" // boolen FALSE // string plaintext password (ISO-10646 UTF-8) packet.reset(); buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST); buf.putString(_username); buf.putString("ssh-connection".getBytes()); buf.putString("publickey".getBytes()); buf.putByte((byte)0); buf.putString(identity.getAlgName().getBytes()); buf.putString(pubkeyblob); session.write(packet); while (true) { buf = session.Read(buf); command = buf.getCommand() & 0xff; if (command == SSH_MSG_USERAUTH_PK_OK) { break; } else if (command == SSH_MSG_USERAUTH_FAILURE) { break; } else if (command == SSH_MSG_USERAUTH_BANNER) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] _message = buf.getString(); byte[] lang = buf.getString(); string message = null; //try { message = Encoding.UTF8.GetString(_message); } //catch (.io.UnsupportedEncodingException e) //{ message = Encoding.UTF8.GetString(_message); //} if (userinfo != null) { userinfo.showMessage(message); } goto loop1; } else { //Console.Error.WriteLine("USERAUTH fail ("+command+")"); //throw new JSchException("USERAUTH fail ("+command+")"); break; } loop1: new object(); } if (command != SSH_MSG_USERAUTH_PK_OK) { continue; } } //Console.Error.WriteLine("UserAuthPublicKey: identity.isEncrypted()="+identity.isEncrypted()); int count = 5; while (true) { if ((identity.isEncrypted() && passphrase == null)) { if (userinfo == null) throw new JSchException("USERAUTH fail"); if (identity.isEncrypted() && !userinfo.promptPassphrase("Passphrase for " + identity.getName())) { throw new JSchAuthCancelException("publickey"); //throw new JSchException("USERAUTH cancel"); //break; } string _passphrase = userinfo.getPassphrase(); if (_passphrase != null) { passphrase = Util.str2byte(_passphrase); } } if (!identity.isEncrypted() || passphrase != null) { if (identity.setPassphrase(passphrase)) break; } Util.bzero(passphrase); passphrase = null; count--; if (count == 0) break; } Util.bzero(passphrase); passphrase = null; //Console.Error.WriteLine("UserAuthPublicKey: identity.isEncrypted()="+identity.isEncrypted()); if (identity.isEncrypted()) continue; if (pubkeyblob == null) pubkeyblob = identity.getPublicKeyBlob(); //Console.Error.WriteLine("UserAuthPublicKey: pubkeyblob="+pubkeyblob); if (pubkeyblob == null) continue; // send // byte SSH_MSG_USERAUTH_REQUEST(50) // string user name // string service name ("ssh-connection") // string "publickey" // boolen TRUE // string plaintext password (ISO-10646 UTF-8) packet.reset(); buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST); buf.putString(_username); buf.putString("ssh-connection".getBytes()); buf.putString("publickey".getBytes()); buf.putByte((byte)1); buf.putString(identity.getAlgName().getBytes()); buf.putString(pubkeyblob); // byte[] tmp=new byte[buf.index-5]; // Array.Copy(buf.buffer, 5, tmp, 0, tmp.Length); // buf.putString(signature); byte[] sid = session.getSessionId(); int sidlen = sid.Length; byte[] tmp = new byte[4 + sidlen + buf.index - 5]; tmp[0] = (byte)(((uint)sidlen) >> 24); tmp[1] = (byte)(((uint)sidlen) >> 16); tmp[2] = (byte)(((uint)sidlen) >> 8); tmp[3] = (byte)(sidlen); Array.Copy(sid, 0, tmp, 4, sidlen); Array.Copy(buf.buffer, 5, tmp, 4 + sidlen, buf.index - 5); byte[] signature = identity.getSignature(tmp); if (signature == null) { // for example, too long key length. break; } buf.putString(signature); session.write(packet); while (true) { buf = session.Read(buf); command = buf.getCommand() & 0xff; if (command == SSH_MSG_USERAUTH_SUCCESS) { return true; } else if (command == SSH_MSG_USERAUTH_BANNER) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] _message = buf.getString(); byte[] lang = buf.getString(); string message = null; try { message = Encoding.UTF8.GetString(_message); } catch //(Exception e) { message = Encoding.UTF8.GetString(_message); } if (userinfo != null) { userinfo.showMessage(message); } goto loop2; } else if (command == SSH_MSG_USERAUTH_FAILURE) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] foo = buf.getString(); int partial_success = buf.getByte(); //Console.Error.WriteLine(Encoding.UTF8.GetString(foo)+ // " partial_success:"+(partial_success!=0)); if (partial_success != 0) { throw new JSchPartialAuthException(Encoding.UTF8.GetString(foo)); } break; } //Console.Error.WriteLine("USERAUTH fail ("+command+")"); //throw new JSchException("USERAUTH fail ("+command+")"); break; loop2: new object(); } } } return false; }
//private byte[] f; public override void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C) { this.session = session; this.V_S = V_S; this.V_C = V_C; this.I_S = I_S; this.I_C = I_C; try { Type c = Type.GetType(session.getConfig("sha-1")); sha = (HASH)(c.newInstance()); sha.init(); } catch (Exception e) { Console.Error.WriteLine(e); } buf = new Buffer(); packet = new Packet(buf); try { Type c = Type.GetType(session.getConfig("dh")); dh = (DH)(c.newInstance()); dh.init(); } catch (Exception e) { // Console.Error.WriteLine(e); throw e; } packet.reset(); buf.putByte((byte)SSH_MSG_KEX_DH_GEX_REQUEST); buf.putInt(min); buf.putInt(preferred); buf.putInt(max); session.write(packet); if (JSch.getLogger().isEnabled(Logger.INFO)) { JSch.getLogger().log(Logger.INFO, "SSH_MSG_KEX_DH_GEX_REQUEST(" + min + "<" + preferred + "<" + max + ") sent"); JSch.getLogger().log(Logger.INFO, "expecting SSH_MSG_KEX_DH_GEX_GROUP"); } state = SSH_MSG_KEX_DH_GEX_GROUP; }
public override bool start(Session session) { base.start(session); if (userinfo != null && !(userinfo is UIKeyboardInteractive)) { return false; } string dest = username + "@" + session.host; if (session.port != 22) { dest += (":" + session.port); } byte[] password = session.password; bool cancel = false; byte[] _username = null; _username = Util.str2byte(username); while (true) { // send // byte SSH_MSG_USERAUTH_REQUEST(50) // string user name (ISO-10646 UTF-8, as defined in [RFC-2279]) // string service name (US-ASCII) "ssh-userauth" ? "ssh-connection" // string "keyboard-interactive" (US-ASCII) // string language tag (as defined in [RFC-3066]) // string submethods (ISO-10646 UTF-8) packet.reset(); buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST); buf.putString(_username); buf.putString("ssh-connection".getBytes()); //buf.putString("ssh-userauth".getBytes()); buf.putString("keyboard-interactive".getBytes()); buf.putString("".getBytes()); buf.putString("".getBytes()); session.write(packet); bool firsttime = true; while (true) { buf = session.Read(buf); int command = buf.getCommand() & 0xff; if (command == SSH_MSG_USERAUTH_SUCCESS) { return true; } if (command == SSH_MSG_USERAUTH_BANNER) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] _message = buf.getString(); byte[] lang = buf.getString(); string message = null; try { message = Encoding.UTF8.GetString(_message); } catch //(Exception e) { message = Encoding.UTF8.GetString(_message); } if (userinfo != null) { userinfo.showMessage(message); } goto loop; } if (command == SSH_MSG_USERAUTH_FAILURE) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] foo = buf.getString(); int partial_success = buf.getByte(); // Console.Error.WriteLine(Encoding.UTF8.GetString(foo)+ // " partial_success:"+(partial_success!=0)); if (partial_success != 0) { throw new JSchPartialAuthException(Encoding.UTF8.GetString(foo)); } if (firsttime) { return false; //throw new JSchException("USERAUTH KI is not supported"); //cancel=true; // ?? } break; } if (command == SSH_MSG_USERAUTH_INFO_REQUEST) { firsttime = false; buf.getInt(); buf.getByte(); buf.getByte(); string name = Encoding.UTF8.GetString(buf.getString()); string instruction = Encoding.UTF8.GetString(buf.getString()); string languate_tag = Encoding.UTF8.GetString(buf.getString()); int num = buf.getInt(); string[] prompt = new string[num]; bool[] echo = new bool[num]; for (int i = 0; i < num; i++) { prompt[i] = Encoding.UTF8.GetString(buf.getString()); echo[i] = (buf.getByte() != 0); } byte[][] response = null; if (num > 0 || (name.Length > 0 || instruction.Length > 0) ) { if (userinfo != null) { UIKeyboardInteractive kbi = (UIKeyboardInteractive)userinfo; string[] _response = kbi.promptKeyboardInteractive(dest, name, instruction, prompt, echo); if (_response != null) { response = new byte[_response.Length][]; for (int i = 0; i < _response.Length; i++) { response[i] = Util.str2byte(_response[i]); } } } else if (password != null && prompt.Length == 1 && !echo[0] && prompt[0].ToLower().StartsWith("password:"******"response.Length="+response.Length); //else //Console.Error.WriteLine("response is null"); packet.reset(); buf.putByte((byte)SSH_MSG_USERAUTH_INFO_RESPONSE); if (num > 0 && (response == null || // cancel num != response.Length)) { if (response == null) { // working around the bug in OpenSSH ;-< buf.putInt(num); for (int i = 0; i < num; i++) { buf.putString("".getBytes()); } } else { buf.putInt(0); } if (response == null) cancel = true; } else { buf.putInt(num); for (int i = 0; i < num; i++) { //Console.Error.WriteLine("response: |"+Encoding.UTF8.GetString(response[i])+"| <- replace here with **** if you need"); buf.putString(response[i]); } } session.write(packet); /* if(cancel) break; */ goto loop; } //throw new JSchException("USERAUTH fail ("+command+")"); return false; loop: new object(); } if (cancel) { throw new JSchAuthCancelException("keyboard-interactive"); //break; } } //return false; }
public override void init(Session session, byte[] V_S, byte[] V_C, byte[] I_S, byte[] I_C) { this.session = session; this.V_S = V_S; this.V_C = V_C; this.I_S = I_S; this.I_C = I_C; // sha=new SHA1(); // sha.init(); try { Type c = Type.GetType(session.getConfig("sha-1")); sha = (HASH)(c.newInstance()); sha.init(); } catch (Exception ee) { Console.Error.WriteLine(ee); } buf = new Buffer(); packet = new Packet(buf); try { Type c = Type.GetType(session.getConfig("dh")); dh = (DH)(c.newInstance()); dh.init(); } catch (Exception ee) { //Console.Error.WriteLine(e); throw ee; } dh.setP(p); dh.setG(g); // The client responds with: // byte SSH_MSG_KEXDH_INIT(30) // mpint e <- g^x mod p // x is a random number (1 < x < (p-1)/2) e = dh.getE(); packet.reset(); buf.putByte((byte)SSH_MSG_KEXDH_INIT); buf.putMPInt(e); session.write(packet); if (JSch.getLogger().isEnabled(Logger.INFO)) { JSch.getLogger().log(Logger.INFO, "SSH_MSG_KEXDH_INIT sent"); JSch.getLogger().log(Logger.INFO, "expecting SSH_MSG_KEXDH_REPLY"); } state = SSH_MSG_KEXDH_REPLY; }
public override bool start(Session session) { base.start(session); // send // byte SSH_MSG_SERVICE_REQUEST(5) // string service name "ssh-userauth" packet.reset(); buf.putByte((byte)Session.SSH_MSG_SERVICE_REQUEST); buf.putString("ssh-userauth".getBytes()); session.write(packet); if (JSch.getLogger().isEnabled(Logger.INFO)) { JSch.getLogger().log(Logger.INFO, "SSH_MSG_SERVICE_REQUEST sent"); } // receive // byte SSH_MSG_SERVICE_ACCEPT(6) // string service name buf = session.Read(buf); int command = buf.getCommand(); bool result = (command == SSH_MSG_SERVICE_ACCEPT); if (JSch.getLogger().isEnabled(Logger.INFO)) { JSch.getLogger().log(Logger.INFO, "SSH_MSG_SERVICE_ACCEPT received"); } if (!result) return false; byte[] _username = null; _username = Util.str2byte(username); // send // byte SSH_MSG_USERAUTH_REQUEST(50) // string user name // string service name ("ssh-connection") // string "none" packet.reset(); buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST); buf.putString(_username); buf.putString("ssh-connection".getBytes()); buf.putString("none".getBytes()); session.write(packet); while (true) { buf = session.Read(buf); command = buf.getCommand() & 0xff; if (command == SSH_MSG_USERAUTH_SUCCESS) { return true; } if (command == SSH_MSG_USERAUTH_BANNER) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] _message = buf.getString(); byte[] lang = buf.getString(); string message = null; //try //{ message = Encoding.UTF8.GetString(_message); //} //catch (DecoderFallbackException e) //{ // message = Encoding.UTF8.GetString(_message); //} if (userinfo != null) { //try //{ userinfo.showMessage(message); //} //catch (RuntimeException ee) //{ //} } goto loop; } if (command == SSH_MSG_USERAUTH_FAILURE) { buf.getInt(); buf.getByte(); buf.getByte(); byte[] foo = buf.getString(); int partial_success = buf.getByte(); methods = Encoding.UTF8.GetString(foo); //Console.Error.WriteLine("UserAuthNONE: "+methods+ // " partial_success:"+(partial_success!=0)); // if(partial_success!=0){ // throw new JSchPartialAuthException(Encoding.UTF8.GetString(foo)); // } break; } else { // Console.Error.WriteLine("USERAUTH fail ("+command+")"); throw new JSchException("USERAUTH fail (" + command + ")"); } loop: new object(); } //throw new JSchException("USERAUTH fail"); return false; }