private void checkHost(string host, KeyExchange kex)
{
string shkc = getConfig("StrictHostKeyChecking");
byte[] K_S = kex.getHostKey();
string key_type = kex.getKeyType();
string key_fprint = kex.getFingerPrint();
m_hostkey = new HostKey(host, K_S);
HostKeyRepository hkr = m_jsch.getHostKeyRepository();
int i = 0;
lock (hkr)
{
i = hkr.check(host, K_S);
}
bool insert = false;
if ((shkc.Equals("ask") || shkc.Equals("yes")) && i == HostKeyRepository.CHANGED)
{
string file = null;
lock (hkr)
{
file = hkr.getKnownHostsRepositoryID();
}
if (file == null)
file = "known_hosts";
string message =
"WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!\n" +
"IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!\n" +
"Someone could be eavesdropping on you right now (man-in-the-middle attack)!\n" +
"It is also possible that the " + key_type + " host key has just been changed.\n" +
"The fingerprint for the " + key_type + " key sent by the remote host is\n" +
key_fprint + ".\n" +
"Please contact your system administrator.\n" +
"Add correct host key in " + file + " to get rid of this message.";
bool b = false;
if (m_userinfo != null)
b = m_userinfo.promptYesNo(message + "\nDo you want to delete the old key and insert the new key?");
//throw new JSchException("HostKey has been changed: "+host);
if (!b)
throw new JSchException("HostKey has been changed: " + host);
else
lock (hkr)
{
hkr.remove(host,
(key_type.Equals("DSA") ? "ssh-dss" : "ssh-rsa"),
null);
insert = true;
}
}
if ((shkc.Equals("ask") || shkc.Equals("yes")) && (i != HostKeyRepository.OK) && !insert)
{
if (shkc.Equals("yes"))
throw new JSchException("reject HostKey: " + host);
if (m_userinfo != null)
{
bool foo = m_userinfo.promptYesNo(
"The authenticity of host '" + host + "' can't be established.\n" +
key_type + " key fingerprint is " + key_fprint + ".\n" +
"Are you sure you want to continue connecting?"
);
if (!foo)
throw new JSchException("reject HostKey: " + host);
insert = true;
}
else
{
if (i == HostKeyRepository.NOT_INCLUDED)
throw new JSchException("UnknownHostKey: " + host + ". " + key_type + " key fingerprint is " + key_fprint);
else throw new JSchException("HostKey has been changed: " + host);
}
}
if (shkc.Equals("no") && HostKeyRepository.NOT_INCLUDED == i)
insert = true;
if (insert)
lock (hkr)
{
hkr.add(host, K_S, m_userinfo);
}
}
public override void add(string host, byte[] key, UserInfo userinfo)
{
HostKey hk;
HostKey.HostKeyTypes type = getType(key);
for (int i = 0; i < m_pool.Count; i++)
{
hk = m_pool[i];
if (isIncluded(hk.m_host, host) && hk.m_type == type)
{
/*
if(Util.array_equals(hk.key, key)){ return; }
if(hk.host.equals(host)){
hk.key=key;
return;
}
else{
hk.host=deleteSubString(hk.host, host);
break;
}
*/
}
}
hk = new HostKey(host, type, key);
m_pool.Add(hk);
string bar = getKnownHostsRepositoryID();
if (userinfo != null &&
bar != null)
{
bool foo = true;
FileInfo goo = new FileInfo(bar);
if (!goo.Exists)
{
foo = false;
if (userinfo != null)
{
foo = userinfo.promptYesNo(
bar + " does not exist.\n" +
"Are you sure you want to create it?"
);
DirectoryInfo dir = goo.Directory;
if (foo && dir != null && !dir.Exists)
{
foo = userinfo.promptYesNo(
"The parent directory " + dir.Name + " does not exist.\n" +
"Are you sure you want to create it?"
);
if (foo)
{
try
{
dir.Create(); userinfo.showMessage(dir.Name + " has been succesfully created.\nPlease check its access permission.");
}
catch
{
userinfo.showMessage(dir.Name + " has not been created.");
foo = false;
}
}
}
if (goo == null) foo = false;
}
}
if (foo)
{
try
{
sync(bar);
}
catch (Exception e)
{
Console.WriteLine("sync known_hosts: " + e);
}
}
}
}
internal void setKnownHosts(StreamReader stream)
{
m_pool.Clear();
StringBuilder sb = new StringBuilder();
byte i;
int j;
bool error = false;
try
{
StreamReader fis = stream;
string host;
string key = null;
HostKey.HostKeyTypes type;
byte[] buf = new byte[1024];
int bufl = 0;
loop:
while (true)
{
bufl = 0;
while (true)
{
j = fis.Read();
if (j == -1) goto break_loop;
if (j == 0x0d) continue;
if (j == 0x0a) break;
buf[bufl++] = (byte)j;
}
j = 0;
while (j < bufl)
{
i = buf[j];
if (i == ' ' || i == '\t')
{
j++;
continue;
}
if (i == '#')
{
addInvalidLine(System.Text.Encoding.Default.GetString(buf, 0, bufl));
goto loop;
}
break;
}
if (j >= bufl)
{
addInvalidLine(System.Text.Encoding.Default.GetString(buf, 0, bufl));
goto loop;
}
sb.Length = 0;
while (j < bufl)
{
i = buf[j++];
if (i == 0x20 || i == '\t') break;
sb.Append((char)i);
}
host = sb.ToString();
if (j >= bufl || host.Length == 0)
{
addInvalidLine(System.Text.Encoding.Default.GetString(buf, 0, bufl));
goto loop;
}
sb.Length = 0;
type = HostKey.HostKeyTypes.UNKNOWN;
while (j < bufl)
{
i = buf[j++];
if (i == 0x20 || i == '\t')
break;
sb.Append((char)i);
}
if (sb.ToString().Equals("ssh-dss"))
type = HostKey.HostKeyTypes.SSHDSS;
else if (sb.ToString().Equals("ssh-rsa"))
type = HostKey.HostKeyTypes.SSHRSA;
else
j = bufl;
if (j >= bufl)
{
addInvalidLine(Util.getString(buf, 0, bufl));
goto loop;
}
sb.Length = 0;
while (j < bufl)
{
i = buf[j++];
if (i == '\r')
continue;
if (i == '\n')
break;
sb.Append((char)i);
}
key = sb.ToString();
if (key.Length == 0)
{
addInvalidLine(Util.getString(buf, 0, bufl));
goto loop;
}
HostKey hk = new HostKey(host, type,
Util.fromBase64(Util.getBytes(key), 0,
key.Length));
m_pool.Add(hk);
}
break_loop:
fis.Close();
if (error)
throw new JSchException("KnownHosts: invalid format");
}
catch (Exception e)
{
if (e is JSchException)
throw (JSchException)e;
throw new JSchException(e.ToString());
}
}
private void addInvalidLine(string line)
{
HostKey hk = new HostKey(line, HostKey.HostKeyTypes.UNKNOWN, null);
m_pool.Add(hk);
}
public override HostKey[] getHostKey(string host, string type)
{
lock (m_pool)
{
int count = 0;
for (int i = 0; i < m_pool.Count; i++)
{
HostKey hk = m_pool[i];
if (hk.m_type == HostKey.HostKeyTypes.UNKNOWN)
continue;
if (host == null ||
(isIncluded(hk.m_host, host) &&
(type == null || hk.getType().Equals(type)))
)
{
count++;
}
}
if (count == 0) return null;
HostKey[] foo = new HostKey[count];
int j = 0;
for (int i = 0; i < m_pool.Count; i++)
{
HostKey hk = m_pool[i];
if (hk.m_type == HostKey.HostKeyTypes.UNKNOWN) continue;
if (host == null ||
(isIncluded(hk.m_host, host) &&
(type == null || hk.getType().Equals(type))))
{
foo[j++] = hk;
}
}
return foo;
}
}