public override bool start(Session session)
{
base.start(session);
byte[] _username = Util.str2byte(username);
packet.reset();
// byte SSH_MSG_USERAUTH_REQUEST(50)
// string user name(in ISO-10646 UTF-8 encoding)
// string service name(in US-ASCII)
// string "gssapi"(US-ASCII)
// uint32 n, the number of OIDs client supports
// string[n] mechanism OIDS
buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
buf.putString(_username);
buf.putString("ssh-connection".getBytes());
buf.putString("gssapi-with-mic".getBytes());
buf.putInt(supported_oid.Length);
for (int i = 0; i < supported_oid.Length; i++)
{
buf.putString(supported_oid.getRow(i));
}
session.write(packet);
string method = null;
int command;
while (true)
{
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
if (command == SSH_MSG_USERAUTH_FAILURE)
{
return false;
}
if (command == SSH_MSG_USERAUTH_GSSAPI_RESPONSE)
{
buf.getInt(); buf.getByte(); buf.getByte();
byte[] message = buf.getString();
for (int i = 0; i < supported_oid.Length; i++)
{
if (Util.array_equals(message, supported_oid.getRow(i)))
{
method = supported_method[i];
break;
}
}
if (method == null)
{
return false;
}
break; // success
}
if (command == SSH_MSG_USERAUTH_BANNER)
{
buf.getInt(); buf.getByte(); buf.getByte();
byte[] _message = buf.getString();
byte[] lang = buf.getString();
string message = Util.byte2str(_message);
if (userinfo != null)
{
userinfo.showMessage(message);
}
continue;
}
return false;
}
GSSContext context = null;
try
{
Type c = Type.GetType(session.getConfig(method));
context = (GSSContext)(c.newInstance());
}
catch //(Exception e)
{
return false;
}
try
{
context.create(username, session.host);
}
catch (JSchException )
{
return false;
}
byte[] token = new byte[0];
while (!context.isEstablished())
{
try
{
token = context.init(token, 0, token.Length);
}
catch (JSchException )
{
// TODO
// ERRTOK should be sent?
// byte SSH_MSG_USERAUTH_GSSAPI_ERRTOK
// string error token
return false;
}
if (token != null)
{
packet.reset();
buf.putByte((byte)SSH_MSG_USERAUTH_GSSAPI_TOKEN);
buf.putString(token);
session.write(packet);
}
if (!context.isEstablished())
{
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
if (command == SSH_MSG_USERAUTH_GSSAPI_ERROR)
{
// uint32 major_status
// uint32 minor_status
// string message
// string language tag
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
//return false;
}
else if (command == SSH_MSG_USERAUTH_GSSAPI_ERRTOK)
{
// string error token
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
//return false;
}
if (command == SSH_MSG_USERAUTH_FAILURE)
{
return false;
}
buf.getInt(); buf.getByte(); buf.getByte();
token = buf.getString();
}
}
Buffer mbuf = new Buffer();
// string session identifier
// byte SSH_MSG_USERAUTH_REQUEST
// string user name
// string service
// string "gssapi-with-mic"
mbuf.putString(session.getSessionId());
mbuf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
mbuf.putString(_username);
mbuf.putString("ssh-connection".getBytes());
mbuf.putString("gssapi-with-mic".getBytes());
byte[] mic = context.getMIC(mbuf.buffer, 0, mbuf.getLength());
if (mic == null)
{
return false;
}
packet.reset();
buf.putByte((byte)SSH_MSG_USERAUTH_GSSAPI_MIC);
buf.putString(mic);
session.write(packet);
context.dispose();
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
if (command == SSH_MSG_USERAUTH_SUCCESS)
{
return true;
}
else if (command == SSH_MSG_USERAUTH_FAILURE)
{
buf.getInt(); buf.getByte(); buf.getByte();
byte[] foo = buf.getString();
int partial_success = buf.getByte();
//Console.Error.WriteLine(Encoding.UTF8.GetString(foo)+
// " partial_success:"+(partial_success!=0));
if (partial_success != 0)
{
throw new JSchPartialAuthException(Encoding.UTF8.GetString(foo));
}
}
return false;
}
public override bool start(Session session)
{
base.start(session);
List<Identity> identities = session.jsch.identities;
byte[] passphrase = null;
byte[] _username = null;
int command;
lock (identities)
{
if (identities.Count <= 0)
{
return false;
}
_username = Util.str2byte(username);
for (int i = 0; i < identities.Count; i++)
{
Identity identity = identities[i];
byte[] pubkeyblob = identity.getPublicKeyBlob();
//Console.Error.WriteLine("UserAuthPublicKey: "+identity+" "+pubkeyblob);
if (pubkeyblob != null)
{
// send
// byte SSH_MSG_USERAUTH_REQUEST(50)
// string user name
// string service name ("ssh-connection")
// string "publickey"
// boolen FALSE
// string plaintext password (ISO-10646 UTF-8)
packet.reset();
buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
buf.putString(_username);
buf.putString("ssh-connection".getBytes());
buf.putString("publickey".getBytes());
buf.putByte((byte)0);
buf.putString(identity.getAlgName().getBytes());
buf.putString(pubkeyblob);
session.write(packet);
while (true)
{
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
if (command == SSH_MSG_USERAUTH_PK_OK)
{
break;
}
else if (command == SSH_MSG_USERAUTH_FAILURE)
{
break;
}
else if (command == SSH_MSG_USERAUTH_BANNER)
{
buf.getInt(); buf.getByte(); buf.getByte();
byte[] _message = buf.getString();
byte[] lang = buf.getString();
string message = null;
//try { message = Encoding.UTF8.GetString(_message); }
//catch (.io.UnsupportedEncodingException e)
//{
message = Encoding.UTF8.GetString(_message);
//}
if (userinfo != null)
{
userinfo.showMessage(message);
}
goto loop1;
}
else
{
//Console.Error.WriteLine("USERAUTH fail ("+command+")");
//throw new JSchException("USERAUTH fail ("+command+")");
break;
}
loop1:
new object();
}
if (command != SSH_MSG_USERAUTH_PK_OK)
{
continue;
}
}
//Console.Error.WriteLine("UserAuthPublicKey: identity.isEncrypted()="+identity.isEncrypted());
int count = 5;
while (true)
{
if ((identity.isEncrypted() && passphrase == null))
{
if (userinfo == null) throw new JSchException("USERAUTH fail");
if (identity.isEncrypted() &&
!userinfo.promptPassphrase("Passphrase for " + identity.getName()))
{
throw new JSchAuthCancelException("publickey");
//throw new JSchException("USERAUTH cancel");
//break;
}
string _passphrase = userinfo.getPassphrase();
if (_passphrase != null)
{
passphrase = Util.str2byte(_passphrase);
}
}
if (!identity.isEncrypted() || passphrase != null)
{
if (identity.setPassphrase(passphrase))
break;
}
Util.bzero(passphrase);
passphrase = null;
count--;
if (count == 0) break;
}
Util.bzero(passphrase);
passphrase = null;
//Console.Error.WriteLine("UserAuthPublicKey: identity.isEncrypted()="+identity.isEncrypted());
if (identity.isEncrypted()) continue;
if (pubkeyblob == null) pubkeyblob = identity.getPublicKeyBlob();
//Console.Error.WriteLine("UserAuthPublicKey: pubkeyblob="+pubkeyblob);
if (pubkeyblob == null) continue;
// send
// byte SSH_MSG_USERAUTH_REQUEST(50)
// string user name
// string service name ("ssh-connection")
// string "publickey"
// boolen TRUE
// string plaintext password (ISO-10646 UTF-8)
packet.reset();
buf.putByte((byte)SSH_MSG_USERAUTH_REQUEST);
buf.putString(_username);
buf.putString("ssh-connection".getBytes());
buf.putString("publickey".getBytes());
buf.putByte((byte)1);
buf.putString(identity.getAlgName().getBytes());
buf.putString(pubkeyblob);
// byte[] tmp=new byte[buf.index-5];
// Array.Copy(buf.buffer, 5, tmp, 0, tmp.Length);
// buf.putString(signature);
byte[] sid = session.getSessionId();
int sidlen = sid.Length;
byte[] tmp = new byte[4 + sidlen + buf.index - 5];
tmp[0] = (byte)(((uint)sidlen) >> 24);
tmp[1] = (byte)(((uint)sidlen) >> 16);
tmp[2] = (byte)(((uint)sidlen) >> 8);
tmp[3] = (byte)(sidlen);
Array.Copy(sid, 0, tmp, 4, sidlen);
Array.Copy(buf.buffer, 5, tmp, 4 + sidlen, buf.index - 5);
byte[] signature = identity.getSignature(tmp);
if (signature == null)
{ // for example, too long key length.
break;
}
buf.putString(signature);
session.write(packet);
while (true)
{
buf = session.Read(buf);
command = buf.getCommand() & 0xff;
if (command == SSH_MSG_USERAUTH_SUCCESS)
{
return true;
}
else if (command == SSH_MSG_USERAUTH_BANNER)
{
buf.getInt(); buf.getByte(); buf.getByte();
byte[] _message = buf.getString();
byte[] lang = buf.getString();
string message = null;
try { message = Encoding.UTF8.GetString(_message); }
catch //(Exception e)
{
message = Encoding.UTF8.GetString(_message);
}
if (userinfo != null)
{
userinfo.showMessage(message);
}
goto loop2;
}
else if (command == SSH_MSG_USERAUTH_FAILURE)
{
buf.getInt(); buf.getByte(); buf.getByte();
byte[] foo = buf.getString();
int partial_success = buf.getByte();
//Console.Error.WriteLine(Encoding.UTF8.GetString(foo)+
// " partial_success:"+(partial_success!=0));
if (partial_success != 0)
{
throw new JSchPartialAuthException(Encoding.UTF8.GetString(foo));
}
break;
}
//Console.Error.WriteLine("USERAUTH fail ("+command+")");
//throw new JSchException("USERAUTH fail ("+command+")");
break;
loop2:
new object();
}
}
}
return false;
}