protected void ProcessMsgGlobalRequest(SshStreamReader msgReader) { if (_isDisposed) { throw new ObjectDisposedException(this.GetType().FullName); } // Read request information. string requestName = msgReader.ReadString(); bool wantReply = msgReader.ReadBoolean(); switch (requestName) { case "tcpip-forward": throw new NotImplementedException(); //if (wantReply) SendMsgRequestSuccess(null); //return; default: // Unrecognised request type. break; } // Request has failed. if (wantReply) { SendMsgRequestFailure(); } }
protected void ProcessMsgChannelRequest(SshStreamReader msgReader) { if (_isDisposed) { throw new ObjectDisposedException(this.GetType().FullName); } // Read channel number and get channel object. uint channelNum = msgReader.ReadUInt32(); SshChannel channel; try { channel = _channels.SingleOrDefault(item => item.ServerChannel == channelNum); } catch (InvalidOperationException) { return; } string requestType = msgReader.ReadString(); bool wantReply = msgReader.ReadBoolean(); // Let channel process request. channel.ProcessRequest(requestType, wantReply, msgReader); }
protected void ProcessMsgUserAuthRequestPublicKey(SshStreamReader msgReader) { if (_isDisposed) throw new ObjectDisposedException(this.GetType().FullName); // Raise event to specify requested auth method. if (AuthenticationMethodRequested != null) AuthenticationMethodRequested(this, new AuthMethodRequestedEventArgs(AuthenticationMethod.PublicKey)); // Read request information. bool isAuthRequest = msgReader.ReadBoolean(); string keyAlgName = msgReader.ReadString(); byte[] keyAndCertsData = msgReader.ReadByteString(); // Try to find public key algorithm. PublicKeyAlgorithm keyAlg = null; try { keyAlg = (PublicKeyAlgorithm)_client.PublicKeyAlgorithms.Single(item => item.Name == keyAlgName).Clone(); } catch (InvalidOperationException) { // Public key algorithm is not supported. SendMsgUserAuthFailure(false); } // Load key and certificats data for algorithm. keyAlg.LoadKeyAndCertificatesData(keyAndCertsData); // Check if request is actual auth request or query of whether specified public key is // acceptable. if (isAuthRequest) { // Read client signature. var signatureData = msgReader.ReadByteString(); var signature = keyAlg.GetSignature(signatureData); // Verify signature. var payloadData = ((MemoryStream)msgReader.BaseStream).ToArray(); if (VerifyPublicKeySignature(keyAlg, payloadData, 0, payloadData.Length - signatureData.Length - 4, signature)) { // Raise event to get result of auth attempt. var authUserEventArgs = new AuthUserPublicKeyEventArgs(_lastUserName, keyAlg.ExportPublicKey()); AuthenticateUserPublicKey(this, authUserEventArgs); // Check result of auth attempt. switch (authUserEventArgs.Result) { case AuthenticationResult.Success: // Auth has succeeded. AuthenticateUser(_lastServiceName); break; case AuthenticationResult.FurtherAuthRequired: // Auth has succeeded, but further auth is required. SendMsgUserAuthFailure(true); break; case AuthenticationResult.Failure: // Auth has failed. SendMsgUserAuthFailure(false); break; } } else { // Signature is invalid. SendMsgUserAuthFailure(false); } } else { // Public key is acceptable. SendMsgUserAuthPkOk(keyAlgName, keyAndCertsData); } }
protected void ProcessMsgUserAuthRequestPassword(SshStreamReader msgReader) { if (_isDisposed) throw new ObjectDisposedException(this.GetType().FullName); // Raise event to specify requested auth method. if (AuthenticationMethodRequested != null) AuthenticationMethodRequested(this, new AuthMethodRequestedEventArgs(AuthenticationMethod.Password)); // Check whether client is changing password. bool changingPassword = msgReader.ReadBoolean(); if (changingPassword) { // Read old and new passwords (in plaintext). string oldPassword = Encoding.UTF8.GetString(msgReader.ReadByteString()); string newPassword = Encoding.UTF8.GetString(msgReader.ReadByteString()); // Raise event to get result of password change request. var changePasswordEventArgs = new ChangePasswordEventArgs(oldPassword, newPassword); if (ChangePassword != null) ChangePassword(this, changePasswordEventArgs); // Check result of password change request. switch (changePasswordEventArgs.Result) { case PasswordChangeResult.Success: // Password change and auth have succeeded. AuthenticateUser(_lastServiceName); break; case PasswordChangeResult.FurtherAuthRequired: // Password change has succeeded, but further auth is required. SendMsgUserAuthFailure(true); break; case PasswordChangeResult.Failure: // Password change has failed. SendMsgUserAuthFailure(false); break; case PasswordChangeResult.NewPasswordUnacceptable: // Password was not changed. SendMsgUserAuthPasswdChangeReq(changePasswordEventArgs.ReplyPrompt, ""); break; } } else { // Read password (in plaintext). string password = Encoding.UTF8.GetString(msgReader.ReadByteString()); // Raise event to get result of auth attempt. var authUserEventArgs = new AuthUserPasswordEventArgs(_lastUserName, password); if (AuthenticateUserPassword != null) AuthenticateUserPassword(this, authUserEventArgs); // Check result of auth attempt. switch (authUserEventArgs.Result) { case AuthenticationResult.Success: // Auth has succeeded. AuthenticateUser(_lastServiceName); break; case AuthenticationResult.FurtherAuthRequired: // Auth has succeeded, but further auth is required. SendMsgUserAuthFailure(true); break; case AuthenticationResult.Failure: // Increment number of failed auth attempts. _failedAuthAttempts++; if (_failedAuthAttempts < this.MaximumAuthAttempts) { // Auth has failed, but allow client to reattempt auth. SendMsgUserAuthFailure(false); } else { // Auth has failed too many times, disconnect. _client.Disconnect(false); throw new DisconnectedException(); } break; case AuthenticationResult.PasswordExpired: // Password change is required. SendMsgUserAuthPasswdChangeReq("The specified password has expired.", ""); break; } } }
protected void ProcessMsgGlobalRequest(SshStreamReader msgReader) { if (_isDisposed) throw new ObjectDisposedException(this.GetType().FullName); // Read request information. string requestName = msgReader.ReadString(); bool wantReply = msgReader.ReadBoolean(); switch (requestName) { case "tcpip-forward": throw new NotImplementedException(); //if (wantReply) SendMsgRequestSuccess(null); //return; default: // Unrecognised request type. break; } // Request has failed. if (wantReply) SendMsgRequestFailure(); }
protected void ProcessMsgChannelRequest(SshStreamReader msgReader) { if (_isDisposed) throw new ObjectDisposedException(this.GetType().FullName); // Read channel number and get channel object. uint channelNum = msgReader.ReadUInt32(); SshChannel channel; try { channel = _channels.SingleOrDefault(item => item.ServerChannel == channelNum); } catch (InvalidOperationException) { return; } string requestType = msgReader.ReadString(); bool wantReply = msgReader.ReadBoolean(); // Let channel process request. channel.ProcessRequest(requestType, wantReply, msgReader); }
protected void ProcessMsgUserAuthRequestPassword(SshStreamReader msgReader) { if (_isDisposed) { throw new ObjectDisposedException(this.GetType().FullName); } // Raise event to specify requested auth method. if (AuthenticationMethodRequested != null) { AuthenticationMethodRequested(this, new AuthMethodRequestedEventArgs(AuthenticationMethod.Password)); } // Check whether client is changing password. bool changingPassword = msgReader.ReadBoolean(); if (changingPassword) { // Read old and new passwords (in plaintext). string oldPassword = Encoding.UTF8.GetString(msgReader.ReadByteString()); string newPassword = Encoding.UTF8.GetString(msgReader.ReadByteString()); // Raise event to get result of password change request. var changePasswordEventArgs = new ChangePasswordEventArgs(oldPassword, newPassword); if (ChangePassword != null) { ChangePassword(this, changePasswordEventArgs); } // Check result of password change request. switch (changePasswordEventArgs.Result) { case PasswordChangeResult.Success: // Password change and auth have succeeded. AuthenticateUser(_lastServiceName); break; case PasswordChangeResult.FurtherAuthRequired: // Password change has succeeded, but further auth is required. SendMsgUserAuthFailure(true); break; case PasswordChangeResult.Failure: // Password change has failed. SendMsgUserAuthFailure(false); break; case PasswordChangeResult.NewPasswordUnacceptable: // Password was not changed. SendMsgUserAuthPasswdChangeReq(changePasswordEventArgs.ReplyPrompt, ""); break; } } else { // Read password (in plaintext). string password = Encoding.UTF8.GetString(msgReader.ReadByteString()); // Raise event to get result of auth attempt. var authUserEventArgs = new AuthUserPasswordEventArgs(_lastUserName, password); if (AuthenticateUserPassword != null) { AuthenticateUserPassword(this, authUserEventArgs); } // Check result of auth attempt. switch (authUserEventArgs.Result) { case AuthenticationResult.Success: // Auth has succeeded. AuthenticateUser(_lastServiceName); break; case AuthenticationResult.FurtherAuthRequired: // Auth has succeeded, but further auth is required. SendMsgUserAuthFailure(true); break; case AuthenticationResult.Failure: // Increment number of failed auth attempts. _failedAuthAttempts++; if (_failedAuthAttempts < this.MaximumAuthAttempts) { // Auth has failed, but allow client to reattempt auth. SendMsgUserAuthFailure(false); } else { // Auth has failed too many times, disconnect. _client.Disconnect(false); throw new DisconnectedException(); } break; case AuthenticationResult.PasswordExpired: // Password change is required. SendMsgUserAuthPasswdChangeReq("The specified password has expired.", ""); break; } } }
protected void ProcessMsgUserAuthRequestPublicKey(SshStreamReader msgReader) { if (_isDisposed) { throw new ObjectDisposedException(this.GetType().FullName); } // Raise event to specify requested auth method. if (AuthenticationMethodRequested != null) { AuthenticationMethodRequested(this, new AuthMethodRequestedEventArgs(AuthenticationMethod.PublicKey)); } // Read request information. bool isAuthRequest = msgReader.ReadBoolean(); string keyAlgName = msgReader.ReadString(); byte[] keyAndCertsData = msgReader.ReadByteString(); // Try to find public key algorithm. PublicKeyAlgorithm keyAlg = null; try { keyAlg = (PublicKeyAlgorithm)_client.PublicKeyAlgorithms.Single(item => item.Name == keyAlgName).Clone(); } catch (InvalidOperationException) { // Public key algorithm is not supported. SendMsgUserAuthFailure(false); } // Load key and certificats data for algorithm. keyAlg.LoadKeyAndCertificatesData(keyAndCertsData); // Check if request is actual auth request or query of whether specified public key is // acceptable. if (isAuthRequest) { // Read client signature. var signatureData = msgReader.ReadByteString(); var signature = keyAlg.GetSignature(signatureData); // Verify signature. var payloadData = ((MemoryStream)msgReader.BaseStream).ToArray(); if (VerifyPublicKeySignature(keyAlg, payloadData, 0, payloadData.Length - signatureData.Length - 4, signature)) { // Raise event to get result of auth attempt. var authUserEventArgs = new AuthUserPublicKeyEventArgs(_lastUserName, keyAlg.ExportPublicKey()); AuthenticateUserPublicKey(this, authUserEventArgs); // Check result of auth attempt. switch (authUserEventArgs.Result) { case AuthenticationResult.Success: // Auth has succeeded. AuthenticateUser(_lastServiceName); break; case AuthenticationResult.FurtherAuthRequired: // Auth has succeeded, but further auth is required. SendMsgUserAuthFailure(true); break; case AuthenticationResult.Failure: // Auth has failed. SendMsgUserAuthFailure(false); break; } } else { // Signature is invalid. SendMsgUserAuthFailure(false); } } else { // Public key is acceptable. SendMsgUserAuthPkOk(keyAlgName, keyAndCertsData); } }