def sendPacket(self, messageType, payload):
payload = chr(messageType) + payload
if self.outgoingCompression:
payload = self.outgoingCompression.compress(
payload) + self.outgoingCompression.flush(2)
if self.currentEncryptions:
bs = self.currentEncryptions.enc_block_size
else:
bs = 8
totalSize = 5 + len(payload)
lenPad = bs - (totalSize % bs)
if lenPad < 4:
lenPad = lenPad + bs
packet = struct.pack('!LB', totalSize+lenPad-4, lenPad)+ \
payload+entropy.get_bytes(lenPad)
assert len(packet) % bs == 0, '%s extra bytes in packet' % (
len(packet) % bs)
if self.currentEncryptions:
encPacket = self.currentEncryptions.encrypt(
packet) + self.currentEncryptions.makeMAC(
self.outgoingPacketSequence, packet)
else:
encPacket = packet
self.transport.write(encPacket)
self.outgoingPacketSequence += 1
def sendKexInit(self):
self.ourKexInitPayload = chr(MSG_KEXINIT)+entropy.get_bytes(16)+ \
NS(','.join(self.supportedKeyExchanges))+ \
NS(','.join(self.supportedPublicKeys))+ \
NS(','.join(self.supportedCiphers))+ \
NS(','.join(self.supportedCiphers))+ \
NS(','.join(self.supportedMACs))+ \
NS(','.join(self.supportedMACs))+ \
NS(','.join(self.supportedCompressions))+ \
NS(','.join(self.supportedCompressions))+ \
NS(','.join(self.supportedLanguages))+ \
NS(','.join(self.supportedLanguages))+ \
'\000'+'\000\000\000\000'
self.sendPacket(MSG_KEXINIT, self.ourKexInitPayload[1:])
def sendKexInit(self):
self.ourKexInitPayload = chr(MSG_KEXINIT)+entropy.get_bytes(16)+ \
NS(','.join(self.supportedKeyExchanges))+ \
NS(','.join(self.supportedPublicKeys))+ \
NS(','.join(self.supportedCiphers))+ \
NS(','.join(self.supportedCiphers))+ \
NS(','.join(self.supportedMACs))+ \
NS(','.join(self.supportedMACs))+ \
NS(','.join(self.supportedCompressions))+ \
NS(','.join(self.supportedCompressions))+ \
NS(','.join(self.supportedLanguages))+ \
NS(','.join(self.supportedLanguages))+ \
'\000'+'\000\000\000\000'
self.sendPacket(MSG_KEXINIT, self.ourKexInitPayload[1:])
def ssh_KEX_DH_GEX_GROUP(self, packet):
if self.kexAlg == 'diffie-hellman-group1-sha1':
pubKey, packet = getNS(packet)
f, packet = getMP(packet)
signature, packet = getNS(packet)
fingerprint = ':'.join(map(lambda c: '%02x'%ord(c), md5.new(pubKey).digest()))
d = self.verifyHostKey(pubKey, fingerprint)
d.addCallback(self._continueGEX_GROUP, pubKey, f, signature)
d.addErrback(lambda unused,self=self:self.sendDisconnect(DISCONNECT_HOST_KEY_NOT_VERIFIABLE, 'bad host key'))
else:
self.p, rest = getMP(packet)
self.g, rest = getMP(rest)
self.x = getMP('\x00\x00\x00\x40'+entropy.get_bytes(64))[0]
self.DHpubKey = pow(self.g, self.x, self.p)
self.sendPacket(MSG_KEX_DH_GEX_INIT, MP(self.DHpubKey))
def ssh_KEX_DH_GEX_GROUP(self, packet):
if self.kexAlg == 'diffie-hellman-group1-sha1':
pubKey, packet = getNS(packet)
f, packet = getMP(packet)
signature, packet = getNS(packet)
fingerprint = ':'.join(map(lambda c: '%02x'%ord(c), md5.new(pubKey).digest()))
d = self.verifyHostKey(pubKey, fingerprint)
d.addCallback(self._continueGEX_GROUP, pubKey, f, signature)
d.addErrback(lambda unused,self=self:self.sendDisconnect(DISCONNECT_HOST_KEY_NOT_VERIFIABLE, 'bad host key'))
else:
self.p, rest = getMP(packet)
self.g, rest = getMP(rest)
self.x = getMP('\x00\x00\x00\x40'+entropy.get_bytes(64))[0]
self.DHpubKey = pow(self.g, self.x, self.p)
self.sendPacket(MSG_KEX_DH_GEX_INIT, MP(self.DHpubKey))
def sendPacket(self, messageType, payload):
payload = chr(messageType)+payload
if self.outgoingCompression:
payload = self.outgoingCompression.compress(payload) + self.outgoingCompression.flush(2)
if self.currentEncryptions:
bs = self.currentEncryptions.enc_block_size
else:
bs = 8
totalSize = 5+len(payload)
lenPad = bs-(totalSize%bs)
if lenPad < 4:
lenPad = lenPad+bs
packet = struct.pack('!LB', totalSize+lenPad-4, lenPad)+ \
payload+entropy.get_bytes(lenPad)
assert len(packet)%bs == 0, '%s extra bytes in packet'%(len(packet)%bs)
if self.currentEncryptions:
encPacket = self.currentEncryptions.encrypt(packet) + self.currentEncryptions.makeMAC(self.outgoingPacketSequence, packet)
else:
encPacket = packet
self.transport.write(encPacket)
self.outgoingPacketSequence+=1
