]>
Commit | Line | Data |
---|---|---|
0763e16d JW |
1 | /* -*-mode:java; c-basic-offset:2; indent-tabs-mode:nil -*- */ |
2 | /* | |
3 | Copyright (c) 2006-2010 ymnk, JCraft,Inc. All rights reserved. | |
4 | ||
5 | Redistribution and use in source and binary forms, with or without | |
6 | modification, are permitted provided that the following conditions are met: | |
7 | ||
8 | 1. Redistributions of source code must retain the above copyright notice, | |
9 | this list of conditions and the following disclaimer. | |
10 | ||
11 | 2. Redistributions in binary form must reproduce the above copyright | |
12 | notice, this list of conditions and the following disclaimer in | |
13 | the documentation and/or other materials provided with the distribution. | |
14 | ||
15 | 3. The names of the authors may not be used to endorse or promote products | |
16 | derived from this software without specific prior written permission. | |
17 | ||
18 | THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, | |
19 | INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND | |
20 | FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT, | |
21 | INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, | |
22 | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, | |
24 | OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF | |
25 | LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
26 | NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, | |
27 | EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
28 | */ | |
29 | ||
30 | package com.jcraft.jsch; | |
31 | ||
32 | import java.net.*; | |
33 | import java.util.Vector; | |
34 | ||
35 | class ChannelAgentForwarding extends Channel{ | |
36 | ||
37 | static private final int LOCAL_WINDOW_SIZE_MAX=0x20000; | |
38 | static private final int LOCAL_MAXIMUM_PACKET_SIZE=0x4000; | |
39 | ||
40 | private final int SSH2_AGENTC_REQUEST_IDENTITIES=11; | |
41 | private final int SSH2_AGENT_IDENTITIES_ANSWER=12; | |
42 | private final int SSH2_AGENTC_SIGN_REQUEST=13; | |
43 | private final int SSH2_AGENT_SIGN_RESPONSE=14; | |
44 | private final int SSH2_AGENTC_ADD_IDENTITY=17; | |
45 | private final int SSH2_AGENTC_REMOVE_IDENTITY=18; | |
46 | private final int SSH2_AGENTC_REMOVE_ALL_IDENTITIES=19; | |
47 | private final int SSH2_AGENT_FAILURE=30; | |
48 | ||
49 | boolean init=true; | |
50 | ||
51 | private Buffer rbuf=null; | |
52 | private Buffer wbuf=null; | |
53 | private Packet packet=null; | |
54 | private Buffer mbuf=null; | |
55 | ||
56 | ChannelAgentForwarding(){ | |
57 | super(); | |
58 | ||
59 | setLocalWindowSizeMax(LOCAL_WINDOW_SIZE_MAX); | |
60 | setLocalWindowSize(LOCAL_WINDOW_SIZE_MAX); | |
61 | setLocalPacketSize(LOCAL_MAXIMUM_PACKET_SIZE); | |
62 | ||
63 | type=Util.str2byte("auth-agent@openssh.com"); | |
64 | rbuf=new Buffer(); | |
65 | rbuf.reset(); | |
66 | //wbuf=new Buffer(rmpsize); | |
67 | //packet=new Packet(wbuf); | |
68 | mbuf=new Buffer(); | |
69 | connected=true; | |
70 | } | |
71 | ||
72 | public void run(){ | |
73 | try{ | |
74 | sendOpenConfirmation(); | |
75 | } | |
76 | catch(Exception e){ | |
77 | close=true; | |
78 | disconnect(); | |
79 | } | |
80 | } | |
81 | ||
82 | void write(byte[] foo, int s, int l) throws java.io.IOException { | |
83 | ||
84 | if(packet==null){ | |
85 | wbuf=new Buffer(rmpsize); | |
86 | packet=new Packet(wbuf); | |
87 | } | |
88 | ||
89 | rbuf.shift(); | |
90 | if(rbuf.buffer.length<rbuf.index+l){ | |
91 | byte[] newbuf=new byte[rbuf.s+l]; | |
92 | System.arraycopy(rbuf.buffer, 0, newbuf, 0, rbuf.buffer.length); | |
93 | rbuf.buffer=newbuf; | |
94 | } | |
95 | ||
96 | rbuf.putByte(foo, s, l); | |
97 | ||
98 | int mlen=rbuf.getInt(); | |
99 | if(mlen>rbuf.getLength()){ | |
100 | rbuf.s-=4; | |
101 | return; | |
102 | } | |
103 | ||
104 | int typ=rbuf.getByte(); | |
105 | ||
106 | Session _session=null; | |
107 | try{ | |
108 | _session=getSession(); | |
109 | } | |
110 | catch(JSchException e){ | |
111 | throw new java.io.IOException(e.toString()); | |
112 | } | |
113 | ||
114 | Vector identities=_session.jsch.identities; | |
115 | UserInfo userinfo=_session.getUserInfo(); | |
116 | ||
117 | if(typ==SSH2_AGENTC_REQUEST_IDENTITIES){ | |
118 | mbuf.reset(); | |
119 | mbuf.putByte((byte)SSH2_AGENT_IDENTITIES_ANSWER); | |
120 | synchronized(identities){ | |
121 | int count=0; | |
122 | for(int i=0; i<identities.size(); i++){ | |
123 | Identity identity=(Identity)(identities.elementAt(i)); | |
124 | if(identity.getPublicKeyBlob()!=null) | |
125 | count++; | |
126 | } | |
127 | mbuf.putInt(count); | |
128 | for(int i=0; i<identities.size(); i++){ | |
129 | Identity identity=(Identity)(identities.elementAt(i)); | |
130 | byte[] pubkeyblob=identity.getPublicKeyBlob(); | |
131 | if(pubkeyblob==null) | |
132 | continue; | |
133 | mbuf.putString(pubkeyblob); | |
134 | mbuf.putString(Util.empty); | |
135 | } | |
136 | } | |
137 | byte[] bar=new byte[mbuf.getLength()]; | |
138 | mbuf.getByte(bar); | |
139 | ||
140 | send(bar); | |
141 | } | |
142 | else if(typ==SSH2_AGENTC_SIGN_REQUEST){ | |
143 | byte[] blob=rbuf.getString(); | |
144 | byte[] data=rbuf.getString(); | |
145 | int flags=rbuf.getInt(); | |
146 | ||
147 | // if((flags & 1)!=0){ //SSH_AGENT_OLD_SIGNATURE // old OpenSSH 2.0, 2.1 | |
148 | // datafellows = SSH_BUG_SIGBLOB; | |
149 | // } | |
150 | ||
151 | Identity identity=null; | |
152 | synchronized(identities){ | |
153 | for(int i=0; i<identities.size(); i++){ | |
154 | Identity _identity=(Identity)(identities.elementAt(i)); | |
155 | if(_identity.getPublicKeyBlob()==null) | |
156 | continue; | |
157 | if(!Util.array_equals(blob, _identity.getPublicKeyBlob())){ | |
158 | continue; | |
159 | } | |
160 | if(_identity.isEncrypted()){ | |
161 | if(userinfo==null) | |
162 | continue; | |
163 | while(_identity.isEncrypted()){ | |
164 | if(!userinfo.promptPassphrase("Passphrase for "+_identity.getName())){ | |
165 | break; | |
166 | } | |
167 | ||
168 | String _passphrase=userinfo.getPassphrase(); | |
169 | if(_passphrase==null){ | |
170 | break; | |
171 | } | |
172 | ||
173 | byte[] passphrase=Util.str2byte(_passphrase); | |
174 | try{ | |
175 | if(_identity.setPassphrase(passphrase)){ | |
176 | break; | |
177 | } | |
178 | } | |
179 | catch(JSchException e){ | |
180 | break; | |
181 | } | |
182 | } | |
183 | } | |
184 | ||
185 | if(!_identity.isEncrypted()){ | |
186 | identity=_identity; | |
187 | break; | |
188 | } | |
189 | } | |
190 | } | |
191 | ||
192 | byte[] signature=null; | |
193 | ||
194 | if(identity!=null){ | |
195 | signature=identity.getSignature(data); | |
196 | } | |
197 | ||
198 | mbuf.reset(); | |
199 | if(signature==null){ | |
200 | mbuf.putByte((byte)SSH2_AGENT_FAILURE); | |
201 | } | |
202 | else{ | |
203 | mbuf.putByte((byte)SSH2_AGENT_SIGN_RESPONSE); | |
204 | mbuf.putString(signature); | |
205 | } | |
206 | ||
207 | byte[] bar=new byte[mbuf.getLength()]; | |
208 | mbuf.getByte(bar); | |
209 | ||
210 | send(bar); | |
211 | } | |
212 | } | |
213 | ||
214 | private void send(byte[] message){ | |
215 | packet.reset(); | |
216 | wbuf.putByte((byte)Session.SSH_MSG_CHANNEL_DATA); | |
217 | wbuf.putInt(recipient); | |
218 | wbuf.putInt(4+message.length); | |
219 | wbuf.putString(message); | |
220 | ||
221 | try{ | |
222 | getSession().write(packet, this, 4+message.length); | |
223 | } | |
224 | catch(Exception e){ | |
225 | } | |
226 | } | |
227 | } |