PageRenderTime 43ms CodeModel.GetById 12ms RepoModel.GetById 0ms app.codeStats 0ms

/vendor/golang.org/x/crypto/ssh/client.go

https://gitlab.com/veterinabb/webedit
Go | 219 lines | 139 code | 31 blank | 49 comment | 37 complexity | 5337b5189a4933be9757ae69366c8814 MD5 | raw file
    

  1. // Copyright 2011 The Go Authors. All rights reserved.
    2. 

  2. // Use of this source code is governed by a BSD-style
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. package ssh
    6. 

  6. 

  7. import (
    8. 

  8. 	"errors"
    9. 

  9. 	"fmt"
    10. 

  10. 	"net"
    11. 

  11. 	"sync"
    12. 

  12. 	"time"
    13. 

  13. )
    14. 

  14. 

  15. // Client implements a traditional SSH client that supports shells,
    16. 

  16. // subprocesses, port forwarding and tunneled dialing.
    17. 

  17. type Client struct {
    18. 

  18. 	Conn
    19. 

  19. 

  20. 	forwards        forwardList // forwarded tcpip connections from the remote side
    21. 

  21. 	mu              sync.Mutex
    22. 

  22. 	channelHandlers map[string]chan NewChannel
    23. 

  23. }
    24. 

  24. 

  25. // HandleChannelOpen returns a channel on which NewChannel requests
    26. 

  26. // for the given type are sent. If the type already is being handled,
    27. 

  27. // nil is returned. The channel is closed when the connection is closed.
    28. 

  28. func (c *Client) HandleChannelOpen(channelType string) <-chan NewChannel {
    29. 

  29. 	c.mu.Lock()
    30. 

  30. 	defer c.mu.Unlock()
    31. 

  31. 	if c.channelHandlers == nil {
    32. 

  32. 		// The SSH channel has been closed.
    33. 

  33. 		c := make(chan NewChannel)
    34. 

  34. 		close(c)
    35. 

  35. 		return c
    36. 

  36. 	}
    37. 

  37. 

  38. 	ch := c.channelHandlers[channelType]
    39. 

  39. 	if ch != nil {
    40. 

  40. 		return nil
    41. 

  41. 	}
    42. 

  42. 

  43. 	ch = make(chan NewChannel, 16)
    44. 

  44. 	c.channelHandlers[channelType] = ch
    45. 

  45. 	return ch
    46. 

  46. }
    47. 

  47. 

  48. // NewClient creates a Client on top of the given connection.
    49. 

  49. func NewClient(c Conn, chans <-chan NewChannel, reqs <-chan *Request) *Client {
    50. 

  50. 	conn := &Client{
    51. 

  51. 		Conn:            c,
    52. 

  52. 		channelHandlers: make(map[string]chan NewChannel, 1),
    53. 

  53. 	}
    54. 

  54. 

  55. 	go conn.handleGlobalRequests(reqs)
    56. 

  56. 	go conn.handleChannelOpens(chans)
    57. 

  57. 	go func() {
    58. 

  58. 		conn.Wait()
    59. 

  59. 		conn.forwards.closeAll()
    60. 

  60. 	}()
    61. 

  61. 	go conn.forwards.handleChannels(conn.HandleChannelOpen("forwarded-tcpip"))
    62. 

  62. 	return conn
    63. 

  63. }
    64. 

  64. 

  65. // NewClientConn establishes an authenticated SSH connection using c
    66. 

  66. // as the underlying transport.  The Request and NewChannel channels
    67. 

  67. // must be serviced or the connection will hang.
    68. 

  68. func NewClientConn(c net.Conn, addr string, config *ClientConfig) (Conn, <-chan NewChannel, <-chan *Request, error) {
    69. 

  69. 	fullConf := *config
    70. 

  70. 	fullConf.SetDefaults()
    71. 

  71. 	conn := &connection{
    72. 

  72. 		sshConn: sshConn{conn: c},
    73. 

  73. 	}
    74. 

  74. 

  75. 	if err := conn.clientHandshake(addr, &fullConf); err != nil {
    76. 

  76. 		c.Close()
    77. 

  77. 		return nil, nil, nil, fmt.Errorf("ssh: handshake failed: %v", err)
    78. 

  78. 	}
    79. 

  79. 	conn.mux = newMux(conn.transport)
    80. 

  80. 	return conn, conn.mux.incomingChannels, conn.mux.incomingRequests, nil
    81. 

  81. }
    82. 

  82. 

  83. // clientHandshake performs the client side key exchange. See RFC 4253 Section
    84. 

  84. // 7.
    85. 

  85. func (c *connection) clientHandshake(dialAddress string, config *ClientConfig) error {
    86. 

  86. 	if config.ClientVersion != "" {
    87. 

  87. 		c.clientVersion = []byte(config.ClientVersion)
    88. 

  88. 	} else {
    89. 

  89. 		c.clientVersion = []byte(packageVersion)
    90. 

  90. 	}
    91. 

  91. 	var err error
    92. 

  92. 	c.serverVersion, err = exchangeVersions(c.sshConn.conn, c.clientVersion)
    93. 

  93. 	if err != nil {
    94. 

  94. 		return err
    95. 

  95. 	}
    96. 

  96. 

  97. 	c.transport = newClientTransport(
    98. 

  98. 		newTransport(c.sshConn.conn, config.Rand, true /* is client */),
    99. 

  99. 		c.clientVersion, c.serverVersion, config, dialAddress, c.sshConn.RemoteAddr())
    100. 

  100. 	if err := c.transport.requestInitialKeyChange(); err != nil {
    101. 

  101. 		return err
    102. 

  102. 	}
    103. 

  103. 

  104. 	if packet, err := c.transport.readPacket(); err != nil {
    105. 

  105. 		return err
    106. 

  106. 	} else if packet[0] != msgNewKeys {
    107. 

  107. 		return unexpectedMessageError(msgNewKeys, packet[0])
    108. 

  108. 	}
    109. 

  109. 

  110. 	// We just did the key change, so the session ID is established.
    111. 

  111. 	c.sessionID = c.transport.getSessionID()
    112. 

  112. 

  113. 	return c.clientAuthenticate(config)
    114. 

  114. }
    115. 

  115. 

  116. // verifyHostKeySignature verifies the host key obtained in the key
    117. 

  117. // exchange.
    118. 

  118. func verifyHostKeySignature(hostKey PublicKey, result *kexResult) error {
    119. 

  119. 	sig, rest, ok := parseSignatureBody(result.Signature)
    120. 

  120. 	if len(rest) > 0 || !ok {
    121. 

  121. 		return errors.New("ssh: signature parse error")
    122. 

  122. 	}
    123. 

  123. 

  124. 	return hostKey.Verify(result.H, sig)
    125. 

  125. }
    126. 

  126. 

  127. // NewSession opens a new Session for this client. (A session is a remote
    128. 

  128. // execution of a program.)
    129. 

  129. func (c *Client) NewSession() (*Session, error) {
    130. 

  130. 	ch, in, err := c.OpenChannel("session", nil)
    131. 

  131. 	if err != nil {
    132. 

  132. 		return nil, err
    133. 

  133. 	}
    134. 

  134. 	return newSession(ch, in)
    135. 

  135. }
    136. 

  136. 

  137. func (c *Client) handleGlobalRequests(incoming <-chan *Request) {
    138. 

  138. 	for r := range incoming {
    139. 

  139. 		// This handles keepalive messages and matches
    140. 

  140. 		// the behaviour of OpenSSH.
    141. 

  141. 		r.Reply(false, nil)
    142. 

  142. 	}
    143. 

  143. }
    144. 

  144. 

  145. // handleChannelOpens channel open messages from the remote side.
    146. 

  146. func (c *Client) handleChannelOpens(in <-chan NewChannel) {
    147. 

  147. 	for ch := range in {
    148. 

  148. 		c.mu.Lock()
    149. 

  149. 		handler := c.channelHandlers[ch.ChannelType()]
    150. 

  150. 		c.mu.Unlock()
    151. 

  151. 

  152. 		if handler != nil {
    153. 

  153. 			handler <- ch
    154. 

  154. 		} else {
    155. 

  155. 			ch.Reject(UnknownChannelType, fmt.Sprintf("unknown channel type: %v", ch.ChannelType()))
    156. 

  156. 		}
    157. 

  157. 	}
    158. 

  158. 

  159. 	c.mu.Lock()
    160. 

  160. 	for _, ch := range c.channelHandlers {
    161. 

  161. 		close(ch)
    162. 

  162. 	}
    163. 

  163. 	c.channelHandlers = nil
    164. 

  164. 	c.mu.Unlock()
    165. 

  165. }
    166. 

  166. 

  167. // Dial starts a client connection to the given SSH server. It is a
    168. 

  168. // convenience function that connects to the given network address,
    169. 

  169. // initiates the SSH handshake, and then sets up a Client.  For access
    170. 

  170. // to incoming channels and requests, use net.Dial with NewClientConn
    171. 

  171. // instead.
    172. 

  172. func Dial(network, addr string, config *ClientConfig) (*Client, error) {
    173. 

  173. 	conn, err := net.DialTimeout(network, addr, config.Timeout)
    174. 

  174. 	if err != nil {
    175. 

  175. 		return nil, err
    176. 

  176. 	}
    177. 

  177. 	c, chans, reqs, err := NewClientConn(conn, addr, config)
    178. 

  178. 	if err != nil {
    179. 

  179. 		return nil, err
    180. 

  180. 	}
    181. 

  181. 	return NewClient(c, chans, reqs), nil
    182. 

  182. }
    183. 

  183. 

  184. // A ClientConfig structure is used to configure a Client. It must not be
    185. 

  185. // modified after having been passed to an SSH function.
    186. 

  186. type ClientConfig struct {
    187. 

  187. 	// Config contains configuration that is shared between clients and
    188. 

  188. 	// servers.
    189. 

  189. 	Config
    190. 

  190. 

  191. 	// User contains the username to authenticate as.
    192. 

  192. 	User string
    193. 

  193. 

  194. 	// Auth contains possible authentication methods to use with the
    195. 

  195. 	// server. Only the first instance of a particular RFC 4252 method will
    196. 

  196. 	// be used during authentication.
    197. 

  197. 	Auth []AuthMethod
    198. 

  198. 

  199. 	// HostKeyCallback, if not nil, is called during the cryptographic
    200. 

  200. 	// handshake to validate the server's host key. A nil HostKeyCallback
    201. 

  201. 	// implies that all host keys are accepted.
    202. 

  202. 	HostKeyCallback func(hostname string, remote net.Addr, key PublicKey) error
    203. 

  203. 

  204. 	// ClientVersion contains the version identification string that will
    205. 

  205. 	// be used for the connection. If empty, a reasonable default is used.
    206. 

  206. 	ClientVersion string
    207. 

  207. 

  208. 	// HostKeyAlgorithms lists the key types that the client will
    209. 

  209. 	// accept from the server as host key, in order of
    210. 

  210. 	// preference. If empty, a reasonable default is used. Any
    211. 

  211. 	// string returned from PublicKey.Type method may be used, or
    212. 

  212. 	// any of the CertAlgoXxxx and KeyAlgoXxxx constants.
    213. 

  213. 	HostKeyAlgorithms []string
    214. 

  214. 

  215. 	// Timeout is the maximum amount of time for the TCP connection to establish.
    216. 

  216. 	//
    217. 

  217. 	// A Timeout of zero means no timeout.
    218. 

  218. 	Timeout time.Duration
    219. 

  219. }
    220. 

  220.