我正在为iOS做Unix服务器ssh仿真。在谈判过程中,我遇到了许多障碍,并且仍在与这些障碍作斗争。最新的一个是关于SSH2_MSG_KEX_DH_GEX_REPLY数据包数据,我收到错误的数据包长度(可能是多余的填充)。整个过程的数据包描述如下:
Client : connection with aix.polarhome.com with port 775 (changed port for ssh) using GCDAsyncSocket
Server : SSH-2.0-OpenSSH_6.0
Client : send SSH-2.0-OpenSSH_6.0
(Rest packet will follow BPP protocol)
Server : SSH2_MSG_KEXINIT with set of supported algorithms
Client : SSH2_MSG_KEXINIT with set of common algorithms
Client : SSH2_MSG_KEX_DH_GEX_REQUEST_OLD
code:
SignedByte sendByte[1920];
int writeIndex = 0;
minGroupLength = 1024;
prefGroupLength = 1024;
maxGroupLength = 4096;
sendByte[writeIndex++] = SSH2_MSG_KEX_DH_GEX_REQUEST_OLD;
[self write32BitInteger:prefGroupLength toPacket:sendByte fromIndex:writeIndex];
writeIndex += 4;
[self sendSSHBinaryPacketPayload:sendByte toLength:writeIndex];
writeIndex = 0;
Server : SSH2_MSG_KEX_DH_GEX_GROUP
client -> fetch values of p and g
compute value of e (1 < e < (p-1)/2)
Client : SSH2_MSG_KEX_DH_GEX_INIT
Code
SignedByte sendByte[1920];
int writeIndex = 0;
NSInteger eByteCount = [[e description] stringByReplacingOccurrencesOfString:@" " withString:@""].length/2;
sendByte[writeIndex++] = SSH2_MSG_KEX_DH_GEX_INIT;
[self write32BitInteger:eByteCount toPacket:sendByte fromIndex:writeIndex];
writeIndex += 4;
Byte eBytes[eByteCount];
NSInteger length = [self getBytes:eBytes fromBigInteger:e];
for (int i = 0; i < length; i++) {
sendByte[writeIndex++] = eBytes[i];
}
[self sendSSHBinaryPacketPayload:sendByte toLength:writeIndex];
writeIndex = 0;
Server : SSH2_MSG_KEX_DH_GEX_REPLY
Total length : 720
Packet length (4 bytes): 00 00 02 bc (700 which should be 720 - 4 = 716) Don't Know why this 700?
client -> read host key and verify it
read value of f
read signature and verify it
Client : SSH2_MSG_NEWKEYS
现在发送最后一个数据包服务器模拟后,没有数据返回SSH2_MSG_NEWKEYS。
我查看了其他 ssh 模拟器的代码,但没有一个有帮助。我完全没有头绪,我需要做什么,请帮忙,我真的很沮丧。
每@revinder在评论中:
我解决了我自己的服务器,将两个数据包合并为一个,SSH2_MSG_KEX_DH_GEX_REPLY和SSH2_MSG_NEWKEYS。