123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139 |
- package ssh
- import (
- "encoding/asn1"
- "errors"
- )
- var krb5OID []byte
- func init() {
- krb5OID, _ = asn1.Marshal(krb5Mesh)
- }
- type GSSAPIClient interface {
-
-
-
-
-
-
-
-
-
-
-
-
- InitSecContext(target string, token []byte, isGSSDelegCreds bool) (outputToken []byte, needContinue bool, err error)
-
-
-
-
-
-
-
-
-
-
-
- GetMIC(micFiled []byte) ([]byte, error)
-
-
-
-
-
-
-
-
-
- DeleteSecContext() error
- }
- type GSSAPIServer interface {
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- AcceptSecContext(token []byte) (outputToken []byte, srcName string, needContinue bool, err error)
-
-
-
- VerifyMIC(micField []byte, micToken []byte) error
-
-
-
-
-
-
-
-
-
- DeleteSecContext() error
- }
- var (
-
-
-
- krb5Mesh = asn1.ObjectIdentifier{1, 2, 840, 113554, 1, 2, 2}
- )
- type userAuthRequestGSSAPI struct {
- N uint32
- OIDS []asn1.ObjectIdentifier
- }
- func parseGSSAPIPayload(payload []byte) (*userAuthRequestGSSAPI, error) {
- n, rest, ok := parseUint32(payload)
- if !ok {
- return nil, errors.New("parse uint32 failed")
- }
- s := &userAuthRequestGSSAPI{
- N: n,
- OIDS: make([]asn1.ObjectIdentifier, n),
- }
- for i := 0; i < int(n); i++ {
- var (
- desiredMech []byte
- err error
- )
- desiredMech, rest, ok = parseString(rest)
- if !ok {
- return nil, errors.New("parse string failed")
- }
- if rest, err = asn1.Unmarshal(desiredMech, &s.OIDS[i]); err != nil {
- return nil, err
- }
- }
- return s, nil
- }
- func buildMIC(sessionID string, username string, service string, authMethod string) []byte {
- out := make([]byte, 0, 0)
- out = appendString(out, sessionID)
- out = append(out, msgUserAuthRequest)
- out = appendString(out, username)
- out = appendString(out, service)
- out = appendString(out, authMethod)
- return out
- }
|