Rework samplekex.py to use the new -proxycmd.

It now expects its standard input to be connected to the same PuTTY its standard output is talking to, i.e. expects to be invoked as a proxy command. It conducts the same sample key exchange as it used to, but now reads the SSH greeting and first couple of packets back from PuTTY and minimally checks that they're something like what it was expecting. (In the process, I've also fixed a mistake in the Python message code enumeration, which caused one of those expect() calls to fail.)
2025-07-01 19:42:48 -05:00 · 2016-05-03 16:51:42 +01:00
parent e65e5d165f
commit cc9d920c78
2 changed files with 54 additions and 14 deletions
--- a/contrib/encodelib.py
+++ b/contrib/encodelib.py
@ -65,10 +65,11 @@ SSH2_MSG_KEXINIT = 20
 SSH2_MSG_NEWKEYS = 21
 SSH2_MSG_KEXDH_INIT = 30
 SSH2_MSG_KEXDH_REPLY = 31
-SSH2_MSG_KEX_DH_GEX_REQUEST = 30
+SSH2_MSG_KEX_DH_GEX_REQUEST_OLD = 30
 SSH2_MSG_KEX_DH_GEX_GROUP = 31
 SSH2_MSG_KEX_DH_GEX_INIT = 32
 SSH2_MSG_KEX_DH_GEX_REPLY = 33
+SSH2_MSG_KEX_DH_GEX_REQUEST = 34
 SSH2_MSG_KEXRSA_PUBKEY = 30
 SSH2_MSG_KEXRSA_SECRET = 31
 SSH2_MSG_KEXRSA_DONE = 32
@ -113,3 +114,16 @@ def clearpkt(msgtype, *stuff):
        s += byte(random.randint(0,255))
    s = byte(padlen) + s
    return string(s)
+
+def decode_uint32(s):
+    assert len(s) == 4
+    return struct.unpack(">I", s)[0]
+
+def read_clearpkt(fh):
+    length_field = fh.read(4)
+    s = fh.read(decode_uint32(length_field))
+    import sys
+    padlen = ord(s[0])
+    s = s[1:-padlen]
+    msgtype = ord(s[0])
+    return msgtype, s[1:]