Exemplo n.º 1
0
 /**
  * @param string
  * @return bool
  */
 public function authenticate(PacketProtocol $protocol, $packet)
 {
     if ($this->user) {
         $protocol->send('bnb', SSH_MSG_USERAUTH_FAILURE, array(), 0);
         return FALSE;
     }
     list($user, $service, $method) = parse('sss', $packet);
     if ($service !== 'ssh-connection' || $method !== 'publickey') {
         $protocol->send('bnb', SSH_MSG_USERAUTH_FAILURE, array('publickey'), 0);
         return FALSE;
     }
     list($signed, $publickey_algorithm, $publickey) = parse('bss', $packet);
     // FIXME: currently on ssh-rsa supported
     if ($publickey_algorithm !== 'ssh-rsa' || ($content = @file_get_contents($this->dir . '/' . $user)) === FALSE) {
         $protocol->send('bnb', SSH_MSG_USERAUTH_FAILURE, array('publickey'), 0);
         return FALSE;
     }
     if (!$signed) {
         $protocol->send('bss', SSH_MSG_USERAUTH_PK_OK, $publickey_algorithm, $publickey);
         return FALSE;
     }
     list($signature) = parse('s', $packet);
     list($known_publickey_algorithm, $known_publickey, ) = explode(' ', trim($content), 3);
     $known_publickey = base64_decode($known_publickey);
     if (!($known_publickey_algorithm === $publickey_algorithm && $known_publickey === $publickey)) {
         $protocol->send('bnb', SSH_MSG_USERAUTH_FAILURE, array('publickey'), 0);
         return FALSE;
     }
     $data = format('sbsssbss', $protocol->getSessionId(), SSH_MSG_USERAUTH_REQUEST, $user, $service, 'publickey', 1, $publickey_algorithm, $publickey);
     if (verify($publickey, $data, $signature)) {
         $protocol->send('b', SSH_MSG_USERAUTH_SUCCESS);
         $this->user = $user;
         $this->service = $service;
         return TRUE;
     }
     return FALSE;
 }