Part of twisted.conch.ssh.transport View Source View In Hierarchy
| Instance Variables | isClient | since we are never the client, this is always False. |
| ignoreNextPacket | if True, ignore the next key exchange packet. This is set when the client sends a guessed key exchange packet but with an incorrect guess. | |
| dhGexRequest | the KEX_DH_GEX_REQUEST(_OLD) that the client sent. The key generation needs this to be stored. | |
| g | the Diffie-Hellman group generator. | |
| p | the Diffie-Hellman group prime. |
| Method | ssh_KEXINIT | No summary |
| Method | ssh_KEX_DH_GEX_REQUEST_OLD | No summary |
| Method | ssh_KEX_DH_GEX_REQUEST | No summary |
| Method | ssh_KEX_DH_GEX_INIT | Called when we get a MSG_KEX_DH_GEX_INIT message. Payload:: integer e (client DH public key) |
| Method | ssh_NEWKEYS | Called when we get a MSG_NEWKEYS message. No payload. When we get this, the keys have been set on both sides, and we start using them to encrypt and authenticate the connection. |
| Method | ssh_SERVICE_REQUEST | Called when we get a MSG_SERVICE_REQUEST message. Payload:: string serviceName |
| Method | _ssh_KEXDH_INIT | Called to handle the beginning of a diffie-hellman-group1-sha1 key exchange. |
Inherited from SSHTransportBase:
| Method | connectionLost | Called when the connection is shut down. |
| Method | connectionMade | Called when the connection is made to the other side. We sent our version and the MSG_KEXINIT packet. |
| Method | sendKexInit | Send a KEXINIT message to initiate key exchange or to respond to a key exchange initiated by the peer. |
| Method | sendPacket | Sends a packet. If it's been set up, compress the data, encrypt it, and authenticate it before sending. If key exchange is in progress and the message is not part of key exchange, queue it to be sent later. |
| Method | getPacket | Try to return a decrypted, authenticated, and decompressed packet out of the buffer. If there is not enough data, return None. |
| Method | dataReceived | First, check for the version string (SSH-2.0-*). After that has been received, this method adds data to the buffer, and pulls out any packets. |
| Method | dispatchMessage | Send a received message to the appropriate method. |
| Method | ssh_DISCONNECT | Called when we receive a MSG_DISCONNECT message. Payload:: long code string description |
| Method | ssh_IGNORE | Called when we receieve a MSG_IGNORE message. No payload. This means nothing; we simply return. |
| Method | ssh_UNIMPLEMENTED | Called when we receieve a MSG_UNIMPLEMENTED message. Payload:: long packet |
| Method | ssh_DEBUG | No summary |
| Method | setService | Set our service to service and start it running. If we were running a service previously, stop it first. |
| Method | sendDebug | Send a debug message to the other side. |
| Method | sendIgnore | Send a message that will be ignored by the other side. This is useful to fool attacks based on guessing packet sizes in the encrypted stream. |
| Method | sendUnimplemented | Send a message to the other side that the last packet was not understood. |
| Method | sendDisconnect | Send a disconnect message to the other side and then disconnect. |
| Method | isEncrypted | Return True if the connection is encrypted in the given direction. Direction must be one of ["out", "in", "both"]. |
| Method | isVerified | Return True if the connecction is verified/authenticated in the given direction. Direction must be one of ["out", "in", "both"]. |
| Method | loseConnection | Lose the connection to the other side, sending a DISCONNECT_CONNECTION_LOST message. |
| Method | receiveError | Called when we receive a disconnect error message from the other side. |
| Method | receiveUnimplemented | Called when we receive an unimplemented packet message from the other side. |
| Method | receiveDebug | Called when we receive a debug message from the other side. |
| Method | _allowedKeyExchangeMessageType | Determine if the given message type may be sent while key exchange is in progress. |
| Method | _unsupportedVersionReceived | Called when an unsupported version of the ssh protocol is received from the remote endpoint. |
| Method | _getKey | Get one of the keys for authentication/encryption. |
| Method | _keySetup | Set up the keys for the connection and sends MSG_NEWKEYS when finished, |
| Method | _newKeys | No summary |
Inherited from BaseProtocol (via SSHTransportBase, Protocol):
| Method | makeConnection | Make a connection to a transport and a server. |
Called to handle the beginning of a diffie-hellman-group1-sha1 key exchange.
Unlike other message types, this is not dispatched automatically. It is
called from ssh_KEX_DH_GEX_REQUEST_OLD because an extra check
is required to determine if this is really a KEXDH_INIT message or if it is
a KEX_DH_GEX_REQUEST_OLD message.
integer e (the client's Diffie-Hellman public key)
We send the KEXDH_REPLY with our host key and signature.
_ssh_KEXDH_INIT is called to handle it. Otherwise, for
KEX_DH_GEX_REQUEST_OLD (for diffie-hellman-group-exchange-sha1)
payload:
integer ideal (ideal size for the Diffie-Hellman prime)
We send the KEX_DH_GEX_GROUP message with the group that is
closest in size to ideal.
If we were told to ignore the next key exchange packet by ssh_KEXINIT,
drop it on the floor and return.
integer minimum integer ideal integer maximum
The client is asking for a Diffie-Hellman group between minimum and maximum size, and close to ideal if possible. We reply with a MSG_KEX_DH_GEX_GROUP message.
If we were told to ignore the next key exchange packet by ssh_KEXINIT, drop it on the floor and return.integer e (client DH public key)We send the MSG_KEX_DH_GEX_REPLY message with our host key and signature.
string serviceNameThe client has requested a service. If we can start the service, start it; otherwise, disconnect with DISCONNECT_SERVICE_NOT_AVAILABLE.