XShell 7 新版本修改了 signRequestAgentMsg 报文格式

[zzmark]

xshell 7 可能修改了 agent 协议，或者这个协议版本有所更新(没有具体追踪)

xshell 版本: xshell 7 Build 0157

开启 debug 后有 stderr 日志打印:

agent 13: ssh: parse error in message type 13

断点分析得出，新版本的 signRequestAgentMsg 报文，较标准协议，多出32bit 数据 => {0, 24, 15, 254} 多次尝试，后三个byte不稳定，看不出是什么 旧版本为缺少 Flags 部分，需要补32bit。

个人有个patch，简单粗暴的裁剪后32bit，测试可以使用，没有继续刨根问底。 若可以合并，我去提PR

附上修正前 xshell 日志

[BEGIN] 2024-05-06 19:00:09
[2024-05-06-19:0:9.735] Connection established.
[2024-05-06-19:0:9.735] To escape to local shell, press 'Ctrl+Alt+]'.
[2024-05-06-19:0:9.766] [19:00:09] Version exchange initiated...
[2024-05-06-19:0:9.766] [19:00:09] 	server: SSH-2.0-OpenSSH_8.7
[2024-05-06-19:0:9.766] [19:00:09] 	client: SSH-2.0-nsssh2_7.0.0040 NetSarang Computer, Inc.
[2024-05-06-19:0:9.766] [19:00:09] 	SSH2 is selected.
[2024-05-06-19:0:9.767] [19:00:09] 		Outgoing packet:  20 (0x14: SSH2_MSG_KEXINIT)
[2024-05-06-19:0:9.786] [19:00:09] 		Incoming packet:  20 (0x14: SSH2_MSG_KEXINIT)
[2024-05-06-19:0:9.787] [19:00:09] Algorithm negotiation initiated... (Dialog mode)
[2024-05-06-19:0:9.787] [19:00:09] 	key exchange: [email protected]
[2024-05-06-19:0:9.787] [19:00:09] 	host key: rsa-sha2-256
[2024-05-06-19:0:9.787] [19:00:09] 	outgoing encryption: [email protected]
[2024-05-06-19:0:9.787] [19:00:09] 	incoming encryption: [email protected]
[2024-05-06-19:0:9.787] [19:00:09] 	outgoing mac: [email protected]
[2024-05-06-19:0:9.787] [19:00:09] 	incoming mac: [email protected]
[2024-05-06-19:0:9.787] [19:00:09] 	outgoing compression: none
[2024-05-06-19:0:9.787] [19:00:09] 	incoming compression: none
[2024-05-06-19:0:9.789] [19:00:09] 		Outgoing packet:  30 (0x1e: SSH2_MSG_KEXDH_INIT)
[2024-05-06-19:0:9.819] [19:00:09] 		Incoming packet:  31 (0x1f: SSH2_MSG_KEXDH_REPLY)
[2024-05-06-19:0:9.819] [19:00:09] Host authentication initiated...
[2024-05-06-19:0:9.820] [19:00:09] 	Hostkey fingerprint:
[2024-05-06-19:0:9.820] [19:00:09] 	rsa 3072 84:f4:6d:f9:11:01:21:3a:b5:0a:4f:f1:af:74:f0:67
[2024-05-06-19:0:9.822] [19:00:09] 	Accepted. Verifying host key...
[2024-05-06-19:0:9.822] [19:00:09] 	Verified.
[2024-05-06-19:0:9.822] [19:00:09] 		Outgoing packet:  21 (0x15: SSH2_MSG_NEWKEYS)
[2024-05-06-19:0:9.823] [19:00:09] 		Incoming packet:  21 (0x15: SSH2_MSG_NEWKEYS)
[2024-05-06-19:0:9.823] [19:00:09] 		Outgoing packet:   5 (0x05: SSH2_MSG_SERVICE_REQUEST)
[2024-05-06-19:0:9.823] [19:00:09] 		Incoming packet:   7 (0x07: SSH2_MSG_EXT_INFO)
[2024-05-06-19:0:9.824] [19:00:09] 	server-sig-algs = ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected]
[2024-05-06-19:0:9.843] [19:00:09] 		Incoming packet:   6 (0x06: SSH2_MSG_SERVICE_ACCEPT)
[2024-05-06-19:0:9.843] [19:00:09] User authentication initiated... (Dialog mode)
[2024-05-06-19:0:9.843] [19:00:09] 	Sent user name 'root'.
[2024-05-06-19:0:9.844] [19:00:09] 		Outgoing packet:  50 (0x32: SSH2_MSG_USERAUTH_REQUEST)
[2024-05-06-19:0:9.861] [19:00:09] 		Incoming packet:  51 (0x33: SSH2_MSG_USERAUTH_FAILURE)
[2024-05-06-19:0:9.861] [19:00:09] 	Server requested: publickey,gssapi-keyex,gssapi-with-mic
[2024-05-06-19:0:9.862] [19:00:09] 	Server support public key authentication method.
[2024-05-06-19:0:9.862] [19:00:09] 	Trying to find ssh-agent...
[2024-05-06-19:0:9.863] [19:00:09] 	Xagent is running. Connecting to ssh-agent...
[2024-05-06-19:0:9.863] [19:00:09] 	Auth method is agent.
[2024-05-06-19:0:12.468] [19:00:12] 	Received 2 identity-blob(s) from ssh-agent.
[2024-05-06-19:0:12.468] [19:00:12] 	Trying next identity blob...
[2024-05-06-19:0:12.468] [19:00:12] 		Outgoing packet:  50 (0x32: SSH2_MSG_USERAUTH_REQUEST)
[2024-05-06-19:0:12.468] [19:00:12] 	UserKey type: keylen:0
[2024-05-06-19:0:12.484] [19:00:12] 		Incoming packet:  51 (0x33: SSH2_MSG_USERAUTH_FAILURE)
[2024-05-06-19:0:12.484] [19:00:12] 	Server rejected the public blob, 
[2024-05-06-19:0:12.484] [19:00:12] 	Trying next identity blob...
[2024-05-06-19:0:12.484] [19:00:12] 		Outgoing packet:  50 (0x32: SSH2_MSG_USERAUTH_REQUEST)
[2024-05-06-19:0:12.484] [19:00:12] 	UserKey type:ssh-ed25519 keylen:51
[2024-05-06-19:0:12.504] [19:00:12] 		Incoming packet:  60 (0x3c: SSH2_MSG_USERAUTH_PK_OK)
[2024-05-06-19:0:12.504] [19:00:12] 	Received PK_OK packet. Try to send signed key blob.
[2024-05-06-19:0:12.506] [19:00:12] 	Sent sign request to ssh-agent. ssh-ed25519
[2024-05-06-19:0:12.524] [19:00:12] 	Received an empty signature from ssh-agent.
[2024-05-06-19:0:12.524] [19:00:12] 	Trying next identity blob...
[2024-05-06-19:0:12.524] [19:00:12] 		Outgoing packet:  50 (0x32: SSH2_MSG_USERAUTH_REQUEST)
[2024-05-06-19:0:12.524] [19:00:12] 	UserKey type:ecdsa-sha2-nistp256 keylen:104
[2024-05-06-19:0:12.547] [19:00:12] 		Incoming packet:  60 (0x3c: SSH2_MSG_USERAUTH_PK_OK)
[2024-05-06-19:0:12.547] [19:00:12] 	Received PK_OK packet. Try to send signed key blob.
[2024-05-06-19:0:12.547] [19:00:12] 	Sent sign request to ssh-agent. ecdsa-sha2-nistp256
[2024-05-06-19:0:12.568] [19:00:12] 	Received an empty signature from ssh-agent.
[2024-05-06-19:0:12.569] [19:00:12] 	No more keys to try.
[2024-05-06-19:0:12.569] [19:00:12] 	Fall back to normal user authentication steps.
[2024-05-06-19:0:14.873] [19:00:14] 	Canceled.
[2024-05-06-19:0:14.873] [19:00:14] 		Outgoing packet:   1 (0x01: SSH2_MSG_DISCONNECT)
[2024-05-06-19:0:14.911] Connection closing...Socket close.
[2024-05-06-19:0:14.911] 
[2024-05-06-19:0:14.911] Connection closed by foreign host.

[END] 2024-05-06 19:00:14