Cisco connection issue fix

Certain Cisco devices do not adhere to RFC4342 and do not reply if the client identifies first.
Since identifcation can be in random order it will give random connection issues because the SSH_MSG_KEXINIT will not be sent if the client is faster.

Since SSH.Net is not at fault and compatibility with Cisco (and possibly other) devices is something that can easily be supported I've written this modification.

Added LazyIdentification to the ConnectionInfo object to allow late identification in ProtocolVersionExchange.
Overloaded 'Start' function to keep the original functionality and tests intact.

Highly likely fixes issues sshnet#752, sshnet#778, sshnet#469 and might help with sshnet#798, sshnet#767, sshnet#807

Author: likeMyCoffee

src/Renci.SshNet/Connection/IProtocolVersionExchange.cs

@@ -18,5 +18,17 @@ internal interface IProtocolVersionExchange
         /// The SSH identification of the server.
         /// </returns>
         SshIdentification Start(string clientVersion, Socket socket, TimeSpan timeout);
+
+        /// <summary>
+        /// Performs the SSH protocol version exchange.
+        /// </summary>
+        /// <param name="clientVersion">The identification string of the SSH client.</param>
+        /// <param name="socket">A <see cref="Socket"/> connected to the server.</param>
+        /// <param name="timeout">The maximum time to wait for the server to respond.</param>
+        /// <param name="lazyIdentification">Allow server to identify itself first.</param>
+        /// <returns>
+        /// The SSH identification of the server.
+        /// </returns>
+        SshIdentification Start(string clientVersion, Socket socket, TimeSpan timeout, bool lazyIdentification);
     }
 }

src/Renci.SshNet/Connection/ProtocolVersionExchange.cs

@@ -37,9 +37,27 @@ internal class ProtocolVersionExchange : IProtocolVersionExchange
         /// </returns>
         public SshIdentification Start(string clientVersion, Socket socket, TimeSpan timeout)
         {
-            // Immediately send the identification string since the spec states both sides MUST send an identification string
-            // when the connection has been established
-            SocketAbstraction.Send(socket, Encoding.UTF8.GetBytes(clientVersion + "\x0D\x0A"));
+            return Start(clientVersion, socket, timeout, false);
+        }
+
+        /// <summary>
+        /// Performs the SSH protocol version exchange.
+        /// </summary>
+        /// <param name="clientVersion">The identification string of the SSH client.</param>
+        /// <param name="socket">A <see cref="Socket"/> connected to the server.</param>
+        /// <param name="timeout">The maximum time to wait for the server to respond.</param>
+        /// <param name="lazyIdentification">Allow server to identify itself first.</param>
+        /// <returns>
+        /// The SSH identification of the server.
+        /// </returns>
+        public SshIdentification Start(string clientVersion, Socket socket, TimeSpan timeout, bool lazyIdentification)
+        {
+            if (!lazyIdentification)
+            {
+                // Immediately send the identification string since the spec states both sides MUST send an identification string
+                // when the connection has been established
+                SocketAbstraction.Send(socket, Encoding.UTF8.GetBytes(clientVersion + "\x0D\x0A"));
+            }
 
             var bytesReceived = new List<byte>();
 
@@ -71,6 +89,12 @@ public SshIdentification Start(string clientVersion, Socket socket, TimeSpan tim
                 var identificationMatch = ServerVersionRe.Match(line);
                 if (identificationMatch.Success)
                 {
+                    if (lazyIdentification)
+                    {
+                        // Send identification only after server identification has been validated.
+                        SocketAbstraction.Send(socket, Encoding.UTF8.GetBytes(clientVersion + "\x0D\x0A"));
+                    }
+
                     return new SshIdentification(GetGroupValue(identificationMatch, "protoversion"),
                                                  GetGroupValue(identificationMatch, "softwareversion"),
                                                  GetGroupValue(identificationMatch, "comments"));

src/Renci.SshNet/ConnectionInfo.cs

@@ -183,6 +183,14 @@ public class ConnectionInfo : IConnectionInfoInternal
         /// </value>
         public int MaxSessions { get; set; }
 
+        /// <summary>
+        /// Gets or sets if the client should identify itself later.
+        /// </summary>
+        /// <value>
+        /// <c>false</c>, the default for strict RFC4253 compliance where both sides identify at the same time. <c>true</c> if the client should wait for the server identification.
+        /// </value>
+        public bool LazyIdentification { get; set; }
+
         /// <summary>
         /// Occurs when authentication banner is sent by the server.
         /// </summary>
@@ -432,6 +440,8 @@ public ConnectionInfo(string host, int port, string username, ProxyTypes proxyTy
             ProxyPassword = proxyPassword;
 
             AuthenticationMethods = authenticationMethods;
+
+            LazyIdentification = false;
         }
 
         /// <summary>

src/Renci.SshNet/Session.cs

@@ -588,7 +588,7 @@ public void Connect()
                                              .Connect(ConnectionInfo);
 
                     var serverIdentification = _serviceFactory.CreateProtocolVersionExchange()
-                                                              .Start(ClientVersion, _socket, ConnectionInfo.Timeout);
+                                                              .Start(ClientVersion, _socket, ConnectionInfo.Timeout, ConnectionInfo.LazyIdentification);
 
                     // Set connection versions
                     ServerVersion = ConnectionInfo.ServerVersion = serverIdentification.ToString();