You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by lg...@apache.org on 2015/06/04 13:36:10 UTC
mina-sshd git commit: [SSHD-486] Add some simple ForwardingFilter
implementations
Repository: mina-sshd
Updated Branches:
refs/heads/master 7252546a1 -> 0857f8346
[SSHD-486] Add some simple ForwardingFilter implementations
Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/0857f834
Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/0857f834
Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/0857f834
Branch: refs/heads/master
Commit: 0857f83462e0032d6736e83c4710b1e22ba24772
Parents: 7252546
Author: Lyor Goldstein <lg...@vmware.com>
Authored: Thu Jun 4 14:35:58 2015 +0300
Committer: Lyor Goldstein <lg...@vmware.com>
Committed: Thu Jun 4 14:35:58 2015 +0300
----------------------------------------------------------------------
.../main/java/org/apache/sshd/SshBuilder.java | 13 +-
.../main/java/org/apache/sshd/SshClient.java | 6 +-
.../main/java/org/apache/sshd/SshServer.java | 40 +----
.../sshd/client/auth/UserAuthPublicKey.java | 9 +-
.../apache/sshd/common/ForwardingFilter.java | 166 ++++++++++++++++++-
.../apache/sshd/common/SshdSocketAddress.java | 64 ++++---
.../common/forward/DefaultTcpipForwarder.java | 8 +-
.../sshd/common/forward/TcpipServerChannel.java | 49 +++---
.../sshd/server/auth/UserAuthPublicKey.java | 6 +-
.../sshd/server/channel/ChannelSession.java | 34 ++--
.../test/java/org/apache/sshd/AgentTest.java | 12 +-
.../org/apache/sshd/AuthenticationTest.java | 5 +-
.../test/java/org/apache/sshd/ClientTest.java | 8 +-
.../java/org/apache/sshd/KeepAliveTest.java | 24 +--
.../java/org/apache/sshd/KeyReExchangeTest.java | 10 +-
.../org/apache/sshd/PortForwardingLoadTest.java | 4 +-
.../org/apache/sshd/PortForwardingTest.java | 12 +-
.../test/java/org/apache/sshd/ProxyTest.java | 16 +-
.../test/java/org/apache/sshd/ServerTest.java | 2 +-
.../apache/sshd/SinglePublicKeyAuthTest.java | 4 +-
.../java/org/apache/sshd/WelcomeBannerTest.java | 3 +-
.../sshd/common/ForwardingFilterTest.java | 76 +++++++++
.../apache/sshd/deprecated/UserAuthAgent.java | 5 +-
.../sshd/deprecated/UserAuthPublicKey.java | 5 +-
.../apache/sshd/util/BogusForwardingFilter.java | 50 ------
25 files changed, 430 insertions(+), 201 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/main/java/org/apache/sshd/SshBuilder.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/SshBuilder.java b/sshd-core/src/main/java/org/apache/sshd/SshBuilder.java
index cd4d7d1..d6c6298 100644
--- a/sshd-core/src/main/java/org/apache/sshd/SshBuilder.java
+++ b/sshd-core/src/main/java/org/apache/sshd/SshBuilder.java
@@ -30,6 +30,7 @@ import org.apache.sshd.common.AbstractFactoryManager;
import org.apache.sshd.common.Channel;
import org.apache.sshd.common.Cipher;
import org.apache.sshd.common.Factory;
+import org.apache.sshd.common.ForwardingFilter;
import org.apache.sshd.common.KeyExchange;
import org.apache.sshd.common.Mac;
import org.apache.sshd.common.NamedFactory;
@@ -96,6 +97,7 @@ public class SshBuilder {
protected FileSystemFactory fileSystemFactory;
protected TcpipForwarderFactory tcpipForwarderFactory;
protected List<RequestHandler<ConnectionService>> globalRequestHandlers;
+ protected ForwardingFilter forwardingFilter;
protected S fillWithDefaultValues() {
if (signatureFactories == null) {
@@ -133,6 +135,10 @@ public class SshBuilder {
fileSystemFactory = new NativeFileSystemFactory();
}
+ if (forwardingFilter == null) {
+ forwardingFilter = ForwardingFilter.RejectAllForwardingFilter.INSTANCE;
+ }
+
if (tcpipForwarderFactory == null) {
tcpipForwarderFactory = new DefaultTcpipForwarderFactory();
}
@@ -180,6 +186,11 @@ public class SshBuilder {
return me();
}
+ public S forwardingFilter(final ForwardingFilter filter) {
+ this.forwardingFilter = filter;
+ return me();
+ }
+
public S tcpipForwarderFactory(final TcpipForwarderFactory tcpipForwarderFactory) {
this.tcpipForwarderFactory = tcpipForwarderFactory;
return me();
@@ -210,9 +221,9 @@ public class SshBuilder {
ssh.setMacFactories(macFactories);
ssh.setChannelFactories(channelFactories);
ssh.setFileSystemFactory(fileSystemFactory);
+ ssh.setTcpipForwardingFilter(forwardingFilter);
ssh.setTcpipForwarderFactory(tcpipForwarderFactory);
ssh.setGlobalRequestHandlers(globalRequestHandlers);
-
return ssh;
}
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/main/java/org/apache/sshd/SshClient.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/SshClient.java b/sshd-core/src/main/java/org/apache/sshd/SshClient.java
index 7e13195..37be6e5 100644
--- a/sshd-core/src/main/java/org/apache/sshd/SshClient.java
+++ b/sshd-core/src/main/java/org/apache/sshd/SshClient.java
@@ -483,7 +483,9 @@ public class SshClient extends AbstractFactoryManager implements ClientFactoryMa
}
SshClient client = SshClient.setUpDefaultClient();
- client.getProperties().putAll(options);
+ Map<String,Object> props = client.getProperties();
+ props.putAll(options);
+
client.start();
client.setKeyPairProvider(provider);
client.setUserInteraction(new UserInteraction() {
@@ -519,7 +521,7 @@ public class SshClient extends AbstractFactoryManager implements ClientFactoryMa
agent.addIdentity(key, "");
}
agent.close();
- client.getProperties().put(SshAgent.SSH_AUTHSOCKET_ENV_NAME, authSock);
+ props.put(SshAgent.SSH_AUTHSOCKET_ENV_NAME, authSock);
}
*/
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/main/java/org/apache/sshd/SshServer.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/SshServer.java b/sshd-core/src/main/java/org/apache/sshd/SshServer.java
index 024fc76..ad6d5f6 100644
--- a/sshd-core/src/main/java/org/apache/sshd/SshServer.java
+++ b/sshd-core/src/main/java/org/apache/sshd/SshServer.java
@@ -21,7 +21,6 @@ package org.apache.sshd;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
-import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.EnumSet;
@@ -32,10 +31,9 @@ import java.util.Map;
import org.apache.sshd.common.AbstractFactoryManager;
import org.apache.sshd.common.Closeable;
import org.apache.sshd.common.Factory;
+import org.apache.sshd.common.FactoryManagerUtils;
import org.apache.sshd.common.ForwardingFilter;
import org.apache.sshd.common.NamedFactory;
-import org.apache.sshd.common.Session;
-import org.apache.sshd.common.SshdSocketAddress;
import org.apache.sshd.common.io.IoAcceptor;
import org.apache.sshd.common.io.IoServiceFactory;
import org.apache.sshd.common.io.IoSession;
@@ -429,9 +427,11 @@ public class SshServer extends AbstractFactoryManager implements ServerFactoryMa
System.err.println("Starting SSHD on port " + port);
SshServer sshd = SshServer.setUpDefaultServer();
- sshd.getProperties().putAll(options);
+ Map<String,Object> props = sshd.getProperties();
+ FactoryManagerUtils.updateProperty(props, ServerFactoryManager.WELCOME_BANNER, "Welcome to SSHD\n");
+ props.putAll(options);
sshd.setPort(port);
- sshd.getProperties().put(ServerFactoryManager.WELCOME_BANNER, "Welcome to SSHD\n");
+
if (SecurityUtils.isBouncyCastleRegistered()) {
sshd.setKeyPairProvider(new PEMGeneratorHostKeyProvider("key.pem"));
} else {
@@ -450,34 +450,8 @@ public class SshServer extends AbstractFactoryManager implements ServerFactoryMa
return username != null && username.equals(password);
}
});
- sshd.setPublickeyAuthenticator(new PublickeyAuthenticator() {
- @Override
- public boolean authenticate(String username, PublicKey key, ServerSession session) {
- //File f = new File("/Users/" + username + "/.ssh/authorized_keys");
- return true;
- }
- });
- sshd.setTcpipForwardingFilter(new ForwardingFilter() {
- @Override
- public boolean canForwardAgent(Session session) {
- return true;
- }
-
- @Override
- public boolean canForwardX11(Session session) {
- return true;
- }
-
- @Override
- public boolean canListen(SshdSocketAddress address, Session session) {
- return true;
- }
-
- @Override
- public boolean canConnect(SshdSocketAddress address, Session session) {
- return true;
- }
- });
+ sshd.setPublickeyAuthenticator(PublickeyAuthenticator.AcceptAllPublickeyAuthenticator.INSTANCE);
+ sshd.setTcpipForwardingFilter(ForwardingFilter.AcceptAllForwardingFilter.INSTANCE);
sshd.setCommandFactory(new ScpCommandFactory.Builder().withDelegate(new CommandFactory() {
@Override
public Command createCommand(String command) {
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/main/java/org/apache/sshd/client/auth/UserAuthPublicKey.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/client/auth/UserAuthPublicKey.java b/sshd-core/src/main/java/org/apache/sshd/client/auth/UserAuthPublicKey.java
index 205d6c2..9a32e51 100644
--- a/sshd-core/src/main/java/org/apache/sshd/client/auth/UserAuthPublicKey.java
+++ b/sshd-core/src/main/java/org/apache/sshd/client/auth/UserAuthPublicKey.java
@@ -50,6 +50,7 @@ import org.apache.sshd.common.util.buffer.ByteArrayBuffer;
public class UserAuthPublicKey extends AbstractLoggingBean implements UserAuth {
public static class UserAuthPublicKeyFactory implements NamedFactory<UserAuth> {
+ public static final String NAME = "publickey";
public static final UserAuthPublicKeyFactory INSTANCE = new UserAuthPublicKeyFactory();
public UserAuthPublicKeyFactory() {
@@ -58,7 +59,7 @@ public class UserAuthPublicKey extends AbstractLoggingBean implements UserAuth {
@Override
public String getName() {
- return "publickey";
+ return NAME;
}
@Override
public UserAuth create() {
@@ -119,7 +120,7 @@ public class UserAuthPublicKey extends AbstractLoggingBean implements UserAuth {
buffer = session.createBuffer(SshConstants.SSH_MSG_USERAUTH_REQUEST);
buffer.putString(session.getUsername());
buffer.putString(service);
- buffer.putString("publickey");
+ buffer.putString(UserAuthPublicKeyFactory.NAME);
buffer.putByte((byte) 0);
buffer.putString(algo);
buffer.putPublicKey(key);
@@ -136,7 +137,7 @@ public class UserAuthPublicKey extends AbstractLoggingBean implements UserAuth {
buffer = session.createBuffer(SshConstants.SSH_MSG_USERAUTH_REQUEST);
buffer.putString(session.getUsername());
buffer.putString(service);
- buffer.putString("publickey");
+ buffer.putString(UserAuthPublicKeyFactory.NAME);
buffer.putByte((byte) 1);
buffer.putString(algo);
buffer.putPublicKey(key);
@@ -146,7 +147,7 @@ public class UserAuthPublicKey extends AbstractLoggingBean implements UserAuth {
bs.putByte(SshConstants.SSH_MSG_USERAUTH_REQUEST);
bs.putString(session.getUsername());
bs.putString(service);
- bs.putString("publickey");
+ bs.putString(UserAuthPublicKeyFactory.NAME);
bs.putByte((byte) 1);
bs.putString(algo);
bs.putPublicKey(key);
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/main/java/org/apache/sshd/common/ForwardingFilter.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/ForwardingFilter.java b/sshd-core/src/main/java/org/apache/sshd/common/ForwardingFilter.java
index e5c9317..b3e33af 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/ForwardingFilter.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/ForwardingFilter.java
@@ -18,7 +18,13 @@
*/
package org.apache.sshd.common;
+import java.util.Collections;
+import java.util.EnumSet;
+import java.util.Set;
+
import org.apache.sshd.agent.SshAgent;
+import org.apache.sshd.common.util.AbstractLoggingBean;
+import org.apache.sshd.common.util.GenericUtils;
/**
* Determines if a forwarding request will be permitted.
@@ -67,6 +73,87 @@ public interface ForwardingFilter {
boolean canListen(SshdSocketAddress address, Session session);
/**
+ * The type of requested connection forwarding. The type's {@link #getName()}
+ * method returns the SSH request type
+ */
+ enum Type implements NamedResource {
+ Direct("direct-tcpip"),
+ Forwarded("forwarded-tcpip");
+
+ private final String name;
+
+ @Override
+ public final String getName() {
+ return name;
+ }
+
+ Type(String name) {
+ this.name = name;
+ }
+
+ public static final Set<Type> VALUES =
+ Collections.unmodifiableSet(EnumSet.allOf(Type.class));
+
+ /**
+ * @param name Either the enum name or the request - ignored if {@code null}/empty
+ * @return The matching {@link Type} value - case <U>insensitive</U>,
+ * or {@code null} if no match found
+ * @see #fromName(String)
+ * @see #fromEnumName(String)
+ */
+ public static final Type fromString(String name) {
+ if (GenericUtils.isEmpty(name)) {
+ return null;
+ }
+
+ Type t = fromName(name);
+ if (t == null) {
+ t = fromEnumName(name);
+ }
+
+ return t;
+ }
+
+ /**
+ * @param name The request name - ignored if {@code null}/empty
+ * @return The matching {@link Type} value - case <U>insensitive</U>,
+ * or {@code null} if no match found
+ */
+ public static final Type fromName(String name) {
+ if (GenericUtils.isEmpty(name)) {
+ return null;
+ }
+
+ for (Type t : VALUES) {
+ if (name.equalsIgnoreCase(t.getName())) {
+ return t;
+ }
+ }
+
+ return null;
+ }
+
+ /**
+ * @param name The enum value name - ignored if {@code null}/empty
+ * @return The matching {@link Type} value - case <U>insensitive</U>,
+ * or {@code null} if no match found
+ */
+ public static final Type fromEnumName(String name) {
+ if (GenericUtils.isEmpty(name)) {
+ return null;
+ }
+
+ for (Type t : VALUES) {
+ if (name.equalsIgnoreCase(t.name())) {
+ return t;
+ }
+ }
+
+ return null;
+ }
+ }
+
+ /**
* Determine if the session may create an outbound connection.
* <p>
* This server process will connect to another server listening on the
@@ -74,10 +161,87 @@ public interface ForwardingFilter {
* the same host (127.0.0.1) but may be to any other system this server
* can reach on the server's side of the network.
*
+ * @param type The {@link Type} of requested connection forwarding
* @param address address the client has requested this server listen
* for inbound connections on, and relay them through the client.
* @param session session requesting permission to listen for connections.
* @return true if the socket is permitted; false if it must be denied.
*/
- boolean canConnect(SshdSocketAddress address, Session session);
+ boolean canConnect(Type type, SshdSocketAddress address, Session session);
+
+ /**
+ * A {@link ForwardingFilter} implementation that returns the same "static"
+ * result for <U>all</U> the queries.
+ */
+ public static class StaticDecisionForwardingFilter extends AbstractLoggingBean implements ForwardingFilter {
+ private final boolean acceptance;
+
+ /**
+ * @param acceptance The acceptance status for <U>all</U> the queries
+ */
+ public StaticDecisionForwardingFilter(boolean acceptance) {
+ this.acceptance = acceptance;
+ }
+
+ public final boolean isAccepted() {
+ return acceptance;
+ }
+
+ @Override
+ public boolean canForwardAgent(Session session) {
+ return checkAcceptance("auth-agent-req@openssh.com", session, SshdSocketAddress.LOCALHOST_ADDRESS);
+ }
+
+ @Override
+ public boolean canForwardX11(Session session) {
+ return checkAcceptance("x11-req", session, SshdSocketAddress.LOCALHOST_ADDRESS);
+ }
+
+ @Override
+ public boolean canListen(SshdSocketAddress address, Session session) {
+ return checkAcceptance("tcpip-forward", session, address);
+ }
+
+ @Override
+ public boolean canConnect(Type type, SshdSocketAddress address, Session session) {
+ return checkAcceptance(type.getName(), session, address);
+ }
+
+ /**
+ * @param request The SSH request that ultimately led to this filter being consulted
+ * @param session The requesting {@link Session}
+ * @param target The request target - may be {@link SshdSocketAddress#LOCALHOST_ADDRESS}
+ * if no real target
+ * @return The (static) {@link #isAccepted()} flag
+ */
+ protected boolean checkAcceptance(String request, Session session, SshdSocketAddress target) {
+ boolean accepted = isAccepted();
+ if (log.isDebugEnabled()) {
+ log.debug("checkAcceptance(" + request + ")[" + session + "] acceptance for target=" + target + " is " + accepted);
+ }
+ return accepted;
+ }
+ }
+
+ /**
+ * A {@link ForwardingFilter} that accepts all requests
+ */
+ public static class AcceptAllForwardingFilter extends StaticDecisionForwardingFilter {
+ public static final AcceptAllForwardingFilter INSTANCE = new AcceptAllForwardingFilter();
+
+ public AcceptAllForwardingFilter() {
+ super(true);
+ }
+ }
+
+ /**
+ * A {@link ForwardingFilter} that rejects all requests
+ */
+ public static class RejectAllForwardingFilter extends StaticDecisionForwardingFilter {
+ public static final RejectAllForwardingFilter INSTANCE = new RejectAllForwardingFilter();
+
+ public RejectAllForwardingFilter() {
+ super(false);
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/main/java/org/apache/sshd/common/SshdSocketAddress.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/SshdSocketAddress.java b/sshd-core/src/main/java/org/apache/sshd/common/SshdSocketAddress.java
index eb2e53d..578572b 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/SshdSocketAddress.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/SshdSocketAddress.java
@@ -20,26 +20,44 @@ package org.apache.sshd.common;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
+import java.util.Objects;
+
+import org.apache.sshd.common.util.GenericUtils;
+import org.apache.sshd.common.util.ValidateUtils;
/**
- * A simple socket address holding the host name and port number.
- *
+ * <P>A simple socket address holding the host name and port number. The reason
+ * it does not extend {@link InetSocketAddress} is twofold:</P></BR>
+ * <OL>
+ * <LI><P>
+ * The {@link InetSocketAddress} performs a DNS resolution on the
+ * provided host name - which we don't want do use until we want to
+ * create a connection using this address (thus the {@link #toInetSocketAddress()}
+ * call which executes this query
+ * </P></LI>
+ *
+ * <LI><P>
+ * If empty host name is provided we replace it with the <I>any</I>
+ * address of 0.0.0.0
+ * </P></LI>
+ * </OL>
* @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
*/
public class SshdSocketAddress extends SocketAddress {
private static final long serialVersionUID = 6461645947151952729L;
+ /**
+ * A dummy placeholder that can be used instead of {@code null}s
+ */
+ public static final SshdSocketAddress LOCALHOST_ADDRESS = new SshdSocketAddress("localhost", 0);
private final String hostName;
private final int port;
public SshdSocketAddress(String hostName, int port) {
- if (hostName == null) {
- throw new IllegalArgumentException("HostName can not be null");
- }
- if (port < 0) {
- throw new IllegalArgumentException("Port must be >= 0");
- }
- this.hostName = hostName;
- this.port = port;
+ ValidateUtils.checkNotNull(hostName, "Host name may not be null", GenericUtils.EMPTY_OBJECT_ARRAY);
+ this.hostName = GenericUtils.isEmpty(hostName) ? "0.0.0.0" : hostName;
+
+ ValidateUtils.checkTrue(port >= 0, "Port must be >= 0", Integer.valueOf(port));
+ this.port = port;
}
public String getHostName() {
@@ -51,28 +69,34 @@ public class SshdSocketAddress extends SocketAddress {
}
public InetSocketAddress toInetSocketAddress() {
- return new InetSocketAddress(hostName.length() == 0 ? "0.0.0.0" : hostName, port);
+ return new InetSocketAddress(getHostName(), getPort());
}
@Override
public String toString() {
- return hostName + ":" + port;
+ return getHostName() + ":" + getPort();
}
@Override
public boolean equals(Object o) {
- if (this == o) return true;
- if (o == null || getClass() != o.getClass()) return false;
+ if (this == o)
+ return true;
+ if (o == null)
+ return false;
+ if (getClass() != o.getClass())
+ return false;
+
SshdSocketAddress that = (SshdSocketAddress) o;
- if (port != that.port) return false;
- if (!hostName.equals(that.hostName)) return false;
- return true;
+ if ((this.getPort() == that.getPort())
+ && Objects.equals(this.getHostName(), that.getHostName())) {
+ return true;
+ } else {
+ return false; // debug breakpoint
+ }
}
@Override
public int hashCode() {
- int result = hostName.hashCode();
- result = 31 * result + port;
- return result;
+ return Objects.hashCode(getHostName()) + getPort();
}
}
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/main/java/org/apache/sshd/common/forward/DefaultTcpipForwarder.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/forward/DefaultTcpipForwarder.java b/sshd-core/src/main/java/org/apache/sshd/common/forward/DefaultTcpipForwarder.java
index d85da03..ff74a70 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/forward/DefaultTcpipForwarder.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/forward/DefaultTcpipForwarder.java
@@ -169,8 +169,12 @@ public class DefaultTcpipForwarder extends CloseableUtils.AbstractInnerCloseable
if (local.getPort() < 0) {
throw new IllegalArgumentException("Invalid local port: " + local.getPort());
}
- final ForwardingFilter filter = session.getFactoryManager().getTcpipForwardingFilter();
- if (filter == null || !filter.canListen(local, session)) {
+
+ ForwardingFilter filter = session.getFactoryManager().getTcpipForwardingFilter();
+ if ((filter == null) || (!filter.canListen(local, session))) {
+ if (log.isDebugEnabled()) {
+ log.debug("localPortForwardingRequested(" + session + ")[" + local + "][haveFilter=" + (filter != null) + "] rejected");
+ }
throw new IOException("Rejected address: " + local);
}
SshdSocketAddress bound = doBind(local, new StaticIoHandler());
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/main/java/org/apache/sshd/common/forward/TcpipServerChannel.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/forward/TcpipServerChannel.java b/sshd-core/src/main/java/org/apache/sshd/common/forward/TcpipServerChannel.java
index 255bfe3..a9f6c36 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/forward/TcpipServerChannel.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/forward/TcpipServerChannel.java
@@ -29,6 +29,7 @@ import org.apache.sshd.client.future.OpenFuture;
import org.apache.sshd.common.Channel;
import org.apache.sshd.common.ForwardingFilter;
import org.apache.sshd.common.NamedFactory;
+import org.apache.sshd.common.Session;
import org.apache.sshd.common.SshConstants;
import org.apache.sshd.common.SshdSocketAddress;
import org.apache.sshd.common.channel.ChannelOutputStream;
@@ -54,16 +55,21 @@ import org.apache.sshd.server.channel.OpenChannelException;
*/
public class TcpipServerChannel extends AbstractServerChannel {
public abstract static class TcpipFactory implements NamedFactory<Channel>, ExecutorServiceCarrier {
- private final Type type;
+ private final ForwardingFilter.Type type;
- protected TcpipFactory(Type type) {
+ protected TcpipFactory(ForwardingFilter.Type type) {
this.type = type;
}
- public final Type getType() {
+ public final ForwardingFilter.Type getType() {
return type;
}
-
+
+ @Override
+ public final String getName() {
+ return type.getName();
+ }
+
@Override // user can override to provide an alternative
public ExecutorService getExecutorService() {
return null;
@@ -87,12 +93,7 @@ public class TcpipServerChannel extends AbstractServerChannel {
public static final DirectTcpipFactory INSTANCE = new DirectTcpipFactory();
public DirectTcpipFactory() {
- super(Type.Direct);
- }
-
- @Override
- public String getName() {
- return "direct-tcpip";
+ super(ForwardingFilter.Type.Direct);
}
}
@@ -100,29 +101,23 @@ public class TcpipServerChannel extends AbstractServerChannel {
public static final ForwardedTcpipFactory INSTANCE = new ForwardedTcpipFactory();
public ForwardedTcpipFactory() {
- super(Type.Forwarded);
+ super(ForwardingFilter.Type.Forwarded);
}
-
- @Override
- public String getName() {
- return "forwarded-tcpip";
- }
- }
-
- private enum Type {
- Direct,
- Forwarded
}
- private final Type type;
+ private final ForwardingFilter.Type type;
private IoConnector connector;
private IoSession ioSession;
private OutputStream out;
- public TcpipServerChannel(Type type) {
+ public TcpipServerChannel(ForwardingFilter.Type type) {
this.type = type;
}
+ public final ForwardingFilter.Type getChannelType() {
+ return type;
+ }
+
@Override
protected OpenFuture doInit(Buffer buffer) {
final OpenFuture f = new DefaultOpenFuture(this);
@@ -148,8 +143,12 @@ public class TcpipServerChannel extends AbstractServerChannel {
throw new IllegalStateException("Unknown server channel type: " + type);
}
- final ForwardingFilter filter = getSession().getFactoryManager().getTcpipForwardingFilter();
- if ((address == null) || (filter == null) || (!filter.canConnect(address, getSession()))) {
+ Session session = getSession();
+ ForwardingFilter filter = session.getFactoryManager().getTcpipForwardingFilter();
+ if ((address == null) || (filter == null) || (!filter.canConnect(type, address, session))) {
+ if (log.isDebugEnabled()) {
+ log.debug("doInit(" + session + ")[" + type + "][haveFilter=" + (filter != null) + "] filtered out " + address);
+ }
super.close(true);
f.setException(new OpenChannelException(SshConstants.SSH_OPEN_ADMINISTRATIVELY_PROHIBITED, "Connection denied"));
return f;
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/main/java/org/apache/sshd/server/auth/UserAuthPublicKey.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/server/auth/UserAuthPublicKey.java b/sshd-core/src/main/java/org/apache/sshd/server/auth/UserAuthPublicKey.java
index 65fab85..6b7786a 100644
--- a/sshd-core/src/main/java/org/apache/sshd/server/auth/UserAuthPublicKey.java
+++ b/sshd-core/src/main/java/org/apache/sshd/server/auth/UserAuthPublicKey.java
@@ -36,6 +36,8 @@ import org.apache.sshd.server.UserAuth;
public class UserAuthPublicKey extends AbstractUserAuth {
public static class UserAuthPublicKeyFactory implements NamedFactory<UserAuth> {
+ public static final String NAME = "publickey";
+
public static final UserAuthPublicKeyFactory INSTANCE = new UserAuthPublicKeyFactory();
public UserAuthPublicKeyFactory() {
@@ -44,7 +46,7 @@ public class UserAuthPublicKey extends AbstractUserAuth {
@Override
public String getName() {
- return "publickey";
+ return NAME;
}
@Override
public UserAuth create() {
@@ -94,7 +96,7 @@ public class UserAuthPublicKey extends AbstractUserAuth {
buf.putByte(SshConstants.SSH_MSG_USERAUTH_REQUEST);
buf.putString(username);
buf.putString(service);
- buf.putString("publickey");
+ buf.putString(UserAuthPublicKeyFactory.NAME);
buf.putByte((byte) 1);
buf.putString(alg);
buffer.rpos(oldPos);
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/main/java/org/apache/sshd/server/channel/ChannelSession.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/server/channel/ChannelSession.java b/sshd-core/src/main/java/org/apache/sshd/server/channel/ChannelSession.java
index 9d4bbcf..dcb8c2e 100644
--- a/sshd-core/src/main/java/org/apache/sshd/server/channel/ChannelSession.java
+++ b/sshd-core/src/main/java/org/apache/sshd/server/channel/ChannelSession.java
@@ -50,6 +50,7 @@ import org.apache.sshd.common.future.CloseFuture;
import org.apache.sshd.common.future.DefaultCloseFuture;
import org.apache.sshd.common.future.SshFutureListener;
import org.apache.sshd.common.util.CloseableUtils;
+import org.apache.sshd.common.util.GenericUtils;
import org.apache.sshd.common.util.IoUtils;
import org.apache.sshd.common.util.buffer.Buffer;
import org.apache.sshd.common.util.buffer.ByteArrayBuffer;
@@ -596,10 +597,14 @@ public class ChannelSession extends AbstractServerChannel {
}
protected boolean handleAgentForwarding(Buffer buffer) throws IOException {
- final ServerSession server = (ServerSession) session;
- final ForwardingFilter filter = server.getFactoryManager().getTcpipForwardingFilter();
- final SshAgentFactory factory = server.getFactoryManager().getAgentFactory();
- if (factory == null || (filter != null && !filter.canForwardAgent(server))) {
+ ServerSession server = (ServerSession) session;
+ FactoryManager manager = server.getFactoryManager();
+ ForwardingFilter filter = manager.getTcpipForwardingFilter();
+ SshAgentFactory factory = manager.getAgentFactory();
+ if ((factory == null) || (filter == null) || (!filter.canForwardAgent(server))) {
+ if (log.isDebugEnabled()) {
+ log.debug("handleAgentForwarding(" + session + ")[haveFactory=" + (factory != null) + ",haveFilter=" + (filter != null) + "] filtered out");
+ }
return false;
}
@@ -609,15 +614,24 @@ public class ChannelSession extends AbstractServerChannel {
}
protected boolean handleX11Forwarding(Buffer buffer) throws IOException {
- final ServerSession server = (ServerSession) session;
- final ForwardingFilter filter = server.getFactoryManager().getTcpipForwardingFilter();
- if (filter == null || !filter.canForwardX11(server)) {
+ ServerSession server = (ServerSession) session;
+ ForwardingFilter filter = server.getFactoryManager().getTcpipForwardingFilter();
+ if ((filter == null) || (!filter.canForwardX11(server))) {
+ if (log.isDebugEnabled()) {
+ log.debug("handleX11Forwarding(" + session + ")[haveFilter=" + (filter != null) + "] filtered out");
+ }
return false;
}
- String display = service.createX11Display(buffer.getBoolean(), buffer.getString(),
- buffer.getString(), buffer.getInt());
- if (display == null) {
+ boolean singleConnection = buffer.getBoolean();
+ String authProtocol = buffer.getString();
+ String authCookie = buffer.getString();
+ int screenId = buffer.getInt();
+ String display = service.createX11Display(singleConnection, authProtocol, authCookie, screenId);
+ if (GenericUtils.isEmpty(display)) {
+ if (log.isDebugEnabled()) {
+ log.debug("handleX11Forwarding(" + session + ") no X.11 display created");
+ }
return false;
}
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/AgentTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/AgentTest.java b/sshd-core/src/test/java/org/apache/sshd/AgentTest.java
index ea17be1..ddf5cf9 100644
--- a/sshd-core/src/test/java/org/apache/sshd/AgentTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/AgentTest.java
@@ -34,6 +34,7 @@ import org.apache.sshd.agent.local.ProxyAgentFactory;
import org.apache.sshd.agent.unix.AgentClient;
import org.apache.sshd.agent.unix.AgentServer;
import org.apache.sshd.client.channel.ChannelShell;
+import org.apache.sshd.common.ForwardingFilter;
import org.apache.sshd.common.keyprovider.KeyPairProvider;
import org.apache.sshd.common.util.SecurityUtils;
import org.apache.sshd.server.Command;
@@ -108,18 +109,20 @@ public class AgentTest extends BaseTestSupport {
sshd1.setPasswordAuthenticator(BogusPasswordAuthenticator.INSTANCE);
sshd1.setPublickeyAuthenticator(AcceptAllPublickeyAuthenticator.INSTANCE);
sshd1.setAgentFactory(agentFactory);
+ sshd1.setTcpipForwardingFilter(ForwardingFilter.AcceptAllForwardingFilter.INSTANCE);
sshd1.start();
- int port1 = sshd1.getPort();
-
+
+ final int port1 = sshd1.getPort();
try(SshServer sshd2 = SshServer.setUpDefaultServer()) {
sshd2.setKeyPairProvider(Utils.createTestHostKeyProvider());
sshd2.setShellFactory(new TestEchoShellFactory());
sshd2.setPasswordAuthenticator(BogusPasswordAuthenticator.INSTANCE);
sshd2.setPublickeyAuthenticator(AcceptAllPublickeyAuthenticator.INSTANCE);
+ sshd1.setTcpipForwardingFilter(ForwardingFilter.AcceptAllForwardingFilter.INSTANCE);
sshd2.setAgentFactory(new ProxyAgentFactory());
sshd2.start();
- int port2 = sshd2.getPort();
+ final int port2 = sshd2.getPort();
try(SshClient client1 = SshClient.setUpDefaultClient()) {
client1.setAgentFactory(localAgentFactory);
client1.start();
@@ -191,8 +194,7 @@ public class AgentTest extends BaseTestSupport {
return shell;
}
- @FixMethodOrder(MethodSorters.NAME_ASCENDING)
-public class TestEchoShell extends EchoShell {
+ public class TestEchoShell extends EchoShell {
boolean started;
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/AuthenticationTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/AuthenticationTest.java b/sshd-core/src/test/java/org/apache/sshd/AuthenticationTest.java
index d07b1c9..e294d3b 100644
--- a/sshd-core/src/test/java/org/apache/sshd/AuthenticationTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/AuthenticationTest.java
@@ -25,6 +25,7 @@ import java.util.Arrays;
import org.apache.sshd.client.future.AuthFuture;
import org.apache.sshd.client.session.ClientConnectionService;
import org.apache.sshd.client.session.ClientSessionImpl;
+import org.apache.sshd.common.FactoryManagerUtils;
import org.apache.sshd.common.io.IoSession;
import org.apache.sshd.common.keyprovider.KeyPairProvider;
import org.apache.sshd.common.session.AbstractSession;
@@ -60,8 +61,8 @@ public class AuthenticationTest extends BaseTestSupport {
sshd.setKeyPairProvider(Utils.createTestHostKeyProvider());
sshd.setPasswordAuthenticator(BogusPasswordAuthenticator.INSTANCE);
sshd.setPublickeyAuthenticator(AcceptAllPublickeyAuthenticator.INSTANCE);
- sshd.getProperties().put(ServerFactoryManager.WELCOME_BANNER, WELCOME);
- sshd.getProperties().put(ServerFactoryManager.AUTH_METHODS, "publickey,password publickey,keyboard-interactive");
+ FactoryManagerUtils.updateProperty(sshd, ServerFactoryManager.WELCOME_BANNER, WELCOME);
+ FactoryManagerUtils.updateProperty(sshd, ServerFactoryManager.AUTH_METHODS, "publickey,password publickey,keyboard-interactive");
sshd.setSessionFactory(new SessionFactory() {
@Override
protected AbstractSession doCreateSession(IoSession ioSession) throws Exception {
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/ClientTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/ClientTest.java b/sshd-core/src/test/java/org/apache/sshd/ClientTest.java
index bdd039a..2a3b020 100644
--- a/sshd-core/src/test/java/org/apache/sshd/ClientTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/ClientTest.java
@@ -475,10 +475,10 @@ public class ClientTest extends BaseTestSupport {
@Test
public void testClientWithLengthyDialog() throws Exception {
// Reduce window size and packet size
-// client.getProperties().put(SshClient.WINDOW_SIZE, Integer.toString(0x20000));
-// client.getProperties().put(SshClient.MAX_PACKET_SIZE, Integer.toString(0x1000));
-// sshd.getProperties().put(SshServer.WINDOW_SIZE, Integer.toString(0x20000));
-// sshd.getProperties().put(SshServer.MAX_PACKET_SIZE, Integer.toString(0x1000));
+// FactoryManagerUtils.updateProperty(client, SshClient.WINDOW_SIZE, 0x20000);
+// FactoryManagerUtils.updateProperty(client, SshClient.MAX_PACKET_SIZE, 0x1000);
+// FactoryManagerUtils.updateProperty(sshd, SshServer.WINDOW_SIZE, 0x20000);
+// FactoryManagerUtils.updateProperty(sshd, SshServer.MAX_PACKET_SIZE, 0x1000);
client.start();
try(ClientSession session = client.connect(getCurrentTestName(), "localhost", port).await().getSession()) {
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/KeepAliveTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/KeepAliveTest.java b/sshd-core/src/test/java/org/apache/sshd/KeepAliveTest.java
index 83f042d..e6ececa 100644
--- a/sshd-core/src/test/java/org/apache/sshd/KeepAliveTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/KeepAliveTest.java
@@ -48,14 +48,14 @@ public class KeepAliveTest extends BaseTestSupport {
private SshServer sshd;
private int port;
- private int heartbeat = 2000;
- private int timeout = 4000;
- private int wait = 8000;
+ private static final int HEARTBEAT = 2000;
+ private static final int TIMEOUT = 4000;
+ private static final int WAIT = 8000;
@Before
public void setUp() throws Exception {
sshd = SshServer.setUpDefaultServer();
- sshd.getProperties().put(FactoryManager.IDLE_TIMEOUT, Integer.toString(timeout));
+ FactoryManagerUtils.updateProperty(sshd, FactoryManager.IDLE_TIMEOUT, TIMEOUT);
sshd.setKeyPairProvider(Utils.createTestHostKeyProvider());
sshd.setShellFactory(new TestEchoShellFactory());
sshd.setPasswordAuthenticator(BogusPasswordAuthenticator.INSTANCE);
@@ -81,7 +81,7 @@ public class KeepAliveTest extends BaseTestSupport {
session.auth().verify(5L, TimeUnit.SECONDS);
try(ClientChannel channel = session.createChannel(ClientChannel.CHANNEL_SHELL)) {
- int state = channel.waitFor(ClientChannel.CLOSED, wait);
+ int state = channel.waitFor(ClientChannel.CLOSED, WAIT);
assertEquals("Wrong channel state", ClientChannel.CLOSED | ClientChannel.EOF, state);
channel.close(false);
@@ -101,7 +101,7 @@ public class KeepAliveTest extends BaseTestSupport {
session.auth().verify(5L, TimeUnit.SECONDS);
try(ClientChannel channel = session.createChannel(ClientChannel.CHANNEL_SHELL)) {
- int state = channel.waitFor(ClientChannel.CLOSED, wait);
+ int state = channel.waitFor(ClientChannel.CLOSED, WAIT);
assertEquals("Wrong channel state", ClientChannel.CLOSED | ClientChannel.EOF, state);
channel.close(false);
@@ -114,7 +114,7 @@ public class KeepAliveTest extends BaseTestSupport {
@Test
public void testClientWithHeartBeat() throws Exception {
SshClient client = SshClient.setUpDefaultClient();
- FactoryManagerUtils.updateProperty(client, ClientFactoryManager.HEARTBEAT_INTERVAL, heartbeat);
+ FactoryManagerUtils.updateProperty(client, ClientFactoryManager.HEARTBEAT_INTERVAL, HEARTBEAT);
client.start();
try(ClientSession session = client.connect(getCurrentTestName(), "localhost", port).await().getSession()) {
@@ -122,7 +122,7 @@ public class KeepAliveTest extends BaseTestSupport {
session.auth().verify(5L, TimeUnit.SECONDS);
try(ClientChannel channel = session.createChannel(ClientChannel.CHANNEL_SHELL)) {
- int state = channel.waitFor(ClientChannel.CLOSED, wait);
+ int state = channel.waitFor(ClientChannel.CLOSED, WAIT);
assertEquals("Wrong channel state", ClientChannel.TIMEOUT, state);
channel.close(false);
@@ -135,7 +135,7 @@ public class KeepAliveTest extends BaseTestSupport {
@Test
public void testClientWithHeartBeatNew() throws Exception {
SshClient client = SshClient.setUpDefaultClient();
- FactoryManagerUtils.updateProperty(client, ClientFactoryManager.HEARTBEAT_INTERVAL, heartbeat);
+ FactoryManagerUtils.updateProperty(client, ClientFactoryManager.HEARTBEAT_INTERVAL, HEARTBEAT);
client.start();
try(ClientSession session = client.connect(getCurrentTestName(), "localhost", port).await().getSession()) {
@@ -143,7 +143,7 @@ public class KeepAliveTest extends BaseTestSupport {
session.auth().verify(5L, TimeUnit.SECONDS);
try(ClientChannel channel = session.createChannel(ClientChannel.CHANNEL_SHELL)) {
- int state = channel.waitFor(ClientChannel.CLOSED, wait);
+ int state = channel.waitFor(ClientChannel.CLOSED, WAIT);
assertEquals("Wrong channel state", ClientChannel.TIMEOUT, state);
channel.close(false);
@@ -173,7 +173,7 @@ public class KeepAliveTest extends BaseTestSupport {
channel.open().await();
assertTrue("Latch time out", TestEchoShellFactory.TestEchoShell.latch.await(10L, TimeUnit.SECONDS));
- int state = channel.waitFor(ClientChannel.CLOSED, wait);
+ int state = channel.waitFor(ClientChannel.CLOSED, WAIT);
assertEquals("Wrong channel state", ClientChannel.CLOSED | ClientChannel.EOF | ClientChannel.OPENED, state);
channel.close(false);
@@ -203,7 +203,7 @@ public class KeepAliveTest extends BaseTestSupport {
channel.open().await();
assertTrue("Latch time out", TestEchoShellFactory.TestEchoShell.latch.await(10L, TimeUnit.SECONDS));
- int state = channel.waitFor(ClientChannel.CLOSED, wait);
+ int state = channel.waitFor(ClientChannel.CLOSED, WAIT);
assertEquals("Wrong channel state", ClientChannel.CLOSED | ClientChannel.EOF | ClientChannel.OPENED, state);
channel.close(false);
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/KeyReExchangeTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/KeyReExchangeTest.java b/sshd-core/src/test/java/org/apache/sshd/KeyReExchangeTest.java
index e03d219..d700672 100644
--- a/sshd-core/src/test/java/org/apache/sshd/KeyReExchangeTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/KeyReExchangeTest.java
@@ -27,6 +27,7 @@ import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.sshd.client.channel.ChannelShell;
+import org.apache.sshd.common.FactoryManagerUtils;
import org.apache.sshd.common.Session;
import org.apache.sshd.common.SessionListener;
import org.apache.sshd.server.ServerFactoryManager;
@@ -62,12 +63,13 @@ public class KeyReExchangeTest extends BaseTestSupport {
protected void setUp(long bytesLimit, long timeLimit) throws Exception {
sshd = SshServer.setUpDefaultServer();
- if (bytesLimit > 0) {
- sshd.getProperties().put(ServerFactoryManager.REKEY_BYTES_LIMIT, Long.toString(bytesLimit));
+ if (bytesLimit > 0L) {
+ FactoryManagerUtils.updateProperty(sshd, ServerFactoryManager.REKEY_BYTES_LIMIT, bytesLimit);
}
- if (timeLimit > 0) {
- sshd.getProperties().put(ServerFactoryManager.REKEY_TIME_LIMIT, Long.toString(timeLimit));
+ if (timeLimit > 0L) {
+ FactoryManagerUtils.updateProperty(sshd, ServerFactoryManager.REKEY_TIME_LIMIT, timeLimit);
}
+
sshd.setKeyPairProvider(Utils.createTestHostKeyProvider());
sshd.setShellFactory(new EchoShellFactory());
sshd.setPasswordAuthenticator(BogusPasswordAuthenticator.INSTANCE);
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/PortForwardingLoadTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/PortForwardingLoadTest.java b/sshd-core/src/test/java/org/apache/sshd/PortForwardingLoadTest.java
index 7426965..88e0c10 100644
--- a/sshd-core/src/test/java/org/apache/sshd/PortForwardingLoadTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/PortForwardingLoadTest.java
@@ -46,8 +46,8 @@ import org.apache.mina.core.service.IoAcceptor;
import org.apache.mina.core.service.IoHandlerAdapter;
import org.apache.mina.core.session.IoSession;
import org.apache.mina.transport.socket.nio.NioSocketAcceptor;
+import org.apache.sshd.common.ForwardingFilter;
import org.apache.sshd.util.BaseTestSupport;
-import org.apache.sshd.util.BogusForwardingFilter;
import org.apache.sshd.util.BogusPasswordAuthenticator;
import org.apache.sshd.util.EchoShellFactory;
import org.apache.sshd.util.JSchLogger;
@@ -86,7 +86,7 @@ public class PortForwardingLoadTest extends BaseTestSupport {
sshd.setKeyPairProvider(Utils.createTestHostKeyProvider());
sshd.setShellFactory(new EchoShellFactory());
sshd.setPasswordAuthenticator(BogusPasswordAuthenticator.INSTANCE);
- sshd.setTcpipForwardingFilter(new BogusForwardingFilter());
+ sshd.setTcpipForwardingFilter(ForwardingFilter.AcceptAllForwardingFilter.INSTANCE);
sshd.start();
sshPort = sshd.getPort();
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/PortForwardingTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/PortForwardingTest.java b/sshd-core/src/test/java/org/apache/sshd/PortForwardingTest.java
index cafa924..3b76580 100644
--- a/sshd-core/src/test/java/org/apache/sshd/PortForwardingTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/PortForwardingTest.java
@@ -35,9 +35,9 @@ import org.apache.mina.transport.socket.nio.NioSocketAcceptor;
import org.apache.sshd.client.channel.ChannelDirectTcpip;
import org.apache.sshd.common.FactoryManager;
import org.apache.sshd.common.FactoryManagerUtils;
+import org.apache.sshd.common.ForwardingFilter;
import org.apache.sshd.common.SshdSocketAddress;
import org.apache.sshd.util.BaseTestSupport;
-import org.apache.sshd.util.BogusForwardingFilter;
import org.apache.sshd.util.BogusPasswordAuthenticator;
import org.apache.sshd.util.EchoShellFactory;
import org.apache.sshd.util.JSchLogger;
@@ -76,7 +76,7 @@ public class PortForwardingTest extends BaseTestSupport {
sshd.setKeyPairProvider(Utils.createTestHostKeyProvider());
sshd.setShellFactory(new EchoShellFactory());
sshd.setPasswordAuthenticator(BogusPasswordAuthenticator.INSTANCE);
- sshd.setTcpipForwardingFilter(new BogusForwardingFilter());
+ sshd.setTcpipForwardingFilter(ForwardingFilter.AcceptAllForwardingFilter.INSTANCE);
sshd.start();
sshPort = sshd.getPort();
@@ -450,9 +450,9 @@ public class PortForwardingTest extends BaseTestSupport {
protected ClientSession createNativeSession() throws Exception {
client = SshClient.setUpDefaultClient();
- client.getProperties().put(FactoryManager.WINDOW_SIZE, "2048");
- client.getProperties().put(FactoryManager.MAX_PACKET_SIZE, "256");
- client.setTcpipForwardingFilter(new BogusForwardingFilter());
+ FactoryManagerUtils.updateProperty(client, FactoryManager.WINDOW_SIZE, 2048);
+ FactoryManagerUtils.updateProperty(client, FactoryManager.MAX_PACKET_SIZE, 256);
+ client.setTcpipForwardingFilter(ForwardingFilter.AcceptAllForwardingFilter.INSTANCE);
client.start();
ClientSession session = client.connect("sshd", "localhost", sshPort).await().getSession();
@@ -460,8 +460,6 @@ public class PortForwardingTest extends BaseTestSupport {
session.auth().verify();
return session;
}
-
-
}
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/ProxyTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/ProxyTest.java b/sshd-core/src/test/java/org/apache/sshd/ProxyTest.java
index 9892a8e..3fde124 100644
--- a/sshd-core/src/test/java/org/apache/sshd/ProxyTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/ProxyTest.java
@@ -32,9 +32,10 @@ import org.apache.mina.core.service.IoHandlerAdapter;
import org.apache.mina.core.session.IoSession;
import org.apache.mina.transport.socket.nio.NioSocketAcceptor;
import org.apache.sshd.common.FactoryManager;
+import org.apache.sshd.common.FactoryManagerUtils;
+import org.apache.sshd.common.ForwardingFilter;
import org.apache.sshd.common.SshdSocketAddress;
import org.apache.sshd.util.BaseTestSupport;
-import org.apache.sshd.util.BogusForwardingFilter;
import org.apache.sshd.util.BogusPasswordAuthenticator;
import org.apache.sshd.util.EchoShellFactory;
import org.apache.sshd.util.Utils;
@@ -58,12 +59,12 @@ public class ProxyTest extends BaseTestSupport {
@Before
public void setUp() throws Exception {
sshd = SshServer.setUpDefaultServer();
- sshd.getProperties().put(FactoryManager.WINDOW_SIZE, "2048");
- sshd.getProperties().put(FactoryManager.MAX_PACKET_SIZE, "256");
+ FactoryManagerUtils.updateProperty(sshd, FactoryManager.WINDOW_SIZE, 2048);
+ FactoryManagerUtils.updateProperty(sshd, FactoryManager.MAX_PACKET_SIZE, "256");
sshd.setKeyPairProvider(Utils.createTestHostKeyProvider());
sshd.setShellFactory(new EchoShellFactory());
sshd.setPasswordAuthenticator(BogusPasswordAuthenticator.INSTANCE);
- sshd.setTcpipForwardingFilter(new BogusForwardingFilter());
+ sshd.setTcpipForwardingFilter(ForwardingFilter.AcceptAllForwardingFilter.INSTANCE);
sshd.start();
sshPort = sshd.getPort();
@@ -82,7 +83,6 @@ public class ProxyTest extends BaseTestSupport {
acceptor.bind(new InetSocketAddress(0));
echoPort = acceptor.getLocalAddress().getPort();
this.acceptor = acceptor;
-
}
@After
@@ -142,9 +142,9 @@ public class ProxyTest extends BaseTestSupport {
protected ClientSession createNativeSession() throws Exception {
client = SshClient.setUpDefaultClient();
- client.getProperties().put(FactoryManager.WINDOW_SIZE, "2048");
- client.getProperties().put(FactoryManager.MAX_PACKET_SIZE, "256");
- client.setTcpipForwardingFilter(new BogusForwardingFilter());
+ FactoryManagerUtils.updateProperty(client, FactoryManager.WINDOW_SIZE, 2048);
+ FactoryManagerUtils.updateProperty(client, FactoryManager.MAX_PACKET_SIZE, 256);
+ client.setTcpipForwardingFilter(ForwardingFilter.AcceptAllForwardingFilter.INSTANCE);
client.start();
ClientSession session = client.connect("sshd", "localhost", sshPort).await().getSession();
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/ServerTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/ServerTest.java b/sshd-core/src/test/java/org/apache/sshd/ServerTest.java
index 8d91cf7..d9b94fa 100644
--- a/sshd-core/src/test/java/org/apache/sshd/ServerTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/ServerTest.java
@@ -545,7 +545,7 @@ public class ServerTest extends BaseTestSupport {
public static void main(String[] args) throws Exception {
SshServer sshd = SshServer.setUpDefaultServer();
- sshd.getProperties().put(FactoryManager.IDLE_TIMEOUT, "10000");
+ FactoryManagerUtils.updateProperty(sshd, FactoryManager.IDLE_TIMEOUT, TimeUnit.SECONDS.toMillis(10L));
sshd.setPort(8001);
sshd.setKeyPairProvider(Utils.createTestHostKeyProvider());
sshd.setSubsystemFactories(Arrays.<NamedFactory<Command>>asList(new SftpSubsystemFactory()));
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/SinglePublicKeyAuthTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/SinglePublicKeyAuthTest.java b/sshd-core/src/test/java/org/apache/sshd/SinglePublicKeyAuthTest.java
index 9fd0db6..970efa0 100644
--- a/sshd-core/src/test/java/org/apache/sshd/SinglePublicKeyAuthTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/SinglePublicKeyAuthTest.java
@@ -24,6 +24,7 @@ import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicInteger;
+import org.apache.sshd.common.FactoryManagerUtils;
import org.apache.sshd.common.config.keys.KeyUtils;
import org.apache.sshd.common.keyprovider.KeyPairProvider;
import org.apache.sshd.server.Command;
@@ -31,6 +32,7 @@ import org.apache.sshd.server.CommandFactory;
import org.apache.sshd.server.PublickeyAuthenticator;
import org.apache.sshd.server.ServerFactoryManager;
import org.apache.sshd.server.auth.CachingPublicKeyAuthenticator;
+import org.apache.sshd.server.auth.UserAuthPublicKey.UserAuthPublicKeyFactory;
import org.apache.sshd.server.command.UnknownCommand;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.session.ServerSession;
@@ -66,7 +68,7 @@ public class SinglePublicKeyAuthTest extends BaseTestSupport {
return new UnknownCommand(command);
}
});
- sshd.getProperties().put(ServerFactoryManager.AUTH_METHODS, "publickey");
+ FactoryManagerUtils.updateProperty(sshd, ServerFactoryManager.AUTH_METHODS, UserAuthPublicKeyFactory.NAME);
sshd.setPublickeyAuthenticator(new PublickeyAuthenticator() {
@SuppressWarnings("synthetic-access")
@Override
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/WelcomeBannerTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/WelcomeBannerTest.java b/sshd-core/src/test/java/org/apache/sshd/WelcomeBannerTest.java
index 5c2a584..0806fbe 100644
--- a/sshd-core/src/test/java/org/apache/sshd/WelcomeBannerTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/WelcomeBannerTest.java
@@ -22,6 +22,7 @@ import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import org.apache.sshd.client.UserInteraction;
+import org.apache.sshd.common.FactoryManagerUtils;
import org.apache.sshd.server.PublickeyAuthenticator.AcceptAllPublickeyAuthenticator;
import org.apache.sshd.server.ServerFactoryManager;
import org.apache.sshd.util.BaseTestSupport;
@@ -47,7 +48,7 @@ public class WelcomeBannerTest extends BaseTestSupport {
sshd.setKeyPairProvider(Utils.createTestHostKeyProvider());
sshd.setPasswordAuthenticator(BogusPasswordAuthenticator.INSTANCE);
sshd.setPublickeyAuthenticator(AcceptAllPublickeyAuthenticator.INSTANCE);
- sshd.getProperties().put(ServerFactoryManager.WELCOME_BANNER, WELCOME);
+ FactoryManagerUtils.updateProperty(sshd, ServerFactoryManager.WELCOME_BANNER, WELCOME);
sshd.start();
port = sshd.getPort();
}
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/common/ForwardingFilterTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/common/ForwardingFilterTest.java b/sshd-core/src/test/java/org/apache/sshd/common/ForwardingFilterTest.java
new file mode 100644
index 0000000..5df8302
--- /dev/null
+++ b/sshd-core/src/test/java/org/apache/sshd/common/ForwardingFilterTest.java
@@ -0,0 +1,76 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.sshd.common;
+
+import org.apache.sshd.common.ForwardingFilter.StaticDecisionForwardingFilter;
+import org.apache.sshd.util.BaseTestSupport;
+import org.junit.FixMethodOrder;
+import org.junit.Test;
+import org.junit.runners.MethodSorters;
+import org.mockito.Mockito;
+
+/**
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
+ */
+@FixMethodOrder(MethodSorters.NAME_ASCENDING)
+public class ForwardingFilterTest extends BaseTestSupport {
+ public ForwardingFilterTest() {
+ super();
+ }
+
+ @Test
+ public void testFromStringForwardingFilterType() {
+ for (String name : new String[] { null, "", getCurrentTestName() }) {
+ assertNull("Unexpected value for name='" + name + "'", ForwardingFilter.Type.fromString(name));
+ }
+
+ for (ForwardingFilter.Type expected : ForwardingFilter.Type.VALUES) {
+ for (String name : new String[] { expected.name(), expected.getName() }) {
+ for (int index = 0; index < name.length(); index++) {
+ ForwardingFilter.Type actual = ForwardingFilter.Type.fromString(name);
+ assertSame("Mismatched instance for name=" + name, expected, actual);
+ name = shuffleCase(name); // prepare for next iteration
+ }
+ }
+ }
+ }
+ @Test
+ public void testAcceptAllForwardingFilter() {
+ testStaticDecisionForwardingFilter(ForwardingFilter.AcceptAllForwardingFilter.INSTANCE, true);
+ }
+
+ @Test
+ public void testRejectAllForwardingFilter() {
+ testStaticDecisionForwardingFilter(ForwardingFilter.RejectAllForwardingFilter.INSTANCE, false);
+ }
+
+ private static void testStaticDecisionForwardingFilter(StaticDecisionForwardingFilter filter, boolean expected) {
+ assertEquals("Mismatched acceptance status", expected, filter.isAccepted());
+
+ Session session=Mockito.mock(Session.class);
+ assertEquals("Mismatched 'canForwardAgent' result", expected, filter.canForwardAgent(session));
+ assertEquals("Mismatched 'canForwardX11' result", expected, filter.canForwardX11(session));
+ assertEquals("Mismatched 'canListen' result", expected, filter.canListen(SshdSocketAddress.LOCALHOST_ADDRESS, session));
+
+ for (ForwardingFilter.Type t : ForwardingFilter.Type.VALUES) {
+ assertEquals("Mismatched 'canConnect(" + t + ")' result", expected, filter.canConnect(t, SshdSocketAddress.LOCALHOST_ADDRESS, session));
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/deprecated/UserAuthAgent.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/deprecated/UserAuthAgent.java b/sshd-core/src/test/java/org/apache/sshd/deprecated/UserAuthAgent.java
index 51a31f0..96c956c 100644
--- a/sshd-core/src/test/java/org/apache/sshd/deprecated/UserAuthAgent.java
+++ b/sshd-core/src/test/java/org/apache/sshd/deprecated/UserAuthAgent.java
@@ -23,6 +23,7 @@ import java.security.PublicKey;
import java.util.Iterator;
import org.apache.sshd.agent.SshAgent;
+import org.apache.sshd.client.auth.UserAuthPublicKey.UserAuthPublicKeyFactory;
import org.apache.sshd.client.session.ClientSessionImpl;
import org.apache.sshd.common.SshConstants;
import org.apache.sshd.common.config.keys.KeyUtils;
@@ -53,7 +54,7 @@ public class UserAuthAgent extends AbstractUserAuth {
int pos1 = buffer.wpos() - 1;
buffer.putString(session.getUsername());
buffer.putString(service);
- buffer.putString("publickey");
+ buffer.putString(UserAuthPublicKeyFactory.NAME);
buffer.putByte((byte) 1);
buffer.putString(KeyUtils.getKeyType(key));
int pos2 = buffer.wpos();
@@ -65,7 +66,7 @@ public class UserAuthAgent extends AbstractUserAuth {
bs.putByte(SshConstants.SSH_MSG_USERAUTH_REQUEST);
bs.putString(session.getUsername());
bs.putString(service);
- bs.putString("publickey");
+ bs.putString(UserAuthPublicKeyFactory.NAME);
bs.putByte((byte) 1);
bs.putString(KeyUtils.getKeyType(key));
bs.putPublicKey(key);
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/deprecated/UserAuthPublicKey.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/deprecated/UserAuthPublicKey.java b/sshd-core/src/test/java/org/apache/sshd/deprecated/UserAuthPublicKey.java
index ab0dd66..cb49ebb 100644
--- a/sshd-core/src/test/java/org/apache/sshd/deprecated/UserAuthPublicKey.java
+++ b/sshd-core/src/test/java/org/apache/sshd/deprecated/UserAuthPublicKey.java
@@ -21,6 +21,7 @@ package org.apache.sshd.deprecated;
import java.io.IOException;
import java.security.KeyPair;
+import org.apache.sshd.client.auth.UserAuthPublicKey.UserAuthPublicKeyFactory;
import org.apache.sshd.client.session.ClientSessionImpl;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.Signature;
@@ -51,7 +52,7 @@ public class UserAuthPublicKey extends AbstractUserAuth {
int pos1 = buffer.wpos() - 1;
buffer.putString(session.getUsername());
buffer.putString(service);
- buffer.putString("publickey");
+ buffer.putString(UserAuthPublicKeyFactory.NAME);
buffer.putByte((byte) 1);
String alg = KeyUtils.getKeyType(key);
buffer.putString(alg);
@@ -66,7 +67,7 @@ public class UserAuthPublicKey extends AbstractUserAuth {
bs.putByte(SshConstants.SSH_MSG_USERAUTH_REQUEST);
bs.putString(session.getUsername());
bs.putString(service);
- bs.putString("publickey");
+ bs.putString(UserAuthPublicKeyFactory.NAME);
bs.putByte((byte) 1);
bs.putString(alg);
bs.putPublicKey(key.getPublic());
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/0857f834/sshd-core/src/test/java/org/apache/sshd/util/BogusForwardingFilter.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/util/BogusForwardingFilter.java b/sshd-core/src/test/java/org/apache/sshd/util/BogusForwardingFilter.java
deleted file mode 100644
index 7fa734a..0000000
--- a/sshd-core/src/test/java/org/apache/sshd/util/BogusForwardingFilter.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.sshd.util;
-
-import org.apache.sshd.common.ForwardingFilter;
-import org.apache.sshd.common.Session;
-import org.apache.sshd.common.SshdSocketAddress;
-
-/**
- * TODO Add javadoc
- *
- * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
- */
-public class BogusForwardingFilter implements ForwardingFilter {
- @Override
- public boolean canForwardAgent(Session session) {
- return true;
- }
-
- @Override
- public boolean canForwardX11(Session session) {
- return true;
- }
-
- @Override
- public boolean canConnect(SshdSocketAddress address, Session session) {
- return true;
- }
-
- @Override
- public boolean canListen(SshdSocketAddress address, Session session) {
- return true;
- }
-}