You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by gn...@apache.org on 2010/09/22 16:51:34 UTC
svn commit: r1000008 - in
/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client: ./
keyverifier/
Author: gnodet
Date: Wed Sep 22 14:51:34 2010
New Revision: 1000008
URL: http://svn.apache.org/viewvc?rev=1000008&view=rev
Log:
[SSHD-92] Add missing ASL headers and move the implementations into a new package
Added:
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/AcceptAllServerKeyVerifier.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/DelegatingServerKeyVerifier.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/RequiredServerKeyVerifier.java
Removed:
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/AcceptAllServerKeyVerifier.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/DelegatingServerKeyVerifier.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/RequiredServerKeyVerifier.java
Modified:
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java
Modified: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java?rev=1000008&r1=1000007&r2=1000008&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java Wed Sep 22 14:51:34 2010
@@ -1,3 +1,21 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
package org.apache.sshd.client;
import java.net.SocketAddress;
@@ -6,5 +24,7 @@ import java.security.PublicKey;
import org.apache.sshd.ClientSession;
public interface ServerKeyVerifier {
+
boolean verifyServerKey(ClientSession sshClientSession, SocketAddress remoteAddress, PublicKey serverKey);
+
}
Added: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/AcceptAllServerKeyVerifier.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/AcceptAllServerKeyVerifier.java?rev=1000008&view=auto
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/AcceptAllServerKeyVerifier.java (added)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/AcceptAllServerKeyVerifier.java Wed Sep 22 14:51:34 2010
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sshd.client.keyverifier;
+
+import java.net.SocketAddress;
+import java.security.PublicKey;
+
+import org.apache.sshd.ClientSession;
+import org.apache.sshd.client.ServerKeyVerifier;
+import org.apache.sshd.common.util.BufferUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * A ServerKeyVerifier that accepts all server keys.
+ */
+public class AcceptAllServerKeyVerifier implements ServerKeyVerifier {
+ protected final Logger log = LoggerFactory.getLogger(getClass());
+
+ public static final ServerKeyVerifier INSTANCE = new AcceptAllServerKeyVerifier();
+
+ private AcceptAllServerKeyVerifier() {
+ }
+
+ public boolean verifyServerKey(ClientSession sshClientSession, SocketAddress remoteAddress, PublicKey serverKey) {
+ log.trace("Accepting key for " + remoteAddress + " key=" + BufferUtils.printHex(serverKey.getEncoded()));
+ return true;
+ }
+}
Added: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/DelegatingServerKeyVerifier.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/DelegatingServerKeyVerifier.java?rev=1000008&view=auto
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/DelegatingServerKeyVerifier.java (added)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/DelegatingServerKeyVerifier.java Wed Sep 22 14:51:34 2010
@@ -0,0 +1,49 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sshd.client.keyverifier;
+
+import java.net.SocketAddress;
+import java.security.PublicKey;
+import java.util.Map;
+
+import org.apache.sshd.ClientSession;
+import org.apache.sshd.client.ServerKeyVerifier;
+import org.apache.sshd.common.util.BufferUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/*
+ * A ServerKeyVerifier that delegates verification to the ServerKeyVerifier found in the ClientSession metadata
+ * The ServerKeyVerifier can be specified at the SshClient level, which may have connections to multiple hosts.
+ * This technique lets each connection have its own ServerKeyVerifier.
+ */
+public class DelegatingServerKeyVerifier implements ServerKeyVerifier {
+ protected final Logger log = LoggerFactory.getLogger(getClass());
+
+ public boolean verifyServerKey(ClientSession sshClientSession, SocketAddress remoteAddress, PublicKey serverKey) {
+ Map<Object, Object> metadataMap = sshClientSession.getMetadataMap();
+ Object verifier = metadataMap.get(ServerKeyVerifier.class);
+ if (verifier == null) {
+ log.trace("No verifier found in ClientSession metadata; accepting server key");
+ return true;
+ }
+ // We throw if it's not a ServerKeyVerifier...
+ return ((ServerKeyVerifier) verifier).verifyServerKey(sshClientSession, remoteAddress, serverKey);
+ }
+}
Added: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/RequiredServerKeyVerifier.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/RequiredServerKeyVerifier.java?rev=1000008&view=auto
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/RequiredServerKeyVerifier.java (added)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/RequiredServerKeyVerifier.java Wed Sep 22 14:51:34 2010
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sshd.client.keyverifier;
+
+import java.net.SocketAddress;
+import java.security.PublicKey;
+import java.util.Arrays;
+
+import org.apache.sshd.ClientSession;
+import org.apache.sshd.client.ServerKeyVerifier;
+import org.apache.sshd.common.util.BufferUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * A ServerKeyVerifier that accepts one server key (specified in the constructor)
+ *
+ */
+public class RequiredServerKeyVerifier implements ServerKeyVerifier {
+ protected final Logger log = LoggerFactory.getLogger(getClass());
+ final PublicKey requiredKey;
+
+ public RequiredServerKeyVerifier(PublicKey requiredKey) {
+ super();
+ this.requiredKey = requiredKey;
+ }
+
+ public boolean verifyServerKey(ClientSession sshClientSession, SocketAddress remoteAddress, PublicKey serverKey) {
+ if (requiredKey.equals(serverKey)) {
+ return true;
+ }
+
+ log.info("Server at " + remoteAddress + " presented wrong key: " + BufferUtils.printHex(serverKey.getEncoded()));
+ return false;
+ }
+}