You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by gn...@apache.org on 2015/01/13 17:17:35 UTC
[1/3] mina-sshd git commit: [SSHD-397] Added more detailed log
messages about the KEX negotiation process
Repository: mina-sshd
Updated Branches:
refs/heads/master 595858815 -> 4d794e5e8
[SSHD-397] Added more detailed log messages about the KEX negotiation process
Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/63a54ea7
Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/63a54ea7
Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/63a54ea7
Branch: refs/heads/master
Commit: 63a54ea7f9903175c382d9fda39672fdb7919071
Parents: 5958588
Author: Guillaume Nodet <gn...@apache.org>
Authored: Tue Jan 13 16:47:03 2015 +0100
Committer: Guillaume Nodet <gn...@apache.org>
Committed: Tue Jan 13 16:47:03 2015 +0100
----------------------------------------------------------------------
.../org/apache/sshd/common/SshConstants.java | 22 ++++++++++
.../sshd/common/session/AbstractSession.java | 43 ++++++++++++--------
2 files changed, 48 insertions(+), 17 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/63a54ea7/sshd-core/src/main/java/org/apache/sshd/common/SshConstants.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/SshConstants.java b/sshd-core/src/main/java/org/apache/sshd/common/SshConstants.java
index bf4b55e..648ec88 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/SshConstants.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/SshConstants.java
@@ -18,6 +18,10 @@
*/
package org.apache.sshd.common;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
/**
* This interface defines constants for the SSH protocol.
*
@@ -95,6 +99,24 @@ public interface SshConstants {
static final int PROPOSAL_LANG_STOC = 9;
static final int PROPOSAL_MAX = 10;
+ /**
+ * User-friendly names for the KEX algorithms negotiation items - the
+ * list index matches the {@code PROPOSAL_XXX} constant
+ * @see <A HREF="http://tools.ietf.org/html/rfc4253#section-7.1">RFC-4253 - section 7.1</A>
+ */
+ static final String[] PROPOSAL_KEX_NAMES = {
+ "kex algorithms",
+ "server host key algorithms",
+ "encryption algorithms (client to server)",
+ "encryption algorithms (server to client)",
+ "mac algorithms (client to server)",
+ "mac algorithms (server to client)",
+ "compression algorithms (client to server)",
+ "compression algorithms (server to client)",
+ "languages (client to server)",
+ "languages (server to client)"
+ };
+
//
// Disconnect error codes
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/63a54ea7/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java b/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
index a62b1cb..ddb3058 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
@@ -1127,8 +1127,11 @@ public abstract class AbstractSession extends CloseableUtils.AbstractInnerClosea
protected void negotiate() {
String[] guess = new String[SshConstants.PROPOSAL_MAX];
for (int i = 0; i < SshConstants.PROPOSAL_MAX; i++) {
- String[] c = clientProposal[i].split(",");
- String[] s = serverProposal[i].split(",");
+ String paramName = SshConstants.PROPOSAL_KEX_NAMES[i];
+ String clientParamValue = clientProposal[i];
+ String serverParamValue = serverProposal[i];
+ String[] c = clientParamValue.split(",");
+ String[] s = serverParamValue.split(",");
for (String ci : c) {
for (String si : s) {
if (ci.equals(si)) {
@@ -1140,27 +1143,33 @@ public abstract class AbstractSession extends CloseableUtils.AbstractInnerClosea
break;
}
}
- if (guess[i] == null && i != SshConstants.PROPOSAL_LANG_CTOS && i != SshConstants.PROPOSAL_LANG_STOC) {
- final String[] items = new String[] {
- "kex algorithms",
- "server host key algorithms",
- "encryption algorithms (client to server)",
- "encryption algorithms (server to client)",
- "mac algorithms (client to server)",
- "mac algorithms (server to client)",
- "compression algorithms (client to server)",
- "compression algorithms (server to client)"
- };
- throw new IllegalStateException("Unable to negotiate key exchange for " + items[i] +
- " (client: " + clientProposal[i] + " / server: " + serverProposal[i] + ")");
+
+ // check if reached an agreement
+ if (guess[i] == null) {
+ String message="Unable to negotiate key exchange for " + paramName
+ + " (client: " + clientParamValue + " / server: " + serverParamValue + ")";
+ // OK if could not negotiate languages
+ if ((i != SshConstants.PROPOSAL_LANG_CTOS) && (i != SshConstants.PROPOSAL_LANG_STOC)) {
+ throw new IllegalStateException(message);
+ } else {
+ if (log.isTraceEnabled()) {
+ log.trace(message);
+ }
+ }
+ } else {
+ if (log.isTraceEnabled()) {
+ log.trace("Kex: negotiate(" + paramName + ") guess=" + guess[i]
+ + " (client: " + clientParamValue + " / server: " + serverParamValue);
+ }
}
}
negotiated = guess;
- log.info("Kex: server->client {} {} {}",
+
+ log.debug("Kex: server->client {} {} {}",
new Object[]{negotiated[SshConstants.PROPOSAL_ENC_ALGS_STOC],
negotiated[SshConstants.PROPOSAL_MAC_ALGS_STOC],
negotiated[SshConstants.PROPOSAL_COMP_ALGS_STOC]});
- log.info("Kex: client->server {} {} {}",
+ log.debug("Kex: client->server {} {} {}",
new Object[]{negotiated[SshConstants.PROPOSAL_ENC_ALGS_CTOS],
negotiated[SshConstants.PROPOSAL_MAC_ALGS_CTOS],
negotiated[SshConstants.PROPOSAL_COMP_ALGS_CTOS]});
[2/3] mina-sshd git commit: [SSHD-398] Provide read-only access to
the session KEX negotiation result parameters
Posted by gn...@apache.org.
[SSHD-398] Provide read-only access to the session KEX negotiation result parameters
Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/2bd3edef
Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/2bd3edef
Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/2bd3edef
Branch: refs/heads/master
Commit: 2bd3edefc51cdea8e84e40cb42fd796ba3da577b
Parents: 63a54ea
Author: Guillaume Nodet <gn...@apache.org>
Authored: Tue Jan 13 16:48:37 2015 +0100
Committer: Guillaume Nodet <gn...@apache.org>
Committed: Tue Jan 13 16:48:37 2015 +0100
----------------------------------------------------------------------
sshd-core/src/main/java/org/apache/sshd/common/Session.java | 9 +++++++++
.../org/apache/sshd/common/session/AbstractSession.java | 8 ++++++++
2 files changed, 17 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/2bd3edef/sshd-core/src/main/java/org/apache/sshd/common/Session.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/Session.java b/sshd-core/src/main/java/org/apache/sshd/common/Session.java
index 87e9b49..66143ec 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/Session.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/Session.java
@@ -89,6 +89,15 @@ public interface Session extends Closeable {
FactoryManager getFactoryManager();
/**
+ * Retrieve one of the negotiated values during the KEX stage
+ * @param paramType The parameter type index - one of the {@link SSHConstants}
+ * {@code PROPOSAL_XXX} values
+ * @return The negotiated parameter value - {@code null} if invalid
+ * parameter index or no negotiated value
+ */
+ String getNegotiatedKexParameter(int paramType);
+
+ /**
* Retrieve a configuration property as an integer
*
* @param name the name of the property
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/2bd3edef/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java b/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
index ddb3058..c6f0eca 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
@@ -260,6 +260,14 @@ public abstract class AbstractSession extends CloseableUtils.AbstractInnerClosea
return factoryManager;
}
+ public String getNegotiatedKexParameter(int paramType) {
+ if ((paramType < 0) || (negotiated == null) || (paramType >= negotiated.length)) {
+ return null;
+ } else {
+ return negotiated[paramType];
+ }
+ }
+
public boolean isAuthenticated() {
return authed;
}
[3/3] mina-sshd git commit: [SSHD-399] Add KexCompleted session event
Posted by gn...@apache.org.
[SSHD-399] Add KexCompleted session event
Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/4d794e5e
Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/4d794e5e
Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/4d794e5e
Branch: refs/heads/master
Commit: 4d794e5e869f61e129473a35aa391d0738671e10
Parents: 2bd3ede
Author: Guillaume Nodet <gn...@apache.org>
Authored: Tue Jan 13 16:50:03 2015 +0100
Committer: Guillaume Nodet <gn...@apache.org>
Committed: Tue Jan 13 16:50:03 2015 +0100
----------------------------------------------------------------------
.../org/apache/sshd/common/SessionListener.java | 2 +-
.../sshd/common/session/AbstractSession.java | 1 +
.../test/java/org/apache/sshd/ServerTest.java | 58 ++++++++++++++++++--
3 files changed, 55 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/4d794e5e/sshd-core/src/main/java/org/apache/sshd/common/SessionListener.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/SessionListener.java b/sshd-core/src/main/java/org/apache/sshd/common/SessionListener.java
index 7d7159a..32b69b3 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/SessionListener.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/SessionListener.java
@@ -26,7 +26,7 @@ package org.apache.sshd.common;
public interface SessionListener {
enum Event {
- KeyEstablished, Authenticated
+ KeyEstablished, Authenticated, KexCompleted
}
/**
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/4d794e5e/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java b/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
index c6f0eca..13ce253 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/session/AbstractSession.java
@@ -386,6 +386,7 @@ public abstract class AbstractSession extends CloseableUtils.AbstractInnerClosea
negotiate();
kex = NamedFactory.Utils.create(factoryManager.getKeyExchangeFactories(), negotiated[SshConstants.PROPOSAL_KEX_ALGS]);
kex.init(this, serverVersion.getBytes(), clientVersion.getBytes(), I_S, I_C);
+ sendEvent(SessionListener.Event.KexCompleted);
break;
case SSH_MSG_NEWKEYS:
log.debug("Received SSH_MSG_NEWKEYS");
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/4d794e5e/sshd-core/src/test/java/org/apache/sshd/ServerTest.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/test/java/org/apache/sshd/ServerTest.java b/sshd-core/src/test/java/org/apache/sshd/ServerTest.java
index 3794c8d..8e2ccee 100644
--- a/sshd-core/src/test/java/org/apache/sshd/ServerTest.java
+++ b/sshd-core/src/test/java/org/apache/sshd/ServerTest.java
@@ -18,6 +18,11 @@
*/
package org.apache.sshd;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -28,6 +33,7 @@ import java.util.Arrays;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
+import java.util.concurrent.atomic.AtomicInteger;
import org.apache.log4j.Logger;
import org.apache.sshd.client.SessionFactory;
@@ -55,14 +61,10 @@ import org.apache.sshd.util.BogusPasswordAuthenticator;
import org.apache.sshd.util.EchoShellFactory;
import org.apache.sshd.util.Utils;
import org.junit.After;
+import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-
/**
* TODO Add javadoc
*
@@ -267,6 +269,52 @@ public class ServerTest extends BaseTest {
s.close(false);
}
+ @Test
+ public void testKexCompletedEvent() throws Exception {
+ final AtomicInteger serverEventCount=new AtomicInteger(0);
+ sshd.getSessionFactory().addListener(new SessionListener() {
+ public void sessionCreated(Session session) {
+ // ignored
+ }
+
+ public void sessionEvent(Session session, Event event) {
+ if (event == Event.KexCompleted) {
+ serverEventCount.incrementAndGet();
+ }
+ }
+
+ public void sessionClosed(Session session) {
+ // ignored
+ }
+ });
+
+ client = SshClient.setUpDefaultClient();
+ client.start();
+ final AtomicInteger clientEventCount=new AtomicInteger(0);
+ client.getSessionFactory().addListener(new SessionListener() {
+ public void sessionCreated(Session session) {
+ // ignored
+ }
+
+ public void sessionEvent(Session session, Event event) {
+ if (event == Event.KexCompleted) {
+ clientEventCount.incrementAndGet();
+ }
+ }
+
+ public void sessionClosed(Session session) {
+ // ignored
+ }
+ });
+
+ ClientSession s = client.connect("test", "localhost", port).await().getSession();
+ s.addPasswordIdentity("test");
+ s.auth().verify();
+ Assert.assertEquals("Mismatched client events count", 1, clientEventCount.get());
+ Assert.assertEquals("Mismatched server events count", 1, serverEventCount.get());
+ s.close(false);
+ }
+
public static class TestEchoShellFactory extends EchoShellFactory {
@Override
public Command create() {