You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by gn...@apache.org on 2014/10/15 23:13:02 UTC
[2/2] git commit: [SSHD-358] Create Builders for SShServer and
SShClient so they can be extended properly
[SSHD-358] Create Builders for SShServer and SShClient so they can be extended properly
Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/1a1ca8c8
Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/1a1ca8c8
Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/1a1ca8c8
Branch: refs/heads/master
Commit: 1a1ca8c8827c29909c3021dab8c71d16a299ae03
Parents: ec2bffd
Author: Guillaume Nodet <gn...@apache.org>
Authored: Wed Oct 15 21:41:29 2014 +0200
Committer: Guillaume Nodet <gn...@apache.org>
Committed: Wed Oct 15 23:12:47 2014 +0200
----------------------------------------------------------------------
.../main/java/org/apache/sshd/SshBuilder.java | 402 +++++++++++++++++++
.../main/java/org/apache/sshd/SshClient.java | 142 +------
.../main/java/org/apache/sshd/SshServer.java | 162 +-------
3 files changed, 422 insertions(+), 284 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/1a1ca8c8/sshd-core/src/main/java/org/apache/sshd/SshBuilder.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/SshBuilder.java b/sshd-core/src/main/java/org/apache/sshd/SshBuilder.java
new file mode 100644
index 0000000..fd4fc54
--- /dev/null
+++ b/sshd-core/src/main/java/org/apache/sshd/SshBuilder.java
@@ -0,0 +1,402 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sshd;
+
+import java.security.InvalidKeyException;
+import java.util.Arrays;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+
+import org.apache.sshd.client.ServerKeyVerifier;
+import org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier;
+import org.apache.sshd.common.AbstractFactoryManager;
+import org.apache.sshd.common.Channel;
+import org.apache.sshd.common.Cipher;
+import org.apache.sshd.common.Compression;
+import org.apache.sshd.common.Factory;
+import org.apache.sshd.common.KeyExchange;
+import org.apache.sshd.common.Mac;
+import org.apache.sshd.common.NamedFactory;
+import org.apache.sshd.common.Random;
+import org.apache.sshd.common.RequestHandler;
+import org.apache.sshd.common.Signature;
+import org.apache.sshd.common.TcpipForwarderFactory;
+import org.apache.sshd.common.cipher.AES128CBC;
+import org.apache.sshd.common.cipher.AES128CTR;
+import org.apache.sshd.common.cipher.AES192CBC;
+import org.apache.sshd.common.cipher.AES256CBC;
+import org.apache.sshd.common.cipher.AES256CTR;
+import org.apache.sshd.common.cipher.ARCFOUR128;
+import org.apache.sshd.common.cipher.ARCFOUR256;
+import org.apache.sshd.common.cipher.BlowfishCBC;
+import org.apache.sshd.common.cipher.TripleDESCBC;
+import org.apache.sshd.common.compression.CompressionNone;
+import org.apache.sshd.common.file.FileSystemFactory;
+import org.apache.sshd.common.file.nativefs.NativeFileSystemFactory;
+import org.apache.sshd.common.forward.DefaultTcpipForwarderFactory;
+import org.apache.sshd.common.forward.TcpipServerChannel;
+import org.apache.sshd.common.mac.HMACMD5;
+import org.apache.sshd.common.mac.HMACMD596;
+import org.apache.sshd.common.mac.HMACSHA1;
+import org.apache.sshd.common.mac.HMACSHA196;
+import org.apache.sshd.common.mac.HMACSHA256;
+import org.apache.sshd.common.mac.HMACSHA512;
+import org.apache.sshd.common.random.BouncyCastleRandom;
+import org.apache.sshd.common.random.JceRandom;
+import org.apache.sshd.common.random.SingletonRandomFactory;
+import org.apache.sshd.common.session.ConnectionService;
+import org.apache.sshd.common.signature.SignatureDSA;
+import org.apache.sshd.common.signature.SignatureECDSA;
+import org.apache.sshd.common.signature.SignatureRSA;
+import org.apache.sshd.common.util.SecurityUtils;
+import org.apache.sshd.server.channel.ChannelSession;
+import org.apache.sshd.server.global.CancelTcpipForwardHandler;
+import org.apache.sshd.server.global.KeepAliveHandler;
+import org.apache.sshd.server.global.NoMoreSessionsHandler;
+import org.apache.sshd.server.global.TcpipForwardHandler;
+
+/**
+ * A builder object for creating SshServer instances.
+ *
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
+ */
+public class SshBuilder {
+
+ public static ClientBuilder client() {
+ return new ClientBuilder();
+ }
+
+ public static ServerBuilder server() {
+ return new ServerBuilder();
+ }
+
+ static class BaseBuilder<T extends AbstractFactoryManager, S extends BaseBuilder<T, S>> {
+
+ protected Factory<T> factory = null;
+
+ protected List<NamedFactory<KeyExchange>> keyExchangeFactories = null;
+ protected List<NamedFactory<Cipher>> cipherFactories = null;
+ protected List<NamedFactory<Compression>> compressionFactories = null;
+ protected List<NamedFactory<Mac>> macFactories = null;
+ protected List<NamedFactory<Signature>> signatureFactories = null;
+ protected Factory<Random> randomFactory = null;
+ protected List<NamedFactory<Channel>> channelFactories = null;
+ protected FileSystemFactory fileSystemFactory = null;
+ protected TcpipForwarderFactory tcpipForwarderFactory = null;
+ protected List<RequestHandler<ConnectionService>> globalRequestHandlers = null;
+
+ protected S fillWithDefaultValues() {
+ if (SecurityUtils.isBouncyCastleRegistered()) {
+ if (signatureFactories == null) {
+ signatureFactories = Arrays.asList(
+ new SignatureECDSA.NISTP256Factory(),
+ new SignatureECDSA.NISTP384Factory(),
+ new SignatureECDSA.NISTP521Factory(),
+ new SignatureDSA.Factory(),
+ new SignatureRSA.Factory());
+ }
+ if (randomFactory == null) {
+ randomFactory = new SingletonRandomFactory(new BouncyCastleRandom.Factory());
+ }
+ // EC keys are not supported until OpenJDK 7
+ } else if (SecurityUtils.hasEcc()) {
+ if (signatureFactories == null) {
+ signatureFactories = Arrays.asList(
+ new SignatureECDSA.NISTP256Factory(),
+ new SignatureECDSA.NISTP384Factory(),
+ new SignatureECDSA.NISTP521Factory(),
+ new SignatureDSA.Factory(),
+ new SignatureRSA.Factory());
+ }
+ if (randomFactory == null) {
+ randomFactory = new SingletonRandomFactory(new JceRandom.Factory());
+ }
+ } else {
+ if (signatureFactories == null) {
+ signatureFactories = Arrays.asList(
+ new SignatureDSA.Factory(),
+ new SignatureRSA.Factory());
+ }
+ if (randomFactory == null) {
+ randomFactory = new SingletonRandomFactory(new JceRandom.Factory());
+ }
+ }
+
+ if (cipherFactories == null) {
+ cipherFactories = setUpDefaultCiphers();
+ }
+
+ // Compression is not enabled by default
+ //if (compressionFactories == null) {
+ // compressionFactories = Arrays.<NamedFactory<Compression>>asList(
+ // new CompressionNone.Factory(),
+ // new CompressionZlib.Factory(),
+ // new CompressionDelayedZlib.Factory());
+ //}
+ if (compressionFactories == null) {
+ compressionFactories = Arrays.<NamedFactory<Compression>>asList(
+ new CompressionNone.Factory());
+ }
+ if (macFactories == null) {
+ macFactories = Arrays.asList(
+ new HMACSHA256.Factory(),
+ new HMACSHA512.Factory(),
+ new HMACSHA1.Factory(),
+ new HMACMD5.Factory(),
+ new HMACSHA196.Factory(),
+ new HMACMD596.Factory());
+ }
+ if (fileSystemFactory == null) {
+ fileSystemFactory = new NativeFileSystemFactory();
+ }
+ if (tcpipForwarderFactory == null) {
+ tcpipForwarderFactory = new DefaultTcpipForwarderFactory();
+ }
+
+ return me();
+ }
+
+ public S keyExchangeFactories(List<NamedFactory<KeyExchange>> keyExchangeFactories) {
+ this.keyExchangeFactories = keyExchangeFactories;
+ return me();
+ }
+
+ public S signatureFactories(final List<NamedFactory<Signature>> signatureFactories) {
+ this.signatureFactories = signatureFactories;
+ return me();
+ }
+
+ public S randomFactory(final Factory<Random> randomFactory) {
+ this.randomFactory = randomFactory;
+ return me();
+ }
+
+ public S cipherFactories(final List<NamedFactory<Cipher>> cipherFactories) {
+ this.cipherFactories = cipherFactories;
+ return me();
+ }
+
+ public S compressionFactories(final List<NamedFactory<Compression>> compressionFactories) {
+ this.compressionFactories = compressionFactories;
+ return me();
+ }
+
+ public S macFactories(final List<NamedFactory<Mac>> macFactories) {
+ this.macFactories = macFactories;
+ return me();
+ }
+
+ public S channelFactories(final List<NamedFactory<Channel>> channelFactories) {
+ this.channelFactories = channelFactories;
+ return me();
+ }
+
+ public S fileSystemFactory(final FileSystemFactory fileSystemFactory) {
+ this.fileSystemFactory = fileSystemFactory;
+ return me();
+ }
+
+ public S tcpipForwarderFactory(final TcpipForwarderFactory tcpipForwarderFactory) {
+ this.tcpipForwarderFactory = tcpipForwarderFactory;
+ return me();
+ }
+
+ public S globalRequestHandlers(final List<RequestHandler<ConnectionService>> globalRequestHandlers) {
+ this.globalRequestHandlers = globalRequestHandlers;
+ return me();
+ }
+
+ public S factory(final Factory<T> factory) {
+ this.factory = factory;
+ return me();
+ }
+
+ public T build(final boolean isFillWithDefaultValues) {
+ if (isFillWithDefaultValues) {
+ fillWithDefaultValues();
+ }
+
+ T ssh = factory.create();
+
+ ssh.setKeyExchangeFactories(keyExchangeFactories);
+ ssh.setSignatureFactories(signatureFactories);
+ ssh.setRandomFactory(randomFactory);
+ ssh.setCipherFactories(cipherFactories);
+ ssh.setCompressionFactories(compressionFactories);
+ ssh.setMacFactories(macFactories);
+ ssh.setChannelFactories(channelFactories);
+ ssh.setFileSystemFactory(fileSystemFactory);
+ ssh.setTcpipForwarderFactory(tcpipForwarderFactory);
+ ssh.setGlobalRequestHandlers(globalRequestHandlers);
+
+ return ssh;
+ }
+
+ public T build() {
+ return build(true);
+ }
+
+ @SuppressWarnings("unchecked")
+ protected S me() {
+ return (S) this;
+ }
+
+ protected static List<NamedFactory<Cipher>> setUpDefaultCiphers() {
+ List<NamedFactory<Cipher>> avail = new LinkedList<NamedFactory<Cipher>>();
+ avail.add(new AES128CTR.Factory());
+ avail.add(new AES256CTR.Factory());
+ avail.add(new ARCFOUR128.Factory());
+ avail.add(new ARCFOUR256.Factory());
+ avail.add(new AES128CBC.Factory());
+ avail.add(new TripleDESCBC.Factory());
+ avail.add(new BlowfishCBC.Factory());
+ avail.add(new AES192CBC.Factory());
+ avail.add(new AES256CBC.Factory());
+
+ for (Iterator<NamedFactory<Cipher>> i = avail.iterator(); i.hasNext(); ) {
+ final NamedFactory<Cipher> f = i.next();
+ try {
+ final Cipher c = f.create();
+ final byte[] key = new byte[c.getBlockSize()];
+ final byte[] iv = new byte[c.getIVSize()];
+ c.init(Cipher.Mode.Encrypt, key, iv);
+ } catch (InvalidKeyException e) {
+ i.remove();
+ } catch (Exception e) {
+ i.remove();
+ }
+ }
+ return avail;
+ }
+ }
+
+ /**
+ * SshClient builder
+ */
+ static class ClientBuilder extends BaseBuilder<SshClient, ClientBuilder> {
+
+ protected ServerKeyVerifier serverKeyVerifier;
+
+ @Override
+ protected ClientBuilder fillWithDefaultValues() {
+ super.fillWithDefaultValues();
+ if (SecurityUtils.isBouncyCastleRegistered()) {
+ if (keyExchangeFactories == null) {
+ keyExchangeFactories = Arrays.asList(
+ new org.apache.sshd.client.kex.DHGEX256.Factory(),
+ new org.apache.sshd.client.kex.DHGEX.Factory(),
+ new org.apache.sshd.client.kex.ECDHP256.Factory(),
+ new org.apache.sshd.client.kex.ECDHP384.Factory(),
+ new org.apache.sshd.client.kex.ECDHP521.Factory(),
+ new org.apache.sshd.client.kex.DHG14.Factory(),
+ new org.apache.sshd.client.kex.DHG1.Factory());
+ }
+ // EC keys are not supported until OpenJDK 7
+ } else if (SecurityUtils.hasEcc()) {
+ if (keyExchangeFactories == null) {
+ keyExchangeFactories = Arrays.asList(
+ new org.apache.sshd.client.kex.DHGEX256.Factory(),
+ new org.apache.sshd.client.kex.DHGEX.Factory(),
+ new org.apache.sshd.client.kex.ECDHP256.Factory(),
+ new org.apache.sshd.client.kex.ECDHP384.Factory(),
+ new org.apache.sshd.client.kex.ECDHP521.Factory(),
+ new org.apache.sshd.client.kex.DHG1.Factory());
+ }
+ } else {
+ if (keyExchangeFactories == null) {
+ keyExchangeFactories = Arrays.asList(
+ new org.apache.sshd.client.kex.DHGEX256.Factory(),
+ new org.apache.sshd.client.kex.DHGEX.Factory(),
+ new org.apache.sshd.client.kex.DHG1.Factory());
+ }
+ }
+ if (channelFactories == null) {
+ channelFactories = Arrays.<NamedFactory<Channel>>asList(
+ new TcpipServerChannel.ForwardedTcpipFactory());
+ }
+ if (serverKeyVerifier == null) {
+ serverKeyVerifier = AcceptAllServerKeyVerifier.INSTANCE;
+ }
+ return me();
+ }
+
+ @Override
+ public SshClient build(boolean isFillWithDefaultValues) {
+ SshClient client = super.build(isFillWithDefaultValues);
+ client.setServerKeyVerifier(serverKeyVerifier);
+ return client;
+ }
+ }
+
+ /**
+ * SshServer builder
+ */
+ static class ServerBuilder extends BaseBuilder<SshServer, ServerBuilder> {
+
+ @Override
+ protected ServerBuilder fillWithDefaultValues() {
+ super.fillWithDefaultValues();
+ if (SecurityUtils.isBouncyCastleRegistered()) {
+ if (keyExchangeFactories == null) {
+ keyExchangeFactories = Arrays.asList(
+ new org.apache.sshd.server.kex.DHGEX256.Factory(),
+ new org.apache.sshd.server.kex.DHGEX.Factory(),
+ new org.apache.sshd.server.kex.ECDHP256.Factory(),
+ new org.apache.sshd.server.kex.ECDHP384.Factory(),
+ new org.apache.sshd.server.kex.ECDHP521.Factory(),
+ new org.apache.sshd.server.kex.DHG14.Factory(),
+ new org.apache.sshd.server.kex.DHG1.Factory());
+ }
+ // EC keys are not supported until OpenJDK 7
+ } else if (SecurityUtils.hasEcc()) {
+ if (keyExchangeFactories == null) {
+ keyExchangeFactories = Arrays.asList(
+ new org.apache.sshd.server.kex.DHGEX256.Factory(),
+ new org.apache.sshd.server.kex.DHGEX.Factory(),
+ new org.apache.sshd.server.kex.ECDHP256.Factory(),
+ new org.apache.sshd.server.kex.ECDHP384.Factory(),
+ new org.apache.sshd.server.kex.ECDHP521.Factory(),
+ new org.apache.sshd.server.kex.DHG1.Factory());
+ }
+ } else {
+ if (keyExchangeFactories == null) {
+ keyExchangeFactories = Arrays.asList(
+ new org.apache.sshd.server.kex.DHGEX256.Factory(),
+ new org.apache.sshd.server.kex.DHGEX.Factory(),
+ new org.apache.sshd.server.kex.DHG1.Factory());
+ }
+ }
+ if (channelFactories == null) {
+ channelFactories = Arrays.asList(
+ new ChannelSession.Factory(),
+ new TcpipServerChannel.DirectTcpipFactory());
+ }
+ if (globalRequestHandlers == null) {
+ globalRequestHandlers = Arrays.asList(
+ new KeepAliveHandler(),
+ new NoMoreSessionsHandler(),
+ new TcpipForwardHandler(),
+ new CancelTcpipForwardHandler());
+ }
+ return me();
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/1a1ca8c8/sshd-core/src/main/java/org/apache/sshd/SshClient.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/SshClient.java b/sshd-core/src/main/java/org/apache/sshd/SshClient.java
index ce8b335..6b532e2 100644
--- a/sshd-core/src/main/java/org/apache/sshd/SshClient.java
+++ b/sshd-core/src/main/java/org/apache/sshd/SshClient.java
@@ -30,15 +30,11 @@ import java.io.StringWriter;
import java.io.Writer;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
-import java.security.InvalidKeyException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
-import java.util.Iterator;
-import java.util.LinkedList;
import java.util.List;
import java.util.concurrent.Callable;
-import java.util.concurrent.Executors;
import java.util.logging.ConsoleHandler;
import java.util.logging.Formatter;
import java.util.logging.Handler;
@@ -57,60 +53,22 @@ import org.apache.sshd.client.auth.UserAuthPublicKey;
import org.apache.sshd.client.channel.ChannelShell;
import org.apache.sshd.client.future.ConnectFuture;
import org.apache.sshd.client.future.DefaultConnectFuture;
-import org.apache.sshd.client.kex.DHG1;
-import org.apache.sshd.client.kex.DHG14;
-import org.apache.sshd.client.kex.DHGEX;
-import org.apache.sshd.client.kex.DHGEX256;
-import org.apache.sshd.client.kex.ECDHP256;
-import org.apache.sshd.client.kex.ECDHP384;
-import org.apache.sshd.client.kex.ECDHP521;
-import org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier;
import org.apache.sshd.client.session.ClientConnectionService;
import org.apache.sshd.client.session.ClientSessionImpl;
import org.apache.sshd.client.session.ClientUserAuthService;
import org.apache.sshd.common.AbstractFactoryManager;
import org.apache.sshd.common.Channel;
-import org.apache.sshd.common.Cipher;
import org.apache.sshd.common.Closeable;
-import org.apache.sshd.common.Compression;
import org.apache.sshd.common.Factory;
-import org.apache.sshd.common.KeyExchange;
import org.apache.sshd.common.KeyPairProvider;
-import org.apache.sshd.common.Mac;
import org.apache.sshd.common.NamedFactory;
-import org.apache.sshd.common.Signature;
-import org.apache.sshd.common.cipher.AES128CBC;
-import org.apache.sshd.common.cipher.AES128CTR;
-import org.apache.sshd.common.cipher.AES192CBC;
-import org.apache.sshd.common.cipher.AES256CBC;
-import org.apache.sshd.common.cipher.AES256CTR;
-import org.apache.sshd.common.cipher.ARCFOUR128;
-import org.apache.sshd.common.cipher.ARCFOUR256;
-import org.apache.sshd.common.cipher.BlowfishCBC;
-import org.apache.sshd.common.cipher.TripleDESCBC;
-import org.apache.sshd.common.compression.CompressionNone;
-import org.apache.sshd.common.file.nativefs.NativeFileSystemFactory;
-import org.apache.sshd.common.forward.DefaultTcpipForwarderFactory;
-import org.apache.sshd.common.forward.TcpipServerChannel;
import org.apache.sshd.common.future.CloseFuture;
import org.apache.sshd.common.future.SshFutureListener;
import org.apache.sshd.common.io.DefaultIoServiceFactoryFactory;
import org.apache.sshd.common.io.IoConnectFuture;
import org.apache.sshd.common.io.IoConnector;
import org.apache.sshd.common.keyprovider.FileKeyPairProvider;
-import org.apache.sshd.common.mac.HMACMD5;
-import org.apache.sshd.common.mac.HMACMD596;
-import org.apache.sshd.common.mac.HMACSHA1;
-import org.apache.sshd.common.mac.HMACSHA196;
-import org.apache.sshd.common.mac.HMACSHA256;
-import org.apache.sshd.common.mac.HMACSHA512;
-import org.apache.sshd.common.random.BouncyCastleRandom;
-import org.apache.sshd.common.random.JceRandom;
-import org.apache.sshd.common.random.SingletonRandomFactory;
import org.apache.sshd.common.session.AbstractSession;
-import org.apache.sshd.common.signature.SignatureDSA;
-import org.apache.sshd.common.signature.SignatureECDSA;
-import org.apache.sshd.common.signature.SignatureRSA;
import org.apache.sshd.common.util.CloseableUtils;
import org.apache.sshd.common.util.NoCloseInputStream;
import org.apache.sshd.common.util.NoCloseOutputStream;
@@ -166,10 +124,15 @@ import org.bouncycastle.openssl.PasswordFinder;
*/
public class SshClient extends AbstractFactoryManager implements ClientFactoryManager, Closeable {
+ public static final Factory<SshClient> DEFAULT_SSH_CLIENT_FACTORY = new Factory<SshClient>() {
+ public SshClient create() {
+ return new SshClient();
+ }
+ };
+
protected IoConnector connector;
protected SessionFactory sessionFactory;
protected UserInteraction userInteraction;
- protected Factory<IoConnector> connectorFactory;
protected List<NamedFactory<UserAuth>> userAuthFactories;
private ServerKeyVerifier serverKeyVerifier;
@@ -369,95 +332,10 @@ public class SshClient extends AbstractFactoryManager implements ClientFactoryMa
* @return a newly create SSH client
*/
public static SshClient setUpDefaultClient() {
- SshClient client = new SshClient();
- // DHG14 uses 2048 bits key which are not supported by the default JCE provider
- if (SecurityUtils.isBouncyCastleRegistered()) {
- client.setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>>asList(
- new DHGEX256.Factory(),
- new DHGEX.Factory(),
- new ECDHP256.Factory(),
- new ECDHP384.Factory(),
- new ECDHP521.Factory(),
- new DHG14.Factory(),
- new DHG1.Factory()));
- client.setSignatureFactories(Arrays.<NamedFactory<Signature>>asList(
- new SignatureDSA.Factory(),
- new SignatureRSA.Factory(),
- new SignatureECDSA.NISTP256Factory(),
- new SignatureECDSA.NISTP384Factory(),
- new SignatureECDSA.NISTP521Factory()));
- client.setRandomFactory(new SingletonRandomFactory(new BouncyCastleRandom.Factory()));
- // EC keys are not supported until OpenJDK 7
- } else if (SecurityUtils.hasEcc()) {
- client.setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>>asList(
- new ECDHP256.Factory(),
- new ECDHP384.Factory(),
- new ECDHP521.Factory(),
- new DHG1.Factory()));
- client.setSignatureFactories(Arrays.<NamedFactory<Signature>>asList(
- new SignatureDSA.Factory(),
- new SignatureRSA.Factory(),
- new SignatureECDSA.NISTP256Factory(),
- new SignatureECDSA.NISTP384Factory(),
- new SignatureECDSA.NISTP521Factory()));
- client.setRandomFactory(new SingletonRandomFactory(new JceRandom.Factory()));
- } else {
- client.setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>>asList(
- new DHG1.Factory()));
- client.setSignatureFactories(Arrays.<NamedFactory<Signature>>asList(
- new SignatureDSA.Factory(),
- new SignatureRSA.Factory()));
- client.setRandomFactory(new SingletonRandomFactory(new JceRandom.Factory()));
- }
- setUpDefaultCiphers(client);
- // Compression is not enabled by default
- // client.setCompressionFactories(Arrays.<NamedFactory<Compression>>asList(
- // new CompressionNone.Factory(),
- // new CompressionZlib.Factory(),
- // new CompressionDelayedZlib.Factory()));
- client.setCompressionFactories(Arrays.<NamedFactory<Compression>>asList(
- new CompressionNone.Factory()));
- client.setMacFactories(Arrays.<NamedFactory<Mac>>asList(
- new HMACSHA256.Factory(),
- new HMACSHA512.Factory(),
- new HMACSHA1.Factory(),
- new HMACMD5.Factory(),
- new HMACSHA196.Factory(),
- new HMACMD596.Factory()));
- client.setChannelFactories(Arrays.<NamedFactory<Channel>>asList(
- new TcpipServerChannel.ForwardedTcpipFactory()));
- client.setServerKeyVerifier(AcceptAllServerKeyVerifier.INSTANCE);
- client.setFileSystemFactory(new NativeFileSystemFactory());
- client.setTcpipForwarderFactory(new DefaultTcpipForwarderFactory());
- return client;
- }
-
- private static void setUpDefaultCiphers(SshClient client) {
- List<NamedFactory<Cipher>> avail = new LinkedList<NamedFactory<Cipher>>();
- avail.add(new AES128CTR.Factory());
- avail.add(new AES256CTR.Factory());
- avail.add(new ARCFOUR128.Factory());
- avail.add(new ARCFOUR256.Factory());
- avail.add(new AES128CBC.Factory());
- avail.add(new TripleDESCBC.Factory());
- avail.add(new BlowfishCBC.Factory());
- avail.add(new AES192CBC.Factory());
- avail.add(new AES256CBC.Factory());
-
- for (Iterator<NamedFactory<Cipher>> i = avail.iterator(); i.hasNext();) {
- final NamedFactory<Cipher> f = i.next();
- try {
- final Cipher c = f.create();
- final byte[] key = new byte[c.getBlockSize()];
- final byte[] iv = new byte[c.getIVSize()];
- c.init(Cipher.Mode.Encrypt, key, iv);
- } catch (InvalidKeyException e) {
- i.remove();
- } catch (Exception e) {
- i.remove();
- }
- }
- client.setCipherFactories(avail);
+ return SshBuilder
+ .client()
+ .factory(DEFAULT_SSH_CLIENT_FACTORY)
+ .build();
}
/*=================================
http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/1a1ca8c8/sshd-core/src/main/java/org/apache/sshd/SshServer.java
----------------------------------------------------------------------
diff --git a/sshd-core/src/main/java/org/apache/sshd/SshServer.java b/sshd-core/src/main/java/org/apache/sshd/SshServer.java
index 5aa8736..b60fe65 100644
--- a/sshd-core/src/main/java/org/apache/sshd/SshServer.java
+++ b/sshd-core/src/main/java/org/apache/sshd/SshServer.java
@@ -21,70 +21,30 @@ package org.apache.sshd;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
-import java.security.InvalidKeyException;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Arrays;
-import java.util.Collections;
import java.util.EnumSet;
-import java.util.Iterator;
-import java.util.LinkedList;
import java.util.List;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;
import org.apache.sshd.common.AbstractFactoryManager;
-import org.apache.sshd.common.Channel;
-import org.apache.sshd.common.Cipher;
import org.apache.sshd.common.Closeable;
-import org.apache.sshd.common.Compression;
import org.apache.sshd.common.Factory;
import org.apache.sshd.common.ForwardingFilter;
-import org.apache.sshd.common.RequestHandler;
-import org.apache.sshd.common.KeyExchange;
-import org.apache.sshd.common.Mac;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.Session;
-import org.apache.sshd.common.Signature;
import org.apache.sshd.common.SshdSocketAddress;
-import org.apache.sshd.common.cipher.AES128CBC;
-import org.apache.sshd.common.cipher.AES128CTR;
-import org.apache.sshd.common.cipher.AES192CBC;
-import org.apache.sshd.common.cipher.AES256CBC;
-import org.apache.sshd.common.cipher.AES256CTR;
-import org.apache.sshd.common.cipher.ARCFOUR128;
-import org.apache.sshd.common.cipher.ARCFOUR256;
-import org.apache.sshd.common.cipher.BlowfishCBC;
-import org.apache.sshd.common.cipher.TripleDESCBC;
-import org.apache.sshd.common.compression.CompressionNone;
-import org.apache.sshd.common.file.nativefs.NativeFileSystemFactory;
-import org.apache.sshd.common.forward.DefaultTcpipForwarderFactory;
-import org.apache.sshd.common.forward.TcpipServerChannel;
import org.apache.sshd.common.future.CloseFuture;
-import org.apache.sshd.common.future.SshFuture;
-import org.apache.sshd.common.future.SshFutureListener;
import org.apache.sshd.common.io.DefaultIoServiceFactoryFactory;
import org.apache.sshd.common.io.IoAcceptor;
import org.apache.sshd.common.io.IoServiceFactory;
import org.apache.sshd.common.io.IoSession;
import org.apache.sshd.common.io.mina.MinaServiceFactory;
import org.apache.sshd.common.io.nio2.Nio2ServiceFactory;
-import org.apache.sshd.common.mac.HMACMD5;
-import org.apache.sshd.common.mac.HMACMD596;
-import org.apache.sshd.common.mac.HMACSHA1;
-import org.apache.sshd.common.mac.HMACSHA196;
-import org.apache.sshd.common.mac.HMACSHA256;
-import org.apache.sshd.common.mac.HMACSHA512;
-import org.apache.sshd.common.random.BouncyCastleRandom;
-import org.apache.sshd.common.random.JceRandom;
-import org.apache.sshd.common.random.SingletonRandomFactory;
import org.apache.sshd.common.session.AbstractSession;
-import org.apache.sshd.common.session.ConnectionService;
-import org.apache.sshd.common.signature.SignatureDSA;
-import org.apache.sshd.common.signature.SignatureECDSA;
-import org.apache.sshd.common.signature.SignatureRSA;
import org.apache.sshd.common.util.CloseableUtils;
-import org.apache.sshd.common.util.IoUtils;
import org.apache.sshd.common.util.OsUtils;
import org.apache.sshd.common.util.SecurityUtils;
import org.apache.sshd.common.util.ThreadUtils;
@@ -99,19 +59,7 @@ import org.apache.sshd.server.auth.UserAuthPassword;
import org.apache.sshd.server.auth.UserAuthPublicKey;
import org.apache.sshd.server.auth.gss.GSSAuthenticator;
import org.apache.sshd.server.auth.gss.UserAuthGSS;
-import org.apache.sshd.server.channel.ChannelSession;
import org.apache.sshd.server.command.ScpCommandFactory;
-import org.apache.sshd.server.global.CancelTcpipForwardHandler;
-import org.apache.sshd.server.global.KeepAliveHandler;
-import org.apache.sshd.server.global.NoMoreSessionsHandler;
-import org.apache.sshd.server.global.TcpipForwardHandler;
-import org.apache.sshd.server.kex.DHG1;
-import org.apache.sshd.server.kex.DHG14;
-import org.apache.sshd.server.kex.DHGEX;
-import org.apache.sshd.server.kex.DHGEX256;
-import org.apache.sshd.server.kex.ECDHP256;
-import org.apache.sshd.server.kex.ECDHP384;
-import org.apache.sshd.server.kex.ECDHP521;
import org.apache.sshd.server.keyprovider.PEMGeneratorHostKeyProvider;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.session.ServerConnectionService;
@@ -147,6 +95,12 @@ import org.apache.sshd.server.shell.ProcessShellFactory;
*/
public class SshServer extends AbstractFactoryManager implements ServerFactoryManager, Closeable {
+ public static final Factory<SshServer> DEFAULT_SSH_SERVER_FACTORY = new Factory<SshServer>() {
+ public SshServer create() {
+ return new SshServer();
+ }
+ };
+
protected IoAcceptor acceptor;
protected String host;
protected int port;
@@ -442,106 +396,10 @@ public class SshServer extends AbstractFactoryManager implements ServerFactoryMa
}
public static SshServer setUpDefaultServer() {
- SshServer sshd = new SshServer();
- // DHG14 uses 2048 bits key which are not supported by the default JCE provider
- // EC keys are not supported until OpenJDK 8
- if (SecurityUtils.isBouncyCastleRegistered()) {
- sshd.setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>>asList(
- new DHGEX256.Factory(),
- new DHGEX.Factory(),
- new ECDHP256.Factory(),
- new ECDHP384.Factory(),
- new ECDHP521.Factory(),
- new DHG14.Factory(),
- new DHG1.Factory()));
- sshd.setSignatureFactories(Arrays.<NamedFactory<Signature>>asList(
- new SignatureECDSA.NISTP256Factory(),
- new SignatureECDSA.NISTP384Factory(),
- new SignatureECDSA.NISTP521Factory(),
- new SignatureDSA.Factory(),
- new SignatureRSA.Factory()));
- sshd.setRandomFactory(new SingletonRandomFactory(new BouncyCastleRandom.Factory()));
- // EC keys are not supported until OpenJDK 7
- } else if (SecurityUtils.hasEcc()) {
- sshd.setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>>asList(
- new DHGEX256.Factory(),
- new DHGEX.Factory(),
- new ECDHP256.Factory(),
- new ECDHP384.Factory(),
- new ECDHP521.Factory(),
- new DHG1.Factory()));
- sshd.setSignatureFactories(Arrays.<NamedFactory<Signature>>asList(
- new SignatureECDSA.NISTP256Factory(),
- new SignatureECDSA.NISTP384Factory(),
- new SignatureECDSA.NISTP521Factory(),
- new SignatureDSA.Factory(),
- new SignatureRSA.Factory()));
- sshd.setRandomFactory(new SingletonRandomFactory(new JceRandom.Factory()));
- } else {
- sshd.setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>>asList(
- new DHGEX256.Factory(),
- new DHGEX.Factory(),
- new DHG1.Factory()));
- sshd.setSignatureFactories(Arrays.<NamedFactory<Signature>>asList(
- new SignatureDSA.Factory(),
- new SignatureRSA.Factory()));
- sshd.setRandomFactory(new SingletonRandomFactory(new JceRandom.Factory()));
- }
- setUpDefaultCiphers(sshd);
- // Compression is not enabled by default
- // sshd.setCompressionFactories(Arrays.<NamedFactory<Compression>>asList(
- // new CompressionNone.Factory(),
- // new CompressionZlib.Factory(),
- // new CompressionDelayedZlib.Factory()));
- sshd.setCompressionFactories(Arrays.<NamedFactory<Compression>>asList(
- new CompressionNone.Factory()));
- sshd.setMacFactories(Arrays.<NamedFactory<Mac>>asList(
- new HMACSHA256.Factory(),
- new HMACSHA512.Factory(),
- new HMACSHA1.Factory(),
- new HMACMD5.Factory(),
- new HMACSHA196.Factory(),
- new HMACMD596.Factory()));
- sshd.setChannelFactories(Arrays.<NamedFactory<Channel>>asList(
- new ChannelSession.Factory(),
- new TcpipServerChannel.DirectTcpipFactory()));
- sshd.setFileSystemFactory(new NativeFileSystemFactory());
- sshd.setTcpipForwarderFactory(new DefaultTcpipForwarderFactory());
- sshd.setGlobalRequestHandlers(Arrays.<RequestHandler<ConnectionService>>asList(
- new KeepAliveHandler(),
- new NoMoreSessionsHandler(),
- new TcpipForwardHandler(),
- new CancelTcpipForwardHandler()
- ));
- return sshd;
- }
-
- private static void setUpDefaultCiphers(SshServer sshd) {
- List<NamedFactory<Cipher>> avail = new LinkedList<NamedFactory<Cipher>>();
- avail.add(new AES128CTR.Factory());
- avail.add(new AES256CTR.Factory());
- avail.add(new ARCFOUR128.Factory());
- avail.add(new ARCFOUR256.Factory());
- avail.add(new AES128CBC.Factory());
- avail.add(new TripleDESCBC.Factory());
- avail.add(new BlowfishCBC.Factory());
- avail.add(new AES192CBC.Factory());
- avail.add(new AES256CBC.Factory());
-
- for (Iterator<NamedFactory<Cipher>> i = avail.iterator(); i.hasNext();) {
- final NamedFactory<Cipher> f = i.next();
- try {
- final Cipher c = f.create();
- final byte[] key = new byte[c.getBlockSize()];
- final byte[] iv = new byte[c.getIVSize()];
- c.init(Cipher.Mode.Encrypt, key, iv);
- } catch (InvalidKeyException e) {
- i.remove();
- } catch (Exception e) {
- i.remove();
- }
- }
- sshd.setCipherFactories(avail);
+ return SshBuilder
+ .server()
+ .factory(DEFAULT_SSH_SERVER_FACTORY)
+ .build();
}
/*=================================