You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by gn...@apache.org on 2010/09/22 16:53:48 UTC
svn commit: r1000012 - in
/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd: ./ client/
client/keyverifier/ client/session/
Author: gnodet
Date: Wed Sep 22 14:53:48 2010
New Revision: 1000012
URL: http://svn.apache.org/viewvc?rev=1000012&view=rev
Log:
[SSHD-92] Introduce a ClientFactoryManager for better coherence with the server side
Added:
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ClientFactoryManager.java
- copied, changed from r1000008, mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java
Modified:
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshClient.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/AcceptAllServerKeyVerifier.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/DelegatingServerKeyVerifier.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/RequiredServerKeyVerifier.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/session/ClientSessionImpl.java
Modified: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshClient.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshClient.java?rev=1000012&r1=1000011&r2=1000012&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshClient.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshClient.java Wed Sep 22 14:53:48 2010
@@ -32,6 +32,7 @@ import org.apache.mina.core.future.IoFut
import org.apache.mina.core.service.IoConnector;
import org.apache.mina.transport.socket.nio.NioSocketConnector;
import org.apache.sshd.agent.ChannelAgentForwarding;
+import org.apache.sshd.client.ClientFactoryManager;
import org.apache.sshd.client.ServerKeyVerifier;
import org.apache.sshd.client.SessionFactory;
import org.apache.sshd.client.channel.ChannelShell;
@@ -107,7 +108,7 @@ import org.apache.sshd.common.util.Secur
*
* @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
*/
-public class SshClient extends AbstractFactoryManager {
+public class SshClient extends AbstractFactoryManager implements ClientFactoryManager {
protected IoConnector connector;
protected SessionFactory sessionFactory;
@@ -125,6 +126,14 @@ public class SshClient extends AbstractF
this.sessionFactory = sessionFactory;
}
+ public ServerKeyVerifier getServerKeyVerifier() {
+ return serverKeyVerifier;
+ }
+
+ public void setServerKeyVerifier(ServerKeyVerifier serverKeyVerifier) {
+ this.serverKeyVerifier = serverKeyVerifier;
+ }
+
public void start() {
connector = new NioSocketConnector();
@@ -395,12 +404,4 @@ public class SshClient extends AbstractF
}
}
- public ServerKeyVerifier getServerKeyVerifier() {
- return serverKeyVerifier;
- }
-
- public void setServerKeyVerifier(ServerKeyVerifier serverKeyVerifier) {
- this.serverKeyVerifier = serverKeyVerifier;
- }
-
}
Copied: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ClientFactoryManager.java (from r1000008, mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java)
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ClientFactoryManager.java?p2=mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ClientFactoryManager.java&p1=mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java&r1=1000008&r2=1000012&rev=1000012&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ClientFactoryManager.java Wed Sep 22 14:53:48 2010
@@ -18,13 +18,22 @@
*/
package org.apache.sshd.client;
-import java.net.SocketAddress;
-import java.security.PublicKey;
+import org.apache.sshd.common.FactoryManager;
-import org.apache.sshd.ClientSession;
-
-public interface ServerKeyVerifier {
+/**
+ * The <code>ClientFactoryManager</code> enable the retrieval of additional
+ * configuration needed specifically for the client side.
+ *
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
+ */
+public interface ClientFactoryManager extends FactoryManager {
- boolean verifyServerKey(ClientSession sshClientSession, SocketAddress remoteAddress, PublicKey serverKey);
+ /**
+ * Retrieve the server key verifier to be used to check the key when connecting
+ * to an ssh server.
+ *
+ * @return the server key verifier to use
+ */
+ ServerKeyVerifier getServerKeyVerifier();
}
Modified: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java?rev=1000012&r1=1000011&r2=1000012&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/ServerKeyVerifier.java Wed Sep 22 14:53:48 2010
@@ -23,8 +23,22 @@ import java.security.PublicKey;
import org.apache.sshd.ClientSession;
+/**
+ * The <code>ServerKeyVerifier</code> is used on the client side
+ * to authenticate the key provided by the server.
+ *
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
+ */
public interface ServerKeyVerifier {
+ /**
+ * Verify that the server key provided is really the one of the host.
+ *
+ * @param sshClientSession the current session
+ * @param remoteAddress the host
+ * @param serverKey the presented key
+ * @return <code>true</code> if the key is accepted for the host
+ */
boolean verifyServerKey(ClientSession sshClientSession, SocketAddress remoteAddress, PublicKey serverKey);
}
Modified: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/AcceptAllServerKeyVerifier.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/AcceptAllServerKeyVerifier.java?rev=1000012&r1=1000011&r2=1000012&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/AcceptAllServerKeyVerifier.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/AcceptAllServerKeyVerifier.java Wed Sep 22 14:53:48 2010
@@ -29,8 +29,11 @@ import org.slf4j.LoggerFactory;
/**
* A ServerKeyVerifier that accepts all server keys.
+ *
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
*/
public class AcceptAllServerKeyVerifier implements ServerKeyVerifier {
+
protected final Logger log = LoggerFactory.getLogger(getClass());
public static final ServerKeyVerifier INSTANCE = new AcceptAllServerKeyVerifier();
Modified: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/DelegatingServerKeyVerifier.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/DelegatingServerKeyVerifier.java?rev=1000012&r1=1000011&r2=1000012&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/DelegatingServerKeyVerifier.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/DelegatingServerKeyVerifier.java Wed Sep 22 14:53:48 2010
@@ -32,8 +32,11 @@ import org.slf4j.LoggerFactory;
* A ServerKeyVerifier that delegates verification to the ServerKeyVerifier found in the ClientSession metadata
* The ServerKeyVerifier can be specified at the SshClient level, which may have connections to multiple hosts.
* This technique lets each connection have its own ServerKeyVerifier.
+ *
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
*/
public class DelegatingServerKeyVerifier implements ServerKeyVerifier {
+
protected final Logger log = LoggerFactory.getLogger(getClass());
public boolean verifyServerKey(ClientSession sshClientSession, SocketAddress remoteAddress, PublicKey serverKey) {
Modified: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/RequiredServerKeyVerifier.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/RequiredServerKeyVerifier.java?rev=1000012&r1=1000011&r2=1000012&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/RequiredServerKeyVerifier.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/keyverifier/RequiredServerKeyVerifier.java Wed Sep 22 14:53:48 2010
@@ -31,9 +31,12 @@ import org.slf4j.LoggerFactory;
/**
* A ServerKeyVerifier that accepts one server key (specified in the constructor)
*
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
*/
public class RequiredServerKeyVerifier implements ServerKeyVerifier {
+
protected final Logger log = LoggerFactory.getLogger(getClass());
+
final PublicKey requiredKey;
public RequiredServerKeyVerifier(PublicKey requiredKey) {
Modified: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/session/ClientSessionImpl.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/session/ClientSessionImpl.java?rev=1000012&r1=1000011&r2=1000012&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/session/ClientSessionImpl.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/client/session/ClientSessionImpl.java Wed Sep 22 14:53:48 2010
@@ -28,6 +28,7 @@ import org.apache.mina.core.session.IoSe
import org.apache.sshd.ClientChannel;
import org.apache.sshd.ClientSession;
import org.apache.sshd.SshClient;
+import org.apache.sshd.client.ClientFactoryManager;
import org.apache.sshd.client.ServerKeyVerifier;
import org.apache.sshd.client.UserAuth;
import org.apache.sshd.client.auth.UserAuthAgent;
@@ -74,6 +75,10 @@ public class ClientSessionImpl extends A
sendKexInit();
}
+ public ClientFactoryManager getClientFactoryManager() {
+ return (ClientFactoryManager) factoryManager;
+ }
+
public KeyExchange getKex() {
return kex;
}
@@ -401,7 +406,7 @@ public class ClientSessionImpl extends A
}
private void checkHost() throws SshException {
- ServerKeyVerifier serverKeyVerifier = ((SshClient) getFactoryManager()).getServerKeyVerifier();
+ ServerKeyVerifier serverKeyVerifier = getClientFactoryManager().getServerKeyVerifier();
if (serverKeyVerifier != null) {
SocketAddress remoteAddress = ioSession.getRemoteAddress();