You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by lg...@apache.org on 2019/02/13 11:40:32 UTC
[mina-sshd] branch master updated (dbe5b44 -> 27c3af2)
This is an automated email from the ASF dual-hosted git repository.
lgoldstein pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git.
from dbe5b44 [SSHD-893] Using Path(s) instead of String(s) as DirectoryScanner results
new e00a5e6 [SSHD-894] Ignore subsequent authentication requests if one was successful - as per RFC4252 section 5.1
new 23b9fd5 Log caught session exception cause if available
new 2721d4d [SSHD-894] Fix Race condition when doing async auth.
new 53091ca [SSHD-894] Fixed handling of delayed compression negotiated during KEX
new 27c3af2 [SSHD-822] Added capability to control unit tests running according to current IoServiceFactory provider type (NIO2, MINA, NETTY)
The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
assembly/pom.xml | 2 --
sshd-cli/pom.xml | 2 --
sshd-common/pom.xml | 2 --
sshd-contrib/pom.xml | 2 --
sshd-core/pom.xml | 2 --
.../common/session/helpers/AbstractSession.java | 30 +++++++++--------
.../sshd/common/session/helpers/SessionHelper.java | 19 +++++++++--
.../sshd/server/session/AbstractServerSession.java | 30 +++++++++++++++++
.../apache/sshd/server/session/ServerSession.java | 25 ++++++++++++++
.../sshd/server/session/ServerUserAuthService.java | 28 ++++++++++++----
.../org/apache/sshd/util/test/BaseTestSupport.java | 39 ++++++++++++++++++++++
sshd-git/pom.xml | 2 --
sshd-ldap/pom.xml | 4 +--
sshd-mina/pom.xml | 2 --
sshd-openpgp/pom.xml | 2 --
sshd-putty/pom.xml | 2 --
sshd-scp/pom.xml | 4 ---
.../java/org/apache/sshd/client/scp/ScpTest.java | 10 ++++--
sshd-sftp/pom.xml | 5 +--
sshd-spring-sftp/pom.xml | 2 --
20 files changed, 157 insertions(+), 57 deletions(-)
[mina-sshd] 03/05: [SSHD-894] Fix Race condition when doing async
auth.
Posted by lg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
lgoldstein pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git
commit 2721d4df3fe2c5a6e582e48c2d7387fe2f970958
Author: The-Yoda <yo...@gmail.com>
AuthorDate: Tue Feb 12 12:08:07 2019 +0200
[SSHD-894] Fix Race condition when doing async auth.
---
.../java/org/apache/sshd/server/session/ServerUserAuthService.java | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java b/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java
index c596cf7..653d8b1 100644
--- a/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java
+++ b/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java
@@ -359,11 +359,12 @@ public class ServerUserAuthService extends AbstractCloseable implements Service,
sendWelcomeBanner(session);
}
- Buffer response = session.createBuffer(SshConstants.SSH_MSG_USERAUTH_SUCCESS, Byte.SIZE);
- session.writePacket(response);
session.setUsername(username);
session.setAuthenticated();
session.startService(authService, buffer);
+
+ Buffer response = session.createBuffer(SshConstants.SSH_MSG_USERAUTH_SUCCESS, Byte.SIZE);
+ session.writePacket(response);
session.resetIdleTimeout();
log.info("Session {}@{} authenticated", username, session.getIoSession().getRemoteAddress());
} else {
[mina-sshd] 02/05: Log caught session exception cause if available
Posted by lg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
lgoldstein pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git
commit 23b9fd5d7b7faa0b3bc72e66bd9b176b3877e7f8
Author: Lyor Goldstein <lg...@apache.org>
AuthorDate: Tue Feb 12 12:55:12 2019 +0200
Log caught session exception cause if available
---
.../apache/sshd/common/session/helpers/SessionHelper.java | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/SessionHelper.java b/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/SessionHelper.java
index a996d6d..41e85ac 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/SessionHelper.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/SessionHelper.java
@@ -1022,9 +1022,22 @@ public abstract class SessionHelper extends AbstractKexFactoryManager implements
return;
}
- log.warn("exceptionCaught({})[state={}] {}: {}", this, curState, t.getClass().getSimpleName(), t.getMessage());
+ log.warn("exceptionCaught({})[state={}] {}: {}",
+ this, curState, t.getClass().getSimpleName(), t.getMessage());
+ Throwable cause = t.getCause();
+ if ((cause != null) && GenericUtils.isSameReference(t, cause)) {
+ cause = null;
+ }
+ if (cause != null) {
+ log.warn("exceptionCaught({})[state={}] caused by {}: {}",
+ this, curState, cause.getClass().getSimpleName(), cause.getMessage());
+ }
+
if (log.isDebugEnabled()) {
log.debug("exceptionCaught(" + this + ")[state=" + curState + "] details", t);
+ if (cause != null) {
+ log.debug("exceptionCaught(" + this + ")[state=" + curState + "] cause", cause);
+ }
}
signalExceptionCaught(t);
[mina-sshd] 01/05: [SSHD-894] Ignore subsequent authentication
requests if one was successful - as per RFC4252 section 5.1
Posted by lg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
lgoldstein pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git
commit e00a5e662275bdf56f07ce0a9adb0f553b0dd3e7
Author: Lyor Goldstein <lg...@apache.org>
AuthorDate: Tue Feb 12 12:18:47 2019 +0200
[SSHD-894] Ignore subsequent authentication requests if one was successful - as per RFC4252 section 5.1
---
.../sshd/server/session/ServerUserAuthService.java | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java b/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java
index 1e45bbd..c596cf7 100644
--- a/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java
+++ b/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java
@@ -154,6 +154,26 @@ public class ServerUserAuthService extends AbstractCloseable implements Service,
ServerSession session = getServerSession();
boolean debugEnabled = log.isDebugEnabled();
if (cmd == SshConstants.SSH_MSG_USERAUTH_REQUEST) {
+ /*
+ * According to RFC4252 section 5.1:
+ *
+ *
+ * When SSH_MSG_USERAUTH_SUCCESS has been sent, any
+ * further authentication requests received after that
+ * SHOULD be silently ignored.
+ */
+ if (session.isAuthenticated()) {
+ String username = buffer.getString();
+ String service = buffer.getString();
+ String method = buffer.getString();
+
+ if (debugEnabled) {
+ log.debug("process({}) ignore user={}, service={}, method={} auth. request since session already authenticated",
+ session, username, service, method);
+ }
+ return;
+ }
+
if (WelcomeBannerPhase.FIRST_REQUEST.equals(getWelcomePhase())) {
sendWelcomeBanner(session);
}
[mina-sshd] 05/05: [SSHD-822] Added capability to control unit
tests running according to current IoServiceFactory provider type (NIO2,
MINA, NETTY)
Posted by lg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
lgoldstein pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git
commit 27c3af2f0cad69cc91cea18d3b7d59340313bb27
Author: Lyor Goldstein <lg...@apache.org>
AuthorDate: Wed Feb 13 09:35:21 2019 +0200
[SSHD-822] Added capability to control unit tests running according to current IoServiceFactory provider type (NIO2, MINA, NETTY)
---
assembly/pom.xml | 2 --
sshd-cli/pom.xml | 2 --
sshd-common/pom.xml | 2 --
sshd-contrib/pom.xml | 2 --
sshd-core/pom.xml | 2 --
.../org/apache/sshd/util/test/BaseTestSupport.java | 39 ++++++++++++++++++++++
sshd-git/pom.xml | 2 --
sshd-ldap/pom.xml | 4 +--
sshd-mina/pom.xml | 2 --
sshd-openpgp/pom.xml | 2 --
sshd-putty/pom.xml | 2 --
sshd-scp/pom.xml | 4 ---
.../java/org/apache/sshd/client/scp/ScpTest.java | 10 ++++--
sshd-sftp/pom.xml | 5 +--
sshd-spring-sftp/pom.xml | 2 --
15 files changed, 48 insertions(+), 34 deletions(-)
diff --git a/assembly/pom.xml b/assembly/pom.xml
index 8d4bcf4..c6cb79c 100644
--- a/assembly/pom.xml
+++ b/assembly/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/sshd-cli/pom.xml b/sshd-cli/pom.xml
index ae6cdec..7153587 100644
--- a/sshd-cli/pom.xml
+++ b/sshd-cli/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/sshd-common/pom.xml b/sshd-common/pom.xml
index b66b878..23ab842 100644
--- a/sshd-common/pom.xml
+++ b/sshd-common/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/sshd-contrib/pom.xml b/sshd-contrib/pom.xml
index 3e96f9e..0df44a4 100644
--- a/sshd-contrib/pom.xml
+++ b/sshd-contrib/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/sshd-core/pom.xml b/sshd-core/pom.xml
index 555f5af..dad48d6 100644
--- a/sshd-core/pom.xml
+++ b/sshd-core/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/sshd-core/src/test/java/org/apache/sshd/util/test/BaseTestSupport.java b/sshd-core/src/test/java/org/apache/sshd/util/test/BaseTestSupport.java
index 589ab2f..4587ea3 100644
--- a/sshd-core/src/test/java/org/apache/sshd/util/test/BaseTestSupport.java
+++ b/sshd-core/src/test/java/org/apache/sshd/util/test/BaseTestSupport.java
@@ -18,11 +18,17 @@
*/
package org.apache.sshd.util.test;
+import java.util.Collection;
+
import org.apache.sshd.client.SshClient;
+import org.apache.sshd.common.helpers.AbstractFactoryManager;
+import org.apache.sshd.common.io.BuiltinIoServiceFactoryFactories;
import org.apache.sshd.common.io.DefaultIoServiceFactoryFactory;
import org.apache.sshd.common.io.IoServiceFactoryFactory;
+import org.apache.sshd.common.util.GenericUtils;
import org.apache.sshd.common.util.net.SshdSocketAddress;
import org.apache.sshd.server.SshServer;
+import org.junit.Assume;
import org.junit.Rule;
import org.junit.rules.TestWatcher;
import org.junit.runner.Description;
@@ -74,9 +80,42 @@ public abstract class BaseTestSupport extends JUnitTestSupport {
return CoreTestSupportUtils.setupTestClient(getClass());
}
+ protected void assumeNotIoServiceProvider(Collection<BuiltinIoServiceFactoryFactories> excluded) {
+ assumeNotIoServiceProvider(getCurrentTestName(), excluded);
+ }
+
public static IoServiceFactoryFactory getIoServiceProvider() {
DefaultIoServiceFactoryFactory factory =
DefaultIoServiceFactoryFactory.getDefaultIoServiceFactoryFactoryInstance();
return factory.getIoServiceProvider();
}
+
+ public static void assumeNotIoServiceProvider(
+ String message, Collection<BuiltinIoServiceFactoryFactories> excluded) {
+ if (GenericUtils.isEmpty(excluded)) {
+ return;
+ }
+
+ assumeNotIoServiceProvider(message, getIoServiceProvider(), excluded);
+ }
+
+ public static void assumeNotIoServiceProvider(
+ String message, AbstractFactoryManager manager, Collection<BuiltinIoServiceFactoryFactories> excluded) {
+ assumeNotIoServiceProvider(message, manager.getIoServiceFactoryFactory(), excluded);
+ }
+
+ public static void assumeNotIoServiceProvider(
+ String message, IoServiceFactoryFactory provider, Collection<BuiltinIoServiceFactoryFactories> excluded) {
+ if (GenericUtils.isEmpty(excluded)) {
+ return;
+ }
+
+ Class<?> clazz = provider.getClass();
+ String clazzName = clazz.getName();
+ BuiltinIoServiceFactoryFactories match = excluded.stream()
+ .filter(f -> clazzName.equals(f.getFactoryClassName()))
+ .findFirst()
+ .orElse(null);
+ Assume.assumeTrue(message + " - skip factory=" + match, match == null);
+ }
}
diff --git a/sshd-git/pom.xml b/sshd-git/pom.xml
index 05d64a2..4721629 100644
--- a/sshd-git/pom.xml
+++ b/sshd-git/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/sshd-ldap/pom.xml b/sshd-ldap/pom.xml
index b637bdd..99fdaa6 100644
--- a/sshd-ldap/pom.xml
+++ b/sshd-ldap/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
@@ -59,7 +57,7 @@
</exclusion>
</exclusions>
</dependency>
-
+
<dependency>
<groupId>org.apache.directory.shared</groupId>
<artifactId>shared-cursor</artifactId>
diff --git a/sshd-mina/pom.xml b/sshd-mina/pom.xml
index 9a2ddc0..1e40fa9 100644
--- a/sshd-mina/pom.xml
+++ b/sshd-mina/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/sshd-openpgp/pom.xml b/sshd-openpgp/pom.xml
index 138c9a3..141abf3 100644
--- a/sshd-openpgp/pom.xml
+++ b/sshd-openpgp/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/sshd-putty/pom.xml b/sshd-putty/pom.xml
index 5542afe..069ea6a 100644
--- a/sshd-putty/pom.xml
+++ b/sshd-putty/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/sshd-scp/pom.xml b/sshd-scp/pom.xml
index 4aefd32..179a651 100644
--- a/sshd-scp/pom.xml
+++ b/sshd-scp/pom.xml
@@ -201,10 +201,6 @@
<systemProperties>
<org.apache.sshd.common.io.IoServiceFactoryFactory>org.apache.sshd.netty.NettyIoServiceFactoryFactory</org.apache.sshd.common.io.IoServiceFactoryFactory>
</systemProperties>
- <excludes>
- <!-- TODO need some more research as to why this fails intermittently on Netty but not on NIO2 or MINA -->
- <exclude>**/ScpTest.java</exclude>
- </excludes>
</configuration>
</execution>
</executions>
diff --git a/sshd-scp/src/test/java/org/apache/sshd/client/scp/ScpTest.java b/sshd-scp/src/test/java/org/apache/sshd/client/scp/ScpTest.java
index b6b27a9..8e6cbcb 100644
--- a/sshd-scp/src/test/java/org/apache/sshd/client/scp/ScpTest.java
+++ b/sshd-scp/src/test/java/org/apache/sshd/client/scp/ScpTest.java
@@ -46,6 +46,7 @@ import org.apache.sshd.common.Factory;
import org.apache.sshd.common.channel.Channel;
import org.apache.sshd.common.file.FileSystemFactory;
import org.apache.sshd.common.file.virtualfs.VirtualFileSystemFactory;
+import org.apache.sshd.common.io.BuiltinIoServiceFactoryFactories;
import org.apache.sshd.common.random.Random;
import org.apache.sshd.common.scp.ScpException;
import org.apache.sshd.common.scp.ScpFileOpener;
@@ -71,7 +72,6 @@ import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.FixMethodOrder;
-import org.junit.Ignore;
import org.junit.Test;
import org.junit.runners.MethodSorters;
@@ -101,7 +101,6 @@ public class ScpTest extends BaseTestSupport {
public void startFileEvent(
Session s, FileOperation op, Path file, long length, Set<PosixFilePermission> perms) {
logEvent("startFileEvent", s, op, file, true, length, perms, null);
-
}
@Override
@@ -384,8 +383,10 @@ public class ScpTest extends BaseTestSupport {
}
@Test
- @Ignore("TODO investigate why this fails often")
public void testScpNativeOnSingleFile() throws Exception {
+ // see SSHD-822
+ assumeNotIoServiceProvider(EnumSet.of(BuiltinIoServiceFactoryFactories.NETTY));
+
String data = getClass().getName() + "#" + getCurrentTestName() + IoUtils.EOL;
Path targetPath = detectTargetFolder();
@@ -441,6 +442,9 @@ public class ScpTest extends BaseTestSupport {
@Test
public void testScpNativeOnMultipleFiles() throws Exception {
+ // see SSHD-822
+ assumeNotIoServiceProvider(EnumSet.of(BuiltinIoServiceFactoryFactories.MINA, BuiltinIoServiceFactoryFactories.NETTY));
+
try (ClientSession session = client.connect(getCurrentTestName(), TEST_LOCALHOST, port)
.verify(CONNECT_TIMEOUT, TimeUnit.SECONDS)
.getSession()) {
diff --git a/sshd-sftp/pom.xml b/sshd-sftp/pom.xml
index 8632f97..4abbcb8 100644
--- a/sshd-sftp/pom.xml
+++ b/sshd-sftp/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
@@ -199,9 +197,8 @@
<org.apache.sshd.common.io.IoServiceFactoryFactory>org.apache.sshd.netty.NettyIoServiceFactoryFactory</org.apache.sshd.common.io.IoServiceFactoryFactory>
</systemProperties>
<excludes>
- <!-- TODO need some more research as to why this fails frequently on Netty -->
+ <!-- TODO (SSHD-822) need some more research as to why this fails frequently on Netty -->
<exclude>**/AbstractCheckFileExtensionTest.java</exclude>
- <exclude>**/SftpVersionsTest.java</exclude>
</excludes>
</configuration>
</execution>
diff --git a/sshd-spring-sftp/pom.xml b/sshd-spring-sftp/pom.xml
index 413d9aa..f51582e 100644
--- a/sshd-spring-sftp/pom.xml
+++ b/sshd-spring-sftp/pom.xml
@@ -1,6 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
[mina-sshd] 04/05: [SSHD-894] Fixed handling of delayed compression
negotiated during KEX
Posted by lg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
lgoldstein pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git
commit 53091ca9e4c26a1f6960c0df144e1c4663924d54
Author: Lyor Goldstein <lg...@apache.org>
AuthorDate: Tue Feb 12 14:59:10 2019 +0200
[SSHD-894] Fixed handling of delayed compression negotiated during KEX
---
.../common/session/helpers/AbstractSession.java | 30 ++++++++++++----------
.../sshd/common/session/helpers/SessionHelper.java | 4 +--
.../sshd/server/session/AbstractServerSession.java | 30 ++++++++++++++++++++++
.../apache/sshd/server/session/ServerSession.java | 25 ++++++++++++++++++
.../sshd/server/session/ServerUserAuthService.java | 9 +------
5 files changed, 75 insertions(+), 23 deletions(-)
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/AbstractSession.java b/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/AbstractSession.java
index b949d6a..8e1c947 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/AbstractSession.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/AbstractSession.java
@@ -728,7 +728,8 @@ public abstract class AbstractSession extends SessionHelper {
}
}
- protected IoWriteFuture doWritePacket(Buffer buffer) throws IOException {
+ // NOTE: must acquire encodeLock when calling this method
+ protected Buffer resolveOutputPacket(Buffer buffer) throws IOException {
Buffer ignoreBuf = null;
int ignoreDataLen = resolveIgnoreBufferDataLength();
if (ignoreDataLen > 0) {
@@ -742,7 +743,7 @@ public abstract class AbstractSession extends SessionHelper {
ignoreBuf.wpos(wpos + ignoreDataLen);
if (log.isDebugEnabled()) {
- log.debug("doWritePacket({}) append SSH_MSG_IGNORE message", this);
+ log.debug("resolveOutputPacket({}) append SSH_MSG_IGNORE message", this);
}
}
@@ -751,22 +752,25 @@ public abstract class AbstractSession extends SessionHelper {
int cmd = data[curPos] & 0xFF; // usually the 1st byte is the command
buffer = validateTargetBuffer(cmd, buffer);
+ if (ignoreBuf != null) {
+ ignoreBuf = encode(ignoreBuf);
+
+ IoSession networkSession = getIoSession();
+ networkSession.writePacket(ignoreBuf);
+ }
+
+ return encode(buffer);
+ }
+
+ protected IoWriteFuture doWritePacket(Buffer buffer) throws IOException {
// Synchronize all write requests as needed by the encoding algorithm
// and also queue the write request in this synchronized block to ensure
// packets are sent in the correct order
- IoWriteFuture future;
- IoSession networkSession = getIoSession();
synchronized (encodeLock) {
- if (ignoreBuf != null) {
- ignoreBuf = encode(ignoreBuf);
- networkSession.writePacket(ignoreBuf);
- }
-
- buffer = encode(buffer);
- future = networkSession.writePacket(buffer);
+ Buffer packet = resolveOutputPacket(buffer);
+ IoSession networkSession = getIoSession();
+ return networkSession.writePacket(packet);
}
-
- return future;
}
protected int resolveIgnoreBufferDataLength() {
diff --git a/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/SessionHelper.java b/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/SessionHelper.java
index 41e85ac..2846157 100644
--- a/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/SessionHelper.java
+++ b/sshd-core/src/main/java/org/apache/sshd/common/session/helpers/SessionHelper.java
@@ -107,11 +107,11 @@ public abstract class SessionHelper extends AbstractKexFactoryManager implements
/**
* The name of the authenticated user
*/
- private String username;
+ private volatile String username;
/**
* Boolean indicating if this session has been authenticated or not
*/
- private boolean authed;
+ private volatile boolean authed;
/**
* Create a new session.
diff --git a/sshd-core/src/main/java/org/apache/sshd/server/session/AbstractServerSession.java b/sshd-core/src/main/java/org/apache/sshd/server/session/AbstractServerSession.java
index 523f16a..2aafa06 100644
--- a/sshd-core/src/main/java/org/apache/sshd/server/session/AbstractServerSession.java
+++ b/sshd-core/src/main/java/org/apache/sshd/server/session/AbstractServerSession.java
@@ -256,6 +256,36 @@ public abstract class AbstractServerSession extends AbstractSession implements S
}
@Override
+ public IoWriteFuture signalAuthenticationSuccess(
+ String username, String authService, Buffer buffer)
+ throws Exception {
+ KexState curState = kexState.get();
+ if (!KexState.DONE.equals(curState)) {
+ throw new SshException(SshConstants.SSH2_DISCONNECT_PROTOCOL_ERROR,
+ "Authentication success signalled though KEX state=" + curState);
+ }
+
+ Buffer response = createBuffer(SshConstants.SSH_MSG_USERAUTH_SUCCESS, Byte.SIZE);
+ IoWriteFuture future;
+ IoSession networkSession = getIoSession();
+ synchronized (encodeLock) {
+ Buffer packet = resolveOutputPacket(response);
+
+ setUsername(username);
+ // must be AFTER the USERAUTH-SUCCESS packet created in case delayed compression is used
+ setAuthenticated();
+ startService(authService, buffer);
+
+ // Now we can inform the peer that authentication is successful
+ future = networkSession.writePacket(packet);
+ }
+
+ resetIdleTimeout();
+ log.info("Session {}@{} authenticated", username, networkSession.getRemoteAddress());
+ return future;
+ }
+
+ @Override
protected void handleServiceAccept(String serviceName, Buffer buffer) throws Exception {
super.handleServiceAccept(serviceName, buffer);
diff --git a/sshd-core/src/main/java/org/apache/sshd/server/session/ServerSession.java b/sshd-core/src/main/java/org/apache/sshd/server/session/ServerSession.java
index 99bec17..f06261c 100644
--- a/sshd-core/src/main/java/org/apache/sshd/server/session/ServerSession.java
+++ b/sshd-core/src/main/java/org/apache/sshd/server/session/ServerSession.java
@@ -22,7 +22,9 @@ package org.apache.sshd.server.session;
import java.net.SocketAddress;
import java.security.KeyPair;
+import org.apache.sshd.common.io.IoWriteFuture;
import org.apache.sshd.common.session.Session;
+import org.apache.sshd.common.util.buffer.Buffer;
import org.apache.sshd.server.ServerAuthenticationManager;
import org.apache.sshd.server.ServerFactoryManager;
@@ -61,4 +63,27 @@ public interface ServerSession
* @return The current number of live <code>SshSession</code> objects associated with the user
*/
int getActiveSessionCountForUser(String userName);
+
+ /**
+ * <UL>
+ * <P><LI>
+ * Marks the session as authenticated.
+ * </LI></P>
+ *
+ * <P><LI>
+ * Starts the specified service.
+ * </LI></P>
+ *
+ * <P><LI>
+ * Sends the {@code SSH_MSG_USERAUTH_SUCCESS} message.
+ * </LI></P>
+ * </UL>
+ * @param username The authenticated username
+ * @param authService The service to start
+ * @param buffer Any extra data received to use to start the service
+ * @return An {@link IoWriteFuture} that can be used to wait for the
+ * {@code SSH_MSG_USERAUTH_SUCCESS} message send result
+ * @throws Exception if cannot handle the request
+ */
+ IoWriteFuture signalAuthenticationSuccess(String username, String authService, Buffer buffer) throws Exception;
}
diff --git a/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java b/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java
index 653d8b1..cf8cb4d 100644
--- a/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java
+++ b/sshd-core/src/main/java/org/apache/sshd/server/session/ServerUserAuthService.java
@@ -359,14 +359,7 @@ public class ServerUserAuthService extends AbstractCloseable implements Service,
sendWelcomeBanner(session);
}
- session.setUsername(username);
- session.setAuthenticated();
- session.startService(authService, buffer);
-
- Buffer response = session.createBuffer(SshConstants.SSH_MSG_USERAUTH_SUCCESS, Byte.SIZE);
- session.writePacket(response);
- session.resetIdleTimeout();
- log.info("Session {}@{} authenticated", username, session.getIoSession().getRemoteAddress());
+ session.signalAuthenticationSuccess(username, authService, buffer);
} else {
String remaining = authMethods.stream()
.filter(GenericUtils::isNotEmpty)