comparison src/net/sourceforge/jsocks/server/IdentAuthenticator.java @ 349:205ee2873330

update jsocks to 2011-03-19
author Carl Byington <carl@five-ten-sg.com>
date Fri, 01 Aug 2014 11:23:10 -0700
parents
children 72de889ecfe7
comparison
equal deleted inserted replaced
348:29076621bab0 349:205ee2873330
1 package socks.server;
2 import net.sourceforge.jsocks.InetRange;
3 import net.sourceforge.jsocks.ProxyMessage;
4 import java.util.Hashtable;
5 import java.util.Vector;
6 import java.util.Enumeration;
7 import java.net.*;
8 import java.io.*;
9
10 /**
11 An implementation of socks.ServerAuthentication which provides
12 simple authentication based on the host from which the connection
13 is made and the name of the user on the remote machine, as reported
14 by identd daemon on the remote machine.
15 <p>
16 It can also be used to provide authentication based only on the contacting
17 host address.
18 */
19
20 public class IdentAuthenticator extends ServerAuthenticatorNone{
21 /** Vector of InetRanges */
22 Vector hosts;
23
24 /** Vector of user hashes*/
25 Vector users;
26
27 String user;
28
29
30 /**
31 Constructs empty IdentAuthenticator.
32 */
33 public IdentAuthenticator(){
34 hosts = new Vector();
35 users = new Vector();
36 }
37 /**
38 Used to create instances returned from startSession.
39 @param in Input stream.
40 @param out OutputStream.
41 @param user Username associated with this connection,could be
42 null if name was not required.
43 */
44 IdentAuthenticator(InputStream in,OutputStream out, String user){
45 super(in,out);
46 this.user = user;
47 }
48
49 /**
50 Adds range of addresses from which connection is allowed. Hashtable
51 users should contain user names as keys and anything as values
52 (value is not used and will be ignored).
53 @param hostRange Range of ip addresses from which connection is allowed.
54 @param users Hashtable of users for whom connection is allowed, or null
55 to indicate that anybody is allowed to connect from the hosts within given
56 range.
57 */
58 public synchronized void add(InetRange hostRange,Hashtable users){
59 this.hosts.addElement(hostRange);
60 this.users.addElement(users);
61 }
62
63 /**
64 Grants permission only to those users, who connect from one of the
65 hosts registered with add(InetRange,Hashtable) and whose names, as
66 reported by identd daemon, are listed for the host the connection
67 came from.
68 */
69 public ServerAuthenticator startSession(Socket s)
70 throws IOException{
71
72 int ind = getRangeIndex(s.getInetAddress());
73 String user = null;
74
75 //System.out.println("getRangeReturned:"+ind);
76
77 if(ind < 0) return null; //Host is not on the list.
78
79 ServerAuthenticatorNone auth = (ServerAuthenticatorNone)
80 super.startSession(s);
81
82 //System.out.println("super.startSession() returned:"+auth);
83 if(auth == null) return null;
84
85 //do the authentication
86
87 Hashtable user_names = (Hashtable) users.elementAt(ind);
88
89 if(user_names != null){ //If need to do authentication
90 Ident ident;
91 ident = new Ident(s);
92 //If can't obtain user name, fail
93 if(!ident.successful) return null;
94 //If user name is not listed for this address, fail
95 if(!user_names.containsKey(ident.userName)) return null;
96 user = ident.userName;
97 }
98 return new IdentAuthenticator(auth.in,auth.out,user);
99
100 }
101 /**
102 For SOCKS5 requests allways returns true. For SOCKS4 requests
103 checks wether the user name supplied in the request corresponds
104 to the name obtained from the ident daemon.
105 */
106 public boolean checkRequest(ProxyMessage msg,java.net.Socket s){
107 //If it's version 5 request, or if anybody is permitted, return true;
108 if(msg.version == 5 || user == null)
109 return true;
110
111 if(msg.version != 4) return false; //Who knows?
112
113 return user.equals(msg.user);
114 }
115
116 /** Get String representaion of the IdentAuthenticator.*/
117 public String toString(){
118 String s = "";
119
120 for(int i=0;i<hosts.size();++i)
121 s += "Range:"+hosts.elementAt(i)+"\nUsers:"+userNames(i)+"\n";
122 return s;
123 }
124
125 //Private Methods
126 //////////////////
127 private int getRangeIndex(InetAddress ip){
128 int index = 0;
129 Enumeration eEnum = hosts.elements();
130 while(eEnum.hasMoreElements()){
131 InetRange ir = (InetRange) eEnum.nextElement();
132 if(ir.contains(ip)) return index;
133 index++;
134 }
135 return -1; //Not found
136 }
137
138 private String userNames(int i){
139 if(users.elementAt(i) == null) return "Everybody is permitted.";
140
141 Enumeration eEnum = ((Hashtable)users.elementAt(i)).keys();
142 if(!eEnum.hasMoreElements()) return "";
143 String s = eEnum.nextElement().toString();
144 while(eEnum.hasMoreElements())
145 s += "; "+eEnum.nextElement();
146
147 return s;
148 }
149
150 }