comparison src/ch/ethz/ssh2/auth/ServerAuthenticationManager.java @ 273:91a31873c42a ganymed

start conversion from trilead to ganymed
author Carl Byington <carl@five-ten-sg.com>
date Fri, 18 Jul 2014 11:21:46 -0700
parents
children d2b303406d63
comparison
equal deleted inserted replaced
272:ce2f4e397703 273:91a31873c42a
1
2 package ch.ethz.ssh2.auth;
3
4 import java.io.IOException;
5 import java.util.Arrays;
6 import java.util.HashSet;
7 import java.util.Set;
8
9 import ch.ethz.ssh2.AuthenticationResult;
10 import ch.ethz.ssh2.PacketTypeException;
11 import ch.ethz.ssh2.ServerAuthenticationCallback;
12 import ch.ethz.ssh2.channel.ChannelManager;
13 import ch.ethz.ssh2.packets.PacketServiceAccept;
14 import ch.ethz.ssh2.packets.PacketServiceRequest;
15 import ch.ethz.ssh2.packets.PacketUserauthBanner;
16 import ch.ethz.ssh2.packets.PacketUserauthFailure;
17 import ch.ethz.ssh2.packets.PacketUserauthSuccess;
18 import ch.ethz.ssh2.packets.Packets;
19 import ch.ethz.ssh2.packets.TypesReader;
20 import ch.ethz.ssh2.server.ServerConnectionState;
21 import ch.ethz.ssh2.transport.MessageHandler;
22
23 public class ServerAuthenticationManager implements MessageHandler {
24 private final ServerConnectionState state;
25
26 public ServerAuthenticationManager(ServerConnectionState state) {
27 this.state = state;
28 state.tm.registerMessageHandler(this, 0, 255);
29 }
30
31 private void sendresult(AuthenticationResult result) throws IOException {
32 if(AuthenticationResult.SUCCESS == result) {
33 PacketUserauthSuccess pus = new PacketUserauthSuccess();
34 state.tm.sendAsynchronousMessage(pus.getPayload());
35
36 state.tm.removeMessageHandler(this);
37 state.tm.registerMessageHandler(this, 50, 79);
38
39 state.cm = new ChannelManager(state);
40
41 state.flag_auth_completed = true;
42
43 }
44 else {
45 Set<String> remaining_methods = new HashSet<String>();
46
47 if(state.cb_auth != null) {
48 remaining_methods.addAll(Arrays.asList(
49 state.cb_auth.getRemainingAuthMethods(state.conn)));
50 }
51 PacketUserauthFailure puf = new PacketUserauthFailure(remaining_methods,
52 AuthenticationResult.PARTIAL_SUCCESS == result);
53 state.tm.sendAsynchronousMessage(puf.getPayload());
54 }
55 }
56
57 @Override
58 public void handleFailure(final IOException failure) {
59 //
60 }
61
62 @Override
63 public void handleMessage(byte[] msg) throws IOException {
64 /* Ignore all authentication messages after successful auth */
65
66 if(state.flag_auth_completed) {
67 return;
68 }
69
70 if(!state.flag_auth_serviceRequested) {
71 /* Must be PacketServiceRequest */
72
73 PacketServiceRequest psr = new PacketServiceRequest(msg);
74
75 if(!"ssh-userauth".equals(psr.getServiceName())) {
76 throw new IOException("SSH protocol error, expected ssh-userauth service request");
77 }
78
79 PacketServiceAccept psa = new PacketServiceAccept("ssh-userauth");
80 state.tm.sendAsynchronousMessage(psa.getPayload());
81
82 String banner = state.cb_auth.initAuthentication(state.conn);
83
84 if(banner != null) {
85 PacketUserauthBanner pub = new PacketUserauthBanner(banner);
86 state.tm.sendAsynchronousMessage(pub.getPayload());
87 }
88
89 state.flag_auth_serviceRequested = true;
90
91 return;
92 }
93
94 ServerAuthenticationCallback cb = state.cb_auth;
95
96 TypesReader tr = new TypesReader(msg);
97 int packet_type = tr.readByte();
98
99 if(packet_type == Packets.SSH_MSG_USERAUTH_REQUEST) {
100 String username = tr.readString("UTF-8");
101 String service = tr.readString();
102 String method = tr.readString();
103
104 if(!"ssh-connection".equals(service)) {
105 sendresult(AuthenticationResult.FAILURE);
106 return;
107 }
108
109 if("none".equals(method)) {
110 if(cb != null) {
111 sendresult(cb.authenticateWithNone(state.conn, username));
112 return;
113 }
114 }
115
116 if("password".equals(method)) {
117 boolean flag_change_pass = tr.readBoolean();
118
119 if(flag_change_pass) {
120 sendresult(AuthenticationResult.FAILURE);
121 return;
122 }
123
124 String password = tr.readString("UTF-8");
125
126 if(cb != null) {
127 sendresult(cb.authenticateWithPassword(state.conn, username, password));
128 return;
129 }
130 }
131
132 sendresult(AuthenticationResult.FAILURE);
133 return;
134 }
135 throw new PacketTypeException(packet_type);
136 }
137 }