Mercurial > 510Connectbot

comparison app/src/main/java/com/five_ten_sg/connectbot/transport/SSH.java @ 438:d29cce60f393

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
migrate from Eclipse to Android Studio
author Carl Byington <carl@five-ten-sg.com>
date Thu, 03 Dec 2015 11:23:55 -0800
parents src/com/five_ten_sg/connectbot/transport/SSH.java@5351641c8a46
children 73fa7329dc87
comparison
equal deleted inserted replaced
437:208b31032318 438:d29cce60f393
1 /*
2 * ConnectBot: simple, powerful, open-source SSH client for Android
3 * Copyright 2007 Kenny Root, Jeffrey Sharkey
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18 package com.five_ten_sg.connectbot.transport;
19
20 import java.io.File;
21 import java.io.IOException;
22 import java.io.InputStream;
23 import java.io.OutputStream;
24 import java.net.InetAddress;
25 import java.net.InetSocketAddress;
26 import java.net.URL;
27 import java.net.MalformedURLException;
28 import java.security.KeyPair;
29 import java.security.NoSuchAlgorithmException;
30 import java.security.PrivateKey;
31 import java.security.PublicKey;
32 import java.security.interfaces.DSAPrivateKey;
33 import java.security.interfaces.DSAPublicKey;
34 import java.security.interfaces.ECPrivateKey;
35 import java.security.interfaces.ECPublicKey;
36 import java.security.interfaces.RSAPrivateKey;
37 import java.security.interfaces.RSAPublicKey;
38 import java.security.spec.InvalidKeySpecException;
39 import java.util.Arrays;
40 import java.util.HashMap;
41 import java.util.LinkedList;
42 import java.util.List;
43 import java.util.Locale;
44 import java.util.Map;
45 import java.util.Map.Entry;
46 import java.util.regex.Matcher;
47 import java.util.regex.Pattern;
48
49 import com.five_ten_sg.connectbot.R;
50 import com.five_ten_sg.connectbot.bean.HostBean;
51 import com.five_ten_sg.connectbot.bean.PortForwardBean;
52 import com.five_ten_sg.connectbot.bean.PubkeyBean;
53 import com.five_ten_sg.connectbot.service.TerminalBridge;
54 import com.five_ten_sg.connectbot.service.TerminalManager;
55 import com.five_ten_sg.connectbot.service.TerminalManager.KeyHolder;
56 import com.five_ten_sg.connectbot.util.HostDatabase;
57 import com.five_ten_sg.connectbot.util.PubkeyDatabase;
58 import com.five_ten_sg.connectbot.util.PubkeyUtils;
59 import android.content.Context;
60 import android.net.Uri;
61 import android.os.Environment;
62 import android.util.Log;
63
64 import ch.ethz.ssh2.AuthAgentCallback;
65 import ch.ethz.ssh2.ChannelCondition;
66 import ch.ethz.ssh2.Connection;
67 import ch.ethz.ssh2.ConnectionInfo;
68 import ch.ethz.ssh2.ConnectionMonitor;
69 import ch.ethz.ssh2.DynamicPortForwarder;
70 import ch.ethz.ssh2.InteractiveCallback;
71 import ch.ethz.ssh2.KnownHosts;
72 import ch.ethz.ssh2.LocalPortForwarder;
73 import ch.ethz.ssh2.SCPClient;
74 import ch.ethz.ssh2.ServerHostKeyVerifier;
75 import ch.ethz.ssh2.Session;
76 import ch.ethz.ssh2.HTTPProxyData;
77 import ch.ethz.ssh2.HTTPProxyException;
78 import ch.ethz.ssh2.crypto.PEMDecoder;
79 import ch.ethz.ssh2.signature.DSASHA1Verify;
80 import ch.ethz.ssh2.signature.ECDSASHA2Verify;
81 import ch.ethz.ssh2.signature.RSASHA1Verify;
82
83 /**
84 * @author Kenny Root
85 *
86 */
87 public class SSH extends AbsTransport implements ConnectionMonitor, InteractiveCallback, AuthAgentCallback {
88 private static final String PROTOCOL = "ssh";
89 private static final String TAG = "ConnectBot.SSH";
90 private static final int DEFAULT_PORT = 22;
91
92 private static final String AUTH_PUBLICKEY = "publickey",
93 AUTH_PASSWORD = "password",
94 AUTH_KEYBOARDINTERACTIVE = "keyboard-interactive";
95
96 private final static int AUTH_TRIES = 20;
97
98 static final Pattern hostmask;
99 static {
100 hostmask = Pattern.compile("^(.+)@([0-9a-z.-]+)(:(\\d+))?$", Pattern.CASE_INSENSITIVE);
101 }
102
103 private boolean compression = false;
104 private String httpproxy = null;
105 private volatile boolean authenticated = false;
106 private volatile boolean connected = false;
107 private volatile boolean sessionOpen = false;
108
109 private boolean pubkeysExhausted = false;
110 private boolean interactiveCanContinue = true;
111
112 private Connection connection;
113 private Session session;
114 private ConnectionInfo connectionInfo;
115
116 private OutputStream stdin;
117 private InputStream stdout;
118 private InputStream stderr;
119
120 private static final int conditions = ChannelCondition.STDOUT_DATA
121 | ChannelCondition.STDERR_DATA
122 | ChannelCondition.CLOSED
123 | ChannelCondition.EOF;
124
125 private List<PortForwardBean> portForwards = new LinkedList<PortForwardBean>();
126
127 private int columns;
128 private int rows;
129
130 private int width;
131 private int height;
132
133 private String useAuthAgent = HostDatabase.AUTHAGENT_NO;
134 private String agentLockPassphrase;
135
136 public class HostKeyVerifier implements ServerHostKeyVerifier {
137 public boolean verifyServerHostKey(String hostname, int port,
138 String serverHostKeyAlgorithm, byte[] serverHostKey) throws IOException {
139 // read in all known hosts from hostdb
140 KnownHosts hosts = manager.hostdb.getKnownHosts();
141 Boolean result;
142 String matchName = String.format(Locale.US, "%s:%d", hostname, port);
143 String fingerprint = KnownHosts.createHexFingerprint(serverHostKeyAlgorithm, serverHostKey);
144 String algorithmName;
145
146 if ("ssh-rsa".equals(serverHostKeyAlgorithm))
147 algorithmName = "RSA";
148 else if ("ssh-dss".equals(serverHostKeyAlgorithm))
149 algorithmName = "DSA";
150 else if (serverHostKeyAlgorithm.startsWith("ecdsa-sha2-"))
151 algorithmName = "EC";
152 else
153 algorithmName = serverHostKeyAlgorithm;
154
155 switch (hosts.verifyHostkey(matchName, serverHostKeyAlgorithm, serverHostKey)) {
156 case KnownHosts.HOSTKEY_IS_OK:
157 bridge.outputLine(manager.res.getString(R.string.terminal_sucess, algorithmName, fingerprint));
158 return true;
159
160 case KnownHosts.HOSTKEY_IS_NEW:
161 // prompt user
162 bridge.outputLine(manager.res.getString(R.string.host_authenticity_warning, hostname));
163 bridge.outputLine(manager.res.getString(R.string.host_fingerprint, algorithmName, fingerprint));
164 result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_continue_connecting));
165
166 if (result == null) return false;
167
168 if (result.booleanValue()) {
169 // save this key in known database
170 manager.hostdb.saveKnownHost(hostname, port, serverHostKeyAlgorithm, serverHostKey);
171 }
172
173 return result.booleanValue();
174
175 case KnownHosts.HOSTKEY_HAS_CHANGED:
176 String header = String.format("@ %s @",
177 manager.res.getString(R.string.host_verification_failure_warning_header));
178 char[] atsigns = new char[header.length()];
179 Arrays.fill(atsigns, '@');
180 String border = new String(atsigns);
181 bridge.outputLine(border);
182 bridge.outputLine(manager.res.getString(R.string.host_verification_failure_warning));
183 bridge.outputLine(border);
184 bridge.outputLine(String.format(manager.res.getString(R.string.host_fingerprint),
185 algorithmName, fingerprint));
186 // Users have no way to delete keys, so we'll prompt them for now.
187 result = bridge.promptHelper.requestBooleanPrompt(null, manager.res.getString(R.string.prompt_continue_connecting));
188
189 if (result == null) return false;
190
191 if (result.booleanValue()) {
192 // save this key in known database
193 manager.hostdb.saveKnownHost(hostname, port, serverHostKeyAlgorithm, serverHostKey);
194 }
195
196 return result.booleanValue();
197
198 default:
199 return false;
200 }
201 }
202
203 }
204
205
206 public SSH() {
207 super();
208 }
209
210
211 /**
212 * @return protocol part of the URI
213 */
214 public static String getProtocolName() {
215 return PROTOCOL;
216 }
217
218
219 public Uri getUri(String input) {
220 Matcher matcher = hostmask.matcher(input);
221
222 if (!matcher.matches())
223 return null;
224
225 StringBuilder sb = new StringBuilder();
226 sb.append(PROTOCOL)
227 .append("://")
228 .append(Uri.encode(matcher.group(1)))
229 .append('@')
230 .append(matcher.group(2));
231 String portString = matcher.group(4);
232 int port = DEFAULT_PORT;
233
234 if (portString != null) {
235 try {
236 port = Integer.parseInt(portString);
237
238 if (port < 1 || port > 65535) {
239 port = DEFAULT_PORT;
240 }
241 }
242 catch (NumberFormatException nfe) {
243 // Keep the default port
244 }
245 }
246
247 if (port != DEFAULT_PORT) {
248 sb.append(':')
249 .append(port);
250 }
251
252 sb.append("/#")
253 .append(Uri.encode(input));
254 Uri uri = Uri.parse(sb.toString());
255 return uri;
256 }
257
258
259 private void authenticate() {
260 try {
261 if (connection.authenticateWithNone(host.getUsername())) {
262 finishConnection();
263 return;
264 }
265 }
266 catch (Exception e) {
267 Log.d(TAG, "Host does not support 'none' authentication.");
268 }
269
270 bridge.outputLine(manager.res.getString(R.string.terminal_auth));
271
272 try {
273 long pubkeyId = host.getPubkeyId();
274
275 if (!pubkeysExhausted &&
276 pubkeyId != HostDatabase.PUBKEYID_NEVER &&
277 connection.isAuthMethodAvailable(host.getUsername(), AUTH_PUBLICKEY)) {
278 // if explicit pubkey defined for this host, then prompt for password as needed
279 // otherwise just try all in-memory keys held in terminalmanager
280 if (pubkeyId == HostDatabase.PUBKEYID_ANY) {
281 // try each of the in-memory keys
282 bridge.outputLine(manager.res
283 .getString(R.string.terminal_auth_pubkey_any));
284
285 for (Entry<String, KeyHolder> entry : manager.loadedKeypairs.entrySet()) {
286 if (entry.getValue().bean.isConfirmUse()
287 && !promptForPubkeyUse(entry.getKey()))
288 continue;
289
290 if (this.tryPublicKey(host.getUsername(), entry.getKey(),
291 entry.getValue().pair)) {
292 finishConnection();
293 break;
294 }
295 }
296 }
297 else {
298 bridge.outputLine(manager.res.getString(R.string.terminal_auth_pubkey_specific));
299 // use a specific key for this host, as requested
300 PubkeyBean pubkey = manager.pubkeydb.findPubkeyById(pubkeyId);
301
302 if (pubkey == null)
303 bridge.outputLine(manager.res.getString(R.string.terminal_auth_pubkey_invalid));
304 else if (tryPublicKey(pubkey))
305 finishConnection();
306 }
307
308 pubkeysExhausted = true;
309 }
310 else if (interactiveCanContinue &&
311 connection.isAuthMethodAvailable(host.getUsername(), AUTH_KEYBOARDINTERACTIVE)) {
312 // this auth method will talk with us using InteractiveCallback interface
313 // it blocks until authentication finishes
314 bridge.outputLine(manager.res.getString(R.string.terminal_auth_ki));
315 interactiveCanContinue = false;
316
317 if (connection.authenticateWithKeyboardInteractive(host.getUsername(), this)) {
318 finishConnection();
319 }
320 else {
321 bridge.outputLine(manager.res.getString(R.string.terminal_auth_ki_fail));
322 }
323 }
324 else if (connection.isAuthMethodAvailable(host.getUsername(), AUTH_PASSWORD)) {
325 bridge.outputLine(manager.res.getString(R.string.terminal_auth_pass));
326 String password = bridge.getPromptHelper().requestPasswordPrompt(null,
327 manager.res.getString(R.string.prompt_password));
328
329 if (password != null
330 && connection.authenticateWithPassword(host.getUsername(), password)) {
331 finishConnection();
332 }
333 else {
334 bridge.outputLine(manager.res.getString(R.string.terminal_auth_pass_fail));
335 }
336 }
337 else {
338 bridge.outputLine(manager.res.getString(R.string.terminal_auth_fail));
339 }
340 }
341 catch (IllegalStateException e) {
342 Log.e(TAG, "Connection went away while we were trying to authenticate", e);
343 return;
344 }
345 catch (Exception e) {
346 Log.e(TAG, "Problem during handleAuthentication()", e);
347 }
348 }
349
350
351 /**
352 * Attempt connection with database row pointed to by cursor.
353 * @param cursor
354 * @return true for successful authentication
355 * @throws NoSuchAlgorithmException
356 * @throws InvalidKeySpecException
357 * @throws IOException
358 */
359 private boolean tryPublicKey(PubkeyBean pubkey) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
360 KeyPair pair = null;
361
362 if (manager.isKeyLoaded(pubkey.getNickname())) {
363 // load this key from memory if its already there
364 Log.d(TAG, String.format("Found unlocked key '%s' already in-memory", pubkey.getNickname()));
365
366 if (pubkey.isConfirmUse()) {
367 if (!promptForPubkeyUse(pubkey.getNickname()))
368 return false;
369 }
370
371 pair = manager.getKey(pubkey.getNickname());
372 }
373 else {
374 // otherwise load key from database and prompt for password as needed
375 String password = null;
376
377 if (pubkey.isEncrypted()) {
378 password = bridge.getPromptHelper().requestPasswordPrompt(null,
379 manager.res.getString(R.string.prompt_pubkey_password, pubkey.getNickname()));
380
381 // Something must have interrupted the prompt.
382 if (password == null)
383 return false;
384 }
385
386 if (PubkeyDatabase.KEY_TYPE_IMPORTED.equals(pubkey.getType())) {
387 // load specific key using pem format
388 pair = PEMDecoder.decode(new String(pubkey.getPrivateKey()).toCharArray(), password);
389 }
390 else {
391 // load using internal generated format
392 PrivateKey privKey;
393
394 try {
395 privKey = PubkeyUtils.decodePrivate(pubkey.getPrivateKey(),
396 pubkey.getType(), password);
397 }
398 catch (Exception e) {
399 String message = String.format("Bad password for key '%s'. Authentication failed.", pubkey.getNickname());
400 Log.e(TAG, message, e);
401 bridge.outputLine(message);
402 return false;
403 }
404
405 PublicKey pubKey = PubkeyUtils.decodePublic(pubkey.getPublicKey(), pubkey.getType());
406 // convert key to trilead format
407 pair = new KeyPair(pubKey, privKey);
408 Log.d(TAG, "Unlocked key " + PubkeyUtils.formatKey(pubKey));
409 }
410
411 Log.d(TAG, String.format("Unlocked key '%s'", pubkey.getNickname()));
412 // save this key in memory
413 manager.addKey(pubkey, pair);
414 }
415
416 return tryPublicKey(host.getUsername(), pubkey.getNickname(), pair);
417 }
418
419
420 private boolean tryPublicKey(String username, String keyNickname, KeyPair pair) throws IOException {
421 //bridge.outputLine(String.format("Attempting 'publickey' with key '%s' [%s]...", keyNickname, trileadKey.toString()));
422 boolean success = connection.authenticateWithPublicKey(username, pair);
423
424 if (!success)
425 bridge.outputLine(manager.res.getString(R.string.terminal_auth_pubkey_fail, keyNickname));
426
427 return success;
428 }
429
430
431 /**
432 * Internal method to request actual PTY terminal once we've finished
433 * authentication. If called before authenticated, it will just fail.
434 */
435 private void finishConnection() {
436 authenticated = true;
437
438 for (PortForwardBean portForward : portForwards) {
439 try {
440 enablePortForward(portForward);
441 bridge.outputLine(manager.res.getString(R.string.terminal_enable_portfoward, portForward.getDescription()));
442 }
443 catch (Exception e) {
444 Log.e(TAG, "Error setting up port forward during connect", e);
445 }
446 }
447
448 if (!host.getWantSession()) {
449 bridge.outputLine(manager.res.getString(R.string.terminal_no_session));
450 bridge.onConnected();
451 return;
452 }
453
454 try {
455 session = connection.openSession();
456
457 if (!useAuthAgent.equals(HostDatabase.AUTHAGENT_NO))
458 session.requestAuthAgentForwarding(this);
459
460 if (host.getWantX11Forward()) {
461 try {
462 session.requestX11Forwarding(host.getX11Host(), host.getX11Port(), null, false);
463 }
464 catch (IOException e2) {
465 Log.e(TAG, "Problem while trying to setup X11 forwarding in finishConnection()", e2);
466 }
467 }
468
469 session.requestPTY(getEmulation(), columns, rows, width, height, null);
470 session.startShell();
471 stdin = session.getStdin();
472 stdout = session.getStdout();
473 stderr = session.getStderr();
474 sessionOpen = true;
475 bridge.onConnected();
476 }
477 catch (IOException e1) {
478 Log.e(TAG, "Problem while trying to create PTY in finishConnection()", e1);
479 }
480 }
481
482
483 @Override
484 public void connect() {
485 connection = new Connection(host.getHostname(), host.getPort());
486 connection.addConnectionMonitor(this);
487
488 try {
489 connection.setCompression(compression);
490 }
491 catch (IOException e) {
492 Log.e(TAG, "Could not enable compression!", e);
493 }
494
495 if (httpproxy != null && httpproxy.length() > 0) {
496 Log.d(TAG, "Want HTTP Proxy: " + httpproxy, null);
497
498 try {
499 URL u;
500
501 if (httpproxy.startsWith("http://")) {
502 u = new URL(httpproxy);
503 }
504 else {
505 u = new URL("http://" + httpproxy);
506 }
507
508 connection.setProxyData(new HTTPProxyData(
509 u.getHost(),
510 u.getPort(),
511 u.getUserInfo(),
512 u.getAuthority()));
513 bridge.outputLine("Connecting via proxy: " + httpproxy);
514 }
515 catch (MalformedURLException e) {
516 Log.e(TAG, "Could not parse proxy " + httpproxy, e);
517 // Display the reason in the text.
518 bridge.outputLine("Bad proxy URL: " + httpproxy);
519 onDisconnect();
520 return;
521 }
522 }
523
524 try {
525 /* Uncomment when debugging SSH protocol:
526 DebugLogger logger = new DebugLogger() {
527
528 public void log(int level, String className, String message) {
529 Log.d("SSH", message);
530 }
531
532 };
533 Logger.enabled = true;
534 Logger.logger = logger;
535 */
536 connectionInfo = connection.connect(new HostKeyVerifier());
537 connected = true;
538
539 if (connectionInfo.clientToServerCryptoAlgorithm
540 .equals(connectionInfo.serverToClientCryptoAlgorithm)
541 && connectionInfo.clientToServerMACAlgorithm
542 .equals(connectionInfo.serverToClientMACAlgorithm)) {
543 bridge.outputLine(manager.res.getString(R.string.terminal_using_algorithm,
544 connectionInfo.clientToServerCryptoAlgorithm,
545 connectionInfo.clientToServerMACAlgorithm));
546 }
547 else {
548 bridge.outputLine(manager.res.getString(
549 R.string.terminal_using_c2s_algorithm,
550 connectionInfo.clientToServerCryptoAlgorithm,
551 connectionInfo.clientToServerMACAlgorithm));
552 bridge.outputLine(manager.res.getString(
553 R.string.terminal_using_s2c_algorithm,
554 connectionInfo.serverToClientCryptoAlgorithm,
555 connectionInfo.serverToClientMACAlgorithm));
556 }
557 }
558 catch (HTTPProxyException e) {
559 Log.e(TAG, "Failed to connect to HTTP Proxy", e);
560 // Display the reason in the text.
561 bridge.outputLine("Failed to connect to HTTP Proxy.");
562 onDisconnect();
563 return;
564 }
565 catch (IOException e) {
566 Log.e(TAG, "Problem in SSH connection thread during authentication", e);
567 // Display the reason in the text.
568 Throwable t = e.getCause();
569 String m = (t == null) ? e.getMessage() : t.getMessage();
570 bridge.outputLine(m);
571 onDisconnect();
572 return;
573 }
574
575 try {
576 // enter a loop to keep trying until authentication
577 int tries = 0;
578
579 while (connected && !connection.isAuthenticationComplete() && tries++ < AUTH_TRIES) {
580 authenticate();
581 // sleep to make sure we dont kill system
582 Thread.sleep(1000);
583 }
584 }
585 catch (Exception e) {
586 Log.e(TAG, "Problem in SSH connection thread during authentication", e);
587 }
588 }
589
590
591 @Override
592 public boolean willBlock() {
593 if (stdout == null) return true;
594
595 try {
596 return stdout.available() == 0;
597 }
598 catch (Exception e) {
599 return true;
600 }
601 }
602
603
604 @Override
605 public int read(byte[] buffer, int start, int len) throws IOException {
606 int bytesRead = 0;
607
608 if (session == null)
609 return 0;
610
611 int newConditions = session.waitForCondition(conditions, 0);
612
613 if ((newConditions & ChannelCondition.STDOUT_DATA) != 0) {
614 bytesRead = stdout.read(buffer, start, len);
615 }
616
617 if ((newConditions & ChannelCondition.STDERR_DATA) != 0) {
618 byte discard[] = new byte[256];
619
620 while (stderr.available() > 0) {
621 stderr.read(discard);
622 }
623 }
624
625 if ((newConditions & ChannelCondition.EOF) != 0) {
626 onDisconnect();
627 throw new IOException("Remote end closed connection");
628 }
629
630 return bytesRead;
631 }
632
633
634 @Override
635 public void write(byte[] buffer) throws IOException {
636 if (stdin != null)
637 stdin.write(buffer);
638 }
639
640
641 @Override
642 public void write(int c) throws IOException {
643 if (stdin != null)
644 stdin.write(c);
645 }
646
647
648 @Override
649 public void flush() throws IOException {
650 if (stdin != null)
651 stdin.flush();
652 }
653
654
655 public void connectionLost(Throwable reason) {
656 onDisconnect();
657 }
658
659
660 private void onDisconnect() {
661 close();
662 bridge.dispatchDisconnect(false);
663 }
664
665
666 @Override
667 public void close() {
668 connected = false;
669
670 if (session != null) {
671 session.close();
672 session = null;
673 }
674
675 if (connection != null) {
676 connection.close();
677 connection = null;
678 }
679 }
680
681
682 @Override
683 public void setDimensions(int columns, int rows, int width, int height) {
684 this.columns = columns;
685 this.rows = rows;
686
687 if (sessionOpen) {
688 try {
689 session.resizePTY(columns, rows, width, height);
690 }
691 catch (IOException e) {
692 Log.e(TAG, "Couldn't send resize PTY packet", e);
693 }
694 }
695 }
696
697
698 @Override
699 public void setOptions(Map<String, String> options) {
700 if (options.containsKey("compression"))
701 compression = Boolean.parseBoolean(options.get("compression"));
702
703 if (options.containsKey("httpproxy"))
704 httpproxy = options.get("httpproxy");
705 }
706
707
708 @Override
709 public Map<String, String> getOptions() {
710 Map<String, String> options = new HashMap<String, String>();
711 options.put("compression", Boolean.toString(compression));
712
713 if (httpproxy != null)
714 options.put("httpproxy", httpproxy);
715
716 return options;
717 }
718
719
720 @Override
721 public void setCompression(boolean compression) {
722 this.compression = compression;
723 }
724
725
726 @Override
727 public void setHttpproxy(String httpproxy) {
728 this.httpproxy = httpproxy;
729 }
730
731
732 @Override
733 public void setUseAuthAgent(String useAuthAgent) {
734 this.useAuthAgent = useAuthAgent;
735 }
736
737 @Override
738 public boolean canForwardPorts() {
739 return true;
740 }
741
742 @Override
743 public List<PortForwardBean> getPortForwards() {
744 return portForwards;
745 }
746
747 @Override
748 public boolean addPortForward(PortForwardBean portForward) {
749 return portForwards.add(portForward);
750 }
751
752 @Override
753 public boolean removePortForward(PortForwardBean portForward) {
754 // Make sure we don't have a phantom forwarder.
755 disablePortForward(portForward);
756 return portForwards.remove(portForward);
757 }
758
759 @Override
760 public boolean enablePortForward(PortForwardBean portForward) {
761 if (!portForwards.contains(portForward)) {
762 Log.e(TAG, "Attempt to enable port forward not in list");
763 return false;
764 }
765
766 if (!authenticated)
767 return false;
768
769 if (HostDatabase.PORTFORWARD_LOCAL.equals(portForward.getType())) {
770 LocalPortForwarder lpf = null;
771
772 try {
773 lpf = connection.createLocalPortForwarder(
774 new InetSocketAddress(InetAddress.getLocalHost(), portForward.getSourcePort()),
775 portForward.getDestAddr(), portForward.getDestPort());
776 }
777 catch (Exception e) {
778 Log.e(TAG, "Could not create local port forward", e);
779 return false;
780 }
781
782 if (lpf == null) {
783 Log.e(TAG, "returned LocalPortForwarder object is null");
784 return false;
785 }
786
787 portForward.setIdentifier(lpf);
788 portForward.setEnabled(true);
789 return true;
790 }
791 else if (HostDatabase.PORTFORWARD_REMOTE.equals(portForward.getType())) {
792 try {
793 connection.requestRemotePortForwarding("", portForward.getSourcePort(), portForward.getDestAddr(), portForward.getDestPort());
794 }
795 catch (Exception e) {
796 Log.e(TAG, "Could not create remote port forward", e);
797 return false;
798 }
799
800 portForward.setEnabled(true);
801 return true;
802 }
803 else if (HostDatabase.PORTFORWARD_DYNAMIC5.equals(portForward.getType())) {
804 DynamicPortForwarder dpf = null;
805
806 try {
807 dpf = connection.createDynamicPortForwarder(
808 new InetSocketAddress(InetAddress.getLocalHost(), portForward.getSourcePort()));
809 }
810 catch (Exception e) {
811 Log.e(TAG, "Could not create dynamic port forward", e);
812 return false;
813 }
814
815 portForward.setIdentifier(dpf);
816 portForward.setEnabled(true);
817 return true;
818 }
819 else {
820 // Unsupported type
821 Log.e(TAG, String.format("attempt to forward unknown type %s", portForward.getType()));
822 return false;
823 }
824 }
825
826 @Override
827 public boolean disablePortForward(PortForwardBean portForward) {
828 if (!portForwards.contains(portForward)) {
829 Log.e(TAG, "Attempt to disable port forward not in list");
830 return false;
831 }
832
833 if (!authenticated)
834 return false;
835
836 if (HostDatabase.PORTFORWARD_LOCAL.equals(portForward.getType())) {
837 LocalPortForwarder lpf = null;
838 lpf = (LocalPortForwarder)portForward.getIdentifier();
839
840 if (!portForward.isEnabled() || lpf == null) {
841 Log.d(TAG, String.format("Could not disable %s; it appears to be not enabled or have no handler", portForward.getNickname()));
842 return false;
843 }
844
845 portForward.setEnabled(false);
846
847 try {
848 lpf.close();
849 }
850 catch (IOException e) {
851 Log.e(TAG, "Could not stop local port forwarder, setting enabled to false", e);
852 return false;
853 }
854
855 return true;
856 }
857 else if (HostDatabase.PORTFORWARD_REMOTE.equals(portForward.getType())) {
858 portForward.setEnabled(false);
859
860 try {
861 connection.cancelRemotePortForwarding(portForward.getSourcePort());
862 }
863 catch (IOException e) {
864 Log.e(TAG, "Could not stop remote port forwarding, setting enabled to false", e);
865 return false;
866 }
867
868 return true;
869 }
870 else if (HostDatabase.PORTFORWARD_DYNAMIC5.equals(portForward.getType())) {
871 DynamicPortForwarder dpf = null;
872 dpf = (DynamicPortForwarder)portForward.getIdentifier();
873
874 if (!portForward.isEnabled() || dpf == null) {
875 Log.d(TAG, String.format("Could not disable %s; it appears to be not enabled or have no handler", portForward.getNickname()));
876 return false;
877 }
878
879 portForward.setEnabled(false);
880
881 try {
882 dpf.close();
883 }
884 catch (IOException e) {
885 Log.e(TAG, "Could not stop dynamic port forwarder, setting enabled to false", e);
886 return false;
887 }
888
889 return true;
890 }
891 else {
892 // Unsupported type
893 Log.e(TAG, String.format("attempt to forward unknown type %s", portForward.getType()));
894 return false;
895 }
896 }
897
898 @Override
899 public boolean canTransferFiles() {
900 return true;
901 }
902
903 @Override
904 public boolean downloadFile(String remoteFile, String localFolder) {
905 try {
906 SCPClient client = new SCPClient(connection);
907
908 if (localFolder == null || localFolder == "")
909 localFolder = Environment.getExternalStorageDirectory().getAbsolutePath();
910
911 File dir = new File(localFolder);
912 dir.mkdirs();
913 client.get(remoteFile, localFolder);
914 return true;
915 }
916 catch (IOException e) {
917 Log.e(TAG, "Could not download remote file", e);
918 return false;
919 }
920 }
921
922 @Override
923 public boolean uploadFile(String localFile, String remoteFile,
924 String remoteFolder, String mode) {
925 try {
926 SCPClient client = new SCPClient(connection);
927
928 if (remoteFolder == null)
929 remoteFolder = "";
930
931 if (remoteFile == null || remoteFile == "")
932 client.put(localFile, remoteFolder, mode);
933 else
934 client.put(localFile, remoteFile, remoteFolder, mode);
935
936 return true;
937 }
938 catch (IOException e) {
939 Log.e(TAG, "Could not upload local file", e);
940 return false;
941 }
942 }
943
944
945 @Override
946 public int getDefaultPort() {
947 return DEFAULT_PORT;
948 }
949
950
951 @Override
952 public boolean isConnected() {
953 return connected;
954 }
955
956
957 @Override
958 public boolean isSessionOpen() {
959 return sessionOpen;
960 }
961
962
963 @Override
964 public boolean isAuthenticated() {
965 return authenticated;
966 }
967
968
969 @Override
970 public String getDefaultNickname(String username, String hostname, int port) {
971 if (port == DEFAULT_PORT) {
972 return String.format(Locale.US, "%s@%s", username, hostname);
973 }
974 else {
975 return String.format(Locale.US, "%s@%s:%d", username, hostname, port);
976 }
977 }
978
979
980 @Override
981 public void getSelectionArgs(Uri uri, Map<String, String> selection) {
982 selection.put(HostDatabase.FIELD_HOST_PROTOCOL, PROTOCOL);
983 selection.put(HostDatabase.FIELD_HOST_NICKNAME, uri.getFragment());
984 selection.put(HostDatabase.FIELD_HOST_HOSTNAME, uri.getHost());
985 int port = uri.getPort();
986
987 if (port < 0)
988 port = DEFAULT_PORT;
989
990 selection.put(HostDatabase.FIELD_HOST_PORT, Integer.toString(port));
991 selection.put(HostDatabase.FIELD_HOST_USERNAME, uri.getUserInfo());
992 }
993
994
995 @Override
996 public HostBean createHost(Uri uri) {
997 HostBean host = new HostBean();
998 host.setProtocol(PROTOCOL);
999 host.setHostname(uri.getHost());
1000 int port = uri.getPort();
1001
1002 if (port < 0)
1003 port = DEFAULT_PORT;
1004
1005 host.setPort(port);
1006 host.setUsername(uri.getUserInfo());
1007 String nickname = uri.getFragment();
1008
1009 if (nickname == null || nickname.length() == 0) {
1010 host.setNickname(getDefaultNickname(host.getUsername(),
1011 host.getHostname(), host.getPort()));
1012 }
1013 else {
1014 host.setNickname(uri.getFragment());
1015 }
1016
1017 return host;
1018 }
1019
1020
1021 public String getFormatHint(Context context) {
1022 return String.format("%s@%s:%s",
1023 context.getString(R.string.format_username),
1024 context.getString(R.string.format_hostname),
1025 context.getString(R.string.format_port));
1026 }
1027
1028
1029 /**
1030 * @return do we use the network
1031 */
1032 @Override
1033 public boolean usesNetwork() {
1034 return true;
1035 }
1036
1037
1038 /**
1039 * Handle challenges from keyboard-interactive authentication mode.
1040 */
1041 public String[] replyToChallenge(String name, String instruction, int numPrompts, String[] prompt, boolean[] echo) {
1042 interactiveCanContinue = true;
1043 String[] responses = new String[numPrompts];
1044
1045 for (int i = 0; i < numPrompts; i++) {
1046 // request response from user for each prompt
1047 responses[i] = bridge.promptHelper.requestPasswordPrompt(instruction, prompt[i]);
1048 }
1049
1050 return responses;
1051 }
1052
1053 public Map<String, byte[]> retrieveIdentities() {
1054 Map<String, byte[]> pubKeys = new HashMap<String, byte[]> (manager.loadedKeypairs.size());
1055
1056 for (Entry<String, KeyHolder> entry : manager.loadedKeypairs.entrySet()) {
1057 KeyPair pair = entry.getValue().pair;
1058
1059 try {
1060 PrivateKey privKey = pair.getPrivate();
1061
1062 if (privKey instanceof RSAPrivateKey) {
1063 RSAPublicKey pubkey = (RSAPublicKey) pair.getPublic();
1064 pubKeys.put(entry.getKey(), RSASHA1Verify.encodeSSHRSAPublicKey(pubkey));
1065 }
1066 else if (privKey instanceof DSAPrivateKey) {
1067 DSAPublicKey pubkey = (DSAPublicKey) pair.getPublic();
1068 pubKeys.put(entry.getKey(), DSASHA1Verify.encodeSSHDSAPublicKey(pubkey));
1069 }
1070 else if (privKey instanceof ECPrivateKey) {
1071 ECPublicKey pubkey = (ECPublicKey) pair.getPublic();
1072 pubKeys.put(entry.getKey(), ECDSASHA2Verify.encodeSSHECDSAPublicKey(pubkey));
1073 }
1074 else
1075 continue;
1076 }
1077 catch (IOException e) {
1078 continue;
1079 }
1080 }
1081
1082 return pubKeys;
1083 }
1084
1085 public KeyPair getKeyPair(byte[] publicKey) {
1086 String nickname = manager.getKeyNickname(publicKey);
1087
1088 if (nickname == null)
1089 return null;
1090
1091 if (useAuthAgent.equals(HostDatabase.AUTHAGENT_NO)) {
1092 Log.e(TAG, "");
1093 return null;
1094 }
1095 else if (useAuthAgent.equals(HostDatabase.AUTHAGENT_CONFIRM) ||
1096 manager.loadedKeypairs.get(nickname).bean.isConfirmUse()) {
1097 if (!promptForPubkeyUse(nickname))
1098 return null;
1099 }
1100
1101 return manager.getKey(nickname);
1102 }
1103
1104 private boolean promptForPubkeyUse(String nickname) {
1105 Boolean result = bridge.promptHelper.requestBooleanPrompt(null,
1106 manager.res.getString(R.string.prompt_allow_agent_to_use_key,
1107 nickname));
1108 return result;
1109 }
1110
1111 public boolean addIdentity(KeyPair pair, String comment, boolean confirmUse, int lifetime) {
1112 PubkeyBean pubkey = new PubkeyBean();
1113 // pubkey.setType(PubkeyDatabase.KEY_TYPE_IMPORTED);
1114 pubkey.setNickname(comment);
1115 pubkey.setConfirmUse(confirmUse);
1116 pubkey.setLifetime(lifetime);
1117 manager.addKey(pubkey, pair);
1118 return true;
1119 }
1120
1121 public boolean removeAllIdentities() {
1122 manager.loadedKeypairs.clear();
1123 return true;
1124 }
1125
1126 public boolean removeIdentity(byte[] publicKey) {
1127 return manager.removeKey(publicKey);
1128 }
1129
1130 public boolean isAgentLocked() {
1131 return agentLockPassphrase != null;
1132 }
1133
1134 public boolean requestAgentUnlock(String unlockPassphrase) {
1135 if (agentLockPassphrase == null)
1136 return false;
1137
1138 if (agentLockPassphrase.equals(unlockPassphrase))
1139 agentLockPassphrase = null;
1140
1141 return agentLockPassphrase == null;
1142 }
1143
1144 public boolean setAgentLock(String lockPassphrase) {
1145 if (agentLockPassphrase != null)
1146 return false;
1147
1148 agentLockPassphrase = lockPassphrase;
1149 return true;
1150 }
1151
1152 }