diff src/net/sourceforge/jsocks/server/ServerAuthenticator.java @ 0:0ce5cc452d02

initial version
author Carl Byington <carl@five-ten-sg.com>
date Thu, 22 May 2014 10:41:19 -0700 (2014-05-22)
parents
children 205ee2873330
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/net/sourceforge/jsocks/server/ServerAuthenticator.java	Thu May 22 10:41:19 2014 -0700
@@ -0,0 +1,120 @@
+package net.sourceforge.jsocks.server;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.DatagramPacket;
+import java.net.Socket;
+
+import net.sourceforge.jsocks.ProxyMessage;
+import net.sourceforge.jsocks.UDPEncapsulation;
+
+/**
+ Classes implementing this interface should provide socks server with
+ authentication and authorization of users.
+**/
+public interface ServerAuthenticator {
+
+    /**
+      This method is called when a new connection accepted by the server.
+      <p>
+      At this point no data have been extracted from the connection. It is
+      responsibility of this method to ensure that the next byte in the
+      stream after this method have been called is the first byte of the
+      socks request message. For SOCKSv4 there is no authentication data and
+      the first byte in the stream is part of the request. With SOCKSv5 however
+      there is an authentication data first. It is expected that implementaions
+      will process this authentication data.
+      <p>
+      If authentication was successful an instance of ServerAuthentication
+      should be returned, it later will be used by the server to perform
+      authorization and some other things. If authentication fails null should
+      be returned, or an exception may be thrown.
+
+      @param s Accepted Socket.
+      @return An instance of ServerAuthenticator to be used for this connection
+      or null
+    */
+    ServerAuthenticator startSession(Socket s) throws IOException;
+
+    /**
+     This method should return input stream which should be used on the
+     accepted socket.
+     <p>
+     SOCKSv5 allows to have multiple authentication methods, and these methods
+     might require some kind of transformations being made on the data.
+     <p>
+     This method is called on the object returned from the startSession
+     function.
+    */
+    InputStream getInputStream();
+    /**
+     This method should return output stream to use to write to the accepted
+     socket.
+     <p>
+     SOCKSv5 allows to have multiple authentication methods, and these methods
+     might require some kind of transformations being made on the data.
+     <p>
+     This method is called on the object returned from the startSession
+     function.
+    */
+    OutputStream getOutputStream();
+
+    /**
+     This method should return UDPEncapsulation, which should be used
+     on the datagrams being send in/out.
+     <p>
+     If no transformation should be done on the datagrams, this method
+     should return null.
+     <p>
+     This method is called on the object returned from the startSession
+     function.
+    */
+
+    UDPEncapsulation getUdpEncapsulation();
+
+    /**
+     This method is called when a request have been read.
+     <p>
+     Implementation should decide wether to grant request or not. Returning
+     true implies granting the request, false means request should be rejected.
+     <p>
+     This method is called on the object returned from the startSession
+     function.
+     @param msg Request message.
+     @return true to grant request, false to reject it.
+    */
+    boolean checkRequest(ProxyMessage msg);
+
+    /**
+     This method is called when datagram is received by the server.
+     <p>
+     Implementaions should decide wether it should be forwarded or dropped.
+     It is expecteed that implementation will use datagram address and port
+     information to make a decision, as well as anything else. Address and
+     port of the datagram are always correspond to remote machine. It is
+     either destination or source address. If out is true address is destination
+     address, else it is a source address, address of the machine from which
+     datagram have been received for the client.
+     <p>
+     Implementaions should return true if the datagram is to be forwarded, and
+     false if the datagram should be dropped.
+     <p>
+     This method is called on the object returned from the startSession
+     function.
+
+     @param out If true the datagram is being send out(from the client),
+                otherwise it is an incoming datagram.
+     @return True to forward datagram false drop it silently.
+    */
+    boolean checkRequest(DatagramPacket dp, boolean out);
+
+    /**
+     This method is called when session is completed. Either due to normal
+     termination or due to any error condition.
+     <p>
+     This method is called on the object returned from the startSession
+     function.
+    */
+    void endSession();
+}