view app/src/main/java/net/sourceforge/jsocks/server/ServerAuthenticator.java @ 479:3a83f40439d7

only bind to the MonitorService for localhost monitor connections
author Carl Byington <carl@five-ten-sg.com>
date Mon, 28 Oct 2019 13:49:01 -0700
parents d29cce60f393
children
line wrap: on
line source

package net.sourceforge.jsocks.server;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.net.DatagramPacket;
import net.sourceforge.jsocks.ProxyMessage;
import net.sourceforge.jsocks.UDPEncapsulation;

/**
 Classes implementing this interface should provide socks server with
 authentication and authorization of users.
**/
public interface ServerAuthenticator{

   /**
     This method is called when a new connection accepted by the server.
     <p>
     At this point no data have been extracted from the connection. It is
     responsibility of this method to ensure that the next byte in the
     stream after this method have been called is the first byte of the
     socks request message. For SOCKSv4 there is no authentication data and
     the first byte in the stream is part of the request. With SOCKSv5 however
     there is an authentication data first. It is expected that implementaions
     will process this authentication data. 
     <p>
     If authentication was successful an instance of ServerAuthentication
     should be returned, it later will be used by the server to perform
     authorization and some other things. If authentication fails null should
     be returned, or an exception may be thrown.

     @param s Accepted Socket.
     @return An instance of ServerAuthenticator to be used for this connection
     or null
   */
   ServerAuthenticator startSession(Socket s) throws IOException;

   /**
    This method should return input stream which should be used on the
    accepted socket.
    <p>
    SOCKSv5 allows to have multiple authentication methods, and these methods
    might require some kind of transformations being made on the data.
    <p>
    This method is called on the object returned from the startSession
    function.
   */
   InputStream getInputStream();
   /**
    This method should return output stream to use to write to the accepted
    socket.
    <p>
    SOCKSv5 allows to have multiple authentication methods, and these methods
    might require some kind of transformations being made on the data.
    <p>
    This method is called on the object returned from the startSession
    function.
   */
   OutputStream getOutputStream();

   /**
    This method should return UDPEncapsulation, which should be used
    on the datagrams being send in/out.
    <p>
    If no transformation should be done on the datagrams, this method
    should return null.
    <p>
    This method is called on the object returned from the startSession
    function.
   */

   UDPEncapsulation getUdpEncapsulation();

   /**
    This method is called when a request have been read.
    <p>
    Implementation should decide wether to grant request or not. Returning
    true implies granting the request, false means request should be rejected.
    <p>
    This method is called on the object returned from the startSession
    function.
    @param msg Request message.
    @return true to grant request, false to reject it.
   */
   boolean checkRequest(ProxyMessage msg);

   /**
    This method is called when datagram is received by the server.
    <p>
    Implementaions should decide wether it should be forwarded or dropped.
    It is expecteed that implementation will use datagram address and port
    information to make a decision, as well as anything else. Address and
    port of the datagram are always correspond to remote machine. It is
    either destination or source address. If out is true address is destination
    address, else it is a source address, address of the machine from which
    datagram have been received for the client.
    <p>
    Implementaions should return true if the datagram is to be forwarded, and
    false if the datagram should be dropped.
    <p>
    This method is called on the object returned from the startSession
    function.

    @param out If true the datagram is being send out(from the client),
               otherwise it is an incoming datagram.
    @return True to forward datagram false drop it silently.
   */
   boolean checkRequest(DatagramPacket dp, boolean out);

   /**
    This method is called when session is completed. Either due to normal
    termination or due to any error condition.
    <p>
    This method is called on the object returned from the startSession
    function.
   */
   void endSession();
}