view src/net/sourceforge/jsocks/server/ServerAuthenticator.java @ 317:cdb3c9215a9b
ganymed
add ecdsa key support everywhere
author
Carl Byington <carl@five-ten-sg.com>
date
Wed, 30 Jul 2014 17:01:21 -0700 (2014-07-31)
parents
0ce5cc452d02
children
205ee2873330
line source
+ − package net.sourceforge.jsocks.server;
+ −
+ − import java.io.IOException;
+ − import java.io.InputStream;
+ − import java.io.OutputStream;
+ − import java.net.DatagramPacket;
+ − import java.net.Socket;
+ −
+ − import net.sourceforge.jsocks.ProxyMessage;
+ − import net.sourceforge.jsocks.UDPEncapsulation;
+ −
+ − /**
+ − Classes implementing this interface should provide socks server with
+ − authentication and authorization of users.
+ − **/
+ − public interface ServerAuthenticator {
+ −
+ − /**
+ − This method is called when a new connection accepted by the server.
+ − <p>
+ − At this point no data have been extracted from the connection. It is
+ − responsibility of this method to ensure that the next byte in the
+ − stream after this method have been called is the first byte of the
+ − socks request message. For SOCKSv4 there is no authentication data and
+ − the first byte in the stream is part of the request. With SOCKSv5 however
+ − there is an authentication data first. It is expected that implementaions
+ − will process this authentication data.
+ − <p>
+ − If authentication was successful an instance of ServerAuthentication
+ − should be returned, it later will be used by the server to perform
+ − authorization and some other things. If authentication fails null should
+ − be returned, or an exception may be thrown.
+ −
+ − @param s Accepted Socket.
+ − @return An instance of ServerAuthenticator to be used for this connection
+ − or null
+ − */
+ − ServerAuthenticator startSession(Socket s) throws IOException;
+ −
+ − /**
+ − This method should return input stream which should be used on the
+ − accepted socket.
+ − <p>
+ − SOCKSv5 allows to have multiple authentication methods, and these methods
+ − might require some kind of transformations being made on the data.
+ − <p>
+ − This method is called on the object returned from the startSession
+ − function.
+ − */
+ − InputStream getInputStream();
+ − /**
+ − This method should return output stream to use to write to the accepted
+ − socket.
+ − <p>
+ − SOCKSv5 allows to have multiple authentication methods, and these methods
+ − might require some kind of transformations being made on the data.
+ − <p>
+ − This method is called on the object returned from the startSession
+ − function.
+ − */
+ − OutputStream getOutputStream();
+ −
+ − /**
+ − This method should return UDPEncapsulation, which should be used
+ − on the datagrams being send in/out.
+ − <p>
+ − If no transformation should be done on the datagrams, this method
+ − should return null.
+ − <p>
+ − This method is called on the object returned from the startSession
+ − function.
+ − */
+ −
+ − UDPEncapsulation getUdpEncapsulation();
+ −
+ − /**
+ − This method is called when a request have been read.
+ − <p>
+ − Implementation should decide wether to grant request or not. Returning
+ − true implies granting the request, false means request should be rejected.
+ − <p>
+ − This method is called on the object returned from the startSession
+ − function.
+ − @param msg Request message.
+ − @return true to grant request, false to reject it.
+ − */
+ − boolean checkRequest(ProxyMessage msg);
+ −
+ − /**
+ − This method is called when datagram is received by the server.
+ − <p>
+ − Implementaions should decide wether it should be forwarded or dropped.
+ − It is expecteed that implementation will use datagram address and port
+ − information to make a decision, as well as anything else. Address and
+ − port of the datagram are always correspond to remote machine. It is
+ − either destination or source address. If out is true address is destination
+ − address, else it is a source address, address of the machine from which
+ − datagram have been received for the client.
+ − <p>
+ − Implementaions should return true if the datagram is to be forwarded, and
+ − false if the datagram should be dropped.
+ − <p>
+ − This method is called on the object returned from the startSession
+ − function.
+ −
+ − @param out If true the datagram is being send out(from the client),
+ − otherwise it is an incoming datagram.
+ − @return True to forward datagram false drop it silently.
+ − */
+ − boolean checkRequest(DatagramPacket dp, boolean out);
+ −
+ − /**
+ − This method is called when session is completed. Either due to normal
+ − termination or due to any error condition.
+ − <p>
+ − This method is called on the object returned from the startSession
+ − function.
+ − */
+ − void endSession();
+ − }