Mercurial > 510Connectbot
annotate src/ch/ethz/ssh2/Connection.java @ 370:f4d595402a2f
debug kex error
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Mon, 04 Aug 2014 11:41:07 -0700 |
| parents | 7a5943a514d5 |
| children | 071a1ff9b6bf |
| rev | line source |
|---|---|
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1 /* |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
2 * Copyright (c) 2006-2011 Christian Plattner. All rights reserved. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
3 * Please refer to the LICENSE.txt for licensing details. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
4 */ |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
5 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
6 package ch.ethz.ssh2; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
7 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
8 import java.io.CharArrayWriter; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
9 import java.io.File; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
10 import java.io.FileReader; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
11 import java.io.IOException; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
12 import java.net.InetSocketAddress; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
13 import java.net.Socket; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
14 import java.net.SocketTimeoutException; |
|
305
d2b303406d63
remove extra override annotations that generate eclipse compiler errors
Carl Byington <carl@five-ten-sg.com>
parents:
302
diff
changeset
|
15 import java.security.KeyPair; |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
16 import java.util.ArrayList; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
17 import java.util.List; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
18 import java.util.Set; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
19 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
20 import ch.ethz.ssh2.auth.AgentProxy; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
21 import ch.ethz.ssh2.auth.AuthenticationManager; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
22 import ch.ethz.ssh2.channel.ChannelManager; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
23 import ch.ethz.ssh2.compression.CompressionFactory; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
24 import ch.ethz.ssh2.crypto.CryptoWishList; |
|
344
b40bc65fa09a
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
339
diff
changeset
|
25 import ch.ethz.ssh2.crypto.SecureRandomFix; |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
26 import ch.ethz.ssh2.crypto.cipher.BlockCipherFactory; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
27 import ch.ethz.ssh2.crypto.digest.MAC; |
| 369 | 28 import ch.ethz.ssh2.log.Logger; |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
29 import ch.ethz.ssh2.packets.PacketIgnore; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
30 import ch.ethz.ssh2.transport.ClientTransportManager; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
31 import ch.ethz.ssh2.transport.HTTPProxyClientTransportManager; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
32 import ch.ethz.ssh2.transport.KexManager; |
|
344
b40bc65fa09a
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
339
diff
changeset
|
33 import ch.ethz.ssh2.util.TimeoutService.TimeoutToken; |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
34 import ch.ethz.ssh2.util.TimeoutService; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
35 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
36 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
37 * A <code>Connection</code> is used to establish an encrypted TCP/IP |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
38 * connection to a SSH-2 server. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
39 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
40 * Typically, one |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
41 * <ol> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
42 * <li>creates a {@link #Connection(String) Connection} object.</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
43 * <li>calls the {@link #connect() connect()} method.</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
44 * <li>calls some of the authentication methods (e.g., {@link #authenticateWithPublicKey(String, File, String) authenticateWithPublicKey()}).</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
45 * <li>calls one or several times the {@link #openSession() openSession()} method.</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
46 * <li>finally, one must close the connection and release resources with the {@link #close() close()} method.</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
47 * </ol> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
48 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
49 * @author Christian Plattner |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
50 * @version $Id: Connection.java 160 2014-05-01 14:30:26Z dkocher@sudo.ch $ |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
51 */ |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
52 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
53 public class Connection { |
| 369 | 54 protected static final Logger log = Logger.getLogger(Connection.class); |
| 55 | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
56 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
57 * The identifier presented to the SSH-2 server. This is the same |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
58 * as the "softwareversion" defined in RFC 4253. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
59 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
60 * <b>NOTE: As per the RFC, the "softwareversion" string MUST consist of printable |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
61 * US-ASCII characters, with the exception of whitespace characters and the minus sign (-).</b> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
62 */ |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
63 private String softwareversion |
| 307 | 64 = String.format("Ganymed_%s", Version.getSpecification()); |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
65 |
| 307 | 66 /* Will be used to generate all random data needed for the current connection. |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
67 * Note: SecureRandom.nextBytes() is thread safe. |
| 307 | 68 */ |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
69 |
|
344
b40bc65fa09a
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
339
diff
changeset
|
70 private SecureRandomFix generator; |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
71 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
72 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
73 * Unless you know what you are doing, you will never need this. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
74 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
75 * @return The list of supported cipher algorithms by this implementation. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
76 */ |
| 307 | 77 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
78 public static synchronized String[] getAvailableCiphers() { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
79 return BlockCipherFactory.getDefaultCipherList(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
80 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
81 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
82 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
83 * Unless you know what you are doing, you will never need this. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
84 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
85 * @return The list of supported MAC algorthims by this implementation. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
86 */ |
| 307 | 87 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
88 public static synchronized String[] getAvailableMACs() { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
89 return MAC.getMacList(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
90 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
91 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
92 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
93 * Unless you know what you are doing, you will never need this. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
94 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
95 * @return The list of supported server host key algorthims by this implementation. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
96 */ |
| 307 | 97 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
98 public static synchronized String[] getAvailableServerHostKeyAlgorithms() { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
99 return KexManager.getDefaultServerHostkeyAlgorithmList(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
100 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
101 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
102 private AuthenticationManager am; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
103 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
104 private boolean authenticated; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
105 private ChannelManager cm; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
106 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
107 private CryptoWishList cryptoWishList |
| 307 | 108 = new CryptoWishList(); |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
109 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
110 private DHGexParameters dhgexpara |
| 307 | 111 = new DHGexParameters(); |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
112 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
113 private final String hostname; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
114 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
115 private final int port; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
116 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
117 private ClientTransportManager tm; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
118 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
119 private boolean tcpNoDelay = false; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
120 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
121 private HTTPProxyData proxy; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
122 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
123 private List<ConnectionMonitor> connectionMonitors |
| 307 | 124 = new ArrayList<ConnectionMonitor>(); |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
125 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
126 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
127 * Prepares a fresh <code>Connection</code> object which can then be used |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
128 * to establish a connection to the specified SSH-2 server. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
129 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
130 * Same as {@link #Connection(String, int) Connection(hostname, 22)}. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
131 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
132 * @param hostname the hostname of the SSH-2 server. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
133 */ |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
134 public Connection(String hostname) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
135 this(hostname, 22); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
136 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
137 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
138 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
139 * Prepares a fresh <code>Connection</code> object which can then be used |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
140 * to establish a connection to the specified SSH-2 server. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
141 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
142 * @param hostname the host where we later want to connect to. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
143 * @param port port on the server, normally 22. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
144 */ |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
145 public Connection(String hostname, int port) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
146 this.hostname = hostname; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
147 this.port = port; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
148 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
149 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
150 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
151 * Prepares a fresh <code>Connection</code> object which can then be used |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
152 * to establish a connection to the specified SSH-2 server. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
153 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
154 * @param hostname the host where we later want to connect to. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
155 * @param port port on the server, normally 22. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
156 * @param softwareversion Allows you to set a custom "softwareversion" string as defined in RFC 4253. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
157 * <b>NOTE: As per the RFC, the "softwareversion" string MUST consist of printable |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
158 * US-ASCII characters, with the exception of whitespace characters and the minus sign (-).</b> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
159 */ |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
160 public Connection(String hostname, int port, String softwareversion) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
161 this.hostname = hostname; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
162 this.port = port; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
163 this.softwareversion = softwareversion; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
164 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
165 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
166 public Connection(String hostname, int port, final HTTPProxyData proxy) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
167 this.hostname = hostname; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
168 this.port = port; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
169 this.proxy = proxy; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
170 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
171 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
172 public Connection(String hostname, int port, String softwareversion, final HTTPProxyData proxy) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
173 this.hostname = hostname; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
174 this.port = port; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
175 this.softwareversion = softwareversion; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
176 this.proxy = proxy; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
177 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
178 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
179 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
180 * After a successful connect, one has to authenticate oneself. This method |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
181 * is based on DSA (it uses DSA to sign a challenge sent by the server). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
182 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
183 * If the authentication phase is complete, <code>true</code> will be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
184 * returned. If the server does not accept the request (or if further |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
185 * authentication steps are needed), <code>false</code> is returned and |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
186 * one can retry either by using this or any other authentication method |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
187 * (use the <code>getRemainingAuthMethods</code> method to get a list of |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
188 * the remaining possible methods). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
189 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
190 * @param user A <code>String</code> holding the username. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
191 * @param pem A <code>String</code> containing the DSA private key of the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
192 * user in OpenSSH key format (PEM, you can't miss the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
193 * "-----BEGIN DSA PRIVATE KEY-----" tag). The string may contain |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
194 * linefeeds. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
195 * @param password If the PEM string is 3DES encrypted ("DES-EDE3-CBC"), then you |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
196 * must specify the password. Otherwise, this argument will be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
197 * ignored and can be set to <code>null</code>. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
198 * @return whether the connection is now authenticated. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
199 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
200 * @deprecated You should use one of the {@link #authenticateWithPublicKey(String, File, String) authenticateWithPublicKey()} |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
201 * methods, this method is just a wrapper for it and will |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
202 * disappear in future builds. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
203 */ |
|
305
d2b303406d63
remove extra override annotations that generate eclipse compiler errors
Carl Byington <carl@five-ten-sg.com>
parents:
302
diff
changeset
|
204 @Deprecated |
| 307 | 205 |
| 206 public synchronized boolean authenticateWithDSA(String user, String pem, String password) throws IOException { | |
| 207 if (tm == null) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
208 throw new IllegalStateException("Connection is not established!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
209 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
210 |
| 307 | 211 if (authenticated) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
212 throw new IllegalStateException("Connection is already authenticated!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
213 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
214 |
| 307 | 215 if (am == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
216 am = new AuthenticationManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
217 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
218 |
| 307 | 219 if (cm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
220 cm = new ChannelManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
221 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
222 |
| 307 | 223 if (user == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
224 throw new IllegalArgumentException("user argument is null"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
225 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
226 |
| 307 | 227 if (pem == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
228 throw new IllegalArgumentException("pem argument is null"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
229 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
230 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
231 authenticated = am.authenticatePublicKey(user, pem.toCharArray(), password, getOrCreateSecureRND()); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
232 return authenticated; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
233 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
234 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
235 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
236 * A wrapper that calls {@link #authenticateWithKeyboardInteractive(String, String[], InteractiveCallback) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
237 * authenticateWithKeyboardInteractivewith} a <code>null</code> submethod list. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
238 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
239 * @param user A <code>String</code> holding the username. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
240 * @param cb An <code>InteractiveCallback</code> which will be used to |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
241 * determine the responses to the questions asked by the server. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
242 * @return whether the connection is now authenticated. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
243 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
244 */ |
| 307 | 245 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
246 public synchronized boolean authenticateWithKeyboardInteractive(String user, InteractiveCallback cb) |
| 307 | 247 throws IOException { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
248 return authenticateWithKeyboardInteractive(user, null, cb); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
249 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
250 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
251 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
252 * After a successful connect, one has to authenticate oneself. This method |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
253 * is based on "keyboard-interactive", specified in |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
254 * draft-ietf-secsh-auth-kbdinteract-XX. Basically, you have to define a |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
255 * callback object which will be feeded with challenges generated by the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
256 * server. Answers are then sent back to the server. It is possible that the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
257 * callback will be called several times during the invocation of this |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
258 * method (e.g., if the server replies to the callback's answer(s) with |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
259 * another challenge...) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
260 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
261 * If the authentication phase is complete, <code>true</code> will be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
262 * returned. If the server does not accept the request (or if further |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
263 * authentication steps are needed), <code>false</code> is returned and |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
264 * one can retry either by using this or any other authentication method |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
265 * (use the <code>getRemainingAuthMethods</code> method to get a list of |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
266 * the remaining possible methods). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
267 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
268 * Note: some SSH servers advertise "keyboard-interactive", however, any |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
269 * interactive request will be denied (without having sent any challenge to |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
270 * the client). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
271 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
272 * @param user A <code>String</code> holding the username. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
273 * @param submethods An array of submethod names, see |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
274 * draft-ietf-secsh-auth-kbdinteract-XX. May be <code>null</code> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
275 * to indicate an empty list. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
276 * @param cb An <code>InteractiveCallback</code> which will be used to |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
277 * determine the responses to the questions asked by the server. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
278 * @return whether the connection is now authenticated. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
279 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
280 */ |
| 307 | 281 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
282 public synchronized boolean authenticateWithKeyboardInteractive(String user, String[] submethods, |
| 307 | 283 InteractiveCallback cb) throws IOException { |
| 284 if (cb == null) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
285 throw new IllegalArgumentException("Callback may not ne NULL!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
286 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
287 |
| 307 | 288 if (tm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
289 throw new IllegalStateException("Connection is not established!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
290 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
291 |
| 307 | 292 if (authenticated) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
293 throw new IllegalStateException("Connection is already authenticated!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
294 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
295 |
| 307 | 296 if (am == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
297 am = new AuthenticationManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
298 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
299 |
| 307 | 300 if (cm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
301 cm = new ChannelManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
302 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
303 |
| 307 | 304 if (user == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
305 throw new IllegalArgumentException("user argument is null"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
306 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
307 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
308 authenticated = am.authenticateInteractive(user, submethods, cb); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
309 return authenticated; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
310 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
311 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
312 public synchronized boolean authenticateWithAgent(String user, AgentProxy proxy) throws IOException { |
| 307 | 313 if (tm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
314 throw new IllegalStateException("Connection is not established!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
315 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
316 |
| 307 | 317 if (authenticated) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
318 throw new IllegalStateException("Connection is already authenticated!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
319 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
320 |
| 307 | 321 if (am == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
322 am = new AuthenticationManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
323 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
324 |
| 307 | 325 if (cm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
326 cm = new ChannelManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
327 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
328 |
| 307 | 329 if (user == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
330 throw new IllegalArgumentException("user argument is null"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
331 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
332 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
333 authenticated = am.authenticatePublicKey(user, proxy); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
334 return authenticated; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
335 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
336 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
337 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
338 * After a successful connect, one has to authenticate oneself. This method |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
339 * sends username and password to the server. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
340 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
341 * If the authentication phase is complete, <code>true</code> will be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
342 * returned. If the server does not accept the request (or if further |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
343 * authentication steps are needed), <code>false</code> is returned and |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
344 * one can retry either by using this or any other authentication method |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
345 * (use the <code>getRemainingAuthMethods</code> method to get a list of |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
346 * the remaining possible methods). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
347 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
348 * Note: if this method fails, then please double-check that it is actually |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
349 * offered by the server (use {@link #getRemainingAuthMethods(String) getRemainingAuthMethods()}. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
350 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
351 * Often, password authentication is disabled, but users are not aware of it. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
352 * Many servers only offer "publickey" and "keyboard-interactive". However, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
353 * even though "keyboard-interactive" *feels* like password authentication |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
354 * (e.g., when using the putty or openssh clients) it is *not* the same mechanism. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
355 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
356 * @param user |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
357 * @param password |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
358 * @return if the connection is now authenticated. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
359 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
360 */ |
| 307 | 361 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
362 public synchronized boolean authenticateWithPassword(String user, String password) throws IOException { |
| 307 | 363 if (tm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
364 throw new IllegalStateException("Connection is not established!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
365 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
366 |
| 307 | 367 if (authenticated) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
368 throw new IllegalStateException("Connection is already authenticated!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
369 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
370 |
| 307 | 371 if (am == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
372 am = new AuthenticationManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
373 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
374 |
| 307 | 375 if (cm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
376 cm = new ChannelManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
377 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
378 |
| 307 | 379 if (user == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
380 throw new IllegalArgumentException("user argument is null"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
381 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
382 |
| 307 | 383 if (password == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
384 throw new IllegalArgumentException("password argument is null"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
385 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
386 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
387 authenticated = am.authenticatePassword(user, password); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
388 return authenticated; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
389 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
390 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
391 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
392 * After a successful connect, one has to authenticate oneself. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
393 * This method can be used to explicitly use the special "none" |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
394 * authentication method (where only a username has to be specified). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
395 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
396 * Note 1: The "none" method may always be tried by clients, however as by |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
397 * the specs, the server will not explicitly announce it. In other words, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
398 * the "none" token will never show up in the list returned by |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
399 * {@link #getRemainingAuthMethods(String)}. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
400 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
401 * Note 2: no matter which one of the authenticateWithXXX() methods |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
402 * you call, the library will always issue exactly one initial "none" |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
403 * authentication request to retrieve the initially allowed list of |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
404 * authentication methods by the server. Please read RFC 4252 for the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
405 * details. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
406 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
407 * If the authentication phase is complete, <code>true</code> will be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
408 * returned. If further authentication steps are needed, <code>false</code> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
409 * is returned and one can retry by any other authentication method |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
410 * (use the <code>getRemainingAuthMethods</code> method to get a list of |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
411 * the remaining possible methods). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
412 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
413 * @param user |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
414 * @return if the connection is now authenticated. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
415 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
416 */ |
| 307 | 417 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
418 public synchronized boolean authenticateWithNone(String user) throws IOException { |
| 307 | 419 if (tm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
420 throw new IllegalStateException("Connection is not established!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
421 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
422 |
| 307 | 423 if (authenticated) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
424 throw new IllegalStateException("Connection is already authenticated!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
425 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
426 |
| 307 | 427 if (am == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
428 am = new AuthenticationManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
429 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
430 |
| 307 | 431 if (cm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
432 cm = new ChannelManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
433 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
434 |
| 307 | 435 if (user == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
436 throw new IllegalArgumentException("user argument is null"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
437 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
438 |
| 307 | 439 /* Trigger the sending of the PacketUserauthRequestNone packet */ |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
440 /* (if not already done) */ |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
441 authenticated = am.authenticateNone(user); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
442 return authenticated; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
443 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
444 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
445 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
446 * After a successful connect, one has to authenticate oneself. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
447 * The authentication method "publickey" works by signing a challenge |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
448 * sent by the server. The signature is either DSA or RSA based - it |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
449 * just depends on the type of private key you specify, either a DSA |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
450 * or RSA private key in PEM format. And yes, this is may seem to be a |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
451 * little confusing, the method is called "publickey" in the SSH-2 protocol |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
452 * specification, however since we need to generate a signature, you |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
453 * actually have to supply a private key =). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
454 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
455 * The private key contained in the PEM file may also be encrypted ("Proc-Type: 4,ENCRYPTED"). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
456 * The library supports DES-CBC and DES-EDE3-CBC encryption, as well |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
457 * as the more exotic PEM encrpytions AES-128-CBC, AES-192-CBC and AES-256-CBC. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
458 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
459 * If the authentication phase is complete, <code>true</code> will be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
460 * returned. If the server does not accept the request (or if further |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
461 * authentication steps are needed), <code>false</code> is returned and |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
462 * one can retry either by using this or any other authentication method |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
463 * (use the <code>getRemainingAuthMethods</code> method to get a list of |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
464 * the remaining possible methods). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
465 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
466 * NOTE PUTTY USERS: Event though your key file may start with "-----BEGIN..." |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
467 * it is not in the expected format. You have to convert it to the OpenSSH |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
468 * key format by using the "puttygen" tool (can be downloaded from the Putty |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
469 * website). Simply load your key and then use the "Conversions/Export OpenSSH key" |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
470 * functionality to get a proper PEM file. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
471 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
472 * @param user A <code>String</code> holding the username. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
473 * @param pemPrivateKey A <code>char[]</code> containing a DSA or RSA private key of the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
474 * user in OpenSSH key format (PEM, you can't miss the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
475 * "-----BEGIN DSA PRIVATE KEY-----" or "-----BEGIN RSA PRIVATE KEY-----" |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
476 * tag). The char array may contain linebreaks/linefeeds. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
477 * @param password If the PEM structure is encrypted ("Proc-Type: 4,ENCRYPTED") then |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
478 * you must specify a password. Otherwise, this argument will be ignored |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
479 * and can be set to <code>null</code>. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
480 * @return whether the connection is now authenticated. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
481 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
482 */ |
| 307 | 483 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
484 public synchronized boolean authenticateWithPublicKey(String user, char[] pemPrivateKey, String password) |
| 307 | 485 throws IOException { |
| 486 if (tm == null) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
487 throw new IllegalStateException("Connection is not established!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
488 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
489 |
| 307 | 490 if (authenticated) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
491 throw new IllegalStateException("Connection is already authenticated!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
492 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
493 |
| 307 | 494 if (am == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
495 am = new AuthenticationManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
496 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
497 |
| 307 | 498 if (cm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
499 cm = new ChannelManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
500 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
501 |
| 307 | 502 if (user == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
503 throw new IllegalArgumentException("user argument is null"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
504 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
505 |
| 307 | 506 if (pemPrivateKey == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
507 throw new IllegalArgumentException("pemPrivateKey argument is null"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
508 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
509 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
510 authenticated = am.authenticatePublicKey(user, pemPrivateKey, password, getOrCreateSecureRND()); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
511 return authenticated; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
512 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
513 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
514 /** |
|
285
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
515 * After a successful connect, one has to authenticate oneself. The |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
516 * authentication method "publickey" works by signing a challenge sent by |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
517 * the server. The signature is either DSA or RSA based - it just depends on |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
518 * the type of private key you specify, either a DSA or RSA private key in |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
519 * PEM format. And yes, this is may seem to be a little confusing, the |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
520 * method is called "publickey" in the SSH-2 protocol specification, however |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
521 * since we need to generate a signature, you actually have to supply a |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
522 * private key =). |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
523 * <p> |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
524 * If the authentication phase is complete, <code>true</code> will be |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
525 * returned. If the server does not accept the request (or if further |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
526 * authentication steps are needed), <code>false</code> is returned and |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
527 * one can retry either by using this or any other authentication method |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
528 * (use the <code>getRemainingAuthMethods</code> method to get a list of |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
529 * the remaining possible methods). |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
530 * |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
531 * @param user |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
532 * A <code>String</code> holding the username. |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
533 * @param pair |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
534 * A <code>RSAPrivateKey</code> or <code>DSAPrivateKey</code> |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
535 * containing a DSA or RSA private key of |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
536 * the user in Trilead object format. |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
537 * |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
538 * @return whether the connection is now authenticated. |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
539 * @throws IOException |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
540 */ |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
541 |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
542 public synchronized boolean authenticateWithPublicKey(String user, KeyPair pair) |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
543 throws IOException { |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
544 if (tm == null) |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
545 throw new IllegalStateException("Connection is not established!"); |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
546 |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
547 if (authenticated) |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
548 throw new IllegalStateException("Connection is already authenticated!"); |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
549 |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
550 if (am == null) |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
551 am = new AuthenticationManager(tm); |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
552 |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
553 if (cm == null) |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
554 cm = new ChannelManager(tm); |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
555 |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
556 if (user == null) |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
557 throw new IllegalArgumentException("user argument is null"); |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
558 |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
559 if (pair == null) |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
560 throw new IllegalArgumentException("Key pair argument is null"); |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
561 |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
562 authenticated = am.authenticatePublicKey(user, pair, getOrCreateSecureRND()); |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
563 return authenticated; |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
564 } |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
565 |
|
486df527ddc5
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
273
diff
changeset
|
566 /** |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
567 * A convenience wrapper function which reads in a private key (PEM format, either DSA or RSA) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
568 * and then calls <code>authenticateWithPublicKey(String, char[], String)</code>. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
569 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
570 * NOTE PUTTY USERS: Event though your key file may start with "-----BEGIN..." |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
571 * it is not in the expected format. You have to convert it to the OpenSSH |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
572 * key format by using the "puttygen" tool (can be downloaded from the Putty |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
573 * website). Simply load your key and then use the "Conversions/Export OpenSSH key" |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
574 * functionality to get a proper PEM file. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
575 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
576 * @param user A <code>String</code> holding the username. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
577 * @param pemFile A <code>File</code> object pointing to a file containing a DSA or RSA |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
578 * private key of the user in OpenSSH key format (PEM, you can't miss the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
579 * "-----BEGIN DSA PRIVATE KEY-----" or "-----BEGIN RSA PRIVATE KEY-----" |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
580 * tag). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
581 * @param password If the PEM file is encrypted then you must specify the password. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
582 * Otherwise, this argument will be ignored and can be set to <code>null</code>. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
583 * @return whether the connection is now authenticated. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
584 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
585 */ |
| 307 | 586 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
587 public synchronized boolean authenticateWithPublicKey(String user, File pemFile, String password) |
| 307 | 588 throws IOException { |
| 589 if (pemFile == null) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
590 throw new IllegalArgumentException("pemFile argument is null"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
591 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
592 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
593 char[] buff = new char[256]; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
594 CharArrayWriter cw = new CharArrayWriter(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
595 FileReader fr = new FileReader(pemFile); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
596 |
| 307 | 597 while (true) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
598 int len = fr.read(buff); |
| 307 | 599 |
| 600 if (len < 0) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
601 break; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
602 } |
| 307 | 603 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
604 cw.write(buff, 0, len); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
605 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
606 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
607 fr.close(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
608 return authenticateWithPublicKey(user, cw.toCharArray(), password); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
609 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
610 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
611 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
612 * Add a {@link ConnectionMonitor} to this connection. Can be invoked at any time, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
613 * but it is best to add connection monitors before invoking |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
614 * <code>connect()</code> to avoid glitches (e.g., you add a connection monitor after |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
615 * a successful connect(), but the connection has died in the mean time. Then, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
616 * your connection monitor won't be notified.) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
617 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
618 * You can add as many monitors as you like. If a monitor has already been added, then |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
619 * this method does nothing. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
620 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
621 * @param cmon An object implementing the {@link ConnectionMonitor} interface. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
622 * @see ConnectionMonitor |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
623 */ |
| 307 | 624 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
625 public synchronized void addConnectionMonitor(ConnectionMonitor cmon) { |
| 307 | 626 if (!connectionMonitors.contains(cmon)) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
627 connectionMonitors.add(cmon); |
| 307 | 628 |
| 629 if (tm != null) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
630 tm.setConnectionMonitors(connectionMonitors); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
631 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
632 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
633 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
634 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
635 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
636 * Remove a {@link ConnectionMonitor} from this connection. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
637 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
638 * @param cmon |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
639 * @return whether the monitor could be removed |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
640 */ |
| 307 | 641 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
642 public synchronized boolean removeConnectionMonitor(ConnectionMonitor cmon) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
643 boolean existed = connectionMonitors.remove(cmon); |
| 307 | 644 |
| 645 if (tm != null) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
646 tm.setConnectionMonitors(connectionMonitors); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
647 } |
| 307 | 648 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
649 return existed; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
650 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
651 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
652 /** |
|
287
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
653 * Controls whether compression is used on the link or not. |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
654 * <p> |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
655 * Note: This can only be called before connect() |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
656 * @param enabled whether to enable compression |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
657 * @throws IOException |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
658 */ |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
659 |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
660 public synchronized void setCompression(boolean enabled) throws IOException { |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
661 if (tm != null) |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
662 throw new IOException("Connection to " + hostname + " is already in connected state!"); |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
663 |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
664 if (enabled) enableCompression(); |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
665 else disableCompression(); |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
666 } |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
667 |
|
db9b028016de
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
285
diff
changeset
|
668 /** |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
669 * Close the connection to the SSH-2 server. All assigned sessions will be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
670 * closed, too. Can be called at any time. Don't forget to call this once |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
671 * you don't need a connection anymore - otherwise the receiver thread may |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
672 * run forever. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
673 */ |
| 307 | 674 |
|
365
145ec135804f
remove synchronized from close methods, since they may be called indirectly from connect()
Carl Byington <carl@five-ten-sg.com>
parents:
344
diff
changeset
|
675 public void close() { |
| 369 | 676 log.debug("Connection.close()"); |
|
319
776a220dbcc6
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
317
diff
changeset
|
677 Throwable t = new Throwable("Closed due to user request."); |
|
776a220dbcc6
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
317
diff
changeset
|
678 close(t, false); |
|
776a220dbcc6
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
317
diff
changeset
|
679 } |
|
776a220dbcc6
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
317
diff
changeset
|
680 |
|
365
145ec135804f
remove synchronized from close methods, since they may be called indirectly from connect()
Carl Byington <carl@five-ten-sg.com>
parents:
344
diff
changeset
|
681 public void close(Throwable t, boolean hard) { |
| 369 | 682 log.debug("Connection.close(%s hard=%b)", t.getMessage(), hard); |
| 307 | 683 if (cm != null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
684 cm.closeAllChannels(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
685 } |
| 307 | 686 |
| 687 if (tm != null) { | |
|
319
776a220dbcc6
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
317
diff
changeset
|
688 tm.close(t, hard == false); |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
689 tm = null; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
690 } |
| 307 | 691 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
692 am = null; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
693 cm = null; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
694 authenticated = false; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
695 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
696 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
697 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
698 * Same as {@link #connect(ServerHostKeyVerifier, int, int) connect(null, 0, 0)}. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
699 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
700 * @return see comments for the {@link #connect(ServerHostKeyVerifier, int, int) connect(ServerHostKeyVerifier, int, int)} method. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
701 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
702 */ |
| 307 | 703 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
704 public synchronized ConnectionInfo connect() throws IOException { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
705 return connect(null, 0, 0); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
706 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
707 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
708 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
709 * Same as {@link #connect(ServerHostKeyVerifier, int, int) connect(verifier, 0, 0)}. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
710 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
711 * @return see comments for the {@link #connect(ServerHostKeyVerifier, int, int) connect(ServerHostKeyVerifier, int, int)} method. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
712 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
713 */ |
| 307 | 714 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
715 public synchronized ConnectionInfo connect(ServerHostKeyVerifier verifier) throws IOException { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
716 return connect(verifier, 0, 0); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
717 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
718 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
719 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
720 * Connect to the SSH-2 server and, as soon as the server has presented its |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
721 * host key, use the {@link ServerHostKeyVerifier#verifyServerHostKey(String, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
722 * int, String, byte[]) ServerHostKeyVerifier.verifyServerHostKey()} |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
723 * method of the <code>verifier</code> to ask for permission to proceed. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
724 * If <code>verifier</code> is <code>null</code>, then any host key will be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
725 * accepted - this is NOT recommended, since it makes man-in-the-middle attackes |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
726 * VERY easy (somebody could put a proxy SSH server between you and the real server). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
727 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
728 * Note: The verifier will be called before doing any crypto calculations |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
729 * (i.e., diffie-hellman). Therefore, if you don't like the presented host key then |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
730 * no CPU cycles are wasted (and the evil server has less information about us). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
731 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
732 * However, it is still possible that the server presented a fake host key: the server |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
733 * cheated (typically a sign for a man-in-the-middle attack) and is not able to generate |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
734 * a signature that matches its host key. Don't worry, the library will detect such |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
735 * a scenario later when checking the signature (the signature cannot be checked before |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
736 * having completed the diffie-hellman exchange). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
737 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
738 * Note 2: The {@link ServerHostKeyVerifier#verifyServerHostKey(String, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
739 * int, String, byte[]) ServerHostKeyVerifier.verifyServerHostKey()} method |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
740 * will *NOT* be called from the current thread, the call is being made from a |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
741 * background thread (there is a background dispatcher thread for every |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
742 * established connection). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
743 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
744 * Note 3: This method will block as long as the key exchange of the underlying connection |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
745 * has not been completed (and you have not specified any timeouts). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
746 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
747 * Note 4: If you want to re-use a connection object that was successfully connected, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
748 * then you must call the {@link #close()} method before invoking <code>connect()</code> again. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
749 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
750 * @param verifier An object that implements the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
751 * {@link ServerHostKeyVerifier} interface. Pass <code>null</code> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
752 * to accept any server host key - NOT recommended. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
753 * @param connectTimeout Connect the underlying TCP socket to the server with the given timeout |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
754 * value (non-negative, in milliseconds). Zero means no timeout. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
755 * @param kexTimeout Timeout for complete connection establishment (non-negative, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
756 * in milliseconds). Zero means no timeout. The timeout counts from the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
757 * moment you invoke the connect() method and is cancelled as soon as the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
758 * first key-exchange round has finished. It is possible that |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
759 * the timeout event will be fired during the invocation of the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
760 * <code>verifier</code> callback, but it will only have an effect after |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
761 * the <code>verifier</code> returns. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
762 * @return A {@link ConnectionInfo} object containing the details of |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
763 * the established connection. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
764 * @throws IOException If any problem occurs, e.g., the server's host key is not |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
765 * accepted by the <code>verifier</code> or there is problem during |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
766 * the initial crypto setup (e.g., the signature sent by the server is wrong). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
767 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
768 * In case of a timeout (either connectTimeout or kexTimeout) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
769 * a SocketTimeoutException is thrown. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
770 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
771 * An exception may also be thrown if the connection was already successfully |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
772 * connected (no matter if the connection broke in the mean time) and you invoke |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
773 * <code>connect()</code> again without having called {@link #close()} first. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
774 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
775 * If a HTTP proxy is being used and the proxy refuses the connection, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
776 * then a {@link HTTPProxyException} may be thrown, which |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
777 * contains the details returned by the proxy. If the proxy is buggy and does |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
778 * not return a proper HTTP response, then a normal IOException is thrown instead. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
779 */ |
| 307 | 780 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
781 public synchronized ConnectionInfo connect(ServerHostKeyVerifier verifier, int connectTimeout, int kexTimeout) |
| 307 | 782 throws IOException { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
783 final class TimeoutState { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
784 boolean isCancelled = false; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
785 boolean timeoutSocketClosed = false; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
786 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
787 |
| 307 | 788 if (tm != null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
789 throw new IllegalStateException(String.format("Connection to %s is already in connected state", hostname)); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
790 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
791 |
| 307 | 792 if (connectTimeout < 0) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
793 throw new IllegalArgumentException("connectTimeout must be non-negative!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
794 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
795 |
| 307 | 796 if (kexTimeout < 0) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
797 throw new IllegalArgumentException("kexTimeout must be non-negative!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
798 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
799 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
800 final TimeoutState state = new TimeoutState(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
801 |
| 307 | 802 if (null == proxy) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
803 tm = new ClientTransportManager(new Socket()); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
804 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
805 else { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
806 tm = new HTTPProxyClientTransportManager(new Socket(), proxy); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
807 } |
| 307 | 808 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
809 tm.setSoTimeout(connectTimeout); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
810 tm.setTcpNoDelay(tcpNoDelay); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
811 tm.setConnectionMonitors(connectionMonitors); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
812 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
813 try { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
814 TimeoutToken token = null; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
815 |
| 307 | 816 if (kexTimeout > 0) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
817 final Runnable timeoutHandler = new Runnable() { |
| 307 | 818 public void run() { |
| 819 synchronized (state) { | |
| 820 if (state.isCancelled) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
821 return; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
822 } |
| 307 | 823 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
824 state.timeoutSocketClosed = true; |
|
319
776a220dbcc6
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
317
diff
changeset
|
825 tm.close(new SocketTimeoutException("The connect timeout expired"), false); |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
826 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
827 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
828 }; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
829 long timeoutHorizont = System.currentTimeMillis() + kexTimeout; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
830 token = TimeoutService.addTimeoutHandler(timeoutHorizont, timeoutHandler); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
831 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
832 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
833 tm.connect(hostname, port, softwareversion, cryptoWishList, verifier, dhgexpara, connectTimeout, |
| 307 | 834 getOrCreateSecureRND()); |
| 835 /* Wait until first KEX has finished */ | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
836 ConnectionInfo ci = tm.getConnectionInfo(1); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
837 |
| 307 | 838 /* Now try to cancel the timeout, if needed */ |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
839 |
| 307 | 840 if (token != null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
841 TimeoutService.cancelTimeoutHandler(token); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
842 |
| 307 | 843 /* Were we too late? */ |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
844 |
| 307 | 845 synchronized (state) { |
| 846 if (state.timeoutSocketClosed) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
847 throw new IOException("This exception will be replaced by the one below =)"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
848 } |
| 307 | 849 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
850 /* Just in case the "cancelTimeoutHandler" invocation came just a little bit |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
851 * too late but the handler did not enter the semaphore yet - we can |
| 307 | 852 * still stop it. |
| 853 */ | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
854 state.isCancelled = true; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
855 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
856 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
857 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
858 return ci; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
859 } |
| 307 | 860 catch (SocketTimeoutException e) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
861 throw e; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
862 } |
| 307 | 863 catch (HTTPProxyException e) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
864 throw e; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
865 } |
| 307 | 866 catch (IOException e) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
867 // This will also invoke any registered connection monitors |
|
320
5afb8c1a54b9
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
319
diff
changeset
|
868 close(e, false); |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
869 |
| 307 | 870 synchronized (state) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
871 /* Show a clean exception, not something like "the socket is closed!?!" */ |
| 307 | 872 if (state.timeoutSocketClosed) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
873 throw new SocketTimeoutException(String.format("The kexTimeout (%d ms) expired.", kexTimeout)); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
874 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
875 } |
| 307 | 876 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
877 throw e; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
878 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
879 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
880 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
881 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
882 * Creates a new {@link LocalPortForwarder}. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
883 * A <code>LocalPortForwarder</code> forwards TCP/IP connections that arrive at a local |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
884 * port via the secure tunnel to another host (which may or may not be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
885 * identical to the remote SSH-2 server). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
886 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
887 * This method must only be called after one has passed successfully the authentication step. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
888 * There is no limit on the number of concurrent forwardings. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
889 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
890 * @param local_port the local port the LocalPortForwarder shall bind to. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
891 * @param host_to_connect target address (IP or hostname) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
892 * @param port_to_connect target port |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
893 * @return A {@link LocalPortForwarder} object. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
894 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
895 */ |
| 307 | 896 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
897 public synchronized LocalPortForwarder createLocalPortForwarder(int local_port, String host_to_connect, |
| 307 | 898 int port_to_connect) throws IOException { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
899 this.checkConnection(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
900 return new LocalPortForwarder(cm, local_port, host_to_connect, port_to_connect); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
901 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
902 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
903 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
904 * Creates a new {@link LocalPortForwarder}. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
905 * A <code>LocalPortForwarder</code> forwards TCP/IP connections that arrive at a local |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
906 * port via the secure tunnel to another host (which may or may not be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
907 * identical to the remote SSH-2 server). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
908 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
909 * This method must only be called after one has passed successfully the authentication step. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
910 * There is no limit on the number of concurrent forwardings. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
911 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
912 * @param addr specifies the InetSocketAddress where the local socket shall be bound to. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
913 * @param host_to_connect target address (IP or hostname) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
914 * @param port_to_connect target port |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
915 * @return A {@link LocalPortForwarder} object. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
916 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
917 */ |
| 307 | 918 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
919 public synchronized LocalPortForwarder createLocalPortForwarder(InetSocketAddress addr, String host_to_connect, |
| 307 | 920 int port_to_connect) throws IOException { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
921 this.checkConnection(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
922 return new LocalPortForwarder(cm, addr, host_to_connect, port_to_connect); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
923 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
924 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
925 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
926 * Creates a new {@link LocalStreamForwarder}. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
927 * A <code>LocalStreamForwarder</code> manages an Input/Outputstream pair |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
928 * that is being forwarded via the secure tunnel into a TCP/IP connection to another host |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
929 * (which may or may not be identical to the remote SSH-2 server). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
930 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
931 * @param host_to_connect |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
932 * @param port_to_connect |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
933 * @return A {@link LocalStreamForwarder} object. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
934 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
935 */ |
| 307 | 936 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
937 public synchronized LocalStreamForwarder createLocalStreamForwarder(String host_to_connect, int port_to_connect) |
| 307 | 938 throws IOException { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
939 this.checkConnection(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
940 return new LocalStreamForwarder(cm, host_to_connect, port_to_connect); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
941 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
942 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
943 /** |
|
290
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
944 * Creates a new {@link DynamicPortForwarder}. A |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
945 * <code>DynamicPortForwarder</code> forwards TCP/IP connections that arrive |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
946 * at a local port via the secure tunnel to another host that is chosen via |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
947 * the SOCKS protocol. |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
948 * <p> |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
949 * This method must only be called after one has passed successfully the |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
950 * authentication step. There is no limit on the number of concurrent |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
951 * forwardings. |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
952 * |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
953 * @param local_port |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
954 * @return A {@link DynamicPortForwarder} object. |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
955 * @throws IOException |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
956 */ |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
957 |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
958 public synchronized DynamicPortForwarder createDynamicPortForwarder(int local_port) throws IOException { |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
959 if (tm == null) |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
960 throw new IllegalStateException("Cannot forward ports, you need to establish a connection first."); |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
961 |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
962 if (!authenticated) |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
963 throw new IllegalStateException("Cannot forward ports, connection is not authenticated."); |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
964 |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
965 return new DynamicPortForwarder(cm, local_port); |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
966 } |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
967 |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
968 /** |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
969 * Creates a new {@link DynamicPortForwarder}. A |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
970 * <code>DynamicPortForwarder</code> forwards TCP/IP connections that arrive |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
971 * at a local port via the secure tunnel to another host that is chosen via |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
972 * the SOCKS protocol. |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
973 * <p> |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
974 * This method must only be called after one has passed successfully the |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
975 * authentication step. There is no limit on the number of concurrent |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
976 * forwardings. |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
977 * |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
978 * @param addr |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
979 * specifies the InetSocketAddress where the local socket shall |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
980 * be bound to. |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
981 * @return A {@link DynamicPortForwarder} object. |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
982 * @throws IOException |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
983 */ |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
984 |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
985 public synchronized DynamicPortForwarder createDynamicPortForwarder(InetSocketAddress addr) throws IOException { |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
986 if (tm == null) |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
987 throw new IllegalStateException("Cannot forward ports, you need to establish a connection first."); |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
988 |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
989 if (!authenticated) |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
990 throw new IllegalStateException("Cannot forward ports, connection is not authenticated."); |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
991 |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
992 return new DynamicPortForwarder(cm, addr); |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
993 } |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
994 |
|
9ae4ed7bb523
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
289
diff
changeset
|
995 /** |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
996 * Create a very basic {@link SCPClient} that can be used to copy |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
997 * files from/to the SSH-2 server. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
998 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
999 * Works only after one has passed successfully the authentication step. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1000 * There is no limit on the number of concurrent SCP clients. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1001 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1002 * Note: This factory method will probably disappear in the future. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1003 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1004 * @return A {@link SCPClient} object. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1005 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1006 */ |
| 307 | 1007 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1008 public synchronized SCPClient createSCPClient() throws IOException { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1009 this.checkConnection(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1010 return new SCPClient(this); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1011 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1012 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1013 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1014 * Force an asynchronous key re-exchange (the call does not block). The |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1015 * latest values set for MAC, Cipher and DH group exchange parameters will |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1016 * be used. If a key exchange is currently in progress, then this method has |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1017 * the only effect that the so far specified parameters will be used for the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1018 * next (server driven) key exchange. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1019 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1020 * Note: This implementation will never start a key exchange (other than the initial one) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1021 * unless you or the SSH-2 server ask for it. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1022 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1023 * @throws IOException In case of any failure behind the scenes. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1024 */ |
| 307 | 1025 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1026 public synchronized void forceKeyExchange() throws IOException { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1027 this.checkConnection(); |
|
302
beaccc9df37b
add ecdsa key support everywhere
Carl Byington <carl@five-ten-sg.com>
parents:
290
diff
changeset
|
1028 tm.forceKeyExchange(cryptoWishList, dhgexpara, null, null, null); |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1029 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1030 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1031 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1032 * Returns the hostname that was passed to the constructor. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1033 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1034 * @return the hostname |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1035 */ |
| 307 | 1036 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1037 public synchronized String getHostname() { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1038 return hostname; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1039 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1040 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1041 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1042 * Returns the port that was passed to the constructor. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1043 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1044 * @return the TCP port |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1045 */ |
| 307 | 1046 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1047 public synchronized int getPort() { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1048 return port; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1049 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1050 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1051 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1052 * Returns a {@link ConnectionInfo} object containing the details of |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1053 * the connection. Can be called as soon as the connection has been |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1054 * established (successfully connected). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1055 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1056 * @return A {@link ConnectionInfo} object. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1057 * @throws IOException In case of any failure behind the scenes. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1058 */ |
| 307 | 1059 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1060 public synchronized ConnectionInfo getConnectionInfo() throws IOException { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1061 this.checkConnection(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1062 return tm.getConnectionInfo(1); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1063 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1064 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1065 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1066 * After a successful connect, one has to authenticate oneself. This method |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1067 * can be used to tell which authentication methods are supported by the |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1068 * server at a certain stage of the authentication process (for the given |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1069 * username). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1070 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1071 * Note 1: the username will only be used if no authentication step was done |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1072 * so far (it will be used to ask the server for a list of possible |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1073 * authentication methods by sending the initial "none" request). Otherwise, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1074 * this method ignores the user name and returns a cached method list |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1075 * (which is based on the information contained in the last negative server response). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1076 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1077 * Note 2: the server may return method names that are not supported by this |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1078 * implementation. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1079 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1080 * After a successful authentication, this method must not be called |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1081 * anymore. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1082 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1083 * @param user A <code>String</code> holding the username. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1084 * @return a (possibly emtpy) array holding authentication method names. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1085 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1086 */ |
| 307 | 1087 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1088 public synchronized String[] getRemainingAuthMethods(String user) throws IOException { |
| 307 | 1089 if (user == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1090 throw new IllegalArgumentException("user argument may not be NULL!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1091 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1092 |
| 307 | 1093 if (tm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1094 throw new IllegalStateException("Connection is not established!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1095 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1096 |
| 307 | 1097 if (authenticated) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1098 throw new IllegalStateException("Connection is already authenticated!"); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1099 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1100 |
| 307 | 1101 if (am == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1102 am = new AuthenticationManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1103 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1104 |
| 307 | 1105 if (cm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1106 cm = new ChannelManager(tm); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1107 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1108 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1109 final Set<String> remainingMethods = am.getRemainingMethods(user); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1110 return remainingMethods.toArray(new String[remainingMethods.size()]); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1111 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1112 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1113 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1114 * Determines if the authentication phase is complete. Can be called at any |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1115 * time. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1116 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1117 * @return <code>true</code> if no further authentication steps are |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1118 * needed. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1119 */ |
| 307 | 1120 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1121 public synchronized boolean isAuthenticationComplete() { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1122 return authenticated; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1123 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1124 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1125 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1126 * Returns true if there was at least one failed authentication request and |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1127 * the last failed authentication request was marked with "partial success" |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1128 * by the server. This is only needed in the rare case of SSH-2 server setups |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1129 * that cannot be satisfied with a single successful authentication request |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1130 * (i.e., multiple authentication steps are needed.) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1131 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1132 * If you are interested in the details, then have a look at RFC4252. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1133 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1134 * @return if the there was a failed authentication step and the last one |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1135 * was marked as a "partial success". |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1136 */ |
| 307 | 1137 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1138 public synchronized boolean isAuthenticationPartialSuccess() { |
| 307 | 1139 if (am == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1140 return false; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1141 } |
| 307 | 1142 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1143 return am.getPartialSuccess(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1144 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1145 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1146 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1147 * Checks if a specified authentication method is available. This method is |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1148 * actually just a wrapper for {@link #getRemainingAuthMethods(String) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1149 * getRemainingAuthMethods()}. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1150 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1151 * @param user A <code>String</code> holding the username. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1152 * @param method An authentication method name (e.g., "publickey", "password", |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1153 * "keyboard-interactive") as specified by the SSH-2 standard. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1154 * @return if the specified authentication method is currently available. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1155 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1156 */ |
| 307 | 1157 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1158 public synchronized boolean isAuthMethodAvailable(String user, String method) throws IOException { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1159 String methods[] = getRemainingAuthMethods(user); |
| 307 | 1160 |
| 1161 for (final String m : methods) { | |
| 1162 if (m.compareTo(method) == 0) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1163 return true; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1164 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1165 } |
| 307 | 1166 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1167 return false; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1168 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1169 |
|
344
b40bc65fa09a
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
339
diff
changeset
|
1170 private SecureRandomFix getOrCreateSecureRND() { |
| 307 | 1171 if (generator == null) { |
|
344
b40bc65fa09a
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
339
diff
changeset
|
1172 generator = new SecureRandomFix(); |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1173 } |
| 307 | 1174 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1175 return generator; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1176 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1177 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1178 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1179 * Open a new {@link Session} on this connection. Works only after one has passed |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1180 * successfully the authentication step. There is no limit on the number of |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1181 * concurrent sessions. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1182 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1183 * @return A {@link Session} object. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1184 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1185 */ |
| 307 | 1186 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1187 public synchronized Session openSession() throws IOException { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1188 this.checkConnection(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1189 return new Session(cm, getOrCreateSecureRND()); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1190 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1191 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1192 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1193 * Send an SSH_MSG_IGNORE packet. This method will generate a random data attribute |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1194 * (length between 0 (invlusive) and 16 (exclusive) bytes, contents are random bytes). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1195 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1196 * This method must only be called once the connection is established. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1197 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1198 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1199 */ |
| 307 | 1200 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1201 public synchronized void sendIgnorePacket() throws IOException { |
|
344
b40bc65fa09a
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
339
diff
changeset
|
1202 SecureRandomFix rnd = getOrCreateSecureRND(); |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1203 byte[] data = new byte[rnd.nextInt(16)]; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1204 rnd.nextBytes(data); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1205 sendIgnorePacket(data); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1206 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1207 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1208 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1209 * Send an SSH_MSG_IGNORE packet with the given data attribute. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1210 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1211 * This method must only be called once the connection is established. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1212 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1213 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1214 */ |
| 307 | 1215 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1216 public synchronized void sendIgnorePacket(byte[] data) throws IOException { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1217 this.checkConnection(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1218 PacketIgnore pi = new PacketIgnore(data); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1219 tm.sendMessage(pi.getPayload()); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1220 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1221 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1222 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1223 * Controls whether compression is used on the link or not. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1224 */ |
| 307 | 1225 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1226 public synchronized void setCompression(String[] algorithms) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1227 CompressionFactory.checkCompressorList(algorithms); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1228 cryptoWishList.c2s_comp_algos = algorithms; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1229 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1230 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1231 public synchronized void enableCompression() { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1232 cryptoWishList.c2s_comp_algos = CompressionFactory.getDefaultCompressorList(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1233 cryptoWishList.s2c_comp_algos = CompressionFactory.getDefaultCompressorList(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1234 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1235 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1236 public synchronized void disableCompression() { |
| 307 | 1237 cryptoWishList.c2s_comp_algos = new String[] {"none"}; |
| 1238 cryptoWishList.s2c_comp_algos = new String[] {"none"}; | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1239 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1240 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1241 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1242 * Unless you know what you are doing, you will never need this. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1243 */ |
| 307 | 1244 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1245 public synchronized void setClient2ServerCiphers(final String[] ciphers) { |
| 307 | 1246 if ((ciphers == null) || (ciphers.length == 0)) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1247 throw new IllegalArgumentException(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1248 } |
| 307 | 1249 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1250 BlockCipherFactory.checkCipherList(ciphers); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1251 cryptoWishList.c2s_enc_algos = ciphers; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1252 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1253 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1254 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1255 * Unless you know what you are doing, you will never need this. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1256 */ |
| 307 | 1257 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1258 public synchronized void setClient2ServerMACs(final String[] macs) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1259 MAC.checkMacList(macs); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1260 cryptoWishList.c2s_mac_algos = macs; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1261 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1262 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1263 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1264 * Sets the parameters for the diffie-hellman group exchange. Unless you |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1265 * know what you are doing, you will never need this. Default values are |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1266 * defined in the {@link DHGexParameters} class. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1267 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1268 * @param dgp {@link DHGexParameters}, non null. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1269 */ |
| 307 | 1270 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1271 public synchronized void setDHGexParameters(DHGexParameters dgp) { |
| 307 | 1272 if (dgp == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1273 throw new IllegalArgumentException(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1274 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1275 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1276 dhgexpara = dgp; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1277 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1278 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1279 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1280 * Unless you know what you are doing, you will never need this. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1281 */ |
| 307 | 1282 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1283 public synchronized void setServer2ClientCiphers(final String[] ciphers) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1284 BlockCipherFactory.checkCipherList(ciphers); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1285 cryptoWishList.s2c_enc_algos = ciphers; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1286 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1287 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1288 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1289 * Unless you know what you are doing, you will never need this. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1290 */ |
| 307 | 1291 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1292 public synchronized void setServer2ClientMACs(final String[] macs) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1293 MAC.checkMacList(macs); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1294 cryptoWishList.s2c_mac_algos = macs; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1295 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1296 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1297 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1298 * Define the set of allowed server host key algorithms to be used for |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1299 * the following key exchange operations. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1300 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1301 * Unless you know what you are doing, you will never need this. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1302 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1303 * @param algos An array of allowed server host key algorithms. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1304 * SSH-2 defines <code>ssh-dss</code> and <code>ssh-rsa</code>. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1305 * The entries of the array must be ordered after preference, i.e., |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1306 * the entry at index 0 is the most preferred one. You must specify |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1307 * at least one entry. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1308 */ |
| 307 | 1309 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1310 public synchronized void setServerHostKeyAlgorithms(final String[] algos) { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1311 KexManager.checkServerHostkeyAlgorithmsList(algos); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1312 cryptoWishList.serverHostKeyAlgorithms = algos; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1313 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1314 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1315 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1316 * Enable/disable TCP_NODELAY (disable/enable Nagle's algorithm) on the underlying socket. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1317 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1318 * Can be called at any time. If the connection has not yet been established |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1319 * then the passed value will be stored and set after the socket has been set up. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1320 * The default value that will be used is <code>false</code>. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1321 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1322 * @param enable the argument passed to the <code>Socket.setTCPNoDelay()</code> method. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1323 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1324 */ |
| 307 | 1325 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1326 public synchronized void setTCPNoDelay(boolean enable) throws IOException { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1327 tcpNoDelay = enable; |
| 307 | 1328 |
| 1329 if (tm != null) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1330 tm.setTcpNoDelay(enable); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1331 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1332 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1333 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1334 /** |
|
289
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1335 * Used to tell the library that the connection shall be established through |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1336 * a proxy server. It only makes sense to call this method before calling |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1337 * the {@link #connect() connect()} method. |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1338 * <p> |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1339 * At the moment, only HTTP proxies are supported. |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1340 * <p> |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1341 * Note: This method can be called any number of times. The |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1342 * {@link #connect() connect()} method will use the value set in the last |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1343 * preceding invocation of this method. |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1344 * |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1345 * @see HTTPProxyData |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1346 * |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1347 * @param proxy |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1348 * Connection information about the proxy. If <code>null</code>, |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1349 * then no proxy will be used (non surprisingly, this is also the |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1350 * default). |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1351 */ |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1352 |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1353 public synchronized void setProxyData(HTTPProxyData proxy) { |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1354 this.proxy = proxy; |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1355 } |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1356 |
|
d2ee20d9dff1
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
287
diff
changeset
|
1357 /** |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1358 * Request a remote port forwarding. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1359 * If successful, then forwarded connections will be redirected to the given target address. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1360 * You can cancle a requested remote port forwarding by calling |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1361 * {@link #cancelRemotePortForwarding(int) cancelRemotePortForwarding()}. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1362 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1363 * A call of this method will block until the peer either agreed or disagreed to your request- |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1364 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1365 * Note 1: this method typically fails if you |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1366 * <ul> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1367 * <li>pass a port number for which the used remote user has not enough permissions (i.e., port |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1368 * < 1024)</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1369 * <li>or pass a port number that is already in use on the remote server</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1370 * <li>or if remote port forwarding is disabled on the server.</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1371 * </ul> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1372 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1373 * Note 2: (from the openssh man page): By default, the listening socket on the server will be |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1374 * bound to the loopback interface only. This may be overriden by specifying a bind address. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1375 * Specifying a remote bind address will only succeed if the server's <b>GatewayPorts</b> option |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1376 * is enabled (see sshd_config(5)). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1377 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1378 * @param bindAddress address to bind to on the server: |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1379 * <ul> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1380 * <li>"" means that connections are to be accepted on all protocol families |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1381 * supported by the SSH implementation</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1382 * <li>"0.0.0.0" means to listen on all IPv4 addresses</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1383 * <li>"::" means to listen on all IPv6 addresses</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1384 * <li>"localhost" means to listen on all protocol families supported by the SSH |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1385 * implementation on loopback addresses only, [RFC3330] and RFC3513]</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1386 * <li>"127.0.0.1" and "::1" indicate listening on the loopback interfaces for |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1387 * IPv4 and IPv6 respectively</li> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1388 * </ul> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1389 * @param bindPort port number to bind on the server (must be > 0) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1390 * @param targetAddress the target address (IP or hostname) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1391 * @param targetPort the target port |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1392 * @throws IOException |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1393 */ |
| 307 | 1394 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1395 public synchronized void requestRemotePortForwarding(String bindAddress, int bindPort, String targetAddress, |
| 307 | 1396 int targetPort) throws IOException { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1397 this.checkConnection(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1398 |
| 307 | 1399 if ((bindAddress == null) || (targetAddress == null) || (bindPort <= 0) || (targetPort <= 0)) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1400 throw new IllegalArgumentException(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1401 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1402 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1403 cm.requestGlobalForward(bindAddress, bindPort, targetAddress, targetPort); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1404 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1405 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1406 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1407 * Cancel an earlier requested remote port forwarding. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1408 * Currently active forwardings will not be affected (e.g., disrupted). |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1409 * Note that further connection forwarding requests may be received until |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1410 * this method has returned. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1411 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1412 * @param bindPort the allocated port number on the server |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1413 * @throws IOException if the remote side refuses the cancel request or another low |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1414 * level error occurs (e.g., the underlying connection is closed) |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1415 */ |
| 307 | 1416 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1417 public synchronized void cancelRemotePortForwarding(int bindPort) throws IOException { |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1418 this.checkConnection(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1419 cm.requestCancelGlobalForward(bindPort); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1420 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1421 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1422 /** |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1423 * Provide your own instance of SecureRandom. Can be used, e.g., if you |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1424 * want to seed the used SecureRandom generator manually. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1425 * <p/> |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1426 * The SecureRandom instance is used during key exchanges, public key authentication, |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1427 * x11 cookie generation and the like. |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1428 * |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1429 * @param rnd a SecureRandom instance |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1430 */ |
| 307 | 1431 |
|
344
b40bc65fa09a
compensate for SecureRandom bug on older devices
Carl Byington <carl@five-ten-sg.com>
parents:
339
diff
changeset
|
1432 public synchronized void setSecureRandom(SecureRandomFix rnd) { |
| 307 | 1433 if (rnd == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1434 throw new IllegalArgumentException(); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1435 } |
| 307 | 1436 |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1437 this.generator = rnd; |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1438 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1439 |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1440 private void checkConnection() throws IllegalStateException { |
| 307 | 1441 if (tm == null) { |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1442 throw new IllegalStateException("You need to establish a connection first."); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1443 } |
| 307 | 1444 |
| 1445 if (!authenticated) { | |
|
273
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1446 throw new IllegalStateException("The connection is not authenticated."); |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1447 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1448 } |
|
91a31873c42a
start conversion from trilead to ganymed
Carl Byington <carl@five-ten-sg.com>
parents:
diff
changeset
|
1449 } |