Mirrors/sshj
1
0
Fork 0
mirror of https://github.com/hierynomus/sshj.git synced 2025-12-06 07:10:53 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into master

Browse Source
This commit is contained in:
Jeroen van Erp
2017-01-23 22:54:15 +01:00
committed by GitHub
parent 66d4b34eba 0b397bc3d7
commit fd60139b98
54 changed files with 512 additions and 212 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
README.adoc
View File

@@ -66,8 +66,13 @@ ciphers::
SSHJ also supports the following extended (non official) ciphers: `camellia{128,192,256}-{cbc,ctr}`, `camellia{128,192,256}-{cbc,ctr}@openssh.org`
key exchange::
`diffie-hellman-group1-sha1`, `diffie-hellman-group14-sha1`, `diffie-hellman-group-exchange-sha1`, `diffie-hellman-group-exchange-sha256`,
`diffie-hellman-group1-sha1`, `diffie-hellman-group14-sha1`,
`diffie-hellman-group14-sha256`, `diffie-hellman-group15-sha512`, `diffie-hellman-group16-sha512`, `diffie-hellman-group17-sha512`, `diffie-hellman-group18-sha512`
`diffie-hellman-group-exchange-sha1`, `diffie-hellman-group-exchange-sha256`,
`ecdh-sha2-nistp256`, `ecdh-sha2-nistp384`, `ecdh-sha2-nistp521`, `curve25519-sha256@libssh.org`
SSHJ also supports the following extended (non official) key exchange algoriths:
`diffie-hellman-group14-sha256@ssh.com`, `diffie-hellman-group15-sha256`, `diffie-hellman-group15-sha256@ssh.com`, `diffie-hellman-group15-sha384@ssh.com`,
`diffie-hellman-group16-sha256`, `diffie-hellman-group16-sha384@ssh.com`, `diffie-hellman-group16-sha512@ssh.com`, `diffie-hellman-group18-sha512@ssh.com`
signatures::
`ssh-rsa`, `ssh-dss`, `ecdsa-sha2-nistp256`, `ssh-ed25519`

2
build.gradle
View File

@@ -37,7 +37,7 @@ dependencies {
testCompile "junit:junit:4.11"
testCompile 'org.spockframework:spock-core:1.0-groovy-2.4'
testCompile "org.mockito:mockito-core:1.9.5"
testCompile "org.apache.sshd:sshd-core:1.1.0"
testCompile "org.apache.sshd:sshd-core:1.2.0"
testRuntime "ch.qos.logback:logback-classic:1.1.2"
testCompile 'org.glassfish.grizzly:grizzly-http-server:2.3.17'
testCompile 'org.apache.httpcomponents:httpclient:4.5.2'

3
examples/src/main/java/net/schmizz/sshj/examples/KeepAlive.java
View File

@@ -3,14 +3,11 @@ package net.schmizz.sshj.examples;
import net.schmizz.keepalive.KeepAliveProvider;
import net.schmizz.sshj.DefaultConfig;
import net.schmizz.sshj.SSHClient;
import net.schmizz.sshj.common.IOUtils;
import net.schmizz.sshj.connection.channel.direct.Session;
import net.schmizz.sshj.connection.channel.direct.Session.Command;
import net.schmizz.sshj.transport.verification.PromiscuousVerifier;
import java.io.IOException;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
/** This examples demonstrates how to setup keep-alive to detect connection dropping. */
public class KeepAlive {

7
src/main/java/com/hierynomus/sshj/transport/IdentificationStringParser.java
View File

@@ -62,8 +62,11 @@ public class IdentificationStringParser {
}
}
private void logHeaderLine(Buffer.PlainBuffer lineBuffer) {
private void logHeaderLine(Buffer.PlainBuffer lineBuffer) throws Buffer.BufferException {
byte[] bytes = new byte[lineBuffer.available()];
lineBuffer.readRawBytes(bytes);
String header = new String(bytes, 0, bytes.length - 1);
log.debug("Received header: {}", header);
}
private String readIdentification(Buffer.PlainBuffer lineBuffer) throws Buffer.BufferException, TransportException {

1
src/main/java/com/hierynomus/sshj/transport/cipher/BlockCiphers.java
View File

@@ -28,6 +28,7 @@ import net.schmizz.sshj.transport.cipher.Cipher;
*
* Some of the Ciphers are still implemented in net.schmizz.sshj.transport.cipher.*. These are scheduled to be migrated to here.
*/
@SuppressWarnings("PMD.MethodNamingConventions")
public class BlockCiphers {
public static final String COUNTER_MODE = "CTR";

1
src/main/java/com/hierynomus/sshj/transport/cipher/ExtendedBlockCiphers.java
View File

@@ -25,6 +25,7 @@ import static com.hierynomus.sshj.transport.cipher.BlockCiphers.COUNTER_MODE;
*
* - http://tools.ietf.org/id/draft-kanno-secsh-camellia-01.txt
*/
@SuppressWarnings("PMD.MethodNamingConventions")
public class ExtendedBlockCiphers {
public static BlockCiphers.Factory Camellia128CTR() {
return new BlockCiphers.Factory(16, 128, "camellia128-ctr", "Camellia", COUNTER_MODE);

1
src/main/java/com/hierynomus/sshj/transport/cipher/StreamCipher.java
View File

@@ -19,7 +19,6 @@ import net.schmizz.sshj.transport.cipher.BaseCipher;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.SecureRandom;
public class StreamCipher extends BaseCipher {

1
src/main/java/com/hierynomus/sshj/transport/cipher/StreamCiphers.java
View File

@@ -23,6 +23,7 @@ import net.schmizz.sshj.transport.cipher.Cipher;
* - https://tools.ietf.org/html/rfc4253#section-6.3
* - https://tools.ietf.org/html/rfc4345
*/
@SuppressWarnings("PMD.MethodNamingConventions")
public class StreamCiphers {
public static Factory Arcfour() {

44
src/main/java/com/hierynomus/sshj/transport/kex/DHG.java Normal file
View File

@@ -0,0 +1,44 @@
/*
* Copyright (C)2009 - SSHJ Contributors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.hierynomus.sshj.transport.kex;
import net.schmizz.sshj.transport.digest.Digest;
import net.schmizz.sshj.transport.kex.AbstractDHG;
import net.schmizz.sshj.transport.kex.DH;
import net.schmizz.sshj.transport.kex.DHBase;
import javax.crypto.spec.DHParameterSpec;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
/**
*
*/
public class DHG extends AbstractDHG {
private BigInteger group;
private BigInteger generator;
public DHG(BigInteger group, BigInteger generator, Digest digest) {
super(new DH(), digest);
this.group = group;
this.generator = generator;
}
@Override
protected void initDH(DHBase dh) throws GeneralSecurityException {
dh.init(new DHParameterSpec(group, generator), trans.getConfig().getRandomFactory());
}
}

93
src/main/java/com/hierynomus/sshj/transport/kex/DHGroups.java Normal file
View File

@@ -0,0 +1,93 @@
/*
* Copyright (C)2009 - SSHJ Contributors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.hierynomus.sshj.transport.kex;
import net.schmizz.sshj.transport.digest.*;
import net.schmizz.sshj.transport.kex.KeyExchange;
import java.math.BigInteger;
import static net.schmizz.sshj.transport.kex.DHGroupData.*;
import static net.schmizz.sshj.transport.kex.DHGroupData.P16;
import static net.schmizz.sshj.transport.kex.DHGroupData.P18;
/**
* Factory methods for Diffie Hellmann KEX algorithms based on MODP groups / Oakley Groups
*
* - https://tools.ietf.org/html/rfc4253
* - https://tools.ietf.org/html/draft-ietf-curdle-ssh-modp-dh-sha2-01
*/
@SuppressWarnings("PMD.MethodNamingConventions")
public class DHGroups {
public static DHGroups.Factory Group1SHA1() {
return new DHGroups.Factory("diffie-hellman-group1-sha1", P1, G, new SHA1.Factory());
}
public static DHGroups.Factory Group14SHA1() {
return new DHGroups.Factory("diffie-hellman-group14-sha1", P14, G, new SHA1.Factory());
}
public static DHGroups.Factory Group14SHA256() {
return new DHGroups.Factory("diffie-hellman-group14-sha256", P14, G, new SHA256.Factory());
}
public static DHGroups.Factory Group15SHA512() {
return new DHGroups.Factory("diffie-hellman-group15-sha512", P15, G, new SHA512.Factory());
}
public static DHGroups.Factory Group16SHA512() {
return new DHGroups.Factory("diffie-hellman-group16-sha512", P16, G, new SHA512.Factory());
}
public static DHGroups.Factory Group17SHA512() {
return new DHGroups.Factory("diffie-hellman-group17-sha512", P17, G, new SHA512.Factory());
}
public static DHGroups.Factory Group18SHA512() {
return new DHGroups.Factory("diffie-hellman-group18-sha512", P18, G, new SHA512.Factory());
}
/**
* Named factory for DHG1 key exchange
*/
public static class Factory
implements net.schmizz.sshj.common.Factory.Named<KeyExchange> {
private String name;
private BigInteger group;
private BigInteger generator;
private Factory.Named<Digest> digestFactory;
public Factory(String name, BigInteger group, BigInteger generator, Named<Digest> digestFactory) {
this.name = name;
this.group = group;
this.generator = generator;
this.digestFactory = digestFactory;
}
@Override
public KeyExchange create() {
return new DHG(group, generator, digestFactory.create());
}
@Override
public String getName() {
return name;
}
}
}

60
src/main/java/com/hierynomus/sshj/transport/kex/ExtendedDHGroups.java Normal file
View File

@@ -0,0 +1,60 @@
/*
* Copyright (C)2009 - SSHJ Contributors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.hierynomus.sshj.transport.kex;
import net.schmizz.sshj.transport.digest.SHA256;
import net.schmizz.sshj.transport.digest.SHA384;
import net.schmizz.sshj.transport.digest.SHA512;
import static net.schmizz.sshj.transport.kex.DHGroupData.*;
/**
* Set of KEX methods that are not in official RFCs but are supported by some SSH servers.
*/
@SuppressWarnings("PMD.MethodNamingConventions")
public class ExtendedDHGroups {
public static DHGroups.Factory Group14SHA256AtSSH() {
return new DHGroups.Factory("diffie-hellman-group14-sha256@ssh.com", P14, G, new SHA256.Factory());
}
public static DHGroups.Factory Group15SHA256() {
return new DHGroups.Factory("diffie-hellman-group15-sha256", P15, G, new SHA256.Factory());
}
public static DHGroups.Factory Group15SHA256AtSSH() {
return new DHGroups.Factory("diffie-hellman-group15-sha256@ssh.com", P15, G, new SHA256.Factory());
}
public static DHGroups.Factory Group15SHA384AtSSH() {
return new DHGroups.Factory("diffie-hellman-group15-sha384@ssh.com", P15, G, new SHA384.Factory());
}
public static DHGroups.Factory Group16SHA256() {
return new DHGroups.Factory("diffie-hellman-group16-sha256", P16, G, new SHA256.Factory());
}
public static DHGroups.Factory Group16SHA384AtSSH() {
return new DHGroups.Factory("diffie-hellman-group16-sha384@ssh.com", P16, G, new SHA384.Factory());
}
public static DHGroups.Factory Group16SHA512AtSSH() {
return new DHGroups.Factory("diffie-hellman-group16-sha512@ssh.com", P16, G, new SHA512.Factory());
}
public static DHGroups.Factory Group18SHA512AtSSH() {
return new DHGroups.Factory("diffie-hellman-group18-sha512@ssh.com", P18, G, new SHA512.Factory());
}
}

1
src/main/java/net/schmizz/keepalive/KeepAlive.java
View File

@@ -19,7 +19,6 @@ import net.schmizz.sshj.connection.ConnectionException;
import net.schmizz.sshj.connection.ConnectionImpl;
import net.schmizz.sshj.transport.TransportException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public abstract class KeepAlive extends Thread {
protected final Logger log;

29
src/main/java/net/schmizz/sshj/DefaultConfig.java
View File

@@ -18,6 +18,9 @@ package net.schmizz.sshj;
import com.hierynomus.sshj.signature.SignatureEdDSA;
import com.hierynomus.sshj.transport.cipher.BlockCiphers;
import com.hierynomus.sshj.transport.cipher.StreamCiphers;
import com.hierynomus.sshj.transport.kex.DHGroups;
import com.hierynomus.sshj.transport.kex.ExtendedDHGroups;
import com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile;
import net.schmizz.keepalive.KeepAliveProvider;
import net.schmizz.sshj.common.Factory;
import net.schmizz.sshj.common.LoggerFactory;
@@ -27,14 +30,15 @@ import net.schmizz.sshj.signature.SignatureECDSA;
import net.schmizz.sshj.signature.SignatureRSA;
import net.schmizz.sshj.transport.cipher.*;
import net.schmizz.sshj.transport.compression.NoneCompression;
import net.schmizz.sshj.transport.kex.*;
import net.schmizz.sshj.transport.kex.Curve25519SHA256;
import net.schmizz.sshj.transport.kex.DHGexSHA1;
import net.schmizz.sshj.transport.kex.DHGexSHA256;
import net.schmizz.sshj.transport.kex.ECDHNistP;
import net.schmizz.sshj.transport.mac.*;
import net.schmizz.sshj.transport.random.BouncyCastleRandom;
import net.schmizz.sshj.transport.random.JCERandom;
import net.schmizz.sshj.transport.random.SingletonRandomFactory;
import net.schmizz.sshj.userauth.keyprovider.OpenSSHKeyFile;
import com.hierynomus.sshj.userauth.keyprovider.OpenSSHKeyV1KeyFile;
import net.schmizz.sshj.userauth.keyprovider.PKCS5KeyFile;
import net.schmizz.sshj.userauth.keyprovider.PKCS8KeyFile;
import net.schmizz.sshj.userauth.keyprovider.PuTTYKeyFile;
@@ -110,10 +114,23 @@ public class DefaultConfig
new ECDHNistP.Factory384(),
new ECDHNistP.Factory256(),
new DHGexSHA1.Factory(),
new DHG14.Factory(),
new DHG1.Factory());
DHGroups.Group1SHA1(),
DHGroups.Group14SHA1(),
DHGroups.Group14SHA256(),
DHGroups.Group15SHA512(),
DHGroups.Group16SHA512(),
DHGroups.Group17SHA512(),
DHGroups.Group18SHA512(),
ExtendedDHGroups.Group14SHA256AtSSH(),
ExtendedDHGroups.Group15SHA256(),
ExtendedDHGroups.Group15SHA256AtSSH(),
ExtendedDHGroups.Group15SHA384AtSSH(),
ExtendedDHGroups.Group16SHA256(),
ExtendedDHGroups.Group16SHA384AtSSH(),
ExtendedDHGroups.Group16SHA512AtSSH(),
ExtendedDHGroups.Group18SHA512AtSSH());
} else {
setKeyExchangeFactories(new DHG1.Factory(), new DHGexSHA1.Factory());
setKeyExchangeFactories(DHGroups.Group1SHA1(), new DHGexSHA1.Factory());
}
}

4
src/main/java/net/schmizz/sshj/common/Buffer.java
View File

@@ -311,7 +311,7 @@ public class Buffer<T extends Buffer<T>> {
public T putUInt32(long uint32) {
ensureCapacity(4);
if (uint32 < 0 || uint32 > 0xffffffffL)
throw new RuntimeException("Invalid value: " + uint32);
throw new IllegalArgumentException("Invalid value: " + uint32);
data[wpos++] = (byte) (uint32 >> 24);
data[wpos++] = (byte) (uint32 >> 16);
data[wpos++] = (byte) (uint32 >> 8);
@@ -346,7 +346,7 @@ public class Buffer<T extends Buffer<T>> {
@SuppressWarnings("unchecked")
public T putUInt64(long uint64) {
if (uint64 < 0)
throw new RuntimeException("Invalid value: " + uint64);
throw new IllegalArgumentException("Invalid value: " + uint64);
data[wpos++] = (byte) (uint64 >> 56);
data[wpos++] = (byte) (uint64 >> 48);
data[wpos++] = (byte) (uint64 >> 40);

2
src/main/java/net/schmizz/sshj/common/IOUtils.java
View File

@@ -15,8 +15,6 @@
*/
package net.schmizz.sshj.common;
import org.slf4j.Logger;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.IOException;

2
src/main/java/net/schmizz/sshj/common/SecurityUtils.java
View File

@@ -254,7 +254,7 @@ public class SecurityUtils {
throw new SSHRuntimeException("Failed to register BouncyCastle as the defaut JCE provider");
}
}
registrationDone = true;
}
registrationDone = true;
}
}

27
src/main/java/net/schmizz/sshj/common/StreamCopier.java
View File

@@ -15,7 +15,6 @@
*/
package net.schmizz.sshj.common;
import net.schmizz.sshj.common.LoggerFactory;
import net.schmizz.concurrent.Event;
import net.schmizz.concurrent.ExceptionChainer;
import org.slf4j.Logger;
@@ -68,8 +67,11 @@ public class StreamCopier {
}
public StreamCopier listener(Listener listener) {
if (listener == null) listener = NULL_LISTENER;
this.listener = listener;
if (listener == null) {
this.listener = NULL_LISTENER;
} else {
this.listener = listener;
}
return this;
}
@@ -126,11 +128,13 @@ public class StreamCopier {
final long startTime = System.currentTimeMillis();
if (length == -1) {
while ((read = in.read(buf)) != -1)
count = write(buf, count, read);
while ((read = in.read(buf)) != -1) {
count += write(buf, count, read);
}
} else {
while (count < length && (read = in.read(buf, 0, (int) Math.min(bufSize, length - count))) != -1)
count = write(buf, count, read);
while (count < length && (read = in.read(buf, 0, (int) Math.min(bufSize, length - count))) != -1) {
count += write(buf, count, read);
}
}
if (!keepFlushing)
@@ -146,14 +150,13 @@ public class StreamCopier {
return count;
}
private long write(byte[] buf, long count, int read)
private long write(byte[] buf, long curPos, int len)
throws IOException {
out.write(buf, 0, read);
count += read;
out.write(buf, 0, len);
if (keepFlushing)
out.flush();
listener.reportProgress(count);
return count;
listener.reportProgress(curPos + len);
return len;
}
}

16
src/main/java/net/schmizz/sshj/connection/ConnectionImpl.java
View File

@@ -126,10 +126,9 @@ public class ConnectionImpl
@Override
public void handle(Message msg, SSHPacket buf)
throws SSHException {
if (msg.in(91, 100))
if (msg.in(91, 100)) {
getChannel(buf).handle(msg, buf);
else if (msg.in(80, 90))
} else if (msg.in(80, 90)) {
switch (msg) {
case REQUEST_SUCCESS:
gotGlobalReqResponse(buf);
@@ -142,10 +141,11 @@ public class ConnectionImpl
break;
default:
super.handle(msg, buf);
break;
}
else
} else {
super.handle(msg, buf);
}
}
@Override
@@ -174,11 +174,11 @@ public class ConnectionImpl
}
@Override
public void join()
throws InterruptedException {
public void join() throws InterruptedException {
synchronized (internalSynchronizer) {
while (!channels.isEmpty())
while (!channels.isEmpty()) {
internalSynchronizer.wait();
}
}
}

2
src/main/java/net/schmizz/sshj/connection/channel/AbstractChannel.java
View File

@@ -329,6 +329,8 @@ public abstract class AbstractChannel
protected void gotUnknown(Message msg, SSHPacket buf)
throws ConnectionException, TransportException {
log.warn("Got unknown packet with type {}", msg);
}
protected void handleRequest(String reqType, SSHPacket buf)

1
src/main/java/net/schmizz/sshj/connection/channel/ChannelInputStream.java
View File

@@ -20,7 +20,6 @@ import net.schmizz.sshj.connection.ConnectionException;
import net.schmizz.sshj.transport.Transport;
import net.schmizz.sshj.transport.TransportException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.IOException;
import java.io.InputStream;

24
src/main/java/net/schmizz/sshj/connection/channel/ChannelOutputStream.java
View File

@@ -27,9 +27,7 @@ import java.io.OutputStream;
* {@link OutputStream} for channels. Buffers data upto the remote window's maximum packet size. Data can also be
* flushed via {@link #flush()} and is also flushed on {@link #close()}.
*/
public final class ChannelOutputStream
extends OutputStream
implements ErrorNotifiable {
public final class ChannelOutputStream extends OutputStream implements ErrorNotifiable {
private final Channel chan;
private final Transport trans;
@@ -56,8 +54,7 @@ public final class ChannelOutputStream
dataOffset = packet.wpos();
}
int write(byte[] data, int off, int len)
throws TransportException, ConnectionException {
int write(byte[] data, int off, int len) throws TransportException, ConnectionException {
final int bufferSize = packet.wpos() - dataOffset;
if (bufferSize >= win.getMaxPacketSize()) {
flush(bufferSize, true);
@@ -69,15 +66,12 @@ public final class ChannelOutputStream
}
}
boolean flush(boolean canAwaitExpansion)
throws TransportException, ConnectionException {
boolean flush(boolean canAwaitExpansion) throws TransportException, ConnectionException {
return flush(packet.wpos() - dataOffset, canAwaitExpansion);
}
boolean flush(int bufferSize, boolean canAwaitExpansion)
throws TransportException, ConnectionException {
boolean flush(int bufferSize, boolean canAwaitExpansion) throws TransportException, ConnectionException {
while (bufferSize > 0) {
long remoteWindowSize = win.getSize();
if (remoteWindowSize == 0) {
if (canAwaitExpansion) {
@@ -140,10 +134,12 @@ public final class ChannelOutputStream
public synchronized void write(final byte[] data, int off, int len)
throws IOException {
checkClose();
while (len > 0) {
final int n = buffer.write(data, off, len);
off += n;
len -= n;
int length = len;
int offset = off;
while (length > 0) {
final int n = buffer.write(data, offset, len);
offset += n;
length -= n;
}
}

1
src/main/java/net/schmizz/sshj/connection/channel/forwarded/AbstractForwardedChannelOpener.java
View File

@@ -21,7 +21,6 @@ import net.schmizz.sshj.connection.channel.Channel;
import net.schmizz.sshj.connection.channel.OpenFailException;
import net.schmizz.sshj.transport.TransportException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.IOException;

2
src/main/java/net/schmizz/sshj/connection/channel/forwarded/RemotePortForwarder.java
View File

@@ -130,7 +130,7 @@ public class RemotePortForwarder
// Addresses match up
return true;
}
if ("localhost".equals(address) && (channelForward.address.equals("127.0.0.1") || channelForward.address.equals("::1"))) {
if ("localhost".equals(address) && ("127.0.0.1".equals(channelForward.address) || "::1".equals(channelForward.address))) {
// Localhost special case.
return true;
}

12
src/main/java/net/schmizz/sshj/sftp/PacketReader.java
View File

@@ -18,17 +18,17 @@ package net.schmizz.sshj.sftp;
import net.schmizz.concurrent.Promise;
import net.schmizz.sshj.common.SSHException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.IOException;
import java.io.InputStream;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
public class PacketReader
extends Thread {
public class PacketReader extends Thread {
/** Logger */
/**
* Logger
*/
private final Logger log;
private final InputStream in;
@@ -64,7 +64,7 @@ public class PacketReader
| lenBuf[3] & 0x000000ffL);
if (len > SFTPPacket.MAX_SIZE) {
throw new SSHException(String.format("Indicated packet length %d too large", len));
throw new SSHException(String.format("Indicated packet length %d too large", len));
}
return (int) len;
@@ -100,7 +100,7 @@ public class PacketReader
log.debug("Received {} packet", resp.getType());
if (promise == null)
throw new SFTPException("Received [" + resp.readType() + "] response for request-id " + resp.getRequestID()
+ ", no such request was made");
+ ", no such request was made");
else
promise.deliver(resp);
}

4
src/main/java/net/schmizz/sshj/sftp/PathHelper.java
View File

@@ -73,7 +73,7 @@ public class PathHelper {
if (path.equals(pathSep))
return getComponents("", "");
if (path.isEmpty() || path.equals(".") || path.equals("." + pathSep))
if (path.isEmpty() || ".".equals(path) || ("." + pathSep).equals(path))
return getComponents(getDotDir());
final String withoutTrailSep = trimTrailingSeparator(path);
@@ -81,7 +81,7 @@ public class PathHelper {
final String parent = (lastSep == -1) ? "" : withoutTrailSep.substring(0, lastSep);
final String name = (lastSep == -1) ? withoutTrailSep : withoutTrailSep.substring(lastSep + pathSep.length());
if (name.equals(".") || name.equals("..")) {
if (".".equals(name) || "..".equals(name)) {
return getComponents(canonicalizer.canonicalize(path));
} else {
return getComponents(parent, name);

4
src/main/java/net/schmizz/sshj/sftp/RemoteDirectory.java
View File

@@ -32,6 +32,7 @@ public class RemoteDirectory
public List<RemoteResourceInfo> scan(RemoteResourceFilter filter)
throws IOException {
List<RemoteResourceInfo> rri = new LinkedList<RemoteResourceInfo>();
// TODO: Remove GOTO!
loop:
for (; ; ) {
final Response res = requester.request(newRequest(PacketType.READDIR))
@@ -46,8 +47,9 @@ public class RemoteDirectory
final FileAttributes attrs = res.readFileAttributes();
final PathComponents comps = requester.getPathHelper().getComponents(path, name);
final RemoteResourceInfo inf = new RemoteResourceInfo(comps, attrs);
if (!(name.equals(".") || name.equals("..")) && (filter == null || filter.accept(inf)))
if (!(".".equals(name) || "..".equals(name)) && (filter == null || filter.accept(inf))) {
rri.add(inf);
}
}
break;

18
src/main/java/net/schmizz/sshj/sftp/RemoteFile.java
View File

@@ -81,10 +81,10 @@ public class RemoteFile
protected Promise<Response, SFTPException> asyncWrite(long fileOffset, byte[] data, int off, int len)
throws IOException {
return requester.request(newRequest(PacketType.WRITE)
.putUInt64(fileOffset)
// TODO The SFTP spec claims this field is unneeded...? See #187
.putUInt32(len)
.putRawBytes(data, off, len)
.putUInt64(fileOffset)
// TODO The SFTP spec claims this field is unneeded...? See #187
.putUInt32(len)
.putRawBytes(data, off, len)
);
}
@@ -194,10 +194,10 @@ public class RemoteFile
@Override
public long skip(long n) throws IOException {
final long fileLength = length();
final Long previousFileOffset = fileOffset;
fileOffset = Math.min(fileOffset + n, fileLength);
return fileOffset - previousFileOffset;
final long fileLength = length();
final Long previousFileOffset = fileOffset;
fileOffset = Math.min(fileOffset + n, fileLength);
return fileOffset - previousFileOffset;
}
@Override
@@ -341,7 +341,7 @@ public class RemoteFile
public int available() throws IOException {
boolean lastRead = true;
while (!eof && (pending.available() <= 0) && lastRead) {
lastRead = retrieveUnconfirmedRead(false /*blocking*/);
lastRead = retrieveUnconfirmedRead(false /*blocking*/);
}
return pending.available();
}

1
src/main/java/net/schmizz/sshj/sftp/RemoteResource.java
View File

@@ -16,7 +16,6 @@
package net.schmizz.sshj.sftp;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.Closeable;
import java.io.IOException;

3
src/main/java/net/schmizz/sshj/sftp/Response.java
View File

@@ -20,7 +20,7 @@ import net.schmizz.sshj.common.Buffer;
public final class Response
extends SFTPPacket<Response> {
public static enum StatusCode {
public enum StatusCode {
UNKNOWN(-1),
OK(0),
EOF(1),
@@ -122,6 +122,7 @@ public final class Response
return ensurePacketTypeIs(PacketType.STATUS).ensureStatusIs(StatusCode.OK);
}
@SuppressWarnings("PMD.CompareObjectsWithEquals")
public Response ensureStatusIs(StatusCode acceptable)
throws SFTPException {
final StatusCode sc = readStatusCode();

13
src/main/java/net/schmizz/sshj/sftp/SFTPFileTransfer.java
View File

@@ -60,14 +60,12 @@ public class SFTPFileTransfer
}
@Override
public void upload(LocalSourceFile localFile, String remotePath)
throws IOException {
public void upload(LocalSourceFile localFile, String remotePath) throws IOException {
new Uploader(localFile, remotePath).upload(getTransferListener());
}
@Override
public void download(String source, LocalDestFile dest)
throws IOException {
public void download(String source, LocalDestFile dest) throws IOException {
final PathComponents pathComponents = engine.getPathHelper().getComponents(source);
final FileAttributes attributes = engine.stat(source);
new Downloader().download(getTransferListener(), new RemoteResourceInfo(pathComponents, attributes), dest);
@@ -91,10 +89,10 @@ public class SFTPFileTransfer
private class Downloader {
@SuppressWarnings("PMD.MissingBreakInSwitch")
private void download(final TransferListener listener,
final RemoteResourceInfo remote,
final LocalDestFile local)
throws IOException {
final LocalDestFile local) throws IOException {
final LocalDestFile adjustedFile;
switch (remote.getAttributes().getType()) {
case DIRECTORY:
@@ -104,8 +102,7 @@ public class SFTPFileTransfer
log.warn("Server did not supply information about the type of file at `{}` " +
"-- assuming it is a regular file!", remote.getPath());
case REGULAR:
adjustedFile = downloadFile(listener.file(remote.getName(), remote.getAttributes().getSize()),
remote, local);
adjustedFile = downloadFile(listener.file(remote.getName(), remote.getAttributes().getSize()), remote, local);
break;
default:
throw new IOException(remote + " is not a regular file or directory");

2
src/main/java/net/schmizz/sshj/signature/AbstractSignature.java
View File

@@ -84,7 +84,7 @@ public abstract class AbstractSignature
| sig[i++] & 0x000000ff;
byte[] newSig = new byte[j];
System.arraycopy(sig, i, newSig, 0, j);
sig = newSig;
return newSig;
}
return sig;
}

2
src/main/java/net/schmizz/sshj/signature/SignatureECDSA.java
View File

@@ -79,7 +79,7 @@ public class SignatureECDSA
throw new SSHRuntimeException(String.format("Signature :: ecdsa-sha2-nistp256 expected, got %s", algo));
}
final int rsLen = sigbuf.readUInt32AsInt();
if (!(sigbuf.available() == rsLen)) {
if (sigbuf.available() != rsLen) {
throw new SSHRuntimeException("Invalid key length");
}
r = sigbuf.readBytes();

2
src/main/java/net/schmizz/sshj/transport/Decoder.java
View File

@@ -16,12 +16,10 @@
package net.schmizz.sshj.transport;
import net.schmizz.sshj.common.*;
import net.schmizz.sshj.transport.Transport;
import net.schmizz.sshj.transport.cipher.Cipher;
import net.schmizz.sshj.transport.compression.Compression;
import net.schmizz.sshj.transport.mac.MAC;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/** Decodes packets from the SSH binary protocol per the current algorithms. */
final class Decoder

13
src/main/java/net/schmizz/sshj/transport/Encoder.java
View File

@@ -39,19 +39,6 @@ final class Encoder
log = loggerFactory.getLogger(getClass());
}
private SSHPacket checkHeaderSpace(SSHPacket buffer) {
if (buffer.rpos() < 5) {
log.warn("Performance cost: when sending a packet, ensure that "
+ "5 bytes are available in front of the buffer");
SSHPacket nb = new SSHPacket(buffer.available() + 5);
nb.rpos(5);
nb.wpos(5);
nb.putBuffer(buffer);
buffer = nb;
}
return buffer;
}
private void compress(SSHPacket buffer) {
compression.compress(buffer);
}

2
src/main/java/net/schmizz/sshj/transport/KeyExchanger.java
View File

@@ -26,7 +26,6 @@ import net.schmizz.sshj.transport.mac.MAC;
import net.schmizz.sshj.transport.verification.AlgorithmsVerifier;
import net.schmizz.sshj.transport.verification.HostKeyVerifier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
@@ -158,6 +157,7 @@ final class KeyExchanger
"Key exchange packet received when key exchange was not ongoing");
}
@SuppressWarnings("PMD.CompareObjectsWithEquals")
private static void ensureReceivedMatchesExpected(Message got, Message expected)
throws TransportException {
if (got != expected)

1
src/main/java/net/schmizz/sshj/transport/Reader.java
View File

@@ -16,7 +16,6 @@
package net.schmizz.sshj.transport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.InputStream;
import java.net.SocketTimeoutException;

65
src/main/java/net/schmizz/sshj/transport/TransportImpl.java
View File

@@ -33,7 +33,9 @@ import java.io.OutputStream;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantLock;
/** A thread-safe {@link Transport} implementation. */
/**
* A thread-safe {@link Transport} implementation.
*/
public final class TransportImpl
implements Transport, DisconnectListener {
@@ -49,11 +51,11 @@ public final class TransportImpl
static final class ConnInfo {
final String host;
final int port;
final InputStream in;
final OutputStream out;
public ConnInfo(String host, int port, InputStream in, OutputStream out) {
ConnInfo(String host, int port, InputStream in, OutputStream out) {
this.host = host;
this.port = port;
this.in = in;
@@ -88,24 +90,32 @@ public final class TransportImpl
private final Event<TransportException> close;
/** Client version identification string */
/**
* Client version identification string
*/
private final String clientID;
private volatile int timeoutMs = 30 * 1000; // Crazy long, but it was the original default
private volatile boolean authed = false;
/** Currently active service e.g. UserAuthService, ConnectionService */
/**
* Currently active service e.g. UserAuthService, ConnectionService
*/
private volatile Service service;
private DisconnectListener disconnectListener;
private ConnInfo connInfo;
/** Server version identification string */
/**
* Server version identification string
*/
private String serverID;
/** Message identifier of last packet received */
/**
* Message identifier of last packet received
*/
private Message msg;
private final ReentrantLock writeLock = new ReentrantLock();
@@ -115,9 +125,9 @@ public final class TransportImpl
this.loggerFactory = config.getLoggerFactory();
this.serviceAccept = new Event<TransportException>("service accept", TransportException.chainer, loggerFactory);
this.close = new Event<TransportException>("transport close", TransportException.chainer, loggerFactory);
this.nullService = new NullService(this);
this.nullService = new NullService(this);
this.service = nullService;
this.log = loggerFactory.getLogger(getClass());
this.log = loggerFactory.getLogger(getClass());
this.disconnectListener = this;
this.reader = new Reader(this);
this.encoder = new Encoder(config.getRandomFactory().create(), writeLock, loggerFactory);
@@ -138,7 +148,7 @@ public final class TransportImpl
this.serviceAccept = new Event<TransportException>("service accept", TransportException.chainer, loggerFactory);
this.close = new Event<TransportException>("transport close", TransportException.chainer, loggerFactory);
this.log = loggerFactory.getLogger(getClass());
this.nullService = new NullService(this);
this.nullService = new NullService(this);
this.service = nullService;
this.disconnectListener = this;
this.reader = new Reader(this);
@@ -194,6 +204,7 @@ public final class TransportImpl
/**
* Receive the server identification string.
*
* @throws IOException If there was an error writing to the outputstream.
*/
private void sendClientIdent() throws IOException {
@@ -212,9 +223,7 @@ public final class TransportImpl
* This is not efficient but is only done once.
*
* @param buffer The buffer to read from.
*
* @return empty string if full ident string has not yet been received
*
* @throws IOException
*/
private String readIdentification(Buffer.PlainBuffer buffer)
@@ -226,7 +235,7 @@ public final class TransportImpl
if (!ident.startsWith("SSH-2.0-") && !ident.startsWith("SSH-1.99-"))
throw new TransportException(DisconnectReason.PROTOCOL_VERSION_NOT_SUPPORTED,
"Server does not support SSHv2, identified as: " + ident);
"Server does not support SSHv2, identified as: " + ident);
return ident;
}
@@ -337,7 +346,6 @@ public final class TransportImpl
* Sends a service request for the specified service
*
* @param serviceName name of the service being requested
*
* @throws TransportException if there is an error while sending the request
*/
private void sendServiceRequest(String serviceName)
@@ -456,9 +464,9 @@ public final class TransportImpl
log.debug("Sending SSH_MSG_DISCONNECT: reason=[{}], msg=[{}]", reason, message);
try {
write(new SSHPacket(Message.DISCONNECT)
.putUInt32(reason.toInt())
.putString(message)
.putString(""));
.putUInt32(reason.toInt())
.putString(message)
.putString(""));
} catch (IOException worthless) {
log.debug("Error writing packet: {}", worthless.toString());
}
@@ -476,7 +484,6 @@ public final class TransportImpl
*
* @param msg the message identifer
* @param buf buffer containg rest of the packet
*
* @throws SSHException if an error occurs during handling (unrecoverable)
*/
@Override
@@ -494,32 +501,27 @@ public final class TransportImpl
else
switch (msg) {
case DISCONNECT: {
case DISCONNECT:
gotDisconnect(buf);
break;
}
case IGNORE: {
case IGNORE:
log.debug("Received SSH_MSG_IGNORE");
break;
}
case UNIMPLEMENTED: {
case UNIMPLEMENTED:
gotUnimplemented(buf);
break;
}
case DEBUG: {
case DEBUG:
gotDebug(buf);
break;
}
case SERVICE_ACCEPT: {
case SERVICE_ACCEPT:
gotServiceAccept();
break;
}
case USERAUTH_BANNER: {
case USERAUTH_BANNER:
log.debug("Received USERAUTH_BANNER");
break;
}
default:
sendUnimplemented();
break;
}
}
@@ -552,7 +554,7 @@ public final class TransportImpl
try {
if (!serviceAccept.hasWaiters())
throw new TransportException(DisconnectReason.PROTOCOL_ERROR,
"Got a service accept notification when none was awaited");
"Got a service accept notification when none was awaited");
serviceAccept.set();
} finally {
serviceAccept.unlock();
@@ -563,7 +565,6 @@ public final class TransportImpl
* Got an SSH_MSG_UNIMPLEMENTED, so lets see where we're at and act accordingly.
*
* @param packet The 'unimplemented' packet received
*
* @throws TransportException
*/
private void gotUnimplemented(SSHPacket packet)

2
src/main/java/net/schmizz/sshj/transport/cipher/NoneCipher.java
View File

@@ -46,10 +46,12 @@ public class NoneCipher
@Override
public void init(Mode mode, byte[] bytes, byte[] bytes1) {
// Nothing to do
}
@Override
public void update(byte[] input, int inputOffset, int inputLen) {
// Nothing to do
}
}

4
src/main/java/net/schmizz/sshj/transport/kex/Curve25519SHA256.java
View File

@@ -16,14 +16,10 @@
package net.schmizz.sshj.transport.kex;
import net.schmizz.sshj.transport.digest.SHA256;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.security.GeneralSecurityException;
public class Curve25519SHA256 extends AbstractDHG {
private static final Logger logger = LoggerFactory.getLogger(Curve25519SHA256.class);
/** Named factory for Curve25519SHA256 key exchange */
public static class Factory
implements net.schmizz.sshj.common.Factory.Named<KeyExchange> {

2
src/main/java/net/schmizz/sshj/transport/kex/DH.java
View File

@@ -40,7 +40,7 @@ public class DH extends DHBase {
}
@Override
protected void init(AlgorithmParameterSpec params, Factory<Random> randomFactory) throws GeneralSecurityException {
public void init(AlgorithmParameterSpec params, Factory<Random> randomFactory) throws GeneralSecurityException {
if (!(params instanceof DHParameterSpec)) {
throw new SSHRuntimeException("Wrong algorithm parameters for Diffie Hellman");
}

4
src/main/java/net/schmizz/sshj/transport/kex/DHBase.java
View File

@@ -26,7 +26,7 @@ import java.security.GeneralSecurityException;
import java.security.KeyPairGenerator;
import java.security.spec.AlgorithmParameterSpec;
abstract class DHBase {
public abstract class DHBase {
protected final KeyPairGenerator generator;
protected final KeyAgreement agreement;
@@ -44,7 +44,7 @@ abstract class DHBase {
abstract void computeK(byte[] f) throws GeneralSecurityException;
protected abstract void init(AlgorithmParameterSpec params, Factory<Random> randomFactory) throws GeneralSecurityException;
public abstract void init(AlgorithmParameterSpec params, Factory<Random> randomFactory) throws GeneralSecurityException;
void setE(byte[] e) {
this.e = e;

1
src/main/java/net/schmizz/sshj/transport/kex/DHG1.java
View File

@@ -26,6 +26,7 @@ import java.security.GeneralSecurityException;
* @see <a href="http://www.ietf.org/rfc/rfc4253.txt">RFC 4253</a>
*
* TODO refactor away the (unneeded) class
* @deprecated Replaced by {@link com.hierynomus.sshj.transport.kex.DHG} with {@link com.hierynomus.sshj.transport.kex.DHGroups}
*/
public class DHG1
extends AbstractDHG {

2
src/main/java/net/schmizz/sshj/transport/kex/DHG14.java
View File

@@ -25,6 +25,8 @@ import java.security.GeneralSecurityException;
* <p/>
* DHG14 does not work with the default JCE implementation provided by Sun because it does not support 2048 bits
* encryption. It requires BouncyCastle to be used.
*
* @deprecated Replaced by {@link com.hierynomus.sshj.transport.kex.DHG} with {@link com.hierynomus.sshj.transport.kex.DHGroups}
*/
public class DHG14
extends AbstractDHG {

135
src/main/java/net/schmizz/sshj/transport/kex/DHGroupData.java
View File

@@ -17,26 +17,139 @@ package net.schmizz.sshj.transport.kex;
import java.math.BigInteger;
/** Simple class holding the data for DH group key exchanges. */
/**
* Simple class holding the data for DH group key exchanges.
*/
public final class DHGroupData {
public static final BigInteger G =
new BigInteger("2");
/**
* First Oakley Group (https://tools.ietf.org/html/rfc2409) - P1
* prime: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
*/
public static final BigInteger P1 =
new BigInteger("1797693134862315907708391567937874531978602960487560117064444236841971802161585193" +
"6894783379586492554150218056548598050364644054819923910005079287700335581663922955" +
"3136239076508735759914822574862575007425302077447712589550957937778424442426617334" +
"727629299387668709205606050270810842907692932019128194467627007");
"6894783379586492554150218056548598050364644054819923910005079287700335581663922955" +
"3136239076508735759914822574862575007425302077447712589550957937778424442426617334" +
"727629299387668709205606050270810842907692932019128194467627007");
/**
* 2048-bit MODP Group - P14 (https://tools.ietf.org/html/rfc3526#section-3)
* prime: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
*/
public static final BigInteger P14 =
new BigInteger("3231700607131100730033891392642382824881794124114023911284200975140074170663435422" +
"2619689417363569347117901737909704191754605873209195028853758986185622153212175412" +
"5149017745202702357960782362488842461894775876411059286460994117232454266225221932" +
"3054091903768052423551912567971587011700105805587765103886184728025797605490356973" +
"2561526167081339361799541336476559160368317896729073178384589680639671900977202194" +
"1686472258710314113364293195361934716365332097170774482279885885653692086452966360" +
"7725026895550592836275112117409697299806841055435958486658329164213621823107899099" +
"9448652468262416972035911852507045361090559");
"2619689417363569347117901737909704191754605873209195028853758986185622153212175412" +
"5149017745202702357960782362488842461894775876411059286460994117232454266225221932" +
"3054091903768052423551912567971587011700105805587765103886184728025797605490356973" +
"2561526167081339361799541336476559160368317896729073178384589680639671900977202194" +
"1686472258710314113364293195361934716365332097170774482279885885653692086452966360" +
"7725026895550592836275112117409697299806841055435958486658329164213621823107899099" +
"9448652468262416972035911852507045361090559");
/**
* 3072-bit MODP Group - P15 (https://tools.ietf.org/html/rfc3526#section-4)
* prime: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
*/
public static final BigInteger P15 =
new BigInteger("5809605995369958062791915965639201402176612226902900533702900882779736177890990861" +
"4720947744773395811473734101856463783280437298007504700982109244878669350591643715" +
"8816804754094398164451663275506750162643455639819318662899007124866081936120511979" +
"3693985433297036118232914410171876807536457391277857011849897410207519105333355801" +
"1211093568974594262718454713979526759594407934930716283941227805101246184882326024" +
"6464987685045886124578424092925842628769970531258450962541951346360515542801716571" +
"4465363094021609290561084025893662561222573202082865797821865270991145082200656978" +
"1771928270245389902399691755461907706456858934380117144304264093386763147435711545" +
"3714203157300427642870143303638180170530865983075119035294602548205993130657100472" +
"7362479688415574702596946457770284148435989129632853918392117997472632693078113129" +
"8864873993477969827727846158652326212896569442842168246113187097645351525073541163" +
"44703769998514148343807");
/**
* 4096-bit MODP Group - P16 (https://tools.ietf.org/html/rfc3526#section-5)
* prime: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
*/
public static final BigInteger P16 =
new BigInteger("10443888814131525066796027198465295458312690609921350090225887564443381720223226907" +
"10444046669809783930111585737890362691860127079270495454517218673016928427459146001" +
"86688577976298222932119236830334623520436805101030915567415569746034717694639407653" +
"51572849948952848216337009218117167389724518349794558970103063334685907513583651387" +
"82250372269117968985194322444535687415522007151638638141456178420621277822674995027" +
"99027867345862954439173691976629900551150544617766815444623488266596168079657690319" +
"91160893476349471877789065280080047566925716669229641225661745827767073324523710012" +
"72163776841229318324903125740713574141005124561965913888899753461735347970011693256" +
"31675166067895083002751025580484610558346505544661509044430958305077580850929704003" +
"96800574353422539265662408981958636315888889363641299200593084556694540340103914782" +
"38784189888594672336242763795138176353222845524644040094258962433613354036104643881" +
"92523848922401019419308891166616558422942466816544168892779046060826486420423771700" +
"20547443379889419746612146996897065215430062626045358909981257522759426087721743761" +
"07314217749233048217904944409836238235772306749874396760463376480215133461333478395" +
"682746608242585133953883882226786118030184028136755970045385534758453247");
/**
* 6144-bit MODP Group - P17 (https://tools.ietf.org/html/rfc3526#section-6)
* prime: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 }
*/
public static final BigInteger P17 =
new BigInteger("3375152182143856118451852315996741233006489780574184654817389047442942990132667244" +
"5203235101919165483964194359460994881062089387893762814044257438204432573941083014" +
"8270060902589258751610180963277323358005958319159760142088223040073278481327349332" +
"9788580321367526156496260334045722077682632250005809131096725397661997398803366366" +
"6385188155212656268079501726223369693427999804134467810120772356498596945532366527" +
"4005175754719693358549052745041195095923660137119541482588848792245999152034563158" +
"8103477655308367699571833559858639559116999957082451503501754353335269752528775333" +
"2500527176569576894926734950469293596134095086603716860086302051544539652689091299" +
"0997845889190523834630577894405654606814419024423999564190605216296046973478790246" +
"5431380018607831652696452928806274087901103517592005919217856147319900620589671943" +
"5014765345518490882366607110905303449152556221163232127426440691921134648766635695" +
"8502392313045917442156109850296368954067188807663082492273159842675422662594896843" +
"7222391644541101590050623941926790971632033120898897818086898743162371034761799235" +
"6201449023892203230133009421463914291201346063125219636964261683591541014344239275" +
"3407356909977322220697587739633908763605465157552805170421605254873028981223116697" +
"9967944753045360039934269703271445854959128593945394903498124811432232236723864504" +
"2515984447890788917823576330019151696568654314153058547592091366014550143819685170" +
"0683437001046776090411663697600809334136054989623820777788455998349074759534307874" +
"4620138456732853067527579296235488377080690082718368571835346957473168052062194454" +
"0947734619035177180057973022652571032196598229259194875709994709721793154158686515" +
"7485072742241813169487971046010682120152329216914824963468544136987197501906011027" +
"0527448105054323981513068607360107630451228454921845984604608225359676243382741906" +
"0089029417044871218316020923109988915707117567");
/**
* 8192-bit MODP Group - P18 (https://tools.ietf.org/html/rfc3526#section-7)
* prime: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }
*/
public static final BigInteger P18 =
new BigInteger("10907481356194159294502949293597845003481551249531722117741011069661501689227856390" +
"28532473848836817769712164169076432969224698752674677662739994265785437233596157045" +
"97092233804069810050786103304731233182398243527947570019986097161273254052879655450" +
"28679197467769837593914759871425213158787195775191488118308799194269399584870875409" +
"65716419167467499326156226529675209172277001377591248147563782880558861083327174154" +
"01497513489312511601577631889029596069801161415772128252753946881651931933333750311" +
"47771923604122817210189558343776154804684792527488673203623853555966017951228067562" +
"17713579819870634321561907813255153703950795271232652404894983869492174481652303803" +
"49888136621050864726366837651413103110233683748899977574404673365182723939535354034" +
"84148728546397192946943234501868841898225445406472269872921606931847346549419069366" +
"46576130260972193280317171696418971553954161446191759093719524951116705577362073481" +
"31929604120128351615426904438925772770028968411946028348045230620413002491387998113" +
"59080269838682059693181678196808509986496944169079527129049624049377757896989172073" +
"56355227455066183815847669135530549755439819480321732925869069136146085326382334628" +
"74545639807160305805163420938670870330654590319960852382451372962513665912822110096" +
"77354505199524042481982628138310973742616503800172779169753241348465746813073370173" +
"80830353680623216336949471306191686438249305686413380231046096450953594089375540285" +
"03729247092939511402830554745258496207430943815182543790297601289174935519867842060" +
"37220349003113648930464957614043339386861400378480309162925432736845336400326376391" +
"00774502371542479302473698388692892420946478947733800387782741417786484770190108867" +
"87977899163321862864053398261932246615488301145229189025233648723608665439609385389" +
"86288058131775591620763631544364944775078712941198416378677017221666098312018454840" +
"78070518041336869808398454625586921201308185638888082699408686536045192649569198110" +
"35365994311180230063610650986502394366182943642656300791728205089442938884174888539" +
"82907077430529736053592775157496197308237732158947551217614678878653277071155738042" +
"64519206349215850195195364813387526811742474131549802130246506341207020335797706780" +
"70540694527543880626597851620970679570257924407538049023174103086261496878330620786" +
"96878681084236399719832090776247580804999882755913927872676271824428928096468742282" +
"63172435642368588260139161962836121481966092745325488641054238839295138992979335446" +
"110090325230955276870524611359124918392740353154294858383359");
}

2
src/main/java/net/schmizz/sshj/transport/kex/ECDH.java
View File

@@ -41,7 +41,7 @@ public class ECDH extends DHBase {
super("EC", "ECDH");
}
protected void init(AlgorithmParameterSpec params, Factory<Random> randomFactory) throws GeneralSecurityException {
public void init(AlgorithmParameterSpec params, Factory<Random> randomFactory) throws GeneralSecurityException {
generator.initialize(params);
KeyPair keyPair = generator.generateKeyPair();
agreement.init(keyPair.getPrivate());

24
src/main/java/net/schmizz/sshj/userauth/UserAuthImpl.java
View File

@@ -32,7 +32,9 @@ import java.util.LinkedList;
import java.util.List;
import java.util.concurrent.TimeUnit;
/** {@link UserAuth} implementation. */
/**
* {@link UserAuth} implementation.
*/
public class UserAuthImpl
extends AbstractService
implements UserAuth {
@@ -111,22 +113,20 @@ public class UserAuthImpl
try {
switch (msg) {
case USERAUTH_BANNER: {
case USERAUTH_BANNER:
banner = buf.readString();
}
break;
break;
case USERAUTH_SUCCESS: {
case USERAUTH_SUCCESS:
// In order to prevent race conditions, we immediately set the authenticated flag on the transport
// And change the service before delivering the authenticated promise.
// Should fix https://github.com/hierynomus/sshj/issues/237
trans.setAuthenticated(); // So it can put delayed compression into force if applicable
trans.setService(nextService); // We aren't in charge anymore, next service is
authenticated.deliver(true);
}
break;
break;
case USERAUTH_FAILURE: {
case USERAUTH_FAILURE:
allowedMethods = Arrays.asList(buf.readString().split(","));
partialSuccess |= buf.readBoolean();
if (allowedMethods.contains(currentMethod.getName()) && currentMethod.shouldRetry()) {
@@ -134,18 +134,16 @@ public class UserAuthImpl
} else {
authenticated.deliver(false);
}
}
break;
break;
default: {
default:
log.debug("Asking `{}` method to handle {} packet", currentMethod.getName(), msg);
try {
currentMethod.handle(msg, buf);
} catch (UserAuthException e) {
authenticated.deliverError(e);
}
}
break;
}
} finally {
authenticated.unlock();

25
src/test/java/com/hierynomus/sshj/connection/channel/forwarded/RemotePortForwarderTest.java
View File

@@ -40,11 +40,6 @@ import static org.junit.Assert.assertThat;
public class RemotePortForwarderTest {
// Credentials for an remote SSH Server to test against.
private static final String REMOTE_HOST = "x.x.x.x";
private static final String USER = "xxxx";
private static final String PASSWORD = "yyyy";
private static final PortRange RANGE = new PortRange(9000, 9999);
private static final InetSocketAddress HTTP_SERVER_SOCKET_ADDR = new InetSocketAddress("127.0.0.1", 8080);
@@ -55,7 +50,7 @@ public class RemotePortForwarderTest {
public HttpServer httpServer = new HttpServer();
@Before
public void setup() throws IOException {
public void setUp() throws IOException {
fixture.getServer().setTcpipForwardingFilter(new AcceptAllForwardingFilter());
File file = httpServer.getDocRoot().newFile("index.html");
FileUtil.writeToFile(file, "<html><head/><body><h1>Hi!</h1></body></html>");
@@ -64,49 +59,49 @@ public class RemotePortForwarderTest {
@Test
public void shouldHaveWorkingHttpServer() throws IOException {
// Just to check that we have a working http server...
httpGet("127.0.0.1", 8080);
assertThat(httpGet("127.0.0.1", 8080), equalTo(200));
}
@Test
public void shouldDynamicallyForwardPortForLocalhost() throws IOException {
SSHClient sshClient = getFixtureClient();
RemotePortForwarder.Forward bind = forwardPort(sshClient, "127.0.0.1", new SinglePort(0));
httpGet("127.0.0.1", bind.getPort());
assertThat(httpGet("127.0.0.1", bind.getPort()), equalTo(200));
}
@Test
public void shouldDynamicallyForwardPortForAllIPv4() throws IOException {
SSHClient sshClient = getFixtureClient();
RemotePortForwarder.Forward bind = forwardPort(sshClient, "0.0.0.0", new SinglePort(0));
httpGet("127.0.0.1", bind.getPort());
assertThat(httpGet("127.0.0.1", bind.getPort()), equalTo(200));
}
@Test
public void shouldDynamicallyForwardPortForAllProtocols() throws IOException {
SSHClient sshClient = getFixtureClient();
RemotePortForwarder.Forward bind = forwardPort(sshClient, "", new SinglePort(0));
httpGet("127.0.0.1", bind.getPort());
assertThat(httpGet("127.0.0.1", bind.getPort()), equalTo(200));
}
@Test
public void shouldForwardPortForLocalhost() throws IOException {
SSHClient sshClient = getFixtureClient();
RemotePortForwarder.Forward bind = forwardPort(sshClient, "127.0.0.1", RANGE);
httpGet("127.0.0.1", bind.getPort());
assertThat(httpGet("127.0.0.1", bind.getPort()), equalTo(200));
}
@Test
public void shouldForwardPortForAllIPv4() throws IOException {
SSHClient sshClient = getFixtureClient();
RemotePortForwarder.Forward bind = forwardPort(sshClient, "0.0.0.0", RANGE);
httpGet("127.0.0.1", bind.getPort());
assertThat(httpGet("127.0.0.1", bind.getPort()), equalTo(200));
}
@Test
public void shouldForwardPortForAllProtocols() throws IOException {
SSHClient sshClient = getFixtureClient();
RemotePortForwarder.Forward bind = forwardPort(sshClient, "", RANGE);
httpGet("127.0.0.1", bind.getPort());
assertThat(httpGet("127.0.0.1", bind.getPort()), equalTo(200));
}
private RemotePortForwarder.Forward forwardPort(SSHClient sshClient, String address, PortRange portRange) throws IOException {
@@ -127,12 +122,12 @@ public class RemotePortForwarderTest {
}
}
private void httpGet(String server, int port) throws IOException {
private int httpGet(String server, int port) throws IOException {
HttpClient client = HttpClientBuilder.create().build();
String urlString = "http://" + server + ":" + port;
System.out.println("Trying: GET " + urlString);
HttpResponse execute = client.execute(new HttpGet(urlString));
assertThat(execute.getStatusLine().getStatusCode(), equalTo(200));
return execute.getStatusLine().getStatusCode();
}
private SSHClient getFixtureClient() throws IOException {

26
src/test/java/com/hierynomus/sshj/test/BaseAlgorithmTest.java
View File

@@ -42,25 +42,17 @@ public abstract class BaseAlgorithmTest {
@Test
public void shouldVerifyAlgorithm() throws IOException {
attempt(100);
}
private void attempt(int times) throws IOException {
for (int i = 0; i < times; i++) {
for (int i = 0; i < 100; i++) {
logger.info("--> Attempt {}", i);
verify();
}
}
private void verify() throws IOException {
configureServer(fixture.getServer());
fixture.start();
Config config = getClientConfig(new DefaultConfig());
SSHClient sshClient = fixture.connectClient(fixture.setupClient(config));
assertThat("should be connected", sshClient.isConnected());
sshClient.disconnect();
configureServer(fixture.getServer());
fixture.start();
Config config = getClientConfig(new DefaultConfig());
SSHClient sshClient = fixture.connectClient(fixture.setupClient(config));
assertThat("should be connected", sshClient.isConnected());
sshClient.disconnect();
// fixture.stopServer();
fixture.stopClient();
fixture.stopClient();
}
}
protected abstract Config getClientConfig(DefaultConfig defaultConfig);

3
src/test/java/com/hierynomus/sshj/test/HttpServer.java
View File

@@ -27,9 +27,6 @@ public class HttpServer extends ExternalResource {
private TemporaryFolder docRoot = new TemporaryFolder();
public HttpServer() {
}
@Override
protected void before() throws Throwable {
docRoot.create();

3
src/test/java/com/hierynomus/sshj/userauth/method/AuthPasswordTest.java
View File

@@ -69,7 +69,7 @@ public class AuthPasswordTest {
fixture.getServer().setPasswordAuthenticator(new PasswordAuthenticator() {
@Override
public boolean authenticate(String username, String password, ServerSession session) {
if (password.equals("changeme")) {
if ("changeme".equals(password)) {
throw new PasswordChangeRequiredException("Password was changeme", "Please provide your updated password", "en_US");
} else {
return password.equals(username);
@@ -84,6 +84,7 @@ public class AuthPasswordTest {
SSHClient sshClient = fixture.setupConnectedDefaultClient();
expectedException.expect(UserAuthException.class);
sshClient.authPassword("jeroen", "changeme");
assertThat("Should not have authenticated", !sshClient.isAuthenticated());
}
@Test

6
src/test/java/net/schmizz/sshj/sftp/PacketReaderTest.java
View File

@@ -33,8 +33,6 @@ public class PacketReaderTest {
private DataOutputStream dataout;
private PacketReader reader;
private SFTPEngine engine;
private Subsystem subsystem;
@Before
public void setUp() throws Exception {
@@ -42,8 +40,8 @@ public class PacketReaderTest {
PipedInputStream pipedin = new PipedInputStream(pipedout);
dataout = new DataOutputStream(pipedout);
engine = Mockito.mock(SFTPEngine.class);
subsystem = Mockito.mock(Subsystem.class);
SFTPEngine engine = Mockito.mock(SFTPEngine.class);
Subsystem subsystem = Mockito.mock(Subsystem.class);
Mockito.when(engine.getLoggerFactory()).thenReturn(LoggerFactory.DEFAULT);
Mockito.when(engine.getSubsystem()).thenReturn(subsystem);
Mockito.when(subsystem.getInputStream()).thenReturn(pipedin);

4
src/test/java/net/schmizz/sshj/sftp/PathHelperTest.java
View File

@@ -30,9 +30,9 @@ public class PathHelperTest {
@Override
public String canonicalize(String path)
throws IOException {
if (path.equals("") || path.equals(".") || path.equals("./"))
if ("".equals(path) || ".".equals(path) || "./".equals(path))
return "/home/me";
if (path.equals("..") || path.equals("../"))
if ("..".equals(path) || "../".equals(path))
return "/home";
return path;
}

4
src/test/java/net/schmizz/sshj/util/gss/BogusGSSContext.java
View File

@@ -70,7 +70,9 @@ public class BogusGSSContext
}
@Override
public void dispose() throws GSSException {}
public void dispose() throws GSSException {
// Nothing to do
}
@Override
public int getWrapSizeLimit(int qop, boolean confReq, int maxTokenSize) throws GSSException {

4
src/test/java/net/schmizz/sshj/util/gss/BogusGSSCredential.java
View File

@@ -34,7 +34,9 @@ public class BogusGSSCredential
}
@Override
public void dispose() throws GSSException {}
public void dispose() throws GSSException {
// Nothing to do
}
@Override
public GSSName getName() throws GSSException {