2 * Copyright (c) 2019 PANTHEON.tech, s.r.o. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netconf.nettyutil.handler.ssh.client;
10 import static com.google.common.base.Verify.verify;
12 import com.google.common.annotations.Beta;
13 import com.google.common.collect.ImmutableList;
14 import com.google.common.collect.Streams;
15 import java.util.Arrays;
16 import org.opendaylight.netconf.shaded.sshd.client.ClientBuilder;
17 import org.opendaylight.netconf.shaded.sshd.client.SshClient;
18 import org.opendaylight.netconf.shaded.sshd.common.NamedFactory;
19 import org.opendaylight.netconf.shaded.sshd.common.signature.BuiltinSignatures;
20 import org.opendaylight.netconf.shaded.sshd.common.signature.Signature;
23 * A {@link ClientBuilder} which builds {@link NetconfSshClient} instances.
26 public class NetconfClientBuilder extends ClientBuilder {
27 // RFC8332 rsa-sha2-256/rsa-sha2-512 are not a part of Mina's default set of signatures for clients as of 2.5.1.
28 // Add them to ensure interop with modern highly-secured devices.
29 private static final ImmutableList<NamedFactory<Signature>> FULL_SIGNATURE_PREFERENCE =
30 Streams.concat(DEFAULT_SIGNATURE_PREFERENCE.stream(), Arrays.asList(
31 BuiltinSignatures.rsaSHA512_cert, BuiltinSignatures.rsaSHA256_cert,
32 BuiltinSignatures.rsaSHA512, BuiltinSignatures.rsaSHA256).stream())
33 .filter(BuiltinSignatures::isSupported)
35 .collect(ImmutableList.<NamedFactory<Signature>>toImmutableList());
38 public NetconfSshClient build() {
39 final SshClient client = super.build();
40 verify(client instanceof NetconfSshClient, "Unexpected client %s", client);
41 return (NetconfSshClient) client;
45 protected ClientBuilder fillWithDefaultValues() {
46 if (factory == null) {
47 factory = NetconfSshClient.DEFAULT_NETCONF_SSH_CLIENT_FACTORY;
49 if (signatureFactories == null) {
50 signatureFactories = FULL_SIGNATURE_PREFERENCE;
52 return super.fillWithDefaultValues();