*/
package org.opendaylight.controller.netconf.ssh;
+import com.google.common.base.Preconditions;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
+import java.net.Socket;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
import java.util.concurrent.atomic.AtomicLong;
+
import javax.annotation.concurrent.ThreadSafe;
-import org.opendaylight.controller.netconf.ssh.authentication.AuthProvider;
-import org.opendaylight.controller.netconf.ssh.threads.SocketThread;
-import org.opendaylight.controller.usermanager.IUserManager;
+
+import org.opendaylight.controller.netconf.auth.AuthProvider;
+import org.opendaylight.controller.netconf.ssh.threads.Handshaker;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Optional;
+
+import io.netty.channel.EventLoopGroup;
+import io.netty.channel.local.LocalAddress;
+
+/**
+ * Thread that accepts client connections. Accepted socket is forwarded to {@link org.opendaylight.controller.netconf.ssh.threads.Handshaker},
+ * which is executed in {@link #handshakeExecutor}.
+ */
@ThreadSafe
-public class NetconfSSHServer implements Runnable {
+public final class NetconfSSHServer extends Thread implements AutoCloseable {
- private ServerSocket ss = null;
- private static final Logger logger = LoggerFactory.getLogger(NetconfSSHServer.class);
- private static final AtomicLong sesssionId = new AtomicLong();
- private final InetSocketAddress clientAddress;
- private final AuthProvider authProvider;
- private boolean up = false;
+ private static final Logger logger = LoggerFactory.getLogger(NetconfSSHServer.class);
+ private static final AtomicLong sessionIdCounter = new AtomicLong();
- private NetconfSSHServer(int serverPort,InetSocketAddress clientAddress, AuthProvider authProvider) throws Exception{
+ private final ServerSocket serverSocket;
+ private final LocalAddress localAddress;
+ private final EventLoopGroup bossGroup;
+ private Optional<AuthProvider> authProvider = Optional.absent();
+ private final ExecutorService handshakeExecutor;
+ private final char[] pem;
+ private volatile boolean up;
- logger.trace("Creating SSH server socket on port {}",serverPort);
- this.ss = new ServerSocket(serverPort);
- if (!ss.isBound()){
- throw new Exception("Socket can't be bound to requested port :"+serverPort);
+ private NetconfSSHServer(final int serverPort, final LocalAddress localAddress, final EventLoopGroup bossGroup, final char[] pem) throws IOException {
+ super(NetconfSSHServer.class.getSimpleName());
+ this.bossGroup = bossGroup;
+ this.pem = pem;
+ logger.trace("Creating SSH server socket on port {}", serverPort);
+ this.serverSocket = new ServerSocket(serverPort);
+ if (serverSocket.isBound() == false) {
+ throw new IllegalStateException("Socket can't be bound to requested port :" + serverPort);
}
logger.trace("Server socket created.");
- this.clientAddress = clientAddress;
- this.authProvider = authProvider;
+ this.localAddress = localAddress;
this.up = true;
+ handshakeExecutor = Executors.newFixedThreadPool(10);
+ }
+
+ public static NetconfSSHServer start(final int serverPort, final LocalAddress localAddress, final EventLoopGroup bossGroup, final char[] pemArray) throws IOException {
+ final NetconfSSHServer netconfSSHServer = new NetconfSSHServer(serverPort, localAddress, bossGroup, pemArray);
+ netconfSSHServer.start();
+ return netconfSSHServer;
+ }
+
+ public synchronized AuthProvider getAuthProvider() {
+ Preconditions.checkState(authProvider.isPresent(), "AuthenticationProvider is not set up, cannot authenticate user");
+ return authProvider.get();
}
- public static NetconfSSHServer start(int serverPort, InetSocketAddress clientAddress,AuthProvider authProvider) throws Exception {
- return new NetconfSSHServer(serverPort, clientAddress,authProvider);
+ public synchronized void setAuthProvider(final AuthProvider authProvider) {
+ if(this.authProvider != null) {
+ logger.debug("Changing auth provider to {}", authProvider);
+ }
+ this.authProvider = Optional.fromNullable(authProvider);
}
- public void stop() throws Exception {
+ @Override
+ public void close() throws IOException {
up = false;
logger.trace("Closing SSH server socket.");
- ss.close();
+ serverSocket.close();
+ bossGroup.shutdownGracefully();
logger.trace("SSH server socket closed.");
}
- public void removeUserManagerService(){
- this.authProvider.removeUserManagerService();
+ @VisibleForTesting
+ public InetSocketAddress getLocalSocketAddress() {
+ return (InetSocketAddress) serverSocket.getLocalSocketAddress();
}
- public void addUserManagerService(IUserManager userManagerService){
- this.authProvider.addUserManagerService(userManagerService);
- }
- public boolean isUp(){
- return this.up;
- }
@Override
public void run() {
while (up) {
- logger.trace("Starting new socket thread.");
+ Socket acceptedSocket = null;
try {
- SocketThread.start(ss.accept(), clientAddress, sesssionId.incrementAndGet(),authProvider);
- } catch (IOException e) {
- e.printStackTrace(); //To change body of catch statement use File | Settings | File Templates.
+ acceptedSocket = serverSocket.accept();
+ } catch (final IOException e) {
+ if (up == false) {
+ logger.trace("Exiting server thread", e);
+ } else {
+ logger.warn("Exception occurred during socket.accept", e);
+ }
+ }
+ if (acceptedSocket != null) {
+ try {
+ final Handshaker task = new Handshaker(acceptedSocket, localAddress, sessionIdCounter.incrementAndGet(), getAuthProvider(), bossGroup, pem);
+ handshakeExecutor.submit(task);
+ } catch (final IOException e) {
+ logger.warn("Cannot set PEMHostKey, closing connection", e);
+ closeSocket(acceptedSocket);
+ } catch (final IllegalStateException e) {
+ logger.warn("Cannot accept connection, closing", e);
+ closeSocket(acceptedSocket);
+ }
}
}
+ logger.debug("Server thread is exiting");
}
+
+ private void closeSocket(final Socket acceptedSocket) {
+ try {
+ acceptedSocket.close();
+ } catch (final IOException e) {
+ logger.warn("Ignoring exception while closing socket", e);
+ }
+ }
+
}