Code Review / netconf.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Adjust to yangtools-2.0.0/odlparent-3.0.0 changes
[netconf.git] / netconf / netconf-ssh / src / main / java / org / opendaylight / netconf / ssh / SshProxyServer.java
diff --git a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java
index ab8e22228b63efca2194e2fefdff455b09b98ab1..406a28aee4722740fdd04364f851832d2d40a522 100644 (file)
--- a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java
+++ b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java
@@ -13,19 +13,16 @@ import io.netty.channel.EventLoopGroup;
 import java.io.IOException;
 import java.nio.channels.AsynchronousChannelGroup;
 import java.util.HashMap;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.TimeUnit;
-import org.apache.sshd.SshServer;
-import org.apache.sshd.common.Cipher;
 import org.apache.sshd.common.FactoryManager;
 import org.apache.sshd.common.NamedFactory;
 import org.apache.sshd.common.RuntimeSshException;
-import org.apache.sshd.common.cipher.ARCFOUR128;
-import org.apache.sshd.common.cipher.ARCFOUR256;
+import org.apache.sshd.common.cipher.BuiltinCiphers;
+import org.apache.sshd.common.cipher.Cipher;
 import org.apache.sshd.common.io.IoAcceptor;
 import org.apache.sshd.common.io.IoConnector;
 import org.apache.sshd.common.io.IoHandler;
@@ -34,19 +31,15 @@ import org.apache.sshd.common.io.IoServiceFactoryFactory;
 import org.apache.sshd.common.io.nio2.Nio2Acceptor;
 import org.apache.sshd.common.io.nio2.Nio2Connector;
 import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory;
-import org.apache.sshd.common.util.CloseableUtils;
-import org.apache.sshd.server.PasswordAuthenticator;
+import org.apache.sshd.common.util.closeable.AbstractCloseable;
 import org.apache.sshd.server.ServerFactoryManager;
-import org.apache.sshd.server.session.ServerSession;
+import org.apache.sshd.server.SshServer;
 
 /**
  * Proxy SSH server that just delegates decrypted content to a delegate server within same VM.
  * Implemented using Apache Mina SSH lib.
  */
 public class SshProxyServer implements AutoCloseable {
-
-    private static final ARCFOUR128.Factory DEFAULT_ARCFOUR128_FACTORY = new ARCFOUR128.Factory();
-    private static final ARCFOUR256.Factory DEFAULT_ARCFOUR256_FACTORY = new ARCFOUR256.Factory();
     private final SshServer sshServer;
     private final ScheduledExecutorService minaTimerExecutor;
     private final EventLoopGroup clientGroup;
@@ -67,25 +60,22 @@ public class SshProxyServer implements AutoCloseable {
 
         //remove rc4 ciphers
         final List<NamedFactory<Cipher>> cipherFactories = sshServer.getCipherFactories();
-        for (Iterator<NamedFactory<Cipher>> i = cipherFactories.iterator(); i.hasNext(); ) {
-            final NamedFactory<Cipher> factory = i.next();
-            if (factory.getName().contains(DEFAULT_ARCFOUR128_FACTORY.getName())
-                    || factory.getName().contains(DEFAULT_ARCFOUR256_FACTORY.getName())) {
-                i.remove();
-            }
-        }
-        sshServer.setPasswordAuthenticator(new PasswordAuthenticator() {
-            @Override
-            public boolean authenticate(final String username, final String password, final ServerSession session) {
-                return sshProxyServerConfiguration.getAuthenticator().authenticated(username, password);
-            }
-        });
+        cipherFactories.removeIf(factory -> factory.getName().contains(BuiltinCiphers.arcfour128.getName())
+                || factory.getName().contains(BuiltinCiphers.arcfour256.getName()));
+        sshServer.setPasswordAuthenticator(
+            (username, password, session)
+                -> sshProxyServerConfiguration.getAuthenticator().authenticated(username, password));
+
+        sshProxyServerConfiguration.getPublickeyAuthenticator().ifPresent(sshServer::setPublickeyAuthenticator);
 
         sshServer.setKeyPairProvider(sshProxyServerConfiguration.getKeyPairProvider());
 
         sshServer.setIoServiceFactoryFactory(nioServiceWithPoolFactoryFactory);
         sshServer.setScheduledExecutorService(minaTimerExecutor);
-        sshServer.setProperties(getProperties(sshProxyServerConfiguration));
+        sshServer.getProperties().put(ServerFactoryManager.IDLE_TIMEOUT,
+            String.valueOf(sshProxyServerConfiguration.getIdleTimeout()));
+        sshServer.getProperties().put(ServerFactoryManager.AUTH_TIMEOUT,
+            String.valueOf(sshProxyServerConfiguration.getIdleTimeout()));
 
         final RemoteNetconfCommand.NetconfCommandFactory netconfCommandFactory =
                 new RemoteNetconfCommand.NetconfCommandFactory(clientGroup,
@@ -104,11 +94,9 @@ public class SshProxyServer implements AutoCloseable {
     }
 
     @Override
-    public void close() {
+    public void close() throws IOException {
         try {
             sshServer.stop(true);
-        } catch (final InterruptedException e) {
-            throw new RuntimeException("Interrupted while stopping sshServer", e);
         } finally {
             sshServer.close(true);
         }
@@ -117,8 +105,7 @@ public class SshProxyServer implements AutoCloseable {
     /**
      * Based on Nio2ServiceFactory with one addition: injectable executor.
      */
-    private static final class NioServiceWithPoolFactory
-            extends CloseableUtils.AbstractCloseable implements IoServiceFactory {
+    private static final class NioServiceWithPoolFactory extends AbstractCloseable implements IoServiceFactory {
 
         private final FactoryManager manager;
         private final AsynchronousChannelGroup group;
Netconf