X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?a=blobdiff_plain;f=netconf%2Fnetconf-ssh%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Fnetconf%2Fssh%2FSshProxyServer.java;h=406a28aee4722740fdd04364f851832d2d40a522;hb=45cfee1861924b4a8086d38079ce8cbd320386d6;hp=ab8e22228b63efca2194e2fefdff455b09b98ab1;hpb=56754e685563cf98a77e2e0772753f95165293b8;p=netconf.git diff --git a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java index ab8e22228b..406a28aee4 100644 --- a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java +++ b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java @@ -13,19 +13,16 @@ import io.netty.channel.EventLoopGroup; import java.io.IOException; import java.nio.channels.AsynchronousChannelGroup; import java.util.HashMap; -import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.concurrent.ExecutorService; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.TimeUnit; -import org.apache.sshd.SshServer; -import org.apache.sshd.common.Cipher; import org.apache.sshd.common.FactoryManager; import org.apache.sshd.common.NamedFactory; import org.apache.sshd.common.RuntimeSshException; -import org.apache.sshd.common.cipher.ARCFOUR128; -import org.apache.sshd.common.cipher.ARCFOUR256; +import org.apache.sshd.common.cipher.BuiltinCiphers; +import org.apache.sshd.common.cipher.Cipher; import org.apache.sshd.common.io.IoAcceptor; import org.apache.sshd.common.io.IoConnector; import org.apache.sshd.common.io.IoHandler; @@ -34,19 +31,15 @@ import org.apache.sshd.common.io.IoServiceFactoryFactory; import org.apache.sshd.common.io.nio2.Nio2Acceptor; import org.apache.sshd.common.io.nio2.Nio2Connector; import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory; -import org.apache.sshd.common.util.CloseableUtils; -import org.apache.sshd.server.PasswordAuthenticator; +import org.apache.sshd.common.util.closeable.AbstractCloseable; import org.apache.sshd.server.ServerFactoryManager; -import org.apache.sshd.server.session.ServerSession; +import org.apache.sshd.server.SshServer; /** * Proxy SSH server that just delegates decrypted content to a delegate server within same VM. * Implemented using Apache Mina SSH lib. */ public class SshProxyServer implements AutoCloseable { - - private static final ARCFOUR128.Factory DEFAULT_ARCFOUR128_FACTORY = new ARCFOUR128.Factory(); - private static final ARCFOUR256.Factory DEFAULT_ARCFOUR256_FACTORY = new ARCFOUR256.Factory(); private final SshServer sshServer; private final ScheduledExecutorService minaTimerExecutor; private final EventLoopGroup clientGroup; @@ -67,25 +60,22 @@ public class SshProxyServer implements AutoCloseable { //remove rc4 ciphers final List> cipherFactories = sshServer.getCipherFactories(); - for (Iterator> i = cipherFactories.iterator(); i.hasNext(); ) { - final NamedFactory factory = i.next(); - if (factory.getName().contains(DEFAULT_ARCFOUR128_FACTORY.getName()) - || factory.getName().contains(DEFAULT_ARCFOUR256_FACTORY.getName())) { - i.remove(); - } - } - sshServer.setPasswordAuthenticator(new PasswordAuthenticator() { - @Override - public boolean authenticate(final String username, final String password, final ServerSession session) { - return sshProxyServerConfiguration.getAuthenticator().authenticated(username, password); - } - }); + cipherFactories.removeIf(factory -> factory.getName().contains(BuiltinCiphers.arcfour128.getName()) + || factory.getName().contains(BuiltinCiphers.arcfour256.getName())); + sshServer.setPasswordAuthenticator( + (username, password, session) + -> sshProxyServerConfiguration.getAuthenticator().authenticated(username, password)); + + sshProxyServerConfiguration.getPublickeyAuthenticator().ifPresent(sshServer::setPublickeyAuthenticator); sshServer.setKeyPairProvider(sshProxyServerConfiguration.getKeyPairProvider()); sshServer.setIoServiceFactoryFactory(nioServiceWithPoolFactoryFactory); sshServer.setScheduledExecutorService(minaTimerExecutor); - sshServer.setProperties(getProperties(sshProxyServerConfiguration)); + sshServer.getProperties().put(ServerFactoryManager.IDLE_TIMEOUT, + String.valueOf(sshProxyServerConfiguration.getIdleTimeout())); + sshServer.getProperties().put(ServerFactoryManager.AUTH_TIMEOUT, + String.valueOf(sshProxyServerConfiguration.getIdleTimeout())); final RemoteNetconfCommand.NetconfCommandFactory netconfCommandFactory = new RemoteNetconfCommand.NetconfCommandFactory(clientGroup, @@ -104,11 +94,9 @@ public class SshProxyServer implements AutoCloseable { } @Override - public void close() { + public void close() throws IOException { try { sshServer.stop(true); - } catch (final InterruptedException e) { - throw new RuntimeException("Interrupted while stopping sshServer", e); } finally { sshServer.close(true); } @@ -117,8 +105,7 @@ public class SshProxyServer implements AutoCloseable { /** * Based on Nio2ServiceFactory with one addition: injectable executor. */ - private static final class NioServiceWithPoolFactory - extends CloseableUtils.AbstractCloseable implements IoServiceFactory { + private static final class NioServiceWithPoolFactory extends AbstractCloseable implements IoServiceFactory { private final FactoryManager manager; private final AsynchronousChannelGroup group;