The key exchange structure is torn down immediately after
KeyEstablished callback returns, hence we need to capture
the server key before returning.
JIRA: NETCONF-614
Change-Id: Iebe69fe374a766f1502325cb610eed8dadb5f099
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
import org.apache.sshd.client.future.AuthFuture;
import org.apache.sshd.client.keyverifier.ServerKeyVerifier;
import org.apache.sshd.client.session.ClientSession;
import org.apache.sshd.client.future.AuthFuture;
import org.apache.sshd.client.keyverifier.ServerKeyVerifier;
import org.apache.sshd.client.session.ClientSession;
-import org.apache.sshd.client.session.ClientSessionImpl;
import org.apache.sshd.client.session.SessionFactory;
import org.apache.sshd.common.future.SshFutureListener;
import org.apache.sshd.common.io.IoAcceptor;
import org.apache.sshd.common.io.IoServiceFactory;
import org.apache.sshd.client.session.SessionFactory;
import org.apache.sshd.common.future.SshFutureListener;
import org.apache.sshd.common.io.IoAcceptor;
import org.apache.sshd.common.io.IoServiceFactory;
-import org.apache.sshd.common.kex.KeyExchange;
import org.apache.sshd.common.session.Session;
import org.apache.sshd.common.session.SessionListener;
import org.apache.sshd.netty.NettyIoServiceFactory;
import org.apache.sshd.common.session.Session;
import org.apache.sshd.common.session.SessionListener;
import org.apache.sshd.netty.NettyIoServiceFactory;
}
private SshFutureListener<AuthFuture> newAuthSshFutureListener(final ClientSession session) {
}
private SshFutureListener<AuthFuture> newAuthSshFutureListener(final ClientSession session) {
+ final PublicKey serverKey = session.getKex().getServerKey();
+
return new SshFutureListener<AuthFuture>() {
@Override
public void operationComplete(final AuthFuture authFuture) {
return new SshFutureListener<AuthFuture>() {
@Override
public void operationComplete(final AuthFuture authFuture) {
}
private void onFailure(final Throwable throwable) {
}
private void onFailure(final Throwable throwable) {
- ClientSessionImpl impl = (ClientSessionImpl) session;
LOG.error("Authorize failed for session {}", session, throwable);
LOG.error("Authorize failed for session {}", session, throwable);
-
- KeyExchange kex = impl.getKex();
- PublicKey key = kex.getServerKey();
- recorder.reportFailedAuth(key);
-
+ recorder.reportFailedAuth(serverKey);
import org.apache.sshd.common.io.IoAcceptor;
import org.apache.sshd.common.io.IoHandler;
import org.apache.sshd.common.io.IoServiceFactory;
import org.apache.sshd.common.io.IoAcceptor;
import org.apache.sshd.common.io.IoHandler;
import org.apache.sshd.common.io.IoServiceFactory;
+import org.apache.sshd.common.kex.KeyExchange;
import org.apache.sshd.common.session.Session;
import org.apache.sshd.common.session.SessionListener;
import org.junit.AfterClass;
import org.apache.sshd.common.session.Session;
import org.apache.sshd.common.session.SessionListener;
import org.junit.AfterClass;
CallHomeSessionContext mockContext = mock(CallHomeSessionContext.class);
doNothing().when(mockContext).openNetconfChannel();
doReturn(mockContext).when(mockSession).getAttribute(any(Session.AttributeKey.class));
CallHomeSessionContext mockContext = mock(CallHomeSessionContext.class);
doNothing().when(mockContext).openNetconfChannel();
doReturn(mockContext).when(mockSession).getAttribute(any(Session.AttributeKey.class));
+
+ final KeyExchange kex = mock(KeyExchange.class);
+ doReturn(kex).when(mockSession).getKex();
+ final PublicKey serverKey = mock(PublicKey.class);
+ doReturn(serverKey).when(kex).getServerKey();
+
SessionListener listener = instance.createSessionListener();
doReturn(mockAuthFuture).when(mockContext).authorize();
// when
SessionListener listener = instance.createSessionListener();
doReturn(mockAuthFuture).when(mockContext).authorize();
// when
for (Device device : getDevicesAsList()) {
String keyString = device.getSshHostKey();
for (Device device : getDevicesAsList()) {
String keyString = device.getSshHostKey();
+ if (keyString == null) {
+ LOG.info("Whitelist device {} does not have a host key, skipping it", device.getUniqueId());
+ continue;
+ }
try {
PublicKey pubKey = decoder.decodePublicKey(keyString);
try {
PublicKey pubKey = decoder.decodePublicKey(keyString);