From f990725f60462f42859c1691a2a1194a585b48ab Mon Sep 17 00:00:00 2001 From: Tomas Cere Date: Wed, 27 Jul 2016 13:12:03 +0200 Subject: [PATCH] Revert "Bump apache mina to 1.2.0" This reverts commit 3911a32461cf5817787c807cad676d4164f0cbd4. Change-Id: Ia4cdf9a281706157933326f7e8de1ef95bcbb6a6 Signed-off-by: Tomas Cere --- features/netconf/pom.xml | 2 +- .../client/SshClientChannelInitializer.java | 17 +++++--- .../NetconfServerSessionNegotiatorTest.java | 2 +- netconf/netconf-netty-util/pom.xml | 2 +- .../authentication/AuthenticationHandler.java | 2 +- .../ssh/authentication/LoginPassword.java | 2 +- .../handler/ssh/client/AsyncSshHandler.java | 37 +++++++++++------- .../ssh/client/AsyncSshHandlerReader.java | 7 ++-- .../ssh/client/AsyncSshHandlerWriter.java | 10 ++--- .../ssh/authentication/LoginPasswordTest.java | 3 +- .../ssh/client/AsyncSshHandlerTest.java | 14 +++---- .../ssh/NetconfNorthboundSshModule.java | 19 ++++----- .../netconf/ssh/SshProxyServer.java | 39 ++++++++++++------- .../ssh/SshProxyServerConfiguration.java | 2 +- .../SshProxyServerConfigurationBuilder.java | 2 +- .../netconf/ssh/osgi/NetconfSSHActivator.java | 23 ++++------- .../opendaylight/netconf/netty/SSHTest.java | 14 +++---- .../ssh/authentication/SSHServerTest.java | 22 +++++------ .../test/tool/NetconfDeviceSimulator.java | 30 ++++++-------- 19 files changed, 123 insertions(+), 126 deletions(-) diff --git a/features/netconf/pom.xml b/features/netconf/pom.xml index 03ab3be488..3e0a88d708 100644 --- a/features/netconf/pom.xml +++ b/features/netconf/pom.xml @@ -23,7 +23,7 @@ 1.1.0-SNAPSHOT 0.8.0-SNAPSHOT 1.0.0-SNAPSHOT - 1.2.0 + 0.14.0 etc/opendaylight/karaf 01-netconf.xml diff --git a/netconf/netconf-client/src/main/java/org/opendaylight/netconf/client/SshClientChannelInitializer.java b/netconf/netconf-client/src/main/java/org/opendaylight/netconf/client/SshClientChannelInitializer.java index d1ee713ac0..fd335304c0 100644 --- a/netconf/netconf-client/src/main/java/org/opendaylight/netconf/client/SshClientChannelInitializer.java +++ b/netconf/netconf-client/src/main/java/org/opendaylight/netconf/client/SshClientChannelInitializer.java @@ -9,6 +9,7 @@ package org.opendaylight.netconf.client; import io.netty.channel.Channel; import io.netty.util.concurrent.Promise; +import java.io.IOException; import org.opendaylight.netconf.nettyutil.AbstractChannelInitializer; import org.opendaylight.netconf.nettyutil.handler.ssh.authentication.AuthenticationHandler; import org.opendaylight.netconf.nettyutil.handler.ssh.client.AsyncSshHandler; @@ -20,9 +21,9 @@ final class SshClientChannelInitializer extends AbstractChannelInitializer promise) { - // ssh handler has to be the first handler in pipeline - ch.pipeline().addFirst(AsyncSshHandler.createForNetconfSubsystem(authenticationHandler, promise)); - super.initialize(ch,promise); + try { + // ssh handler has to be the first handler in pipeline + ch.pipeline().addFirst(AsyncSshHandler.createForNetconfSubsystem(authenticationHandler, promise)); + super.initialize(ch,promise); + } catch (final IOException e) { + throw new RuntimeException(e); + } } @Override diff --git a/netconf/netconf-impl/src/test/java/org/opendaylight/netconf/impl/NetconfServerSessionNegotiatorTest.java b/netconf/netconf-impl/src/test/java/org/opendaylight/netconf/impl/NetconfServerSessionNegotiatorTest.java index 36a5d25a4c..78931f19bc 100644 --- a/netconf/netconf-impl/src/test/java/org/opendaylight/netconf/impl/NetconfServerSessionNegotiatorTest.java +++ b/netconf/netconf-impl/src/test/java/org/opendaylight/netconf/impl/NetconfServerSessionNegotiatorTest.java @@ -13,7 +13,7 @@ import static org.junit.Assert.assertNotNull; import io.netty.channel.local.LocalAddress; import java.net.InetSocketAddress; -import org.apache.sshd.common.util.net.SshdSocketAddress; +import org.apache.sshd.common.SshdSocketAddress; import org.junit.Test; public class NetconfServerSessionNegotiatorTest { diff --git a/netconf/netconf-netty-util/pom.xml b/netconf/netconf-netty-util/pom.xml index a99e7ac35c..4ac2772ca3 100644 --- a/netconf/netconf-netty-util/pom.xml +++ b/netconf/netconf-netty-util/pom.xml @@ -86,7 +86,7 @@ org.apache.sshd sshd-core - 1.2.0 + 0.14.0 openexi diff --git a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/AuthenticationHandler.java b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/AuthenticationHandler.java index fad14ebdec..c6c417f7d0 100644 --- a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/AuthenticationHandler.java +++ b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/AuthenticationHandler.java @@ -9,7 +9,7 @@ package org.opendaylight.netconf.nettyutil.handler.ssh.authentication; import java.io.IOException; -import org.apache.sshd.client.session.ClientSession; +import org.apache.sshd.ClientSession; /** * Class providing authentication facility to SSH handler. diff --git a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/LoginPassword.java b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/LoginPassword.java index c0e78e7e69..6219f91b2d 100644 --- a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/LoginPassword.java +++ b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/authentication/LoginPassword.java @@ -9,8 +9,8 @@ package org.opendaylight.netconf.nettyutil.handler.ssh.authentication; import java.io.IOException; +import org.apache.sshd.ClientSession; import org.apache.sshd.client.future.AuthFuture; -import org.apache.sshd.client.session.ClientSession; /** * Class Providing username/password authentication option to diff --git a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/client/AsyncSshHandler.java b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/client/AsyncSshHandler.java index 05cb0eb3e8..cb642c1a99 100644 --- a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/client/AsyncSshHandler.java +++ b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/client/AsyncSshHandler.java @@ -17,13 +17,14 @@ import io.netty.util.concurrent.Future; import io.netty.util.concurrent.GenericFutureListener; import java.io.IOException; import java.net.SocketAddress; -import org.apache.sshd.client.SshClient; -import org.apache.sshd.client.channel.ClientChannel; +import java.util.HashMap; +import java.util.Map; +import org.apache.sshd.ClientChannel; +import org.apache.sshd.ClientSession; +import org.apache.sshd.SshClient; import org.apache.sshd.client.future.AuthFuture; import org.apache.sshd.client.future.ConnectFuture; import org.apache.sshd.client.future.OpenFuture; -import org.apache.sshd.client.session.ClientSession; -import org.apache.sshd.client.session.ClientSessionCreator; import org.apache.sshd.common.future.CloseFuture; import org.apache.sshd.common.future.SshFutureListener; import org.opendaylight.netconf.nettyutil.handler.ssh.authentication.AuthenticationHandler; @@ -44,9 +45,13 @@ public class AsyncSshHandler extends ChannelOutboundHandlerAdapter { public static final SshClient DEFAULT_CLIENT; static { + final Map props = new HashMap<>(); + props.put(SshClient.AUTH_TIMEOUT, Long.toString(DEFAULT_TIMEOUT)); + props.put(SshClient.IDLE_TIMEOUT, Long.toString(DEFAULT_TIMEOUT)); + final SshClient c = SshClient.setUpDefaultClient(); - c.getProperties().put(SshClient.AUTH_TIMEOUT, Long.toString(DEFAULT_TIMEOUT)); - c.getProperties().put(SshClient.IDLE_TIMEOUT, Long.toString(DEFAULT_TIMEOUT)); + + c.setProperties(props); // TODO make configurable, or somehow reuse netty threadpool c.setNioWorkers(SSH_DEFAULT_NIO_WORKERS); c.start(); @@ -54,7 +59,7 @@ public class AsyncSshHandler extends ChannelOutboundHandlerAdapter { } private final AuthenticationHandler authenticationHandler; - private final ClientSessionCreator sshClient; + private final SshClient sshClient; private Future negotiationFuture; private AsyncSshHandlerReader sshReadAsyncListener; @@ -65,8 +70,8 @@ public class AsyncSshHandler extends ChannelOutboundHandlerAdapter { private ChannelPromise connectPromise; private GenericFutureListener negotiationFutureListener; - public AsyncSshHandler(final AuthenticationHandler authenticationHandler, final ClientSessionCreator sshClient, - final Future negotiationFuture) { + public AsyncSshHandler(final AuthenticationHandler authenticationHandler, final SshClient sshClient, + final Future negotiationFuture) throws IOException { this(authenticationHandler, sshClient); this.negotiationFuture = negotiationFuture; } @@ -75,31 +80,33 @@ public class AsyncSshHandler extends ChannelOutboundHandlerAdapter { * * @param authenticationHandler * @param sshClient started SshClient + * @throws IOException */ - public AsyncSshHandler(final AuthenticationHandler authenticationHandler, final ClientSessionCreator sshClient) { + public AsyncSshHandler(final AuthenticationHandler authenticationHandler, final SshClient sshClient) throws IOException { this.authenticationHandler = Preconditions.checkNotNull(authenticationHandler); this.sshClient = Preconditions.checkNotNull(sshClient); } - public static AsyncSshHandler createForNetconfSubsystem(final AuthenticationHandler authenticationHandler) { + public static AsyncSshHandler createForNetconfSubsystem(final AuthenticationHandler authenticationHandler) throws IOException { return new AsyncSshHandler(authenticationHandler, DEFAULT_CLIENT); } /** * - * Create AsyncSshHandler for netconf subsystem. Negotiation future has to be set to success after successful - * NETCONF negotiation. + * Create AsyncSshHandler for netconf subsystem. Negotiation future has to be set to success after successful netconf + * negotiation. * * @param authenticationHandler * @param negotiationFuture * @return + * @throws IOException */ public static AsyncSshHandler createForNetconfSubsystem(final AuthenticationHandler authenticationHandler, - final Future negotiationFuture) { + final Future negotiationFuture) throws IOException { return new AsyncSshHandler(authenticationHandler, DEFAULT_CLIENT, negotiationFuture); } - private void startSsh(final ChannelHandlerContext ctx, final SocketAddress address) throws IOException { + private void startSsh(final ChannelHandlerContext ctx, final SocketAddress address) { LOG.debug("Starting SSH to {} on channel: {}", address, ctx.channel()); final ConnectFuture sshConnectionFuture = sshClient.connect(authenticationHandler.getUsername(), address); diff --git a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/client/AsyncSshHandlerReader.java b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/client/AsyncSshHandlerReader.java index f0b713bfd0..a6da457153 100644 --- a/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/client/AsyncSshHandlerReader.java +++ b/netconf/netconf-netty-util/src/main/java/org/opendaylight/netconf/nettyutil/handler/ssh/client/AsyncSshHandlerReader.java @@ -13,8 +13,7 @@ import io.netty.buffer.Unpooled; import org.apache.sshd.common.future.SshFutureListener; import org.apache.sshd.common.io.IoInputStream; import org.apache.sshd.common.io.IoReadFuture; -import org.apache.sshd.common.util.buffer.Buffer; -import org.apache.sshd.common.util.buffer.ByteArrayBuffer; +import org.apache.sshd.common.util.Buffer; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -41,7 +40,7 @@ public final class AsyncSshHandlerReader implements SshFutureListener() { @@ -501,7 +501,7 @@ public class AsyncSshHandlerTest { doReturn(null).when(ioReadFuture).getException(); doReturn(ioReadFuture).when(ioReadFuture).removeListener(Matchers.>any()); doReturn(5).when(ioReadFuture).getRead(); - doReturn(new ByteArrayBuffer(new byte[]{0, 1, 2, 3, 4})).when(ioReadFuture).getBuffer(); + doReturn(new Buffer(new byte[]{0, 1, 2, 3, 4})).when(ioReadFuture).getBuffer(); doReturn(ioReadFuture).when(ioReadFuture).addListener(Matchers.>any()); // Always success for read diff --git a/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/config/yang/netconf/northbound/ssh/NetconfNorthboundSshModule.java b/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/config/yang/netconf/northbound/ssh/NetconfNorthboundSshModule.java index 03942fb86a..be457f961d 100644 --- a/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/config/yang/netconf/northbound/ssh/NetconfNorthboundSshModule.java +++ b/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/config/yang/netconf/northbound/ssh/NetconfNorthboundSshModule.java @@ -16,25 +16,22 @@ import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.UnknownHostException; import java.util.concurrent.Executors; -import org.apache.sshd.common.util.SecurityUtils; -import org.opendaylight.controller.config.api.DependencyResolver; -import org.opendaylight.controller.config.api.ModuleIdentifier; +import org.apache.sshd.server.keyprovider.PEMGeneratorHostKeyProvider; import org.opendaylight.netconf.api.NetconfServerDispatcher; import org.opendaylight.netconf.ssh.SshProxyServer; import org.opendaylight.netconf.ssh.SshProxyServerConfigurationBuilder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -public class NetconfNorthboundSshModule extends AbstractNetconfNorthboundSshModule { +public class NetconfNorthboundSshModule extends org.opendaylight.controller.config.yang.netconf.northbound.ssh.AbstractNetconfNorthboundSshModule { private static final Logger LOG = LoggerFactory.getLogger(NetconfNorthboundSshModule.class); - public NetconfNorthboundSshModule(final ModuleIdentifier identifier, final DependencyResolver dependencyResolver) { + public NetconfNorthboundSshModule(final org.opendaylight.controller.config.api.ModuleIdentifier identifier, final org.opendaylight.controller.config.api.DependencyResolver dependencyResolver) { super(identifier, dependencyResolver); } - public NetconfNorthboundSshModule(final ModuleIdentifier identifier, final DependencyResolver dependencyResolver, - final NetconfNorthboundSshModule oldModule, final java.lang.AutoCloseable oldInstance) { + public NetconfNorthboundSshModule(final org.opendaylight.controller.config.api.ModuleIdentifier identifier, final org.opendaylight.controller.config.api.DependencyResolver dependencyResolver, final org.opendaylight.controller.config.yang.netconf.northbound.ssh.NetconfNorthboundSshModule oldModule, final java.lang.AutoCloseable oldInstance) { super(identifier, dependencyResolver, oldModule, oldInstance); } @@ -50,8 +47,7 @@ public class NetconfNorthboundSshModule extends AbstractNetconfNorthboundSshModu final LocalAddress localAddress = new LocalAddress(getPort().toString()); final ChannelFuture localServer = dispatch.createLocalServer(localAddress); - final SshProxyServer sshProxyServer = new SshProxyServer(Executors.newScheduledThreadPool(1), - getWorkerThreadGroupDependency(), getEventExecutorDependency()); + final SshProxyServer sshProxyServer = new SshProxyServer(Executors.newScheduledThreadPool(1), getWorkerThreadGroupDependency(), getEventExecutorDependency()); final InetSocketAddress bindingAddress = getInetAddress(); final SshProxyServerConfigurationBuilder sshProxyServerConfigurationBuilder = new SshProxyServerConfigurationBuilder(); @@ -59,7 +55,7 @@ public class NetconfNorthboundSshModule extends AbstractNetconfNorthboundSshModu sshProxyServerConfigurationBuilder.setLocalAddress(localAddress); sshProxyServerConfigurationBuilder.setAuthenticator(getAuthProviderDependency()); sshProxyServerConfigurationBuilder.setIdleTimeout(Integer.MAX_VALUE); - sshProxyServerConfigurationBuilder.setKeyPairProvider(SecurityUtils.createGeneratorHostKeyProvider(null)); + sshProxyServerConfigurationBuilder.setKeyPairProvider(new PEMGeneratorHostKeyProvider()); localServer.addListener(new GenericFutureListener() { @@ -84,8 +80,7 @@ public class NetconfNorthboundSshModule extends AbstractNetconfNorthboundSshModu private InetSocketAddress getInetAddress() { try { - final InetAddress inetAd = InetAddress.getByName(getBindingAddress().getIpv4Address() == null ? - getBindingAddress().getIpv6Address().getValue() : getBindingAddress().getIpv4Address().getValue()); + final InetAddress inetAd = InetAddress.getByName(getBindingAddress().getIpv4Address() == null ? getBindingAddress().getIpv6Address().getValue() : getBindingAddress().getIpv4Address().getValue()); return new InetSocketAddress(inetAd, getPort().getValue()); } catch (final UnknownHostException e) { throw new IllegalArgumentException("Unable to bind netconf endpoint to address " + getBindingAddress(), e); diff --git a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java index 988ba35854..9fa4bb33ab 100644 --- a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java +++ b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServer.java @@ -12,16 +12,20 @@ import com.google.common.collect.ImmutableList; import io.netty.channel.EventLoopGroup; import java.io.IOException; import java.nio.channels.AsynchronousChannelGroup; +import java.util.HashMap; import java.util.Iterator; import java.util.List; +import java.util.Map; import java.util.concurrent.ExecutorService; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.TimeUnit; +import org.apache.sshd.SshServer; +import org.apache.sshd.common.Cipher; import org.apache.sshd.common.FactoryManager; import org.apache.sshd.common.NamedFactory; import org.apache.sshd.common.RuntimeSshException; -import org.apache.sshd.common.cipher.BuiltinCiphers; -import org.apache.sshd.common.cipher.Cipher; +import org.apache.sshd.common.cipher.ARCFOUR128; +import org.apache.sshd.common.cipher.ARCFOUR256; import org.apache.sshd.common.io.IoAcceptor; import org.apache.sshd.common.io.IoConnector; import org.apache.sshd.common.io.IoHandler; @@ -30,10 +34,9 @@ import org.apache.sshd.common.io.IoServiceFactoryFactory; import org.apache.sshd.common.io.nio2.Nio2Acceptor; import org.apache.sshd.common.io.nio2.Nio2Connector; import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory; -import org.apache.sshd.common.util.closeable.AbstractCloseable; +import org.apache.sshd.common.util.CloseableUtils; +import org.apache.sshd.server.PasswordAuthenticator; import org.apache.sshd.server.ServerFactoryManager; -import org.apache.sshd.server.SshServer; -import org.apache.sshd.server.auth.password.PasswordAuthenticator; import org.apache.sshd.server.session.ServerSession; /** @@ -42,6 +45,8 @@ import org.apache.sshd.server.session.ServerSession; */ public class SshProxyServer implements AutoCloseable { + private static final ARCFOUR128.Factory DEFAULT_ARCFOUR128_FACTORY = new ARCFOUR128.Factory(); + private static final ARCFOUR256.Factory DEFAULT_ARCFOUR256_FACTORY = new ARCFOUR256.Factory(); private final SshServer sshServer; private final ScheduledExecutorService minaTimerExecutor; private final EventLoopGroup clientGroup; @@ -62,8 +67,8 @@ public class SshProxyServer implements AutoCloseable { final List> cipherFactories = sshServer.getCipherFactories(); for (Iterator> i = cipherFactories.iterator(); i.hasNext(); ) { final NamedFactory factory = i.next(); - if (factory.getName().contains(BuiltinCiphers.arcfour128.getName()) - || factory.getName().contains(BuiltinCiphers.arcfour256.getName())) { + if (factory.getName().contains(DEFAULT_ARCFOUR128_FACTORY.getName()) + || factory.getName().contains(DEFAULT_ARCFOUR256_FACTORY.getName())) { i.remove(); } } @@ -78,10 +83,7 @@ public class SshProxyServer implements AutoCloseable { sshServer.setIoServiceFactoryFactory(nioServiceWithPoolFactoryFactory); sshServer.setScheduledExecutorService(minaTimerExecutor); - sshServer.getProperties().put(ServerFactoryManager.IDLE_TIMEOUT, - String.valueOf(sshProxyServerConfiguration.getIdleTimeout())); - sshServer.getProperties().put(ServerFactoryManager.AUTH_TIMEOUT, - String.valueOf(sshProxyServerConfiguration.getIdleTimeout())); + sshServer.setProperties(getProperties(sshProxyServerConfiguration)); final RemoteNetconfCommand.NetconfCommandFactory netconfCommandFactory = new RemoteNetconfCommand.NetconfCommandFactory(clientGroup, sshProxyServerConfiguration.getLocalAddress()); @@ -89,10 +91,21 @@ public class SshProxyServer implements AutoCloseable { sshServer.start(); } + private static Map getProperties(final SshProxyServerConfiguration sshProxyServerConfiguration) { + final Map ret = new HashMap<>(); + ret.put(ServerFactoryManager.IDLE_TIMEOUT, String.valueOf(sshProxyServerConfiguration.getIdleTimeout())); + // TODO make auth timeout configurable on its own + ret.put(ServerFactoryManager.AUTH_TIMEOUT, String.valueOf(sshProxyServerConfiguration.getIdleTimeout())); + + return ret; + } + @Override - public void close() throws IOException { + public void close() { try { sshServer.stop(true); + } catch (final InterruptedException e) { + throw new RuntimeException("Interrupted while stopping sshServer", e); } finally { sshServer.close(true); } @@ -101,7 +114,7 @@ public class SshProxyServer implements AutoCloseable { /** * Based on Nio2ServiceFactory with one addition: injectable executor */ - private static final class NioServiceWithPoolFactory extends AbstractCloseable implements IoServiceFactory { + private static final class NioServiceWithPoolFactory extends CloseableUtils.AbstractCloseable implements IoServiceFactory { private final FactoryManager manager; private final AsynchronousChannelGroup group; diff --git a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServerConfiguration.java b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServerConfiguration.java index 89089d2c0c..55b54862d2 100644 --- a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServerConfiguration.java +++ b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServerConfiguration.java @@ -11,7 +11,7 @@ package org.opendaylight.netconf.ssh; import com.google.common.base.Preconditions; import io.netty.channel.local.LocalAddress; import java.net.InetSocketAddress; -import org.apache.sshd.common.keyprovider.KeyPairProvider; +import org.apache.sshd.common.KeyPairProvider; import org.opendaylight.netconf.auth.AuthProvider; public final class SshProxyServerConfiguration { diff --git a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServerConfigurationBuilder.java b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServerConfigurationBuilder.java index 4b7f432927..14b00b462d 100644 --- a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServerConfigurationBuilder.java +++ b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/SshProxyServerConfigurationBuilder.java @@ -10,7 +10,7 @@ package org.opendaylight.netconf.ssh; import io.netty.channel.local.LocalAddress; import java.net.InetSocketAddress; -import org.apache.sshd.common.keyprovider.KeyPairProvider; +import org.apache.sshd.common.KeyPairProvider; import org.opendaylight.netconf.auth.AuthProvider; public final class SshProxyServerConfigurationBuilder { diff --git a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/osgi/NetconfSSHActivator.java b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/osgi/NetconfSSHActivator.java index 4e9d7c8a19..9cbfac1580 100644 --- a/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/osgi/NetconfSSHActivator.java +++ b/netconf/netconf-ssh/src/main/java/org/opendaylight/netconf/ssh/osgi/NetconfSSHActivator.java @@ -10,16 +10,14 @@ package org.opendaylight.netconf.ssh.osgi; import com.google.common.base.Optional; import io.netty.channel.local.LocalAddress; import io.netty.channel.nio.NioEventLoopGroup; -import java.io.File; import java.io.IOException; import java.net.InetSocketAddress; import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.ThreadFactory; -import org.apache.sshd.common.util.SecurityUtils; -import org.apache.sshd.common.util.threads.ThreadUtils; -import org.apache.sshd.server.keyprovider.AbstractGeneratorHostKeyProvider; +import org.apache.sshd.common.util.ThreadUtils; +import org.apache.sshd.server.keyprovider.PEMGeneratorHostKeyProvider; import org.opendaylight.netconf.ssh.SshProxyServer; import org.opendaylight.netconf.ssh.SshProxyServerConfigurationBuilder; import org.opendaylight.netconf.util.osgi.NetconfConfigUtil; @@ -63,19 +61,19 @@ public class NetconfSSHActivator implements BundleActivator { server.close(); } - if (authProviderTracker != null) { + if(authProviderTracker != null) { authProviderTracker.stop(); } - if (nioExecutor!=null) { + if(nioExecutor!=null) { nioExecutor.shutdownNow(); } - if (clientGroup != null) { + if(clientGroup != null) { clientGroup.shutdownGracefully(); } - if (minaTimerExecutor != null) { + if(minaTimerExecutor != null) { minaTimerExecutor.shutdownNow(); } } @@ -94,7 +92,7 @@ public class NetconfSSHActivator implements BundleActivator { authProviderTracker = new AuthProviderTracker(bundleContext); final Optional maybePath = NetconfConfigUtil.getPrivateKeyPath(bundleContext); - if (!maybePath.isPresent()) { + if(!maybePath.isPresent()) { LOG.warn("Private key path not configured. Using default value {}", NetconfConfigUtil.DEFAULT_PRIVATE_KEY_PATH); } @@ -102,17 +100,12 @@ public class NetconfSSHActivator implements BundleActivator { LOG.trace("Starting netconf SSH bridge with path to ssh private key {}", path); final SshProxyServer sshProxyServer = new SshProxyServer(minaTimerExecutor, clientGroup, nioExecutor); - final AbstractGeneratorHostKeyProvider keyPairProvider = SecurityUtils.createGeneratorHostKeyProvider(null); - keyPairProvider.setAlgorithm(ALGORITHM); - keyPairProvider.setKeySize(KEY_SIZE); - keyPairProvider.setFile(new File(path)); - sshProxyServer.bind( new SshProxyServerConfigurationBuilder() .setBindingAddress(sshSocketAddress) .setLocalAddress(localAddress) .setAuthenticator(authProviderTracker) - .setKeyPairProvider(keyPairProvider) + .setKeyPairProvider(new PEMGeneratorHostKeyProvider(path, ALGORITHM, KEY_SIZE)) .setIdleTimeout(DEFAULT_IDLE_TIMEOUT) .createSshProxyServerConfiguration()); return sshProxyServer; diff --git a/netconf/netconf-ssh/src/test/java/org/opendaylight/netconf/netty/SSHTest.java b/netconf/netconf-ssh/src/test/java/org/opendaylight/netconf/netty/SSHTest.java index de5f82b3da..b7379808cf 100644 --- a/netconf/netconf-ssh/src/test/java/org/opendaylight/netconf/netty/SSHTest.java +++ b/netconf/netconf-ssh/src/test/java/org/opendaylight/netconf/netty/SSHTest.java @@ -11,6 +11,7 @@ package org.opendaylight.netconf.netty; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; + import com.google.common.base.Stopwatch; import io.netty.bootstrap.Bootstrap; import io.netty.channel.ChannelInitializer; @@ -25,7 +26,7 @@ import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.TimeUnit; -import org.apache.sshd.common.util.SecurityUtils; +import org.apache.sshd.server.keyprovider.PEMGeneratorHostKeyProvider; import org.junit.AfterClass; import org.junit.BeforeClass; import org.junit.Test; @@ -72,18 +73,13 @@ public class SSHTest { final InetSocketAddress addr = new InetSocketAddress("127.0.0.1", 10831); final SshProxyServer sshProxyServer = new SshProxyServer(minaTimerEx, nettyGroup, nioExec); - sshProxyServer.bind(new SshProxyServerConfigurationBuilder() - .setBindingAddress(addr) - .setLocalAddress(NetconfConfigUtil.getNetconfLocalAddress()) - .setAuthenticator(new AuthProvider() { + sshProxyServer.bind( + new SshProxyServerConfigurationBuilder().setBindingAddress(addr).setLocalAddress(NetconfConfigUtil.getNetconfLocalAddress()).setAuthenticator(new AuthProvider() { @Override public boolean authenticated(final String username, final String password) { return true; } - }) - .setKeyPairProvider(SecurityUtils.createGeneratorHostKeyProvider(sshKeyPair.toPath())) - .setIdleTimeout(Integer.MAX_VALUE) - .createSshProxyServerConfiguration()); + }).setKeyPairProvider(new PEMGeneratorHostKeyProvider(sshKeyPair.toPath().toAbsolutePath().toString())).setIdleTimeout(Integer.MAX_VALUE).createSshProxyServerConfiguration()); final EchoClientHandler echoClientHandler = connectClient(addr); diff --git a/netconf/netconf-ssh/src/test/java/org/opendaylight/netconf/ssh/authentication/SSHServerTest.java b/netconf/netconf-ssh/src/test/java/org/opendaylight/netconf/ssh/authentication/SSHServerTest.java index bc983f8164..f035024718 100644 --- a/netconf/netconf-ssh/src/test/java/org/opendaylight/netconf/ssh/authentication/SSHServerTest.java +++ b/netconf/netconf-ssh/src/test/java/org/opendaylight/netconf/ssh/authentication/SSHServerTest.java @@ -11,6 +11,7 @@ import static org.mockito.Matchers.any; import static org.mockito.Matchers.anyString; import static org.mockito.Mockito.doNothing; import static org.mockito.Mockito.doReturn; + import io.netty.channel.EventLoopGroup; import io.netty.channel.nio.NioEventLoopGroup; import java.io.File; @@ -20,11 +21,11 @@ import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.TimeUnit; -import org.apache.sshd.client.SshClient; +import org.apache.sshd.ClientSession; +import org.apache.sshd.SshClient; import org.apache.sshd.client.future.AuthFuture; import org.apache.sshd.client.future.ConnectFuture; -import org.apache.sshd.client.session.ClientSession; -import org.apache.sshd.common.util.SecurityUtils; +import org.apache.sshd.server.keyprovider.PEMGeneratorHostKeyProvider; import org.junit.Before; import org.junit.Test; import org.mockito.Mock; @@ -71,14 +72,13 @@ public class SSHServerTest { final InetSocketAddress addr = InetSocketAddress.createUnresolved(HOST, PORT); server = new SshProxyServer(minaTimerEx, clientGroup, nioExec); - server.bind( new SshProxyServerConfigurationBuilder().setBindingAddress(addr) - .setLocalAddress(NetconfConfigUtil.getNetconfLocalAddress()).setAuthenticator(new AuthProvider() { - @Override - public boolean authenticated(final String username, final String password) { - return true; - } - }).setKeyPairProvider(SecurityUtils.createGeneratorHostKeyProvider(sshKeyPair.toPath())) - .setIdleTimeout(Integer.MAX_VALUE).createSshProxyServerConfiguration()); + server.bind( + new SshProxyServerConfigurationBuilder().setBindingAddress(addr).setLocalAddress(NetconfConfigUtil.getNetconfLocalAddress()).setAuthenticator(new AuthProvider() { + @Override + public boolean authenticated(final String username, final String password) { + return true; + } + }).setKeyPairProvider(new PEMGeneratorHostKeyProvider(sshKeyPair.toPath().toAbsolutePath().toString())).setIdleTimeout(Integer.MAX_VALUE).createSshProxyServerConfiguration()); LOG.info("SSH server started on {}", PORT); } diff --git a/netconf/tools/netconf-testtool/src/main/java/org/opendaylight/netconf/test/tool/NetconfDeviceSimulator.java b/netconf/tools/netconf-testtool/src/main/java/org/opendaylight/netconf/test/tool/NetconfDeviceSimulator.java index ea3aae54f1..165decc6d4 100644 --- a/netconf/tools/netconf-testtool/src/main/java/org/opendaylight/netconf/test/tool/NetconfDeviceSimulator.java +++ b/netconf/tools/netconf-testtool/src/main/java/org/opendaylight/netconf/test/tool/NetconfDeviceSimulator.java @@ -38,9 +38,8 @@ import java.util.concurrent.ExecutionException; import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; import java.util.concurrent.ScheduledExecutorService; -import org.apache.sshd.common.keyprovider.KeyPairProvider; -import org.apache.sshd.common.util.SecurityUtils; -import org.apache.sshd.common.util.threads.ThreadUtils; +import org.apache.sshd.common.util.ThreadUtils; +import org.apache.sshd.server.keyprovider.PEMGeneratorHostKeyProvider; import org.opendaylight.controller.config.util.capability.BasicCapability; import org.opendaylight.controller.config.util.capability.Capability; import org.opendaylight.controller.config.util.capability.YangModuleCapability; @@ -167,7 +166,7 @@ public class NetconfDeviceSimulator implements Closeable { final List openDevices = Lists.newArrayList(); // Generate key to temp folder - final KeyPairProvider keyPairProvider = getPemGeneratorHostKeyProvider(); + final PEMGeneratorHostKeyProvider keyPairProvider = getPemGeneratorHostKeyProvider(); for (int i = 0; i < params.deviceCount; i++) { if (currentPort > 65535) { @@ -243,8 +242,7 @@ public class NetconfDeviceSimulator implements Closeable { return openDevices; } - private static SshProxyServerConfiguration getSshConfiguration(final InetSocketAddress bindingAddress, - final LocalAddress tcpLocalAddress, final KeyPairProvider keyPairProvider) { + private SshProxyServerConfiguration getSshConfiguration(final InetSocketAddress bindingAddress, final LocalAddress tcpLocalAddress, final PEMGeneratorHostKeyProvider keyPairProvider) throws IOException { return new SshProxyServerConfigurationBuilder() .setBindingAddress(bindingAddress) .setLocalAddress(tcpLocalAddress) @@ -259,13 +257,13 @@ public class NetconfDeviceSimulator implements Closeable { .createSshProxyServerConfiguration(); } - private static KeyPairProvider getPemGeneratorHostKeyProvider() { + private PEMGeneratorHostKeyProvider getPemGeneratorHostKeyProvider() { try { final Path tempFile = Files.createTempFile("tempKeyNetconfTest", "suffix"); - return SecurityUtils.createGeneratorHostKeyProvider(tempFile.toAbsolutePath()); + return new PEMGeneratorHostKeyProvider(tempFile.toAbsolutePath().toString()); } catch (final IOException e) { LOG.error("Unable to generate PEM key", e); - throw new RuntimeException("Unable to generate PEM key", e); + throw new RuntimeException(e); } } @@ -316,8 +314,7 @@ public class NetconfDeviceSimulator implements Closeable { return capabilities; } - private static void addModuleCapability(final SharedSchemaRepository consumer, final Set capabilities, - final Module module) { + private void addModuleCapability(final SharedSchemaRepository consumer, final Set capabilities, final Module module) { final SourceIdentifier moduleSourceIdentifier = SourceIdentifier.create(module.getName(), (SimpleDateFormatUtil.DEFAULT_DATE_REV == module.getRevision() ? Optional.absent() : Optional.of(SimpleDateFormatUtil.getRevisionFormat().format(module.getRevision())))); @@ -331,7 +328,7 @@ public class NetconfDeviceSimulator implements Closeable { } } - private static void addDefaultSchemas(final SharedSchemaRepository consumer) { + private void addDefaultSchemas(final SharedSchemaRepository consumer) { SourceIdentifier sId = RevisionSourceIdentifier.create("ietf-netconf-monitoring", "2010-10-04"); registerSource(consumer, "/META-INF/yang/ietf-netconf-monitoring.yang", sId); @@ -345,8 +342,7 @@ public class NetconfDeviceSimulator implements Closeable { registerSource(consumer, "/META-INF/yang/ietf-inet-types@2013-07-15.yang", sId); } - private static void registerSource(final SharedSchemaRepository consumer, final String resource, - final SourceIdentifier sourceId) { + private void registerSource(final SharedSchemaRepository consumer, final String resource, final SourceIdentifier sourceId) { consumer.registerSchemaSource(new SchemaSourceProvider() { @Override public CheckedFuture getSource(final SourceIdentifier sourceIdentifier) { @@ -376,11 +372,7 @@ public class NetconfDeviceSimulator implements Closeable { @Override public void close() { for (final SshProxyServer sshWrapper : sshWrappers) { - try { - sshWrapper.close(); - } catch (IOException e) { - LOG.error("Failed to close wrapper {}", sshWrapper, e); - } + sshWrapper.close(); } for (final Channel deviceCh : devicesChannels) { deviceCh.close(); -- 2.36.6