X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?p=controller.git;a=blobdiff_plain;f=opendaylight%2Fnetconf%2Fnetconf-ssh%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Fcontroller%2Fnetconf%2Fssh%2Fthreads%2FSocketThread.java;h=e07c7ed6ac901156aa2d6c23a75114bd523584da;hp=15d99a44ee4db4a7b31bd0ee2fd6abd25476079c;hb=bfa2b4e3f1a93b97a7f4575116e67a2d20b53c75;hpb=1a556d2ed47c7ea285baa07900e14d092a4a6cfa diff --git a/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/threads/SocketThread.java b/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/threads/SocketThread.java index 15d99a44ee..e07c7ed6ac 100644 --- a/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/threads/SocketThread.java +++ b/opendaylight/netconf/netconf-ssh/src/main/java/org/opendaylight/controller/netconf/ssh/threads/SocketThread.java @@ -1,6 +1,23 @@ +/* + * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved. + * + * This program and the accompanying materials are made available under the + * terms of the Eclipse Public License v1.0 which accompanies this distribution, + * and is available at http://www.eclipse.org/legal/epl-v10.html + */ package org.opendaylight.controller.netconf.ssh.threads; +import java.io.IOException; +import java.net.InetSocketAddress; +import java.net.Socket; + +import javax.annotation.concurrent.ThreadSafe; + +import org.opendaylight.controller.netconf.ssh.authentication.AuthProvider; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + import ch.ethz.ssh2.AuthenticationResult; import ch.ethz.ssh2.PtySettings; import ch.ethz.ssh2.ServerAuthenticationCallback; @@ -9,48 +26,49 @@ import ch.ethz.ssh2.ServerConnectionCallback; import ch.ethz.ssh2.ServerSession; import ch.ethz.ssh2.ServerSessionCallback; import ch.ethz.ssh2.SimpleServerSessionCallback; -import java.io.IOException; -import java.net.InetSocketAddress; -import java.net.Socket; -import javax.annotation.concurrent.ThreadSafe; -import org.opendaylight.controller.netconf.ssh.authentication.RSAKey; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; @ThreadSafe -public class SocketThread implements Runnable, ServerAuthenticationCallback, ServerConnectionCallback -{ - - private Socket socket; - private static final String USER = "netconf"; - private static final String PASSWORD = "netconf"; - private InetSocketAddress clientAddress; +public class SocketThread implements Runnable, ServerAuthenticationCallback, ServerConnectionCallback { private static final Logger logger = LoggerFactory.getLogger(SocketThread.class); + + private final Socket socket; + private final InetSocketAddress clientAddress; private ServerConnection conn = null; - private long sessionId; + private final long sessionId; private String currentUser; private final String remoteAddressWithPort; + private final AuthProvider authProvider; - public static void start(Socket socket, InetSocketAddress clientAddress, long sessionId) throws IOException{ - Thread netconf_ssh_socket_thread = new Thread(new SocketThread(socket,clientAddress,sessionId)); + public static void start(Socket socket, + InetSocketAddress clientAddress, + long sessionId, + AuthProvider authProvider) throws IOException{ + Thread netconf_ssh_socket_thread = new Thread(new SocketThread(socket,clientAddress,sessionId,authProvider)); netconf_ssh_socket_thread.setDaemon(true); netconf_ssh_socket_thread.start(); } - private SocketThread(Socket socket, InetSocketAddress clientAddress, long sessionId) throws IOException { + private SocketThread(Socket socket, + InetSocketAddress clientAddress, + long sessionId, + AuthProvider authProvider) throws IOException { this.socket = socket; this.clientAddress = clientAddress; this.sessionId = sessionId; this.remoteAddressWithPort = socket.getRemoteSocketAddress().toString().replaceFirst("/",""); + this.authProvider = authProvider; } @Override public void run() { conn = new ServerConnection(socket); - RSAKey keyStore = new RSAKey(); - conn.setRsaHostKey(keyStore.getPrivateKey()); + try { + conn.setPEMHostKey(authProvider.getPEMAsCharArray(),"netconf"); + } catch (Exception e) { + logger.debug("Server authentication setup failed."); + } conn.setAuthenticationCallback(this); conn.setServerConnectionCallback(this); try { @@ -59,6 +77,7 @@ public class SocketThread implements Runnable, ServerAuthenticationCallback, Ser logger.error("SocketThread error ",e); } } + @Override public ServerSessionCallback acceptSession(final ServerSession session) { SimpleServerSessionCallback cb = new SimpleServerSessionCallback() @@ -67,6 +86,7 @@ public class SocketThread implements Runnable, ServerAuthenticationCallback, Ser public Runnable requestSubsystem(final ServerSession ss, final String subsystem) throws IOException { return new Runnable(){ + @Override public void run() { if (subsystem.equals("netconf")){ @@ -89,14 +109,15 @@ public class SocketThread implements Runnable, ServerAuthenticationCallback, Ser netconf_ssh_output.setDaemon(false); netconf_ssh_output.start(); - } catch (Throwable t){ - logger.error(t.getMessage(),t); + } catch (Exception t) { + logger.error("SSH bridge could not create echo socket: {}", t.getMessage(), t); try { if (netconf_ssh_input!=null){ netconf_ssh_input.join(); } } catch (InterruptedException e) { + Thread.currentThread().interrupt(); logger.error("netconf_ssh_input join error ",e); } @@ -105,9 +126,9 @@ public class SocketThread implements Runnable, ServerAuthenticationCallback, Ser netconf_ssh_output.join(); } } catch (InterruptedException e) { + Thread.currentThread().interrupt(); logger.error("netconf_ssh_output join error ",e); } - } } else { try { @@ -125,6 +146,7 @@ public class SocketThread implements Runnable, ServerAuthenticationCallback, Ser { return new Runnable() { + @Override public void run() { //noop @@ -137,6 +159,7 @@ public class SocketThread implements Runnable, ServerAuthenticationCallback, Ser { return new Runnable() { + @Override public void run() { //noop @@ -148,34 +171,42 @@ public class SocketThread implements Runnable, ServerAuthenticationCallback, Ser return cb; } + @Override public String initAuthentication(ServerConnection sc) { logger.trace("Established connection with host {}",remoteAddressWithPort); return "Established connection with host "+remoteAddressWithPort+"\r\n"; } + @Override public String[] getRemainingAuthMethods(ServerConnection sc) { return new String[] { ServerAuthenticationCallback.METHOD_PASSWORD }; } + @Override public AuthenticationResult authenticateWithNone(ServerConnection sc, String username) { return AuthenticationResult.FAILURE; } + @Override public AuthenticationResult authenticateWithPassword(ServerConnection sc, String username, String password) { - if (USER.equals(username) && PASSWORD.equals(password)){ - currentUser = username; - logger.trace("user {}@{} authenticated",currentUser,remoteAddressWithPort); - return AuthenticationResult.SUCCESS; - } - + try { + if (authProvider.authenticated(username,password)){ + currentUser = username; + logger.trace("user {}@{} authenticated",currentUser,remoteAddressWithPort); + return AuthenticationResult.SUCCESS; + } + } catch (Exception e){ + logger.warn("Authentication failed due to :" + e.getLocalizedMessage()); + } return AuthenticationResult.FAILURE; } + @Override public AuthenticationResult authenticateWithPublicKey(ServerConnection sc, String username, String algorithm, byte[] publickey, byte[] signature) {