public abstract class AbstractSession extends AbstractKexFactoryManager implements Session
The AbstractSession handles all the basic SSH protocol such as key exchange, authentication,
encoding and decoding. Both server side and client side sessions should inherit from this
abstract class. Some basic packet processing methods are defined but the actual call to these
methods should be done from the handleMessage(Buffer)
method, which is dependent on the state and side of this session.
AbstractCloseable.State
Session.TimeoutStatus
AttributeStore.AttributeKey<T>
closeFuture, lock, state
log
DEFAULT_SSH_VERSION_PREFIX, FALLBACK_SSH_VERSION_PREFIX, MAX_VERSION_LINE_LENGTH
NONE
EMPTY
CLOSE_WAIT_TIMEOUT, DEFAULT_CLOSE_WAIT_TIMEOUT
Modifier | Constructor and Description |
---|---|
protected |
AbstractSession(boolean isServer,
FactoryManager factoryManager,
IoSession ioSession)
Create a new session.
|
Modifier and Type | Method and Description |
---|---|
void |
addChannelListener(ChannelListener listener)
Add a channel listener
|
void |
addPortForwardingEventListener(PortForwardingEventListener listener)
Add a port forwarding listener
|
void |
addSessionListener(SessionListener listener)
Add a session listener.
|
static void |
attachSession(IoSession ioSession,
AbstractSession session)
Attach an SSH
AbstractSession to the I/O session |
protected long |
calculateNextIgnorePacketCount(Random r,
long freq,
int variance) |
protected AbstractMap.SimpleImmutableEntry<Session.TimeoutStatus,String> |
checkAuthenticationTimeout(long now,
long authTimeoutMs)
Checks if authentication timeout expired
|
protected void |
checkForTimeouts()
Checks whether the session has timed out (both auth and idle timeouts are checked).
|
protected AbstractMap.SimpleImmutableEntry<Session.TimeoutStatus,String> |
checkIdleTimeout(long now,
long idleTimeoutMs)
Checks if idle timeout expired
|
protected abstract void |
checkKeys()
Indicates the the key exchange is completed and the exchanged keys
can now be verified - e.g., client can verify the server's key
|
protected KeyExchangeFuture |
checkRekey()
Checks if a re-keying is required and if so initiates it
|
protected AbstractMap.SimpleImmutableEntry<String,String> |
comparePreferredKexProposalOption(KexProposalOption option) |
Buffer |
createBuffer(byte cmd)
Create a new buffer for the specified SSH packet and reserve the needed space
(5 bytes) for the packet header.
|
Buffer |
createBuffer(byte cmd,
int len)
Create a new buffer for the specified SSH packet and reserve the needed space
(5 bytes) for the packet header.
|
protected Map<KexProposalOption,String> |
createProposal(String hostKeyTypes)
Create our proposal for SSH negotiation
|
protected void |
decode()
Decode the incoming buffer and handle packets as needed.
|
void |
disconnect(int reason,
String msg)
Send a disconnect packet with the given reason and message.
|
protected void |
doHandleMessage(Buffer buffer) |
protected List<String> |
doReadIdentification(Buffer buffer,
boolean server)
Read the remote identification from this buffer.
|
protected IoWriteFuture |
doWritePacket(Buffer buffer) |
protected Buffer |
encode(Buffer buffer)
Encode a buffer into the SSH protocol.
|
void |
exceptionCaught(Throwable t)
Handle any exceptions that occurred on this session.
|
<T> T |
getAttribute(AttributeStore.AttributeKey<T> key)
Returns the value of the user-defined attribute.
|
long |
getAuthTimeout() |
SshdSocketAddress |
getBoundLocalPortForward(int port) |
SshdSocketAddress |
getBoundRemotePortForward(int port) |
ChannelListener |
getChannelListenerProxy() |
ChannelStreamPacketWriterResolver |
getChannelStreamPacketWriterResolver() |
CipherInformation |
getCipherInformation(boolean incoming)
Retrieves current cipher information - Note: may change if
key re-exchange executed
|
protected byte[] |
getClientKexData() |
String |
getClientVersion()
Retrieve the client version for this session.
|
CompressionInformation |
getCompressionInformation(boolean incoming)
Retrieves current compression information - Note: may change if
key re-exchange executed
|
protected abstract ConnectionService |
getConnectionService() |
FactoryManager |
getFactoryManager() |
protected ForwardingFilter |
getForwardingFilter() |
long |
getIdleTimeout() |
protected Closeable |
getInnerCloseable() |
IoSession |
getIoSession() |
KeyExchange |
getKex() |
List<Map.Entry<Integer,SshdSocketAddress>> |
getLocalForwardsBindings() |
Object |
getLock() |
MacInformation |
getMacInformation(boolean incoming)
Retrieves current MAC information - Note: may change if
key re-exchange executed
|
String |
getNegotiatedKexParameter(KexProposalOption paramType)
Retrieve one of the negotiated values during the KEX stage
|
PropertyResolver |
getParentPropertyResolver() |
PortForwardingEventListener |
getPortForwardingEventListenerProxy() |
Map<String,Object> |
getProperties()
A map of properties that can be used to configure the SSH server or
client.
|
List<Map.Entry<Integer,SshdSocketAddress>> |
getRemoteForwardsBindings() |
ReservedSessionMessagesHandler |
getReservedSessionMessagesHandler() |
protected byte[] |
getServerKexData() |
String |
getServerVersion()
Retrieve the server version for this session.
|
<T extends Service> |
getService(Class<T> clazz)
Get the service of the specified type.
|
protected List<Service> |
getServices() |
static AbstractSession |
getSession(IoSession ioSession)
Retrieve the SSH session from the I/O session.
|
static AbstractSession |
getSession(IoSession ioSession,
boolean allowNull)
Retrieve the session SSH from the I/O session.
|
byte[] |
getSessionId() |
SessionListener |
getSessionListenerProxy() |
NavigableSet<Integer> |
getStartedLocalPortForwards() |
NavigableSet<Integer> |
getStartedRemotePortForwards() |
Session.TimeoutStatus |
getTimeoutStatus()
Check if timeout has occurred.
|
UnknownChannelReferenceHandler |
getUnknownChannelReferenceHandler() |
String |
getUsername() |
protected void |
handleDebug(Buffer buffer) |
protected void |
handleDisconnect(Buffer buffer) |
protected void |
handleDisconnect(int code,
String msg,
String lang,
Buffer buffer) |
protected boolean |
handleFirstKexPacketFollows(int cmd,
Buffer buffer,
boolean followFlag) |
protected void |
handleIgnore(Buffer buffer) |
protected void |
handleKexInit(Buffer buffer) |
protected void |
handleKexMessage(int cmd,
Buffer buffer) |
protected void |
handleMessage(Buffer buffer)
Abstract method for processing incoming decoded packets.
|
protected void |
handleNewKeys(int cmd,
Buffer buffer) |
protected void |
handleServiceAccept(Buffer buffer) |
protected void |
handleServiceAccept(String serviceName,
Buffer buffer) |
protected void |
handleServiceRequest(Buffer buffer) |
protected boolean |
handleServiceRequest(String serviceName,
Buffer buffer) |
protected void |
handleUnimplemented(Buffer buffer) |
protected void |
invokeSessionSignaller(Invoker<SessionListener,Void> invoker) |
boolean |
isAuthenticated() |
boolean |
isLocalPortForwardingStartedForPort(int port)
Test if local port forwarding is started
|
protected boolean |
isRekeyBlocksCountExceeded() |
protected boolean |
isRekeyDataSizeExceeded() |
protected boolean |
isRekeyPacketCountsExceeded() |
protected boolean |
isRekeyRequired() |
protected boolean |
isRekeyTimeIntervalExceeded() |
boolean |
isRemotePortForwardingStartedForPort(int port)
Test if remote port forwarding is started
|
protected Map<KexProposalOption,String> |
mergeProposals(Map<KexProposalOption,String> current,
Map<KexProposalOption,String> proposal) |
void |
messageReceived(Readable buffer)
Main input point for the MINA framework.
|
protected Map<KexProposalOption,String> |
negotiate()
Compute the negotiated proposals by merging the client and
server proposal.
|
protected IoWriteFuture |
notImplemented()
Send a
SSH_MSG_UNIMPLEMENTED packet. |
protected void |
preClose()
preClose is guaranteed to be called before doCloseGracefully or doCloseImmediately.
|
Buffer |
prepareBuffer(byte cmd,
Buffer buffer)
Prepare a new "clean" buffer while reserving the needed space
(5 bytes) for the packet header.
|
protected abstract boolean |
readIdentification(Buffer buffer)
Read the other side identification.
|
protected byte[] |
receiveKexInit(Buffer buffer) |
protected byte[] |
receiveKexInit(Buffer buffer,
Map<KexProposalOption,String> proposal)
Receive the remote key exchange init message.
|
protected abstract void |
receiveKexInit(Map<KexProposalOption,String> proposal,
byte[] seed) |
protected void |
receiveNewKeys()
Put new keys into use.
|
KeyExchangeFuture |
reExchangeKeys()
Initiate a new key exchange.
|
protected void |
refreshConfiguration()
Refresh whatever internal configuration is not
final |
<T> T |
removeAttribute(AttributeStore.AttributeKey<T> key)
Removes the user-defined attribute
|
void |
removeChannelListener(ChannelListener listener)
Remove a channel listener
|
void |
removePortForwardingEventListener(PortForwardingEventListener listener)
Remove a port forwarding listener
|
void |
removeSessionListener(SessionListener listener)
Remove a session listener.
|
Buffer |
request(String request,
Buffer buffer,
long timeout,
TimeUnit unit)
Send a global request and wait for the response.
|
protected void |
requestFailure(Buffer buffer)
Indicates the reception of a
SSH_MSG_REQUEST_FAILURE message |
protected KeyExchangeFuture |
requestNewKeysExchange()
Initiates a new keys exchange if one not already in progress
|
protected void |
requestSuccess(Buffer buffer)
Indicates the reception of a
SSH_MSG_REQUEST_SUCCESS message |
void |
resetIdleTimeout()
Re-start idle timeout timer
|
protected byte[] |
resizeKey(byte[] e,
int blockSize,
Digest hash,
byte[] k,
byte[] h)
Method used while putting new keys into use that will resize the key used to
initialize the cipher to the needed length.
|
protected String |
resolveAvailableSignaturesProposal() |
protected abstract String |
resolveAvailableSignaturesProposal(FactoryManager manager) |
ChannelStreamPacketWriterResolver |
resolveChannelStreamPacketWriterResolver() |
protected String |
resolveIdentificationString(String configPropName)
Resolves the identification to send to the peer session by consulting
the associated
FactoryManager . |
protected int |
resolveIgnoreBufferDataLength() |
protected SocketAddress |
resolvePeerAddress(SocketAddress knownAddress) |
protected ReservedSessionMessagesHandler |
resolveReservedSessionMessagesHandler() |
UnknownChannelReferenceHandler |
resolveUnknownChannelReferenceHandler()
Check if current manager has a specific handler set for it - if not,
try and resolve one from the "parent" container (if any)
|
IoWriteFuture |
sendDebugMessage(boolean display,
Object msg,
String lang)
Sends an
SSH_MSG_DEBUG to the peer session |
protected IoWriteFuture |
sendIdentification(String ident)
Send our identification.
|
IoWriteFuture |
sendIgnoreMessage(byte... data)
Sends an
SSH_MSG_IGNORE to the peer session |
protected byte[] |
sendKexInit() |
protected byte[] |
sendKexInit(Map<KexProposalOption,String> proposal)
Send the key exchange initialization packet.
|
protected IoWriteFuture |
sendNewKeys()
Send a message to put new keys into use.
|
protected IoWriteFuture |
sendNotImplemented(long seqNoValue)
Sends a
SSH_MSG_UNIMPLEMENTED message |
protected List<AbstractMap.SimpleImmutableEntry<PendingWriteFuture,IoWriteFuture>> |
sendPendingPackets(Queue<PendingWriteFuture> packetsQueue) |
<T> T |
setAttribute(AttributeStore.AttributeKey<T> key,
T value)
Sets a user-defined attribute.
|
void |
setAuthenticated() |
void |
setChannelStreamPacketWriterResolver(ChannelStreamPacketWriterResolver resolver) |
protected void |
setClientKexData(byte[] data) |
protected abstract void |
setKexSeed(byte... seed) |
protected Map<KexProposalOption,String> |
setNegotiationResult(Map<KexProposalOption,String> guess) |
void |
setReservedSessionMessagesHandler(ReservedSessionMessagesHandler handler) |
protected void |
setServerKexData(byte[] data) |
void |
setUnknownChannelReferenceHandler(UnknownChannelReferenceHandler unknownChannelReferenceHandler) |
void |
setUsername(String username) |
protected void |
signalExceptionCaught(SessionListener listener,
Throwable t) |
protected void |
signalExceptionCaught(Throwable t) |
protected void |
signalNegotiationEnd(Map<KexProposalOption,String> c2sOptions,
Map<KexProposalOption,String> s2cOptions,
Map<KexProposalOption,String> negotiatedGuess,
Throwable reason) |
protected void |
signalNegotiationEnd(SessionListener listener,
Map<KexProposalOption,String> c2sOptions,
Map<KexProposalOption,String> s2cOptions,
Map<KexProposalOption,String> negotiatedGuess,
Throwable reason) |
protected void |
signalNegotiationStart(Map<KexProposalOption,String> c2sOptions,
Map<KexProposalOption,String> s2cOptions) |
protected void |
signalNegotiationStart(SessionListener listener,
Map<KexProposalOption,String> c2sOptions,
Map<KexProposalOption,String> s2cOptions) |
protected void |
signalSessionClosed() |
protected void |
signalSessionClosed(SessionListener listener) |
protected void |
signalSessionCreated(IoSession ioSession) |
protected void |
signalSessionCreated(SessionListener listener) |
protected void |
signalSessionEvent(SessionListener.Event event)
Sends a session event to all currently registered session listeners
|
protected void |
signalSessionEvent(SessionListener listener,
SessionListener.Event event) |
String |
toString() |
protected void |
validateKexState(int cmd,
KexState expected) |
protected <B extends Buffer> |
validateTargetBuffer(int cmd,
B buffer)
Makes sure that the buffer used for output is not
null or one
of the session's internal ones used for decoding and uncompressing |
IoWriteFuture |
writePacket(Buffer buffer)
Encode and send the given buffer.
|
IoWriteFuture |
writePacket(Buffer buffer,
long timeout,
TimeUnit unit)
Encode and send the given buffer with the specified timeout.
|
getCipherFactories, getCompressionFactories, getKeyExchangeFactories, getKeyPairProvider, getMacFactories, getSignatureFactories, resolveEffectiveFactories, resolveEffectiveProvider, setCipherFactories, setCompressionFactories, setKeyExchangeFactories, setKeyPairProvider, setMacFactories, setSignatureFactories
doCloseGracefully, doCloseImmediately
addCloseFutureListener, builder, close, isClosed, isClosing, removeCloseFutureListener
getSimplifiedLogger
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
isValidVersionPrefix, resolveAttribute, resolveAttribute, startService
getCipherFactories, getCipherFactoriesNameList, getCipherFactoriesNames, getCompressionFactories, getCompressionFactoriesNameList, getCompressionFactoriesNames, getKeyExchangeFactories, getMacFactories, getMacFactoriesNameList, getMacFactoriesNames, setCipherFactories, setCipherFactoriesNameList, setCipherFactoriesNames, setCipherFactoriesNames, setCompressionFactories, setCompressionFactoriesNameList, setCompressionFactoriesNames, setCompressionFactoriesNames, setKeyExchangeFactories, setMacFactories, setMacFactoriesNameList, setMacFactoriesNames, setMacFactoriesNames
getKeyPairProvider, setKeyPairProvider
getSignatureFactories, getSignatureFactories, getSignatureFactoriesNameList, getSignatureFactoriesNames, resolveSignatureFactories, setSignatureFactories, setSignatureFactoriesNameList, setSignatureFactoriesNames, setSignatureFactoriesNames
resolveChannelStreamPacketWriter
getBoolean, getBooleanProperty, getInteger, getIntProperty, getLong, getLongProperty, getObject, getString, getStringProperty
addCloseFutureListener, close, close, close, getMaxCloseWaitTime, isClosed, isClosing, isOpen, removeCloseFutureListener
public static final String SESSION
getSession(IoSession, boolean)
and attachSession(IoSession, AbstractSession)
.protected final boolean isServer
protected final Random random
protected boolean authed
protected String username
protected final Collection<SessionListener> sessionListeners
protected final SessionListener sessionListenerProxy
protected final Collection<ChannelListener> channelListeners
protected final ChannelListener channelListenerProxy
protected final Collection<PortForwardingEventListener> tunnelListeners
protected final PortForwardingEventListener tunnelListenerProxy
protected byte[] sessionId
protected String serverVersion
protected String clientVersion
protected final Map<KexProposalOption,String> serverProposal
protected final Map<KexProposalOption,String> clientProposal
protected final Map<KexProposalOption,String> negotiationResult
protected KeyExchange kex
protected Boolean firstKexPacketFollows
protected final AtomicReference<KexState> kexState
protected final AtomicReference<DefaultKeyExchangeFuture> kexFutureHolder
protected Cipher outCipher
protected Cipher inCipher
protected int outCipherSize
protected int inCipherSize
protected Mac outMac
protected Mac inMac
protected byte[] inMacResult
protected Compression outCompression
protected Compression inCompression
protected long seqi
protected long seqo
protected SessionWorkBuffer uncompressBuffer
protected final SessionWorkBuffer decoderBuffer
protected int decoderState
protected int decoderLength
protected final Object encodeLock
protected final Object decodeLock
protected final Object requestLock
protected long authTimeoutStart
protected long idleTimeoutStart
protected final AtomicReference<Session.TimeoutStatus> timeoutStatus
protected final AtomicLong inPacketsCount
protected final AtomicLong outPacketsCount
protected final AtomicLong inBytesCount
protected final AtomicLong outBytesCount
protected final AtomicLong inBlocksCount
protected final AtomicLong outBlocksCount
protected final AtomicLong lastKeyTimeValue
protected long maxRekyPackets
protected long maxRekeyBytes
protected long maxRekeyInterval
protected final Queue<PendingWriteFuture> pendingPackets
protected Service currentService
protected int ignorePacketDataLength
protected long ignorePacketsFrequency
protected int ignorePacketsVariance
protected final AtomicLong maxRekeyBlocks
protected final AtomicLong ignorePacketsCount
protected AbstractSession(boolean isServer, FactoryManager factoryManager, IoSession ioSession)
isServer
- true
if this is a server session, false
if client onefactoryManager
- the factory managerioSession
- the underlying MINA sessionprotected void signalSessionCreated(IoSession ioSession) throws Exception
Exception
protected void signalSessionCreated(SessionListener listener)
public static AbstractSession getSession(IoSession ioSession) throws MissingAttachedSessionException
ioSession
- The IoSession
MissingAttachedSessionException
- if no attached SSH sessiongetSession(IoSession, boolean)
public static AbstractSession getSession(IoSession ioSession, boolean allowNull) throws MissingAttachedSessionException
false
, an exception will be thrown, otherwise
a null
will be returned.ioSession
- The IoSession
allowNull
- If true
, a null
value may be returned if no
session is attachednull
MissingAttachedSessionException
- if no attached session and allowNull=falsepublic static void attachSession(IoSession ioSession, AbstractSession session) throws MultipleAttachedSessionException
AbstractSession
to the I/O sessionioSession
- The IoSession
session
- The SSH session to attachMultipleAttachedSessionException
- If a previous session already attachedpublic String getServerVersion()
Session
getServerVersion
in interface Session
public String getClientVersion()
Session
getClientVersion
in interface Session
public KeyExchange getKex()
public byte[] getSessionId()
getSessionId
in interface Session
null
if
not yet establishedpublic IoSession getIoSession()
getIoSession
in interface Session
IoSession
associated to this sessionprotected SocketAddress resolvePeerAddress(SocketAddress knownAddress)
knownAddress
- Any externally set peer address - e.g., due to some
proxy mechanism meta-datanull
otherwise, the IoSession
peer addresspublic FactoryManager getFactoryManager()
getFactoryManager
in interface FactoryManagerHolder
FactoryManager
public PropertyResolver getParentPropertyResolver()
getParentPropertyResolver
in interface PropertyResolver
null
if no parentpublic Map<String,Object> getProperties()
PropertyResolver
A map of properties that can be used to configure the SSH server or client. This map will never be changed by either the server or client and is not supposed to be changed at runtime (changes are not bound to have any effect on a running client or server), though it may affect the creation of sessions later as these values are usually not cached.
Note: the type of the mapped property should match the
expected configuration value type - Long, Integer, Boolean,
String
, etc.... If it doesn't, the toString()
result of the
mapped value is used to convert it to the required type. E.g., if the
mapped value is the string "1234" and the expected value
is a long
then it will be parsed into one. Also, if the mapped
value is an Integer
but a long
is expected, then it will
be converted into one.
getProperties
in interface PropertyResolver
Map
containing configuration values, never null
public UnknownChannelReferenceHandler getUnknownChannelReferenceHandler()
getUnknownChannelReferenceHandler
in interface UnknownChannelReferenceHandlerManager
UnknownChannelReferenceHandlerManager
to use - if
null
then any reference to unknown channel causes an SshChannelNotFoundException
public void setUnknownChannelReferenceHandler(UnknownChannelReferenceHandler unknownChannelReferenceHandler)
setUnknownChannelReferenceHandler
in interface UnknownChannelReferenceHandlerManager
unknownChannelReferenceHandler
- The UnknownChannelReferenceHandlerManager
to use - if
null
then any reference to unknown channel causes an SshChannelNotFoundException
public UnknownChannelReferenceHandler resolveUnknownChannelReferenceHandler()
UnknownChannelReferenceHandlerManager
resolveUnknownChannelReferenceHandler
in interface UnknownChannelReferenceHandlerManager
public String getNegotiatedKexParameter(KexProposalOption paramType)
Session
getNegotiatedKexParameter
in interface Session
paramType
- The request KexProposalOption
value
- ignored if null
null
if invalid
parameter or no negotiated valuepublic CipherInformation getCipherInformation(boolean incoming)
Session
getCipherInformation
in interface Session
incoming
- If true
then the cipher for the incoming data,
otherwise for the outgoing dataCipherInformation
- or null
if not negotiated yet.public CompressionInformation getCompressionInformation(boolean incoming)
Session
getCompressionInformation
in interface Session
incoming
- If true
then the compression for the incoming data,
otherwise for the outgoing dataCompressionInformation
- or null
if not negotiated yet.public MacInformation getMacInformation(boolean incoming)
Session
getMacInformation
in interface Session
incoming
- If true
then the MAC for the incoming data,
otherwise for the outgoing dataMacInformation
- or null
if not negotiated yet.public boolean isAuthenticated()
isAuthenticated
in interface Session
public void setAuthenticated() throws IOException
setAuthenticated
in interface Session
IOException
public ChannelStreamPacketWriterResolver getChannelStreamPacketWriterResolver()
getChannelStreamPacketWriterResolver
in interface ChannelStreamPacketWriterResolverManager
public void setChannelStreamPacketWriterResolver(ChannelStreamPacketWriterResolver resolver)
setChannelStreamPacketWriterResolver
in interface ChannelStreamPacketWriterResolverManager
public ChannelStreamPacketWriterResolver resolveChannelStreamPacketWriterResolver()
resolveChannelStreamPacketWriterResolver
in interface ChannelStreamPacketWriterResolverManager
public void messageReceived(Readable buffer) throws Exception
Main input point for the MINA framework.
This method will be called each time new data is received on
the socket and will append it to the input buffer before
calling the decode()
method.
buffer
- the new buffer receivedException
- if an error occurs while decoding or handling the dataprotected void refreshConfiguration()
final
protected void handleMessage(Buffer buffer) throws Exception
buffer
- The Buffer
containing the packet - it may be
re-used to generate the response once request has been decodedException
- if an exception occurs while handling this packet.doHandleMessage(Buffer)
protected boolean handleFirstKexPacketFollows(int cmd, Buffer buffer, boolean followFlag)
protected AbstractMap.SimpleImmutableEntry<String,String> comparePreferredKexProposalOption(KexProposalOption option)
protected void handleKexMessage(int cmd, Buffer buffer) throws Exception
Exception
public IoWriteFuture sendIgnoreMessage(byte... data) throws IOException
Session
SSH_MSG_IGNORE
to the peer sessionsendIgnoreMessage
in interface Session
data
- The message dataIoWriteFuture
that can be used to check when the packet has actually been sentIOException
- if an error occurred when encoding sending the packetprotected void handleUnimplemented(Buffer buffer) throws Exception
Exception
public IoWriteFuture sendDebugMessage(boolean display, Object msg, String lang) throws IOException
Session
SSH_MSG_DEBUG
to the peer sessionsendDebugMessage
in interface Session
display
- true
if OK to display the message at the peer as-ismsg
- The message object whose toString()
value to be used - if
null
then the "null" string is sentlang
- The language - null
/empty if some pre-agreed default is usedIoWriteFuture
that can be used to check when the packet has actually been sentIOException
- if an error occurred when encoding sending the packetprotected ReservedSessionMessagesHandler resolveReservedSessionMessagesHandler()
protected void handleDisconnect(int code, String msg, String lang, Buffer buffer) throws Exception
Exception
protected void handleServiceRequest(Buffer buffer) throws Exception
Exception
protected boolean handleServiceRequest(String serviceName, Buffer buffer) throws Exception
Exception
protected void handleServiceAccept(Buffer buffer) throws Exception
Exception
protected void handleServiceAccept(String serviceName, Buffer buffer) throws Exception
Exception
protected void handleNewKeys(int cmd, Buffer buffer) throws Exception
Exception
protected List<AbstractMap.SimpleImmutableEntry<PendingWriteFuture,IoWriteFuture>> sendPendingPackets(Queue<PendingWriteFuture> packetsQueue) throws IOException
IOException
protected void validateKexState(int cmd, KexState expected)
public void exceptionCaught(Throwable t)
SshException
.exceptionCaught
in interface Session
t
- the exception to processprotected void signalExceptionCaught(Throwable t)
protected void signalExceptionCaught(SessionListener listener, Throwable t)
protected Closeable getInnerCloseable()
getInnerCloseable
in class AbstractInnerCloseable
protected void preClose()
AbstractCloseable
preClose
in class AbstractCloseable
protected void signalSessionClosed()
protected void signalSessionClosed(SessionListener listener)
public <T extends Service> T getService(Class<T> clazz)
Session
getService
in interface Session
T
- The generic Service
typeclazz
- The service classpublic IoWriteFuture writePacket(Buffer buffer) throws IOException
PacketWriter
writePacket
in interface PacketWriter
buffer
- the buffer to encode and send. NOTE: the buffer must not be touched
until the returned write future is completed.IoWriteFuture
that can be used to check when the packet has actually been sentIOException
- if an error occurred when encoding sending the packetpublic IoWriteFuture writePacket(Buffer buffer, long timeout, TimeUnit unit) throws IOException
Session
IoWriteFuture
will be set with a
TimeoutException
exception to indicate a timeout.writePacket
in interface Session
buffer
- the buffer to encode and spendtimeout
- the timeoutunit
- the time unit of the timeout parameterIOException
- if an error occurred when encoding sending the packetprotected IoWriteFuture doWritePacket(Buffer buffer) throws IOException
IOException
protected int resolveIgnoreBufferDataLength()
protected long calculateNextIgnorePacketCount(Random r, long freq, int variance)
public Buffer request(String request, Buffer buffer, long timeout, TimeUnit unit) throws IOException
Session
SSH_MSG_GLOBAL_REQUEST
with a result expected, else it will time outrequest
in interface Session
request
- the request name - used mainly for logging and debuggingbuffer
- the buffer containing the global requesttimeout
- The number of time units to wait - must be positiveunit
- The TimeUnit
to wait for the responsenull
otherwise.IOException
- if an error occurred when encoding sending the packetpublic Buffer createBuffer(byte cmd)
Session
createBuffer
in interface Session
cmd
- the SSH commandpublic Buffer createBuffer(byte cmd, int len)
Session
createBuffer
in interface Session
cmd
- The SSH command to initialize the buffer withlen
- Estimated number of bytes the buffer will hold, 0 if unknown.Session.prepareBuffer(byte, Buffer)
public Buffer prepareBuffer(byte cmd, Buffer buffer)
Session
prepareBuffer
in interface Session
cmd
- The SSH command to initialize the buffer withbuffer
- The Buffer
instance to initializeprotected <B extends Buffer> B validateTargetBuffer(int cmd, B buffer)
null
or one
of the session's internal ones used for decoding and uncompressingB
- The Buffer
type being validatedcmd
- The most likely command this buffer refers to (not guaranteed to be correct)buffer
- The buffer to be examinedIllegalArgumentException
- if any of the conditions is violatedprotected Buffer encode(Buffer buffer) throws IOException
buffer
- the buffer to encodeSshConstants.SSH_PACKET_HEADER_LEN
,
in which a substitute buffer will be created and used.IOException
- if an exception occurs during the encoding processprotected void decode() throws Exception
Exception
- If failed to decodeprotected String resolveIdentificationString(String configPropName)
FactoryManager
. If a value is set, then it is
appended to the standard Session.DEFAULT_SSH_VERSION_PREFIX
.
Otherwise a default value is returned consisting of the prefix and
the core artifact name + version in uppercase - e.g.,'
"SSH-2.0-SSHD-CORE-1.2.3.4"configPropName
- The property used to query the factory managerprotected IoWriteFuture sendIdentification(String ident) throws IOException
ident
- our identification to sendIoWriteFuture
that can be used to wait for notification
that identification has been sendIOException
- If failed to send the packetprotected abstract boolean readIdentification(Buffer buffer) throws IOException
doReadIdentification(Buffer, boolean)
and
store the result in the needed property.buffer
- The Buffer
containing the remote identificationtrue
if the identification has been fully read or
false
if more data is neededIOException
- if an error occurs such as a bad protocol versionprotected List<String> doReadIdentification(Buffer buffer, boolean server)
null
value will be returned. Else the identification
string will be returned and the data read will be consumed from the buffer.buffer
- the buffer containing the identification stringserver
- true
if it is called by the server session,
false
if by the client sessionList
of all received remote identification lines until
the version line was read or null
if more data is needed.
The identification line is the last one in the listprotected Map<KexProposalOption,String> createProposal(String hostKeyTypes)
hostKeyTypes
- The comma-separated list of supported host key typesMap
protected byte[] sendKexInit(Map<KexProposalOption,String> proposal) throws IOException
proposal
- our proposal for key exchange negotiationIOException
- if an error occurred sending the packetprotected byte[] receiveKexInit(Buffer buffer, Map<KexProposalOption,String> proposal)
buffer
- the Buffer
containing the key exchange init packetproposal
- the remote proposal to fillprotected IoWriteFuture sendNewKeys() throws IOException
IoWriteFuture
that can be used to wait and
check the result of sending the packetIOException
- if an error occurs sending the messageprotected void receiveNewKeys() throws Exception
Exception
- if an error occursprotected byte[] resizeKey(byte[] e, int blockSize, Digest hash, byte[] k, byte[] h) throws Exception
e
- the key to resizeblockSize
- the cipher block size (in bytes)hash
- the hash algorithmk
- the key exchange k parameterh
- the key exchange h parameterException
- if a problem occur while resizing the keypublic void disconnect(int reason, String msg) throws IOException
Session
disconnect
in interface Session
reason
- the reason code for this disconnectmsg
- the text messageIOException
- if an error occurred sending the packetprotected IoWriteFuture notImplemented() throws IOException
SSH_MSG_UNIMPLEMENTED
packet. This packet should
contain the sequence id of the unsupported packet: this number
is assumed to be the last packet received.IoWriteFuture
that can be used to wait for packet write completionIOException
- if an error occurred sending the packetsendNotImplemented(long)
protected IoWriteFuture sendNotImplemented(long seqNoValue) throws IOException
SSH_MSG_UNIMPLEMENTED
messageseqNoValue
- The referenced sequence numberIoWriteFuture
that can be used to wait for packet write completionIOException
- if an error occurred sending the packetprotected Map<KexProposalOption,String> negotiate()
negotiationResult
property.Map
protected void signalNegotiationStart(Map<KexProposalOption,String> c2sOptions, Map<KexProposalOption,String> s2cOptions)
protected void signalNegotiationStart(SessionListener listener, Map<KexProposalOption,String> c2sOptions, Map<KexProposalOption,String> s2cOptions)
protected void signalNegotiationEnd(Map<KexProposalOption,String> c2sOptions, Map<KexProposalOption,String> s2cOptions, Map<KexProposalOption,String> negotiatedGuess, Throwable reason)
protected void signalNegotiationEnd(SessionListener listener, Map<KexProposalOption,String> c2sOptions, Map<KexProposalOption,String> s2cOptions, Map<KexProposalOption,String> negotiatedGuess, Throwable reason)
protected Map<KexProposalOption,String> setNegotiationResult(Map<KexProposalOption,String> guess)
protected void requestSuccess(Buffer buffer) throws Exception
SSH_MSG_REQUEST_SUCCESS
messageprotected void requestFailure(Buffer buffer) throws Exception
SSH_MSG_REQUEST_FAILURE
messagepublic <T> T getAttribute(AttributeStore.AttributeKey<T> key)
AttributeStore
getAttribute
in interface AttributeStore
T
- The generic attribute typekey
- The key of the attribute; must not be null
.null
if there is no value associated with the specified keypublic <T> T setAttribute(AttributeStore.AttributeKey<T> key, T value)
AttributeStore
setAttribute
in interface AttributeStore
T
- The generic attribute typekey
- The key of the attribute; must not be null
.value
- The value of the attribute; must not be null
.null
if it is new.public <T> T removeAttribute(AttributeStore.AttributeKey<T> key)
AttributeStore
removeAttribute
in interface AttributeStore
T
- The generic attribute typekey
- The key of the attribute; must not be null
.null
if no previous valuepublic String getUsername()
getUsername
in interface UsernameHolder
null
/empty if holder
not yet initializedpublic void setUsername(String username)
setUsername
in interface MutableUserHolder
public Object getLock()
public ReservedSessionMessagesHandler getReservedSessionMessagesHandler()
getReservedSessionMessagesHandler
in interface ReservedSessionMessagesManager
ReservedSessionMessagesHandler
- may be null
public void setReservedSessionMessagesHandler(ReservedSessionMessagesHandler handler)
setReservedSessionMessagesHandler
in interface ReservedSessionMessagesManager
handler
- The ReservedSessionMessagesHandler
to use - may be null
public void addSessionListener(SessionListener listener)
SessionListenerManager
addSessionListener
in interface SessionListenerManager
listener
- The SessionListener
to add - not null
public void removeSessionListener(SessionListener listener)
SessionListenerManager
removeSessionListener
in interface SessionListenerManager
listener
- The SessionListener
to removepublic SessionListener getSessionListenerProxy()
getSessionListenerProxy
in interface SessionListenerManager
null
proxy SessionListener
that represents
all the currently registered listeners. Any method invocation on the proxy
is replicated to the currently registered listenerspublic void addChannelListener(ChannelListener listener)
ChannelListenerManager
addChannelListener
in interface ChannelListenerManager
listener
- The ChannelListener
to add - not null
public void removeChannelListener(ChannelListener listener)
ChannelListenerManager
removeChannelListener
in interface ChannelListenerManager
listener
- The ChannelListener
to removepublic ChannelListener getChannelListenerProxy()
getChannelListenerProxy
in interface ChannelListenerManager
null
proxy ChannelListener
that represents
all the currently registered listeners. Any method invocation on the proxy
is replicated to the currently registered listenerspublic PortForwardingEventListener getPortForwardingEventListenerProxy()
getPortForwardingEventListenerProxy
in interface PortForwardingEventListenerManager
public void addPortForwardingEventListener(PortForwardingEventListener listener)
PortForwardingEventListenerManager
addPortForwardingEventListener
in interface PortForwardingEventListenerManager
listener
- The PortForwardingEventListener
to add - never null
public void removePortForwardingEventListener(PortForwardingEventListener listener)
PortForwardingEventListenerManager
removePortForwardingEventListener
in interface PortForwardingEventListenerManager
listener
- The PortForwardingEventListener
to remove - ignored if null
protected void signalSessionEvent(SessionListener.Event event) throws IOException
event
- The event to sendIOException
- If any of the registered listeners threw an exception.protected void signalSessionEvent(SessionListener listener, SessionListener.Event event) throws IOException
IOException
protected void invokeSessionSignaller(Invoker<SessionListener,Void> invoker) throws Throwable
Throwable
public KeyExchangeFuture reExchangeKeys() throws IOException
Session
reExchangeKeys
in interface Session
KeyExchangeFuture
for awaiting the completion of the exchangeIOException
- If failed to request keys re-negotiationprotected KeyExchangeFuture checkRekey() throws IOException
KeyExchangeFuture
to wait for the initiated exchange
or null
if no need to re-key or an exchange is already in progressIOException
- If failed to send the requestisRekeyRequired()
,
requestNewKeysExchange()
protected KeyExchangeFuture requestNewKeysExchange() throws IOException
KeyExchangeFuture
to wait for the initiated exchange
or null
if an exchange is already in progressIOException
- If failed to send the requestprotected boolean isRekeyRequired()
protected boolean isRekeyTimeIntervalExceeded()
protected boolean isRekeyPacketCountsExceeded()
protected boolean isRekeyDataSizeExceeded()
protected boolean isRekeyBlocksCountExceeded()
protected byte[] sendKexInit() throws IOException
IOException
protected byte[] getClientKexData()
protected void setClientKexData(byte[] data)
protected byte[] getServerKexData()
protected void setServerKexData(byte[] data)
protected abstract void setKexSeed(byte... seed)
seed
- The result of the KEXINIT handshake - required for correct session key establishmentprotected String resolveAvailableSignaturesProposal()
null
/empty if no proposalgetFactoryManager()
,
resolveAvailableSignaturesProposal(FactoryManager)
protected abstract String resolveAvailableSignaturesProposal(FactoryManager manager)
manager
- The FactoryManager
null
/empty if no proposalprotected abstract void checkKeys() throws IOException
IOException
- If validation failedprotected byte[] receiveKexInit(Buffer buffer) throws IOException
IOException
protected abstract void receiveKexInit(Map<KexProposalOption,String> proposal, byte[] seed) throws IOException
IOException
protected Map<KexProposalOption,String> mergeProposals(Map<KexProposalOption,String> current, Map<KexProposalOption,String> proposal)
protected abstract ConnectionService getConnectionService()
protected ForwardingFilter getForwardingFilter()
public List<Map.Entry<Integer,SshdSocketAddress>> getLocalForwardsBindings()
getLocalForwardsBindings
in interface PortForwardingInformationProvider
SshdSocketAddress
public boolean isLocalPortForwardingStartedForPort(int port)
PortForwardingInformationProvider
isLocalPortForwardingStartedForPort
in interface PortForwardingInformationProvider
port
- The local porttrue
if local port forwarding is startedgetBoundLocalPortForward
public NavigableSet<Integer> getStartedLocalPortForwards()
getStartedLocalPortForwards
in interface PortForwardingInformationProvider
NavigableSet
snapshot of the currently started
local port forwardspublic SshdSocketAddress getBoundLocalPortForward(int port)
getBoundLocalPortForward
in interface PortForwardingInformationProvider
port
- The port numberSshdSocketAddress
for the port
- null
if none boundisLocalPortForwardingStartedForPort
,
PortForwardingInformationProvider.getStartedLocalPortForwards()
public List<Map.Entry<Integer,SshdSocketAddress>> getRemoteForwardsBindings()
getRemoteForwardsBindings
in interface PortForwardingInformationProvider
SshdSocketAddress
public boolean isRemotePortForwardingStartedForPort(int port)
PortForwardingInformationProvider
isRemotePortForwardingStartedForPort
in interface PortForwardingInformationProvider
port
- The remote porttrue
if remote port forwarding is startedgetBoundRemotePortForward
public NavigableSet<Integer> getStartedRemotePortForwards()
getStartedRemotePortForwards
in interface PortForwardingInformationProvider
NavigableSet
snapshot of the currently started
remote port forwardspublic SshdSocketAddress getBoundRemotePortForward(int port)
getBoundRemotePortForward
in interface PortForwardingInformationProvider
port
- The port numberSshdSocketAddress
for the port
- null
if none boundisRemotePortForwardingStartedForPort
,
PortForwardingInformationProvider.getStartedRemotePortForwards()
protected void checkForTimeouts() throws IOException
IOException
- If failed to checkcheckAuthenticationTimeout(long, long)
,
checkIdleTimeout(long, long)
protected AbstractMap.SimpleImmutableEntry<Session.TimeoutStatus,String> checkAuthenticationTimeout(long now, long authTimeoutMs)
now
- The current time in millisauthTimeoutMs
- The configured timeout in millis - if non-positive
then no timeoutAbstractMap.SimpleImmutableEntry
specifying the timeout status and disconnect reason
message if timeout expired, null
or NoTimeout
if no timeout
occurredgetAuthTimeout()
protected AbstractMap.SimpleImmutableEntry<Session.TimeoutStatus,String> checkIdleTimeout(long now, long idleTimeoutMs)
now
- The current time in millisidleTimeoutMs
- The configured timeout in millis - if non-positive
then no timeoutAbstractMap.SimpleImmutableEntry
specifying the timeout status and disconnect reason
message if timeout expired, null
or NoTimeout
if no timeout
occurredgetIdleTimeout()
public void resetIdleTimeout()
Session
resetIdleTimeout
in interface Session
public Session.TimeoutStatus getTimeoutStatus()
Session
getTimeoutStatus
in interface Session
null
public long getAuthTimeout()
getAuthTimeout
in interface Session
public long getIdleTimeout()
getIdleTimeout
in interface Session
Copyright © 2008–2019 The Apache Software Foundation. All rights reserved.