From f6196b803b7351da29f5d24958abbedf0df41a05 Mon Sep 17 00:00:00 2001 From: David Ostrovsky Date: Fri, 26 Sep 2014 10:50:37 +0200 Subject: [PATCH] Extract authenticate method from CachingPublicKeyAuthenticator --- ...nticator.java => FileBasedPubKeyAuth.java} | 41 ++----------------- .../com/gitblit/transport/ssh/SshDaemon.java | 3 +- 2 files changed, 5 insertions(+), 39 deletions(-) rename src/main/java/com/gitblit/transport/ssh/{CachingPublicKeyAuthenticator.java => FileBasedPubKeyAuth.java} (63%) diff --git a/src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java b/src/main/java/com/gitblit/transport/ssh/FileBasedPubKeyAuth.java similarity index 63% rename from src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java rename to src/main/java/com/gitblit/transport/ssh/FileBasedPubKeyAuth.java index e804a0da..b6a52f9c 100644 --- a/src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java +++ b/src/main/java/com/gitblit/transport/ssh/FileBasedPubKeyAuth.java @@ -16,14 +16,9 @@ package com.gitblit.transport.ssh; import java.security.PublicKey; -import java.util.HashMap; import java.util.List; import java.util.Locale; -import java.util.Map; -import java.util.concurrent.ConcurrentHashMap; -import org.apache.sshd.common.Session; -import org.apache.sshd.common.SessionListener; import org.apache.sshd.server.PublickeyAuthenticator; import org.apache.sshd.server.session.ServerSession; import org.slf4j.Logger; @@ -37,7 +32,7 @@ import com.google.common.base.Preconditions; * Authenticates an SSH session against a public key. * */ -public class CachingPublicKeyAuthenticator implements PublickeyAuthenticator, SessionListener { +public class FileBasedPubKeyAuth implements PublickeyAuthenticator { protected final Logger log = LoggerFactory.getLogger(getClass()); @@ -45,30 +40,13 @@ public class CachingPublicKeyAuthenticator implements PublickeyAuthenticator, Se protected final IAuthenticationManager authManager; - private final Map> cache = new ConcurrentHashMap>(); - - public CachingPublicKeyAuthenticator(IPublicKeyManager keyManager, IAuthenticationManager authManager) { + public FileBasedPubKeyAuth(IPublicKeyManager keyManager, IAuthenticationManager authManager) { this.keyManager = keyManager; this.authManager = authManager; } @Override - public boolean authenticate(String username, PublicKey key, ServerSession session) { - Map map = cache.get(session); - if (map == null) { - map = new HashMap(); - cache.put(session, map); - session.addListener(this); - } - if (map.containsKey(key)) { - return map.get(key); - } - boolean result = doAuthenticate(username, key, session); - map.put(key, result); - return result; - } - - private boolean doAuthenticate(String username, PublicKey suppliedKey, ServerSession session) { + public boolean authenticate(String username, PublicKey suppliedKey, ServerSession session) { SshDaemonClient client = session.getAttribute(SshDaemonClient.KEY); Preconditions.checkState(client.getUser() == null); username = username.toLowerCase(Locale.US); @@ -96,17 +74,4 @@ public class CachingPublicKeyAuthenticator implements PublickeyAuthenticator, Se log.warn("could not authenticate {} for SSH using the supplied public key", username); return false; } - - @Override - public void sessionCreated(Session session) { - } - - @Override - public void sessionEvent(Session sesssion, Event event) { - } - - @Override - public void sessionClosed(Session session) { - cache.remove(session); - } } diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java index 261daa66..2740e915 100644 --- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java +++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java @@ -31,6 +31,7 @@ import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory; import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory; import org.apache.sshd.common.keyprovider.FileKeyPairProvider; import org.apache.sshd.common.util.SecurityUtils; +import org.apache.sshd.server.auth.CachingPublicKeyAuthenticator; import org.bouncycastle.openssl.PEMWriter; import org.eclipse.jgit.internal.JGitText; import org.slf4j.Logger; @@ -96,7 +97,7 @@ public class SshDaemon { // Client public key authenticator CachingPublicKeyAuthenticator keyAuthenticator = - new CachingPublicKeyAuthenticator(gitblit.getPublicKeyManager(), gitblit); + new CachingPublicKeyAuthenticator(new FileBasedPubKeyAuth(gitblit.getPublicKeyManager(), gitblit)); // Configure the preferred SSHD backend String sshBackendStr = settings.getString(Keys.git.sshBackend, -- 2.39.5