mirrors
/
jgit
kopia lustrzana https://github.com/eclipse/jgit.git
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Wydania 204 Wiki Aktywność
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8083 Commity
49 Gałęzie
Drzewo: 286ad23cb5
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '286ad23cb5'
${ noResults }
jgit/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitClientSession.java

JGitClientSession.java 20KB
Czysty Blame Historia

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679 
  1. /*

  2.  * Copyright (C) 2018, 2019 Thomas Wolf <thomas.wolf@paranor.ch> and others

  3.  *

  4.  * This program and the accompanying materials are made available under the

  5.  * terms of the Eclipse Distribution License v. 1.0 which is available at

  6.  * https://www.eclipse.org/org/documents/edl-v10.php.

  7.  *

  8.  * SPDX-License-Identifier: BSD-3-Clause

  9.  */

  10. package org.eclipse.jgit.internal.transport.sshd;

  11. 

  12. import static java.text.MessageFormat.format;

  13. 

  14. import java.io.IOException;

  15. import java.io.StreamCorruptedException;

  16. import java.net.SocketAddress;

  17. import java.nio.charset.StandardCharsets;

  18. import java.security.GeneralSecurityException;

  19. import java.security.PublicKey;

  20. import java.util.ArrayList;

  21. import java.util.Collection;

  22. import java.util.Collections;

  23. import java.util.Iterator;

  24. import java.util.LinkedHashSet;

  25. import java.util.List;

  26. import java.util.Map;

  27. import java.util.Objects;

  28. import java.util.Set;

  29. 

  30. import org.apache.sshd.client.ClientFactoryManager;

  31. import org.apache.sshd.client.config.hosts.HostConfigEntry;

  32. import org.apache.sshd.client.future.AuthFuture;

  33. import org.apache.sshd.client.keyverifier.ServerKeyVerifier;

  34. import org.apache.sshd.client.session.ClientSessionImpl;

  35. import org.apache.sshd.client.session.ClientUserAuthService;

  36. import org.apache.sshd.common.AttributeRepository;

  37. import org.apache.sshd.common.FactoryManager;

  38. import org.apache.sshd.common.PropertyResolver;

  39. import org.apache.sshd.common.PropertyResolverUtils;

  40. import org.apache.sshd.common.SshException;

  41. import org.apache.sshd.common.config.keys.KeyUtils;

  42. import org.apache.sshd.common.io.IoSession;

  43. import org.apache.sshd.common.io.IoWriteFuture;

  44. import org.apache.sshd.common.kex.KexState;

  45. import org.apache.sshd.common.util.Readable;

  46. import org.apache.sshd.common.util.buffer.Buffer;

  47. import org.eclipse.jgit.errors.InvalidPatternException;

  48. import org.eclipse.jgit.fnmatch.FileNameMatcher;

  49. import org.eclipse.jgit.internal.transport.sshd.proxy.StatefulProxyConnector;

  50. import org.eclipse.jgit.transport.CredentialsProvider;

  51. import org.eclipse.jgit.transport.SshConstants;

  52. 

  53. /**

  54.  * A {@link org.apache.sshd.client.session.ClientSession ClientSession} that can

  55.  * be associated with the {@link HostConfigEntry} the session was created for.

  56.  * The {@link JGitSshClient} creates such sessions and sets this association.

  57.  * <p>

  58.  * Also provides for associating a JGit {@link CredentialsProvider} with a

  59.  * session.

  60.  * </p>

  61.  */

  62. public class JGitClientSession extends ClientSessionImpl {

  63. 

  64. 	/**

  65. 	 * Default setting for the maximum number of bytes to read in the initial

  66. 	 * protocol version exchange. 64kb is what OpenSSH < 8.0 read; OpenSSH 8.0

  67. 	 * changed it to 8Mb, but that seems excessive for the purpose stated in RFC

  68. 	 * 4253. The Apache MINA sshd default in

  69. 	 * {@link FactoryManager#DEFAULT_MAX_IDENTIFICATION_SIZE} is 16kb.

  70. 	 */

  71. 	private static final int DEFAULT_MAX_IDENTIFICATION_SIZE = 64 * 1024;

  72. 

  73. 	private HostConfigEntry hostConfig;

  74. 

  75. 	private CredentialsProvider credentialsProvider;

  76. 

  77. 	private volatile StatefulProxyConnector proxyHandler;

  78. 

  79. 	/**

  80. 	 * Work-around for bug 565394 / SSHD-1050; remove when using sshd 2.6.0.

  81. 	 */

  82. 	private volatile AuthFuture authFuture;

  83. 

  84. 	/** Records exceptions before there is an authFuture. */

  85. 	private List<Throwable> earlyErrors = new ArrayList<>();

  86. 

  87. 	/** Guards setting an earlyError and the authFuture together. */

  88. 	private final Object errorLock = new Object();

  89. 

  90. 	/**

  91. 	 * @param manager

  92. 	 * @param session

  93. 	 * @throws Exception

  94. 	 */

  95. 	public JGitClientSession(ClientFactoryManager manager, IoSession session)

  96. 			throws Exception {

  97. 		super(manager, session);

  98. 	}

  99. 

  100. 	// BEGIN Work-around for bug 565394 / SSHD-1050

  101. 	// Remove when using sshd 2.6.0.

  102. 

  103. 	@Override

  104. 	public AuthFuture auth() throws IOException {

  105. 		if (getUsername() == null) {

  106. 			throw new IllegalStateException(

  107. 					SshdText.get().sessionWithoutUsername);

  108. 		}

  109. 		ClientUserAuthService authService = getUserAuthService();

  110. 		String serviceName = nextServiceName();

  111. 		List<Throwable> errors = null;

  112. 		AuthFuture future;

  113. 		// Guard both getting early errors and setting authFuture

  114. 		synchronized (errorLock) {

  115. 			future = authService.auth(serviceName);

  116. 			if (future == null) {

  117. 				// Internal error; no translation.

  118. 				throw new IllegalStateException(

  119. 						"No auth future generated by service '" //$NON-NLS-1$

  120. 								+ serviceName + '\'');

  121. 			}

  122. 			errors = earlyErrors;

  123. 			earlyErrors = null;

  124. 			authFuture = future;

  125. 		}

  126. 		if (errors != null && !errors.isEmpty()) {

  127. 			Iterator<Throwable> iter = errors.iterator();

  128. 			Throwable first = iter.next();

  129. 			iter.forEachRemaining(t -> {

  130. 				if (t != first && t != null) {

  131. 					first.addSuppressed(t);

  132. 				}

  133. 			});

  134. 			// Mark the future as having had an exception; just to be on the

  135. 			// safe side. Actually, there shouldn't be anyone waiting on this

  136. 			// future yet.

  137. 			future.setException(first);

  138. 			if (log.isDebugEnabled()) {

  139. 				log.debug("auth({}) early exception type={}: {}", //$NON-NLS-1$

  140. 						this, first.getClass().getSimpleName(),

  141. 						first.getMessage());

  142. 			}

  143. 			if (first instanceof SshException) {

  144. 				throw new SshException(

  145. 						((SshException) first).getDisconnectCode(),

  146. 						first.getMessage(), first);

  147. 			}

  148. 			throw new IOException(first.getMessage(), first);

  149. 		}

  150. 		return future;

  151. 	}

  152. 

  153. 	@Override

  154. 	protected void signalAuthFailure(AuthFuture future, Throwable t) {

  155. 		signalAuthFailure(t);

  156. 	}

  157. 

  158. 	private void signalAuthFailure(Throwable t) {

  159. 		AuthFuture future = authFuture;

  160. 		if (future == null) {

  161. 			synchronized (errorLock) {

  162. 				if (earlyErrors != null) {

  163. 					earlyErrors.add(t);

  164. 				}

  165. 				future = authFuture;

  166. 			}

  167. 		}

  168. 		if (future != null) {

  169. 			future.setException(t);

  170. 		}

  171. 		if (log.isDebugEnabled()) {

  172. 			boolean signalled = future != null && t == future.getException();

  173. 			log.debug("signalAuthFailure({}) type={}, signalled={}: {}", this, //$NON-NLS-1$

  174. 					t.getClass().getSimpleName(), Boolean.valueOf(signalled),

  175. 					t.getMessage());

  176. 		}

  177. 	}

  178. 

  179. 	@Override

  180. 	public void exceptionCaught(Throwable t) {

  181. 		signalAuthFailure(t);

  182. 		super.exceptionCaught(t);

  183. 	}

  184. 

  185. 	@Override

  186. 	protected void preClose() {

  187. 		signalAuthFailure(

  188. 				new SshException(SshdText.get().authenticationOnClosedSession));

  189. 		super.preClose();

  190. 	}

  191. 

  192. 	@Override

  193. 	protected void handleDisconnect(int code, String msg, String lang,

  194. 			Buffer buffer) throws Exception {

  195. 		signalAuthFailure(new SshException(code, msg));

  196. 		super.handleDisconnect(code, msg, lang, buffer);

  197. 	}

  198. 

  199. 	@Override

  200. 	protected <C extends Collection<ClientSessionEvent>> C updateCurrentSessionState(

  201. 			C newState) {

  202. 		if (closeFuture.isClosed()) {

  203. 			newState.add(ClientSessionEvent.CLOSED);

  204. 		}

  205. 		if (isAuthenticated()) { // authFuture.isSuccess()

  206. 			newState.add(ClientSessionEvent.AUTHED);

  207. 		}

  208. 		if (KexState.DONE.equals(getKexState())) {

  209. 			AuthFuture future = authFuture;

  210. 			if (future == null || future.isFailure()) {

  211. 				newState.add(ClientSessionEvent.WAIT_AUTH);

  212. 			}

  213. 		}

  214. 		return newState;

  215. 	}

  216. 

  217. 	// END Work-around for bug 565394 / SSHD-1050

  218. 

  219. 	/**

  220. 	 * Retrieves the {@link HostConfigEntry} this session was created for.

  221. 	 *

  222. 	 * @return the {@link HostConfigEntry}, or {@code null} if none set

  223. 	 */

  224. 	public HostConfigEntry getHostConfigEntry() {

  225. 		return hostConfig;

  226. 	}

  227. 

  228. 	/**

  229. 	 * Sets the {@link HostConfigEntry} this session was created for.

  230. 	 *

  231. 	 * @param hostConfig

  232. 	 *            the {@link HostConfigEntry}

  233. 	 */

  234. 	public void setHostConfigEntry(HostConfigEntry hostConfig) {

  235. 		this.hostConfig = hostConfig;

  236. 	}

  237. 

  238. 	/**

  239. 	 * Sets the {@link CredentialsProvider} for this session.

  240. 	 *

  241. 	 * @param provider

  242. 	 *            to set

  243. 	 */

  244. 	public void setCredentialsProvider(CredentialsProvider provider) {

  245. 		credentialsProvider = provider;

  246. 	}

  247. 

  248. 	/**

  249. 	 * Retrieves the {@link CredentialsProvider} set for this session.

  250. 	 *

  251. 	 * @return the provider, or {@code null} if none is set.

  252. 	 */

  253. 	public CredentialsProvider getCredentialsProvider() {

  254. 		return credentialsProvider;

  255. 	}

  256. 

  257. 	/**

  258. 	 * Sets a {@link StatefulProxyConnector} to handle proxy connection

  259. 	 * protocols.

  260. 	 *

  261. 	 * @param handler

  262. 	 *            to set

  263. 	 */

  264. 	public void setProxyHandler(StatefulProxyConnector handler) {

  265. 		proxyHandler = handler;

  266. 	}

  267. 

  268. 	@Override

  269. 	protected IoWriteFuture sendIdentification(String ident)

  270. 			throws IOException {

  271. 		StatefulProxyConnector proxy = proxyHandler;

  272. 		if (proxy != null) {

  273. 			try {

  274. 				// We must not block here; the framework starts reading messages

  275. 				// from the peer only once the initial sendKexInit() following

  276. 				// this call to sendIdentification() has returned!

  277. 				proxy.runWhenDone(() -> {

  278. 					JGitClientSession.super.sendIdentification(ident);

  279. 					return null;

  280. 				});

  281. 				// Called only from the ClientSessionImpl constructor, where the

  282. 				// return value is ignored.

  283. 				return null;

  284. 			} catch (IOException e) {

  285. 				throw e;

  286. 			} catch (Exception other) {

  287. 				throw new IOException(other.getLocalizedMessage(), other);

  288. 			}

  289. 		}

  290. 		return super.sendIdentification(ident);

  291. 	}

  292. 

  293. 	@Override

  294. 	protected byte[] sendKexInit()

  295. 			throws IOException, GeneralSecurityException {

  296. 		StatefulProxyConnector proxy = proxyHandler;

  297. 		if (proxy != null) {

  298. 			try {

  299. 				// We must not block here; the framework starts reading messages

  300. 				// from the peer only once the initial sendKexInit() has

  301. 				// returned!

  302. 				proxy.runWhenDone(() -> {

  303. 					JGitClientSession.super.sendKexInit();

  304. 					return null;

  305. 				});

  306. 				// This is called only from the ClientSessionImpl

  307. 				// constructor, where the return value is ignored.

  308. 				return null;

  309. 			} catch (IOException | GeneralSecurityException e) {

  310. 				throw e;

  311. 			} catch (Exception other) {

  312. 				throw new IOException(other.getLocalizedMessage(), other);

  313. 			}

  314. 		}

  315. 		return super.sendKexInit();

  316. 	}

  317. 

  318. 	/**

  319. 	 * {@inheritDoc}

  320. 	 *

  321. 	 * As long as we're still setting up the proxy connection, diverts messages

  322. 	 * to the {@link StatefulProxyConnector}.

  323. 	 */

  324. 	@Override

  325. 	public void messageReceived(Readable buffer) throws Exception {

  326. 		StatefulProxyConnector proxy = proxyHandler;

  327. 		if (proxy != null) {

  328. 			proxy.messageReceived(getIoSession(), buffer);

  329. 		} else {

  330. 			super.messageReceived(buffer);

  331. 		}

  332. 	}

  333. 

  334. 	@Override

  335. 	protected void checkKeys() throws SshException {

  336. 		ServerKeyVerifier serverKeyVerifier = getServerKeyVerifier();

  337. 		// The super implementation always uses

  338. 		// getIoSession().getRemoteAddress(). In case of a proxy connection,

  339. 		// that would be the address of the proxy!

  340. 		SocketAddress remoteAddress = getConnectAddress();

  341. 		PublicKey serverKey = getKex().getServerKey();

  342. 		if (!serverKeyVerifier.verifyServerKey(this, remoteAddress,

  343. 				serverKey)) {

  344. 			throw new SshException(

  345. 					org.apache.sshd.common.SshConstants.SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE,

  346. 					SshdText.get().kexServerKeyInvalid);

  347. 		}

  348. 	}

  349. 

  350. 	@Override

  351. 	protected String resolveAvailableSignaturesProposal(

  352. 			FactoryManager manager) {

  353. 		Set<String> defaultSignatures = new LinkedHashSet<>();

  354. 		defaultSignatures.addAll(getSignatureFactoriesNames());

  355. 		HostConfigEntry config = resolveAttribute(

  356. 				JGitSshClient.HOST_CONFIG_ENTRY);

  357. 		String hostKeyAlgorithms = config

  358. 				.getProperty(SshConstants.HOST_KEY_ALGORITHMS);

  359. 		if (hostKeyAlgorithms != null && !hostKeyAlgorithms.isEmpty()) {

  360. 			char first = hostKeyAlgorithms.charAt(0);

  361. 			switch (first) {

  362. 			case '+':

  363. 				// Additions make not much sense -- it's either in

  364. 				// defaultSignatures already, or we have no implementation for

  365. 				// it. No point in proposing it.

  366. 				return String.join(",", defaultSignatures); //$NON-NLS-1$

  367. 			case '-':

  368. 				// This takes wildcard patterns!

  369. 				removeFromList(defaultSignatures,

  370. 						SshConstants.HOST_KEY_ALGORITHMS,

  371. 						hostKeyAlgorithms.substring(1));

  372. 				if (defaultSignatures.isEmpty()) {

  373. 					// Too bad: user config error. Warn here, and then fail

  374. 					// later.

  375. 					log.warn(format(

  376. 							SshdText.get().configNoRemainingHostKeyAlgorithms,

  377. 							hostKeyAlgorithms));

  378. 				}

  379. 				return String.join(",", defaultSignatures); //$NON-NLS-1$

  380. 			default:

  381. 				// Default is overridden -- only accept the ones for which we do

  382. 				// have an implementation.

  383. 				List<String> newNames = filteredList(defaultSignatures,

  384. 						hostKeyAlgorithms);

  385. 				if (newNames.isEmpty()) {

  386. 					log.warn(format(

  387. 							SshdText.get().configNoKnownHostKeyAlgorithms,

  388. 							hostKeyAlgorithms));

  389. 					// Use the default instead.

  390. 				} else {

  391. 					return String.join(",", newNames); //$NON-NLS-1$

  392. 				}

  393. 				break;

  394. 			}

  395. 		}

  396. 		// No HostKeyAlgorithms; using default -- change order to put existing

  397. 		// keys first.

  398. 		ServerKeyVerifier verifier = getServerKeyVerifier();

  399. 		if (verifier instanceof ServerKeyLookup) {

  400. 			SocketAddress remoteAddress = resolvePeerAddress(

  401. 					resolveAttribute(JGitSshClient.ORIGINAL_REMOTE_ADDRESS));

  402. 			List<PublicKey> allKnownKeys = ((ServerKeyLookup) verifier)

  403. 					.lookup(this, remoteAddress);

  404. 			Set<String> reordered = new LinkedHashSet<>();

  405. 			for (PublicKey key : allKnownKeys) {

  406. 				if (key != null) {

  407. 					String keyType = KeyUtils.getKeyType(key);

  408. 					if (keyType != null) {

  409. 						reordered.add(keyType);

  410. 					}

  411. 				}

  412. 			}

  413. 			reordered.addAll(defaultSignatures);

  414. 			return String.join(",", reordered); //$NON-NLS-1$

  415. 		}

  416. 		return String.join(",", defaultSignatures); //$NON-NLS-1$

  417. 	}

  418. 

  419. 	private void removeFromList(Set<String> current, String key,

  420. 			String patterns) {

  421. 		for (String toRemove : patterns.split("\\s*,\\s*")) { //$NON-NLS-1$

  422. 			if (toRemove.indexOf('*') < 0 && toRemove.indexOf('?') < 0) {

  423. 				current.remove(toRemove);

  424. 				continue;

  425. 			}

  426. 			try {

  427. 				FileNameMatcher matcher = new FileNameMatcher(toRemove, null);

  428. 				for (Iterator<String> i = current.iterator(); i.hasNext();) {

  429. 					matcher.reset();

  430. 					matcher.append(i.next());

  431. 					if (matcher.isMatch()) {

  432. 						i.remove();

  433. 					}

  434. 				}

  435. 			} catch (InvalidPatternException e) {

  436. 				log.warn(format(SshdText.get().configInvalidPattern, key,

  437. 						toRemove));

  438. 			}

  439. 		}

  440. 	}

  441. 

  442. 	private List<String> filteredList(Set<String> known, String values) {

  443. 		List<String> newNames = new ArrayList<>();

  444. 		for (String newValue : values.split("\\s*,\\s*")) { //$NON-NLS-1$

  445. 			if (known.contains(newValue)) {

  446. 				newNames.add(newValue);

  447. 			}

  448. 		}

  449. 		return newNames;

  450. 	}

  451. 

  452. 	/**

  453. 	 * Reads the RFC 4253, section 4.2 protocol version identification. The

  454. 	 * Apache MINA sshd default implementation checks for NUL bytes also in any

  455. 	 * preceding lines, whereas RFC 4253 requires such a check only for the

  456. 	 * actual identification string starting with "SSH-". Likewise, the 255

  457. 	 * character limit exists only for the identification string, not for the

  458. 	 * preceding lines. CR-LF handling is also relaxed.

  459. 	 *

  460. 	 * @param buffer

  461. 	 *            to read from

  462. 	 * @param server

  463. 	 *            whether we're an SSH server (should always be {@code false})

  464. 	 * @return the lines read, with the server identification line last, or

  465. 	 *         {@code null} if no identification line was found and more bytes

  466. 	 *         are needed

  467. 	 * @throws StreamCorruptedException

  468. 	 *             if the identification is malformed

  469. 	 * @see <a href="https://tools.ietf.org/html/rfc4253#section-4.2">RFC 4253,

  470. 	 *      section 4.2</a>

  471. 	 */

  472. 	@Override

  473. 	protected List<String> doReadIdentification(Buffer buffer, boolean server)

  474. 			throws StreamCorruptedException {

  475. 		if (server) {

  476. 			// Should never happen. No translation; internal bug.

  477. 			throw new IllegalStateException(

  478. 					"doReadIdentification of client called with server=true"); //$NON-NLS-1$

  479. 		}

  480. 		int maxIdentSize = PropertyResolverUtils.getIntProperty(this,

  481. 				FactoryManager.MAX_IDENTIFICATION_SIZE,

  482. 				DEFAULT_MAX_IDENTIFICATION_SIZE);

  483. 		int current = buffer.rpos();

  484. 		int end = current + buffer.available();

  485. 		if (current >= end) {

  486. 			return null;

  487. 		}

  488. 		byte[] raw = buffer.array();

  489. 		List<String> ident = new ArrayList<>();

  490. 		int start = current;

  491. 		boolean hasNul = false;

  492. 		for (int i = current; i < end; i++) {

  493. 			switch (raw[i]) {

  494. 			case 0:

  495. 				hasNul = true;

  496. 				break;

  497. 			case '\n':

  498. 				int eol = 1;

  499. 				if (i > start && raw[i - 1] == '\r') {

  500. 					eol++;

  501. 				}

  502. 				String line = new String(raw, start, i + 1 - eol - start,

  503. 						StandardCharsets.UTF_8);

  504. 				start = i + 1;

  505. 				if (log.isDebugEnabled()) {

  506. 					log.debug(format("doReadIdentification({0}) line: ", this) + //$NON-NLS-1$

  507. 							escapeControls(line));

  508. 				}

  509. 				ident.add(line);

  510. 				if (line.startsWith("SSH-")) { //$NON-NLS-1$

  511. 					if (hasNul) {

  512. 						throw new StreamCorruptedException(

  513. 								format(SshdText.get().serverIdWithNul,

  514. 										escapeControls(line)));

  515. 					}

  516. 					if (line.length() + eol > 255) {

  517. 						throw new StreamCorruptedException(

  518. 								format(SshdText.get().serverIdTooLong,

  519. 										escapeControls(line)));

  520. 					}

  521. 					buffer.rpos(start);

  522. 					return ident;

  523. 				}

  524. 				// If this were a server, we could throw an exception here: a

  525. 				// client is not supposed to send any extra lines before its

  526. 				// identification string.

  527. 				hasNul = false;

  528. 				break;

  529. 			default:

  530. 				break;

  531. 			}

  532. 			if (i - current + 1 >= maxIdentSize) {

  533. 				String msg = format(SshdText.get().serverIdNotReceived,

  534. 						Integer.toString(maxIdentSize));

  535. 				if (log.isDebugEnabled()) {

  536. 					log.debug(msg);

  537. 					log.debug(buffer.toHex());

  538. 				}

  539. 				throw new StreamCorruptedException(msg);

  540. 			}

  541. 		}

  542. 		// Need more data

  543. 		return null;

  544. 	}

  545. 

  546. 	private static String escapeControls(String s) {

  547. 		StringBuilder b = new StringBuilder();

  548. 		int l = s.length();

  549. 		for (int i = 0; i < l; i++) {

  550. 			char ch = s.charAt(i);

  551. 			if (Character.isISOControl(ch)) {

  552. 				b.append(ch <= 0xF ? "\\u000" : "\\u00") //$NON-NLS-1$ //$NON-NLS-2$

  553. 						.append(Integer.toHexString(ch));

  554. 			} else {

  555. 				b.append(ch);

  556. 			}

  557. 		}

  558. 		return b.toString();

  559. 	}

  560. 

  561. 	@Override

  562. 	public <T> T getAttribute(AttributeKey<T> key) {

  563. 		T value = super.getAttribute(key);

  564. 		if (value == null) {

  565. 			IoSession ioSession = getIoSession();

  566. 			if (ioSession != null) {

  567. 				Object obj = ioSession.getAttribute(AttributeRepository.class);

  568. 				if (obj instanceof AttributeRepository) {

  569. 					AttributeRepository sessionAttributes = (AttributeRepository) obj;

  570. 					value = sessionAttributes.resolveAttribute(key);

  571. 				}

  572. 			}

  573. 		}

  574. 		return value;

  575. 	}

  576. 

  577. 	@Override

  578. 	public PropertyResolver getParentPropertyResolver() {

  579. 		IoSession ioSession = getIoSession();

  580. 		if (ioSession != null) {

  581. 			Object obj = ioSession.getAttribute(AttributeRepository.class);

  582. 			if (obj instanceof PropertyResolver) {

  583. 				return (PropertyResolver) obj;

  584. 			}

  585. 		}

  586. 		return super.getParentPropertyResolver();

  587. 	}

  588. 

  589. 	/**

  590. 	 * An {@link AttributeRepository} that chains together two other attribute

  591. 	 * sources in a hierarchy.

  592. 	 */

  593. 	public static class ChainingAttributes implements AttributeRepository {

  594. 

  595. 		private final AttributeRepository delegate;

  596. 

  597. 		private final AttributeRepository parent;

  598. 

  599. 		/**

  600. 		 * Create a new {@link ChainingAttributes} attribute source.

  601. 		 *

  602. 		 * @param self

  603. 		 *            to search for attributes first

  604. 		 * @param parent

  605. 		 *            to search for attributes if not found in {@code self}

  606. 		 */

  607. 		public ChainingAttributes(AttributeRepository self,

  608. 				AttributeRepository parent) {

  609. 			this.delegate = self;

  610. 			this.parent = parent;

  611. 		}

  612. 

  613. 		@Override

  614. 		public int getAttributesCount() {

  615. 			return delegate.getAttributesCount();

  616. 		}

  617. 

  618. 		@Override

  619. 		public <T> T getAttribute(AttributeKey<T> key) {

  620. 			return delegate.getAttribute(Objects.requireNonNull(key));

  621. 		}

  622. 

  623. 		@Override

  624. 		public Collection<AttributeKey<?>> attributeKeys() {

  625. 			return delegate.attributeKeys();

  626. 		}

  627. 

  628. 		@Override

  629. 		public <T> T resolveAttribute(AttributeKey<T> key) {

  630. 			T value = getAttribute(Objects.requireNonNull(key));

  631. 			if (value == null) {

  632. 				return parent.getAttribute(key);

  633. 			}

  634. 			return value;

  635. 		}

  636. 	}

  637. 

  638. 	/**

  639. 	 * A {@link ChainingAttributes} repository that doubles as a

  640. 	 * {@link PropertyResolver}. The property map can be set via the attribute

  641. 	 * key {@link SessionAttributes#PROPERTIES}.

  642. 	 */

  643. 	public static class SessionAttributes extends ChainingAttributes

  644. 			implements PropertyResolver {

  645. 

  646. 		/** Key for storing a map of properties in the attributes. */

  647. 		public static final AttributeKey<Map<String, Object>> PROPERTIES = new AttributeKey<>();

  648. 

  649. 		private final PropertyResolver parentProperties;

  650. 

  651. 		/**

  652. 		 * Creates a new {@link SessionAttributes} attribute and property

  653. 		 * source.

  654. 		 *

  655. 		 * @param self

  656. 		 *            to search for attributes first

  657. 		 * @param parent

  658. 		 *            to search for attributes if not found in {@code self}

  659. 		 * @param parentProperties

  660. 		 *            to search for properties if not found in {@code self}

  661. 		 */

  662. 		public SessionAttributes(AttributeRepository self,

  663. 				AttributeRepository parent, PropertyResolver parentProperties) {

  664. 			super(self, parent);

  665. 			this.parentProperties = parentProperties;

  666. 		}

  667. 

  668. 		@Override

  669. 		public PropertyResolver getParentPropertyResolver() {

  670. 			return parentProperties;

  671. 		}

  672. 

  673. 		@Override

  674. 		public Map<String, Object> getProperties() {

  675. 			Map<String, Object> props = getAttribute(PROPERTIES);

  676. 			return props == null ? Collections.emptyMap() : props;

  677. 		}

  678. 	}

  679. }