Gitblit devel
parent: 3636765f | patch | commit | ignore whitespace
James Moger
2014-09-26 cbf820ffdc7c888b2130d6c14e179522ee6246b2 
Merged #190 "Extract authenticate method from CachingPublicKeyAuthenticator"
1 files renamed
1 files modified
48 ■■■■ changed files
src/main/java/com/gitblit/transport/ssh/SshDaemon.java 7 ●●●●● patch | view | raw | blame | history
src/main/java/com/gitblit/transport/ssh/SshKeyAuthenticator.java 41 ●●●●● patch | view | raw | blame | history 
 src/main/java/com/gitblit/transport/ssh/SshDaemon.java


@@ -31,6 +31,7 @@


import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory;


import org.apache.sshd.common.keyprovider.FileKeyPairProvider;


import org.apache.sshd.common.util.SecurityUtils;


import org.apache.sshd.server.auth.CachingPublicKeyAuthenticator;


import org.bouncycastle.openssl.PEMWriter;


import org.eclipse.jgit.internal.JGitText;


import org.slf4j.Logger;


@@ -95,8 +96,8 @@


        hostKeyPairProvider.setFiles(new String [] { rsaKeyStore.getPath(), dsaKeyStore.getPath(), dsaKeyStore.getPath() });




        // Client public key authenticator


        CachingPublicKeyAuthenticator keyAuthenticator =


                new CachingPublicKeyAuthenticator(gitblit.getPublicKeyManager(), gitblit);


        SshKeyAuthenticator keyAuthenticator =


                new SshKeyAuthenticator(gitblit.getPublicKeyManager(), gitblit);




        // Configure the preferred SSHD backend


        String sshBackendStr = settings.getString(Keys.git.sshBackend,


@@ -122,7 +123,7 @@


        sshd.setPort(addr.getPort());


        sshd.setHost(addr.getHostName());


        sshd.setKeyPairProvider(hostKeyPairProvider);


        sshd.setPublickeyAuthenticator(keyAuthenticator);


        sshd.setPublickeyAuthenticator(new CachingPublicKeyAuthenticator(keyAuthenticator));


        sshd.setPasswordAuthenticator(new UsernamePasswordAuthenticator(gitblit));


        sshd.setSessionFactory(new SshServerSessionFactory());


        sshd.setFileSystemFactory(new DisabledFilesystemFactory());




 src/main/java/com/gitblit/transport/ssh/SshKeyAuthenticator.java


File was renamed from src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java


@@ -16,14 +16,9 @@


package com.gitblit.transport.ssh;




import java.security.PublicKey;


import java.util.HashMap;


import java.util.List;


import java.util.Locale;


import java.util.Map;


import java.util.concurrent.ConcurrentHashMap;




import org.apache.sshd.common.Session;


import org.apache.sshd.common.SessionListener;


import org.apache.sshd.server.PublickeyAuthenticator;


import org.apache.sshd.server.session.ServerSession;


import org.slf4j.Logger;


@@ -37,7 +32,7 @@


 * Authenticates an SSH session against a public key.


 *


 */


public class CachingPublicKeyAuthenticator implements PublickeyAuthenticator, SessionListener {


public class SshKeyAuthenticator implements PublickeyAuthenticator {




    protected final Logger log = LoggerFactory.getLogger(getClass());




@@ -45,30 +40,13 @@




    protected final IAuthenticationManager authManager;




    private final Map<ServerSession, Map<PublicKey, Boolean>> cache = new ConcurrentHashMap<ServerSession, Map<PublicKey, Boolean>>();




    public CachingPublicKeyAuthenticator(IPublicKeyManager keyManager, IAuthenticationManager authManager) {


    public SshKeyAuthenticator(IPublicKeyManager keyManager, IAuthenticationManager authManager) {


        this.keyManager = keyManager;


        this.authManager = authManager;


    }




    @Override


    public boolean authenticate(String username, PublicKey key, ServerSession session) {


        Map<PublicKey, Boolean> map = cache.get(session);


        if (map == null) {


            map = new HashMap<PublicKey, Boolean>();


            cache.put(session, map);


            session.addListener(this);


        }


        if (map.containsKey(key)) {


            return map.get(key);


        }


        boolean result = doAuthenticate(username, key, session);


        map.put(key, result);


        return result;


    }




    private boolean doAuthenticate(String username, PublicKey suppliedKey, ServerSession session) {


    public boolean authenticate(String username, PublicKey suppliedKey, ServerSession session) {


        SshDaemonClient client = session.getAttribute(SshDaemonClient.KEY);


        Preconditions.checkState(client.getUser() == null);


        username = username.toLowerCase(Locale.US);


@@ -95,18 +73,5 @@




        log.warn("could not authenticate {} for SSH using the supplied public key", username);


        return false;


    }




    @Override


    public void sessionCreated(Session session) {


    }




    @Override


    public void sessionEvent(Session sesssion, Event event) {


    }




    @Override


    public void sessionClosed(Session session) {


        cache.remove(session);


    }


}