Beispiel #1
0
 /**
  * @param bar
  * @throws InvalidMessageException
  */
 protected void constructMessage(ByteArrayReader bar) throws InvalidMessageException {
   try {
     hostKey = bar.readBinaryString();
     f = bar.readBigInteger();
     signature = bar.readBinaryString();
   } catch (IOException ioe) {
     throw new InvalidMessageException("Error reading message data: " + ioe.getMessage());
   }
 }
 /**
  * @param bar
  * @throws InvalidMessageException
  */
 protected void constructMessage(ByteArrayReader bar) throws InvalidMessageException {
   try {
     if (bar.available() > 0) {
       requestData = new byte[bar.available()];
       bar.read(requestData);
     }
   } catch (IOException ioe) {
     throw new InvalidMessageException("Invalid message data");
   }
 }
 public void testReadInt() {
   byte[] data = {0x01, 0x01, 0x01, 0x01};
   ByteArrayReader reader = new ByteArrayReader(data);
   try {
     assertEquals("failed to retrieve integer.", 16843009, reader.readInt());
   } catch (IOException e) {
     e.printStackTrace();
     fail("failed to retrieve integer.");
   }
 }
  /**
   * @param authentication
   * @param msg
   * @return
   * @throws IOException
   */
  public int authenticate(AuthenticationProtocolServer authentication, SshMsgUserAuthRequest msg)
      throws IOException {
    NativeAuthenticationProvider authImpl = NativeAuthenticationProvider.getInstance();

    if (authImpl == null) {
      log.error("Cannot perfrom authentication witout native authentication provider");

      return AuthenticationProtocolState.FAILED;
    }

    ByteArrayReader bar = new ByteArrayReader(msg.getRequestData());
    boolean changepwd = ((bar.read() == 0) ? false : true);
    String password = bar.readString();
    String newpassword = null;

    if (changepwd) {
      newpassword = bar.readString();

      try {
        if (!authImpl.changePassword(msg.getUsername(), password, newpassword)) {
          return AuthenticationProtocolState.FAILED;
        }

        if (authImpl.logonUser(msg.getUsername(), newpassword)) {
          return AuthenticationProtocolState.COMPLETE;
        } else {
          return AuthenticationProtocolState.FAILED;
        }
      } catch (PasswordChangeException ex1) {
        return AuthenticationProtocolState.FAILED;
      }
    } else {
      try {
        if (authImpl.logonUser(msg.getUsername(), password)) {
          log.info(msg.getUsername() + " has passed password authentication");

          return AuthenticationProtocolState.COMPLETE;
        } else {
          log.info(msg.getUsername() + " has failed password authentication");

          return AuthenticationProtocolState.FAILED;
        }
      } catch (PasswordChangeException ex) {
        SshMsgUserAuthPwdChangeReq reply =
            new SshMsgUserAuthPwdChangeReq(
                msg.getUsername() + " is required to change password", "");
        authentication.sendMessage(reply);

        return AuthenticationProtocolState.READY;
      }
    }
  }
Beispiel #5
0
 /**
  * @param bar
  * @throws InvalidMessageException
  */
 protected void constructMessage(ByteArrayReader bar) throws InvalidMessageException {
   try {
     cookie = new byte[16];
     bar.read(cookie);
     supportedKex = loadListFromString(bar.readString());
     supportedPK = loadListFromString(bar.readString());
     supportedEncryptCS = loadListFromString(bar.readString());
     supportedEncryptSC = loadListFromString(bar.readString());
     supportedMacCS = loadListFromString(bar.readString());
     supportedMacSC = loadListFromString(bar.readString());
     supportedCompCS = loadListFromString(bar.readString());
     supportedCompSC = loadListFromString(bar.readString());
     supportedLangCS = loadListFromString(bar.readString());
     supportedLangSC = loadListFromString(bar.readString());
     firstKexFollows = (bar.read() == 0) ? false : true;
   } catch (IOException ioe) {
     throw new InvalidMessageException("Error reading message data: " + ioe.getMessage());
   }
 }
Beispiel #6
0
 /**
  * @param bar
  * @throws java.io.IOException
  * @throws com.sshtools.j2ssh.transport.InvalidMessageException DOCUMENT ME!
  */
 public void constructMessage(ByteArrayReader bar)
     throws java.io.IOException, com.sshtools.j2ssh.transport.InvalidMessageException {
   id = bar.readUINT32();
   path = bar.readString();
   attrs = new FileAttributes(bar);
 }
  public void authenticate(AuthenticationProtocolClient authenticationprotocolclient, String s)
      throws IOException, TerminatedStateException {
    try {
      logger.finest("Registering gss-ssh return messages.");
      authenticationprotocolclient.registerMessage(
          com.sshtools.j2ssh.authentication.SshMsgUserauthGssapiResponse.class, 60);
      authenticationprotocolclient.registerMessage(
          com.sshtools.j2ssh.authentication.SshMsgUserauthGssapiToken.class, 61);
      authenticationprotocolclient.registerMessage(
          com.sshtools.j2ssh.authentication.SshMsgUserauthGssapiError.class, 64);
      authenticationprotocolclient.registerMessage(
          com.sshtools.j2ssh.authentication.SshMsgUserauthGssapiErrtok.class, 65);
      logger.finest("Sending gssapi user auth request.");
      ByteArrayWriter bytearraywriter = new ByteArrayWriter();
      bytearraywriter.writeUINT32(new UnsignedInteger32(1L));
      byte abyte0[] = GSSConstants.MECH_OID.getDER();
      bytearraywriter.writeBinaryString(abyte0);
      logger.finest("Username:"******"gssapi", bytearraywriter.toByteArray());
      authenticationprotocolclient.sendMessage(sshmsguserauthrequest);
      logger.finest("Receiving user auth response:");
      SshMsgUserauthGssapiResponse sshmsguserauthgssapiresponse =
          (SshMsgUserauthGssapiResponse) authenticationprotocolclient.readMessage(60);
      ByteArrayReader bytearrayreader =
          new ByteArrayReader(sshmsguserauthgssapiresponse.getRequestData());
      byte abyte1[] = bytearrayreader.readBinaryString();
      if (logger.isLoggable(Level.FINEST)) {
        logger.log(Level.FINEST, "Mechanism requested: " + GSSConstants.MECH_OID);
        logger.log(Level.FINEST, "Mechanism selected: " + new Oid(abyte1));
        logger.log(Level.FINEST, "Verify that selected mechanism is GSSAPI.");
      }
      if (!GSSConstants.MECH_OID.equals(new Oid(abyte1))) {
        logger.warning("Mechanism do not match!");
        throw new IOException("Mechanism do not match!");
      }
      logger.finest("Creating GSS context base on grid credentials.");
      GlobusGSSManagerImpl globusgssmanagerimpl = new GlobusGSSManagerImpl();

      HostAuthorization gssAuth = new HostAuthorization(null);
      GSSName targetName = gssAuth.getExpectedName(null, hostname);

      GSSContext gsscontext =
          globusgssmanagerimpl.createContext(
              targetName, new Oid(abyte1), gsscredential, GSSCredential.INDEFINITE_LIFETIME - 1);
      gsscontext.requestCredDeleg(true);
      gsscontext.requestMutualAuth(true);
      gsscontext.requestReplayDet(true);
      gsscontext.requestSequenceDet(true);
      // MOD
      // gsscontext.requestConf(false);
      gsscontext.requestConf(true);

      Object type = GSIConstants.DELEGATION_TYPE_LIMITED;
      gsscontext.requestCredDeleg(false);
      ((ExtendedGSSContext) gsscontext).setOption(GSSConstants.DELEGATION_TYPE, type);

      logger.finest("Starting GSS token exchange.");
      byte abyte2[] = new byte[0];
      do {
        if (gsscontext.isEstablished()) break;
        byte abyte3[] = gsscontext.initSecContext(abyte2, 0, abyte2.length);
        if (abyte3 != null) {
          ByteArrayWriter bytearraywriter1 = new ByteArrayWriter();
          bytearraywriter1.writeBinaryString(abyte3);
          SshMsgUserauthGssapiToken sshmsguserauthgssapitoken =
              new SshMsgUserauthGssapiToken(bytearraywriter1.toByteArray());
          authenticationprotocolclient.sendMessage(sshmsguserauthgssapitoken);
        }
        if (!gsscontext.isEstablished()) {
          SshMsgUserauthGssapiToken sshmsguserauthgssapitoken1 =
              (SshMsgUserauthGssapiToken) authenticationprotocolclient.readMessage(61);
          ByteArrayReader bytearrayreader1 =
              new ByteArrayReader(sshmsguserauthgssapitoken1.getRequestData());
          abyte2 = bytearrayreader1.readBinaryString();
        }
      } while (true);
      logger.log(Level.FINEST, "Sending gssapi exchange complete.");
      SshMsgUserauthGssapiExchangeComplete sshmsguserauthgssapiexchangecomplete =
          new SshMsgUserauthGssapiExchangeComplete();
      authenticationprotocolclient.sendMessage(sshmsguserauthgssapiexchangecomplete);
      if (logger.isLoggable(Level.FINEST)) {
        logger.log(
            Level.FINEST,
            "Context established.\nInitiator : "
                + gsscontext.getSrcName()
                + "\nAcceptor  : "
                + gsscontext.getTargName()
                + "\nLifetime  : "
                + gsscontext.getLifetime()
                + "\nIntegrity   : "
                + gsscontext.getIntegState()
                + "\nConfidentiality   : "
                + gsscontext.getConfState()
                + "\nAnonymity : "
                + gsscontext.getAnonymityState());
      }
    } catch (Throwable t) {
      logger.log(Level.WARNING, "Got Exception: ", t);
      throw new TerminatedStateException(AuthenticationProtocolState.FAILED);
    }
  }