public class KnownHostsServerKeyVerifier extends ModifiableFileWatcher implements ServerKeyVerifier, ModifiedServerKeyAcceptor
Modifier and Type | Class and Description |
---|---|
static class |
KnownHostsServerKeyVerifier.HostEntryPair
Represents an entry in the internal verifier's cache
|
Modifier and Type | Field and Description |
---|---|
static String |
KNOWN_HOSTS_FILE_OPTION
Standard option used to indicate alternative known hosts file location
|
static String |
STRICT_CHECKING_OPTION
Standard option used to indicate whether to use strict host key checking or not.
|
protected Object |
updateLock |
options, STRICTLY_PROHIBITED_FILE_PERMISSION
log
Constructor and Description |
---|
KnownHostsServerKeyVerifier(ServerKeyVerifier delegate,
Path file) |
KnownHostsServerKeyVerifier(ServerKeyVerifier delegate,
Path file,
LinkOption... options) |
Modifier and Type | Method and Description |
---|---|
protected boolean |
acceptIncompleteHostKeys(ClientSession clientSession,
SocketAddress remoteAddress,
PublicKey serverKey,
Throwable reason)
Called if failed to reload known hosts - by default invokes
acceptUnknownHostKey(ClientSession, SocketAddress, PublicKey) |
protected boolean |
acceptKnownHostEntries(ClientSession clientSession,
SocketAddress remoteAddress,
PublicKey serverKey,
Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts) |
protected boolean |
acceptKnownHostEntry(ClientSession clientSession,
SocketAddress remoteAddress,
PublicKey serverKey,
KnownHostEntry entry)
Invoked after known host entry located and keys match - by default
checks that entry has not been revoked
|
boolean |
acceptModifiedServerKey(ClientSession clientSession,
SocketAddress remoteAddress,
KnownHostEntry entry,
PublicKey expected,
PublicKey actual)
Invoked when a matching known host key was found but it does not match
the presented one.
|
protected boolean |
acceptUnknownHostKey(ClientSession clientSession,
SocketAddress remoteAddress,
PublicKey serverKey)
Invoked if none of the known hosts matches the current one - by default invokes the delegate.
|
protected KnownHostsServerKeyVerifier.HostEntryPair |
findKnownHostEntry(ClientSession clientSession,
SocketAddress remoteAddress,
Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts) |
ServerKeyVerifier |
getDelegateVerifier() |
protected PublicKeyEntryResolver |
getFallbackPublicKeyEntryResolver() |
protected NamedFactory<Mac> |
getHostValueDigester(ClientSession clientSession,
SocketAddress remoteAddress,
SshdSocketAddress hostIdentity)
Invoked by
prepareKnownHostEntry(ClientSession, SocketAddress, PublicKey)
in order to query whether to use a hashed value instead of a plain one for the
written host name/address - default returns null - i.e., no hashing |
protected Collection<KnownHostsServerKeyVerifier.HostEntryPair> |
getLoadedHostsEntries() |
ModifiedServerKeyAcceptor |
getModifiedServerKeyAcceptor() |
protected void |
handleKnownHostsFileUpdateFailure(ClientSession clientSession,
SocketAddress remoteAddress,
PublicKey serverKey,
Path file,
Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts,
Throwable reason)
Invoked when
updateKnownHostsFile(ClientSession, SocketAddress, PublicKey, Path, Collection) fails - by
default just issues a warning. |
protected void |
handleModifiedServerKeyUpdateFailure(ClientSession clientSession,
SocketAddress remoteAddress,
KnownHostsServerKeyVerifier.HostEntryPair match,
PublicKey serverKey,
Path file,
Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts,
Throwable reason)
Invoked if
#updateModifiedServerKey(ClientSession, SocketAddress, HostEntryPair, PublicKey, Path)
throws an exception. |
protected KnownHostEntry |
prepareKnownHostEntry(ClientSession clientSession,
SocketAddress remoteAddress,
PublicKey serverKey)
Invoked by
updateKnownHostsFile(ClientSession, SocketAddress, PublicKey, Path, Collection)
in order to generate the host entry to be written |
protected String |
prepareModifiedServerKeyLine(ClientSession clientSession,
SocketAddress remoteAddress,
KnownHostEntry entry,
String curLine,
PublicKey expected,
PublicKey actual)
Invoked by
updateModifiedServerKey(ClientSession, SocketAddress, HostEntryPair, PublicKey, Path, Collection)
in order to prepare the replacement - by default it replaces the key part with the new one |
protected List<KnownHostsServerKeyVerifier.HostEntryPair> |
reloadKnownHosts(ClientSession session,
Path file) |
protected PublicKey |
resolveHostKey(ClientSession session,
KnownHostEntry entry,
PublicKeyEntryResolver resolver)
Recover the associated public key from a known host entry
|
protected Collection<SshdSocketAddress> |
resolveHostNetworkIdentities(ClientSession clientSession,
SocketAddress remoteAddress)
Retrieves the host identities to be used when matching or updating an entry
for it - by default returns the reported remote address and the original
connection target host name/address (if same, then only one value is returned)
|
protected void |
setLoadedHostsEntries(Collection<KnownHostsServerKeyVerifier.HostEntryPair> keys) |
void |
setModifiedServerKeyAcceptor(ModifiedServerKeyAcceptor acceptor) |
protected KnownHostEntry |
updateKnownHostsFile(ClientSession clientSession,
SocketAddress remoteAddress,
PublicKey serverKey,
Path file,
Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts)
Invoked if a new previously unknown host key has been accepted - by default
appends a new entry at the end of the currently monitored known hosts file
|
protected void |
updateModifiedServerKey(ClientSession clientSession,
SocketAddress remoteAddress,
KnownHostsServerKeyVerifier.HostEntryPair match,
PublicKey actual,
Path file,
Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts)
Invoked if a matching host entry was found, but the key did not match and
acceptModifiedServerKey(ClientSession, SocketAddress, KnownHostEntry, PublicKey, PublicKey)
returned true . |
boolean |
verifyServerKey(ClientSession clientSession,
SocketAddress remoteAddress,
PublicKey serverKey)
Verify that the server key provided is really the one of the host.
|
checkReloadRequired, exists, getPath, lastModified, resetReloadAttributes, size, toPathResource, toPathResource, toString, updateReloadAttributes, validateStrictConfigFilePermissions
getSimplifiedLogger
public static final String STRICT_CHECKING_OPTION
public static final String KNOWN_HOSTS_FILE_OPTION
protected final Object updateLock
public KnownHostsServerKeyVerifier(ServerKeyVerifier delegate, Path file)
public KnownHostsServerKeyVerifier(ServerKeyVerifier delegate, Path file, LinkOption... options)
public ServerKeyVerifier getDelegateVerifier()
public ModifiedServerKeyAcceptor getModifiedServerKeyAcceptor()
ModifiedServerKeyAcceptor
to consult
if a server presents a modified key. If null
then assumed
to reject such a modificationpublic void setModifiedServerKeyAcceptor(ModifiedServerKeyAcceptor acceptor)
acceptor
- The delegate ModifiedServerKeyAcceptor
to
consult if a server presents a modified key. If null
then
assumed to reject such a modificationpublic boolean verifyServerKey(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey)
ServerKeyVerifier
verifyServerKey
in interface ServerKeyVerifier
clientSession
- the current ClientSession
remoteAddress
- the host's SocketAddress
serverKey
- the presented server PublicKey
true
if the key is accepted for the hostprotected Collection<KnownHostsServerKeyVerifier.HostEntryPair> getLoadedHostsEntries()
protected void setLoadedHostsEntries(Collection<KnownHostsServerKeyVerifier.HostEntryPair> keys)
protected List<KnownHostsServerKeyVerifier.HostEntryPair> reloadKnownHosts(ClientSession session, Path file) throws IOException, GeneralSecurityException
session
- The ClientSession
that triggered this requestfile
- The Path
to reload fromList
of the loaded KnownHostsServerKeyVerifier.HostEntryPair
s - may be null
/emptyIOException
- If failed to parse the fileGeneralSecurityException
- If failed to resolve the encoded public keysprotected PublicKey resolveHostKey(ClientSession session, KnownHostEntry entry, PublicKeyEntryResolver resolver) throws IOException, GeneralSecurityException
session
- The ClientSession
that triggered this requestentry
- The KnownHostEntry
- ignored if null
resolver
- The PublicKeyEntryResolver
to use if immediate
- decoding does not work - ignored if null
PublicKey
- null
if noneIOException
- If failed to decode the keyGeneralSecurityException
- If failed to generate the keygetFallbackPublicKeyEntryResolver()
,
PublicKeyEntry.resolvePublicKey(SessionContext, PublicKeyEntryResolver)
protected PublicKeyEntryResolver getFallbackPublicKeyEntryResolver()
protected boolean acceptKnownHostEntries(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey, Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts)
protected void updateModifiedServerKey(ClientSession clientSession, SocketAddress remoteAddress, KnownHostsServerKeyVerifier.HostEntryPair match, PublicKey actual, Path file, Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts) throws Exception
acceptModifiedServerKey(ClientSession, SocketAddress, KnownHostEntry, PublicKey, PublicKey)
returned true
. By default it locates the line to be updated and updates only
its key data, marking the file for reload on next verification just to be
on the safe side.clientSession
- The ClientSession
remoteAddress
- The remote host addressmatch
- The KnownHostsServerKeyVerifier.HostEntryPair
whose key does not matchactual
- The presented server PublicKey
to be updatedfile
- The file Path
to be updatedknownHosts
- The currently loaded entriesException
- If failed to update the file - Note: this may mean the
file is now corruptedhandleModifiedServerKeyUpdateFailure(ClientSession, SocketAddress, HostEntryPair, PublicKey, Path, Collection, Throwable)
,
prepareModifiedServerKeyLine(ClientSession, SocketAddress, KnownHostEntry, String, PublicKey, PublicKey)
protected String prepareModifiedServerKeyLine(ClientSession clientSession, SocketAddress remoteAddress, KnownHostEntry entry, String curLine, PublicKey expected, PublicKey actual) throws Exception
updateModifiedServerKey(ClientSession, SocketAddress, HostEntryPair, PublicKey, Path, Collection)
in order to prepare the replacement - by default it replaces the key part with the new oneclientSession
- The ClientSession
remoteAddress
- The remote host addressentry
- The KnownHostEntry
curLine
- The current entry line dataexpected
- The expected PublicKey
actual
- The present key to be updatenull
/empty or same as original oneException
- if failed to prepare the lineprotected void handleModifiedServerKeyUpdateFailure(ClientSession clientSession, SocketAddress remoteAddress, KnownHostsServerKeyVerifier.HostEntryPair match, PublicKey serverKey, Path file, Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts, Throwable reason)
#updateModifiedServerKey(ClientSession, SocketAddress, HostEntryPair, PublicKey, Path)
throws an exception. This may mean the file is corrupted, but it can be recovered from the known hosts
that are being provided. By default, it only logs a warning and does not attempt to recover the fileclientSession
- The ClientSession
remoteAddress
- The remote host addressmatch
- The KnownHostsServerKeyVerifier.HostEntryPair
whose key does not matchserverKey
- The presented server PublicKey
to be updatedfile
- The file Path
to be updatedknownHosts
- The currently cached entries (may be null
/empty)reason
- The failure reasonprotected boolean acceptKnownHostEntry(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey, KnownHostEntry entry)
clientSession
- The ClientSession
remoteAddress
- The remote host addressserverKey
- The presented server PublicKey
entry
- The KnownHostEntry
value - if null
then no
known matching host entry was found - default will call
acceptUnknownHostKey(ClientSession, SocketAddress, PublicKey)
true
if OK to accept the serverprotected KnownHostsServerKeyVerifier.HostEntryPair findKnownHostEntry(ClientSession clientSession, SocketAddress remoteAddress, Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts)
protected boolean acceptIncompleteHostKeys(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey, Throwable reason)
acceptUnknownHostKey(ClientSession, SocketAddress, PublicKey)
clientSession
- The ClientSession
remoteAddress
- The remote host addressserverKey
- The presented server PublicKey
reason
- The Throwable
that indicates the reload failuretrue
if accept the server key anywayacceptUnknownHostKey(ClientSession, SocketAddress, PublicKey)
protected boolean acceptUnknownHostKey(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey)
clientSession
- The ClientSession
remoteAddress
- The remote host addressserverKey
- The presented server PublicKey
true
if accept the server keyupdateKnownHostsFile(ClientSession, SocketAddress, PublicKey, Path, Collection)
,
handleKnownHostsFileUpdateFailure(ClientSession, SocketAddress, PublicKey, Path, Collection, Throwable)
protected void handleKnownHostsFileUpdateFailure(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey, Path file, Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts, Throwable reason)
updateKnownHostsFile(ClientSession, SocketAddress, PublicKey, Path, Collection)
fails - by
default just issues a warning. Note: there is a chance that the file is now corrupted and
cannot be re-used, so we provide a way to recover it via overriding this method and using the cached
entries to re-created it.clientSession
- The ClientSession
remoteAddress
- The remote host addressserverKey
- The server PublicKey
that was attempted to updatefile
- The file Path
to be updatedknownHosts
- The currently known entries (may be null
/emptyreason
- The failure reasonprotected KnownHostEntry updateKnownHostsFile(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey, Path file, Collection<KnownHostsServerKeyVerifier.HostEntryPair> knownHosts) throws Exception
clientSession
- The ClientSession
remoteAddress
- The remote host addressserverKey
- The server PublicKey
that to updatefile
- The file Path
to be updatedknownHosts
- The currently cached entries (may be null
/empty)KnownHostEntry
or null
if nothing updated.
If anything updated then the file will be re-loaded on next verification
regardless of which server is verifiedException
- If failed to update the file - Note: in this case
the file may be corrupted so handleKnownHostsFileUpdateFailure(ClientSession, SocketAddress, PublicKey, Path, Collection, Throwable)
will be called in order to enable recovery of its dataModifiableFileWatcher.resetReloadAttributes()
protected KnownHostEntry prepareKnownHostEntry(ClientSession clientSession, SocketAddress remoteAddress, PublicKey serverKey) throws Exception
updateKnownHostsFile(ClientSession, SocketAddress, PublicKey, Path, Collection)
in order to generate the host entry to be writtenclientSession
- The ClientSession
remoteAddress
- The remote host addressserverKey
- The server PublicKey
that was attempted to updateKnownHostEntry
to use - if null
then entry is
not updated in the fileException
- If failed to generate the entry - e.g. failed to hashresolveHostNetworkIdentities(ClientSession, SocketAddress)
,
KnownHostEntry.getConfigLine()
protected NamedFactory<Mac> getHostValueDigester(ClientSession clientSession, SocketAddress remoteAddress, SshdSocketAddress hostIdentity)
prepareKnownHostEntry(ClientSession, SocketAddress, PublicKey)
in order to query whether to use a hashed value instead of a plain one for the
written host name/address - default returns null
- i.e., no hashingclientSession
- The ClientSession
remoteAddress
- The remote host addresshostIdentity
- The entry's host name/addressNamedFactory
- null
if no hashing is to be madeprotected Collection<SshdSocketAddress> resolveHostNetworkIdentities(ClientSession clientSession, SocketAddress remoteAddress)
clientSession
- The ClientSession
remoteAddress
- The remote host addressCollection
of the InetSocketAddress
-es to use - if
null
/empty then ignored (i.e., no matching is done or no entry is generated)ClientSession.getConnectAddress()
,
SshdSocketAddress.toSshdSocketAddress(SocketAddress)
public boolean acceptModifiedServerKey(ClientSession clientSession, SocketAddress remoteAddress, KnownHostEntry entry, PublicKey expected, PublicKey actual) throws Exception
ModifiedServerKeyAcceptor
acceptModifiedServerKey
in interface ModifiedServerKeyAcceptor
clientSession
- The ClientSession
remoteAddress
- The remote host addressentry
- The original KnownHostEntry
whose key did not matchexpected
- The expected server PublicKey
actual
- The presented server PublicKey
true
if accept the server key anywayException
- if cannot process the request - equivalent to false
return valueCopyright © 2008–2022 The Apache Software Foundation. All rights reserved.