mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alon Bar-Lev <alon.bar...@gmail.com>
Subject Re: [GitHub] mina-sshd pull request: [SSHD-618] Support restricting server host...
Date Mon, 21 Dec 2015 16:33:55 GMT
On 21 December 2015 at 18:23, Lyor Goldstein <lgoldstein@vmware.com> wrote:
> This the wrong way to do this. You will have to wait until I return, however if you want
to get started here is the way to go:
> - Define SignatureFactoriesManager interface that has get/setSignatureFactories factories
> - Remove the definitions of these methods from their current interface and make that
interface extend the new one.
> - Define UserAuthPubkeyFactory and its created UserAuthPublicKey instances  as implementing
this interface (both client and server side)
> - Overwrite each factory's create function to set the created UserAuthPublicKey's signature
factories with its own.
> - Overwrite the default factory instance setter to throw UnsupportedOperationException
if invoked
> - In each UserAuthPublicKey (client or server) instance use a resolveSignatureFactoried
method that checks if the set ones are not null/empty..
>     If null or empty the use the session's factories
> - Write a unit test - e.g. in the ServerTest class that demonstrates this capability.
> There are a lot more details, so if you cannot figure them out your pull request will
not do the necessary job.

I must admit I have difficulties to understand the "more details", so
will wait for you to return.
At least I know the prototype works and it is possible.
Just keep in mind that interface should be simple, provided I have a
PublicKey of remote server, I should be able to construct the
factories list to match this specific public key.

View raw message