MINA SSHD
  1. MINA SSHD
  2. SSHD-121

Add Factories to create IoAcceptors for TcpipForwardSupport & X11ForwardSupport

    Details

    • Type: Improvement Improvement
    • Status: Resolved
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 0.6.0
    • Fix Version/s: 0.7.0
    • Labels:
      None

      Description

      I would like to make it possible for applications embedding Mina SSHD to have greater control over the IoAcceptors used by port forwards. I will do the work and submit a patch if this effort seems valuable to the project.

      I would like to add these methods to the ServerFactoryManager interface:

      ForwardingAcceptorFactory getTcpipForwardNioSocketAcceptorFactory();
      ForwardingAcceptorFactory getX11ForwardNioSocketAcceptorFactory();

      Create an Interface ForwardingAcceptorFactory with:

      public NioSocketAcceptor createNioSocketAcceptor(ServerSession ss);

      Use the ForwardingAcceptorFactory in TcpipForwardSupport and X11ForwardSupport.

      Implement a DefaultForwardingAcceptorFactory to be used by default.

        Issue Links

          Activity

          Hide
          Bill Kuker added a comment -

          Here is a patch that covers this suggestion.

          I didn't go with the Factory interface because I wanted to pass the ServerSession to the create method. The Default implementation ignores that parameter, but anyone providing their own factory may need it, as I do to vary my black list behavior based on the identity of the client.

          Show
          Bill Kuker added a comment - Here is a patch that covers this suggestion. I didn't go with the Factory interface because I wanted to pass the ServerSession to the create method. The Default implementation ignores that parameter, but anyone providing their own factory may need it, as I do to vary my black list behavior based on the identity of the client.
          Hide
          Guillaume Nodet added a comment -

          Thx a ton for the batch Bill.

          Show
          Guillaume Nodet added a comment - Thx a ton for the batch Bill.
          Hide
          Guillaume Nodet added a comment -

          I was looking at SSHD-62 and found that this is slightly opposite to this issue. If we are to use a single connector / acceptor for the client / server, we can't pass the Session at creation time. Do you have a real use of the ServerSession ? If so, could you explain a bit more to see if there's a way to have both things ?

          Show
          Guillaume Nodet added a comment - I was looking at SSHD-62 and found that this is slightly opposite to this issue. If we are to use a single connector / acceptor for the client / server, we can't pass the Session at creation time. Do you have a real use of the ServerSession ? If so, could you explain a bit more to see if there's a way to have both things ?
          Hide
          Bill Kuker added a comment -

          Yes, here is why:

          I use this to restrict the IPs that are allowed to use a port forward, once that forward has been established. Each "User" who is logged in, identified by their ServerSession, has a list of IPs that are allowed to use the PortForwards that user creates.

          I had implemented this as part of TcpIpPortForwardFilter when I did it myself, but the patch as I submitted is more generally useful to others, as it allows one to set up any filters they want.

          Show
          Bill Kuker added a comment - Yes, here is why: I use this to restrict the IPs that are allowed to use a port forward, once that forward has been established. Each "User" who is logged in, identified by their ServerSession, has a list of IPs that are allowed to use the PortForwards that user creates. I had implemented this as part of TcpIpPortForwardFilter when I did it myself, but the patch as I submitted is more generally useful to others, as it allows one to set up any filters they want.

            People

            • Assignee:
              Guillaume Nodet
              Reporter:
              Bill Kuker
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development