Implemented and tested via password authentication.
Changes are to Session.java only. Attached is the patch (i.e. diff
-u) against 0.1.41 source code. If this list doesn't allow
attachements, I will resend with changes in the mail body.
Usage: Add the following parameters to the java startup:
-Djsch.unauthenticated.limit.enabled=true # required. Enables limit checking
-Djsch.unauthenticated.limit.default=10 # required if host-specific value
# is not set for target machine.
#
# This is the default limit of
# unauthenticated connections per
# host which do not have a
# host-specific values (see
# below
-Djsch.unauthenticated.limit.snv4907=5 # optional. This overrides
# default limit for the machine
# "snv4907".
-Djsch.unauthenticated.limit.ns1.acme.com=5 # optional. This overrides
# default limit for the machine
# "ns1.acme.com".
Please note - For thread control, we wanted to use the new concurrent
utilities package introduced in Java 5. However, JSCH currently
supports Java 1.2.2... To accomodate this, we are using the
backported utilities from
http://backport-jsr166.sourceforge.net/index.php. This means you
*must* do one of two things:
1. If you are using Java 1.5 or later, you can modify the diff to import
directly from java.util.concurrent. For example, change the following
two lines in the diff
from:
+import edu.emory.mathcs.backport.java.util.concurrent.ArrayBlockingQueue;
+import edu.emory.mathcs.backport.java.util.concurrent.ConcurrentHashMap;
to:
+import java.util.concurrent.ArrayBlockingQueue;
+import java.util.concurrent.ConcurrentHashMap;
2. Add backport-util-concurrent.jar to your classpath. You can download it
from http://backport-jsr166.sourceforge.net/index.php
I look for to your input.
Thanks,
Keith
--- Session.java.0.1.41.orig Tue Feb 17 14:40:24 2009
+++ Session.java Tue Feb 17 14:40:17 2009
@@ -31,10 +31,22 @@
import java.io.*;
import java.net.*;
+import edu.emory.mathcs.backport.java.util.concurrent.ArrayBlockingQueue;
+import edu.emory.mathcs.backport.java.util.concurrent.ConcurrentHashMap;
+
public class Session implements Runnable{
- static private final String version="JSCH-0.1.41";
+ static public final String UNAUTH_LIMIT_PROPERTY_PREFIX =
"jsch.unauthenticated.limit";
+ static public final String UNAUTH_LIMIT_PROPERTY_ENABLED =
UNAUTH_LIMIT_PROPERTY_PREFIX + ".enabled";
+ static public final String UNAUTH_LIMIT_PROPERTY_DEFAULT =
UNAUTH_LIMIT_PROPERTY_PREFIX + ".default";
+
+ static private boolean UNAUTH_LIMIT_ENABLED =
Boolean.getBoolean(UNAUTH_LIMIT_PROPERTY_ENABLED);
+ static private String UNAUTH_LIMIT_DEFAULT =
System.getProperty(UNAUTH_LIMIT_PROPERTY_DEFAULT);
+
+ static private ConcurrentHashMap limitQueue = new ConcurrentHashMap(50);
+ static private final String version="JSCH-0.1.41.1";
+
// http://ietf.org/internet-drafts/draft-ietf-secsh-assignednumbers-01.txt
static final int SSH_MSG_DISCONNECT= 1;
static final int SSH_MSG_IGNORE= 2;
@@ -146,11 +158,26 @@
packet=new Packet(buf);
}
+ public static void setUnauthenticatedLimitEnabled(boolean enabled){
+ UNAUTH_LIMIT_ENABLED = enabled;
+ }
+
+ public static boolean getUnauthenticatedLimitEnabled(){
+ return UNAUTH_LIMIT_ENABLED;
+ }
+
public void connect() throws JSchException{
connect(timeout);
}
public void connect(int connectTimeout) throws JSchException{
+ String tempHostLimit = null;
+ String defaultHostLimit = null;
+ int hostLimit = -1;
+ boolean connectionAttempted = false;
+ ArrayBlockingQueue unauthBlockingQueue = null;
+ ArrayBlockingQueue tempBlockingQueue = null;
+
if(isConnected){
throw new JSchException("session is already connected");
}
@@ -167,14 +194,52 @@
}
Packet.setRandom(random);
- if(JSch.getLogger().isEnabled(Logger.INFO)){
- JSch.getLogger().log(Logger.INFO,
- "Connecting to "+host+" port "+port);
- }
-
+
try {
int i, j;
+ if (UNAUTH_LIMIT_ENABLED){
+ // check if user has host-specific limit...
+ tempHostLimit = System.getProperty(UNAUTH_LIMIT_PROPERTY_PREFIX + "."
+ host);
+
+ if (tempHostLimit == null){
+ // no host-specific limit, use default
+ tempHostLimit = UNAUTH_LIMIT_DEFAULT;
+ }
+
+ if (tempHostLimit == null){
+ String errorMessage = "Unauthenticated limit enabled but there is
not default or machine-specific limit specified";
+ JSch.getLogger().log(Logger.ERROR, errorMessage);
+ throw new JSchException(errorMessage);
+ }
+
+ hostLimit = Integer.parseInt(tempHostLimit);
+
+ if (hostLimit < 1){
+ String errorMessage = "Specified unauthenticated connection limit is
less than 1. Limit specified is " + hostLimit;
+ JSch.getLogger().log(Logger.ERROR, errorMessage);
+ throw new JSchException(errorMessage);
+ }
+
+ connectionAttempted = true;
+
+ tempBlockingQueue = new ArrayBlockingQueue(hostLimit);
+ unauthBlockingQueue = (ArrayBlockingQueue)limitQueue.putIfAbsent(host,
tempBlockingQueue);
+
+ if (unauthBlockingQueue == null){
+ unauthBlockingQueue = tempBlockingQueue;
+ }
+
+ // this is a blocking call
+ unauthBlockingQueue.put(host);
+
+ }
+
+ if(JSch.getLogger().isEnabled(Logger.INFO)){
+ JSch.getLogger().log(Logger.INFO,
+ "Connecting to "+host+" port "+port);
+ }
+
if(proxy==null){
InputStream in;
OutputStream out;
@@ -495,6 +560,9 @@
throw new JSchException("Session.connect: "+e);
}
finally{
+ if (UNAUTH_LIMIT_ENABLED && connectionAttempted){
+ unauthBlockingQueue.poll();
+ }
Util.bzero(this.password);
this.password=null;
}
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
JSch-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jsch-users
