ssh2preferences.java

一个非常好的ssh客户端实现

/******************************************************************************
 *
 * Copyright (c) 1999-2003 AppGate Network Security AB. All Rights Reserved.
 * 
 * This file contains Original Code and/or Modifications of Original Code as
 * defined in and that are subject to the MindTerm Public Source License,
 * Version 2.0, (the 'License'). You may not use this file except in compliance
 * with the License.
 * 
 * You should have received a copy of the MindTerm Public Source License
 * along with this software; see the file LICENSE.  If not, write to
 * AppGate Network Security AB, Otterhallegatan 2, SE-41118 Goteborg, SWEDEN
 *
 *****************************************************************************/

package com.mindbright.ssh2;

import java.util.Properties;
import java.util.Hashtable;
import java.util.Enumeration;

/**
 * This class is a container for all protocol preferences and the
 * packet version used in the class <code>SSH2Transport</code>. It can
 * be created using a hard-coded list of preferences or it can be
 * created from a <code>java.util.Properties</code> instance. All
 * preferences for algorithms are comma separated lists in order of
 * preference (as defined in the trasport protocol spec.).
 * <p>
 * This class contains the negotiation logic to select preferences
 * from lists of client and server preferences. It also contains the
 * functionality to select a key exchange algorithm given the
 * available algorithms and host key types. These functions are used
 * from the <code>SSH2Transport</code> class.
 * <p>
 * !!! TODO COMPLETE THIS LIST !!!
 * The preferences that can be set are the following:
 * <table border="1">
 * <tr>
 * <th>Property name</th><th>Description</th>
 * </tr>
 * <tr>
 * <td>kex-algorithms</td><td>Key exchange algorithms</td>
 * </tr>
 * <tr>
 * <td>server-host-key-algorithms</td><td>Host key algorithms</td>
 * </tr>
 * <tr>
 * <td>enc-algorithms-cli2srv</td>
 * <td>Encryption algorithms client to server</td>
 * </tr>
 * <tr>
 * <td>enc-algorithms-srv2cli</td>
 * <td>Encryption algorithms server to client</td>
 * </tr>
 * <tr>
 * <td>mac-algorithms-cli2srv</td><td>Mac algorithms client to server</td>
 * </tr>
 * <tr>
 * <td>mac-algorithms-srv2cli</td><td>Mac algorithms server to client</td>
 * </tr>
 * <tr>
 * <td>comp-algorithms-cli2srv</td>
 * <td>Compression algorithms client to server</td>
 * </tr>
 * <tr>
 * <td>comp-algorithms-srv2cli</td>
 * <td>Compression algorithms server to client</td>
 * </tr>
 * <tr>
 * <td>languages-cli2srv</td><td>Language tags client to server</td>
 * </tr>
 * <tr>
 * <td>languages-srv2cli</td><td>Language tags server to client</td>
 * </tr>
 * <tr>
 * <td>compression</td><td>Outgoing compression level 0-9 (default 6)</td>
 * </tr>
 * <tr>
 * <td>package-version</td><td>Package version for protocol version string</td>
 * </tr>
 * <tr>
 * <td>alive</td><td>Seconds between keepalive packets 
 * (default 0 = no keepalive packets sent)</td>
 * </tr>
 * <tr>
 * <td>rx-init-win-sz</td><td>Initial receive window size</td>
 * </tr>
 * <tr>
 * <td>rx-max-pkt-sz</td><td>Maximum size of packets we accept</td>
 * </tr>
 * <tr>
 * <td>tx-max-pkt-sz</td><td>Maximum size of packets we send</td>
 * </tr>
 * <tr>
 * <td>x11-displayt</td><td>X11 display MindTerm tries to connect to</td>
 * </tr>
 * <tr>
 * <td>queued-rx-chan</td><td>Enable queuing on the receive channel</td>
 * </tr>
 * <tr>
 * <td>default-pkt-sz</td><td>Default packet size</td>
 * </tr>
 * <tr>
 * <td>pkt-pool-sz</td><td>Size of PDU pool</td>
 * </tr>
 * <tr>
 * <td>term-min-lat</td><td>Use no-latency mode when writing to terminal</td>
 * </tr>
 * <tr>
 * <td>int-in-buf-sz</td><td>Size of internal IO buffers</td>
 * </tr>
 * <tr>
 * <td>queue-depth</td><td>Default depth of queues</td>
 * </tr>
 * <tr>
 * <td>queue-hiwater</td><td>Highwater mark for queues</td>
 * </tr>
 * <tr>
 * <td>log-level</td><td>Debug level 0-7</td>
 * </tr>
 * <tr>
 * <td>log-file</td><td>File to write debug messages to</td>
 * </tr>
 * <tr>
 * <td>log-append</td><td>If "false" then the log-file is truncated</td>
 * </tr>
 * </table>
 * <p>
 * The available algorithms are the following
 * (provided their classes are included):
 * <table border="1">
 * <tr>
 * <th>Type</th><th>Algorithms</th>
 * </tr>
 * <tr>
 * <td>Key exchange</td>
 * <td>diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1</td>
 * </tr>
 * <tr>
 * <td>Host key</td>
 * <td>ssh-dss,ssh-rsa</td>
 * </tr>
 * <tr>
 * <td>Ciphers</td>
 * <td>
 *   3des-cbc,
 *   3des-ecb,
 *   3des-cfb,
 *   3des-ofb,
 *   3des-ctr,
 *   blowfish-cbc,
 *   blowfish-ecb,
 *   blowfish-cfb,
 *   blowfish-ofb,
 *   blowfish-ctr,
 *   aes128-cbc,
 *   aes192-cbc,
 *   aes256-cbc,
 *   aes128-ctr,
 *   aes192-ctr,
 *   aes256-ctr,
 *   twofish128-cbc,
 *   twofish128-ctr,
 *   twofish192-cbc,
 *   twofish256-cbc,
 *   cast128-cbc,
 *   cast128-ecb,
 *   cast128-cfb,
 *   cast128-ofb,
 *   idea-cbc,
 *   idea-ecb,
 *   idea-cfb,
 *   idea-ofb,
 *   arcfour
 * </td>
 * </tr>
 * <td>Macs</td>
 * <td>hmac-sha1,hmac-md5,hmac-ripemd160,hmac-sha1-96,hmac-md5-96,hmac-ripemd160-96</td>
 * </tr>
 * </table>
 *
 * @see SSH2Transport
 * @see SSH2Connection
 */
public class SSH2Preferences {

    public static final String PKG_VERSION    = "package-version";

    /**
     * Transport layer preferences
     */
    public static final String KEX_ALGORITHMS   = "kex-algorithms";
    public static final String HOST_KEY_ALG     = "server-host-key-algorithms";
    public static final String CIPHERS_C2S      = "enc-algorithms-cli2srv";
    public static final String CIPHERS_S2C      = "enc-algorithms-srv2cli";
    public static final String MACS_C2S         = "mac-algorithms-cli2srv";
    public static final String MACS_S2C         = "mac-algorithms-srv2cli";
    public static final String COMP_C2S         = "comp-algorithms-cli2srv";
    public static final String COMP_S2C         = "comp-algorithms-srv2cli";
    public static final String LANG_C2S         = "languages-cli2srv";
    public static final String LANG_S2C         = "languages-srv2cli";
    public static final String COMP_LEVEL       = "compression";
    public static final String ALIVE            = "alive";

    /**
     * Connection layer preferences
     */
    public static final String RX_INIT_WIN_SZ = "rx-init-win-sz";
    public static final String RX_MAX_PKT_SZ  = "rx-max-pkt-sz";
    public static final String TX_MAX_PKT_SZ  = "tx-max-pkt-sz";
    public static final String X11_DISPLAY    = "x11-display";
    public static final String QUEUED_RX_CHAN = "queued-rx-chan";

    /**
     * Misc internal preferences
     */
    public static final String DEFAULT_PKT_SZ = "default-pkt-sz";
    public static final String PKT_POOL_SZ    = "pkt-pool-sz";
    public static final String TERM_MIN_LAT   = "term-min-lat";
    public static final String INT_IO_BUF_SZ  = "int-io-buf-sz";
    public static final String QUEUE_DEPTH    = "queue-depth";
    public static final String QUEUE_HIWATER  = "queue-hiwater";
    public static final String LOG_LEVEL      = "log-level";
    public static final String LOG_FILE       = "log-file";
    public static final String LOG_APPEND     = "log-append";

    /**
     * Socket option preferences
     * Examples:
     *
     * Enable TCP_NODELAY for the socket connected to the server:
     *     socketoption.transport.tcp-nodelay = true
     *
     * Enable TCP_NODELAY for all sockets to local forward '127.0.0.1:4711':
     *     socketoption.local.127.0.0.1.4711.tcp-nodelay = true
     */
    public static final String SOCK_OPT           = "socketoption.";
    public static final String SOCK_OPT_TRANSPORT = "transport";
    public static final String SOCK_OPT_LOCAL     = "local.";
    public static final String SOCK_OPT_REMOTE    = "remote.";
    public static final String SO_TCP_NODELAY     = "tcp-nodelay";

    final static String[] kexFields = {
	KEX_ALGORITHMS,
	HOST_KEY_ALG,
	CIPHERS_C2S,
	CIPHERS_S2C,
	MACS_C2S,
	MACS_S2C,
	COMP_C2S,
	COMP_S2C,
	LANG_C2S,
	LANG_S2C
    };

    final static String[][] ciphers = {
	{ "3des-cbc",        "3DES/CBC" },
	{ "3des-ecb",        "3DES/ECB" },
	{ "3des-cfb",        "3DES/CFB" },
	{ "3des-ofb",        "3DES/OFB" },
	{ "3des-ctr",        "3DES/CTR" },
	{ "blowfish-cbc",    "Blowfish/CBC" },
	{ "blowfish-ecb",    "Blowfish/ECB" },
	{ "blowfish-cfb",    "Blowfish/CFB" },
	{ "blowfish-ofb",    "Blowfish/OFB" },
	{ "blowfish-ctr",    "Blowfish/CTR" },
	{ "aes128-cbc",      "AES/CBC" },
	{ "aes192-cbc",      "AES/CBC" },
	{ "aes256-cbc",      "AES/CBC" },
	{ "aes128-ctr",      "AES/CTR" },
	{ "aes192-ctr",      "AES/CTR" },
	{ "aes256-ctr",      "AES/CTR" },
	{ "rijndael128-cbc", "Rijndael/CBC" },
	{ "rijndael192-cbc", "Rijndael/CBC" },
	{ "rijndael256-cbc", "Rijndael/CBC" },
	{ "twofish128-cbc",  "Twofish/CBC" },
	{ "twofish128-ctr",  "Twofish/CTR" },
	{ "twofish192-cbc",  "Twofish/CBC" },
	{ "twofish256-cbc",  "Twofish/CBC" },
	{ "twofish-cbc",     "Twofish/CBC" },
	{ "twofish-ecb",     "Twofish/ECB" },
	{ "twofish-cfb",     "Twofish/CFB" },
	{ "twofish-ofb",     "Twofish/OFB" },
	{ "cast128-cbc",     "CAST128/CBC" },
	{ "cast128-ecb",     "CAST128/ECB" },
	{ "cast128-cfb",     "CAST128/CFB" },