protected boolean sendAuthDataRequest()

in sshd-core/src/main/java/org/apache/sshd/client/auth/hostbased/UserAuthHostBased.java [96:176]

• 69 lines of code
• 11 McCabe index (conditional complexity)

    protected boolean sendAuthDataRequest(ClientSession session, String service) throws Exception {
        String name = getName();
        boolean debugEnabled = log.isDebugEnabled();
        String clientUsername = resolveClientUsername(session);
        String clientHostname = resolveClientHostname(session);
        HostBasedAuthenticationReporter reporter = session.getHostBasedAuthenticationReporter();
        keyInfo = ((keys != null) && keys.hasNext()) ? keys.next() : null;
        if (keyInfo == null) {
            if (debugEnabled) {
                log.debug("sendAuthDataRequest({})[{}][{}] no more keys to send", session, service, name);
            }

            if (reporter != null) {
                reporter.signalAuthenticationExhausted(session, service, clientUsername, clientHostname);
            }

            return false;
        }

        KeyPair kp = keyInfo.getKey();
        PublicKey pub = kp.getPublic();
        String keyType = KeyUtils.getKeyType(pub);
        if (log.isTraceEnabled()) {
            log.trace("sendAuthDataRequest({})[{}][{}] current key details: type={}, fingerprint={}",
                    session, service, name, keyType, KeyUtils.getFingerPrint(pub));
        }

        Collection<NamedFactory<Signature>> factories = ValidateUtils.checkNotNullAndNotEmpty(
                SignatureFactoriesManager.resolveSignatureFactories(this, session),
                "No signature factories for session=%s",
                session);
        Signature verifier = ValidateUtils.checkNotNull(
                NamedFactory.create(factories, keyType),
                "No signer could be located for key type=%s",
                keyType);

        byte[] id = session.getSessionId();
        String username = session.getUsername();
        if (debugEnabled) {
            log.debug("sendAuthDataRequest({})[{}][{}] client={}@{}",
                    session, service, name, clientUsername, clientHostname);
        }

        int length = id.length + username.length() + service.length() + clientUsername.length() + clientHostname.length()
                     + keyType.length() + ByteArrayBuffer.DEFAULT_SIZE + Long.SIZE;
        Buffer buffer = session.createBuffer(SshConstants.SSH_MSG_USERAUTH_REQUEST, length);
        buffer.clear();

        buffer.putRawPublicKey(pub);

        Collection<X509Certificate> certs = keyInfo.getValue();
        if (GenericUtils.size(certs) > 0) {
            for (X509Certificate c : certs) {
                // TODO make sure this yields DER encoding
                buffer.putRawBytes(c.getEncoded());
            }
        }
        verifier.initSigner(session, kp.getPrivate());

        byte[] keyBytes = buffer.getCompactData();
        buffer = session.prepareBuffer(
                SshConstants.SSH_MSG_USERAUTH_REQUEST, BufferUtils.clear(buffer));
        buffer.putString(username);
        buffer.putString(service);
        buffer.putString(name);
        buffer.putString(keyType);
        buffer.putBytes(keyBytes);
        buffer.putString(clientHostname);
        buffer.putString(clientUsername);

        byte[] signature = appendSignature(
                session, service, keyType, pub, keyBytes,
                clientHostname, clientUsername, verifier, buffer);
        if (reporter != null) {
            reporter.signalAuthenticationAttempt(
                    session, service, kp, clientHostname, clientUsername, signature);
        }

        session.writePacket(buffer);
        return true;
    }