Merge branch 'develop_3.1.x'

maverick-base-tests/pom.xml

@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>com.sshtools</groupId>
 		<artifactId>maverick-synergy-group</artifactId>
-		<version>3.1.1</version>
+		<version>3.1.2</version>
 	</parent>
 	<packaging>jar</packaging>
 	<artifactId>maverick-base-tests</artifactId>

maverick-base/pom.xml

@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>com.sshtools</groupId>
 		<artifactId>maverick-synergy-group</artifactId>
-		<version>3.1.1</version>
+		<version>3.1.2</version>
 	</parent>
 	<artifactId>maverick-base</artifactId>
 	<name>Base API</name>

maverick-base/src/main/java/com/sshtools/common/auth/PasswordKeyboardInteractiveProvider.java

@@ -106,10 +106,10 @@ public boolean setResponse(String[] answers, Collection<KBIPrompt> additionalPro
 				else
 					instruction = e.getMessage();
 
-				return true;
 			} catch(IOException ex) {
 				con.disconnect(TransportProtocolSpecification.BY_APPLICATION, ex.getMessage());
 			}
+			return true;
 		case CHANGING_PASSWORD:
 			if(answers.length < 2) {
 				throw new RuntimeException("Not enough answers!");

maverick-base/src/main/java/com/sshtools/common/events/Event.java

@@ -107,6 +107,21 @@ public String getAllAttributes() {
 
         return buff.toString();
     }
+
+    public String logAttributes() {
+        StringBuffer buff = new StringBuffer();
+        for (String key : eventAttributes.keySet()) {
+            Object value = eventAttributes.get(key);
+            if(buff.length() > 0) {
+            	buff.append(" ");
+            }
+            buff.append(key);
+            buff.append("=");
+            buff.append(String.valueOf(value));
+        }
+
+        return buff.toString();
+    }
 
     /**
      * Add an attribute to the event

maverick-base/src/main/java/com/sshtools/common/events/EventServiceImplementation.java

@@ -141,7 +141,7 @@ public void fireEvent(final Event evt) {
         }
 
         if(Log.isDebugEnabled()) {
-        	Log.debug("Firing {} success={}", getEventName(evt.getId()), evt.getState() ? "true" : "false");
+        	Log.debug("Firing {} success={} {}", getEventName(evt.getId()), evt.getState() ? "true" : "false", evt.logAttributes());
         }
 
         Object obj = (Object) evt.getAttribute(EventCodes.ATTRIBUTE_CONNECTION);
@@ -174,7 +174,7 @@ public void fireEvent(final Event evt) {
         }
     }
 
-    public void setProcessAllEventsOnEventException(boolean processAllEventsOnEventException) {
+	public void setProcessAllEventsOnEventException(boolean processAllEventsOnEventException) {
     	this.processAllEventsOnEventException = processAllEventsOnEventException;
     }
 
@@ -186,4 +186,5 @@ public void addListener(EventListener listener) {
 	public void removeListener(EventListener listener) {
 		globalListeners.remove(listener);
 	}
+
 }

maverick-base/src/main/java/com/sshtools/common/files/direct/NioFile.java

@@ -452,7 +452,7 @@ protected SftpFileAttributes doGetAttributes() throws FileNotFoundException, IOE
 						permsBldr.withAllWrite();
 					}
 					var filename = path.getFileName();
-					if (filename != null &&  filename.toString().endsWith(".exe") || filename.toString().endsWith(".com") || filename.toString().endsWith(".cmd")) {
+					if (filename != null && ( filename.toString().endsWith(".exe") || filename.toString().endsWith(".com") || filename.toString().endsWith(".cmd"))) {
 						permsBldr.withAllExecute();
 					}
 					bldr.withPermissions(permsBldr.build());

maverick-base/src/main/java/com/sshtools/common/permissions/IPPolicy.java

@@ -136,17 +136,25 @@ public void flagAddress(String addr) {
 
 	public void flagAddress(InetAddress addr) {
 
+		if(check(DISABLE_BAN)) {
+			return;
+		}
+
 		Integer count = flaggedAddressCounts.getOrDefault(addr, 0);
 
 		if(count >= failedAuthenticationThreshold) {
+			if(Log.isInfoEnabled()) {
 			Log.info("Temporarily banning IP address {} due to failed authentication count of {}", 
 					addr.getHostAddress(), count);
+			}
 			temporaryBans.put(addr, true);
 			return;
 		}
 
 		++count;
-		Log.info("Flagging IP address {} with failed authentication count of {}", addr.getHostAddress(), count);
+		if(Log.isInfoEnabled()) {
+			Log.info("Flagging IP address {} with failed authentication count of {}", addr.getHostAddress(), count);
+		}
 		flaggedAddressCounts.put(addr, count);
 	}
 

maverick-base/src/main/java/com/sshtools/common/policy/SignaturePolicy.java

@@ -30,16 +30,34 @@
 public class SignaturePolicy {
 
 	Set<String> supportedSignatures = new TreeSet<>();
-
-	public SignaturePolicy() {
+	boolean strictMode;
+
+	public SignaturePolicy() {	
+	}
 
+	public SignaturePolicy(Collection<String> supportedSignatures) {
+		this.supportedSignatures.addAll(supportedSignatures);
+		this.strictMode = false;
 	}
 
-	public SignaturePolicy(Collection<String> supportedSignatures) {
+	public SignaturePolicy(Collection<String> supportedSignatures, boolean strictMode) {
 		this.supportedSignatures.addAll(supportedSignatures);
+		this.strictMode = strictMode;
 	}
 
 	public Set<String> getSupportedSignatures() {
 		return Collections.unmodifiableSet(supportedSignatures);
 	}
+
+	public void setSupportedSignatures(Collection<String> supportedSignatures) {
+		this.supportedSignatures = new TreeSet<>(supportedSignatures);
+	}
+
+	public boolean isStrictMode() {
+		return strictMode;
+	}
+
+	public void setStrictMode(boolean strictMode) {
+		this.strictMode = strictMode;
+	}
 }

maverick-base/src/main/java/com/sshtools/common/publickey/SshCertificateAuthority.java

@@ -28,6 +28,7 @@
 import java.util.Collections;
 import java.util.Date;
 import java.util.List;
+import java.util.TimeZone;
 
 import com.sshtools.common.ssh.SshException;
 import com.sshtools.common.ssh.components.SshCertificate;
@@ -94,6 +95,22 @@ public static SshCertificate generateCertificate(SshKeyPair key,
 			List<CriticalOption> criticalOptions,
 			List<CertificateExtension> extensions,
 			SshKeyPair signedBy) throws SshException, IOException {
+		return generateCertificate(key, serial, type, keyId, validPrincipals,
+				validityDays, Calendar.DAY_OF_MONTH, TimeZone.getTimeZone("UTC"),
+				criticalOptions, extensions, signedBy);
+	}
+
+	public static SshCertificate generateCertificate(SshKeyPair key, 
+			long serial, 
+			int type,
+			String keyId,
+			List<String> validPrincipals,
+			int validity,
+			int validityTimeUnit,
+			TimeZone timeZone,
+			List<CriticalOption> criticalOptions,
+			List<CertificateExtension> extensions,
+			SshKeyPair signedBy) throws SshException, IOException {
 
 		switch(type) {
 		case SshCertificate.SSH_CERT_TYPE_HOST:
@@ -111,9 +128,11 @@ public static SshCertificate generateCertificate(SshKeyPair key,
 		c.set(Calendar.MINUTE, 0);
 		c.set(Calendar.SECOND, 0);
 		c.set(Calendar.MILLISECOND, 0);
+		c.setTimeZone(timeZone);
+
 		UnsignedInteger64 validAfter = new UnsignedInteger64(c.getTimeInMillis() / 1000);
 
-		c.add(Calendar.DAY_OF_MONTH, validityDays);
+		c.add(Calendar.DAY_OF_MONTH, validity);
 		UnsignedInteger64 validBefore = new UnsignedInteger64(c.getTimeInMillis() / 1000);
 
 		@SuppressWarnings("unused")

maverick-base/src/main/java/com/sshtools/common/sftp/SftpFileAttributes.java

@@ -1976,7 +1976,7 @@ public String toPermissionsString() {
 			str.append('-');
 			break;
 		}
-		str.append(permissions.map(PosixPermissions::asFileModesString).orElse(""));
+		str.append(permissions.map(PosixPermissions::asFileModesString).orElse("---------"));
 		return str.toString();
 	}
 

maverick-base/src/main/java/com/sshtools/common/sftp/SftpStatusException.java

@@ -203,5 +203,83 @@ public static String getStatusText(int status) {
 			return "Unknown status type " + String.valueOf(status);
 		}
 	}
+
+	public static String getStatusMessage(int status) {
+		switch (status) {
+		case SSH_FX_OK:
+			return "SSH_FX_OK";
+		case SSH_FX_EOF:
+			return "SSH_FX_EOF";
+		case SSH_FX_NO_SUCH_FILE:
+			return "SSH_FX_NO_SUCH_FILE";
+		case SSH_FX_PERMISSION_DENIED:
+			return "SSH_FX_PERMISSION_DENIED";
+		case SSH_FX_FAILURE:
+			return "SSH_FX_FAILURE";
+		case SSH_FX_BAD_MESSAGE:
+			return "SSH_FX_BAD_MESSAGE";
+		case SSH_FX_NO_CONNECTION:
+			return "SSH_FX_NO_CONNECTION";
+		case SSH_FX_CONNECTION_LOST:
+			return "SSH_FX_CONNECTION_LOST";
+		case SSH_FX_OP_UNSUPPORTED:
+			return "SSH_FX_OP_UNSUPPORTED";
+		case SSH_FX_INVALID_HANDLE:
+		case INVALID_HANDLE:
+			return "SSH_FX_INVALID_HANDLE";
+		case SSH_FX_NO_SUCH_PATH:
+			return "SSH_FX_NO_SUCH_PATH";
+		case SSH_FX_FILE_ALREADY_EXISTS:
+			return "SSH_FX_FILE_ALREADY_EXISTS";
+		case SSH_FX_WRITE_PROTECT:
+			return "SSH_FX_WRITE_PROTECT";
+		case SSH_FX_NO_MEDIA:
+			return "SSH_FX_NO_MEDIA";
+		case SSH_FX_NO_SPACE_ON_FILESYSTEM:
+			return "SSH_FX_NO_SPACE_ON_FILESYSTEM";
+		case SSH_FX_QUOTA_EXCEEDED:
+			return "SSH_FX_QUOTA_EXCEEDED";
+		case SSH_FX_UNKNOWN_PRINCIPAL:
+			return "SSH_FX_UNKNOWN_PRINCIPAL";
+		case SSH_FX_LOCK_CONFLICT:
+			return "SSH_FX_LOCK_CONFLICT";
+		case SSH_FX_DIR_NOT_EMPTY:
+			return "SSH_FX_DIR_NOT_EMPTY";
+		case SSH_FX_NOT_A_DIRECTORY:
+			return "SSH_FX_NOT_A_DIRECTORY";
+		case SSH_FX_INVALID_FILENAME:
+			return "SSH_FX_INVALID_FILENAME";
+		case SSH_FX_LINK_LOOP:
+			return "SSH_FX_LINK_LOOP";
+		case SSH_FX_CANNOT_DELETE:
+			return "SSH_FX_CANNOT_DELETE";
+		case SSH_FX_INVALID_PARAMETER:
+			return "SSH_FX_INVALID_PARAMETER";
+		case SSH_FX_FILE_IS_A_DIRECTORY:
+			return "SSH_FX_FILE_IS_A_DIRECTORY";
+		case SSH_FX_BYTE_RANGE_LOCK_CONFLICT:
+			return "SSH_FX_BYTE_RANGE_LOCK_CONFLICT";
+		case SSH_FX_BYTE_RANGE_LOCK_REFUSED:
+			return "SSH_FX_BYTE_RANGE_LOCK_REFUSED";
+		case SSH_FX_DELETE_PENDING:
+			return "SSH_FX_DELETE_PENDING";
+		case SSH_FX_FILE_CORRUPT:
+			return "SSH_FX_FILE_CORRUPT";
+		case SSH_FX_OWNER_INVALID:
+			return "SSH_FX_OWNER_INVALID";
+		case SSH_FX_GROUP_INVALID:
+			return "SSH_FX_GROUP_INVALID";
+		case SSH_FX_NO_MATCHING_BYTE_RANGE_LOCK:
+			return "SSH_FX_NO_MATCHING_BYTE_RANGE_LOCK";
+		case INVALID_RESUME_STATE:
+			return "INVALID_RESUME_STATE";
+		case ATTRIBUTE_BITS_NOT_AVAILABLE:
+			return "ATTRIBUTE_BITS_NOT_AVAILABLE";
+		case BAD_API_USAGE:
+			return "BAD_API_USAGE";
+		default:
+			return "SSH_FX_UNKNOWN/" + String.valueOf(status);
+		}
+	}
 
 }

maverick-base/src/main/java/com/sshtools/common/ssh/Channel.java

@@ -44,6 +44,8 @@ public interface Channel {
 
 	void addEventListener(ChannelEventListener listener);
 
+	void removeEventListener(ChannelEventListener listener);
+
 	void sendChannelRequest(String requestName, boolean wantReply, byte[] data);
 
 	void sendChannelRequest(String type, boolean wantreply,

maverick-base/src/main/java/com/sshtools/common/ssh/SessionChannelServer.java

@@ -28,9 +28,9 @@ public interface SessionChannelServer extends SessionChannel {
 
 	OutputStream getErrorStream();
 
-	void enableRawMode();
+	default void pauseDataCaching() { };
 
-	void disableRawMode();
+	default void resumeDataCaching() { };
 
 	boolean setEnvironmentVariable(String name, String value);
 }

maverick-bc-fips-tests/pom.xml

@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>com.sshtools</groupId>
 		<artifactId>maverick-synergy-group</artifactId>
-		<version>3.1.1</version>
+		<version>3.1.2</version>
 	</parent>
 	<artifactId>maverick-bc-fips-tests</artifactId>
 	<name>BouncyCastle FIPS Tests</name>

maverick-bc-fips/pom.xml

@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>com.sshtools</groupId>
 		<artifactId>maverick-synergy-group</artifactId>
-		<version>3.1.1</version>
+		<version>3.1.2</version>
 	</parent>
 	<artifactId>maverick-bc-fips</artifactId>
 	<name>BouncyCastle FIPS</name>

maverick-bc-tests/pom.xml

@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>com.sshtools</groupId>
 		<artifactId>maverick-synergy-group</artifactId>
-		<version>3.1.1</version>
+		<version>3.1.2</version>
 	</parent>
 	<artifactId>maverick-bc-tests</artifactId>
 	<name>BouncyCastle JCE Support Tests</name>

maverick-bc/pom.xml

@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>com.sshtools</groupId>
 		<artifactId>maverick-synergy-group</artifactId>
-		<version>3.1.1</version>
+		<version>3.1.2</version>
 	</parent>
 	<artifactId>maverick-bc</artifactId>
 	<name>BouncyCastle JCE Support</name>

maverick-logging/pom.xml

@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>com.sshtools</groupId>
 		<artifactId>maverick-synergy-group</artifactId>
-		<version>3.1.1</version>
+		<version>3.1.2</version>
 	</parent>
 	<artifactId>maverick-logging</artifactId>
 	<name>Logging API</name>

maverick-putty/pom.xml

@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>com.sshtools</groupId>
 		<artifactId>maverick-synergy-group</artifactId>
-		<version>3.1.1</version>
+		<version>3.1.2</version>
 	</parent>
 	<artifactId>maverick-putty</artifactId>
 	<name>PuTTY Key Support</name>

maverick-sshagent-jdk16-sockets/pom.xml

@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>com.sshtools</groupId>
 		<artifactId>maverick-synergy-group</artifactId>
-		<version>3.1.1</version>
+		<version>3.1.2</version>
 	</parent>
 	<artifactId>maverick-sshagent-jdk16-sockets</artifactId>
 	<name>JDK16+ Unix Domain Socket Agent Provider</name>

maverick-sshagent-jni-sockets/pom.xml

@@ -4,7 +4,7 @@
   <parent>
     <groupId>com.sshtools</groupId>
     <artifactId>maverick-synergy-group</artifactId>
-    <version>3.1.1</version>
+    <version>3.1.2</version>
   </parent>
   <artifactId>maverick-sshagent-jni-sockets</artifactId>
   <name>JNI Unix Domain Sockets Key Agent Provider</name>

maverick-sshagent-named-pipes/pom.xml

@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>com.sshtools</groupId>
 		<artifactId>maverick-synergy-group</artifactId>
-		<version>3.1.1</version>
+		<version>3.1.2</version>
 	</parent>
 	<artifactId>maverick-sshagent-named-pipes</artifactId>
 	<name>Named Pipes Key Agent Provider </name>

maverick-sshagent/pom.xml

@@ -4,7 +4,7 @@
   <parent>
     <groupId>com.sshtools</groupId>
     <artifactId>maverick-synergy-group</artifactId>
-    <version>3.1.1</version>
+    <version>3.1.2</version>
   </parent>
   <artifactId>maverick-sshagent</artifactId>
   <name>Key Agent</name>