aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKenny Root <kenny@the-b.org>2015-04-19 12:35:24 -0700
committerKenny Root <kenny@the-b.org>2015-04-19 12:35:24 -0700
commit5af75d5b3657409a9d46d48bafa446df9646ae0c (patch)
treea5bc0e9e3f275bb551e2bf7af993c1ed3b01e990
parent6372acec6f745c9689ab1db703611f78e41bb0e0 (diff)
parenta50c421c4dc566284ba59b8ef07833f09fc2774e (diff)
downloadconnectbot-5af75d5b3657409a9d46d48bafa446df9646ae0c.tar.gz
connectbot-5af75d5b3657409a9d46d48bafa446df9646ae0c.tar.bz2
connectbot-5af75d5b3657409a9d46d48bafa446df9646ae0c.zip
Merge branch 'master' into gradle-conversion
-rw-r--r--CHANGELOG.md3
-rw-r--r--app/src/main/java/com/trilead/ssh2/transport/TransportManager.java82
-rw-r--r--app/src/main/java/org/connectbot/transport/SSH.java2
-rw-r--r--app/src/main/res/values/strings.xml5
4 files changed, 25 insertions, 67 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6822d91..06e089d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,9 @@ This project adheres to [Semantic Versioning](http://semver.org/).
### Added
- More context is given for failures to connect via SSH which should
reveal why a host might be incompatible with ConnectBot.
+- SSH key exchange algorithm will now be printed upon connection.
+- SSH: all addresses for a particular host will be tried when
+ connecting. This includes IPv6.
## [1.8.3][1.8.3] - 2014-04-02
### Fixed
diff --git a/app/src/main/java/com/trilead/ssh2/transport/TransportManager.java b/app/src/main/java/com/trilead/ssh2/transport/TransportManager.java
index 2e88126..8f3406e 100644
--- a/app/src/main/java/com/trilead/ssh2/transport/TransportManager.java
+++ b/app/src/main/java/com/trilead/ssh2/transport/TransportManager.java
@@ -7,6 +7,7 @@ import java.io.OutputStream;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
+import java.net.SocketTimeoutException;
import java.net.UnknownHostException;
import java.security.SecureRandom;
import java.util.Vector;
@@ -144,67 +145,6 @@ public class TransportManager
Vector connectionMonitors = new Vector();
boolean monitorsWereInformed = false;
- /**
- * There were reports that there are JDKs which use
- * the resolver even though one supplies a dotted IP
- * address in the Socket constructor. That is why we
- * try to generate the InetAdress "by hand".
- *
- * @param host
- * @return the InetAddress
- * @throws UnknownHostException
- */
- private InetAddress createInetAddress(String host) throws UnknownHostException
- {
- /* Check if it is a dotted IP4 address */
-
- InetAddress addr = parseIPv4Address(host);
-
- if (addr != null)
- return addr;
-
- return InetAddress.getByName(host);
- }
-
- private InetAddress parseIPv4Address(String host) throws UnknownHostException
- {
- if (host == null)
- return null;
-
- String[] quad = Tokenizer.parseTokens(host, '.');
-
- if ((quad == null) || (quad.length != 4))
- return null;
-
- byte[] addr = new byte[4];
-
- for (int i = 0; i < 4; i++)
- {
- int part = 0;
-
- if ((quad[i].length() == 0) || (quad[i].length() > 3))
- return null;
-
- for (int k = 0; k < quad[i].length(); k++)
- {
- char c = quad[i].charAt(k);
-
- /* No, Character.isDigit is not the same */
- if ((c < '0') || (c > '9'))
- return null;
-
- part = part * 10 + (c - '0');
- }
-
- if (part > 255) /* 300.1.2.3 is invalid =) */
- return null;
-
- addr[i] = (byte) part;
- }
-
- return InetAddress.getByAddress(host, addr);
- }
-
public TransportManager(String host, int port) throws IOException
{
this.hostname = host;
@@ -332,14 +272,23 @@ public class TransportManager
}
}
+ private static void tryAllAddresses(Socket sock, String host, int port, int connectTimeout) throws IOException {
+ InetAddress[] addresses = InetAddress.getAllByName(host);
+ for (InetAddress addr : addresses) {
+ try {
+ sock.connect(new InetSocketAddress(addr, port), connectTimeout);
+ return;
+ } catch (SocketTimeoutException e) {
+ }
+ }
+ throw new SocketTimeoutException("Could not connect; socket timed out");
+ }
+
private void establishConnection(ProxyData proxyData, int connectTimeout) throws IOException
{
- /* See the comment for createInetAddress() */
-
if (proxyData == null)
{
- InetAddress addr = createInetAddress(hostname);
- sock.connect(new InetSocketAddress(addr, port), connectTimeout);
+ tryAllAddresses(sock, hostname, port, connectTimeout);
sock.setSoTimeout(0);
return;
}
@@ -350,8 +299,7 @@ public class TransportManager
/* At the moment, we only support HTTP proxies */
- InetAddress addr = createInetAddress(pd.proxyHost);
- sock.connect(new InetSocketAddress(addr, pd.proxyPort), connectTimeout);
+ tryAllAddresses(sock, pd.proxyHost, pd.proxyPort, connectTimeout);
sock.setSoTimeout(0);
/* OK, now tell the proxy where we actually want to connect to */
diff --git a/app/src/main/java/org/connectbot/transport/SSH.java b/app/src/main/java/org/connectbot/transport/SSH.java
index 2a552a4..b0fe2a8 100644
--- a/app/src/main/java/org/connectbot/transport/SSH.java
+++ b/app/src/main/java/org/connectbot/transport/SSH.java
@@ -432,6 +432,8 @@ public class SSH extends AbsTransport implements ConnectionMonitor, InteractiveC
connectionInfo = connection.connect(new HostKeyVerifier());
connected = true;
+ bridge.outputLine(manager.res.getString(R.string.terminal_kex_algorithm,
+ connectionInfo.keyExchangeAlgorithm));
if (connectionInfo.clientToServerCryptoAlgorithm
.equals(connectionInfo.serverToClientCryptoAlgorithm)
&& connectionInfo.clientToServerMACAlgorithm
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 5f2d78a..d8e3bb5 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -437,6 +437,11 @@
<!-- Displayed on the terminal describing the cryptographic algorithm names -->
<string name="terminal_using_algorithm">"Using algorithm: %1$s %2$s"</string>
+ <!-- Displayed on the terminal during a SSH connection describing the cryptographic key
+ exchange algorithm used to establish a shared secret between this program and the
+ server. -->
+ <string name="terminal_kex_algorithm">Key exchange algorithm: %s</string>
+
<string name="terminal_auth">"Trying to authenticate"</string>
<string name="terminal_auth_pass">"Attempting 'password' authentication"</string>