You can now specify a client must require a secure channel to authenticate. If this is set,
{Client.setRequireSecureAuth} then if the client fails to create a secure channel with the server,
an auth request with no credentials will be sent. The supplied Authenticator will need to handle
this situation to send the appropriate response back to the client (ie: tell it to download the
latest version).
git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@6480 542714f4-19e9-0310-aa3c-eee0fc999fb1
This commit is contained in:
@@ -635,9 +635,10 @@ public class BlockingCommunicator extends Communicator
|
||||
response = (AuthResponse)receiveMessage();
|
||||
// If we've recieved a secure response, proceed with authentication
|
||||
if (response instanceof SecureResponse) {
|
||||
sendMessage(((SecureResponse)response).createAuthRequest(
|
||||
pkcreds, _client.getCredentials(),
|
||||
_client.getVersion(), _client.getBootGroups()));
|
||||
sendMessage(AESAuthRequest.createAuthRequest(
|
||||
_client.getCredentials(), _client.getVersion(),
|
||||
_client.getBootGroups(), _client.requireSecureAuth(),
|
||||
pkcreds, (SecureResponse)response));
|
||||
|
||||
// now wait for the auth response
|
||||
log.debug("Waiting for auth response.");
|
||||
@@ -646,8 +647,10 @@ public class BlockingCommunicator extends Communicator
|
||||
|
||||
} else {
|
||||
// construct an auth request and send it
|
||||
sendMessage(new AuthRequest(
|
||||
_client.getCredentials(), _client.getVersion(), _client.getBootGroups()));
|
||||
sendMessage(AESAuthRequest.createAuthRequest(
|
||||
_client.getCredentials(), _client.getVersion(),
|
||||
_client.getBootGroups(), _client.requireSecureAuth()));
|
||||
|
||||
|
||||
// now wait for the auth response
|
||||
log.debug("Waiting for auth response.");
|
||||
|
||||
@@ -238,6 +238,22 @@ public class Client
|
||||
return key == null ? false : setPublicKey(SecureUtil.stringToRSAPublicKey(key));
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets if we require a secure authentication.
|
||||
*/
|
||||
public void setRequireSecureAuth (boolean requireSecureAuth)
|
||||
{
|
||||
_requireSecureAuth = requireSecureAuth;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if we require secure authentication.
|
||||
*/
|
||||
public boolean requireSecureAuth ()
|
||||
{
|
||||
return _requireSecureAuth;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the version string configured for this client.
|
||||
*/
|
||||
@@ -1029,6 +1045,9 @@ public class Client
|
||||
/** Our public key. */
|
||||
protected PublicKey _publicKey;
|
||||
|
||||
/** If we require a secure connection to send our credentials. */
|
||||
protected boolean _requireSecureAuth = false;
|
||||
|
||||
/** The unique id of our connection. */
|
||||
protected int _connectionId = -1;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user