From: ricardop Date: Wed, 3 Jan 2018 14:33:13 +0000 (+0100) Subject: upgrade to sshd 1.2.0 and mina 2.0.16 - trying to fix incompatibility with jenkins... X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=8eec4680105218a31ee1645ff0656ebd624d97ed;p=gitblit.git upgrade to sshd 1.2.0 and mina 2.0.16 - trying to fix incompatibility with jenkins/blueocean --- diff --git a/build.moxie b/build.moxie index f21241d1..0b1da360 100644 --- a/build.moxie +++ b/build.moxie @@ -112,8 +112,8 @@ properties: { bouncycastle.version : 1.52 selenium.version : 2.28.0 wikitext.version : 1.4 - sshd.version: 1.0.0 - mina.version: 2.0.9 + sshd.version: 1.2.0 + mina.version: 2.0.16 guice.version : 4.0 # Gitblit maintains a fork of guice-servlet guice-servlet.version : 4.0-gb2 diff --git a/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java b/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java index c62c4dee..9b494027 100644 --- a/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java +++ b/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java @@ -26,9 +26,9 @@ import java.util.TreeMap; import java.util.regex.Matcher; import java.util.regex.Pattern; +import org.apache.sshd.common.config.keys.AuthorizedKeyEntry; import org.apache.sshd.common.config.keys.KeyUtils; import org.apache.sshd.common.util.GenericUtils; -import org.apache.sshd.server.config.keys.AuthorizedKeyEntry; import com.gitblit.IStoredSettings; import com.gitblit.Keys; @@ -212,7 +212,7 @@ public class LdapKeyManager extends IPublicKeyManager { List keyList = new ArrayList<>(authorizedKeys.size()); for (GbAuthorizedKeyEntry keyEntry : authorizedKeys) { try { - SshKey key = new SshKey(keyEntry.resolvePublicKey()); + SshKey key = new SshKey(keyEntry.resolvePublicKey(null)); key.setComment(keyEntry.getComment()); setKeyPermissions(key, keyEntry); keyList.add(key); diff --git a/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java b/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java index 29f7750d..f2176cb0 100644 --- a/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java +++ b/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java @@ -15,8 +15,8 @@ */ package com.gitblit.transport.ssh; -import org.apache.sshd.common.SshdSocketAddress; import org.apache.sshd.common.session.Session; +import org.apache.sshd.common.util.net.SshdSocketAddress; import org.apache.sshd.server.forward.ForwardingFilter; public class NonForwardingFilter implements ForwardingFilter { diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java index 5a053781..63fa51dd 100644 --- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java +++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java @@ -31,7 +31,7 @@ import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory; import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory; import org.apache.sshd.common.util.SecurityUtils; import org.apache.sshd.server.SshServer; -import org.apache.sshd.server.auth.CachingPublicKeyAuthenticator; +import org.apache.sshd.server.auth.pubkey.CachingPublicKeyAuthenticator; import org.bouncycastle.openssl.PEMWriter; import org.eclipse.jgit.internal.JGitText; import org.slf4j.Logger; @@ -158,7 +158,7 @@ public class SshDaemon { log.info("SSH: adding GSSAPI authentication method."); } - sshd.setSessionFactory(new SshServerSessionFactory()); + sshd.setSessionFactory(new SshServerSessionFactory(sshd)); sshd.setFileSystemFactory(new DisabledFilesystemFactory()); sshd.setTcpipForwardingFilter(new NonForwardingFilter()); sshd.setCommandFactory(new SshCommandFactory(gitblit, workQueue)); diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemonClient.java b/src/main/java/com/gitblit/transport/ssh/SshDaemonClient.java index af25251b..ccbee47c 100644 --- a/src/main/java/com/gitblit/transport/ssh/SshDaemonClient.java +++ b/src/main/java/com/gitblit/transport/ssh/SshDaemonClient.java @@ -17,9 +17,9 @@ package com.gitblit.transport.ssh; import java.net.SocketAddress; -import org.apache.sshd.common.session.Session.AttributeKey; import com.gitblit.models.UserModel; +import org.apache.sshd.common.AttributeStore; /** * @@ -27,7 +27,7 @@ import com.gitblit.models.UserModel; * */ public class SshDaemonClient { - public static final AttributeKey KEY = new AttributeKey(); + public static final AttributeStore.AttributeKey KEY = new AttributeStore.AttributeKey(); private final SocketAddress remoteAddress; diff --git a/src/main/java/com/gitblit/transport/ssh/SshServerSessionFactory.java b/src/main/java/com/gitblit/transport/ssh/SshServerSessionFactory.java index bc67cec0..b6c17c4f 100644 --- a/src/main/java/com/gitblit/transport/ssh/SshServerSessionFactory.java +++ b/src/main/java/com/gitblit/transport/ssh/SshServerSessionFactory.java @@ -22,7 +22,9 @@ import org.apache.sshd.common.future.CloseFuture; import org.apache.sshd.common.future.SshFutureListener; import org.apache.sshd.common.io.IoSession; import org.apache.sshd.common.io.mina.MinaSession; -import org.apache.sshd.common.session.AbstractSession; +import org.apache.sshd.common.session.helpers.AbstractSession; +import org.apache.sshd.server.ServerFactoryManager; +import org.apache.sshd.server.session.ServerSessionImpl; import org.apache.sshd.server.session.SessionFactory; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -36,11 +38,12 @@ public class SshServerSessionFactory extends SessionFactory { private final Logger log = LoggerFactory.getLogger(getClass()); - public SshServerSessionFactory() { + public SshServerSessionFactory(ServerFactoryManager server) { + super(server); } @Override - protected AbstractSession createSession(final IoSession io) throws Exception { + protected ServerSessionImpl createSession(final IoSession io) throws Exception { log.info("creating ssh session from {}", io.getRemoteAddress()); if (io instanceof MinaSession) { @@ -66,7 +69,7 @@ public class SshServerSessionFactory extends SessionFactory { } @Override - protected AbstractSession doCreateSession(IoSession ioSession) throws Exception { + protected ServerSessionImpl doCreateSession(IoSession ioSession) throws Exception { return new SshServerSession(getServer(), ioSession); } } diff --git a/src/test/java/com/gitblit/tests/SshDaemonTest.java b/src/test/java/com/gitblit/tests/SshDaemonTest.java index c5deb7d5..a0f67af1 100644 --- a/src/test/java/com/gitblit/tests/SshDaemonTest.java +++ b/src/test/java/com/gitblit/tests/SshDaemonTest.java @@ -44,9 +44,9 @@ public class SshDaemonTest extends SshUnitTest { @Test public void testPublicKeyAuthentication() throws Exception { SshClient client = getClient(); - ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).await().getSession(); + ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).getSession(); session.addPublicKeyIdentity(rwKeyPair); - assertTrue(session.auth().await().isSuccess()); + assertTrue(session.auth().isSuccess()); } @Test diff --git a/src/test/java/com/gitblit/tests/SshUnitTest.java b/src/test/java/com/gitblit/tests/SshUnitTest.java index 27b4ec73..1a12158a 100644 --- a/src/test/java/com/gitblit/tests/SshUnitTest.java +++ b/src/test/java/com/gitblit/tests/SshUnitTest.java @@ -15,20 +15,16 @@ */ package com.gitblit.tests; -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.OutputStreamWriter; -import java.io.Writer; -import java.net.SocketAddress; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.PublicKey; -import java.util.concurrent.atomic.AtomicBoolean; - -import org.apache.sshd.client.ServerKeyVerifier; +import com.gitblit.Constants.AccessPermission; +import com.gitblit.transport.ssh.IPublicKeyManager; +import com.gitblit.transport.ssh.MemoryKeyManager; +import com.gitblit.transport.ssh.SshKey; import org.apache.sshd.client.SshClient; import org.apache.sshd.client.channel.ClientChannel; +import org.apache.sshd.client.channel.ClientChannelEvent; +import org.apache.sshd.client.future.AuthFuture; +import org.apache.sshd.client.future.ConnectFuture; +import org.apache.sshd.client.keyverifier.ServerKeyVerifier; import org.apache.sshd.client.session.ClientSession; import org.apache.sshd.common.util.SecurityUtils; import org.junit.After; @@ -36,106 +32,114 @@ import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; -import com.gitblit.Constants.AccessPermission; -import com.gitblit.transport.ssh.IPublicKeyManager; -import com.gitblit.transport.ssh.MemoryKeyManager; -import com.gitblit.transport.ssh.SshKey; +import java.io.*; +import java.net.SocketAddress; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.PublicKey; +import java.util.Collections; +import java.util.concurrent.atomic.AtomicBoolean; /** * Base class for SSH unit tests. */ public abstract class SshUnitTest extends GitblitUnitTest { - protected static final AtomicBoolean started = new AtomicBoolean(false); - protected static KeyPairGenerator generator; - protected KeyPair rwKeyPair; - protected KeyPair roKeyPair; - protected String username = "admin"; - protected String password = "admin"; - - @BeforeClass - public static void startGitblit() throws Exception { - generator = SecurityUtils.getKeyPairGenerator("RSA"); - started.set(GitBlitSuite.startGitblit()); - } - - @AfterClass - public static void stopGitblit() throws Exception { - if (started.get()) { - GitBlitSuite.stopGitblit(); - } - } - - protected MemoryKeyManager getKeyManager() { - IPublicKeyManager mgr = gitblit().getPublicKeyManager(); - if (mgr instanceof MemoryKeyManager) { - return (MemoryKeyManager) gitblit().getPublicKeyManager(); - } else { - throw new RuntimeException("unexpected key manager type " + mgr.getClass().getName()); - } - } - - @Before - public void prepare() { - rwKeyPair = generator.generateKeyPair(); - - MemoryKeyManager keyMgr = getKeyManager(); - keyMgr.addKey(username, new SshKey(rwKeyPair.getPublic())); - - roKeyPair = generator.generateKeyPair(); - SshKey sshKey = new SshKey(roKeyPair.getPublic()); - sshKey.setPermission(AccessPermission.CLONE); - keyMgr.addKey(username, sshKey); - } - - @After - public void tearDown() { - MemoryKeyManager keyMgr = getKeyManager(); - keyMgr.removeAllKeys(username); - } - - protected SshClient getClient() { - SshClient client = SshClient.setUpDefaultClient(); - client.setServerKeyVerifier(new ServerKeyVerifier() { - @Override - public boolean verifyServerKey(ClientSession sshClientSession, SocketAddress remoteAddress, PublicKey serverKey) { - return true; - } - }); - client.start(); - return client; - } - - protected String testSshCommand(String cmd) throws IOException, InterruptedException { - return testSshCommand(cmd, null); - } - - protected String testSshCommand(String cmd, String stdin) throws IOException, InterruptedException { - SshClient client = getClient(); - ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).await().getSession(); - session.addPublicKeyIdentity(rwKeyPair); - assertTrue(session.auth().await().isSuccess()); - - ClientChannel channel = session.createChannel(ClientChannel.CHANNEL_EXEC, cmd); - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - if (stdin != null) { - Writer w = new OutputStreamWriter(baos); - w.write(stdin); - w.close(); - } - channel.setIn(new ByteArrayInputStream(baos.toByteArray())); - - ByteArrayOutputStream out = new ByteArrayOutputStream(); - ByteArrayOutputStream err = new ByteArrayOutputStream(); - channel.setOut(out); - channel.setErr(err); - channel.open(); - - channel.waitFor(ClientChannel.CLOSED, 0); - - String result = out.toString().trim(); - channel.close(false); - client.stop(); - return result; - } + protected static final AtomicBoolean started = new AtomicBoolean(false); + protected static KeyPairGenerator generator; + protected KeyPair rwKeyPair; + protected KeyPair roKeyPair; + protected String username = "admin"; + protected String password = "admin"; + + @BeforeClass + public static void startGitblit() throws Exception { + generator = SecurityUtils.getKeyPairGenerator("RSA"); + started.set(GitBlitSuite.startGitblit()); + } + + @AfterClass + public static void stopGitblit() throws Exception { + if (started.get()) { + GitBlitSuite.stopGitblit(); + } + } + + protected MemoryKeyManager getKeyManager() { + IPublicKeyManager mgr = gitblit().getPublicKeyManager(); + if (mgr instanceof MemoryKeyManager) { + return (MemoryKeyManager) gitblit().getPublicKeyManager(); + } else { + throw new RuntimeException("unexpected key manager type " + mgr.getClass().getName()); + } + } + + @Before + public void prepare() { + rwKeyPair = generator.generateKeyPair(); + + MemoryKeyManager keyMgr = getKeyManager(); + keyMgr.addKey(username, new SshKey(rwKeyPair.getPublic())); + + roKeyPair = generator.generateKeyPair(); + SshKey sshKey = new SshKey(roKeyPair.getPublic()); + sshKey.setPermission(AccessPermission.CLONE); + keyMgr.addKey(username, sshKey); + } + + @After + public void tearDown() { + MemoryKeyManager keyMgr = getKeyManager(); + keyMgr.removeAllKeys(username); + } + + protected SshClient getClient() { + SshClient client = SshClient.setUpDefaultClient(); + client.setServerKeyVerifier(new ServerKeyVerifier() { + @Override + public boolean verifyServerKey(ClientSession sshClientSession, SocketAddress remoteAddress, PublicKey serverKey) { + return true; + } + }); + client.start(); + return client; + } + + protected String testSshCommand(String cmd) throws IOException, InterruptedException { + return testSshCommand(cmd, null); + } + + + protected String testSshCommand(String cmd, String stdin) throws IOException, InterruptedException { + SshClient client = getClient(); + ConnectFuture futureConnection = client.connect(username, "localhost", GitBlitSuite.sshPort); + futureConnection.await(); + ClientSession session = (ClientSession) futureConnection.getSession(); + session.addPublicKeyIdentity(rwKeyPair); + AuthFuture authFuture = session.auth(); + authFuture.await(); + assertTrue(authFuture.isSuccess()); + + ClientChannel channel = session.createChannel(ClientChannel.CHANNEL_EXEC, cmd); + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + if (stdin != null) { + Writer w = new OutputStreamWriter(baos); + w.write(stdin); + w.close(); + } + channel.setIn(new ByteArrayInputStream(baos.toByteArray())); + + ByteArrayOutputStream out = new ByteArrayOutputStream(); + ByteArrayOutputStream err = new ByteArrayOutputStream(); + channel.setOut(out); + channel.setErr(err); + channel.open(); + + channel.waitFor(Collections.singleton(ClientChannelEvent.EOF), 0); + + String result = out.toString().trim(); + channel.close(false); + client.stop(); + return result; + } }