From: Thomas Wolf Date: Tue, 28 Dec 2021 17:07:21 +0000 (+0100) Subject: sshd: handle "IdentityAgent SSH_AUTH_SOCK" in ssh config X-Git-Tag: v6.1.0.202202221755-m3~47 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=refs%2Fchanges%2F75%2F189375%2F3;p=jgit.git sshd: handle "IdentityAgent SSH_AUTH_SOCK" in ssh config OpenSSH has (for legacy reasons?) the option of specifying the default environment variable directly, instead of using ${SSH_AUTH_SOCK}. Make sure the plain variable name is not taken as a relative path name. Bug: 577053 Change-Id: If8f550dffc43887254f71aa0b487c50fa14d0627 Signed-off-by: Thomas Wolf --- diff --git a/org.eclipse.jgit.ssh.apache.agent/src/org/eclipse/jgit/internal/transport/sshd/agent/connector/Sockets.java b/org.eclipse.jgit.ssh.apache.agent/src/org/eclipse/jgit/internal/transport/sshd/agent/connector/Sockets.java index 3d95bdb51c..52cf5f22f2 100644 --- a/org.eclipse.jgit.ssh.apache.agent/src/org/eclipse/jgit/internal/transport/sshd/agent/connector/Sockets.java +++ b/org.eclipse.jgit.ssh.apache.agent/src/org/eclipse/jgit/internal/transport/sshd/agent/connector/Sockets.java @@ -23,11 +23,6 @@ public final class Sockets { // No instantiation } - /** - * Default SSH agent socket environment variable name. - */ - public static final String ENV_SSH_AUTH_SOCK = "SSH_AUTH_SOCK"; //$NON-NLS-1$ - /** * Domain for Unix domain sockets. */ diff --git a/org.eclipse.jgit.ssh.apache.agent/src/org/eclipse/jgit/internal/transport/sshd/agent/connector/UnixDomainSocketConnector.java b/org.eclipse.jgit.ssh.apache.agent/src/org/eclipse/jgit/internal/transport/sshd/agent/connector/UnixDomainSocketConnector.java index 3b75f3a7da..95ac34f940 100644 --- a/org.eclipse.jgit.ssh.apache.agent/src/org/eclipse/jgit/internal/transport/sshd/agent/connector/UnixDomainSocketConnector.java +++ b/org.eclipse.jgit.ssh.apache.agent/src/org/eclipse/jgit/internal/transport/sshd/agent/connector/UnixDomainSocketConnector.java @@ -11,10 +11,10 @@ package org.eclipse.jgit.internal.transport.sshd.agent.connector; import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.AF_UNIX; import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.DEFAULT_PROTOCOL; -import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.ENV_SSH_AUTH_SOCK; import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.SOCK_STREAM; import static org.eclipse.jgit.internal.transport.sshd.agent.connector.UnixSockets.FD_CLOEXEC; import static org.eclipse.jgit.internal.transport.sshd.agent.connector.UnixSockets.F_SETFD; +import static org.eclipse.jgit.transport.SshConstants.ENV_SSH_AUTH_SOCKET; import java.io.IOException; import java.nio.charset.StandardCharsets; @@ -46,7 +46,7 @@ public class UnixDomainSocketConnector extends AbstractConnector { @Override public String getIdentityAgent() { - return ENV_SSH_AUTH_SOCK; + return ENV_SSH_AUTH_SOCKET; } @Override @@ -91,8 +91,9 @@ public class UnixDomainSocketConnector extends AbstractConnector { public UnixDomainSocketConnector(String socketFile) { super(); String file = socketFile; - if (StringUtils.isEmptyOrNull(file)) { - file = SystemReader.getInstance().getenv(ENV_SSH_AUTH_SOCK); + if (StringUtils.isEmptyOrNull(file) + || ENV_SSH_AUTH_SOCKET.equals(file)) { + file = SystemReader.getInstance().getenv(ENV_SSH_AUTH_SOCKET); } this.socketFile = file; } diff --git a/org.eclipse.jgit.test/tst/org/eclipse/jgit/internal/transport/ssh/OpenSshConfigFileTest.java b/org.eclipse.jgit.test/tst/org/eclipse/jgit/internal/transport/ssh/OpenSshConfigFileTest.java index 9c5cd16f99..876a9999a2 100644 --- a/org.eclipse.jgit.test/tst/org/eclipse/jgit/internal/transport/ssh/OpenSshConfigFileTest.java +++ b/org.eclipse.jgit.test/tst/org/eclipse/jgit/internal/transport/ssh/OpenSshConfigFileTest.java @@ -570,6 +570,14 @@ public class OpenSshConfigFileTest extends RepositoryTestCase { h.getValue(SshConstants.IDENTITY_AGENT)); } + @Test + public void testIdentityAgentSshAuthSock() throws Exception { + config("Host orcz\nIdentityAgent SSH_AUTH_SOCK\n"); + HostConfig h = lookup("orcz"); + assertEquals(SshConstants.ENV_SSH_AUTH_SOCKET, + h.getValue(SshConstants.IDENTITY_AGENT)); + } + @Test public void testNegativeMatch() throws Exception { config("Host foo.bar !foobar.baz *.baz\n" + "Port 29418\n"); diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/internal/transport/ssh/OpenSshConfigFile.java b/org.eclipse.jgit/src/org/eclipse/jgit/internal/transport/ssh/OpenSshConfigFile.java index 4e8048baa8..cf966a528e 100644 --- a/org.eclipse.jgit/src/org/eclipse/jgit/internal/transport/ssh/OpenSshConfigFile.java +++ b/org.eclipse.jgit/src/org/eclipse/jgit/internal/transport/ssh/OpenSshConfigFile.java @@ -871,7 +871,8 @@ public class OpenSshConfigFile implements SshConfigStore { if (options != null) { // HOSTNAME already done above String value = options.get(SshConstants.IDENTITY_AGENT); - if (value != null && !SshConstants.NONE.equals(value)) { + if (value != null && !SshConstants.NONE.equals(value) + && !SshConstants.ENV_SSH_AUTH_SOCKET.equals(value)) { value = r.substitute(value, Replacer.DEFAULT_TOKENS, true); value = toFile(value, home).getPath(); options.put(SshConstants.IDENTITY_AGENT, value); diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/transport/SshConstants.java b/org.eclipse.jgit/src/org/eclipse/jgit/transport/SshConstants.java index 212a4e46c1..698982e1ae 100644 --- a/org.eclipse.jgit/src/org/eclipse/jgit/transport/SshConstants.java +++ b/org.eclipse.jgit/src/org/eclipse/jgit/transport/SshConstants.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2018, 2020 Thomas Wolf and others + * Copyright (C) 2018, 2021 Thomas Wolf and others * * This program and the accompanying materials are made available under the * terms of the Eclipse Distribution License v. 1.0 which is available at @@ -229,4 +229,12 @@ public final class SshConstants { public static final String[] DEFAULT_IDENTITIES = { // ID_RSA, ID_DSA, ID_ECDSA, ID_ED25519 }; + + /** + * Name of the environment variable holding the Unix domain socket for + * communication with an SSH agent. + * + * @since 6.1 + */ + public static final String ENV_SSH_AUTH_SOCKET = "SSH_AUTH_SOCK"; }