From 18231200d33b62d2d96286b9bbd84476df5d9189 Mon Sep 17 00:00:00 2001 From: Morten Bøgeskov Date: Thu, 4 Jun 2015 08:24:34 +0200 Subject: Added git.sshDisplay{Port|Host} to hide port forward. Running gitblit in a container it's easy to expose the ssh on the default port. Using git.sshDisplayPort/git.sshDisplayHost you can expose the forwarded address as the official location. --- src/main/distrib/data/defaults.properties | 12 ++++++++++++ .../com/gitblit/servlet/SparkleShareInviteServlet.java | 8 +++++++- src/main/java/com/gitblit/transport/ssh/SshDaemon.java | 14 +++++++++++--- .../java/com/gitblit/transport/ssh/WelcomeShell.java | 11 ++++++++--- .../com/gitblit/transport/ssh/commands/SshCommand.java | 16 +++++++++++----- 5 files changed, 49 insertions(+), 12 deletions(-) (limited to 'src') diff --git a/src/main/distrib/data/defaults.properties b/src/main/distrib/data/defaults.properties index cc42d907..272eec08 100644 --- a/src/main/distrib/data/defaults.properties +++ b/src/main/distrib/data/defaults.properties @@ -112,6 +112,18 @@ git.sshPort = 29418 # RESTART REQUIRED git.sshBindInterface = +# Manually specify the hostname to use in advertised SSH repository urls. +# This may be useful in complex forwarding setups. +# +# SINCE 1.7.0 +git.sshDisplayHost = + +# Manually specify the port to use in advertised SSH repository urls. +# This may be useful in complex forwarding setups. +# +# SINCE 1.7.0 +git.sshDisplayPort = + # Specify the SSH key manager to use for retrieving, storing, and removing # SSH keys. # diff --git a/src/main/java/com/gitblit/servlet/SparkleShareInviteServlet.java b/src/main/java/com/gitblit/servlet/SparkleShareInviteServlet.java index 69c254cb..d2ddc2c8 100644 --- a/src/main/java/com/gitblit/servlet/SparkleShareInviteServlet.java +++ b/src/main/java/com/gitblit/servlet/SparkleShareInviteServlet.java @@ -89,6 +89,8 @@ public class SparkleShareInviteServlet extends HttpServlet { response.getWriter().append("SSH is not active on this server!"); return; } + int sshDisplayPort = settings.getInteger(Keys.git.sshDisplayPort, sshPort); + // extract repo name from request String repoUrl = request.getPathInfo().substring(1); @@ -112,6 +114,10 @@ public class SparkleShareInviteServlet extends HttpServlet { if (!StringUtils.isEmpty(url) && url.indexOf("localhost") == -1) { host = new URL(url).getHost(); } + String sshDisplayHost = settings.getString(Keys.git.sshDisplayHost, ""); + if(sshDisplayHost.isEmpty()) { + sshDisplayHost = host; + } UserModel user; if (StringUtils.isEmpty(username)) { @@ -141,7 +147,7 @@ public class SparkleShareInviteServlet extends HttpServlet { StringBuilder sb = new StringBuilder(); sb.append("\n"); sb.append("\n"); - sb.append(MessageFormat.format("
ssh://{0}@{1}:{2,number,0}/
\n", user.username, host, sshPort)); + sb.append(MessageFormat.format("
ssh://{0}@{1}:{2,number,0}/
\n", user.username, sshDisplayHost, sshDisplayPort)); sb.append(MessageFormat.format("/{0}\n", model.name)); int fanoutPort = settings.getInteger(Keys.fanout.port, 0); if (fanoutPort > 0) { diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java index 0ff5c284..4756d967 100644 --- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java +++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java @@ -200,14 +200,22 @@ public class SshDaemon { } public String formatUrl(String gituser, String servername, String repository) { - if (sshd.getPort() == DEFAULT_PORT) { + IStoredSettings settings = gitblit.getSettings(); + + int port = sshd.getPort(); + int displayPort = settings.getInteger(Keys.git.sshDisplayPort, port); + String displayServername = settings.getString(Keys.git.sshDisplayHost, ""); + if(displayServername.isEmpty()) { + displayServername = servername; + } + if (displayPort == DEFAULT_PORT) { // standard port - return MessageFormat.format("ssh://{0}@{1}/{2}", gituser, servername, + return MessageFormat.format("ssh://{0}@{1}/{2}", gituser, displayServername, repository); } else { // non-standard port return MessageFormat.format("ssh://{0}@{1}:{2,number,0}/{3}", - gituser, servername, sshd.getPort(), repository); + gituser, displayServername, displayPort, repository); } } diff --git a/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java b/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java index 852756a7..267082ac 100644 --- a/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java +++ b/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java @@ -200,13 +200,18 @@ public class WelcomeShell implements Factory { } private String formatUrl(String hostname, int port, String username) { - if (port == 22) { + int displayPort = settings.getInteger(Keys.git.sshDisplayPort, port); + String displayHostname = settings.getString(Keys.git.sshDisplayHost, ""); + if(displayHostname.isEmpty()) { + displayHostname = hostname; + } + if (displayPort == 22) { // standard port - return MessageFormat.format("{0}@{1}/REPOSITORY.git", username, hostname); + return MessageFormat.format("{0}@{1}/REPOSITORY.git", username, displayHostname); } else { // non-standard port return MessageFormat.format("ssh://{0}@{1}:{2,number,0}/REPOSITORY.git", - username, hostname, port); + username, displayHostname, displayPort); } } } diff --git a/src/main/java/com/gitblit/transport/ssh/commands/SshCommand.java b/src/main/java/com/gitblit/transport/ssh/commands/SshCommand.java index f18b99bc..06b0e8d8 100644 --- a/src/main/java/com/gitblit/transport/ssh/commands/SshCommand.java +++ b/src/main/java/com/gitblit/transport/ssh/commands/SshCommand.java @@ -16,6 +16,7 @@ */ package com.gitblit.transport.ssh.commands; +import com.gitblit.IStoredSettings; import java.io.IOException; import java.io.PrintWriter; import java.net.MalformedURLException; @@ -73,15 +74,20 @@ public abstract class SshCommand extends BaseCommand { protected String getRepositoryUrl(String repository) { String username = getContext().getClient().getUsername(); - String hostname = getHostname(); - int port = getContext().getGitblit().getSettings().getInteger(Keys.git.sshPort, 0); - if (port == 22) { + IStoredSettings settings = getContext().getGitblit().getSettings(); + String displayHostname = settings.getString(Keys.git.sshDisplayHost, ""); + if(displayHostname.isEmpty()) { + displayHostname = getHostname(); + } + int port = settings.getInteger(Keys.git.sshPort, 0); + int displayPort = settings.getInteger(Keys.git.sshDisplayPort, port); + if (displayPort == 22) { // standard port - return MessageFormat.format("{0}@{1}/{2}.git", username, hostname, repository); + return MessageFormat.format("{0}@{1}/{2}.git", username, displayHostname, repository); } else { // non-standard port return MessageFormat.format("ssh://{0}@{1}:{2,number,0}/{3}", - username, hostname, port, repository); + username, displayHostname, displayPort, repository); } } -- cgit v1.2.3 From b3aabb94c9935e61ba16bb5ab506c123ae29fbf3 Mon Sep 17 00:00:00 2001 From: James Moger Date: Mon, 15 Jun 2015 12:56:23 -0400 Subject: Renamed ssh.Display(Host|Port) to ssh.Advertised(Host|Port) --- src/main/distrib/data/defaults.properties | 4 ++-- .../com/gitblit/servlet/SparkleShareInviteServlet.java | 8 ++++---- src/main/java/com/gitblit/transport/ssh/SshDaemon.java | 16 ++++++++-------- .../java/com/gitblit/transport/ssh/WelcomeShell.java | 4 ++-- .../com/gitblit/transport/ssh/commands/SshCommand.java | 6 +++--- 5 files changed, 19 insertions(+), 19 deletions(-) (limited to 'src') diff --git a/src/main/distrib/data/defaults.properties b/src/main/distrib/data/defaults.properties index 272eec08..60c914ba 100644 --- a/src/main/distrib/data/defaults.properties +++ b/src/main/distrib/data/defaults.properties @@ -116,13 +116,13 @@ git.sshBindInterface = # This may be useful in complex forwarding setups. # # SINCE 1.7.0 -git.sshDisplayHost = +git.sshAdvertisedHost = # Manually specify the port to use in advertised SSH repository urls. # This may be useful in complex forwarding setups. # # SINCE 1.7.0 -git.sshDisplayPort = +git.sshAdvertisedPort = # Specify the SSH key manager to use for retrieving, storing, and removing # SSH keys. diff --git a/src/main/java/com/gitblit/servlet/SparkleShareInviteServlet.java b/src/main/java/com/gitblit/servlet/SparkleShareInviteServlet.java index d2ddc2c8..e989ece3 100644 --- a/src/main/java/com/gitblit/servlet/SparkleShareInviteServlet.java +++ b/src/main/java/com/gitblit/servlet/SparkleShareInviteServlet.java @@ -19,8 +19,6 @@ import java.io.IOException; import java.net.URL; import java.text.MessageFormat; -import com.google.inject.Inject; -import com.google.inject.Singleton; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; @@ -34,6 +32,8 @@ import com.gitblit.manager.IUserManager; import com.gitblit.models.RepositoryModel; import com.gitblit.models.UserModel; import com.gitblit.utils.StringUtils; +import com.google.inject.Inject; +import com.google.inject.Singleton; /** * Handles requests for Sparkleshare Invites @@ -89,7 +89,7 @@ public class SparkleShareInviteServlet extends HttpServlet { response.getWriter().append("SSH is not active on this server!"); return; } - int sshDisplayPort = settings.getInteger(Keys.git.sshDisplayPort, sshPort); + int sshDisplayPort = settings.getInteger(Keys.git.sshAdvertisedPort, sshPort); // extract repo name from request String repoUrl = request.getPathInfo().substring(1); @@ -114,7 +114,7 @@ public class SparkleShareInviteServlet extends HttpServlet { if (!StringUtils.isEmpty(url) && url.indexOf("localhost") == -1) { host = new URL(url).getHost(); } - String sshDisplayHost = settings.getString(Keys.git.sshDisplayHost, ""); + String sshDisplayHost = settings.getString(Keys.git.sshAdvertisedHost, ""); if(sshDisplayHost.isEmpty()) { sshDisplayHost = host; } diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java index 4756d967..68a2e901 100644 --- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java +++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java @@ -35,8 +35,8 @@ import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory; import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory; import org.apache.sshd.common.keyprovider.FileKeyPairProvider; import org.apache.sshd.common.util.SecurityUtils; -import org.apache.sshd.server.auth.CachingPublicKeyAuthenticator; import org.apache.sshd.server.UserAuth; +import org.apache.sshd.server.auth.CachingPublicKeyAuthenticator; import org.apache.sshd.server.auth.UserAuthKeyboardInteractive; import org.apache.sshd.server.auth.UserAuthPassword; import org.apache.sshd.server.auth.UserAuthPublicKey; @@ -130,7 +130,7 @@ public class SshDaemon { } else { addr = new InetSocketAddress(bindInterface, port); } - + //Will do GSS ? GSSAuthenticator gssAuthenticator = null; if(settings.getBoolean(Keys.git.sshWithKrb5, false)) { @@ -144,9 +144,9 @@ public class SshDaemon { ""); if(! servicePrincipalName.isEmpty()) { gssAuthenticator.setServicePrincipalName(servicePrincipalName); - } + } } - + //Sort the authenticators for sshd List> userAuthFactories = new ArrayList<>(); String sshAuthenticatorsOrderString = settings.getString(Keys.git.sshAuthenticatorsOrder, @@ -156,7 +156,7 @@ public class SshDaemon { switch (authenticatorName) { case "gssapi-with-mic": if(gssAuthenticator != null) { - userAuthFactories.add(new UserAuthGSS.Factory()); + userAuthFactories.add(new UserAuthGSS.Factory()); } break; case "publickey": @@ -172,7 +172,7 @@ public class SshDaemon { log.error("Unknown ssh authenticator: '{}'", authenticatorName); } } - + // Create the SSH server sshd = SshServer.setUpDefaultServer(); sshd.setPort(addr.getPort()); @@ -203,8 +203,8 @@ public class SshDaemon { IStoredSettings settings = gitblit.getSettings(); int port = sshd.getPort(); - int displayPort = settings.getInteger(Keys.git.sshDisplayPort, port); - String displayServername = settings.getString(Keys.git.sshDisplayHost, ""); + int displayPort = settings.getInteger(Keys.git.sshAdvertisedPort, port); + String displayServername = settings.getString(Keys.git.sshAdvertisedHost, ""); if(displayServername.isEmpty()) { displayServername = servername; } diff --git a/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java b/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java index 267082ac..ec6f7291 100644 --- a/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java +++ b/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java @@ -200,8 +200,8 @@ public class WelcomeShell implements Factory { } private String formatUrl(String hostname, int port, String username) { - int displayPort = settings.getInteger(Keys.git.sshDisplayPort, port); - String displayHostname = settings.getString(Keys.git.sshDisplayHost, ""); + int displayPort = settings.getInteger(Keys.git.sshAdvertisedPort, port); + String displayHostname = settings.getString(Keys.git.sshAdvertisedHost, ""); if(displayHostname.isEmpty()) { displayHostname = hostname; } diff --git a/src/main/java/com/gitblit/transport/ssh/commands/SshCommand.java b/src/main/java/com/gitblit/transport/ssh/commands/SshCommand.java index 06b0e8d8..02764db6 100644 --- a/src/main/java/com/gitblit/transport/ssh/commands/SshCommand.java +++ b/src/main/java/com/gitblit/transport/ssh/commands/SshCommand.java @@ -16,7 +16,6 @@ */ package com.gitblit.transport.ssh.commands; -import com.gitblit.IStoredSettings; import java.io.IOException; import java.io.PrintWriter; import java.net.MalformedURLException; @@ -28,6 +27,7 @@ import org.eclipse.jgit.util.SystemReader; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import com.gitblit.IStoredSettings; import com.gitblit.Keys; import com.gitblit.manager.IGitblit; import com.gitblit.utils.StringUtils; @@ -75,12 +75,12 @@ public abstract class SshCommand extends BaseCommand { protected String getRepositoryUrl(String repository) { String username = getContext().getClient().getUsername(); IStoredSettings settings = getContext().getGitblit().getSettings(); - String displayHostname = settings.getString(Keys.git.sshDisplayHost, ""); + String displayHostname = settings.getString(Keys.git.sshAdvertisedHost, ""); if(displayHostname.isEmpty()) { displayHostname = getHostname(); } int port = settings.getInteger(Keys.git.sshPort, 0); - int displayPort = settings.getInteger(Keys.git.sshDisplayPort, port); + int displayPort = settings.getInteger(Keys.git.sshAdvertisedPort, port); if (displayPort == 22) { // standard port return MessageFormat.format("{0}@{1}/{2}.git", username, displayHostname, repository); -- cgit v1.2.3