mirrors
/
jgit
mirror of https://github.com/eclipse/jgit.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 204 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6486 Commits
49 Branches
Tree: 488d95571f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '488d95571f'
${ noResults }
jgit/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitSshClient.java

JGitSshClient.java 10KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320 
  1. /*

  2.  * Copyright (C) 2018, Thomas Wolf <thomas.wolf@paranor.ch>

  3.  * and other copyright owners as documented in the project's IP log.

  4.  *

  5.  * This program and the accompanying materials are made available

  6.  * under the terms of the Eclipse Distribution License v1.0 which

  7.  * accompanies this distribution, is reproduced below, and is

  8.  * available at http://www.eclipse.org/org/documents/edl-v10.php

  9.  *

  10.  * All rights reserved.

  11.  *

  12.  * Redistribution and use in source and binary forms, with or

  13.  * without modification, are permitted provided that the following

  14.  * conditions are met:

  15.  *

  16.  * - Redistributions of source code must retain the above copyright

  17.  *   notice, this list of conditions and the following disclaimer.

  18.  *

  19.  * - Redistributions in binary form must reproduce the above

  20.  *   copyright notice, this list of conditions and the following

  21.  *   disclaimer in the documentation and/or other materials provided

  22.  *   with the distribution.

  23.  *

  24.  * - Neither the name of the Eclipse Foundation, Inc. nor the

  25.  *   names of its contributors may be used to endorse or promote

  26.  *   products derived from this software without specific prior

  27.  *   written permission.

  28.  *

  29.  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND

  30.  * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,

  31.  * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

  32.  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  33.  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR

  34.  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  35.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  36.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  37.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER

  38.  * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  39.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  40.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF

  41.  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

  42.  */

  43. package org.eclipse.jgit.internal.transport.sshd;

  44. 

  45. import static java.text.MessageFormat.format;

  46. 

  47. import java.io.IOException;

  48. import java.net.InetSocketAddress;

  49. import java.nio.file.Files;

  50. import java.nio.file.InvalidPathException;

  51. import java.nio.file.Path;

  52. import java.nio.file.Paths;

  53. import java.security.KeyPair;

  54. import java.util.Arrays;

  55. import java.util.Iterator;

  56. import java.util.List;

  57. import java.util.NoSuchElementException;

  58. import java.util.Objects;

  59. import java.util.stream.Collectors;

  60. 

  61. import org.apache.sshd.client.SshClient;

  62. import org.apache.sshd.client.config.hosts.HostConfigEntry;

  63. import org.apache.sshd.client.future.ConnectFuture;

  64. import org.apache.sshd.client.future.DefaultConnectFuture;

  65. import org.apache.sshd.client.session.ClientSessionImpl;

  66. import org.apache.sshd.client.session.SessionFactory;

  67. import org.apache.sshd.common.future.SshFutureListener;

  68. import org.apache.sshd.common.io.IoConnectFuture;

  69. import org.apache.sshd.common.io.IoSession;

  70. import org.apache.sshd.common.keyprovider.FileKeyPairProvider;

  71. import org.apache.sshd.common.keyprovider.KeyPairProvider;

  72. import org.apache.sshd.common.session.helpers.AbstractSession;

  73. import org.apache.sshd.common.util.ValidateUtils;

  74. import org.eclipse.jgit.transport.CredentialsProvider;

  75. import org.eclipse.jgit.transport.SshConstants;

  76. import org.eclipse.jgit.transport.sshd.KeyCache;

  77. 

  78. /**

  79.  * Customized {@link SshClient} for JGit. It creates specialized

  80.  * {@link JGitClientSession}s that know about the {@link HostConfigEntry} they

  81.  * were created for, and it loads all KeyPair identities lazily.

  82.  */

  83. public class JGitSshClient extends SshClient {

  84. 

  85. 	private KeyCache keyCache;

  86. 

  87. 	private CredentialsProvider credentialsProvider;

  88. 

  89. 	@Override

  90. 	protected SessionFactory createSessionFactory() {

  91. 		// Override the parent's default

  92. 		return new JGitSessionFactory(this);

  93. 	}

  94. 

  95. 	@Override

  96. 	public ConnectFuture connect(HostConfigEntry hostConfig)

  97. 			throws IOException {

  98. 		if (connector == null) {

  99. 			throw new IllegalStateException("SshClient not started."); //$NON-NLS-1$

  100. 		}

  101. 		Objects.requireNonNull(hostConfig, "No host configuration"); //$NON-NLS-1$

  102. 		String host = ValidateUtils.checkNotNullAndNotEmpty(

  103. 				hostConfig.getHostName(), "No target host"); //$NON-NLS-1$

  104. 		int port = hostConfig.getPort();

  105. 		ValidateUtils.checkTrue(port > 0, "Invalid port: %d", port); //$NON-NLS-1$

  106. 		String userName = hostConfig.getUsername();

  107. 		InetSocketAddress address = new InetSocketAddress(host, port);

  108. 		ConnectFuture connectFuture = new DefaultConnectFuture(

  109. 				userName + '@' + address, null);

  110. 		SshFutureListener<IoConnectFuture> listener = createConnectCompletionListener(

  111. 				connectFuture, userName, address, hostConfig);

  112. 		connector.connect(address).addListener(listener);

  113. 		return connectFuture;

  114. 	}

  115. 

  116. 	private SshFutureListener<IoConnectFuture> createConnectCompletionListener(

  117. 			ConnectFuture connectFuture, String username,

  118. 			InetSocketAddress address, HostConfigEntry hostConfig) {

  119. 		return new SshFutureListener<IoConnectFuture>() {

  120. 

  121. 			@Override

  122. 			public void operationComplete(IoConnectFuture future) {

  123. 				if (future.isCanceled()) {

  124. 					connectFuture.cancel();

  125. 					return;

  126. 				}

  127. 				Throwable t = future.getException();

  128. 				if (t != null) {

  129. 					connectFuture.setException(t);

  130. 					return;

  131. 				}

  132. 				IoSession ioSession = future.getSession();

  133. 				try {

  134. 					JGitClientSession session = createSession(ioSession,

  135. 							username, address, hostConfig);

  136. 					connectFuture.setSession(session);

  137. 				} catch (RuntimeException e) {

  138. 					connectFuture.setException(e);

  139. 					ioSession.close(true);

  140. 				}

  141. 			}

  142. 

  143. 			@Override

  144. 			public String toString() {

  145. 				return "JGitSshClient$ConnectCompletionListener[" + username //$NON-NLS-1$

  146. 						+ '@' + address + ']';

  147. 			}

  148. 		};

  149. 	}

  150. 

  151. 	private JGitClientSession createSession(IoSession ioSession,

  152. 			String username, InetSocketAddress address,

  153. 			HostConfigEntry hostConfig) {

  154. 		AbstractSession rawSession = AbstractSession.getSession(ioSession);

  155. 		if (!(rawSession instanceof JGitClientSession)) {

  156. 			throw new IllegalStateException("Wrong session type: " //$NON-NLS-1$

  157. 					+ rawSession.getClass().getCanonicalName());

  158. 		}

  159. 		JGitClientSession session = (JGitClientSession) rawSession;

  160. 		session.setUsername(username);

  161. 		session.setConnectAddress(address);

  162. 		session.setHostConfigEntry(hostConfig);

  163. 		if (session.getCredentialsProvider() == null) {

  164. 			session.setCredentialsProvider(getCredentialsProvider());

  165. 		}

  166. 		FileKeyPairProvider ourConfiguredKeysProvider = null;

  167. 		List<Path> identities = hostConfig.getIdentities().stream()

  168. 				.map(s -> {

  169. 					try {

  170. 						return Paths.get(s);

  171. 					} catch (InvalidPathException e) {

  172. 						log.warn(format(SshdText.get().configInvalidPath,

  173. 								SshConstants.IDENTITY_FILE, s), e);

  174. 						return null;

  175. 					}

  176. 				}).filter(p -> p != null && Files.exists(p))

  177. 				.collect(Collectors.toList());

  178. 		ourConfiguredKeysProvider = new CachingKeyPairProvider(identities,

  179. 				keyCache);

  180. 		ourConfiguredKeysProvider.setPasswordFinder(getFilePasswordProvider());

  181. 		if (hostConfig.isIdentitiesOnly()) {

  182. 			session.setKeyPairProvider(ourConfiguredKeysProvider);

  183. 		} else {

  184. 			KeyPairProvider defaultKeysProvider = getKeyPairProvider();

  185. 			if (defaultKeysProvider instanceof FileKeyPairProvider) {

  186. 				((FileKeyPairProvider) defaultKeysProvider)

  187. 						.setPasswordFinder(getFilePasswordProvider());

  188. 			}

  189. 			KeyPairProvider combinedProvider = new CombinedKeyPairProvider(

  190. 					ourConfiguredKeysProvider, defaultKeysProvider);

  191. 			session.setKeyPairProvider(combinedProvider);

  192. 		}

  193. 		return session;

  194. 	}

  195. 

  196. 	/**

  197. 	 * Set a cache for loaded keys. Newly discovered keys will be added when

  198. 	 * IdentityFile host entries from the ssh config file are used during

  199. 	 * session authentication.

  200. 	 *

  201. 	 * @param cache

  202. 	 *            to use

  203. 	 */

  204. 	public void setKeyCache(KeyCache cache) {

  205. 		keyCache = cache;

  206. 	}

  207. 

  208. 	/**

  209. 	 * Sets the {@link CredentialsProvider} for this client.

  210. 	 *

  211. 	 * @param provider

  212. 	 *            to set

  213. 	 */

  214. 	public void setCredentialsProvider(CredentialsProvider provider) {

  215. 		credentialsProvider = provider;

  216. 	}

  217. 

  218. 	/**

  219. 	 * Retrieves the {@link CredentialsProvider} set for this client.

  220. 	 *

  221. 	 * @return the provider, or {@code null} if none is set.

  222. 	 */

  223. 	public CredentialsProvider getCredentialsProvider() {

  224. 		return credentialsProvider;

  225. 	}

  226. 

  227. 	/**

  228. 	 * A {@link SessionFactory} to create our own specialized

  229. 	 * {@link JGitClientSession}s.

  230. 	 */

  231. 	private static class JGitSessionFactory extends SessionFactory {

  232. 

  233. 		public JGitSessionFactory(JGitSshClient client) {

  234. 			super(client);

  235. 		}

  236. 

  237. 		@Override

  238. 		protected ClientSessionImpl doCreateSession(IoSession ioSession)

  239. 				throws Exception {

  240. 			return new JGitClientSession(getClient(), ioSession);

  241. 		}

  242. 	}

  243. 

  244. 	/**

  245. 	 * A {@link KeyPairProvider} that iterates over the {@link Iterable}s

  246. 	 * returned by other {@link KeyPairProvider}s.

  247. 	 */

  248. 	private static class CombinedKeyPairProvider implements KeyPairProvider {

  249. 

  250. 		private final List<KeyPairProvider> providers;

  251. 

  252. 		public CombinedKeyPairProvider(KeyPairProvider... providers) {

  253. 			this(Arrays.stream(providers).filter(Objects::nonNull)

  254. 					.collect(Collectors.toList()));

  255. 		}

  256. 

  257. 		public CombinedKeyPairProvider(List<KeyPairProvider> providers) {

  258. 			this.providers = providers;

  259. 		}

  260. 

  261. 		@Override

  262. 		public Iterable<String> getKeyTypes() {

  263. 			throw new UnsupportedOperationException(

  264. 					"Should not have been called in a ssh client"); //$NON-NLS-1$

  265. 		}

  266. 

  267. 		@Override

  268. 		public KeyPair loadKey(String type) {

  269. 			throw new UnsupportedOperationException(

  270. 					"Should not have been called in a ssh client"); //$NON-NLS-1$

  271. 		}

  272. 

  273. 		@Override

  274. 		public Iterable<KeyPair> loadKeys() {

  275. 			return () -> new Iterator<KeyPair>() {

  276. 

  277. 				private Iterator<KeyPairProvider> factories = providers.iterator();

  278. 				private Iterator<KeyPair> current;

  279. 

  280. 				private Boolean hasElement;

  281. 

  282. 				@Override

  283. 				public boolean hasNext() {

  284. 					if (hasElement != null) {

  285. 						return hasElement.booleanValue();

  286. 					}

  287. 					while (current == null || !current.hasNext()) {

  288. 						if (factories.hasNext()) {

  289. 							current = factories.next().loadKeys().iterator();

  290. 						} else {

  291. 							current = null;

  292. 							hasElement = Boolean.FALSE;

  293. 							return false;

  294. 						}

  295. 					}

  296. 					hasElement = Boolean.TRUE;

  297. 					return true;

  298. 				}

  299. 

  300. 				@Override

  301. 				public KeyPair next() {

  302. 					if (hasElement == null && !hasNext()

  303. 							|| !hasElement.booleanValue()) {

  304. 						throw new NoSuchElementException();

  305. 					}

  306. 					hasElement = null;

  307. 					KeyPair result;

  308. 					try {

  309. 						result = current.next();

  310. 					} catch (NoSuchElementException e) {

  311. 						result = null;

  312. 					}

  313. 					return result;

  314. 				}

  315. 

  316. 			};

  317. 		}

  318. 

  319. 	}

  320. }