Browse Source
Provide a wrapper interface and change the implementation such that a client can substitute its own database of known hosts keys instead of the default file-based mechanism. Bug: 547619 Change-Id: Ifc25a4519fa5bcf7bb8541b9f3e2de15215e3d66 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>stable-5.5
Thomas Wolf
6 years ago
6 changed files with 688 additions and 89 deletions
@ -0,0 +1,221 @@ |
|||||||
|
/* |
||||||
|
* Copyright (C) 2019 Thomas Wolf <thomas.wolf@paranor.ch> |
||||||
|
* and other copyright owners as documented in the project's IP log. |
||||||
|
* |
||||||
|
* This program and the accompanying materials are made available |
||||||
|
* under the terms of the Eclipse Distribution License v1.0 which |
||||||
|
* accompanies this distribution, is reproduced below, and is |
||||||
|
* available at http://www.eclipse.org/org/documents/edl-v10.php
|
||||||
|
* |
||||||
|
* All rights reserved. |
||||||
|
* |
||||||
|
* Redistribution and use in source and binary forms, with or |
||||||
|
* without modification, are permitted provided that the following |
||||||
|
* conditions are met: |
||||||
|
* |
||||||
|
* - Redistributions of source code must retain the above copyright |
||||||
|
* notice, this list of conditions and the following disclaimer. |
||||||
|
* |
||||||
|
* - Redistributions in binary form must reproduce the above |
||||||
|
* copyright notice, this list of conditions and the following |
||||||
|
* disclaimer in the documentation and/or other materials provided |
||||||
|
* with the distribution. |
||||||
|
* |
||||||
|
* - Neither the name of the Eclipse Foundation, Inc. nor the |
||||||
|
* names of its contributors may be used to endorse or promote |
||||||
|
* products derived from this software without specific prior |
||||||
|
* written permission. |
||||||
|
* |
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND |
||||||
|
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, |
||||||
|
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
||||||
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR |
||||||
|
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
||||||
|
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF |
||||||
|
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
||||||
|
*/ |
||||||
|
package org.eclipse.jgit.transport.sshd; |
||||||
|
|
||||||
|
import static org.junit.Assert.assertNotNull; |
||||||
|
import static org.junit.Assert.assertTrue; |
||||||
|
|
||||||
|
import java.io.File; |
||||||
|
import java.io.IOException; |
||||||
|
import java.io.InputStream; |
||||||
|
import java.io.UncheckedIOException; |
||||||
|
import java.net.InetSocketAddress; |
||||||
|
import java.nio.file.Files; |
||||||
|
import java.nio.file.Path; |
||||||
|
import java.security.GeneralSecurityException; |
||||||
|
import java.security.KeyPair; |
||||||
|
import java.security.PublicKey; |
||||||
|
import java.util.Arrays; |
||||||
|
import java.util.Collections; |
||||||
|
import java.util.Iterator; |
||||||
|
import java.util.List; |
||||||
|
|
||||||
|
import org.apache.sshd.common.NamedResource; |
||||||
|
import org.apache.sshd.common.config.keys.KeyUtils; |
||||||
|
import org.apache.sshd.common.keyprovider.KeyIdentityProvider; |
||||||
|
import org.apache.sshd.common.session.SessionContext; |
||||||
|
import org.apache.sshd.common.util.net.SshdSocketAddress; |
||||||
|
import org.apache.sshd.common.util.security.SecurityUtils; |
||||||
|
import org.eclipse.jgit.lib.Constants; |
||||||
|
import org.eclipse.jgit.transport.CredentialsProvider; |
||||||
|
import org.eclipse.jgit.transport.SshSessionFactory; |
||||||
|
import org.eclipse.jgit.transport.ssh.SshTestHarness; |
||||||
|
import org.eclipse.jgit.util.FS; |
||||||
|
import org.junit.After; |
||||||
|
import org.junit.Test; |
||||||
|
|
||||||
|
/** |
||||||
|
* Test for using the SshdSessionFactory without files in ~/.ssh but with an |
||||||
|
* in-memory setup. |
||||||
|
*/ |
||||||
|
public class NoFilesSshTest extends SshTestHarness { |
||||||
|
|
||||||
|
|
||||||
|
private PublicKey testServerKey; |
||||||
|
|
||||||
|
private KeyPair testUserKey; |
||||||
|
|
||||||
|
@Override |
||||||
|
protected SshSessionFactory createSessionFactory() { |
||||||
|
SshdSessionFactory result = new SshdSessionFactory(new JGitKeyCache(), |
||||||
|
null) { |
||||||
|
|
||||||
|
@Override |
||||||
|
protected File getSshConfig(File dir) { |
||||||
|
return null; |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
protected ServerKeyDatabase getServerKeyDatabase(File homeDir, |
||||||
|
File dir) { |
||||||
|
return new ServerKeyDatabase() { |
||||||
|
|
||||||
|
@Override |
||||||
|
public List<PublicKey> lookup(String connectAddress, |
||||||
|
InetSocketAddress remoteAddress, |
||||||
|
Configuration config) { |
||||||
|
return Collections.singletonList(testServerKey); |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
public boolean accept(String connectAddress, |
||||||
|
InetSocketAddress remoteAddress, |
||||||
|
PublicKey serverKey, Configuration config, |
||||||
|
CredentialsProvider provider) { |
||||||
|
return KeyUtils.compareKeys(serverKey, testServerKey); |
||||||
|
} |
||||||
|
|
||||||
|
}; |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
protected Iterable<KeyPair> getDefaultKeys(File dir) { |
||||||
|
// This would work for this simple test case:
|
||||||
|
// return Collections.singletonList(testUserKey);
|
||||||
|
// But let's see if we can check the host and username that's used.
|
||||||
|
// For that, we need access to the sshd SessionContext:
|
||||||
|
return new KeyAuthenticator(); |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
protected String getDefaultPreferredAuthentications() { |
||||||
|
return "publickey"; |
||||||
|
} |
||||||
|
}; |
||||||
|
|
||||||
|
// The home directory is mocked at this point!
|
||||||
|
result.setHomeDirectory(FS.DETECTED.userHome()); |
||||||
|
result.setSshDirectory(sshDir); |
||||||
|
return result; |
||||||
|
} |
||||||
|
|
||||||
|
private class KeyAuthenticator implements KeyIdentityProvider, Iterable<KeyPair> { |
||||||
|
|
||||||
|
@Override |
||||||
|
public Iterator<KeyPair> iterator() { |
||||||
|
// Should not be called. The use of the Iterable interface in
|
||||||
|
// SshdSessionFactory.getDefaultKeys() made sense in sshd 2.0.0,
|
||||||
|
// but sshd 2.2.0 added the SessionContext, which although good
|
||||||
|
// (without it we couldn't check here) breaks the Iterable analogy.
|
||||||
|
// But we're stuck now with that interface for getDefaultKeys, and
|
||||||
|
// so this override throwing an exception is unfortunately needed.
|
||||||
|
throw new UnsupportedOperationException(); |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
public Iterable<KeyPair> loadKeys(SessionContext session) |
||||||
|
throws IOException, GeneralSecurityException { |
||||||
|
if (!TEST_USER.equals(session.getUsername())) { |
||||||
|
return Collections.emptyList(); |
||||||
|
} |
||||||
|
SshdSocketAddress remoteAddress = SshdSocketAddress |
||||||
|
.toSshdSocketAddress(session.getRemoteAddress()); |
||||||
|
switch (remoteAddress.getHostName()) { |
||||||
|
case "localhost": |
||||||
|
case "127.0.0.1": |
||||||
|
return Collections.singletonList(testUserKey); |
||||||
|
default: |
||||||
|
return Collections.emptyList(); |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
@After |
||||||
|
public void cleanUp() { |
||||||
|
testServerKey = null; |
||||||
|
testUserKey = null; |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
protected void installConfig(String... config) { |
||||||
|
File configFile = new File(sshDir, Constants.CONFIG); |
||||||
|
if (config != null) { |
||||||
|
try { |
||||||
|
Files.write(configFile.toPath(), Arrays.asList(config)); |
||||||
|
} catch (IOException e) { |
||||||
|
throw new UncheckedIOException(e); |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
private KeyPair load(Path path) throws Exception { |
||||||
|
try (InputStream in = Files.newInputStream(path)) { |
||||||
|
return SecurityUtils |
||||||
|
.loadKeyPairIdentities(null, |
||||||
|
NamedResource.ofName(path.toString()), in, null) |
||||||
|
.iterator().next(); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
@Test |
||||||
|
public void testCloneWithBuiltInKeys() throws Exception { |
||||||
|
// This test should fail unless our in-memory setup is taken: no
|
||||||
|
// known_hosts file, and a config that specifies a non-existing key.
|
||||||
|
File newHostKey = new File(getTemporaryDirectory(), "newhostkey"); |
||||||
|
copyTestResource("id_ed25519", newHostKey); |
||||||
|
server.addHostKey(newHostKey.toPath(), true); |
||||||
|
testServerKey = load(newHostKey.toPath()).getPublic(); |
||||||
|
assertTrue(newHostKey.delete()); |
||||||
|
testUserKey = load(privateKey1.getAbsoluteFile().toPath()); |
||||||
|
assertNotNull(testServerKey); |
||||||
|
assertNotNull(testUserKey); |
||||||
|
cloneWith( |
||||||
|
"ssh://" + TEST_USER + "@localhost:" + testPort |
||||||
|
+ "/doesntmatter", |
||||||
|
new File(getTemporaryDirectory(), "cloned"), null, //
|
||||||
|
"Host localhost", //
|
||||||
|
"IdentityFile " |
||||||
|
+ new File(sshDir, "does_not_exist").getAbsolutePath()); |
||||||
|
} |
||||||
|
|
||||||
|
} |
@ -0,0 +1,182 @@ |
|||||||
|
/* |
||||||
|
* Copyright (C) 2019 Thomas Wolf <thomas.wolf@paranor.ch> |
||||||
|
* and other copyright owners as documented in the project's IP log. |
||||||
|
* |
||||||
|
* This program and the accompanying materials are made available |
||||||
|
* under the terms of the Eclipse Distribution License v1.0 which |
||||||
|
* accompanies this distribution, is reproduced below, and is |
||||||
|
* available at http://www.eclipse.org/org/documents/edl-v10.php
|
||||||
|
* |
||||||
|
* All rights reserved. |
||||||
|
* |
||||||
|
* Redistribution and use in source and binary forms, with or |
||||||
|
* without modification, are permitted provided that the following |
||||||
|
* conditions are met: |
||||||
|
* |
||||||
|
* - Redistributions of source code must retain the above copyright |
||||||
|
* notice, this list of conditions and the following disclaimer. |
||||||
|
* |
||||||
|
* - Redistributions in binary form must reproduce the above |
||||||
|
* copyright notice, this list of conditions and the following |
||||||
|
* disclaimer in the documentation and/or other materials provided |
||||||
|
* with the distribution. |
||||||
|
* |
||||||
|
* - Neither the name of the Eclipse Foundation, Inc. nor the |
||||||
|
* names of its contributors may be used to endorse or promote |
||||||
|
* products derived from this software without specific prior |
||||||
|
* written permission. |
||||||
|
* |
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND |
||||||
|
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, |
||||||
|
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
||||||
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR |
||||||
|
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
||||||
|
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF |
||||||
|
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
||||||
|
*/ |
||||||
|
package org.eclipse.jgit.internal.transport.sshd; |
||||||
|
|
||||||
|
import java.net.InetSocketAddress; |
||||||
|
import java.net.SocketAddress; |
||||||
|
import java.security.PublicKey; |
||||||
|
import java.util.Collections; |
||||||
|
import java.util.List; |
||||||
|
import java.util.Locale; |
||||||
|
|
||||||
|
import org.apache.sshd.client.config.hosts.HostConfigEntry; |
||||||
|
import org.apache.sshd.client.config.hosts.KnownHostHashValue; |
||||||
|
import org.apache.sshd.client.keyverifier.ServerKeyVerifier; |
||||||
|
import org.apache.sshd.client.session.ClientSession; |
||||||
|
import org.apache.sshd.common.util.net.SshdSocketAddress; |
||||||
|
import org.eclipse.jgit.annotations.NonNull; |
||||||
|
import org.eclipse.jgit.transport.CredentialsProvider; |
||||||
|
import org.eclipse.jgit.transport.SshConstants; |
||||||
|
import org.eclipse.jgit.transport.sshd.ServerKeyDatabase; |
||||||
|
import org.slf4j.Logger; |
||||||
|
import org.slf4j.LoggerFactory; |
||||||
|
|
||||||
|
/** |
||||||
|
* A bridge between the {@link ServerKeyVerifier} from Apache MINA sshd and our |
||||||
|
* {@link ServerKeyDatabase}. |
||||||
|
*/ |
||||||
|
public class JGitServerKeyVerifier |
||||||
|
implements ServerKeyVerifier, ServerKeyLookup { |
||||||
|
|
||||||
|
private static final Logger LOG = LoggerFactory |
||||||
|
.getLogger(JGitServerKeyVerifier.class); |
||||||
|
|
||||||
|
private final @NonNull ServerKeyDatabase database; |
||||||
|
|
||||||
|
/** |
||||||
|
* Creates a new {@link JGitServerKeyVerifier} using the given |
||||||
|
* {@link ServerKeyDatabase}. |
||||||
|
* |
||||||
|
* @param database |
||||||
|
* to use |
||||||
|
*/ |
||||||
|
public JGitServerKeyVerifier(@NonNull ServerKeyDatabase database) { |
||||||
|
this.database = database; |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
public List<PublicKey> lookup(ClientSession session, |
||||||
|
SocketAddress remoteAddress) { |
||||||
|
if (!(session instanceof JGitClientSession)) { |
||||||
|
LOG.warn("Internal error: wrong session kind: " //$NON-NLS-1$
|
||||||
|
+ session.getClass().getName()); |
||||||
|
return Collections.emptyList(); |
||||||
|
} |
||||||
|
if (!(remoteAddress instanceof InetSocketAddress)) { |
||||||
|
return Collections.emptyList(); |
||||||
|
} |
||||||
|
SessionConfig config = new SessionConfig((JGitClientSession) session); |
||||||
|
SshdSocketAddress connectAddress = SshdSocketAddress |
||||||
|
.toSshdSocketAddress(session.getConnectAddress()); |
||||||
|
String connect = KnownHostHashValue.createHostPattern( |
||||||
|
connectAddress.getHostName(), connectAddress.getPort()); |
||||||
|
return database.lookup(connect, (InetSocketAddress) remoteAddress, |
||||||
|
config); |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
public boolean verifyServerKey(ClientSession session, |
||||||
|
SocketAddress remoteAddress, PublicKey serverKey) { |
||||||
|
if (!(session instanceof JGitClientSession)) { |
||||||
|
LOG.warn("Internal error: wrong session kind: " //$NON-NLS-1$
|
||||||
|
+ session.getClass().getName()); |
||||||
|
return false; |
||||||
|
} |
||||||
|
if (!(remoteAddress instanceof InetSocketAddress)) { |
||||||
|
return false; |
||||||
|
} |
||||||
|
SessionConfig config = new SessionConfig((JGitClientSession) session); |
||||||
|
SshdSocketAddress connectAddress = SshdSocketAddress |
||||||
|
.toSshdSocketAddress(session.getConnectAddress()); |
||||||
|
String connect = KnownHostHashValue.createHostPattern( |
||||||
|
connectAddress.getHostName(), connectAddress.getPort()); |
||||||
|
CredentialsProvider provider = ((JGitClientSession) session) |
||||||
|
.getCredentialsProvider(); |
||||||
|
return database.accept(connect, (InetSocketAddress) remoteAddress, |
||||||
|
serverKey, config, provider); |
||||||
|
} |
||||||
|
|
||||||
|
private static class SessionConfig |
||||||
|
implements ServerKeyDatabase.Configuration { |
||||||
|
|
||||||
|
private final JGitClientSession session; |
||||||
|
|
||||||
|
public SessionConfig(JGitClientSession session) { |
||||||
|
this.session = session; |
||||||
|
} |
||||||
|
|
||||||
|
private List<String> get(String key) { |
||||||
|
HostConfigEntry entry = session.getHostConfigEntry(); |
||||||
|
if (entry instanceof JGitHostConfigEntry) { |
||||||
|
// Always true!
|
||||||
|
return ((JGitHostConfigEntry) entry).getMultiValuedOptions() |
||||||
|
.get(key); |
||||||
|
} |
||||||
|
return Collections.emptyList(); |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
public List<String> getUserKnownHostsFiles() { |
||||||
|
return get(SshConstants.USER_KNOWN_HOSTS_FILE); |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
public List<String> getGlobalKnownHostsFiles() { |
||||||
|
return get(SshConstants.GLOBAL_KNOWN_HOSTS_FILE); |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
public StrictHostKeyChecking getStrictHostKeyChecking() { |
||||||
|
HostConfigEntry entry = session.getHostConfigEntry(); |
||||||
|
String value = entry |
||||||
|
.getProperty(SshConstants.STRICT_HOST_KEY_CHECKING, "ask"); //$NON-NLS-1$
|
||||||
|
switch (value.toLowerCase(Locale.ROOT)) { |
||||||
|
case SshConstants.YES: |
||||||
|
case SshConstants.ON: |
||||||
|
return StrictHostKeyChecking.REQUIRE_MATCH; |
||||||
|
case SshConstants.NO: |
||||||
|
case SshConstants.OFF: |
||||||
|
return StrictHostKeyChecking.ACCEPT_ANY; |
||||||
|
case "accept-new": //$NON-NLS-1$
|
||||||
|
return StrictHostKeyChecking.ACCEPT_NEW; |
||||||
|
default: |
||||||
|
return StrictHostKeyChecking.ASK; |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
@Override |
||||||
|
public String getUsername() { |
||||||
|
return session.getUsername(); |
||||||
|
} |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,169 @@ |
|||||||
|
/* |
||||||
|
* Copyright (C) 2019 Thomas Wolf <thomas.wolf@paranor.ch> |
||||||
|
* and other copyright owners as documented in the project's IP log. |
||||||
|
* |
||||||
|
* This program and the accompanying materials are made available |
||||||
|
* under the terms of the Eclipse Distribution License v1.0 which |
||||||
|
* accompanies this distribution, is reproduced below, and is |
||||||
|
* available at http://www.eclipse.org/org/documents/edl-v10.php
|
||||||
|
* |
||||||
|
* All rights reserved. |
||||||
|
* |
||||||
|
* Redistribution and use in source and binary forms, with or |
||||||
|
* without modification, are permitted provided that the following |
||||||
|
* conditions are met: |
||||||
|
* |
||||||
|
* - Redistributions of source code must retain the above copyright |
||||||
|
* notice, this list of conditions and the following disclaimer. |
||||||
|
* |
||||||
|
* - Redistributions in binary form must reproduce the above |
||||||
|
* copyright notice, this list of conditions and the following |
||||||
|
* disclaimer in the documentation and/or other materials provided |
||||||
|
* with the distribution. |
||||||
|
* |
||||||
|
* - Neither the name of the Eclipse Foundation, Inc. nor the |
||||||
|
* names of its contributors may be used to endorse or promote |
||||||
|
* products derived from this software without specific prior |
||||||
|
* written permission. |
||||||
|
* |
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND |
||||||
|
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, |
||||||
|
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
||||||
|
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR |
||||||
|
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
||||||
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
||||||
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
||||||
|
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
||||||
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
||||||
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF |
||||||
|
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
||||||
|
*/ |
||||||
|
package org.eclipse.jgit.transport.sshd; |
||||||
|
|
||||||
|
import java.net.InetSocketAddress; |
||||||
|
import java.security.PublicKey; |
||||||
|
import java.util.List; |
||||||
|
|
||||||
|
import org.eclipse.jgit.annotations.NonNull; |
||||||
|
import org.eclipse.jgit.transport.CredentialsProvider; |
||||||
|
|
||||||
|
/** |
||||||
|
* An interface for a database of known server keys, supporting finding all |
||||||
|
* known keys and also deciding whether a server key is to be accepted. |
||||||
|
* <p> |
||||||
|
* Connection addresses are given as strings of the format |
||||||
|
* {@code [hostName]:port} if using a non-standard port (i.e., not port 22), |
||||||
|
* otherwise just {@code hostname}. |
||||||
|
* </p> |
||||||
|
* |
||||||
|
* @since 5.5 |
||||||
|
*/ |
||||||
|
public interface ServerKeyDatabase { |
||||||
|
|
||||||
|
/** |
||||||
|
* Retrieves all known host keys for the given addresses. |
||||||
|
* |
||||||
|
* @param connectAddress |
||||||
|
* IP address the session tried to connect to |
||||||
|
* @param remoteAddress |
||||||
|
* IP address as reported for the remote end point |
||||||
|
* @param config |
||||||
|
* giving access to potentially interesting configuration |
||||||
|
* settings |
||||||
|
* @return the list of known keys for the given addresses |
||||||
|
*/ |
||||||
|
@NonNull |
||||||
|
List<PublicKey> lookup(@NonNull String connectAddress, |
||||||
|
@NonNull InetSocketAddress remoteAddress, |
||||||
|
@NonNull Configuration config); |
||||||
|
|
||||||
|
/** |
||||||
|
* Determines whether to accept a received server host key. |
||||||
|
* |
||||||
|
* @param connectAddress |
||||||
|
* IP address the session tried to connect to |
||||||
|
* @param remoteAddress |
||||||
|
* IP address as reported for the remote end point |
||||||
|
* @param serverKey |
||||||
|
* received from the remote end |
||||||
|
* @param config |
||||||
|
* giving access to potentially interesting configuration |
||||||
|
* settings |
||||||
|
* @param provider |
||||||
|
* for interacting with the user, if required; may be |
||||||
|
* {@code null} |
||||||
|
* @return {@code true} if the serverKey is accepted, {@code false} |
||||||
|
* otherwise |
||||||
|
*/ |
||||||
|
boolean accept(@NonNull String connectAddress, |
||||||
|
@NonNull InetSocketAddress remoteAddress, |
||||||
|
@NonNull PublicKey serverKey, |
||||||
|
@NonNull Configuration config, CredentialsProvider provider); |
||||||
|
|
||||||
|
/** |
||||||
|
* A simple provider for ssh config settings related to host key checking. |
||||||
|
* An instance is created by the JGit sshd framework and passed into |
||||||
|
* {@link ServerKeyDatabase#lookup(String, InetSocketAddress, Configuration)} |
||||||
|
* and |
||||||
|
* {@link ServerKeyDatabase#accept(String, InetSocketAddress, PublicKey, Configuration, CredentialsProvider)}. |
||||||
|
*/ |
||||||
|
interface Configuration { |
||||||
|
|
||||||
|
/** |
||||||
|
* Retrieves the list of file names from the "UserKnownHostsFile" ssh |
||||||
|
* config. |
||||||
|
* |
||||||
|
* @return the list as configured, with ~ already replaced |
||||||
|
*/ |
||||||
|
List<String> getUserKnownHostsFiles(); |
||||||
|
|
||||||
|
/** |
||||||
|
* Retrieves the list of file names from the "GlobalKnownHostsFile" ssh |
||||||
|
* config. |
||||||
|
* |
||||||
|
* @return the list as configured, with ~ already replaced |
||||||
|
*/ |
||||||
|
List<String> getGlobalKnownHostsFiles(); |
||||||
|
|
||||||
|
/** |
||||||
|
* The possible values for the "StrictHostKeyChecking" ssh config. |
||||||
|
*/ |
||||||
|
enum StrictHostKeyChecking { |
||||||
|
/** |
||||||
|
* "ask"; default: ask the user whether to accept (and store) a new |
||||||
|
* or mismatched key. |
||||||
|
*/ |
||||||
|
ASK, |
||||||
|
/** |
||||||
|
* "yes", "on": never accept new or mismatched keys. |
||||||
|
*/ |
||||||
|
REQUIRE_MATCH, |
||||||
|
/** |
||||||
|
* "no", "off": always accept new or mismatched keys. |
||||||
|
*/ |
||||||
|
ACCEPT_ANY, |
||||||
|
/** |
||||||
|
* "accept-new": accept new keys, but never accept modified keys. |
||||||
|
*/ |
||||||
|
ACCEPT_NEW |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* Obtains the value of the "StrictHostKeyChecking" ssh config. |
||||||
|
* |
||||||
|
* @return the {@link StrictHostKeyChecking} |
||||||
|
*/ |
||||||
|
@NonNull |
||||||
|
StrictHostKeyChecking getStrictHostKeyChecking(); |
||||||
|
|
||||||
|
/** |
||||||
|
* Obtains the user name used in the connection attempt. |
||||||
|
* |
||||||
|
* @return the user name |
||||||
|
*/ |
||||||
|
@NonNull |
||||||
|
String getUsername(); |
||||||
|
} |
||||||
|
} |
Loading…
Reference in new issue