You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by jb...@apache.org on 2020/08/25 13:55:43 UTC
[karaf] branch karaf-4.2.x updated: [KARAF-5823] Upgrade to sshd
2.5.1
This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch karaf-4.2.x
in repository https://gitbox.apache.org/repos/asf/karaf.git
The following commit(s) were added to refs/heads/karaf-4.2.x by this push:
new cb7b491 [KARAF-5823] Upgrade to sshd 2.5.1
cb7b491 is described below
commit cb7b491947a1cd8313a97c63f51b0294481b0512
Author: Jean-Baptiste Onofré <jb...@apache.org>
AuthorDate: Mon Jan 13 18:23:29 2020 +0100
[KARAF-5823] Upgrade to sshd 2.5.1
(cherry picked from commit e38f1a4d8cc6173d3052b2897b7d18e78317d7ba)
---
.../main/filtered-resources/resources/bin/client | 4 +-
.../filtered-resources/resources/bin/client.bat | 4 +-
assemblies/features/standard/pom.xml | 12 +++-
.../features/standard/src/main/feature/feature.xml | 6 +-
client/pom.xml | 2 +-
.../main/java/org/apache/karaf/client/Main.java | 8 +--
.../src/test/filtered-resources/etc/feature.xml | 6 +-
jaas/modules/pom.xml | 2 +-
.../jaas/modules/NamePubkeyCallbackHandler.java | 7 ++-
pom.xml | 14 ++++-
shell/console/pom.xml | 2 +-
shell/core/pom.xml | 2 +-
shell/ssh/pom.xml | 16 +++--
.../java/org/apache/karaf/shell/ssh/Activator.java | 4 +-
.../apache/karaf/shell/ssh/KarafAgentFactory.java | 3 +-
.../org/apache/karaf/shell/ssh/ShellCommand.java | 20 +++---
.../apache/karaf/shell/ssh/ShellFactoryImpl.java | 65 ++++++++-----------
.../java/org/apache/karaf/shell/ssh/SshAction.java | 2 +-
.../org/apache/karaf/shell/ssh/SshTerminal.java | 2 +-
.../java/org/apache/karaf/shell/ssh/SshUtils.java | 28 +++++++--
.../karaf/shell/ssh/UserAuthFactoriesFactory.java | 7 +--
.../ssh/keygenerator/OpenSSHKeyPairProvider.java | 4 +-
.../shell/ssh/KarafJaasAuthenticatorTest.java | 72 +++++++++++++++++++++-
.../org/apache/karaf/shell/ssh/SshUtilsTest.java | 5 +-
.../OpenSSHGeneratorKeyFileProviderTest.java | 13 ++--
.../apache/karaf/tooling/client/ClientMojo.java | 2 +-
.../apache/karaf/tooling/client/DeployMojo.java | 2 +-
27 files changed, 215 insertions(+), 99 deletions(-)
diff --git a/assemblies/features/base/src/main/filtered-resources/resources/bin/client b/assemblies/features/base/src/main/filtered-resources/resources/bin/client
index f258a4c..14a0935 100755
--- a/assemblies/features/base/src/main/filtered-resources/resources/bin/client
+++ b/assemblies/features/base/src/main/filtered-resources/resources/bin/client
@@ -79,7 +79,9 @@ fi
setupClassPath() {
# Add the jars in the lib dir
CLASSPATH="${KARAF_HOME}/system/org/apache/karaf/org.apache.karaf.client/@@project.version@@/org.apache.karaf.client-@@project.version@@.jar"
- CLASSPATH="${CLASSPATH}:${KARAF_HOME}/system/org/apache/sshd/sshd-core/@@sshd.version@@/sshd-core-@@sshd.version@@.jar"
+ CLASSPATH="${CLASSPATH}:${KARAF_HOME}/system/org/apache/sshd/sshd-osgi/@@sshd.version@@/sshd-osgi-@@sshd.version@@.jar"
+ CLASSPATH="${CLASSPATH}:${KARAF_HOME}/system/org/apache/sshd/sshd-scp/@@sshd.version@@/sshd-scp-@@sshd.version@@.jar"
+ CLASSPATH="${CLASSPATH}:${KARAF_HOME}/system/org/apache/sshd/sshd-sftp/@@sshd.version@@/sshd-sftp-@@sshd.version@@.jar"
CLASSPATH="${CLASSPATH}:${KARAF_HOME}/system/org/fusesource/jansi/jansi/@@jansi.version@@/jansi-@@jansi.version@@.jar"
CLASSPATH="${CLASSPATH}:${KARAF_HOME}/system/org/jline/jline/@@jline.version@@/jline-@@jline.version@@.jar"
}
diff --git a/assemblies/features/base/src/main/filtered-resources/resources/bin/client.bat b/assemblies/features/base/src/main/filtered-resources/resources/bin/client.bat
index 412eb58..cbbddb0 100644
--- a/assemblies/features/base/src/main/filtered-resources/resources/bin/client.bat
+++ b/assemblies/features/base/src/main/filtered-resources/resources/bin/client.bat
@@ -215,7 +215,9 @@ if "%EXTRA_JAVA_OPTS%" == "" goto :KARAF_EXTRA_JAVA_OPTS_END
:KARAF_EXTRA_JAVA_OPTS_END
set CLASSPATH=%KARAF_HOME%\system\org\apache\karaf\org.apache.karaf.client\@@project.version@@\org.apache.karaf.client-@@project.version@@.jar
-set CLASSPATH=%CLASSPATH%;%KARAF_HOME%\system\org\apache\sshd\sshd-core\@@sshd.version@@\sshd-core-@@sshd.version@@.jar
+set CLASSPATH=%CLASSPATH%;%KARAF_HOME%\system\org\apache\sshd\sshd-osgi\@@sshd.version@@\sshd-osgi-@@sshd.version@@.jar
+set CLASSPATH=%CLASSPATH%;%KARAF_HOME%\system\org\apache\sshd\sshd-scp\@@sshd.version@@\sshd-scp-@@sshd.version@@.jar
+set CLASSPATH=%CLASSPATH%;%KARAF_HOME%\system\org\apache\sshd\sshd-sftp\@@sshd.version@@\sshd-sftp-@@sshd.version@@.jar
set CLASSPATH=%CLASSPATH%;%KARAF_HOME%\system\org\jline\jline\@@jline.version@@\jline-@@jline.version@@.jar
set CLASSPATH=%CLASSPATH%;%KARAF_HOME%\system\org\fusesource\jansi\jansi\@@jansi.version@@\jansi-@@jansi.version@@.jar
diff --git a/assemblies/features/standard/pom.xml b/assemblies/features/standard/pom.xml
index 739a710..cb01a0a 100644
--- a/assemblies/features/standard/pom.xml
+++ b/assemblies/features/standard/pom.xml
@@ -311,7 +311,17 @@
<!-- ssh deps -->
<dependency>
<groupId>org.apache.sshd</groupId>
- <artifactId>sshd-core</artifactId>
+ <artifactId>sshd-osgi</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-scp</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-sftp</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
diff --git a/assemblies/features/standard/src/main/feature/feature.xml b/assemblies/features/standard/src/main/feature/feature.xml
index 7e7c4be..b30a0c2 100644
--- a/assemblies/features/standard/src/main/feature/feature.xml
+++ b/assemblies/features/standard/src/main/feature/feature.xml
@@ -1020,8 +1020,12 @@ role=admin
<feature name="ssh" description="Provide a SSHd server on Karaf" version="${project.version}">
<feature>shell</feature>
<feature>jaas</feature>
- <bundle start-level="30">mvn:org.apache.sshd/sshd-core/${sshd.version}</bundle>
+ <bundle start-level="30">mvn:org.apache.sshd/sshd-osgi/${sshd.version}</bundle>
+ <bundle start-level="30">mvn:org.apache.sshd/sshd-scp/${sshd.version}</bundle>
+ <bundle start-level="30">mvn:org.apache.sshd/sshd-sftp/${sshd.version}</bundle>
<bundle start-level="30">mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.not-yet-commons-ssl/0.3.11_1</bundle>
+ <bundle start-level="30">mvn:org.bouncycastle/bcprov-jdk15on/1.62</bundle>
+ <bundle start-level="30">mvn:org.bouncycastle/bcpkix-jdk15on/1.62</bundle>
<bundle start-level="30">mvn:org.apache.karaf.shell/org.apache.karaf.shell.ssh/${project.version}</bundle>
</feature>
diff --git a/client/pom.xml b/client/pom.xml
index e9f4cf6..b24bb22 100644
--- a/client/pom.xml
+++ b/client/pom.xml
@@ -44,7 +44,7 @@
</dependency>
<dependency>
<groupId>org.apache.sshd</groupId>
- <artifactId>sshd-core</artifactId>
+ <artifactId>sshd-osgi</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
diff --git a/client/src/main/java/org/apache/karaf/client/Main.java b/client/src/main/java/org/apache/karaf/client/Main.java
index fdcd5d8..eb8ea71 100644
--- a/client/src/main/java/org/apache/karaf/client/Main.java
+++ b/client/src/main/java/org/apache/karaf/client/Main.java
@@ -99,7 +99,7 @@ public class Main {
FilePasswordProvider passwordProvider = null;
final Console console = System.console();
if (console != null) {
- passwordProvider = resourceKey -> {
+ passwordProvider = (session, resourceKey, retryIndex) -> {
char[] pwd = console.readPassword("Enter password for " + resourceKey + ": ");
return new String(pwd);
};
@@ -167,7 +167,7 @@ public class Main {
client.getProperties().put(ClientFactoryManager.NIO2_READ_TIMEOUT, String.valueOf(config.getIdleTimeout()));
// TODO: remove the line below when SSHD-732 is fixed
- client.setKeyPairProvider(new FileKeyPairProvider());
+ // client.setKeyPairProvider(new FileKeyPairProvider());
client.start();
ClientSession session = connectWithRetries(client, config);
if (config.getPassword() != null) {
@@ -394,8 +394,8 @@ public class Main {
if (keyFile != null) {
FileKeyPairProvider fileKeyPairProvider = new FileKeyPairProvider(Paths.get(keyFile));
fileKeyPairProvider.setPasswordFinder(passwordProvider);
- for (KeyPair key : fileKeyPairProvider.loadKeys()) {
- agent.addIdentity(key, user);
+ for (KeyPair key : fileKeyPairProvider.loadKeys(null)) {
+ agent.addIdentity(key, user);
}
}
return agent;
diff --git a/itests/test/src/test/filtered-resources/etc/feature.xml b/itests/test/src/test/filtered-resources/etc/feature.xml
index ea38e89..3550e5f 100644
--- a/itests/test/src/test/filtered-resources/etc/feature.xml
+++ b/itests/test/src/test/filtered-resources/etc/feature.xml
@@ -680,8 +680,12 @@
<feature name="ssh" description="Provide a SSHd server on Karaf" version="${project.version}">
<feature>shell</feature>
<feature>jaas</feature>
- <bundle start="true" start-level="30">mvn:org.apache.sshd/sshd-core/${sshd.version}</bundle>
+ <bundle start="true" start-level="30">mvn:org.apache.sshd/sshd-osgi/${sshd.version}</bundle>
+ <bundle start="true" start-level="30">mvn:org.apache.sshd/sshd-scp/${sshd.version}</bundle>
+ <bundle start="true" start-level="30">mvn:org.apache.sshd/sshd-sftp/${sshd.version}</bundle>
<bundle start="true" start-level="30">mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.not-yet-commons-ssl/0.3.11_1</bundle>
+ <bundle start="true" start-level="30">mvn:org.bouncycastle/bcprov-jdk15on/1.62</bundle>
+ <bundle start="true" start-level="30">mvn:org.bouncycastle/bcpkix-jdk15on/1.62</bundle>
<bundle start="true" start-level="30">mvn:org.apache.karaf.shell/org.apache.karaf.shell.ssh/${project.version}</bundle>
</feature>
diff --git a/jaas/modules/pom.xml b/jaas/modules/pom.xml
index 939b25b..97259cb 100644
--- a/jaas/modules/pom.xml
+++ b/jaas/modules/pom.xml
@@ -117,7 +117,7 @@
</dependency>
<dependency>
<groupId>org.apache.sshd</groupId>
- <artifactId>sshd-core</artifactId>
+ <artifactId>sshd-osgi</artifactId>
<scope>test</scope>
</dependency>
<dependency>
diff --git a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/NamePubkeyCallbackHandler.java b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/NamePubkeyCallbackHandler.java
index f85b271..97aa624 100644
--- a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/NamePubkeyCallbackHandler.java
+++ b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/NamePubkeyCallbackHandler.java
@@ -18,6 +18,7 @@ import java.io.IOException;
import java.nio.file.Path;
import java.security.KeyPair;
import java.security.PublicKey;
+import java.util.Iterator;
import java.util.Objects;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@@ -43,11 +44,11 @@ public class NamePubkeyCallbackHandler implements CallbackHandler {
this.name = Objects.requireNonNull(name);
FileKeyPairProvider provider = new FileKeyPairProvider(publicKeyFile);
- Iterable<KeyPair> keys = provider.loadKeys();
- if (!keys.iterator().hasNext()) {
+ Iterator<KeyPair> keys = provider.loadKeys(null).iterator();
+ if (!keys.hasNext()) {
throw new IOException("no public keys loaded");
}
- this.publicKey = keys.iterator().next().getPublic();
+ this.publicKey = keys.next().getPublic();
}
@Override
diff --git a/pom.xml b/pom.xml
index f48d1a1..ff4252d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -308,7 +308,7 @@
<spring.security51.version>5.1.5.RELEASE_1</spring.security51.version>
<spring.security53.version>5.3.1.RELEASE_1</spring.security53.version>
- <sshd.version>1.7.0</sshd.version>
+ <sshd.version>2.5.1</sshd.version>
<derby-version>10.14.2.0</derby-version>
<directory-version>2.0.0-M24</directory-version>
<struts.bundle.version>1.3.10_1</struts.bundle.version>
@@ -1416,7 +1416,17 @@
</dependency>
<dependency>
<groupId>org.apache.sshd</groupId>
- <artifactId>sshd-core</artifactId>
+ <artifactId>sshd-osgi</artifactId>
+ <version>${sshd.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-scp</artifactId>
+ <version>${sshd.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-sftp</artifactId>
<version>${sshd.version}</version>
</dependency>
<dependency>
diff --git a/shell/console/pom.xml b/shell/console/pom.xml
index 5d9c07a..3864c47 100644
--- a/shell/console/pom.xml
+++ b/shell/console/pom.xml
@@ -101,7 +101,7 @@
</dependency>
<dependency>
<groupId>org.apache.sshd</groupId>
- <artifactId>sshd-core</artifactId>
+ <artifactId>sshd-osgi</artifactId>
</dependency>
</dependencies>
diff --git a/shell/core/pom.xml b/shell/core/pom.xml
index 4abfb2d..a589a43 100644
--- a/shell/core/pom.xml
+++ b/shell/core/pom.xml
@@ -84,7 +84,7 @@
</dependency>
<dependency>
<groupId>org.apache.sshd</groupId>
- <artifactId>sshd-core</artifactId>
+ <artifactId>sshd-osgi</artifactId>
</dependency>
<dependency>
<groupId>org.apache.karaf.service</groupId>
diff --git a/shell/ssh/pom.xml b/shell/ssh/pom.xml
index a54698d..9718919 100644
--- a/shell/ssh/pom.xml
+++ b/shell/ssh/pom.xml
@@ -71,7 +71,15 @@
<dependency>
<groupId>org.apache.sshd</groupId>
- <artifactId>sshd-core</artifactId>
+ <artifactId>sshd-osgi</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-sftp</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-scp</artifactId>
</dependency>
<dependency>
@@ -104,9 +112,9 @@
</dependency>
<dependency>
- <groupId>org.apache.mina</groupId>
- <artifactId>mina-core</artifactId>
- <version>2.0.15</version>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-mina</artifactId>
+ <version>${sshd.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/Activator.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/Activator.java
index 7fbc129..a67f371 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/Activator.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/Activator.java
@@ -185,11 +185,11 @@ public class Activator extends BaseActivator implements ManagedService {
server.setShellFactory(new ShellFactoryImpl(sessionFactory));
if (sftpEnabled) {
- server.setCommandFactory(new ScpCommandFactory.Builder().withDelegate(cmd -> new ShellCommand(sessionFactory, cmd)).build());
+ server.setCommandFactory(new ScpCommandFactory.Builder().withDelegate((channel, cmd) -> new ShellCommand(sessionFactory, cmd)).build());
server.setSubsystemFactories(Collections.singletonList(new SftpSubsystemFactory()));
server.setFileSystemFactory(new VirtualFileSystemFactory(Paths.get(System.getProperty("karaf.base"))));
} else {
- server.setCommandFactory(cmd -> new ShellCommand(sessionFactory, cmd));
+ server.setCommandFactory((channel, cmd) -> new ShellCommand(sessionFactory, cmd));
}
server.setKeyPairProvider(keyPairProvider);
server.setPasswordAuthenticator(authenticator);
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafAgentFactory.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafAgentFactory.java
index 0f3e4e4..dcb1e9c 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafAgentFactory.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafAgentFactory.java
@@ -37,6 +37,7 @@ import org.apache.sshd.agent.local.LocalAgentFactory;
import org.apache.sshd.common.FactoryManager;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.channel.Channel;
+import org.apache.sshd.common.channel.ChannelFactory;
import org.apache.sshd.common.session.ConnectionService;
import org.apache.sshd.common.session.Session;
import org.apache.sshd.server.session.ServerSession;
@@ -57,7 +58,7 @@ public class KarafAgentFactory implements SshAgentFactory {
}
@Override
- public List<NamedFactory<Channel>> getChannelForwardingFactories(FactoryManager factoryManager) {
+ public List<ChannelFactory> getChannelForwardingFactories(FactoryManager factoryManager) {
return LocalAgentFactory.DEFAULT_FORWARDING_CHANNELS;
}
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellCommand.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellCommand.java
index d72a278..55edafc 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellCommand.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellCommand.java
@@ -36,15 +36,15 @@ import org.apache.karaf.shell.support.ShellUtil;
import org.apache.karaf.util.StreamUtils;
import org.apache.karaf.util.filesstream.FilesStream;
import org.apache.karaf.util.jaas.JaasHelper;
-import org.apache.sshd.server.Command;
import org.apache.sshd.server.Environment;
import org.apache.sshd.server.ExitCallback;
-import org.apache.sshd.server.SessionAware;
+import org.apache.sshd.server.channel.ChannelSession;
+import org.apache.sshd.server.command.Command;
import org.apache.sshd.server.session.ServerSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-public class ShellCommand implements Command, SessionAware {
+public class ShellCommand implements Command {
public static final String SHELL_INIT_SCRIPT = "karaf.shell.init.script";
public static final String EXEC_INIT_SCRIPT = "karaf.exec.init.script";
@@ -87,12 +87,10 @@ public class ShellCommand implements Command, SessionAware {
this.callback = callback;
}
- public void setSession(ServerSession session) {
- this.session = session;
- }
-
- public void start(final Environment env) throws IOException {
- this.env = env;
+ @Override
+ public void start(ChannelSession channelSession, Environment environment) throws IOException {
+ this.session = channelSession.getServerSession();
+ this.env = environment;
new Thread(this::run).start();
}
@@ -150,7 +148,9 @@ public class ShellCommand implements Command, SessionAware {
}
}
- public void destroy() {
+ @Override
+ public void destroy(ChannelSession channelSession) throws Exception {
+
}
private void executeScript(String names, Session session) {
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellFactoryImpl.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellFactoryImpl.java
index 4ee0b32..4a69cb4 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellFactoryImpl.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/ShellFactoryImpl.java
@@ -32,29 +32,31 @@ import org.apache.karaf.shell.api.console.Session;
import org.apache.karaf.shell.api.console.SessionFactory;
import org.apache.karaf.shell.support.ShellUtil;
import org.apache.karaf.util.jaas.JaasHelper;
-import org.apache.sshd.common.Factory;
-import org.apache.sshd.server.Command;
import org.apache.sshd.server.Environment;
import org.apache.sshd.server.ExitCallback;
-import org.apache.sshd.server.SessionAware;
+import org.apache.sshd.server.channel.ChannelSession;
+import org.apache.sshd.server.command.Command;
import org.apache.sshd.server.session.ServerSession;
+import org.apache.sshd.server.shell.ShellFactory;
/**
- * SSHD {@link org.apache.sshd.server.Command} factory which provides access to
+ * SSHD {@link org.apache.sshd.server.command.Command} factory which provides access to
* Shell.
*/
-public class ShellFactoryImpl implements Factory<Command> {
+public class ShellFactoryImpl implements ShellFactory {
+
private SessionFactory sessionFactory;
public ShellFactoryImpl(SessionFactory sessionFactory) {
this.sessionFactory = sessionFactory;
}
- public Command create() {
+ @Override
+ public Command createShell(ChannelSession channelSession) {
return new ShellImpl();
}
- public class ShellImpl implements Command, SessionAware {
+ public class ShellImpl implements Command {
private InputStream in;
private OutputStream out;
@@ -71,42 +73,43 @@ public class ShellFactoryImpl implements Factory<Command> {
private boolean closed;
+ @Override
public void setInputStream(final InputStream in) {
this.in = in;
}
+ @Override
public void setOutputStream(final OutputStream out) {
this.out = out;
}
+ @Override
public void setErrorStream(final OutputStream err) {
this.err = err;
}
+ @Override
public void setExitCallback(ExitCallback callback) {
this.callback = callback;
}
- public void setSession(ServerSession session) {
- this.session = session;
- }
-
- public void start(final Environment env) throws IOException {
+ @Override
+ public void start(ChannelSession channelSession, Environment environment) throws IOException {
+ this.session = channelSession.getServerSession();
try {
- final Subject subject = ShellImpl.this.session != null ? ShellImpl.this.session
- .getAttribute(KarafJaasAuthenticator.SUBJECT_ATTRIBUTE_KEY) : null;
- String encoding = getEncoding(env);
- terminal = new SshTerminal(env, in, out, encoding);
+ final Subject subject = session.getAttribute(KarafJaasAuthenticator.SUBJECT_ATTRIBUTE_KEY);
+ String encoding = getEncoding(environment);
+ terminal = new SshTerminal(environment, in, out, encoding);
final PrintStream pout = new PrintStream(terminal.output(), true, encoding);
final PrintStream perr = err instanceof PrintStream ?
(PrintStream) err : out == err ? pout : new PrintStream(err, true, encoding);
shell = sessionFactory.create(in, pout,
perr, terminal, encoding, this::destroy);
- for (Map.Entry<String, String> e : env.getEnv().entrySet()) {
+ for (Map.Entry<String, String> e : environment.getEnv().entrySet()) {
shell.put(e.getKey(), e.getValue());
}
JaasHelper.runAs(subject, () ->
- new Thread(shell, "Karaf ssh console user " + ShellUtil.getCurrentUserName()).start());
+ new Thread(shell, "Karaf ssh console user " + ShellUtil.getCurrentUserName()).start());
} catch (Exception e) {
throw new IOException("Unable to start shell", e);
}
@@ -115,12 +118,14 @@ public class ShellFactoryImpl implements Factory<Command> {
public void destroy() {
if (!closed) {
closed = true;
- flush(out, err);
- close(in, out, err);
callback.onExit(0);
}
}
+ @Override
+ public void destroy(ChannelSession channelSession) {
+ destroy();
+ }
}
/**
@@ -158,24 +163,4 @@ public class ShellFactoryImpl implements Factory<Command> {
return null;
}
- private static void flush(OutputStream... streams) {
- for (OutputStream s : streams) {
- try {
- s.flush();
- } catch (IOException e) {
- // Ignore
- }
- }
- }
-
- private static void close(Closeable... closeables) {
- for (Closeable c : closeables) {
- try {
- c.close();
- } catch (Exception e) {
- // Ignore
- }
- }
- }
-
}
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshAction.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshAction.java
index 28add82..62b5191 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshAction.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshAction.java
@@ -123,7 +123,7 @@ public class SshAction implements Action {
KnownHostsManager knownHostsManager = new KnownHostsManager(new File(System.getProperty("user.home"), ".sshkaraf/known_hosts"));
ServerKeyVerifier serverKeyVerifier = new ServerKeyVerifierImpl(knownHostsManager, quiet);
client.setServerKeyVerifier(serverKeyVerifier);
- client.setKeyPairProvider(new FileKeyPairProvider());
+ client.setKeyIdentityProvider(new FileKeyPairProvider());
log.debug("Created client: {}", client);
client.setUserInteraction(new UserInteraction() {
@Override
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshTerminal.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshTerminal.java
index 62b8728..38c4028 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshTerminal.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshTerminal.java
@@ -135,7 +135,7 @@ public class SshTerminal extends ExternalTerminal implements Terminal {
setSize(new Size(w, h));
}
- protected void handleSignal(org.apache.sshd.server.Signal signal) {
+ protected void handleSignal(org.apache.sshd.common.channel.Channel channel, org.apache.sshd.server.Signal signal) {
if (signal == org.apache.sshd.server.Signal.INT) {
raise(Signal.INT);
} else if (signal == org.apache.sshd.server.Signal.QUIT) {
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshUtils.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshUtils.java
index 5542f08..762bdec 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshUtils.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/SshUtils.java
@@ -22,6 +22,7 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
+import org.apache.sshd.common.kex.KeyExchangeFactory;
import org.apache.sshd.server.ServerBuilder;
import org.apache.sshd.server.SshServer;
import org.apache.sshd.common.NamedFactory;
@@ -57,6 +58,25 @@ public class SshUtils {
return list;
}
+ public static List<KeyExchangeFactory> filter(List<KeyExchangeFactory> factories, String[] names) {
+ List<KeyExchangeFactory> list = new ArrayList<>();
+ for (String name : names) {
+ name = name.trim();
+ boolean found = false;
+ for (KeyExchangeFactory factory : factories) {
+ if (factory.getName().equals(name)) {
+ list.add(factory);
+ found = true;
+ break;
+ }
+ }
+ if (!found) {
+ LOGGER.warn("Configured KeyExchangeFactory '" + name + "' not available");
+ }
+ }
+ return list;
+ }
+
public static List<NamedFactory<Mac>> buildMacs(String[] names) {
return filter(Mac.class, new ServerConfig().getMacFactories(), names);
}
@@ -67,11 +87,11 @@ public class SshUtils {
return filter(Cipher.class, avail, names);
}
- public static List<NamedFactory<KeyExchange>> buildKexAlgorithms(String[] names) {
+ public static List<KeyExchangeFactory> buildKexAlgorithms(String[] names) {
ServerConfig defaults = new ServerConfig();
- List<NamedFactory<KeyExchange>> avail = defaults.getKeyExchangeFactories();
+ List<KeyExchangeFactory> avail = defaults.getKeyExchangeFactories();
- return filter(KeyExchange.class, avail, names);
+ return filter(avail, names);
}
/**
@@ -108,7 +128,7 @@ public class SshUtils {
return null;
}
- public List<NamedFactory<KeyExchange>> getKeyExchangeFactories() {
+ public List<KeyExchangeFactory> getKeyExchangeFactories() {
return keyExchangeFactories;
}
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/UserAuthFactoriesFactory.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/UserAuthFactoriesFactory.java
index 4d59e73..fcd45be 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/UserAuthFactoriesFactory.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/UserAuthFactoriesFactory.java
@@ -23,8 +23,7 @@ import java.util.HashSet;
import java.util.List;
import java.util.Set;
-import org.apache.sshd.common.NamedFactory;
-import org.apache.sshd.server.auth.UserAuth;
+import org.apache.sshd.server.auth.UserAuthFactory;
import org.apache.sshd.server.auth.keyboard.UserAuthKeyboardInteractiveFactory;
import org.apache.sshd.server.auth.password.UserAuthPasswordFactory;
import org.apache.sshd.server.auth.pubkey.UserAuthPublicKeyFactory;
@@ -47,7 +46,7 @@ public class UserAuthFactoriesFactory {
public static final String KEYBOARD_INTERACTIVE_METHOD = "keyboard-interactive";
private Set<String> methodSet;
- private List<NamedFactory<UserAuth>> factories;
+ private List<UserAuthFactory> factories;
public void setAuthMethods(String[] methods) {
this.methodSet = new HashSet<>();
@@ -66,7 +65,7 @@ public class UserAuthFactoriesFactory {
}
}
- public List<NamedFactory<UserAuth>> getFactories() {
+ public List<UserAuthFactory> getFactories() {
return factories;
}
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/keygenerator/OpenSSHKeyPairProvider.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/keygenerator/OpenSSHKeyPairProvider.java
index 9f52b8e..332232a 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/keygenerator/OpenSSHKeyPairProvider.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/keygenerator/OpenSSHKeyPairProvider.java
@@ -41,10 +41,12 @@ import java.util.Base64;
import org.apache.commons.ssl.PKCS8Key;
import org.apache.sshd.common.keyprovider.AbstractKeyPairProvider;
+import org.apache.sshd.common.session.SessionContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class OpenSSHKeyPairProvider extends AbstractKeyPairProvider {
+
private static final Logger LOGGER = LoggerFactory.getLogger(OpenSSHKeyPairProvider.class);
private Path privateKeyPath;
private Path publicKeyPath;
@@ -61,7 +63,7 @@ public class OpenSSHKeyPairProvider extends AbstractKeyPairProvider {
}
@Override
- public synchronized Iterable<KeyPair> loadKeys() {
+ public synchronized Iterable<KeyPair> loadKeys(SessionContext sessionContext) throws IOException, GeneralSecurityException {
if (cachedKey != null) {
return singleton(cachedKey);
}
diff --git a/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticatorTest.java b/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticatorTest.java
index 5d9b450..972f914 100644
--- a/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticatorTest.java
+++ b/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticatorTest.java
@@ -36,10 +36,16 @@ import javax.security.auth.spi.LoginModule;
import org.apache.karaf.jaas.boot.principal.RolePrincipal;
import org.apache.karaf.jaas.boot.principal.UserPrincipal;
+import org.apache.mina.core.service.IoProcessor;
import org.apache.mina.core.session.DummySession;
+import org.apache.mina.core.write.WriteRequest;
+import org.apache.sshd.common.io.IoHandler;
+import org.apache.sshd.common.io.IoSession;
import org.apache.sshd.common.io.mina.MinaConnector;
import org.apache.sshd.common.io.mina.MinaSession;
import org.apache.sshd.common.random.SingletonRandomFactory;
+import org.apache.sshd.common.util.Readable;
+import org.apache.sshd.common.util.net.SshdSocketAddress;
import org.apache.sshd.common.util.security.SecurityUtils;
import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.session.ServerSessionImpl;
@@ -48,6 +54,7 @@ import org.junit.Before;
import org.junit.Test;
public class KarafJaasAuthenticatorTest {
+
private Configuration configuration;
private ServerSessionImpl session;
@@ -63,9 +70,70 @@ public class KarafJaasAuthenticatorTest {
}
});
final SshServer server = new SshServer();
+ IoHandler ioHandler = new IoHandler() {
+ @Override
+ public void sessionCreated(IoSession ioSession) throws Exception {
+
+ }
+
+ @Override
+ public void sessionClosed(IoSession ioSession) throws Exception {
+
+ }
+
+ @Override
+ public void exceptionCaught(IoSession ioSession, Throwable throwable) throws Exception {
+
+ }
+
+ @Override
+ public void messageReceived(IoSession ioSession, Readable readable) throws Exception {
+
+ }
+ };
+ IoProcessor ioProcessor = new IoProcessor() {
+ @Override
+ public boolean isDisposing() {
+ return false;
+ }
+
+ @Override
+ public boolean isDisposed() {
+ return false;
+ }
+
+ @Override
+ public void dispose() {
+
+ }
+
+ @Override
+ public void add(org.apache.mina.core.session.IoSession ioSession) {
+
+ }
+
+ @Override
+ public void flush(org.apache.mina.core.session.IoSession ioSession) {
+
+ }
+
+ @Override
+ public void write(org.apache.mina.core.session.IoSession ioSession, WriteRequest writeRequest) {
+
+ }
+
+ @Override
+ public void updateTrafficControl(org.apache.mina.core.session.IoSession ioSession) {
+
+ }
+
+ @Override
+ public void remove(org.apache.mina.core.session.IoSession ioSession) {
+
+ }
+ };
server.setRandomFactory(new SingletonRandomFactory(SecurityUtils.getRandomFactory()));
- this.session = new ServerSessionImpl(server,
- new MinaSession(new MinaConnector(null, null, null), new DummySession()));
+ this.session = new ServerSessionImpl(server, new MinaSession(new MinaConnector(server, ioHandler, ioProcessor), new DummySession(), SshdSocketAddress.LOCALHOST_ADDRESS));
}
@After
diff --git a/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/SshUtilsTest.java b/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/SshUtilsTest.java
index eda708c..c463b6a 100644
--- a/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/SshUtilsTest.java
+++ b/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/SshUtilsTest.java
@@ -22,6 +22,7 @@ import java.io.IOException;
import java.util.List;
import org.apache.sshd.common.cipher.Cipher;
import org.apache.sshd.common.kex.KeyExchange;
+import org.apache.sshd.common.kex.KeyExchangeFactory;
import org.apache.sshd.common.mac.Mac;
import org.apache.sshd.common.NamedFactory;
@@ -82,12 +83,12 @@ public class SshUtilsTest {
// verify our default configuration...
String kexAlgorithms = "diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1";
- List<NamedFactory<KeyExchange>> list = SshUtils.buildKexAlgorithms(kexAlgorithms.split(","));
+ List<KeyExchangeFactory> list = SshUtils.buildKexAlgorithms(kexAlgorithms.split(","));
// verify that all configured key exchange algorithms are actually resolved...
for (String kex : kexAlgorithms.split(",")) {
boolean found = false;
- for (NamedFactory<KeyExchange> factory : list) {
+ for (KeyExchangeFactory factory : list) {
if (factory.getName().equalsIgnoreCase(kex)) {
found = true;
break;
diff --git a/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/keygenerator/OpenSSHGeneratorKeyFileProviderTest.java b/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/keygenerator/OpenSSHGeneratorKeyFileProviderTest.java
index 8034e9d..30515bc 100644
--- a/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/keygenerator/OpenSSHGeneratorKeyFileProviderTest.java
+++ b/shell/ssh/src/test/java/org/apache/karaf/shell/ssh/keygenerator/OpenSSHGeneratorKeyFileProviderTest.java
@@ -45,10 +45,9 @@ public class OpenSSHGeneratorKeyFileProviderTest {
KeyPair kp = new OpenSSHKeyPairGenerator(KeyUtils.RSA_ALGORITHM, 1024).generate();
new PemWriter(privateKeyTemp.toPath(), publicKeyTemp.toPath()).writeKeyPair(KeyUtils.RSA_ALGORITHM, kp);
- //File path = new File("/home/cschneider/.ssh/id_rsa");
OpenSSHKeyPairProvider prov =
new OpenSSHKeyPairProvider(privateKeyTemp.toPath(), publicKeyTemp.toPath(), KeyUtils.RSA_ALGORITHM, 1024);
- KeyPair keys = prov.loadKeys().iterator().next();
+ KeyPair keys = prov.loadKeys(null).iterator().next();
Assert.assertNotNull(keys);
Assert.assertTrue("Loaded key is not RSA Key", keys.getPrivate() instanceof RSAPrivateCrtKey);
Assert.assertTrue("Loaded key is not RSA Key", keys.getPublic() instanceof RSAPublicKey);
@@ -61,17 +60,17 @@ public class OpenSSHGeneratorKeyFileProviderTest {
File publicKeyTemp = File.createTempFile(this.getClass().getCanonicalName(), ".pub");
publicKeyTemp.deleteOnExit();
- SimpleGeneratorHostKeyProvider simpleGenerator = new SimpleGeneratorHostKeyProvider(privateKeyTemp);
+ SimpleGeneratorHostKeyProvider simpleGenerator = new SimpleGeneratorHostKeyProvider(privateKeyTemp.toPath());
simpleGenerator.setKeySize(2048);
simpleGenerator.setAlgorithm("DSA");
- List<KeyPair> keys = simpleGenerator.loadKeys();
+ List<KeyPair> keys = simpleGenerator.loadKeys(null);
KeyPair simpleKeyPair = keys.stream().findFirst().get();
Assert.assertEquals("DSA", simpleKeyPair.getPrivate().getAlgorithm());
- OpenSSHKeyPairProvider provider =
+ OpenSSHKeyPairProvider provider =
new OpenSSHKeyPairProvider(privateKeyTemp.toPath(), publicKeyTemp.toPath(), "DSA", 2048);
- KeyPair convertedKeyPair = provider.loadKeys().iterator().next();
+ KeyPair convertedKeyPair = provider.loadKeys(null).iterator().next();
Assert.assertEquals("DSA", convertedKeyPair.getPrivate().getAlgorithm());
Assert.assertArrayEquals(simpleKeyPair.getPrivate().getEncoded(),convertedKeyPair.getPrivate().getEncoded());
@@ -95,7 +94,7 @@ public class OpenSSHGeneratorKeyFileProviderTest {
OpenSSHKeyPairProvider prov =
new OpenSSHKeyPairProvider(privateKeyTemp.toPath(), publicKeyTemp.toPath(), KeyUtils.EC_ALGORITHM, 256);
- KeyPair keys = prov.loadKeys().iterator().next();
+ KeyPair keys = prov.loadKeys(null).iterator().next();
Assert.assertNotNull(keys);
Assert.assertTrue("Loaded key is not EC Key", keys.getPrivate() instanceof ECPrivateKey);
Assert.assertTrue("Loaded key is not EC Key", keys.getPublic() instanceof ECPublicKey);
diff --git a/tooling/karaf-maven-plugin/src/main/java/org/apache/karaf/tooling/client/ClientMojo.java b/tooling/karaf-maven-plugin/src/main/java/org/apache/karaf/tooling/client/ClientMojo.java
index 2a916a3..28d7862 100644
--- a/tooling/karaf-maven-plugin/src/main/java/org/apache/karaf/tooling/client/ClientMojo.java
+++ b/tooling/karaf-maven-plugin/src/main/java/org/apache/karaf/tooling/client/ClientMojo.java
@@ -258,7 +258,7 @@ public class ClientMojo extends AbstractMojo {
agent.addIdentity(keyPair, user);
if (keyFile != null) {
FileKeyPairProvider fileKeyPairProvider = new FileKeyPairProvider(keyFile.getAbsoluteFile().toPath());
- for (KeyPair key : fileKeyPairProvider.loadKeys()) {
+ for (KeyPair key : fileKeyPairProvider.loadKeys(null)) {
agent.addIdentity(key, user);
}
}
diff --git a/tooling/karaf-maven-plugin/src/main/java/org/apache/karaf/tooling/client/DeployMojo.java b/tooling/karaf-maven-plugin/src/main/java/org/apache/karaf/tooling/client/DeployMojo.java
index e9ee204..0400f39 100644
--- a/tooling/karaf-maven-plugin/src/main/java/org/apache/karaf/tooling/client/DeployMojo.java
+++ b/tooling/karaf-maven-plugin/src/main/java/org/apache/karaf/tooling/client/DeployMojo.java
@@ -256,7 +256,7 @@ public class DeployMojo extends MojoSupport {
agent.addIdentity(keyPair, user);
if (keyFile != null) {
FileKeyPairProvider fileKeyPairProvider = new FileKeyPairProvider(keyFile.getAbsoluteFile().toPath());
- for (KeyPair key : fileKeyPairProvider.loadKeys()) {
+ for (KeyPair key : fileKeyPairProvider.loadKeys(null)) {
agent.addIdentity(key, user);
}
}