You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@clerezza.apache.org by re...@apache.org on 2010/12/27 17:14:38 UTC
svn commit: r1053098 - in
/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell:
./ src/ src/main/ src/main/java/ src/main/java/org/
src/main/java/org/apache/ src/main/java/org/apache/clerezza/
src/main/java/org/apache/clere...
Author: reto
Date: Mon Dec 27 16:14:37 2010
New Revision: 1053098
URL: http://svn.apache.org/viewvc?rev=1053098&view=rev
Log:
CLEREZZA-375: a component providing shell access vi SSH
Added:
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/ (with props)
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/pom.xml
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/java/
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/java/org/
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/java/org/apache/
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/java/org/apache/clerezza/
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/java/org/apache/clerezza/sshshell/
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/java/org/apache/clerezza/sshshell/SshShell.java
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/test/
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/test/java/
Propchange: incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Mon Dec 27 16:14:37 2010
@@ -0,0 +1 @@
+target
Added: incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/pom.xml
URL: http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/pom.xml?rev=1053098&view=auto
==============================================================================
--- incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/pom.xml (added)
+++ incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/pom.xml Mon Dec 27 16:14:37 2010
@@ -0,0 +1,53 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.clerezza</groupId>
+ <artifactId>org.apache.clerezza.parent</artifactId>
+ <version>0.2-incubating-SNAPSHOT</version>
+ </parent>
+ <groupId>org.apache.clerezza</groupId>
+ <artifactId>org.apache.clerezza.sshshell</artifactId>
+ <packaging>bundle</packaging>
+ <version>0.1-incubating-SNAPSHOT</version>
+ <name>Clerezza - SSH Shell Access</name>
+ <description>SSH access to clerezza</description>
+ <dependencies>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-core</artifactId>
+ <version>0.5.0</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sshd</groupId>
+ <artifactId>sshd-pam</artifactId>
+ <version>0.5.0</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-simple</artifactId>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+ <artifactId>org.apache.clerezza.shell</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.clerezza</groupId>
+ <artifactId>org.apache.clerezza.platform.security</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.apache.felix.scr.annotations</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.osgi</groupId>
+ <artifactId>org.osgi.compendium</artifactId>
+ </dependency>
+ </dependencies>
+</project>
Added: incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/java/org/apache/clerezza/sshshell/SshShell.java
URL: http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/java/org/apache/clerezza/sshshell/SshShell.java?rev=1053098&view=auto
==============================================================================
--- incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/java/org/apache/clerezza/sshshell/SshShell.java (added)
+++ incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.sshshell/src/main/java/org/apache/clerezza/sshshell/SshShell.java Mon Dec 27 16:14:37 2010
@@ -0,0 +1,188 @@
+package org.apache.clerezza.sshshell;
+
+import java.security.PrivilegedActionException;
+import java.util.logging.Level;
+import org.apache.clerezza.shell.Shell;
+import org.apache.felix.scr.annotations.Reference;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.security.PrivilegedExceptionAction;
+import javax.security.auth.Subject;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.clerezza.platform.security.auth.AuthenticationChecker;
+import org.apache.clerezza.platform.security.UserUtil;
+import org.apache.sshd.*;
+import org.apache.sshd.common.Factory;
+import org.apache.sshd.server.Command;
+import org.apache.sshd.server.Environment;
+import org.apache.sshd.server.ExitCallback;
+import org.apache.sshd.server.PasswordAuthenticator;
+import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
+import org.apache.sshd.server.session.ServerSession;
+import org.osgi.service.component.ComponentContext;
+import org.apache.clerezza.shell.ShellFactory;
+import org.apache.felix.scr.annotations.Property;
+import org.apache.sshd.server.shell.ProcessShellFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Hello world!
+ */
+@Component(metatype = true, enabled = true)
+public class SshShell {
+
+ @Property(intValue = 8022, description = "The port on which the ssh service listens)")
+ public static final String PORT = "port";
+ @Reference
+ private ShellFactory shellFactory;
+ @Reference
+ AuthenticationChecker authenticationChecker;
+ public int port = 8022;
+ private SshServer sshd;
+ private static ThreadLocal<Subject> currentSubject = new ThreadLocal<Subject>();
+ private static Logger log = LoggerFactory.getLogger(SshShell.class);
+
+ public SshShell() {
+ sshd = SshServer.setUpDefaultServer();
+ sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider("hostkey.ser"));
+ sshd.setPasswordAuthenticator(new MyPasswordAuthenticator());
+ }
+
+ protected void activate(ComponentContext cc) throws IOException {
+ port = (Integer) cc.getProperties().get(PORT);
+ sshd.setPort(port);
+ sshd.setShellFactory(new Factory<Command>() {
+
+ @Override
+ public Command create() {
+
+ return new Command() {
+
+ private InputStream in;
+ private OutputStream out;
+ private Shell shell;
+ private ExitCallback ec;
+
+ @Override
+ public void setInputStream(InputStream in) {
+ this.in = in;
+ }
+
+ @Override
+ public void setOutputStream(OutputStream out) {
+ this.out = out;
+ }
+
+ @Override
+ public void setErrorStream(OutputStream out) {
+ }
+
+ @Override
+ public void setExitCallback(ExitCallback ec) {
+ this.ec = ec;
+ }
+
+ @Override
+ public void start(Environment e) throws IOException {
+
+ final OutputStream newLineWrapperStream = new OutputStream() {
+
+ @Override
+ public void write(int b) throws IOException {
+ if (b == '\n') {
+ out.write('\r');
+ out.write('\n');
+ } else {
+ out.write(b);
+ }
+ }
+
+ @Override
+ public void flush() throws IOException {
+ out.flush();
+ }
+
+ @Override
+ public void close() throws IOException {
+ out.close();
+ }
+ };
+ Subject subject = currentSubject.get();
+ log.debug("doing as {}", subject);
+ try {
+ Subject.doAsPrivileged(subject, new PrivilegedExceptionAction<Object>() {
+
+ @Override
+ public Object run() throws Exception {
+ shell = shellFactory.createShell(in, newLineWrapperStream);
+ shell.addTerminationListener(new Shell.TerminationListener() {
+
+ public void terminated() {
+ try {
+ log.info("closing ssh stream");
+ newLineWrapperStream.close();
+ in.close();
+ } catch (IOException ex) {
+ log.warn("error closing ssh stream", ex);
+ }
+ }
+
+ ;
+ });
+ shell.start();
+ return null;
+ }
+ }, null);
+ } catch (PrivilegedActionException ex) {
+ Throwable cause = ex.getCause();
+ if (cause instanceof RuntimeException) {
+ throw (RuntimeException) cause;
+ } else {
+ throw new RuntimeException(cause);
+ }
+ }
+
+ }
+
+ @Override
+ public void destroy() {
+ if (shell != null) {
+ shell.stop();
+ }
+ shell = null;
+ }
+ };
+ }
+ });
+
+ sshd.start();
+ }
+
+ protected void deactivate(ComponentContext cc) throws Exception {
+ sshd.stop();
+ }
+
+ private class MyPasswordAuthenticator implements PasswordAuthenticator {
+
+ public MyPasswordAuthenticator() {
+ }
+
+ @Override
+ public boolean authenticate(String userName, String password, ServerSession ss) {
+ log.debug("Authenticating {}, {}.", userName, password);
+ try {
+ if (authenticationChecker.authenticate(userName, password)) {
+ Subject subject = UserUtil.createSubject(userName);
+ currentSubject.set(subject);
+ return true;
+ } else {
+ return false;
+ }
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+ }
+}