githubFork/gitblit.git - Solinfo Gitblit

			@@ -95,9 +95,10 @@
			private final Logger log = LoggerFactory.getLogger(SshDaemon.class);

			/**
			* 22: IANA assigned port number for ssh. Note that this is a distinct concept
			* from gitblit's default conf for ssh port -- this "default" is what the git
			* protocol itself defaults to if it sees and ssh url without a port.
			* 22: IANA assigned port number for ssh. Note that this is a distinct
			* concept from gitblit's default conf for ssh port -- this "default" is
			* what the git protocol itself defaults to if it sees and ssh url without a
			* port.
			*/
			public static final int DEFAULT_PORT = 22;

			@@ -116,11 +117,13 @@
			* @param gitblit
			*/
			@Inject
			SshDaemon(IGitblit gitblit, IdGenerator idGenerator, SshCommandFactory factory) {
			SshDaemon(IGitblit gitblit, IdGenerator idGenerator,
			SshCommandFactory factory) {
			this.gitblit = gitblit;
			IStoredSettings settings = gitblit.getSettings();
			int port = settings.getInteger(Keys.git.sshPort, 0);
			String bindInterface = settings.getString(Keys.git.sshBindInterface, "localhost");
			String bindInterface = settings.getString(Keys.git.sshBindInterface,
			"localhost");

			if (StringUtils.isEmpty(bindInterface)) {
			myAddress = new InetSocketAddress(port);
			@@ -131,8 +134,8 @@
			setPort(myAddress.getPort());
			setHost(myAddress.getHostName());
			setup();
			setKeyPairProvider(new PEMGeneratorHostKeyProvider(
			new File(gitblit.getBaseFolder(), HOST_KEY_STORE).getPath()));
			setKeyPairProvider(new PEMGeneratorHostKeyProvider(new File(
			gitblit.getBaseFolder(), HOST_KEY_STORE).getPath()));
			setPublickeyAuthenticator(new SshKeyAuthenticator(gitblit));

			run = new AtomicBoolean(false);
			@@ -143,17 +146,20 @@
			SessionFactory newSessionFactory(final IdGenerator idGenerator) {
			return new SessionFactory() {
			@Override
			protected ServerSession createSession(final IoSession io) throws Exception {
			protected ServerSession createSession(final IoSession io)
			throws Exception {
			log.info("connection accepted on " + io);
			if (io.getConfig() instanceof SocketSessionConfig) {
			final SocketSessionConfig c = (SocketSessionConfig) io.getConfig();
			final SocketSessionConfig c = (SocketSessionConfig) io
			.getConfig();
			c.setKeepAlive(true);
			}
			ServerSession s = (ServerSession) super.createSession(io);
			SocketAddress peer = io.getRemoteAddress();
			SshSession session = new SshSession(idGenerator.next(), peer);
			s.setAttribute(SshSession.KEY, session);
			io.getCloseFuture().addListener(new IoFutureListener<IoFuture>() {
			io.getCloseFuture().addListener(
			new IoFutureListener<IoFuture>() {
			@Override
			public void operationComplete(IoFuture future) {
			log.info("connection closed on " + io);
			@@ -171,10 +177,12 @@
			public String formatUrl(String gituser, String servername, String repository) {
			if (getPort() == DEFAULT_PORT) {
			// standard port
			return MessageFormat.format("{0}@{1}/{2}", gituser, servername, repository);
			return MessageFormat.format("{0}@{1}/{2}", gituser, servername,
			repository);
			} else {
			// non-standard port
			return MessageFormat.format("ssh://{0}@{1}:{2,number,0}/{3}", gituser, servername, getPort(), repository);
			return MessageFormat.format("ssh://{0}@{1}:{2,number,0}/{3}",
			gituser, servername, getPort(), repository);
			}
			}

			@@ -194,8 +202,9 @@
			super.start();
			run.set(true);

			log.info(MessageFormat.format("SSH Daemon is listening on {0}:{1,number,0}",
			myAddress.getAddress().getHostAddress(), myAddress.getPort()));
			log.info(MessageFormat.format(
			"SSH Daemon is listening on {0}:{1,number,0}", myAddress
			.getAddress().getHostAddress(), myAddress.getPort()));
			}

			/** @return true if this daemon is receiving connections. */
			@@ -218,13 +227,15 @@
			}

			/**
			* Performs most of default configuration (setup random sources, setup ciphers,
			* etc; also, support for forwarding and filesystem is explicitly disallowed).
			* Performs most of default configuration (setup random sources, setup
			* ciphers, etc; also, support for forwarding and filesystem is explicitly
			* disallowed).
			*
			* {@link #setKeyPairProvider(KeyPairProvider)} and
			* {@link #setPublickeyAuthenticator(PublickeyAuthenticator)} are left for you.
			* And applying {@link #setCommandFactory(CommandFactory)} is probably wise if you
			* want something to actually happen when users do successfully authenticate.
			* {@link #setPublickeyAuthenticator(PublickeyAuthenticator)} are left for
			* you. And applying {@link #setCommandFactory(CommandFactory)} is probably
			* wise if you want something to actually happen when users do successfully
			* authenticate.
			*/
			@SuppressWarnings("unchecked")
			public void setup() {
			@@ -232,38 +243,30 @@
			throw new RuntimeException("BC crypto not available");

			setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>>asList(
			new DHG14.Factory(),
			new DHG1.Factory())
			);
			new DHG14.Factory(), new DHG1.Factory()));

			setRandomFactory(new SingletonRandomFactory(new BouncyCastleRandom.Factory()));
			setRandomFactory(new SingletonRandomFactory(
			new BouncyCastleRandom.Factory()));

			setupCiphers();

			setCompressionFactories(Arrays.<NamedFactory<Compression>>asList(
			new CompressionNone.Factory())
			);
			setCompressionFactories(Arrays
			.<NamedFactory<Compression>> asList(new CompressionNone.Factory()));

			setMacFactories(Arrays.<NamedFactory<Mac>>asList(
			new HMACMD5.Factory(),
			new HMACSHA1.Factory(),
			new HMACMD596.Factory(),
			new HMACSHA196.Factory())
			);
			new HMACMD5.Factory(), new HMACSHA1.Factory(),
			new HMACMD596.Factory(), new HMACSHA196.Factory()));

			setChannelFactories(Arrays.<NamedFactory<Channel>>asList(
			new ChannelSession.Factory(),
			new ChannelDirectTcpip.Factory())
			);
			new ChannelSession.Factory(), new ChannelDirectTcpip.Factory()));

			setSignatureFactories(Arrays.<NamedFactory<Signature>>asList(
			new SignatureDSA.Factory(),
			new SignatureRSA.Factory())
			);
			new SignatureDSA.Factory(), new SignatureRSA.Factory()));

			setFileSystemFactory(new FileSystemFactory() {
			@Override
			public FileSystemView createFileSystemView(Session session) throws IOException {
			public FileSystemView createFileSystemView(Session session)
			throws IOException {
			return new FileSystemView() {
			@Override
			public SshFile getFile(SshFile baseDir, String file) {
			@@ -290,19 +293,20 @@
			}

			@Override
			public boolean canConnect(InetSocketAddress address, ServerSession session) {
			public boolean canConnect(InetSocketAddress address,
			ServerSession session) {
			return false;
			}

			@Override
			public boolean canListen(InetSocketAddress address, ServerSession session) {
			public boolean canListen(InetSocketAddress address,
			ServerSession session) {
			return false;
			}
			});

			setUserAuthFactories(Arrays.<NamedFactory<UserAuth>>asList(
			new UserAuthPublicKey.Factory())
			);
			setUserAuthFactories(Arrays
			.<NamedFactory<UserAuth>> asList(new UserAuthPublicKey.Factory()));
			}

			protected void setupCiphers() {