ssh: Handle "ProxyJump none" from SSH config file
Since OpenSSH 7.8, the ProxyJump directive accepts the value "none"[1] to override and clear a setting that might otherwise be contributed by another (wildcard) host entry. [1] https://bugzilla.mindrot.org/show_bug.cgi?id=2869 Change-Id: Ia35e82c6f8c58d5c6b8040cda7a07b220f43fc21 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
This commit is contained in:
parent
180bc67e28
commit
057f1d9123
|
@ -354,6 +354,21 @@ public void testJumpHost() throws Exception {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testJumpHostNone() throws Exception {
|
||||||
|
// Should not try to go through the non-existing proxy
|
||||||
|
cloneWith("ssh://server/doesntmatter", defaultCloneDir, null, //
|
||||||
|
"Host server", //
|
||||||
|
"HostName localhost", //
|
||||||
|
"Port " + testPort, //
|
||||||
|
"User " + TEST_USER, //
|
||||||
|
"IdentityFile " + privateKey1.getAbsolutePath(), //
|
||||||
|
"ProxyJump none", //
|
||||||
|
"", //
|
||||||
|
"Host *", //
|
||||||
|
"ProxyJump " + TEST_USER + "@localhost:1234");
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testJumpHostWrongKeyAtProxy() throws Exception {
|
public void testJumpHostWrongKeyAtProxy() throws Exception {
|
||||||
// Test that we find the proxy server's URI in the exception message
|
// Test that we find the proxy server's URI in the exception message
|
||||||
|
|
|
@ -219,7 +219,8 @@ private List<URIish> determineHops(List<URIish> currentHops,
|
||||||
HostConfigEntry hostConfig, String host) throws IOException {
|
HostConfigEntry hostConfig, String host) throws IOException {
|
||||||
if (currentHops.isEmpty()) {
|
if (currentHops.isEmpty()) {
|
||||||
String jumpHosts = hostConfig.getProperty(SshConstants.PROXY_JUMP);
|
String jumpHosts = hostConfig.getProperty(SshConstants.PROXY_JUMP);
|
||||||
if (!StringUtils.isEmptyOrNull(jumpHosts)) {
|
if (!StringUtils.isEmptyOrNull(jumpHosts)
|
||||||
|
&& !SshConstants.NONE.equals(jumpHosts)) {
|
||||||
try {
|
try {
|
||||||
return parseProxyJump(jumpHosts);
|
return parseProxyJump(jumpHosts);
|
||||||
} catch (URISyntaxException e) {
|
} catch (URISyntaxException e) {
|
||||||
|
|
|
@ -191,6 +191,26 @@ private SshConstants() {
|
||||||
/** Flag value. */
|
/** Flag value. */
|
||||||
public static final String FALSE = "false";
|
public static final String FALSE = "false";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Property value. Some keys accept a special 'none' value to override and
|
||||||
|
* clear a setting otherwise contributed by another host entry, for instance
|
||||||
|
* {@link #PROXY_COMMAND} or {@link #PROXY_JUMP}. Example:
|
||||||
|
*
|
||||||
|
* <pre>
|
||||||
|
* Host bastion.example.org
|
||||||
|
* ProxyJump none
|
||||||
|
*
|
||||||
|
* Host *.example.org
|
||||||
|
* ProxyJump bastion.example.org
|
||||||
|
* </pre>
|
||||||
|
* <p>
|
||||||
|
* OpenSSH supports this since OpenSSH 7.8.
|
||||||
|
* </p>
|
||||||
|
*
|
||||||
|
* @since 6.0
|
||||||
|
*/
|
||||||
|
public static final String NONE = "none";
|
||||||
|
|
||||||
// Default identity file names
|
// Default identity file names
|
||||||
|
|
||||||
/** Name of the default RSA private identity file. */
|
/** Name of the default RSA private identity file. */
|
||||||
|
@ -202,7 +222,7 @@ private SshConstants() {
|
||||||
/** Name of the default ECDSA private identity file. */
|
/** Name of the default ECDSA private identity file. */
|
||||||
public static final String ID_ECDSA = "id_ecdsa";
|
public static final String ID_ECDSA = "id_ecdsa";
|
||||||
|
|
||||||
/** Name of the default ECDSA private identity file. */
|
/** Name of the default ED25519 private identity file. */
|
||||||
public static final String ID_ED25519 = "id_ed25519";
|
public static final String ID_ED25519 = "id_ed25519";
|
||||||
|
|
||||||
/** All known default identity file names. */
|
/** All known default identity file names. */
|
||||||
|
|
Loading…
Reference in New Issue