motiejus
/
jgit
1
Fork 0
Code Releases Activity

sshd: handle "IdentityAgent SSH_AUTH_SOCK" in ssh config 

OpenSSH has (for legacy reasons?) the option of specifying the default
environment variable directly, instead of using ${SSH_AUTH_SOCK}. Make
sure the plain variable name is not taken as a relative path name.

Bug: 577053
Change-Id: If8f550dffc43887254f71aa0b487c50fa14d0627
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
This commit is contained in:
Thomas Wolf 2021-12-28 18:07:21 +01:00
parent e0281c5adb
commit 68bd2c1462
5 changed files with 24 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
org.eclipse.jgit.ssh.apache.agent/src/org/eclipse/jgit/internal/transport/sshd/agent/connector/Sockets.java
View File

@ -23,11 +23,6 @@ private Sockets() {
// No instantiation // No instantiation
} }
/**
* Default SSH agent socket environment variable name.
*/
public static final String ENV_SSH_AUTH_SOCK = "SSH_AUTH_SOCK"; //$NON-NLS-1$
/** /**
* Domain for Unix domain sockets. * Domain for Unix domain sockets.
*/ */

9
org.eclipse.jgit.ssh.apache.agent/src/org/eclipse/jgit/internal/transport/sshd/agent/connector/UnixDomainSocketConnector.java
View File

@ -11,10 +11,10 @@
import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.AF_UNIX; import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.AF_UNIX;
import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.DEFAULT_PROTOCOL; import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.DEFAULT_PROTOCOL;
import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.ENV_SSH_AUTH_SOCK;
import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.SOCK_STREAM; import static org.eclipse.jgit.internal.transport.sshd.agent.connector.Sockets.SOCK_STREAM;
import static org.eclipse.jgit.internal.transport.sshd.agent.connector.UnixSockets.FD_CLOEXEC; import static org.eclipse.jgit.internal.transport.sshd.agent.connector.UnixSockets.FD_CLOEXEC;
import static org.eclipse.jgit.internal.transport.sshd.agent.connector.UnixSockets.F_SETFD; import static org.eclipse.jgit.internal.transport.sshd.agent.connector.UnixSockets.F_SETFD;
import static org.eclipse.jgit.transport.SshConstants.ENV_SSH_AUTH_SOCKET;
import java.io.IOException; import java.io.IOException;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
@ -46,7 +46,7 @@ public class UnixDomainSocketConnector extends AbstractConnector {
@Override @Override
public String getIdentityAgent() { public String getIdentityAgent() {
return ENV_SSH_AUTH_SOCK; return ENV_SSH_AUTH_SOCKET;
} }
@Override @Override
@ -91,8 +91,9 @@ private static synchronized UnixSockets getLibrary() {
public UnixDomainSocketConnector(String socketFile) { public UnixDomainSocketConnector(String socketFile) {
super(); super();
String file = socketFile; String file = socketFile;
if (StringUtils.isEmptyOrNull(file)) { if (StringUtils.isEmptyOrNull(file)
file = SystemReader.getInstance().getenv(ENV_SSH_AUTH_SOCK); || ENV_SSH_AUTH_SOCKET.equals(file)) {
file = SystemReader.getInstance().getenv(ENV_SSH_AUTH_SOCKET);
} }
this.socketFile = file; this.socketFile = file;
} }

8
org.eclipse.jgit.test/tst/org/eclipse/jgit/internal/transport/ssh/OpenSshConfigFileTest.java
View File

@ -570,6 +570,14 @@ public void testIdentityAgentNone() throws Exception {
h.getValue(SshConstants.IDENTITY_AGENT)); h.getValue(SshConstants.IDENTITY_AGENT));
} }
@Test
public void testIdentityAgentSshAuthSock() throws Exception {
config("Host orcz\nIdentityAgent SSH_AUTH_SOCK\n");
HostConfig h = lookup("orcz");
assertEquals(SshConstants.ENV_SSH_AUTH_SOCKET,
h.getValue(SshConstants.IDENTITY_AGENT));
}
@Test @Test
public void testNegativeMatch() throws Exception { public void testNegativeMatch() throws Exception {
config("Host foo.bar !foobar.baz *.baz\n" + "Port 29418\n"); config("Host foo.bar !foobar.baz *.baz\n" + "Port 29418\n");

3
org.eclipse.jgit/src/org/eclipse/jgit/internal/transport/ssh/OpenSshConfigFile.java
View File

@ -871,7 +871,8 @@ void substitute(String originalHostName, int port, String userName,
if (options != null) { if (options != null) {
// HOSTNAME already done above // HOSTNAME already done above
String value = options.get(SshConstants.IDENTITY_AGENT); String value = options.get(SshConstants.IDENTITY_AGENT);
if (value != null && !SshConstants.NONE.equals(value)) { if (value != null && !SshConstants.NONE.equals(value)
&& !SshConstants.ENV_SSH_AUTH_SOCKET.equals(value)) {
value = r.substitute(value, Replacer.DEFAULT_TOKENS, true); value = r.substitute(value, Replacer.DEFAULT_TOKENS, true);
value = toFile(value, home).getPath(); value = toFile(value, home).getPath();
options.put(SshConstants.IDENTITY_AGENT, value); options.put(SshConstants.IDENTITY_AGENT, value);

10
org.eclipse.jgit/src/org/eclipse/jgit/transport/SshConstants.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (C) 2018, 2020 Thomas Wolf <thomas.wolf@paranor.ch> and others * Copyright (C) 2018, 2021 Thomas Wolf <thomas.wolf@paranor.ch> and others
* *
* This program and the accompanying materials are made available under the * This program and the accompanying materials are made available under the
* terms of the Eclipse Distribution License v. 1.0 which is available at * terms of the Eclipse Distribution License v. 1.0 which is available at
@ -229,4 +229,12 @@ private SshConstants() {
public static final String[] DEFAULT_IDENTITIES = { // public static final String[] DEFAULT_IDENTITIES = { //
ID_RSA, ID_DSA, ID_ECDSA, ID_ED25519 ID_RSA, ID_DSA, ID_ECDSA, ID_ED25519
}; };
/**
* Name of the environment variable holding the Unix domain socket for
* communication with an SSH agent.
*
* @since 6.1
*/
public static final String ENV_SSH_AUTH_SOCKET = "SSH_AUTH_SOCK";
} }