summaryrefslogtreecommitdiffstats
path: root/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitSshd.java
diff options
context:
space:
mode:
Diffstat (limited to 'gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitSshd.java')
-rw-r--r--gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitSshd.java251
1 files changed, 0 insertions, 251 deletions
diff --git a/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitSshd.java b/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitSshd.java
deleted file mode 100644
index d963cbb7ed..0000000000
--- a/gerrit-pgm/src/main/java/com/google/gerrit/pgm/init/InitSshd.java
+++ /dev/null
@@ -1,251 +0,0 @@
-// Copyright (C) 2009 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package com.google.gerrit.pgm.init;
-
-import static com.google.gerrit.pgm.init.api.InitUtil.hostname;
-import static java.nio.file.Files.exists;
-
-import com.google.gerrit.pgm.init.api.ConsoleUI;
-import com.google.gerrit.pgm.init.api.InitStep;
-import com.google.gerrit.pgm.init.api.Section;
-import com.google.gerrit.server.config.SitePaths;
-import com.google.gerrit.server.util.HostPlatform;
-import com.google.gerrit.server.util.SocketUtil;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-import java.io.IOException;
-import java.lang.ProcessBuilder.Redirect;
-import java.net.InetSocketAddress;
-
-/** Initialize the {@code sshd} configuration section. */
-@Singleton
-class InitSshd implements InitStep {
- private final ConsoleUI ui;
- private final SitePaths site;
- private final Section sshd;
- private final StaleLibraryRemover remover;
-
- @Inject
- InitSshd(ConsoleUI ui, SitePaths site, Section.Factory sections, StaleLibraryRemover remover) {
- this.ui = ui;
- this.site = site;
- this.sshd = sections.get("sshd", null);
- this.remover = remover;
- }
-
- @Override
- public void run() throws Exception {
- ui.header("SSH Daemon");
-
- String hostname = "*";
- int port = 29418;
- String listenAddress = sshd.get("listenAddress");
- if (isOff(listenAddress)) {
- hostname = "off";
- } else if (listenAddress != null && !listenAddress.isEmpty()) {
- final InetSocketAddress addr = SocketUtil.parse(listenAddress, port);
- hostname = SocketUtil.hostname(addr);
- port = addr.getPort();
- }
-
- hostname = ui.readString(hostname, "Listen on address");
- if (isOff(hostname)) {
- sshd.set("listenAddress", "off");
- return;
- }
-
- port = ui.readInt(port, "Listen on port");
- sshd.set("listenAddress", SocketUtil.format(hostname, port));
-
- generateSshHostKeys();
- remover.remove("bc(pg|pkix|prov)-.*[.]jar");
- }
-
- private static boolean isOff(String listenHostname) {
- return "off".equalsIgnoreCase(listenHostname)
- || "none".equalsIgnoreCase(listenHostname)
- || "no".equalsIgnoreCase(listenHostname);
- }
-
- private void generateSshHostKeys() throws InterruptedException, IOException {
- if (!exists(site.ssh_key)
- && (!exists(site.ssh_rsa)
- || !exists(site.ssh_dsa)
- || !exists(site.ssh_ed25519)
- || !exists(site.ssh_ecdsa_256)
- || !exists(site.ssh_ecdsa_384)
- || !exists(site.ssh_ecdsa_521))) {
- System.err.print("Generating SSH host key ...");
- System.err.flush();
-
- // Generate the SSH daemon host key using ssh-keygen.
- //
- final String comment = "gerrit-code-review@" + hostname();
-
- // Workaround for JDK-6518827 - zero-length argument ignored on Win32
- String emptyPassphraseArg = HostPlatform.isWin32() ? "\"\"" : "";
- if (!exists(site.ssh_rsa)) {
- System.err.print(" rsa...");
- System.err.flush();
- new ProcessBuilder(
- "ssh-keygen",
- "-q" /* quiet */,
- "-t",
- "rsa",
- "-N",
- emptyPassphraseArg,
- "-C",
- comment,
- "-f",
- site.ssh_rsa.toAbsolutePath().toString())
- .redirectError(Redirect.INHERIT)
- .redirectOutput(Redirect.INHERIT)
- .start()
- .waitFor();
- }
-
- if (!exists(site.ssh_dsa)) {
- System.err.print(" dsa...");
- System.err.flush();
- new ProcessBuilder(
- "ssh-keygen",
- "-q" /* quiet */,
- "-t",
- "dsa",
- "-P",
- emptyPassphraseArg,
- "-C",
- comment,
- "-f",
- site.ssh_dsa.toAbsolutePath().toString())
- .redirectError(Redirect.INHERIT)
- .redirectOutput(Redirect.INHERIT)
- .start()
- .waitFor();
- }
-
- if (!exists(site.ssh_ed25519)) {
- System.err.print(" ed25519...");
- System.err.flush();
- try {
- new ProcessBuilder(
- "ssh-keygen",
- "-q" /* quiet */,
- "-t",
- "ed25519",
- "-P",
- emptyPassphraseArg,
- "-C",
- comment,
- "-f",
- site.ssh_ed25519.toAbsolutePath().toString())
- .redirectError(Redirect.INHERIT)
- .redirectOutput(Redirect.INHERIT)
- .start()
- .waitFor();
- } catch (Exception e) {
- // continue since older hosts won't be able to generate ed25519 keys.
- System.err.print(" Failed to generate ed25519 key, continuing...");
- System.err.flush();
- }
- }
-
- if (!exists(site.ssh_ecdsa_256)) {
- System.err.print(" ecdsa 256...");
- System.err.flush();
- try {
- new ProcessBuilder(
- "ssh-keygen",
- "-q" /* quiet */,
- "-t",
- "ecdsa",
- "-b",
- "256",
- "-P",
- emptyPassphraseArg,
- "-C",
- comment,
- "-f",
- site.ssh_ecdsa_256.toAbsolutePath().toString())
- .redirectError(Redirect.INHERIT)
- .redirectOutput(Redirect.INHERIT)
- .start()
- .waitFor();
- } catch (Exception e) {
- // continue since older hosts won't be able to generate ecdsa keys.
- System.err.print(" Failed to generate ecdsa 256 key, continuing...");
- System.err.flush();
- }
- }
-
- if (!exists(site.ssh_ecdsa_384)) {
- System.err.print(" ecdsa 384...");
- System.err.flush();
- try {
- new ProcessBuilder(
- "ssh-keygen",
- "-q" /* quiet */,
- "-t",
- "ecdsa",
- "-b",
- "384",
- "-P",
- emptyPassphraseArg,
- "-C",
- comment,
- "-f",
- site.ssh_ecdsa_384.toAbsolutePath().toString())
- .redirectError(Redirect.INHERIT)
- .redirectOutput(Redirect.INHERIT)
- .start()
- .waitFor();
- } catch (Exception e) {
- // continue since older hosts won't be able to generate ecdsa keys.
- System.err.print(" Failed to generate ecdsa 384 key, continuing...");
- System.err.flush();
- }
- }
-
- if (!exists(site.ssh_ecdsa_521)) {
- System.err.print(" ecdsa 521...");
- System.err.flush();
- try {
- new ProcessBuilder(
- "ssh-keygen",
- "-q" /* quiet */,
- "-t",
- "ecdsa",
- "-b",
- "521",
- "-P",
- emptyPassphraseArg,
- "-C",
- comment,
- "-f",
- site.ssh_ecdsa_521.toAbsolutePath().toString())
- .redirectError(Redirect.INHERIT)
- .redirectOutput(Redirect.INHERIT)
- .start()
- .waitFor();
- } catch (Exception e) {
- // continue since older hosts won't be able to generate ecdsa keys.
- System.err.print(" Failed to generate ecdsa 521 key, continuing...");
- System.err.flush();
- }
- }
- System.err.println(" done");
- }
- }
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-14 00:15:16 +0000