diff options
Diffstat (limited to 'gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java')
-rw-r--r-- | gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java | 43 |
1 files changed, 40 insertions, 3 deletions
diff --git a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java index 2052343b29..d382a575fd 100644 --- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java +++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java @@ -120,6 +120,7 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener { private static final Logger log = LoggerFactory.getLogger(SshDaemon.class); private final List<SocketAddress> listen; + private final List<String> advertisedAddress; private final boolean keepAlive; private final List<HostKey> hostKeys; private volatile IoAcceptor acceptor; @@ -132,6 +133,7 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener { setPort(IANA_SSH_PORT /* never used */); listen = parseListen(cfg); + advertisedAddress = parseAdvertisedAddress(cfg); reuseAddress = cfg.getBoolean("sshd", "reuseaddress", true); keepAlive = cfg.getBoolean("sshd", "tcpkeepalive", true); @@ -214,7 +216,7 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener { @Override public synchronized void start() { - if (acceptor == null) { + if (acceptor == null && !listen.isEmpty()) { checkConfig(); acceptor = createAcceptor(); @@ -255,6 +257,10 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener { } private List<HostKey> computeHostKeys() { + if (listen.isEmpty()) { + return Collections.emptyList(); + } + final List<PublicKey> keys = myHostKeys(); final ArrayList<HostKey> r = new ArrayList<HostKey>(); for (final PublicKey pub : keys) { @@ -262,9 +268,9 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener { buf.putRawPublicKey(pub); final byte[] keyBin = buf.getCompactData(); - for (final InetSocketAddress addr : myAddresses()) { + for (final String addr : myAdvertisedAddresses()) { try { - r.add(new HostKey(SocketUtil.format(addr, IANA_SSH_PORT), keyBin)); + r.add(new HostKey(addr, keyBin)); } catch (JSchException e) { log.warn("Cannot format SSHD host key", e); } @@ -273,6 +279,19 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener { return Collections.unmodifiableList(r); } + private List<String> myAdvertisedAddresses() { + if (advertisedAddress != null) { + return advertisedAddress; + } else { + List<InetSocketAddress> addrs = myAddresses(); + List<String> strAddrs = new ArrayList<String>(addrs.size()); + for (final InetSocketAddress addr : addrs) { + strAddrs.add(SocketUtil.format(addr, IANA_SSH_PORT)); + } + return strAddrs; + } + } + private List<InetSocketAddress> myAddresses() { ArrayList<InetSocketAddress> pub = new ArrayList<InetSocketAddress>(); ArrayList<InetSocketAddress> local = new ArrayList<InetSocketAddress>(); @@ -317,6 +336,14 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener { return r.toString(); } + private List<String> parseAdvertisedAddress(final Config cfg) { + final String[] want = cfg.getStringList("sshd", null, "advertisedaddress"); + if (want.length == 0) { + return null; + } + return Arrays.asList(want); + } + private List<SocketAddress> parseListen(final Config cfg) { final ArrayList<SocketAddress> bind = new ArrayList<SocketAddress>(2); final String[] want = cfg.getStringList("sshd", null, "listenaddress"); @@ -325,6 +352,10 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener { return bind; } + if (want.length == 1 && isOff(want[0])) { + return bind; + } + for (final String desc : want) { try { bind.add(SocketUtil.resolve(desc, DEFAULT_PORT)); @@ -335,6 +366,12 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener { return bind; } + private static boolean isOff(String listenHostname) { + return "off".equalsIgnoreCase(listenHostname) + || "none".equalsIgnoreCase(listenHostname) + || "no".equalsIgnoreCase(listenHostname); + } + @SuppressWarnings("unchecked") private void initProviderBouncyCastle() { setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>> asList( |