summaryrefslogtreecommitdiffstats
path: root/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java
diff options
context:
space:
mode:
Diffstat (limited to 'gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java')
-rw-r--r--gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java43
1 files changed, 40 insertions, 3 deletions
diff --git a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java
index 2052343b29..d382a575fd 100644
--- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java
+++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java
@@ -120,6 +120,7 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
private static final Logger log = LoggerFactory.getLogger(SshDaemon.class);
private final List<SocketAddress> listen;
+ private final List<String> advertisedAddress;
private final boolean keepAlive;
private final List<HostKey> hostKeys;
private volatile IoAcceptor acceptor;
@@ -132,6 +133,7 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
setPort(IANA_SSH_PORT /* never used */);
listen = parseListen(cfg);
+ advertisedAddress = parseAdvertisedAddress(cfg);
reuseAddress = cfg.getBoolean("sshd", "reuseaddress", true);
keepAlive = cfg.getBoolean("sshd", "tcpkeepalive", true);
@@ -214,7 +216,7 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
@Override
public synchronized void start() {
- if (acceptor == null) {
+ if (acceptor == null && !listen.isEmpty()) {
checkConfig();
acceptor = createAcceptor();
@@ -255,6 +257,10 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
}
private List<HostKey> computeHostKeys() {
+ if (listen.isEmpty()) {
+ return Collections.emptyList();
+ }
+
final List<PublicKey> keys = myHostKeys();
final ArrayList<HostKey> r = new ArrayList<HostKey>();
for (final PublicKey pub : keys) {
@@ -262,9 +268,9 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
buf.putRawPublicKey(pub);
final byte[] keyBin = buf.getCompactData();
- for (final InetSocketAddress addr : myAddresses()) {
+ for (final String addr : myAdvertisedAddresses()) {
try {
- r.add(new HostKey(SocketUtil.format(addr, IANA_SSH_PORT), keyBin));
+ r.add(new HostKey(addr, keyBin));
} catch (JSchException e) {
log.warn("Cannot format SSHD host key", e);
}
@@ -273,6 +279,19 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
return Collections.unmodifiableList(r);
}
+ private List<String> myAdvertisedAddresses() {
+ if (advertisedAddress != null) {
+ return advertisedAddress;
+ } else {
+ List<InetSocketAddress> addrs = myAddresses();
+ List<String> strAddrs = new ArrayList<String>(addrs.size());
+ for (final InetSocketAddress addr : addrs) {
+ strAddrs.add(SocketUtil.format(addr, IANA_SSH_PORT));
+ }
+ return strAddrs;
+ }
+ }
+
private List<InetSocketAddress> myAddresses() {
ArrayList<InetSocketAddress> pub = new ArrayList<InetSocketAddress>();
ArrayList<InetSocketAddress> local = new ArrayList<InetSocketAddress>();
@@ -317,6 +336,14 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
return r.toString();
}
+ private List<String> parseAdvertisedAddress(final Config cfg) {
+ final String[] want = cfg.getStringList("sshd", null, "advertisedaddress");
+ if (want.length == 0) {
+ return null;
+ }
+ return Arrays.asList(want);
+ }
+
private List<SocketAddress> parseListen(final Config cfg) {
final ArrayList<SocketAddress> bind = new ArrayList<SocketAddress>(2);
final String[] want = cfg.getStringList("sshd", null, "listenaddress");
@@ -325,6 +352,10 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
return bind;
}
+ if (want.length == 1 && isOff(want[0])) {
+ return bind;
+ }
+
for (final String desc : want) {
try {
bind.add(SocketUtil.resolve(desc, DEFAULT_PORT));
@@ -335,6 +366,12 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
return bind;
}
+ private static boolean isOff(String listenHostname) {
+ return "off".equalsIgnoreCase(listenHostname)
+ || "none".equalsIgnoreCase(listenHostname)
+ || "no".equalsIgnoreCase(listenHostname);
+ }
+
@SuppressWarnings("unchecked")
private void initProviderBouncyCastle() {
setKeyExchangeFactories(Arrays.<NamedFactory<KeyExchange>> asList(
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 14:54:10 +0000