youys
/
ant
Not watched
1
0
Fork 1
Code
Releases 0 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
Browse Source

Add key based authentication to scp. 

Submitted by:	Robert Anderson <riznob at hotmail dot com>


git-svn-id: https://svn.apache.org/repos/asf/ant/core/trunk@274232 13f79535-47bb-0310-9956-ffa450edef68
master
Stefan Bodewig 22 years ago
parent
5e0218a965
commit
ddd4677c14
3 changed files with 467 additions and 138 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +213
    -0
      src/main/org/apache/tools/ant/taskdefs/optional/ssh/SSHBase.java
  2. +208
    -0
      src/main/org/apache/tools/ant/taskdefs/optional/ssh/SSHUserInfo.java
  3. +46
    -138
      src/main/org/apache/tools/ant/taskdefs/optional/ssh/Scp.java

+ 213
- 0
src/main/org/apache/tools/ant/taskdefs/optional/ssh/SSHBase.java View File

@@ -0,0 +1,213 @@
/*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "Ant" and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/

package org.apache.tools.ant.taskdefs.optional.ssh;

import com.jcraft.jsch.*;

import java.io.*;
import java.util.List;
import java.util.LinkedList;
import java.util.Iterator;
import java.util.ArrayList;

import org.apache.tools.ant.Task;
import org.apache.tools.ant.BuildException;
import org.apache.tools.ant.DirectoryScanner;
import org.apache.tools.ant.Project;
import org.apache.tools.ant.types.FileSet;

/**
* Base class for Ant tasks using jsch.
*
* @author charliehubbard76@yahoo.com
* @author riznob@hotmail.com
* @since Ant 1.6
*/
public abstract class SSHBase extends Task implements LogListener {
private String host;
private String keyfile;
private String knownHosts;
private boolean trust = false;
private int port = 22;
private boolean failOnError = true;
private SSHUserInfo userInfo;
/**
* Constructor for SSHBase.
*/
public SSHBase() {
super();
userInfo = new SSHUserInfo();
}
/**
* Remote host, either DNS name or IP.
*
* @param host The new host value
*/
public void setHost(String host) {
this.host = host;
}

public void setFailonerror( boolean failure ) {
failOnError = failure;
}

public boolean getFailonerror() {
return failOnError;
}

/**
* Username known to remote host.
*
* @param username The new username value
*/
public void setUsername(String username) {
userInfo.setName(username);
}


/**
* Sets the password for the user.
*
* @param password The new password value
*/
public void setPassword(String password) {
userInfo.setPassword(password);
}

/**
* Sets the keyfile for the user.
*
* @param keyfile The new keyfile value
*/
public void setKeyfile(String keyfile) {
userInfo.setKeyfile(keyfile);
}
/**
* Sets the passphrase for the users key.
*
* @param passphrase The new passphrase value
*/
public void setPassphrase(String passphrase) {
userInfo.setPassphrase(passphrase);
}
/**
* Sets the path to the file that has the identities of
* all known hosts. This is used by SSH protocol to validate
* the identity of the host. The default is
* <i>${user.home}/.ssh/known_hosts</i>.
*
* @param knownHosts a path to the known hosts file.
*/
public void setKnownhosts( String knownHosts ) {
this.knownHosts = knownHosts;
}

/**
* Setting this to true trusts hosts whose identity is unknown.
*
* @param yesOrNo if true trust the identity of unknown hosts.
*/
public void setTrust( boolean yesOrNo ) {
userInfo.setTrust(yesOrNo);
}

/**
* Changes the port used to connect to the remote host.
*
* @param port port number of remote host.
*/
public void setPort( int port ) {
this.port = port;
}
public int getPort() {
return port;
}
public void init() throws BuildException{
super.init();
this.knownHosts = System.getProperty("user.home") + "/.ssh/known_hosts";
this.trust = false;
this.port = 22;
}
protected Session openSession() throws JSchException {
JSch jsch = new JSch();
if (null != userInfo.getKeyfile()) {
jsch.addIdentity(userInfo.getKeyfile(), "passphrase");
}

if( knownHosts != null ) {
log( "Using known hosts: " + knownHosts, Project.MSG_DEBUG );
jsch.setKnownHosts( knownHosts );
}

Session session = jsch.getSession( userInfo.getName(), host, port );
session.setUserInfo(userInfo);
log("Connecting to " + host + ":" + port );
session.connect();
return session;
}

protected SSHUserInfo getUserInfo() {
return userInfo;
}
}

+ 208
- 0
src/main/org/apache/tools/ant/taskdefs/optional/ssh/SSHUserInfo.java View File

@@ -0,0 +1,208 @@
/*
* The Apache Software License, Version 1.1
*
* Copyright (c) 2003 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "Ant" and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*/

package org.apache.tools.ant.taskdefs.optional.ssh;

import com.jcraft.jsch.UserInfo;
import org.apache.tools.ant.Project;

/**
* @author rhanderson
*/
public class SSHUserInfo implements UserInfo {
private String name;
private String password = null;
private String keyfile;
private String passphrase = null;
private boolean firstTime = true;
private boolean trustAllCertificates;
public SSHUserInfo() {
super();
this.trustAllCertificates = true;
}
public SSHUserInfo(String password, boolean trustAllCertificates) {
super();
this.password = password;
this.trustAllCertificates = trustAllCertificates;
}

/**
* @see com.jcraft.jsch.UserInfo#getName()
*/
public String getName() {
return name;
}
/**
* @see com.jcraft.jsch.UserInfo#getPassphrase(String)
*/
public String getPassphrase(String message) {
return passphrase;
}
/**
* @see com.jcraft.jsch.UserInfo#getPassword()
*/
public String getPassword() {
return password;
}
/**
* @see com.jcraft.jsch.UserInfo#prompt(String)
*/
public boolean prompt(String str) {
return false;
}

/**
* @see com.jcraft.jsch.UserInfo#retry()
*/
public boolean retry() {
return false;
}

/**
* Sets the name.
* @param name The name to set
*/
public void setName(String name) {
this.name = name;
}

/**
* Sets the passphrase.
* @param passphrase The passphrase to set
*/
public void setPassphrase(String passphrase) {
this.passphrase = passphrase;
}

/**
* Sets the password.
* @param password The password to set
*/
public void setPassword(String password) {
this.password = password;
}

/**
* Sets the trust.
* @param boolean
*/
public void setTrust(boolean trust) {
this.trustAllCertificates = trust;
}

/**
* Returns the passphrase.
* @return String
*/
public String getPassphrase() {
return passphrase;
}

/**
* Returns the keyfile.
* @return String
*/
public String getKeyfile() {
return keyfile;
}

/**
* Sets the keyfile.
* @param keyfile The keyfile to set
*/
public void setKeyfile(String keyfile) {
this.keyfile = keyfile;
}

/**
* @see com.jcraft.jsch.UserInfo#promptPassphrase(String)
*/
public boolean promptPassphrase(String message) {
return true;
}

/**
* @see com.jcraft.jsch.UserInfo#promptPassword(String)
*/
public boolean promptPassword( String passwordPrompt ) {
//log( passwordPrompt, Project.MSG_DEBUG );
if( firstTime ) {
firstTime = false;
return true;
}
return firstTime;
}

/**
* @see com.jcraft.jsch.UserInfo#promptYesNo(String)
*/
public boolean promptYesNo(String message) {
//log( prompt, Project.MSG_DEBUG );
return trustAllCertificates;
}

/**
* @see com.jcraft.jsch.UserInfo#showMessage(String)
*/
public void showMessage(String message) {
//log( message, Project.MSG_DEBUG );
}

}

+ 46
- 138
src/main/org/apache/tools/ant/taskdefs/optional/ssh/Scp.java View File

@@ -74,19 +74,11 @@ import org.apache.tools.ant.types.FileSet;
* @author charliehubbard76@yahoo.com * @author charliehubbard76@yahoo.com
* @since Ant 1.6 * @since Ant 1.6
*/ */
public class Scp extends Task implements LogListener {
public class Scp extends SSHBase {


private String fromUri; private String fromUri;
private String toUri; private String toUri;
private String knownHosts;
private boolean trust = false;
private int port = 22;
private List fileSets = null; private List fileSets = null;
private boolean failOnError = true;

public void setFailonerror( boolean failure ) {
failOnError = failure;
}


/** /**
* Sets the file to be transferred. This can either be a remote * Sets the file to be transferred. This can either be a remote
@@ -114,35 +106,7 @@ public class Scp extends Task implements LogListener {
this.toUri = aToUri; this.toUri = aToUri;
} }


/**
* Sets the path to the file that has the identities of
* all known hosts. This is used by SSH protocol to validate
* the identity of the host. The default is
* <i>${user.home}/.ssh/known_hosts</i>.


* @param knownHosts a path to the known hosts file.
*/
public void setKnownhosts( String knownHosts ) {
this.knownHosts = knownHosts;
}

/**
* Setting this to true trusts hosts whose identity is unknown.
*
* @param yesOrNo if true trust the identity of unknown hosts.
*/
public void setTrust( boolean yesOrNo ) {
this.trust = yesOrNo;
}

/**
* Changes the port used to connect to the remote host.
*
* @param port port number of remote host.
*/
public void setPort( int port ) {
this.port = port;
}


/** /**
* Adds a FileSet tranfer to remote host. NOTE: Either * Adds a FileSet tranfer to remote host. NOTE: Either
@@ -161,9 +125,6 @@ public class Scp extends Task implements LogListener {
super.init(); super.init();
this.toUri = null; this.toUri = null;
this.fromUri = null; this.fromUri = null;
this.knownHosts = System.getProperty("user.home") + "/.ssh/known_hosts";
this.trust = false;
this.port = 22;
this.fileSets = null; this.fileSets = null;
} }


@@ -174,12 +135,13 @@ public class Scp extends Task implements LogListener {


if ( fromUri == null && fileSets == null ) { if ( fromUri == null && fileSets == null ) {
throw new BuildException("Either the 'file' attribute or one " + throw new BuildException("Either the 'file' attribute or one " +
"FileSet is required.");
"FileSet is required.");
} }


boolean isFromRemote = false; boolean isFromRemote = false;
if( fromUri != null )
if( fromUri != null ) {
isFromRemote = isRemoteUri(fromUri); isFromRemote = isRemoteUri(fromUri);
}
boolean isToRemote = isRemoteUri(toUri); boolean isToRemote = isRemoteUri(toUri);
try { try {
if (isFromRemote && !isToRemote) { if (isFromRemote && !isToRemote) {
@@ -194,11 +156,11 @@ public class Scp extends Task implements LogListener {
// not implemented yet. // not implemented yet.
} else { } else {
throw new BuildException("'todir' and 'file' attributes " + throw new BuildException("'todir' and 'file' attributes " +
"must have syntax like the following: " +
"user:password@host:/path");
"must have syntax like the following: " +
"user:password@host:/path");
} }
} catch (Exception e) { } catch (Exception e) {
if( failOnError ) {
if(getFailonerror()) {
throw new BuildException(e); throw new BuildException(e);
} else { } else {
log("Caught exception: " + e.getMessage(), Project.MSG_ERR); log("Caught exception: " + e.getMessage(), Project.MSG_ERR);
@@ -207,20 +169,17 @@ public class Scp extends Task implements LogListener {
} }


private void download( String fromSshUri, String toPath ) private void download( String fromSshUri, String toPath )
throws JSchException, IOException {
String[] fromValues = parseUri(fromSshUri);
throws JSchException, IOException {
String file = parseUri(fromSshUri);


Session session = null; Session session = null;
try { try {
session = openSession(fromValues[0],
fromValues[1],
fromValues[2],
port );
session = openSession();
ScpFromMessage message = new ScpFromMessage( session, ScpFromMessage message = new ScpFromMessage( session,
fromValues[3],
new File( toPath ),
fromSshUri.endsWith("*") );
log("Receiving file: " + fromValues[3] );
file,
new File( toPath ),
fromSshUri.endsWith("*") );
log("Receiving file: " + file );
message.setLogListener( this ); message.setLogListener( this );
message.execute(); message.execute();
} finally { } finally {
@@ -230,23 +189,20 @@ public class Scp extends Task implements LogListener {
} }


private void upload( List fileSet, String toSshUri ) private void upload( List fileSet, String toSshUri )
throws IOException, JSchException {
String[] toValues = parseUri(toSshUri);
throws IOException, JSchException {
String file = parseUri(toSshUri);


Session session = null; Session session = null;
try { try {
session = openSession( toValues[0],
toValues[1],
toValues[2],
port );
session = openSession();
List list = new ArrayList( fileSet.size() ); List list = new ArrayList( fileSet.size() );
for( Iterator i = fileSet.iterator(); i.hasNext(); ) { for( Iterator i = fileSet.iterator(); i.hasNext(); ) {
FileSet set = (FileSet) i.next(); FileSet set = (FileSet) i.next();
list.add( createDirectory( set ) ); list.add( createDirectory( set ) );
} }
ScpToMessage message = new ScpToMessage( session, ScpToMessage message = new ScpToMessage( session,
list,
toValues[3] );
list,
file);
message.setLogListener( this ); message.setLogListener( this );
message.execute(); message.execute();
} finally { } finally {
@@ -256,18 +212,15 @@ public class Scp extends Task implements LogListener {
} }


private void upload( String fromPath, String toSshUri ) private void upload( String fromPath, String toSshUri )
throws IOException, JSchException {
String[] toValues = parseUri(toSshUri);
throws IOException, JSchException {
String file = parseUri(toSshUri);


Session session = null; Session session = null;
try { try {
session = openSession( toValues[0],
toValues[1],
toValues[2],
port );
session = openSession();
ScpToMessage message = new ScpToMessage( session, ScpToMessage message = new ScpToMessage( session,
new File( fromPath ),
toValues[3] );
new File( fromPath ),
file );
message.setLogListener( this ); message.setLogListener( this );
message.execute(); message.execute();
} finally { } finally {
@@ -276,35 +229,32 @@ public class Scp extends Task implements LogListener {
} }
} }


private Session openSession( String user, String password,
String host, int port )
throws JSchException {
JSch jsch = new JSch();
if( knownHosts != null ) {
log( "Using known hosts: " + knownHosts, Project.MSG_DEBUG );
jsch.setKnownHosts( knownHosts );
}
Session session = jsch.getSession( user, host, port );

UserInfo userInfo = new DefaultUserInfo( password, trust );
session.setUserInfo(userInfo);
log("Connecting to " + host + ":" + port );
session.connect();
return session;
}

private String[] parseUri(String uri) {
private String parseUri(String uri) {
int indexOfAt = uri.indexOf('@'); int indexOfAt = uri.indexOf('@');
int indexOfColon = uri.indexOf(':'); int indexOfColon = uri.indexOf(':');
int indexOfPath = uri.indexOf(':', indexOfColon + 1);
if (indexOfColon > -1 && indexOfColon < indexOfAt) {
// user:password@host:/path notation
setUsername(uri.substring(0, indexOfColon));
setPassword(uri.substring(indexOfColon + 1, indexOfAt));
} else {
// no password, will require passphrase
setUsername(uri.substring(0, indexOfAt));
}


String[] values = new String[4];
values[0] = uri.substring(0, indexOfColon);
values[1] = uri.substring(indexOfColon + 1, indexOfAt);
values[2] = uri.substring(indexOfAt + 1, indexOfPath);
values[3] = uri.substring(indexOfPath + 1);
if (getUserInfo().getPassword() == null
&& getUserInfo().getPassphrase() == null) {
throw new BuildException("neither password nor passphrase for user "
+ getUserInfo().getName() + " has been "
+ "given. Can't authenticate.");
}


return values;
int indexOfPath = uri.indexOf(':', indexOfAt + 1);
if (indexOfPath == -1) {
throw new BuildException("no remote path in " + uri);
}
setHost(uri.substring(indexOfAt + 1, indexOfPath));
return uri.substring(indexOfPath + 1);
} }


private boolean isRemoteUri(String uri) { private boolean isRemoteUri(String uri) {
@@ -338,46 +288,4 @@ public class Scp extends Task implements LogListener {


return root; return root;
} }


public class DefaultUserInfo implements UserInfo {
private String password = null;
private boolean firstTime = true;
private boolean trustAllCertificates;

public DefaultUserInfo(String password, boolean trustAllCertificates) {
this.password = password;
this.trustAllCertificates = trustAllCertificates;
}

public String getPassphrase() {
return null;
}

public String getPassword() {
return password;
}

public boolean promptPassword( String passwordPrompt ) {
log( passwordPrompt, Project.MSG_DEBUG );
if( firstTime ) {
firstTime = false;
return true;
}
return firstTime;
}

public boolean promptPassphrase( String passPhrasePrompt ) {
return true;
}

public boolean promptYesNo( String prompt ) {
log( prompt, Project.MSG_DEBUG );
return trustAllCertificates;
}

public void showMessage( String message ) {
log( message, Project.MSG_DEBUG );
}
}
} }

Write Preview
Loading…
Cancel
Save
Please read the following content carefully:

Dear OpenI User

Thank you for your continuous support to the Openl Qizhi Community AI Collaboration Platform. In order to protect your usage rights and ensure network security, we updated the Openl Qizhi Community AI Collaboration Platform Usage Agreement in January 2024. The updated agreement specifies that users are prohibited from using intranet penetration tools. After you click "Agree and continue", you can continue to use our services. Thank you for your cooperation and understanding.

For more agreement content, please refer to the《Openl Qizhi Community AI Collaboration Platform Usage Agreement》

Agree and continue
Disagree, exit