Support reloading of sshd.requestlog configuration

Change-Id: Ic885392e4fb5479920e7619a244394febeaf30b6

Documentation/config-gerrit.txt

@@ -4542,6 +4542,9 @@ If enabled, a request log file is written out by the SSH daemon.
 programmatic configuration.
 +
 By default, `true`.
++
+This value supports configuration reloads:
+link:cmd-reload-config.html[reload-config]
 
 [[sshd.rekeyBytesLimit]]sshd.rekeyBytesLimit::
 +

java/com/google/gerrit/sshd/SshLog.java

@@ -23,6 +23,9 @@ import com.google.gerrit.server.IdentifiedUser;
 import com.google.gerrit.server.PeerDaemonUser;
 import com.google.gerrit.server.audit.AuditService;
 import com.google.gerrit.server.audit.SshAuditEvent;
+import com.google.gerrit.server.config.ConfigKey;
+import com.google.gerrit.server.config.ConfigUpdatedEvent;
+import com.google.gerrit.server.config.GerritConfigListener;
 import com.google.gerrit.server.config.GerritServerConfig;
 import com.google.gerrit.server.util.IdGenerator;
 import com.google.gerrit.server.util.SystemLog;
@@ -30,6 +33,8 @@ import com.google.gerrit.sshd.SshScope.Context;
 import com.google.inject.Inject;
 import com.google.inject.Provider;
 import com.google.inject.Singleton;
+import java.util.Collections;
+import java.util.List;
 import org.apache.log4j.AsyncAppender;
 import org.apache.log4j.Level;
 import org.apache.log4j.Logger;
@@ -37,7 +42,7 @@ import org.apache.log4j.spi.LoggingEvent;
 import org.eclipse.jgit.lib.Config;
 
 @Singleton
-class SshLog implements LifecycleListener {
+class SshLog implements LifecycleListener, GerritConfigListener {
   private static final Logger log = Logger.getLogger(SshLog.class);
   private static final String LOG_NAME = "sshd_log";
   private static final String P_SESSION = "session";
@@ -50,8 +55,11 @@ class SshLog implements LifecycleListener {
 
   private final Provider<SshSession> session;
   private final Provider<Context> context;
-  private final AsyncAppender async;
+  private volatile AsyncAppender async;
   private final AuditService auditService;
+  private final SystemLog systemLog;
+
+  private final Object lock = new Object();
 
   @Inject
   SshLog(
@@ -63,12 +71,34 @@ class SshLog implements LifecycleListener {
     this.session = session;
     this.context = context;
     this.auditService = auditService;
+    this.systemLog = systemLog;
 
-    if (!config.getBoolean("sshd", "requestLog", true)) {
+    if (config.getBoolean("sshd", "requestLog", true)) {
-      async = null;
+      enableLogging();
-      return;
+    }
+  }
+
+  /** @return true if a change in state has occurred */
+  public boolean enableLogging() {
+    synchronized (lock) {
+      if (async == null) {
+        async = systemLog.createAsyncAppender(LOG_NAME, new SshLogLayout());
+        return true;
+      }
+      return false;
+    }
+  }
+
+  /** @return true if a change in state has occurred */
+  public boolean disableLogging() {
+    synchronized (lock) {
+      if (async != null) {
+        async.close();
+        async = null;
+        return true;
+      }
+      return false;
     }
-    async = systemLog.createAsyncAppender(LOG_NAME, new SshLogLayout());
   }
 
   @Override
@@ -76,9 +106,7 @@ class SshLog implements LifecycleListener {
 
   @Override
   public void stop() {
-    if (async != null) {
+    disableLogging();
-      async.close();
-    }
   }
 
   void onLogin() {
@@ -288,4 +316,23 @@ class SshLog implements LifecycleListener {
     }
     return commandName.toString();
   }
+
+  @Override
+  public List<ConfigUpdatedEvent.Update> configUpdated(ConfigUpdatedEvent event) {
+    ConfigKey sshdRequestLog = ConfigKey.create("sshd", "requestLog");
+    if (!event.isValueUpdated(sshdRequestLog)) {
+      return Collections.emptyList();
+    }
+
+    boolean enabled = event.getNewConfig().getBoolean("sshd", "requestLog", true);
+    boolean stateUpdated;
+    if (enabled) {
+      stateUpdated = enableLogging();
+    } else {
+      stateUpdated = disableLogging();
+    }
+    return stateUpdated
+        ? Collections.singletonList(event.accept(sshdRequestLog))
+        : Collections.emptyList();
+  }
 }

java/com/google/gerrit/sshd/SshModule.java

@@ -21,10 +21,12 @@ import com.google.common.base.CharMatcher;
 import com.google.common.base.Splitter;
 import com.google.gerrit.extensions.registration.DynamicItem;
 import com.google.gerrit.extensions.registration.DynamicMap;
+import com.google.gerrit.extensions.registration.DynamicSet;
 import com.google.gerrit.lifecycle.LifecycleModule;
 import com.google.gerrit.server.DynamicOptions;
 import com.google.gerrit.server.PeerDaemonUser;
 import com.google.gerrit.server.RemotePeer;
+import com.google.gerrit.server.config.GerritConfigListener;
 import com.google.gerrit.server.config.GerritRequestModule;
 import com.google.gerrit.server.config.GerritServerConfig;
 import com.google.gerrit.server.git.QueueProvider;
@@ -71,6 +73,8 @@ public class SshModule extends LifecycleModule {
     configureAliases();
 
     bind(SshLog.class);
+    DynamicSet.bind(binder(), GerritConfigListener.class).to(SshLog.class);
+
     bind(SshInfo.class).to(SshDaemon.class).in(SINGLETON);
     factory(DispatchCommand.Factory.class);
     factory(QueryShell.Factory.class);