opendev/gerrit
Code Issues Proposed changes

Update MINA SSHD to 0.3.0-r881338

Browse Source 
We specifically install the ChannelDirectTcpip channel factory
so that the daemon understands this protocol feature but our
TcpIpForwardFilter automatically rejects all connection attempts made
by a client.  This will cause nice error messages to be reported
back, letting the user know their port forwarding was denied,
rather than generating an obtuse error message in the client.

Even if we skipped the ChannelDirectTcpip session factory we must
install the TcpIpForwardFilter.  If we don't MINA SSHD would permit
any client to listen for inbound connections on any of our local
ports and redirect them to the client's own server of choice.

We also now specifically configure the subsystem list to be empty.
This is to disable any SFTP support inherited from MINA SSHD,
we actually don't want to service SFTP for anything at this time.
We might consider enabling SFTP off the same virtual filesystem we
use for scp, but its not a very important feature.

Bug: issue 336
Change-Id: I7a64601524ca84f308b76357290c456dc4613b67
Signed-off-by: Shawn O. Pearce <sop@google.com>
This commit is contained in:
Shawn O. Pearce
2009-11-17 09:32:32 -08:00
parent 06b68d60a4
commit f95d6459b1
24 changed files with 135 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
gerrit-sshd/src/main/java/com/google/gerrit/sshd/DispatchCommand.java
View File

@@ -19,7 +19,8 @@ import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.assistedinject.Assisted;
import org.apache.sshd.server.CommandFactory.Command;
import org.apache.sshd.server.Command;
import org.apache.sshd.server.Environment;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
@@ -46,7 +47,7 @@ final class DispatchCommand extends BaseCommand {
}
@Override
public void start() throws IOException {
public void start(final Environment env) throws IOException {
if (commandLine.isEmpty()) {
usage();
return;
@@ -92,7 +93,7 @@ final class DispatchCommand extends BaseCommand {
bc.setCommandPrefix(commandPrefix + " " + name);
bc.setCommandLine(args);
}
cmd.start();
cmd.start(env);
} else {
final String msg = prefix + ": " + name + ": not found\n";
err.write(msg.getBytes(ENC));