Source code

001/*
002 * Copyright (C) 2012 eXo Platform SAS.
003 *
004 * This is free software; you can redistribute it and/or modify it
005 * under the terms of the GNU Lesser General Public License as
006 * published by the Free Software Foundation; either version 2.1 of
007 * the License, or (at your option) any later version.
008 *
009 * This software is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * You should have received a copy of the GNU Lesser General Public
015 * License along with this software; if not, write to the Free
016 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
017 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
018 */
019
020package org.crsh.ssh;
021
022import org.apache.sshd.common.KeyPairProvider;
023import org.apache.sshd.server.keyprovider.PEMGeneratorHostKeyProvider;
024import org.crsh.auth.AuthenticationPlugin;
025import org.crsh.plugin.CRaSHPlugin;
026import org.crsh.plugin.PropertyDescriptor;
027import org.crsh.plugin.ResourceKind;
028import org.crsh.ssh.term.SSHLifeCycle;
029import org.crsh.ssh.term.URLKeyPairProvider;
030import org.crsh.vfs.Resource;
031
032import java.io.File;
033import java.io.IOException;
034import java.net.MalformedURLException;
035import java.net.URL;
036import java.util.Arrays;
037import java.util.logging.Level;
038
039import org.apache.sshd.common.util.SecurityUtils;
040
041public class SSHPlugin extends CRaSHPlugin<SSHPlugin> {
042
043  /** The SSH port. */
044  public static final PropertyDescriptor<Integer> SSH_PORT = PropertyDescriptor.create("ssh.port", 2000, "The SSH port");
045
046  /** The SSH server key path. */
047  public static final PropertyDescriptor<String> SSH_SERVER_KEYPATH = PropertyDescriptor.create("ssh.keypath", (String)null, "The path to the key file");
048
049  /** SSH host key auto generate */
050  public static final PropertyDescriptor<String> SSH_SERVER_KEYGEN = PropertyDescriptor.create("ssh.keygen", "false", "Whether to automatically generate a host key");
051
052  /** . */
053  private SSHLifeCycle lifeCycle;
054
055  @Override
056  public SSHPlugin getImplementation() {
057    return this;
058  }
059
060  @Override
061  protected Iterable<PropertyDescriptor<?>> createConfigurationCapabilities() {
062    return Arrays.<PropertyDescriptor<?>>asList(SSH_PORT, SSH_SERVER_KEYPATH, SSH_SERVER_KEYGEN, AuthenticationPlugin.AUTH);
063  }
064
065  @Override
066  public void init() {
067
068    SecurityUtils.setRegisterBouncyCastle(true);
069    //
070    Integer port = getContext().getProperty(SSH_PORT);
071    if (port == null) {
072      log.log(Level.INFO, "Could not boot SSHD due to missing due to missing port configuration");
073      return;
074    }
075
076    //
077    Resource serverKey = null;
078    KeyPairProvider keyPairProvider = null;
079
080    // Get embedded default key
081    URL serverKeyURL = SSHPlugin.class.getResource("/crash/hostkey.pem");
082    if (serverKeyURL != null) {
083      try {
084        log.log(Level.FINE, "Found embedded key url " + serverKeyURL);
085        serverKey = new Resource("hostkey.pem", serverKeyURL);
086      }
087      catch (IOException e) {
088        log.log(Level.FINE, "Could not load ssh key from url " + serverKeyURL, e);
089      }
090    }
091
092    // Override from config if any
093    Resource serverKeyRes = getContext().loadResource("hostkey.pem", ResourceKind.CONFIG);
094    if (serverKeyRes != null) {
095      serverKey = serverKeyRes;
096      log.log(Level.FINE, "Found server ssh key url");
097    }
098
099    // If we have a key path, we convert is as an URL
100    String serverKeyPath = getContext().getProperty(SSH_SERVER_KEYPATH);
101    if (serverKeyPath != null) {
102      log.log(Level.FINE, "Found server key path " + serverKeyPath);
103      File f = new File(serverKeyPath);
104      String keyGen = getContext().getProperty(SSH_SERVER_KEYGEN);
105      if (keyGen != null && keyGen.equals("true")) {
106        keyPairProvider = new PEMGeneratorHostKeyProvider(serverKeyPath, "RSA");
107      } else if (f.exists() && f.isFile()) {
108        try {
109          serverKeyURL = f.toURI().toURL();
110          serverKey = new Resource("hostkey.pem", serverKeyURL);
111        } catch (MalformedURLException e) {
112          log.log(Level.FINE, "Ignoring invalid server key " + serverKeyPath, e);
113        } catch (IOException e) {
114          log.log(Level.FINE, "Could not load SSH key from " + serverKeyPath, e);
115        }
116      } else {
117        log.log(Level.FINE, "Ignoring invalid server key path " + serverKeyPath);
118      }
119    }
120
121    //
122    if (serverKeyURL == null) {
123      log.log(Level.INFO, "Could not boot SSHD due to missing server key");
124      return;
125    }
126
127    //
128    if (keyPairProvider == null) {
129      keyPairProvider = new URLKeyPairProvider(serverKey);
130    }
131
132    // Get the authentication
133    AuthenticationPlugin authPlugin = AuthenticationPlugin.NULL;
134    String authentication = getContext().getProperty(AuthenticationPlugin.AUTH);
135    if (authentication != null) {
136      for (AuthenticationPlugin authenticationPlugin : getContext().getPlugins(AuthenticationPlugin.class)) {
137        if (authentication.equals(authenticationPlugin.getName())) {
138          authPlugin = authenticationPlugin;
139          break;
140        }
141      }
142    }
143
144    //
145    log.log(Level.INFO, "Booting SSHD");
146    SSHLifeCycle lifeCycle = new SSHLifeCycle(getContext(), authPlugin);
147    lifeCycle.setPort(port);
148    lifeCycle.setKeyPairProvider(keyPairProvider);
149    lifeCycle.init();
150
151    //
152    this.lifeCycle = lifeCycle;
153  }
154
155  @Override
156  public void destroy() {
157    if (lifeCycle != null) {
158      log.log(Level.INFO, "Shutting down SSHD");
159      lifeCycle.destroy();
160      lifeCycle = null;
161    }
162  }
163}