diff options
| author | Lazar Kirchev | 2012-04-08 11:02:57 +0000 |
|---|---|---|
| committer | Lazar Kirchev | 2012-04-08 11:02:57 +0000 |
| commit | b7f03fdfb8b04a9dbe8f40a7e7b5316b17c77801 (patch) | |
| tree | 60ff81449974acac7558a361d812cdcdb1c6fa95 /bundles/org.eclipse.equinox.console.ssh | |
| parent | b4627b42ebf39cd0dacd35559e33ec58245b0b0a (diff) | |
| download | rt.equinox.bundles-b7f03fdfb8b04a9dbe8f40a7e7b5316b17c77801.tar.gz rt.equinox.bundles-b7f03fdfb8b04a9dbe8f40a7e7b5316b17c77801.tar.xz rt.equinox.bundles-b7f03fdfb8b04a9dbe8f40a7e7b5316b17c77801.zip | |
Bug 366188 - Add support for 'authorized_keys' file to SSH console. The console will search for registered authenticator services only if this is explicitly specified by setting ssh.custom.publickeys.auth=true.v20120408-1102
Diffstat (limited to 'bundles/org.eclipse.equinox.console.ssh')
| -rw-r--r-- | bundles/org.eclipse.equinox.console.ssh/src/org/eclipse/equinox/console/ssh/SshServ.java | 55 |
1 files changed, 31 insertions, 24 deletions
diff --git a/bundles/org.eclipse.equinox.console.ssh/src/org/eclipse/equinox/console/ssh/SshServ.java b/bundles/org.eclipse.equinox.console.ssh/src/org/eclipse/equinox/console/ssh/SshServ.java index 696cb8d70..d41f699d0 100644 --- a/bundles/org.eclipse.equinox.console.ssh/src/org/eclipse/equinox/console/ssh/SshServ.java +++ b/bundles/org.eclipse.equinox.console.ssh/src/org/eclipse/equinox/console/ssh/SshServ.java @@ -44,6 +44,7 @@ public class SshServ extends Thread { private static final String SSH_KEYSTORE_PROP = "ssh.server.keystore"; private static final String SSH_KEYSTORE_PROP_DEFAULT = "hostkey.ser"; private static final String SSH_AUTHORIZED_KEYS_FILE_PROP = "ssh.server.authorized_keys"; + private static final String SSH_CUSTOM_PUBLIC_KEY_AUTHENTICATION = "ssh.custom.publickeys.auth"; private static final String EQUINOX_CONSOLE_DOMAIN = "equinox_console"; public SshServ(List<CommandProcessor> processors, BundleContext context, String host, int port) { @@ -100,32 +101,38 @@ public class SshServ extends Thread { AuthorizedKeysFileAuthenticator authenticator = new AuthorizedKeysFileAuthenticator(); authenticator.setAuthorizedKeysFile(authorizedKeysFile); return authenticator; - } - - // fall back to dynamic provider based on available OSGi services - return new PublickeyAuthenticator() { - - @Override - public boolean authenticate(String username, PublicKey key, ServerSession session) { - // find available services - try { - for (ServiceReference<PublickeyAuthenticator> reference : context.getServiceReferences(PublickeyAuthenticator.class, null)) { - PublickeyAuthenticator authenticator = null; - try { - authenticator = context.getService(reference); - // first positive match wins; continue looking otherwise - if(authenticator.authenticate(username, key, session)) - return true; - } finally { - if(null != authenticator) - context.ungetService(reference); + } + + final String customPublicKeysAuthentication = System.getProperty(SSH_CUSTOM_PUBLIC_KEY_AUTHENTICATION); + + // fall back to dynamic provider based on available OSGi services only if explicitly specified + if ("true".equals(customPublicKeysAuthentication)) { + return new PublickeyAuthenticator() { + + @Override + public boolean authenticate(String username, PublicKey key, ServerSession session) { + // find available services + try { + for (ServiceReference<PublickeyAuthenticator> reference : context.getServiceReferences(PublickeyAuthenticator.class, null)) { + PublickeyAuthenticator authenticator = null; + try { + authenticator = context.getService(reference); + // first positive match wins; continue looking otherwise + if(authenticator.authenticate(username, key, session)) + return true; + } finally { + if(null != authenticator) + context.ungetService(reference); + } } + } catch (InvalidSyntaxException e) { + // no filter is used } - } catch (InvalidSyntaxException e) { - // no filter is used + return false; } - return false; - } - }; + }; + } + + return null; } } |