Author: cduffy
Date: Wed Dec 18 16:05:41 2013
New Revision: 1551998
URL: http://svn.apache.org/r1551998
Log:
IVY-1421: SSH agent support for SSH and SFTP transports
Modified:
ant/ivy/core/trunk/ivy.xml
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/repository/ssh/AbstractSshBasedRepository.java
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/repository/ssh/SshCache.java
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/resolver/AbstractSshBasedResolver.java
Modified: ant/ivy/core/trunk/ivy.xml
URL:
http://svn.apache.org/viewvc/ant/ivy/core/trunk/ivy.xml?rev=1551998&r1=1551997&r2=1551998&view=diff
==============================================================================
--- ant/ivy/core/trunk/ivy.xml (original)
+++ ant/ivy/core/trunk/ivy.xml Wed Dec 18 16:05:41 2013
@@ -49,7 +49,10 @@
<dependency org="commons-httpclient" name="commons-httpclient"
rev="3.0" conf="default,httpclient->runtime,master" />
<dependency org="oro" name="oro" rev="2.0.8"
conf="default,oro->default"/>
<dependency org="commons-vfs" name="commons-vfs" rev="1.0"
conf="default,vfs->default" />
- <dependency org="com.jcraft" name="jsch" rev="0.1.31"
conf="default,sftp->default" />
+ <dependency org="com.jcraft" name="jsch" rev="0.1.50"
conf="default,sftp->default" />
+ <dependency org="com.jcraft" name="jsch.agentproxy" rev="0.0.6"
conf="default,sftp->default" />
+ <dependency org="com.jcraft"
name="jsch.agentproxy.connector-factory" rev="0.0.6"
conf="default,sftp->default" />
+ <dependency org="com.jcraft" name="jsch.agentproxy.jsch"
rev="0.0.6" conf="default,sftp->default" />
<dependency org="org.bouncycastle" name="bcpg-jdk14" rev="1.45"
conf="default" />
<dependency org="org.bouncycastle" name="bcprov-jdk14" rev="1.45"
conf="default" />
Modified:
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/repository/ssh/AbstractSshBasedRepository.java
URL:
http://svn.apache.org/viewvc/ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/repository/ssh/AbstractSshBasedRepository.java?rev=1551998&r1=1551997&r2=1551998&view=diff
==============================================================================
---
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/repository/ssh/AbstractSshBasedRepository.java
(original)
+++
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/repository/ssh/AbstractSshBasedRepository.java
Wed Dec 18 16:05:41 2013
@@ -47,6 +47,8 @@ public abstract class AbstractSshBasedRe
private int port = -1;
+ private boolean allowedAgentUse = false;
+
public AbstractSshBasedRepository() {
super();
}
@@ -106,7 +108,7 @@ public abstract class AbstractSshBasedRe
}
}
return SshCache.getInstance().getSession(host, port, user,
userPassword, getKeyFile(),
- getKeyFilePassword(), getPassFile());
+ getKeyFilePassword(), getPassFile(), isAllowedAgentUse());
}
/**
@@ -137,7 +139,8 @@ public abstract class AbstractSshBasedRe
} catch (URISyntaxException e) {
Message.error(e.getMessage());
Message.error("The uri '" + source + "' is in the wrong format.");
- Message.error("Please use " + getRepositoryScheme() +
"://user:pass@hostname/path/to/repository");
+ Message.error("Please use " + getRepositoryScheme()
+ + "://user:pass@hostname/path/to/repository");
return null;
}
}
@@ -299,6 +302,22 @@ public abstract class AbstractSshBasedRe
return passFile;
}
+ /**
+ * @return allowedAgentUse
+ * Whether use of a local SSH agent for authentication is
allowed
+ */
+ public boolean isAllowedAgentUse() {
+ return allowedAgentUse;
+ }
+
+ /**
+ * @param allowedAgentUse
+ * Whether use of a local SSH agent for authentication is
allowed
+ */
+ public void setAllowedAgentUse(boolean allowedAgentUse) {
+ this.allowedAgentUse = allowedAgentUse;
+ }
+
protected abstract String getRepositoryScheme();
}
Modified:
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/repository/ssh/SshCache.java
URL:
http://svn.apache.org/viewvc/ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/repository/ssh/SshCache.java?rev=1551998&r1=1551997&r2=1551998&view=diff
==============================================================================
---
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/repository/ssh/SshCache.java
(original)
+++
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/repository/ssh/SshCache.java
Wed Dec 18 16:05:41 2013
@@ -39,6 +39,10 @@ import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.Session;
import com.jcraft.jsch.UIKeyboardInteractive;
import com.jcraft.jsch.UserInfo;
+import com.jcraft.jsch.agentproxy.AgentProxyException;
+import com.jcraft.jsch.agentproxy.Connector;
+import com.jcraft.jsch.agentproxy.ConnectorFactory;
+import com.jcraft.jsch.agentproxy.RemoteIdentityRepository;
/**
* a class to cache SSH Connections and Channel for the SSH Repository each
session is defined by
@@ -106,7 +110,7 @@ public final class SshCache {
/**
* attach an sftp channel to this cache entry
*
- * @param channelSftp
+ * @param newChannel
* to attach
*/
public void setChannelSftp(ChannelSftp newChannel) {
@@ -287,6 +291,25 @@ public final class SshCache {
}
/**
+ * Attempts to connect to a local SSH agent (using either UNIX sockets or
PuTTY's Pageant)
+ *
+ * @param jsch
+ * Connection to be attached to an available local agent
+ * @return
+ * true if connected to agent, false otherwise
+ */
+ private boolean attemptAgentUse(JSch jsch) {
+ try {
+ Connector con = ConnectorFactory.getDefault().createConnector();
+ jsch.setIdentityRepository(new RemoteIdentityRepository(con));
+ return true;
+ } catch (AgentProxyException e) {
+ Message.verbose(":: SSH :: Failure connecting to agent :: " +
e.toString());
+ return false;
+ }
+ }
+
+ /**
* Gets a session from the cache or establishes a new session if necessary
*
* @param host
@@ -303,10 +326,13 @@ public final class SshCache {
* to use for accessing the pemFile (optional)
* @param passFile
* to store credentials
+ * @param allowedAgentUse
+ * Whether to communicate with an agent for authentication
* @return session or null if not successful
*/
public Session getSession(String host, int port, String username, String
userPassword,
- File pemFile, String pemPassword, File passFile) throws
IOException {
+ File pemFile, String pemPassword, File passFile, boolean
allowedAgentUse)
+ throws IOException {
Checks.checkNotNull(host, "host");
Checks.checkNotNull(username, "user");
Entry entry = getCacheEntry(username, host, port);
@@ -323,6 +349,9 @@ public final class SshCache {
} else {
session = jsch.getSession(username, host);
}
+ if (allowedAgentUse) {
+ attemptAgentUse(jsch);
+ }
if (pemFile != null) {
jsch.addIdentity(pemFile.getAbsolutePath(), pemPassword);
}
Modified:
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/resolver/AbstractSshBasedResolver.java
URL:
http://svn.apache.org/viewvc/ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/resolver/AbstractSshBasedResolver.java?rev=1551998&r1=1551997&r2=1551998&view=diff
==============================================================================
---
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/resolver/AbstractSshBasedResolver.java
(original)
+++
ant/ivy/core/trunk/src/java/org/apache/ivy/plugins/resolver/AbstractSshBasedResolver.java
Wed Dec 18 16:05:41 2013
@@ -56,6 +56,16 @@ public abstract class AbstractSshBasedRe
}
/**
+ * Determines whether a local SSH agent may be used for authentication
+ *
+ * @param allowedAgentUse
+ * true if an agent may be used if available
+ */
+ public void setAllowedAgentUse(boolean allowedAgentUse) {
+ getSshBasedRepository().setAllowedAgentUse(allowedAgentUse);
+ }
+
+ /**
* Optional password file. If set the repository will use it as an
encypted property file, to
* load username and passwd entries, and to store them if the user choose
to do so. Defaults to
* user.dir/.ivy/[host].sftp.passwd, set it to null to disable this
feature.
