Google Git
Sign in
apache / karaf / 40723074d7f56ce9d188f074f031081d33798f00 / . / shell / ssh / src / main / java / org / apache / karaf / shell / ssh / SshAction.java
blob: 444f09ee9c65c6b172ca5991ed62e1bd12432d4b [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.karaf.shell.ssh;
import java.io.*;
import java.lang.reflect.Field;
import java.net.URL;
import java.security.KeyPair;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import jline.UnixTerminal;
import jline.internal.TerminalLineSettings;
import org.apache.karaf.shell.api.action.Action;
import org.apache.karaf.shell.api.action.Argument;
import org.apache.karaf.shell.api.action.Command;
import org.apache.karaf.shell.api.action.Option;
import org.apache.karaf.shell.api.action.lifecycle.Reference;
import org.apache.karaf.shell.api.action.lifecycle.Service;
import org.apache.karaf.shell.api.console.Session;
import org.apache.karaf.shell.api.console.Signal;
import org.apache.karaf.shell.api.console.SignalListener;
import org.apache.karaf.shell.api.console.Terminal;
import org.apache.sshd.ClientChannel;
import org.apache.sshd.ClientSession;
import org.apache.sshd.SshClient;
import org.apache.sshd.agent.SshAgent;
import org.apache.sshd.agent.local.AgentImpl;
import org.apache.sshd.agent.local.LocalAgentFactory;
import org.apache.sshd.client.ServerKeyVerifier;
import org.apache.sshd.client.UserInteraction;
import org.apache.sshd.client.channel.ChannelShell;
import org.apache.sshd.client.future.ConnectFuture;
import org.apache.sshd.common.PtyMode;
import org.apache.sshd.common.SshConstants;
import org.apache.sshd.common.channel.AbstractChannel;
import org.apache.sshd.common.keyprovider.FileKeyPairProvider;
import org.apache.sshd.common.util.Buffer;
import org.apache.sshd.common.util.NoCloseInputStream;
import org.apache.sshd.common.util.NoCloseOutputStream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@Command(scope = "ssh", name = "ssh", description = "Connects to a remote SSH server")
@Service
public class SshAction implements Action {
private final Logger log = LoggerFactory.getLogger(getClass());
@Option(name = "-l", aliases = {"--username"}, description = "The user name for remote login", required = false, multiValued = false)
private String username;
@Option(name = "-P", aliases = {"--password"}, description = "The password for remote login", required = false, multiValued = false)
private String password;
@Option(name = "-p", aliases = {"--port"}, description = "The port to use for SSH connection", required = false, multiValued = false)
private int port = 22;
@Option(name = "-k", aliases = {"--keyfile"}, description = "The private keyFile location when using key login, need have BouncyCastle registered as security provider using this flag", required = false, multiValued = false)
private String keyFile;
@Option(name = "-q", description = "Quiet Mode. Do not ask for confirmations", required = false, multiValued = false)
private boolean quiet;
@Option(name = "-r", aliases = {"--retries"}, description = "retry connection establishment (up to attempts times)", required = false, multiValued = false)
private int retries = 0;
@Argument(index = 0, name = "hostname", description = "The host name to connect to via SSH", required = true, multiValued = false)
private String hostname;
@Argument(index = 1, name = "command", description = "Optional command to execute", required = false, multiValued = true)
private List<String> command;
@Reference
private Session session;
@Override
public Object execute() throws Exception {
if (hostname.indexOf('@') >= 0) {
if (username == null) {
username = hostname.substring(0, hostname.indexOf('@'));
}
hostname = hostname.substring(hostname.indexOf('@') + 1, hostname.length());
}
System.out.println("Connecting to host " + hostname + " on port " + port);
// If not specified, assume the current user name
if (username == null) {
username = (String) this.session.get("USER");
}
// If the username was not configured via cli, then prompt the user for the values
if (username == null) {
log.debug("Prompting user for login");
if (username == null) {
username = session.readLine("Login: ", null);
}
}
SshClient client = SshClient.setUpDefaultClient();
setupAgent(username, keyFile, client);
KnownHostsManager knownHostsManager = new KnownHostsManager(new File(System.getProperty("user.home"), ".sshkaraf/known_hosts"));
ServerKeyVerifier serverKeyVerifier = new ServerKeyVerifierImpl(knownHostsManager, quiet);
client.setServerKeyVerifier(serverKeyVerifier);
log.debug("Created client: {}", client);
client.setUserInteraction(new UserInteraction() {
public void welcome(String banner) {
System.out.println(banner);
}
public String[] interactive(String destination, String name, String instruction, String[] prompt, boolean[] echo) {
String[] answers = new String[prompt.length];
try {
for (int i = 0; i < prompt.length; i++) {
answers[i] = session.readLine(prompt[i] + " ", echo[i] ? null : '*');
}
} catch (IOException e) {
}
return answers;
}
});
client.start();
try {
ClientSession sshSession = connectWithRetries(client, username, hostname, port, retries);
Object oldIgnoreInterrupts = this.session.get(Session.IGNORE_INTERRUPTS);
try {
if (password != null) {
sshSession.addPasswordIdentity(password);
}
sshSession.auth().verify();
System.out.println("Connected");
this.session.put(Session.IGNORE_INTERRUPTS, Boolean.TRUE);
StringBuilder sb = new StringBuilder();
if (command != null) {
for (String cmd : command) {
if (sb.length() > 0) {
sb.append(' ');
}
sb.append(cmd);
}
}
if (sb.length() > 0) {
ClientChannel channel = sshSession.createChannel("exec", sb.append("\n").toString());
channel.setIn(new ByteArrayInputStream(new byte[0]));
channel.setOut(new NoCloseOutputStream(System.out));
channel.setErr(new NoCloseOutputStream(System.err));
channel.open().verify();
channel.waitFor(ClientChannel.CLOSED, 0);
} else if (session.getTerminal() != null) {
final ChannelShell channel = sshSession.createShellChannel();
final jline.Terminal jlineTerminal = (jline.Terminal) session.get(".jline.terminal");
if (jlineTerminal instanceof UnixTerminal) {
TerminalLineSettings settings = ((UnixTerminal) jlineTerminal).getSettings();
Map<PtyMode, Integer> modes = new HashMap<>();
// Control chars
modes.put(PtyMode.VINTR, settings.getProperty("vintr"));
modes.put(PtyMode.VQUIT, settings.getProperty("vquit"));
modes.put(PtyMode.VERASE, settings.getProperty("verase"));
modes.put(PtyMode.VKILL, settings.getProperty("vkill"));
modes.put(PtyMode.VEOF, settings.getProperty("veof"));
modes.put(PtyMode.VEOL, settings.getProperty("veol"));
modes.put(PtyMode.VEOL2, settings.getProperty("veol2"));
modes.put(PtyMode.VSTART, settings.getProperty("vstart"));
modes.put(PtyMode.VSTOP, settings.getProperty("vstop"));
modes.put(PtyMode.VSUSP, settings.getProperty("vsusp"));
modes.put(PtyMode.VDSUSP, settings.getProperty("vdusp"));
modes.put(PtyMode.VREPRINT, settings.getProperty("vreprint"));
modes.put(PtyMode.VWERASE, settings.getProperty("vwerase"));
modes.put(PtyMode.VLNEXT, settings.getProperty("vlnext"));
modes.put(PtyMode.VSTATUS, settings.getProperty("vstatus"));
modes.put(PtyMode.VDISCARD, settings.getProperty("vdiscard"));
// Input flags
modes.put(PtyMode.IGNPAR, getFlag(settings, PtyMode.IGNPAR));
modes.put(PtyMode.PARMRK, getFlag(settings, PtyMode.PARMRK));
modes.put(PtyMode.INPCK, getFlag(settings, PtyMode.INPCK));
modes.put(PtyMode.ISTRIP, getFlag(settings, PtyMode.ISTRIP));
modes.put(PtyMode.INLCR, getFlag(settings, PtyMode.INLCR));
modes.put(PtyMode.IGNCR, getFlag(settings, PtyMode.IGNCR));
modes.put(PtyMode.ICRNL, getFlag(settings, PtyMode.ICRNL));
modes.put(PtyMode.IXON, getFlag(settings, PtyMode.IXON));
modes.put(PtyMode.IXANY, getFlag(settings, PtyMode.IXANY));
modes.put(PtyMode.IXOFF, getFlag(settings, PtyMode.IXOFF));
// Local flags
modes.put(PtyMode.ISIG, getFlag(settings, PtyMode.ISIG));
modes.put(PtyMode.ICANON, getFlag(settings, PtyMode.ICANON));
modes.put(PtyMode.ECHO, getFlag(settings, PtyMode.ECHO));
modes.put(PtyMode.ECHOE, getFlag(settings, PtyMode.ECHOE));
modes.put(PtyMode.ECHOK, getFlag(settings, PtyMode.ECHOK));
modes.put(PtyMode.ECHONL, getFlag(settings, PtyMode.ECHONL));
modes.put(PtyMode.NOFLSH, getFlag(settings, PtyMode.NOFLSH));
modes.put(PtyMode.TOSTOP, getFlag(settings, PtyMode.TOSTOP));
modes.put(PtyMode.IEXTEN, getFlag(settings, PtyMode.IEXTEN));
// Output flags
modes.put(PtyMode.OPOST, getFlag(settings, PtyMode.OPOST));
modes.put(PtyMode.OLCUC, getFlag(settings, PtyMode.OLCUC));
modes.put(PtyMode.ONLCR, getFlag(settings, PtyMode.ONLCR));
modes.put(PtyMode.OCRNL, getFlag(settings, PtyMode.OCRNL));
modes.put(PtyMode.ONOCR, getFlag(settings, PtyMode.ONOCR));
modes.put(PtyMode.ONLRET, getFlag(settings, PtyMode.ONLRET));
channel.setPtyModes(modes);
} else if (session.getTerminal() instanceof SshTerminal) {
channel.setPtyModes(((SshTerminal) session.getTerminal()).getEnvironment().getPtyModes());
} else {
channel.setupSensibleDefaultPty();
}
channel.setPtyColumns(getTermWidth());
channel.setPtyLines(getTermHeight());
channel.setAgentForwarding(true);
channel.setEnv("TERM", session.getTerminal().getType());
Object ctype = session.get("LC_CTYPE");
if (ctype != null) {
channel.setEnv("LC_CTYPE", ctype.toString());
}
channel.setIn(new NoCloseInputStream(System.in));
channel.setOut(new NoCloseOutputStream(System.out));
channel.setErr(new NoCloseOutputStream(System.err));
channel.open().verify();
SignalListener signalListener = new SignalListener() {
@Override
public void signal(Signal signal) {
try {
// Ugly hack to force the jline unix terminal to retrieve the width/height of the terminal
// because results are cached for 1 second.
try {
Field field = jlineTerminal.getClass().getSuperclass().getDeclaredField("settings");
field.setAccessible(true);
Object settings = field.get(jlineTerminal);
field = settings.getClass().getDeclaredField("configLastFetched");
field.setAccessible(true);
field.setLong(settings, 0L);
} catch (Throwable t) {
// Ignore
}
// TODO: replace with PtyCapableChannelSession#sendWindowChange
org.apache.sshd.common.Session sshSession = ((AbstractChannel) channel).getSession();
Buffer buffer = sshSession.createBuffer(SshConstants.SSH_MSG_CHANNEL_REQUEST);
buffer.putInt(channel.getRecipient());
buffer.putString("window-change");
buffer.putBoolean(false);
buffer.putInt(session.getTerminal().getWidth());
buffer.putInt(session.getTerminal().getHeight());
buffer.putInt(0);
buffer.putInt(0);
sshSession.writePacket(buffer);
} catch (IOException e) {
// Ignore
}
}
};
session.getTerminal().addSignalListener(signalListener, Signal.WINCH);
try {
channel.waitFor(ClientChannel.CLOSED, 0);
} finally {
session.getTerminal().removeSignalListener(signalListener);
}
} else {
throw new IllegalStateException("No terminal for interactive ssh session");
}
} finally {
session.put(Session.IGNORE_INTERRUPTS, oldIgnoreInterrupts);
sshSession.close(false);
}
} finally {
client.stop();
}
return null;
}
private int getFlag(TerminalLineSettings settings, PtyMode mode) {
String name = mode.toString().toLowerCase();
return (settings.getPropertyAsString(name) != null) ? 1 : 0;
}
private int getTermWidth() {
Terminal term = session.getTerminal();
return term != null ? term.getWidth() : 80;
}
private int getTermHeight() {
Terminal term = session.getTerminal();
return term != null ? term.getHeight() : 25;
}
private void setupAgent(String user, String keyFile, SshClient client) {
SshAgent agent;
URL url = getClass().getClassLoader().getResource("karaf.key");
agent = startAgent(user, url, keyFile);
client.setAgentFactory(new LocalAgentFactory(agent));
client.getProperties().put(SshAgent.SSH_AUTHSOCKET_ENV_NAME, "local");
}
private SshAgent startAgent(String user, URL privateKeyUrl, String keyFile) {
InputStream is = null;
try {
SshAgent agent = new AgentImpl();
is = privateKeyUrl.openStream();
ObjectInputStream r = new ObjectInputStream(is);
KeyPair keyPair = (KeyPair) r.readObject();
is.close();
agent.addIdentity(keyPair, user);
if (keyFile != null) {
String[] keyFiles = new String[]{keyFile};
FileKeyPairProvider fileKeyPairProvider = new FileKeyPairProvider(keyFiles);
for (KeyPair key : fileKeyPairProvider.loadKeys()) {
agent.addIdentity(key, user);
}
}
return agent;
} catch (Throwable e) {
close(is);
System.err.println("Error starting ssh agent for: " + e.getMessage());
return null;
}
}
private static ClientSession connectWithRetries(SshClient client, String username, String host, int port, int maxAttempts) throws Exception, InterruptedException {
ClientSession session = null;
int retries = 0;
do {
ConnectFuture future = client.connect(username, host, port);
future.await();
try {
session = future.getSession();
} catch (Exception ex) {
if (retries++ < maxAttempts) {
Thread.sleep(2 * 1000);
System.out.println("retrying (attempt " + retries + ") ...");
} else {
throw ex;
}
}
} while (session == null);
return session;
}
private void close(Closeable is) {
if (is != null) {
try {
is.close();
} catch (IOException e1) {
// Ignore
}
}
}
}