Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to configure SshdSessionFactory without specifying files (SshDirectory & HomeDirectory) using SshdSessionFactoryBuilder #89

Open
devvthedev opened this issue Aug 29, 2024 · 4 comments
Open

Unable to configure SshdSessionFactory without specifying files (SshDirectory & HomeDirectory) using SshdSessionFactoryBuilder #89

devvthedev opened this issue Aug 29, 2024 · 4 comments

Comments

@devvthedev
Copy link

Version

6.10.0.202406032230-r

Operating System

MacOS

Bug description

I want to build a SshdSessionFactory using the SshdSessionFactoryBuilder specifying an SSH key pair programatically without needing to set what Home Directory and SSH folder are.

"It should be possible to run this without any files"

As mentioned in apache/mina-sshd#532 specifically here, I am unable to build a SshdSessionFactory using the SshdSessionFactoryBuilder without being forced to specify the File location for both HomeDirectory and SshDirectory.


This can be reproduced by building a SshdSessionFactory using the SshdSessionFactoryBuilder.


When constructing an SshdSessionFactoryBuilder with:
.setHomeDirectory(null)
and
.setSshDirectory(null)

(or omitting entirely)

e.g.

String privateKeyContent = "private key contents"
String passphrase "private key passphrase contents"
Iterable<KeyPair> keyPairs = SecurityUtils.loadKeyPairIdentities(null,
                    null, 
                    new ByteArrayInputStream(privateKeyContent.getBytes()), 
                    (session, resourceKey, retryIndex) -> passphrase);

SshdSessionFactory sshSessionFactory = new SshdSessionFactoryBuilder()
    .setPreferredAuthentications("publickey")
    .setDefaultKeysProvider(ignoredSshDirBecauseWeUseAnInMemorySetOfKeyPairs -> keyPairs)
    .setHomeDirectory(null)
    .setSshDirectory(null)
    .setConfigStoreFactory((ignoredHomeDir, ignoredConfigFile, ignoredLocalUserName) -> null)
    .setServerKeyDatabase((ignoredHomeDir, ignoredSshDir) -> new ServerKeyDatabase() {
        @Override
        public List<PublicKey> lookup(String connectAddress, InetSocketAddress remoteAddress, Configuration config) {
            return Collections.emptyList();
        }

        @Override
        public boolean accept(String connectAddress, InetSocketAddress remoteAddress, PublicKey serverKey, Configuration config, CredentialsProvider provider) {
             // Work out whether to accept the server key or not
                            
             // example: accept all server keys
             return true;
        }
     })
    .build(null);

I am required to set both HomeDirectory and SshDirectory to some directory despite providing my key pair through the .setDefaultKeysProvider(ignoredSshDirBecauseWeUseAnInMemorySetOfKeyPairs -> keyPairs) builder method.

Actual behavior

A null pointer exception is thrown saying that the HomeDirectory and SshDirectory cannot be null.

When invoking .build on the builder, the following setters for these directories are called:

SshdSessionFactory build(KeyCache cache) {
    SshdSessionFactory factory = new SessionFactory(cache, 
        proxyDataFactory);
    factory.setHomeDirectory(homeDirectory);
    factory.setSshDirectory(sshDirectory);
    return factory;
}

Both the SSH directory and HomeDirectory are required to be non null:

@NonNull File homeDir

@NonNull File sshDir

SshdSessionFactory.setHomeDirectory
SshdSessionFactory.setSshDirectory

Expected behavior

To not have to provide an SSH Directory or Home Directory to the builder.

I provide the following to the builder:

  • setDefaultKeysProvider
  • setConfigStoreFactory
  • setServerKeyDatabase

Which should mean these directories are not required to be specified as they are not used when creating a session.

Relevant log output

If I do not provide a HomeDirectory or do `.setHomeDirectory(null)`


Exception in thread "main" java.lang.NullPointerException: Cannot invoke "java.io.File.isAbsolute()" because "homeDir" is null
        at org.eclipse.jgit.transport.sshd.SshdSessionFactory.setHomeDirectory(SshdSessionFactory.java:319)
        at org.eclipse.jgit.transport.sshd.SshdSessionFactoryBuilder$State.build(SshdSessionFactoryBuilder.java:341)
        at org.eclipse.jgit.transport.sshd.SshdSessionFactoryBuilder.build(SshdSessionFactoryBuilder.java:289)


If I do not provide a SshDirectory or do `.setSshDirectory(null)`


Exception in thread "main" java.lang.NullPointerException: Cannot invoke "java.io.File.isAbsolute()" because "sshDir" is null
        at org.eclipse.jgit.transport.sshd.SshdSessionFactory.setSshDirectory(SshdSessionFactory.java:342)
        at org.eclipse.jgit.transport.sshd.SshdSessionFactoryBuilder$State.build(SshdSessionFactoryBuilder.java:342)
        at org.eclipse.jgit.transport.sshd.SshdSessionFactoryBuilder.build(SshdSessionFactoryBuilder.java:289)

Other information

Reference: apache/mina-sshd#532

CC: @tomaswolf
@tomaswolf
Copy link
Contributor

It definitely should be possible to run without SSH directory.

The home directory is a bit more difficult since it is used in various places to do ~ substitution. It should fall back to FS.DETECTED.userHome(), which in turn should use the Java user.home, or in the very worst case the current directory at the time the application was started.

Explicitly setting the home directory to null should probably be forbidden.

I'll take a look, but the fix will not make it into the upcoming 7.0 release.

@devvthedev
Copy link
Author

Hi @tomaswolf

It definitely should be possible to run without SSH directory.

Apologies, are you saying it's possible right now to configure it to run without SSH directory?

When I tried to exclude it in the factory builder by setting it to null or omitting it, the
factory.setSshDirectory(sshDirectory);
prevents that?

If it is currently possible, could you give me an example of how to configure it?


I'll take a look, but the fix will not make it into the upcoming 7.0 release.

Thank you ☺️ How would you suggest for now I configure the HomeDirectory until the fix makes it in?

Thank You!

@tomaswolf
Copy link
Contributor

It definitely should be possible to run without SSH directory.

Apologies, are you saying it's possible right now to configure it to run without SSH directory?

I'm saying that was the intent.

How would you suggest for now I configure the HomeDirectory until the fix makes it in?

Set it to any suitable directory. But choose one where you don't get files downloaded from the Internet.

@devvthedev
Copy link
Author

I'm saying that was the intent.

I've looked through the code and places that use the sshDir will have been overridden by other config on the builder we discussed earlier. (setServerKeyDatabase, ConfigStoreFactory etc.)

Are we saying that the setter of the ssh directory on the sshhSessionFactory should/will be made nullable?


Set it to any suitable directory.

Would a temporary directory work?

Will this temporary fix also be the case for setting the SshDirectory on the builder?
So I should set both HomeDirectory and SshDirectory on the builder to this other suitable directory that is not the Git root directory?

Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tomaswolf @devvthedev