mirror of
https://github.com/corda/corda.git
synced 2025-06-18 23:28:21 +00:00
ENT-3828: Remove ability to SSH into standalone shell (#5876)
This commit is contained in:
Denis Rekalov
committed by
Matthew Nesbit
Matthew Nesbit
parent
42a2ed98e2
commit
b512a2981d
@ -55,18 +55,6 @@ class ShellCmdLineOptions {
|
||||
var password: String? = null
|
||||
|
||||
|
||||
@Option(
|
||||
names = ["--sshd-port"],
|
||||
description = ["Enables SSH server for shell."]
|
||||
)
|
||||
var sshdPort: String? = null
|
||||
|
||||
@Option(
|
||||
names = ["--sshd-hostkey-directory"],
|
||||
description = ["The directory with hostkey.pem file for SSH server."]
|
||||
)
|
||||
var sshdHostKeyDirectory: Path? = null
|
||||
|
||||
@Option(
|
||||
names = ["--truststore-password"],
|
||||
description = ["The password to unlock the TrustStore file."]
|
||||
@ -100,11 +88,6 @@ class ShellCmdLineOptions {
|
||||
trustStoreFile?.apply { cmdOpts["ssl.truststore.path"] = this.toString() }
|
||||
trustStorePassword?.apply { cmdOpts["ssl.truststore.password"] = this }
|
||||
trustStoreType?.apply { cmdOpts["ssl.truststore.type"] = this }
|
||||
sshdPort?.apply {
|
||||
cmdOpts["extensions.sshd.port"] = this
|
||||
cmdOpts["extensions.sshd.enabled"] = true
|
||||
}
|
||||
sshdHostKeyDirectory?.apply { cmdOpts["extensions.sshd.hostkeypath"] = this.toString() }
|
||||
|
||||
return ConfigFactory.parseMap(cmdOpts)
|
||||
}
|
||||
@ -140,19 +123,12 @@ private class ShellConfigurationFile {
|
||||
val path: String
|
||||
)
|
||||
|
||||
data class Sshd(
|
||||
val enabled: Boolean,
|
||||
val port: Int,
|
||||
val hostkeypath: String?
|
||||
)
|
||||
|
||||
data class Commands(
|
||||
val path: String
|
||||
)
|
||||
|
||||
data class Extensions(
|
||||
val cordapps: Cordapps?,
|
||||
val sshd: Sshd?,
|
||||
val commands: Commands?
|
||||
)
|
||||
|
||||
@ -187,9 +163,7 @@ private class ShellConfigurationFile {
|
||||
user = node.user ?: "",
|
||||
password = node.password ?: "",
|
||||
hostAndPort = NetworkHostAndPort(node.addresses.rpc.host, node.addresses.rpc.port),
|
||||
ssl = sslOptions,
|
||||
sshdPort = extensions?.sshd?.let { if (it.enabled) it.port else null },
|
||||
sshHostKeyDirectory = extensions?.sshd?.let { if (it.enabled && it.hostkeypath != null) Paths.get(it.hostkeypath) else null })
|
||||
ssl = sslOptions)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -105,7 +105,6 @@ class StandaloneShell : CordaCliWrapper("corda-shell", "The Corda standalone she
|
||||
InteractiveShell.runLocalShell {
|
||||
exit.countDown()
|
||||
}
|
||||
configuration.sshdPort?.apply{ println("SSH server listening on port $this.") }
|
||||
|
||||
exit.await()
|
||||
// because we can't clean certain Crash Shell threads that block on read()
|
||||
|
||||
@ -21,7 +21,6 @@ class StandaloneShellArgsParserTest {
|
||||
assertEquals(expectedOptions.port, null)
|
||||
assertEquals(expectedOptions.user, null)
|
||||
assertEquals(expectedOptions.password, null)
|
||||
assertEquals(expectedOptions.sshdPort, null)
|
||||
}
|
||||
|
||||
@Test
|
||||
@ -34,8 +33,6 @@ class StandaloneShellArgsParserTest {
|
||||
options.port = "1234"
|
||||
options.user = "demo"
|
||||
options.password = "abcd1234"
|
||||
options.sshdPort = "2223"
|
||||
options.sshdHostKeyDirectory = Paths.get("/x/y/ssh")
|
||||
options.trustStorePassword = "pass2"
|
||||
options.trustStoreFile = Paths.get("/x/y/truststore.jks")
|
||||
options.trustStoreType = "dummy"
|
||||
@ -50,8 +47,8 @@ class StandaloneShellArgsParserTest {
|
||||
password = "abcd1234",
|
||||
hostAndPort = NetworkHostAndPort("alocalhost", 1234),
|
||||
ssl = expectedSsl,
|
||||
sshdPort = 2223,
|
||||
sshHostKeyDirectory = Paths.get("/x/y/ssh"),
|
||||
sshdPort = null,
|
||||
sshHostKeyDirectory = null,
|
||||
noLocalShell = false)
|
||||
|
||||
val config = options.toConfig()
|
||||
@ -69,8 +66,6 @@ class StandaloneShellArgsParserTest {
|
||||
options.port = null
|
||||
options.user = null
|
||||
options.password = null
|
||||
options.sshdPort = null
|
||||
options.sshdHostKeyDirectory = null
|
||||
options.trustStorePassword = null
|
||||
options.trustStoreFile = null
|
||||
options.trustStoreType = null
|
||||
@ -84,7 +79,7 @@ class StandaloneShellArgsParserTest {
|
||||
ssl = ClientRpcSslOptions(
|
||||
trustStorePath = Paths.get("/x/y/truststore.jks"),
|
||||
trustStorePassword = "pass2"),
|
||||
sshdPort = 2223)
|
||||
sshdPort = null)
|
||||
|
||||
val config = options.toConfig()
|
||||
|
||||
@ -100,8 +95,6 @@ class StandaloneShellArgsParserTest {
|
||||
options.port = null
|
||||
options.user = null
|
||||
options.password = "blabla"
|
||||
options.sshdPort = null
|
||||
options.sshdHostKeyDirectory = null
|
||||
options.trustStorePassword = null
|
||||
options.trustStoreFile = null
|
||||
options.trustStoreType = null
|
||||
@ -116,7 +109,7 @@ class StandaloneShellArgsParserTest {
|
||||
password = "blabla",
|
||||
hostAndPort = NetworkHostAndPort("alocalhost", 1234),
|
||||
ssl = expectedSsl,
|
||||
sshdPort = 2223)
|
||||
sshdPort = null)
|
||||
|
||||
val config = options.toConfig()
|
||||
|
||||
|
||||
@ -12,10 +12,6 @@ extensions {
|
||||
cordapps {
|
||||
path : "/x/y/cordapps"
|
||||
}
|
||||
sshd {
|
||||
enabled : "true"
|
||||
port : 2223
|
||||
}
|
||||
commands {
|
||||
path : /x/y/commands
|
||||
}
|
||||
|
||||
@ -46,16 +46,6 @@
|
||||
required: false
|
||||
multiParam: false
|
||||
acceptableValues: []
|
||||
- parameterName: "--sshd-hostkey-directory"
|
||||
parameterType: "java.nio.file.Path"
|
||||
required: false
|
||||
multiParam: true
|
||||
acceptableValues: []
|
||||
- parameterName: "--sshd-port"
|
||||
parameterType: "java.lang.String"
|
||||
required: false
|
||||
multiParam: false
|
||||
acceptableValues: []
|
||||
- parameterName: "--truststore-file"
|
||||
parameterType: "java.nio.file.Path"
|
||||
required: false
|
||||
|
||||
Reference in New Issue
Block a user