LCOV - code coverage report
Current view: top level - sshd - HostKeyProvider.java (source / functions) Hit Total Coverage
Test: _coverage_report.dat Lines: 26 35 74.3 %
Date: 2022-11-19 15:00:39 Functions: 3 3 100.0 % 

          Line data    Source code
       1             : // Copyright (C) 2009 The Android Open Source Project
       2             : //
       3             : // Licensed under the Apache License, Version 2.0 (the "License");
       4             : // you may not use this file except in compliance with the License.
       5             : // You may obtain a copy of the License at
       6             : //
       7             : // http://www.apache.org/licenses/LICENSE-2.0
       8             : //
       9             : // Unless required by applicable law or agreed to in writing, software
      10             : // distributed under the License is distributed on an "AS IS" BASIS,
      11             : // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      12             : // See the License for the specific language governing permissions and
      13             : // limitations under the License.
      14             : 
      15             : package com.google.gerrit.sshd;
      16             : 
      17             : import com.google.common.flogger.FluentLogger;
      18             : import com.google.gerrit.server.config.SitePaths;
      19             : import com.google.inject.Inject;
      20             : import com.google.inject.Provider;
      21             : import com.google.inject.ProvisionException;
      22             : import java.nio.file.Files;
      23             : import java.nio.file.Path;
      24             : import java.util.ArrayList;
      25             : import java.util.List;
      26             : import org.apache.sshd.common.config.keys.KeyUtils;
      27             : import org.apache.sshd.common.keyprovider.FileKeyPairProvider;
      28             : import org.apache.sshd.common.keyprovider.KeyPairProvider;
      29             : import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
      30             : 
      31             : class HostKeyProvider implements Provider<KeyPairProvider> {
      32           5 :   private static final FluentLogger logger = FluentLogger.forEnclosingClass();
      33             :   private final SitePaths site;
      34             : 
      35             :   @Inject
      36           5 :   HostKeyProvider(SitePaths site) {
      37           5 :     this.site = site;
      38           5 :   }
      39             : 
      40             :   @Override
      41             :   public KeyPairProvider get() {
      42           5 :     Path objKey = site.ssh_key;
      43           5 :     Path rsaKey = site.ssh_rsa;
      44           5 :     Path ecdsaKey_256 = site.ssh_ecdsa_256;
      45           5 :     Path ecdsaKey_384 = site.ssh_ecdsa_384;
      46           5 :     Path ecdsaKey_521 = site.ssh_ecdsa_521;
      47           5 :     Path ed25519Key = site.ssh_ed25519;
      48             : 
      49           5 :     final List<Path> stdKeys = new ArrayList<>(6);
      50           5 :     if (Files.exists(rsaKey)) {
      51           5 :       stdKeys.add(rsaKey);
      52             :     }
      53           5 :     if (Files.exists(ecdsaKey_256)) {
      54           5 :       stdKeys.add(ecdsaKey_256);
      55             :     }
      56           5 :     if (Files.exists(ecdsaKey_384)) {
      57           5 :       stdKeys.add(ecdsaKey_384);
      58             :     }
      59           5 :     if (Files.exists(ecdsaKey_521)) {
      60           5 :       stdKeys.add(ecdsaKey_521);
      61             :     }
      62           5 :     if (Files.exists(ed25519Key)) {
      63           5 :       stdKeys.add(ed25519Key);
      64             :     }
      65             : 
      66           5 :     if (Files.exists(objKey)) {
      67           0 :       if (stdKeys.isEmpty()) {
      68           0 :         SimpleGeneratorHostKeyProvider p = new SimpleGeneratorHostKeyProvider();
      69           0 :         p.setAlgorithm(KeyUtils.RSA_ALGORITHM);
      70           0 :         p.setPath(objKey.toAbsolutePath());
      71           0 :         logger.atWarning().log(
      72             :             "Defaulting to RSA algorithm for SSH key exchange."
      73             :                 + "This is a weak security setting, consider changing it (see 'sshd.kex' documentation section).");
      74           0 :         return p;
      75             :       }
      76             :       // Both formats of host key exist, we don't know which format
      77             :       // should be authoritative. Complain and abort.
      78             :       //
      79           0 :       stdKeys.add(objKey);
      80           0 :       throw new ProvisionException("Multiple host keys exist: " + stdKeys);
      81             :     }
      82           5 :     if (stdKeys.isEmpty()) {
      83           0 :       throw new ProvisionException("No SSH keys under " + site.etc_dir);
      84             :     }
      85           5 :     FileKeyPairProvider kp = new FileKeyPairProvider();
      86           5 :     kp.setPaths(stdKeys);
      87           5 :     return kp;
      88             :   }
      89             : }

Generated by: LCOV version 1.16+git.20220603.dfeb750