ant-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 43083] New: - [SUBMIT] sshsession task
Date Fri, 10 Aug 2007 05:54:01 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43083>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=43083

           Summary: [SUBMIT] sshsession task
           Product: Ant
           Version: 1.7Alpha (nightly)
          Platform: All
        OS/Version: other
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Optional Tasks
        AssignedTo: dev@ant.apache.org
        ReportedBy: djohnson@desknetinc.com


Sshsession is a container task which establishes an SSH connection,
and optionally any number of local or remote tunnels over that connection, 
then executes any nested tasks before taking down the connection. 

My purpose in writing it is that we use cvs, and secure all access by only 
allowing cvs connections from localhost, which are tunneled over SSH
connections.  Establishing those connections is the only manual step in an  
otherwise automated build process.    

While I could use exec to issue the putty command (this is done on  
windoze) conditionally if a server is not already accessible at localhost  
port 2401, it gets more complicated with a passphrase on the keypair being  
used. 
  
Furthermore, there was no way to ensure that an existing connection is the 
connection we should be using, and no way to bring the connection down 
once we are done with it. 
 
So I wrote SSHSession, extending SSHBase.  The sshsession task establishes an
SSH connection with a remote machine running SSH daemon, optionally establishes
any number of local or remote tunnels over that connection, then executes any
nested tasks before taking down the connection.

SSHSession is adapted from SSHExec, though all the command execution 
related properties and logic were removed.  I added support for defining  
the tunnels via properties and/or nested elements.  I only needed local  
port forwarding, but added remote port forwarding for completeness.    

Using SSHSession with a local tunnel (2401:localhost:2401) and nested CVS  
commands does exactly what we need.  Other uses could involve anything  
needing to make a TCP connection to a server not otherwise accessible  
through a firewall, e.g. HTTP <get>, SMTP <mail>, JDBC <sql>...  

Because I've utilized the existing authentication and connection logic 
from SSHExec and SSHBase, the new task is as reliable in that regard as 
SSHExec. I've personally tested only the keypair with passphrase method of 
authentication, but I tested both local and remote port forwarding. 
I have no server setup to accomodate testing the other authentication  
options.

In the attached svn diff, please find SSHSession.java,   
sshsession.html, and mods to defaults.properties and optionaltasklist.html

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ant.apache.org
For additional commands, e-mail: dev-help@ant.apache.org


Mime
View raw message