273
|
1 /*
|
|
2 * Copyright (c) 2006-2011 Christian Plattner. All rights reserved.
|
|
3 * Please refer to the LICENSE.txt for licensing details.
|
|
4 */
|
|
5 package ch.ethz.ssh2;
|
|
6
|
|
7 import java.io.IOException;
|
|
8 import java.io.InputStream;
|
|
9 import java.io.OutputStream;
|
|
10 import java.security.SecureRandom;
|
|
11
|
|
12 import ch.ethz.ssh2.channel.Channel;
|
|
13 import ch.ethz.ssh2.channel.ChannelManager;
|
|
14 import ch.ethz.ssh2.channel.X11ServerData;
|
|
15
|
|
16 /**
|
|
17 * A <code>Session</code> is a remote execution of a program. "Program" means
|
|
18 * in this context either a shell, an application or a system command. The
|
|
19 * program may or may not have a tty. Only one single program can be started on
|
|
20 * a session. However, multiple sessions can be active simultaneously.
|
|
21 *
|
|
22 * @author Christian Plattner
|
|
23 * @version $Id: Session.java 96 2014-04-08 15:14:37Z dkocher@sudo.ch $
|
|
24 */
|
307
|
25 public class Session {
|
|
26 private ChannelManager cm;
|
|
27 private Channel cn;
|
273
|
28
|
307
|
29 private boolean flag_pty_requested = false;
|
|
30 private boolean flag_x11_requested = false;
|
|
31 private boolean flag_execution_started = false;
|
|
32 private boolean flag_closed = false;
|
273
|
33
|
307
|
34 private String x11FakeCookie = null;
|
273
|
35
|
307
|
36 private final SecureRandom rnd;
|
273
|
37
|
307
|
38 protected Session(ChannelManager cm, SecureRandom rnd) throws IOException {
|
|
39 this.cm = cm;
|
|
40 this.cn = cm.openSessionChannel();
|
|
41 this.rnd = rnd;
|
|
42 }
|
273
|
43
|
307
|
44 /**
|
|
45 * Basically just a wrapper for lazy people - identical to calling
|
|
46 * <code>requestPTY("dumb", 0, 0, 0, 0, null)</code>.
|
|
47 *
|
|
48 * @throws IOException
|
|
49 */
|
|
50 public void requestDumbPTY() throws IOException {
|
|
51 requestPTY("dumb", 0, 0, 0, 0, null);
|
|
52 }
|
273
|
53
|
307
|
54 /**
|
|
55 * Basically just another wrapper for lazy people - identical to calling
|
|
56 * <code>requestPTY(term, 0, 0, 0, 0, null)</code>.
|
|
57 *
|
|
58 * @throws IOException
|
|
59 */
|
|
60 public void requestPTY(String term) throws IOException {
|
|
61 requestPTY(term, 0, 0, 0, 0, null);
|
|
62 }
|
273
|
63
|
307
|
64 /**
|
|
65 * Allocate a pseudo-terminal for this session.
|
|
66 * <p/>
|
|
67 * This method may only be called before a program or shell is started in
|
|
68 * this session.
|
|
69 * <p/>
|
|
70 * Different aspects can be specified:
|
|
71 * <p/>
|
|
72 * <ul>
|
|
73 * <li>The TERM environment variable value (e.g., vt100)</li>
|
|
74 * <li>The terminal's dimensions.</li>
|
|
75 * <li>The encoded terminal modes.</li>
|
|
76 * </ul>
|
|
77 * Zero dimension parameters are ignored. The character/row dimensions
|
|
78 * override the pixel dimensions (when nonzero). Pixel dimensions refer to
|
|
79 * the drawable area of the window. The dimension parameters are only
|
|
80 * informational. The encoding of terminal modes (parameter
|
|
81 * <code>terminal_modes</code>) is described in RFC4254.
|
|
82 *
|
|
83 * @param term The TERM environment variable value (e.g., vt100)
|
|
84 * @param term_width_characters terminal width, characters (e.g., 80)
|
|
85 * @param term_height_characters terminal height, rows (e.g., 24)
|
|
86 * @param term_width_pixels terminal width, pixels (e.g., 640)
|
|
87 * @param term_height_pixels terminal height, pixels (e.g., 480)
|
|
88 * @param terminal_modes encoded terminal modes (may be <code>null</code>)
|
|
89 * @throws IOException
|
|
90 */
|
|
91 public void requestPTY(String term, int term_width_characters, int term_height_characters, int term_width_pixels,
|
|
92 int term_height_pixels, byte[] terminal_modes) throws IOException {
|
|
93 if (term == null)
|
|
94 throw new IllegalArgumentException("TERM cannot be null.");
|
273
|
95
|
307
|
96 if ((terminal_modes != null) && (terminal_modes.length > 0)) {
|
|
97 if (terminal_modes[terminal_modes.length - 1] != 0)
|
|
98 throw new IOException("Illegal terminal modes description, does not end in zero byte");
|
|
99 }
|
|
100 else
|
|
101 terminal_modes = new byte[] {0};
|
273
|
102
|
307
|
103 synchronized (this) {
|
|
104 /* The following is just a nicer error, we would catch it anyway later in the channel code */
|
|
105 if (flag_closed)
|
|
106 throw new IOException("This session is closed.");
|
273
|
107
|
307
|
108 if (flag_pty_requested)
|
|
109 throw new IOException("A PTY was already requested.");
|
273
|
110
|
307
|
111 if (flag_execution_started)
|
|
112 throw new IOException(
|
|
113 "Cannot request PTY at this stage anymore, a remote execution has already started.");
|
273
|
114
|
307
|
115 flag_pty_requested = true;
|
|
116 }
|
273
|
117
|
307
|
118 cm.requestPTY(cn, term, term_width_characters, term_height_characters, term_width_pixels, term_height_pixels,
|
|
119 terminal_modes);
|
|
120 }
|
273
|
121
|
|
122 /**
|
|
123 * Tells the server that the size of the terminal has changed.
|
|
124 *
|
|
125 * See {@link #requestPTY(String, int, int, int, int, byte[])} for more details about how parameters are interpreted.
|
307
|
126 *
|
|
127 * @param term_width_characters
|
|
128 * terminal width, characters (e.g., 80)
|
|
129 * @param term_height_characters
|
|
130 * terminal height, rows (e.g., 24)
|
|
131 * @param term_width_pixels
|
|
132 * terminal width, pixels (e.g., 640)
|
|
133 * @param term_height_pixels
|
|
134 * terminal height, pixels (e.g., 480)
|
|
135 * @throws IOException
|
|
136 */
|
290
|
137 public void resizePTY(int term_width_characters, int term_height_characters, int term_width_pixels, int term_height_pixels) throws IOException {
|
291
|
138 requestWindowChange(term_width_characters, term_height_characters, term_width_pixels, term_height_pixels);
|
290
|
139 }
|
|
140
|
307
|
141 public void requestWindowChange(int term_width_characters, int term_height_characters, int term_width_pixels,
|
|
142 int term_height_pixels) throws IOException {
|
|
143 synchronized (this) {
|
|
144 /* The following is just a nicer error, we would catch it anyway later in the channel code */
|
|
145 if (flag_closed)
|
|
146 throw new IOException("This session is closed.");
|
273
|
147
|
307
|
148 if (!flag_pty_requested)
|
|
149 throw new IOException("A PTY was not requested.");
|
|
150 }
|
273
|
151
|
307
|
152 cm.requestWindowChange(cn, term_width_characters, term_height_characters, term_width_pixels, term_height_pixels);
|
|
153 }
|
273
|
154
|
307
|
155 /**
|
|
156 * Request X11 forwarding for the current session.
|
|
157 * <p/>
|
|
158 * You have to supply the name and port of your X-server.
|
|
159 * <p/>
|
|
160 * This method may only be called before a program or shell is started in
|
|
161 * this session.
|
|
162 *
|
|
163 * @param hostname the hostname of the real (target) X11 server (e.g., 127.0.0.1)
|
|
164 * @param port the port of the real (target) X11 server (e.g., 6010)
|
|
165 * @param cookie if non-null, then present this cookie to the real X11 server
|
|
166 * @param singleConnection if true, then the server is instructed to only forward one single
|
|
167 * connection, no more connections shall be forwarded after first, or after the session
|
|
168 * channel has been closed
|
|
169 * @throws IOException
|
|
170 */
|
|
171 public void requestX11Forwarding(String hostname, int port, byte[] cookie, boolean singleConnection)
|
|
172 throws IOException {
|
|
173 if (hostname == null)
|
|
174 throw new IllegalArgumentException("hostname argument may not be null");
|
273
|
175
|
307
|
176 synchronized (this) {
|
|
177 /* The following is just a nicer error, we would catch it anyway later in the channel code */
|
|
178 if (flag_closed)
|
|
179 throw new IOException("This session is closed.");
|
273
|
180
|
307
|
181 if (flag_x11_requested)
|
|
182 throw new IOException("X11 forwarding was already requested.");
|
273
|
183
|
307
|
184 if (flag_execution_started)
|
|
185 throw new IOException(
|
|
186 "Cannot request X11 forwarding at this stage anymore, a remote execution has already started.");
|
273
|
187
|
307
|
188 flag_x11_requested = true;
|
|
189 }
|
273
|
190
|
307
|
191 /* X11ServerData - used to store data about the target X11 server */
|
|
192 X11ServerData x11data = new X11ServerData();
|
|
193 x11data.hostname = hostname;
|
|
194 x11data.port = port;
|
|
195 x11data.x11_magic_cookie = cookie; /* if non-null, then present this cookie to the real X11 server */
|
|
196 /* Generate fake cookie - this one is used between remote clients and the ganymed proxy */
|
|
197 byte[] fakeCookie = new byte[16];
|
|
198 String hexEncodedFakeCookie;
|
273
|
199
|
307
|
200 /* Make sure that this fake cookie is unique for this connection */
|
273
|
201
|
307
|
202 while (true) {
|
|
203 rnd.nextBytes(fakeCookie);
|
|
204 /* Generate also hex representation of fake cookie */
|
|
205 StringBuilder tmp = new StringBuilder(32);
|
273
|
206
|
307
|
207 for (int i = 0; i < fakeCookie.length; i++) {
|
|
208 String digit2 = Integer.toHexString(fakeCookie[i] & 0xff);
|
|
209 tmp.append((digit2.length() == 2) ? digit2 : "0" + digit2);
|
|
210 }
|
|
211
|
|
212 hexEncodedFakeCookie = tmp.toString();
|
273
|
213
|
307
|
214 /* Well, yes, chances are low, but we want to be on the safe side */
|
273
|
215
|
307
|
216 if (cm.checkX11Cookie(hexEncodedFakeCookie) == null)
|
|
217 break;
|
|
218 }
|
273
|
219
|
307
|
220 /* Ask for X11 forwarding */
|
|
221 cm.requestX11(cn, singleConnection, "MIT-MAGIC-COOKIE-1", hexEncodedFakeCookie, 0);
|
273
|
222
|
307
|
223 /* OK, that went fine, get ready to accept X11 connections... */
|
|
224 /* ... but only if the user has not called close() in the meantime =) */
|
273
|
225
|
307
|
226 synchronized (this) {
|
|
227 if (flag_closed == false) {
|
|
228 this.x11FakeCookie = hexEncodedFakeCookie;
|
|
229 cm.registerX11Cookie(hexEncodedFakeCookie, x11data);
|
|
230 }
|
|
231 }
|
|
232
|
|
233 /* Now it is safe to start remote X11 programs */
|
|
234 }
|
273
|
235
|
307
|
236 /**
|
|
237 * Execute a command on the remote machine.
|
|
238 *
|
|
239 * @param cmd The command to execute on the remote host.
|
|
240 * @throws IOException
|
|
241 */
|
|
242 public void execCommand(String cmd) throws IOException {
|
|
243 this.execCommand(cmd, null);
|
|
244 }
|
273
|
245
|
307
|
246 /**
|
|
247 * Execute a command on the remote machine.
|
|
248 *
|
|
249 * @param cmd The command to execute on the remote host.
|
|
250 * @param charsetName The charset used to convert between Java Unicode Strings and byte encodings
|
|
251 * @throws IOException
|
|
252 */
|
|
253 public void execCommand(String cmd, String charsetName) throws IOException {
|
|
254 if (cmd == null)
|
|
255 throw new IllegalArgumentException("cmd argument may not be null");
|
273
|
256
|
307
|
257 synchronized (this) {
|
|
258 /* The following is just a nicer error, we would catch it anyway later in the channel code */
|
|
259 if (flag_closed)
|
|
260 throw new IOException("This session is closed.");
|
273
|
261
|
307
|
262 if (flag_execution_started)
|
|
263 throw new IOException("A remote execution has already started.");
|
273
|
264
|
307
|
265 flag_execution_started = true;
|
|
266 }
|
|
267
|
|
268 cm.requestExecCommand(cn, cmd, charsetName);
|
|
269 }
|
273
|
270
|
307
|
271 /**
|
|
272 * Start a shell on the remote machine.
|
|
273 *
|
|
274 * @throws IOException
|
|
275 */
|
|
276 public void startShell() throws IOException {
|
|
277 synchronized (this) {
|
|
278 /* The following is just a nicer error, we would catch it anyway later in the channel code */
|
|
279 if (flag_closed)
|
|
280 throw new IOException("This session is closed.");
|
273
|
281
|
307
|
282 if (flag_execution_started)
|
|
283 throw new IOException("A remote execution has already started.");
|
273
|
284
|
307
|
285 flag_execution_started = true;
|
|
286 }
|
273
|
287
|
307
|
288 cm.requestShell(cn);
|
|
289 }
|
273
|
290
|
307
|
291 /**
|
|
292 * Start a subsystem on the remote machine.
|
|
293 * Unless you know what you are doing, you will never need this.
|
|
294 *
|
|
295 * @param name the name of the subsystem.
|
|
296 * @throws IOException
|
|
297 */
|
|
298 public void startSubSystem(String name) throws IOException {
|
|
299 if (name == null)
|
|
300 throw new IllegalArgumentException("name argument may not be null");
|
273
|
301
|
307
|
302 synchronized (this) {
|
|
303 /* The following is just a nicer error, we would catch it anyway later in the channel code */
|
|
304 if (flag_closed)
|
|
305 throw new IOException("This session is closed.");
|
273
|
306
|
307
|
307 if (flag_execution_started)
|
|
308 throw new IOException("A remote execution has already started.");
|
273
|
309
|
307
|
310 flag_execution_started = true;
|
|
311 }
|
273
|
312
|
307
|
313 cm.requestSubSystem(cn, name);
|
|
314 }
|
273
|
315
|
287
|
316 /**
|
|
317 * Request authentication agent forwarding.
|
|
318 * @param agent object that implements the callbacks
|
|
319 *
|
|
320 * @throws IOException in case of any problem or when the session is closed
|
|
321 */
|
|
322
|
290
|
323 public synchronized void requestAuthAgentForwarding(AuthAgentCallback agent) throws IOException {
|
287
|
324 synchronized (this) {
|
|
325 /*
|
|
326 * The following is just a nicer error, we would catch it anyway
|
|
327 * later in the channel code
|
|
328 */
|
|
329 if (flag_closed)
|
|
330 throw new IOException("This session is closed.");
|
|
331 }
|
|
332
|
290
|
333 cm.requestChannelAgentForwarding(cn, agent);
|
287
|
334 }
|
|
335
|
307
|
336 public int getState() {
|
|
337 return cn.getState();
|
|
338 }
|
273
|
339
|
307
|
340 public InputStream getStdout() {
|
|
341 return cn.getStdoutStream();
|
|
342 }
|
273
|
343
|
307
|
344 public InputStream getStderr() {
|
|
345 return cn.getStderrStream();
|
|
346 }
|
273
|
347
|
307
|
348 public OutputStream getStdin() {
|
|
349 return cn.getStdinStream();
|
|
350 }
|
273
|
351
|
307
|
352 /**
|
|
353 * This method blocks until there is more data available on either the
|
|
354 * stdout or stderr InputStream of this <code>Session</code>. Very useful
|
|
355 * if you do not want to use two parallel threads for reading from the two
|
|
356 * InputStreams. One can also specify a timeout. NOTE: do NOT call this
|
|
357 * method if you use concurrent threads that operate on either of the two
|
|
358 * InputStreams of this <code>Session</code> (otherwise this method may
|
|
359 * block, even though more data is available).
|
|
360 *
|
|
361 * @param timeout The (non-negative) timeout in <code>ms</code>. <code>0</code> means no
|
|
362 * timeout, the call may block forever.
|
|
363 * @return <ul>
|
|
364 * <li><code>0</code> if no more data will arrive.</li>
|
|
365 * <li><code>1</code> if more data is available.</li>
|
|
366 * <li><code>-1</code> if a timeout occurred.</li>
|
|
367 * </ul>
|
|
368 * @throws IOException
|
|
369 * @deprecated This method has been replaced with a much more powerful wait-for-condition
|
|
370 * interface and therefore acts only as a wrapper.
|
|
371 */
|
|
372 public int waitUntilDataAvailable(long timeout) throws IOException {
|
|
373 if (timeout < 0)
|
|
374 throw new IllegalArgumentException("timeout must not be negative!");
|
273
|
375
|
307
|
376 int conditions = cm.waitForCondition(cn, timeout, ChannelCondition.STDOUT_DATA | ChannelCondition.STDERR_DATA
|
|
377 | ChannelCondition.EOF);
|
273
|
378
|
307
|
379 if ((conditions & ChannelCondition.TIMEOUT) != 0)
|
|
380 return -1;
|
273
|
381
|
307
|
382 if ((conditions & (ChannelCondition.STDOUT_DATA | ChannelCondition.STDERR_DATA)) != 0)
|
|
383 return 1;
|
273
|
384
|
307
|
385 /* Here we do not need to check separately for CLOSED, since CLOSED implies EOF */
|
273
|
386
|
307
|
387 if ((conditions & ChannelCondition.EOF) != 0)
|
|
388 return 0;
|
273
|
389
|
307
|
390 throw new IllegalStateException("Unexpected condition result (" + conditions + ")");
|
|
391 }
|
273
|
392
|
307
|
393 /**
|
|
394 * This method blocks until certain conditions hold true on the underlying SSH-2 channel.
|
|
395 * <p/>
|
|
396 * This method returns as soon as one of the following happens:
|
|
397 * <ul>
|
|
398 * <li>at least of the specified conditions (see {@link ChannelCondition}) holds true</li>
|
|
399 * <li>timeout > 0 and a timeout occured (TIMEOUT will be set in result conditions)</a>
|
|
400 * <li>the underlying channel was closed (CLOSED will be set in result conditions)</a>
|
|
401 * </ul>
|
|
402 * <p/>
|
|
403 * In any case, the result value contains ALL current conditions, which may be more
|
|
404 * than the specified condition set (i.e., never use the "==" operator to test for conditions
|
|
405 * in the bitmask, see also comments in {@link ChannelCondition}).
|
|
406 * <p/>
|
|
407 * Note: do NOT call this method if you want to wait for STDOUT_DATA or STDERR_DATA and
|
|
408 * there are concurrent threads (e.g., StreamGobblers) that operate on either of the two
|
|
409 * InputStreams of this <code>Session</code> (otherwise this method may
|
|
410 * block, even though more data is available in the StreamGobblers).
|
|
411 *
|
|
412 * @param condition_set a bitmask based on {@link ChannelCondition} values
|
|
413 * @param timeout non-negative timeout in ms, <code>0</code> means no timeout
|
|
414 * @return all bitmask specifying all current conditions that are true
|
|
415 */
|
273
|
416
|
307
|
417 public int waitForCondition(int condition_set, long timeout) throws IOException {
|
|
418 if (timeout < 0)
|
|
419 throw new IllegalArgumentException("timeout must be non-negative!");
|
273
|
420
|
307
|
421 return cm.waitForCondition(cn, timeout, condition_set);
|
|
422 }
|
273
|
423
|
307
|
424 /**
|
|
425 * Get the exit code/status from the remote command - if available. Be
|
|
426 * careful - not all server implementations return this value. It is
|
|
427 * generally a good idea to call this method only when all data from the
|
|
428 * remote side has been consumed (see also the <code<WaitForCondition</code> method).
|
|
429 *
|
|
430 * @return An <code>Integer</code> holding the exit code, or
|
|
431 * <code>null</code> if no exit code is (yet) available.
|
|
432 */
|
|
433 public Integer getExitStatus() {
|
|
434 return cn.getExitStatus();
|
|
435 }
|
|
436
|
|
437 /**
|
|
438 * Get the name of the signal by which the process on the remote side was
|
|
439 * stopped - if available and applicable. Be careful - not all server
|
|
440 * implementations return this value.
|
|
441 *
|
|
442 * @return An <code>String</code> holding the name of the signal, or
|
|
443 * <code>null</code> if the process exited normally or is still
|
|
444 * running (or if the server forgot to send this information).
|
|
445 */
|
|
446 public String getExitSignal() {
|
|
447 return cn.getExitSignal();
|
|
448 }
|
273
|
449
|
307
|
450 /**
|
|
451 * Close this session. NEVER forget to call this method to free up resources -
|
|
452 * even if you got an exception from one of the other methods (or when
|
|
453 * getting an Exception on the Input- or OutputStreams). Sometimes these other
|
|
454 * methods may throw an exception, saying that the underlying channel is
|
|
455 * closed (this can happen, e.g., if the other server sent a close message.)
|
|
456 * However, as long as you have not called the <code>close()</code>
|
|
457 * method, you may be wasting (local) resources.
|
|
458 */
|
|
459 public void close() {
|
|
460 synchronized (this) {
|
|
461 if (flag_closed)
|
|
462 return;
|
273
|
463
|
307
|
464 flag_closed = true;
|
273
|
465
|
307
|
466 if (x11FakeCookie != null)
|
|
467 cm.unRegisterX11Cookie(x11FakeCookie, true);
|
273
|
468
|
307
|
469 try {
|
|
470 cm.closeChannel(cn, "Closed due to user request", true);
|
|
471 }
|
|
472 catch (IOException ignored) {
|
|
473 }
|
|
474 }
|
|
475 }
|
273
|
476 }
|