Implementation of remote file API for correct FilePath
work with RemoteLinux.
Added tests for this functionality
Run ssh shell in separate thread.
The linux device instance keeps its own thread for running
SshRemoteProcess. In this way all calls to filepath
interface of linux device coming from different threads
are executed in one thread (SshRemoteProcess is reentrant,
but not thread safe). The redirection to the device thread
is done by invoking SshRemoteProcess' methods through
BlockingQueuedConnection.
Done-by: Artem Sokolovskii
Change-Id: Id8756738d3a4597f175c8ef000c148d0c8536eeb
Reviewed-by: Jarek Kobus <jaroslaw.kobus@qt.io>
When we are starting master process for ssh (-M option specified)
we don't know whether everything went fine, since the process
just starts and doesn't print anything to the output in case
all went fine. It may also happen that when there are issues
the master process finishes soon after it was started.
When everything went fine the master process should create
a socket (specified by ControlPath option). But when we
receive a started() signal from the process, the socket
isn't yet ready. So, in order to detect that connection was
established properly, the old implementation created a
FileSystemWatcher on the expected socket file to appear.
There are 2 issues with the approach above:
1. There might be a race condition inside the started()
handler of the master process. After checking that
the expected socket isn't created yet and before setting
up the file system watcher, the socket file could have
been created in meantime what wouldn't be noticed.
2. The use of Utils::FileSystemWatcher excludes the usage
in non-main threads. Thus in general: usage of SshConnection
outside of main thread is dangerous.
This patch implements it in a different way. Instead of
installing a file system watcher we make use of local command
of ssh master process. We enable it by "PermitLocalCommand=yes"
and specify a local command by "LocalCommand=echo". This means
that local command will be executed after successfully connecting
to the server. Our command is very simple - just empty echo,
which means that we should expect the "\n" on master process
output after successful run. So, instead of connecting to
started() signal we are connected to readyReadStandardOutput()
and detect successful connection after receiving newline char.
This eliminates both issues with the old approach and makes a
step towards thread safe shared ssh connections.
Change-Id: I2e20c82aeff09b297e3cad5644d4d2c956db82d0
Reviewed-by: <github-actions-qt-creator@cristianadam.eu>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: hjk <hjk@qt.io>
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>
When an ssh-agent offers many different identities, the maximum
authentication attempts the server permits may be exceeded, resulting in
the above error. With IdentitiesOnly enabled, just the explicitly
specified identities will be used.
Change-Id: Ic10d7032893a38c608989f957b5e91b7dc15c24c
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>
The Microsoft-provided ssh binaries misinterpret the connection timeout
in that they only start to connect after that period has passed, which
slows down the connection process. So let's not use the timeout option
there.
Change-Id: I5a5335c7f1b4af04f1afb5603ab0f1a518e8c95e
Reviewed-by: Oliver Wolff <oliver.wolff@qt.io>
- Consider the case of connection sharing being disabled.
- Adapt to slower environments.
Change-Id: I088622034c26ea343eb78161b24c43b3286b0512
Reviewed-by: Christian Stenger <christian.stenger@qt.io>
More in line with QFileInfo terminonlogy which appears to be
best-of-breed within Qt.
Change-Id: I1d051ff1c8363ebd4ee56376451df45216c4c9ab
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>
The old implementation sent the command over the wire as-is, so we
declared it as a QByteArray and let the caller choose the encoding. This
doesn't make sense anymore, as the command is now passed to an external
process as a QString anyway.
Change-Id: Ib84bc0f871db2b45b93f71d924c4177cc28d3bb0
Reviewed-by: hjk <hjk@qt.io>
Creating a sub-directory of Creator's master temp dir makes the socket
path too long on macOS, so use a normal QTemporaryDir.
Fixes: QTCREATORBUG-21748
Change-Id: I4992e43032838e6f625162cd40ae101d21c62fdc
Reviewed-by: hjk <hjk@qt.io>
Reviewed-by: Eike Ziller <eike.ziller@qt.io>
The maximum path length for a UNIX domain socket is much lower than for
other file types.
Fixes: QTCREATORBUG-21748
Change-Id: I5e27169f356d7a2960a817e308a1f5d4858b6f7d
Reviewed-by: James McDonnell <jmcdonnell@blackberry.com>
Otherwise, if connection sharing is disabled and public key
authentication fails, the askpass tool is not invoked.
Change-Id: Iea8316675b8f270c924f822f340f6282b21450d5
Reviewed-by: hjk <hjk@qt.io>
The file watching objects are temporary in nature and don't need to be
class members.
Change-Id: I845e4f8599a338517f6fc26ffd9d0061466ba33e
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
Using rsync enables proper incremental deployment and is particularly
helpful when larger files are involved.
We check whether rsync works as part of the device test. If it does, it
becomes the default deploy step, otherwise we fall back to SFTP.
Change-Id: I6ab938ccd5acd7e0cbe07b90b6938dccad19bba5
Reviewed-by: hjk <hjk@qt.io>
It's only ever needed at startup, no need to keep it around after that.
Change-Id: Icc1ada71177d4f81b0b84cd3607a8a8b7af9cec2
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
... instead of our own SSH library.
Advantages:
- Full compatibility with OpenSSH behavior guaranteed.
- Minimal maintenance effort.
- Less code to build.
- Big chunk of 3rd party sources can be removed from our repository.
One the downside, Windows users now need to install OpenSSH for
RemoteLinux support. Hoewever, people doing embedded development
probably have it installed anyway.
[ChangeLog] Switched SSH backend to OpenSSH
Fixes: QTCREATORBUG-15744
Fixes: QTCREATORBUG-15807
Fixes: QTCREATORBUG-19306
Fixes: QTCREATORBUG-20210
Change-Id: Ifcfefdd39401e45ba1f4aca35d2c5bf7046c7aab
Reviewed-by: Eike Ziller <eike.ziller@qt.io>
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
Botan 1.10 will be completely unsupported by the end of this year, so we
now target API version 2 instead.
Also upgrade our bundled Botan to the latest version 2.7. We no longer
check in pre-processed files, but use the upstream sources directly
(with unneeded parts removed), employing Botan's own configure
script for building. This will make future upgrades much simpler. A
script to automate this process is also provided.
Task-number: QTCREATORBUG-18802
Task-number: QTCREATORBUG-8107
Change-Id: I5a5ea62cfd30d720b556217142e8b7e06bf49f7e
Reviewed-by: hjk <hjk@qt.io>
Reviewed-by: Eike Ziller <eike.ziller@qt.io>
Combine host, port, username and password into a 'url' member and
add some convenience accessors.
Change-Id: Iddc26ff00dad1285c96aa56f196dbc4febe8e974
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>
In particular, the existence of Botan::Exception wrongly suggests that
it is the parent class of all Botan-specific exceptions. This
assumption, combined with a different bug that will be fixed in a
follow-up commit, caused a crash in the key generator.
Change-Id: I0aafb761052d185051df217c9914010235a7c77b
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
SshClientException or SshServerException might
be thrown in SshAbstractCryptoFacility::convert
Change-Id: I0950ce8d7979c171926a12f6c6d94abeffcc4b93
Reviewed-by: Christian Kandeler <christian.kandeler@qt.io>
The heavy lifting was done by clazy.
Change-Id: I04261849c92c54990f9f142fe541d984c5fb21d3
Reviewed-by: Christian Kandeler <christian.kandeler@theqtcompany.com>
We hardcoded the remote host to the SSH server for some reason, and the
originating port was bogus as well.
Change-Id: I8f6700bc12f4374302dd3bfc035c9c9f060f56ef
Reviewed-by: Caspar Romot <cro@icd.ee>
Reviewed-by: Christian Kandeler <christian.kandeler@theqtcompany.com>
This avoids unnecessary detaches of the Qt container data.
The mismatches where detected by defining QT_STRICT_ITERATORS;
however, this define violates the ODR (causing linker errors),
and therefore is not added permanently.
Change-Id: Idd336a9c8b394214a820437ef1b92d2101f6101c
GPush-Base: 62b0848b9c
Reviewed-by: Daniel Teske <daniel.teske@theqtcompany.com>
Botan requires to be initialized before first use. We do that on-demand,
but currently we miss one of the two places where this is necessary.
The problem only manifests itself with multithreading, because Botan
itself also does an on-demand initialization, but does not guard
against concurrent access when doing so.
Task-number: QTCREATORBUG-9980
Change-Id: Id65c428e3d8842c8a6f16942b11d52412239d3c9
Reviewed-by: David Kaspar <dkaspar@blackberry.com>
Reviewed-by: Christian Kandeler <christian.kandeler@digia.com>
There is now at least one Linux distribution (openSUSE 12.3) that
disables the "password" authentication method in its default
sshd_config, while others allow it, but disable "keyboard-interactive".
This patch tackles the problem as follows:
1) Implement RFC 4256 ("keyboard-interactive") and make this method
available in the API.
2) In addition, the API offers to try both password-based methods
one after the other, until one has succeeded or all have failed.
3) Dialogs continue to offer just the choice between "Password" and
"Key", as to not confuse users. Internally, "Password" uses the feature
described in 2).
Task-number: QTCREATORBUG-9568
Change-Id: Ic81bd5d2dc4b1332ea1a8be938c19811c21a9087
Reviewed-by: hjk <hjk121@nokiamail.com>
Reviewed-by: Christian Kandeler <christian.kandeler@digia.com>
QDoc does some magic with the \class and \namespaces
and \brief commands, so the following wording must be used:
"The xxx class yyy ..."
Change-Id: Id231f30e8464898b776888d5423523de404aae34
Reviewed-by: Eike Ziller <eike.ziller@digia.com>
#!/usr/bin/env ruby
Dir.glob('**/*.cpp') { |file|
# skip ast (excluding paste, astpath, and canv'ast'imer)
next if file =~ /ast[^eip]|keywords\.|qualifiers|preprocessor|names.cpp/i
s = File.read(file)
next if s.include?('qlalr')
orig = s.dup
s.gsub!(/\n *if [^\n]*{\n[^\n]*\n\s+}(\s+else if [^\n]* {\n[^\n]*\n\s+})*(\s+else {\n[^\n]*\n\s+})?\n/m) { |m|
res = $&
if res =~ /^\s*(\/\/|[A-Z_]{3,})/ # C++ comment or macro (Q_UNUSED, SDEBUG), do not touch braces
res
else
res.gsub!('} else', 'else')
res.gsub!(/\n +} *\n/m, "\n")
res.gsub(/ *{$/, '')
end
}
s.gsub!(/ *$/, '')
File.open(file, 'wb').write(s) if s != orig
}
Change-Id: I3b30ee60df0986f66c02132c65fc38a3fbb6bbdc
Reviewed-by: hjk <qthjk@ovi.com>
While we want to conform to the specs, there are systems out there today
whose SSH servers send non-conforming identifications strings. We now
enable API clients to switch the respecive checks off, and we do so
ourselves in the RemoteLinux plugin, since the only known problems
are with OpenSSH servers.
Change-Id: I9e6f9076f2dc7435a0bde7016f99cfb2fcb30a9c
Reviewed-by: Tobias Hunger <tobias.hunger@digia.com>
