Merge pull request #3922 from swaldman/suppressServer

Implement a suppressServer setting for high-security builds
2018-02-07 19:25:23 -05:00 · 2018-02-07 19:25:23 -05:00 · bd1532eb4b
parent cbf7d92488 96b9429669
commit bd1532eb4b
6 changed files with 49 additions and 2 deletions
--- a/main-command/src/main/scala/sbt/BasicKeys.scala
+++ b/main-command/src/main/scala/sbt/BasicKeys.scala
@ -39,6 +39,12 @@ object BasicKeys {
                                 "The wire protocol for the server command.",
                                 10000)
  val autoStartServer =
    AttributeKey[Boolean](
      "autoStartServer",
      "If true, the sbt server will startup automatically during interactive sessions.",
      10000)
  // Unlike other BasicKeys, this is not used directly as a setting key,
  // and severLog / logLevel is used instead.
  private[sbt] val serverLogLevel =
--- a/main/src/main/scala/sbt/Defaults.scala
+++ b/main/src/main/scala/sbt/Defaults.scala
@ -268,6 +268,7 @@ object Defaults extends BuildCommon {
        .getOrElse(GCUtil.defaultForceGarbageCollection),
      minForcegcInterval :== GCUtil.defaultMinForcegcInterval,
      interactionService :== CommandLineUIService,
      autoStartServer := true,
      serverHost := "127.0.0.1",
      serverPort := 5000 + (Hash
        .toHex(Hash(appConfiguration.value.baseDirectory.toString))
--- a/main/src/main/scala/sbt/Keys.scala
+++ b/main/src/main/scala/sbt/Keys.scala
@ -131,6 +131,7 @@ object Keys {
  // Command keys
  val historyPath = SettingKey(BasicKeys.historyPath)
  val shellPrompt = SettingKey(BasicKeys.shellPrompt)
  val autoStartServer = SettingKey(BasicKeys.autoStartServer)
  val serverPort = SettingKey(BasicKeys.serverPort)
  val serverHost = SettingKey(BasicKeys.serverHost)
  val serverAuthentication = SettingKey(BasicKeys.serverAuthentication)
--- a/main/src/main/scala/sbt/Project.scala
+++ b/main/src/main/scala/sbt/Project.scala
@ -21,6 +21,7 @@ import Keys.{
  sessionSettings,
  shellPrompt,
  templateResolverInfos,
  autoStartServer,
  serverHost,
  serverLog,
  serverPort,
@ -462,6 +463,7 @@ object Project extends ProjectExtra {
    val prompt = get(shellPrompt)
    val trs = (templateResolverInfos in Global get structure.data).toList.flatten
    val watched = get(watch)
    val startSvr: Option[Boolean] = get(autoStartServer)
    val host: Option[String] = get(serverHost)
    val port: Option[Int] = get(serverPort)
    val authentication: Option[Set[ServerAuthentication]] = get(serverAuthentication)
@ -474,6 +476,7 @@ object Project extends ProjectExtra {
      s.attributes
        .setCond(Watched.Configuration, watched)
        .put(historyPath.key, history)
        .setCond(autoStartServer.key, startSvr)
        .setCond(serverPort.key, port)
        .setCond(serverHost.key, host)
        .setCond(serverAuthentication.key, authentication)
--- a/main/src/main/scala/sbt/internal/CommandExchange.scala
+++ b/main/src/main/scala/sbt/internal/CommandExchange.scala
@ -14,6 +14,7 @@ import java.util.concurrent.atomic._
 import scala.collection.mutable.ListBuffer
 import scala.annotation.tailrec
 import BasicKeys.{
  autoStartServer,
  serverHost,
  serverPort,
  serverAuthentication,
@ -43,7 +44,7 @@ import sbt.util.{ Level, Logger, LogExchange }
 * this exchange, which could serve command request from either of the channel.
 */
 private[sbt] final class CommandExchange {
-  private val autoStartServer = sys.props.get("sbt.server.autostart") map {
+  private val autoStartServerSysProp = sys.props.get("sbt.server.autostart") map {
    _.toLowerCase == "true"
  } getOrElse true
  private val lock = new AnyRef {}
@ -87,7 +88,11 @@ private[sbt] final class CommandExchange {
        consoleChannel = Some(x)
        subscribe(x)
    }
-    if (autoStartServer) runServer(s)
+    val autoStartServerAttr = (s get autoStartServer) match {
      case Some(bool) => bool
      case None       => true
    }
    if (autoStartServerSysProp && autoStartServerAttr) runServer(s)
    else s
  }
--- a/notes/1.1.1/autoStartServer.md
+++ b/notes/1.1.1/autoStartServer.md
@ -0,0 +1,31 @@
 ### Improvements
 This pull request implements a Boolean setting called `autoStartServer`, whose default value is `true'.
 If a build or plugin explicitly sets it to `false`, the sbt-1.x server will not start up
 (exactly as if the system property `sbt.server.autostart` were set to `false`).
 Users who set `autoStartServer` to `false` may manually execute `startServer` at the interactive prompt,
 if they wish to use the server during a shell session.
 ### Motivation
 Projects often encounter private information, such as deployment credentials, private keys, etc.
 For such projects, it may be preferable to reduce the potential attack surface than to enjoy the
 interoperability offered by sbt's server. Projects that wish to make this tradeoff can set `autoStartServer`
 to `false` in their build. Security-sensitive plugins can disable `autoStartServer` as well, modifying the
 default behavior in favor of security.
 (My own motivation is that I am working on a [plugin for developing Ethereum applications](https://github.com/swaldman/sbt-ethereum)
 with scala and sbt. It must work with extremely sensitive private keys.)
 ---
 See also a [recent conversation on Stack Exchange](https://stackoverflow.com/questions/48591179/can-one-disable-the-sbt-1-x-server/48593906#48593906).
 ---
 ##### History
 2018-02-06 Modified from negative `suppressServer` to positive `autoStartServer` at the (sensible) request of @eed3si9n