source.dussan.org Git - gitblit.git/commit

author	David Ostrovsky <david@ostrovsky.org>
	Sun, 16 Mar 2014 17:28:03 +0000 (18:28 +0100)
committer	James Moger <james.moger@gitblit.com>
	Thu, 10 Apr 2014 22:58:08 +0000 (18:58 -0400)
commit	75ebd391b88884581b1139c87c98bb687941a8fe
tree	0050f7a069c483de425e64c5714598a59413893f	tree \| snapshot
parent	282b8fd82c46ba6874fb24c8715af103645f3406	commit \| diff

Prevent double authentication for the same public key

Openssh client sends two requests, one without a key signature to verify
that the public key is acceptable and the second one with the signature
after having loaded the private key and signed some data for actual
verification.

To prevent that the PublickeyAuthenticator#authenticate is called twice
cache the authentication status for session and public key. Implement
SessionListener to clean up the cache entry when session is destroyed.

This is a workaround for SSHD bug [1].

Inspired-By: Guillaume Nodet <gnodet@apache.org>
[1] https://issues.apache.org/jira/browse/SSHD-300

src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java	[new file with mode: 0644]	blob
src/main/java/com/gitblit/transport/ssh/PublicKeyAuthenticator.java	[deleted file]	blob \| history
src/main/java/com/gitblit/transport/ssh/SshCommandFactory.java		diff \| blob \| history
src/main/java/com/gitblit/transport/ssh/SshDaemon.java		diff \| blob \| history
src/main/java/com/gitblit/transport/ssh/commands/BaseKeyCommand.java		diff \| blob \| history
src/main/java/com/gitblit/transport/ssh/commands/DispatchCommand.java		diff \| blob \| history