source.dussan.org Git - jgit.git/commit

author	Thomas Wolf <thomas.wolf@paranor.ch>
	Mon, 27 Dec 2021 18:50:24 +0000 (19:50 +0100)
committer	Thomas Wolf <thomas.wolf@paranor.ch>
	Sun, 30 Jan 2022 16:13:45 +0000 (17:13 +0100)
commit	071084818cae26fd3f1075d4e6763218197c94d5
tree	0d06bc036b1347cd49716b21514dfea80858137e	tree \| snapshot
parent	4efc6a396af3f5a112dc87e708d339b51f376c1d	commit \| diff

sshd: handle IdentitiesOnly with an SSH agent

If an SSH agent is used but "IdentitiesOnly yes" is set, only those
keys from the agent that correspond to one of the keys explicitly given
via an IdentityFile directive are to be used.

Implement this by filtering the list of keys obtained from the agent
against the list of IdentityFiles, each entry suffixed with ".pub".
Load the public keys from these files, and ignore all other keys from
the agent. Keys without ".pub" file are also ignored.

Apache MINA sshd has no operation to load only the public key from a
private key file, so we have to rely on *.pub files.

Bug: 577053
Change-Id: I75c2c0b3ce35781c933ec2944bd6da1b94f4caf9
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>

org.eclipse.jgit.ssh.apache/resources/org/eclipse/jgit/internal/transport/sshd/SshdText.properties		diff \| blob \| history
org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitPublicKeyAuthentication.java		diff \| blob \| history
org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/SshdText.java		diff \| blob \| history