]> source.dussan.org Git - jgit.git/log
jgit.git
14 months agoUpdate org.eclipse.jdt:ecj to 3.35.0 45/204345/1
Matthias Sohn [Fri, 15 Sep 2023 00:06:48 +0000 (02:06 +0200)]
Update org.eclipse.jdt:ecj to 3.35.0

Change-Id: Ic1d7fe65a0255bc0cdaf7a7285dd3532277ec07b

14 months agoUpdate org.apache.commons:commons-compress to 1.24.0 44/204344/1
Matthias Sohn [Thu, 14 Sep 2023 22:55:17 +0000 (00:55 +0200)]
Update org.apache.commons:commons-compress to 1.24.0

Change-Id: I896298f9e94b50dda6c6396e652f4a191a722a68

14 months ago[errorprone] Suppress ImmutableEnumChecker for ShutdownHook 43/204343/1
Matthias Sohn [Thu, 14 Sep 2023 22:50:19 +0000 (00:50 +0200)]
[errorprone] Suppress ImmutableEnumChecker for ShutdownHook

Here we use enum to implement a singleton. Hence suppress the errorprone
error ImmutableEnumChecker.

Change-Id: I21f6ed83c08936dfc9aa591af809e69f3053a050

14 months agoUpdate bytebuddy to 1.14.8 42/204342/1
Matthias Sohn [Thu, 14 Sep 2023 22:48:47 +0000 (00:48 +0200)]
Update bytebuddy to 1.14.8

Change-Id: I60ad9ea9300099eeabbb5023d7a5264593e60dc0

14 months agoUse ShutdownHook to gracefully handle JVM shutdown 19/204219/13
Matthias Sohn [Fri, 8 Sep 2023 20:57:05 +0000 (22:57 +0200)]
Use ShutdownHook to gracefully handle JVM shutdown

in all classes which already registered their own shutdown hook
- CloneCommand
- GC#PidLock
- FS#FileStoreAttributes
- LocalDiskRepositoryTestCase#Cleanup

Change-Id: I3efc1f83f3cbbf43eeeaaedcd2bee1ef31971a72

14 months agoAdd ShutdownHook to cleanup FileLocks on graceful JVM shutdown 13/204213/12
Matthias Sohn [Fri, 8 Sep 2023 00:14:20 +0000 (02:14 +0200)]
Add ShutdownHook to cleanup FileLocks on graceful JVM shutdown

This should avoid stale lock files if the JVM is terminated gracefully.

Implement a ShutdownHook which can register/unregister listeners which
need to do some cleanup during graceful JVM shutdown. This hook is
registered as a Java shutdown hook and  when the JVM shuts down
calls #onShutdown of registered listeners using a parallel stream
to let them run concurrently.

See https://docs.oracle.com/javase/8/docs/technotes/guides/lang/hook-design.html

Bug: 582379
Change-Id: I1621dc5f7d9a8c832b6d1b74cbc47578b1c2f0b8

14 months agoUnregister ShutdownHook when GC#PidLock is closed 12/204212/3
Matthias Sohn [Fri, 8 Sep 2023 00:32:57 +0000 (02:32 +0200)]
Unregister ShutdownHook when GC#PidLock is closed

Otherwise the JVM will accumulate the ShutdownHook objects of all GCs
run while the JVM is up.

Change-Id: Iadc723a939238a3a75b4ba47f898918eb4554ea3

14 months agoMerge "OSGi: move plugin localization to subdirectory"
Matthias Sohn [Tue, 12 Sep 2023 20:39:19 +0000 (16:39 -0400)]
Merge "OSGi: move plugin localization to subdirectory"

14 months agoOSGi: move plugin localization to subdirectory 99/204299/1
Thomas Wolf [Mon, 11 Sep 2023 18:58:15 +0000 (20:58 +0200)]
OSGi: move plugin localization to subdirectory

OSGi can have its plugin localization at an arbitrary place; there is
no need to have it in a top-level plugin.properties file. In non-OSGi
environments having the files at the root level may mean that these
files clash with each other, or, as in the referenced bug, with some
third-party plug-in's plugin.properties, which may not even have
anything to do with localization.

Move our OSGi localization to a subfolder OSGI-INF/l10n. For OSGi
environments, that's just as good, and for non-OSGi environments it
avoid clashes with other root level items on the classpath or in a fat
JAR.

For fragments, use neither plugin.properties (which would clash with the
host plug-in's plugin.properties) nor fragment.properties (which might
clash with other fragments for the same fragment host bundle). Instead
use names "relative" to the host bundle.

Bug: 582394
Change-Id: Ifbcd046d912e2cfe86c0f7259c5ca8de599d9aa1
Signed-off-by: Thomas Wolf <twolf@apache.org>
14 months agossh: Remove redundant null check for home.getAbsoluteFile() 67/204267/1
Jonathan Nieder [Tue, 12 Sep 2023 00:12:17 +0000 (17:12 -0700)]
ssh: Remove redundant null check for home.getAbsoluteFile()

File#getAbsoluteFile is non-nullable, so this check can never trigger.
Worse, getAbsoluteFile can throw an exception such as
InvalidPathException, and since this call isn't in the "try" block
that checks for that, the exception would then escape the getSession
call.

Noticed because the exception is being thrown in googlesource.com's
custom SshdSessionFactory, causing incoming ssh requests to fail
(noticed using internal tests).

Change-Id: I57f2d5e497ff678b17573f79827b6e1d9a6c9b9f
Signed-off-by: Jonathan Nieder <jrn@google.com>
14 months agoRevertCommand: support for inserting a Gerrit change ID 42/204242/1
Thomas Wolf [Fri, 8 Sep 2023 20:27:19 +0000 (22:27 +0200)]
RevertCommand: support for inserting a Gerrit change ID

Add a setter for the flag to be passed through to the CommitCommand.

Bug: 342790
Change-Id: I87548d7c2742af8af5ef6105115e3ab9c58d1d9f
Signed-off-by: Thomas Wolf <twolf@apache.org>
14 months ago[releng] Bump japicmp base version to 6.7.0.202309050840-r 41/204241/1
Thomas Wolf [Fri, 8 Sep 2023 19:37:15 +0000 (21:37 +0200)]
[releng] Bump japicmp base version to 6.7.0.202309050840-r

Change-Id: I8ccf8472a8bf06669ebdcd3d59d24f7d5567d89e
Signed-off-by: Thomas Wolf <twolf@apache.org>
14 months agoDfsPackFile: Record index loads only in one place 36/204236/4
Ivan Frade [Fri, 8 Sep 2023 15:35:47 +0000 (08:35 -0700)]
DfsPackFile: Record index loads only in one place

Each index can be set in the reader from two locations: the dfs cache
callback or the code afterwards. The pack is emitting the load event
in both cases, when the reference is set. This is brittle (right now
it is missing events for BITMAP_INDEX and COMMIT_GRAPH).

Emit the index loaded event only once, after going through the cache
code. The fact that the reference was set in the callback or the main
code is irrelevant. Also, the reader is per-thread, so there shouldn't
be any concurrency involved triggering double counts.

Change-Id: I7f3d078a53741ecc1e81b96353ed8faa8fef3a49

14 months agoDfsPackfile: Emit the index load with the index object 33/204233/2
Ivan Frade [Fri, 8 Sep 2023 15:20:31 +0000 (08:20 -0700)]
DfsPackfile: Emit the index load with the index object

The DfsReader#emitIndexLoad expects a reference to the loaded object,
not to its identity hash. This makes listeneres recalculate an
identity hash over an Int object.

Pass the expected reference to the method.

Change-Id: Iee982fdd0169c93c5c7cd9cfe4260a7a82d23f6a

14 months agoPrepare 6.8.0-SNAPSHOT builds 46/204146/3
Matthias Sohn [Thu, 7 Sep 2023 00:24:53 +0000 (02:24 +0200)]
Prepare 6.8.0-SNAPSHOT builds

Change-Id: Ifc81f0a96c2ced0b25926b9daa539d9cfc951925

14 months agoMerge branch 'stable-6.7' 45/204145/3
Matthias Sohn [Thu, 7 Sep 2023 00:23:57 +0000 (02:23 +0200)]
Merge branch 'stable-6.7'

* stable-6.7:
  Prepare 6.7.1-SNAPSHOT builds
  Switch back to wagon-ssh-external
  Fix generation of maven site
  JGit v6.7.0.202309050840-r
  Remove unused API problem filters
  [releng] Bump japicmp base version to 6.6.0.202305301015-r
  Fix list of 3rd party bundles in p2 repo
  Add missing source bundle org.osgi.service.cm.source to target platform
  Prepare 6.6.2-SNAPSHOT builds
  JGit v6.6.1.202309021850-r
  Checkout: better directory handling
  Document commit-graph options supported by JGit
  Fix warning raised for local variable hiding DfsPackFile#index
  Suppress boxing warnings in DfsPackFile
  Remove unused API problem filters
  Suppress boxing warnings in tests
  Fix warning about empty block
  Update mockito to 5.5.0
  Update byte-buddy to 1.14.7
  Prepare 6.7.0-SNAPSHOT builds
  JGit v6.7.0.202308301100-rc1

Change-Id: Ib2a1000ead5ca6cf3816e9e9496ad5d92f4dc963

14 months agoPrepare 6.7.1-SNAPSHOT builds 44/204144/1
Matthias Sohn [Wed, 6 Sep 2023 20:45:52 +0000 (22:45 +0200)]
Prepare 6.7.1-SNAPSHOT builds

Change-Id: I96097ef8c6f198220f513bbc6d5f8881834a1491

14 months agoSwitch back to wagon-ssh-external 42/204142/1
Matthias Sohn [Wed, 6 Sep 2023 23:07:04 +0000 (01:07 +0200)]
Switch back to wagon-ssh-external

Bug: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/2818
Change-Id: Ic283e5229b1a8a0b1ae349555ac7cfb7b046d7be

14 months agoFix generation of maven site 41/204141/1
Matthias Sohn [Wed, 6 Sep 2023 22:06:52 +0000 (00:06 +0200)]
Fix generation of maven site

- update maven-site-plugin to 4.0.0-M9
- use wagon-ssh extension for deployment
- disable doclint
- don't fail the build for javadoc warnings

Change-Id: I81f7229deaf6892416ce4cebd6c122f00a857d51

14 months agoMerge "CommitGraphWriter: Make the list of chunks immutable"
Ivan Frade [Wed, 6 Sep 2023 21:19:21 +0000 (17:19 -0400)]
Merge "CommitGraphWriter: Make the list of chunks immutable"

14 months agoEnsure home directory not null before using in Sshdsessionfactory 57/204157/1
Minh Thai [Wed, 6 Sep 2023 14:13:05 +0000 (07:13 -0700)]
Ensure home directory not null before using in Sshdsessionfactory

Home directory might not be set in DFS.

Change-Id: I3528685838065dc291826fc73a37126af7bf47ce

14 months agoCommitGraphWriter: Make the list of chunks immutable 26/204126/1
Ivan Frade [Tue, 5 Sep 2023 18:25:54 +0000 (11:25 -0700)]
CommitGraphWriter: Make the list of chunks immutable

The chunk list is calculated before start writing and it is
immutable afterwards.

Make this explicit using an unmodifiable list for the chunks.

Change-Id: I4a5cfb1f3d06a9393d8d93a3fac3c128cf3faec0

14 months agoCommitGraphWriter: Assert written bytes 23/204123/2
Ivan Frade [Tue, 5 Sep 2023 17:17:52 +0000 (10:17 -0700)]
CommitGraphWriter: Assert written bytes

The final size of the commit-graph is known before-hand. As a
safety-net, assert the written size matches the expected value.

Change-Id: Ib0828a7cce5bacb33f6325ee3910f4eebd95eb8c

14 months agoJGit v6.7.0.202309050840-r 83/204083/1 v6.7.0.202309050840-r
Matthias Sohn [Tue, 5 Sep 2023 12:41:09 +0000 (14:41 +0200)]
JGit v6.7.0.202309050840-r

Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Change-Id: Ibe952d97bc178adb909cdd40f48957f5b68af699

14 months agoRemove unused API problem filters 80/204080/1
Matthias Sohn [Tue, 5 Sep 2023 12:10:30 +0000 (14:10 +0200)]
Remove unused API problem filters

Change-Id: If37ac92711cef94a835cfd303997a3d129d212ac

14 months ago[releng] Bump japicmp base version to 6.6.0.202305301015-r 95/204095/2
Thomas Wolf [Mon, 4 Sep 2023 19:37:42 +0000 (21:37 +0200)]
[releng] Bump japicmp base version to 6.6.0.202305301015-r

Change-Id: I5392537713d4909d4fc2fee6e2b21502e0674b43
Signed-off-by: Thomas Wolf <twolf@apache.org>
14 months agoFix list of 3rd party bundles in p2 repo 73/204073/1
Matthias Sohn [Mon, 4 Sep 2023 14:59:52 +0000 (16:59 +0200)]
Fix list of 3rd party bundles in p2 repo

The jgit p2 repo should contain all 3rd party dependencies needed at
runtime but not dependencies only used in tests.

- remove assertj-core since it's only used in tests
- add org.eclipse.osgi and org.osgi.service.cm which are runtime
  dependencies

Change-Id: Ie789cb8feab0905e7e23aae1d5378e82a0088992

14 months agoAdd missing source bundle org.osgi.service.cm.source to target platform 72/204072/1
Matthias Sohn [Mon, 4 Sep 2023 14:57:24 +0000 (16:57 +0200)]
Add missing source bundle org.osgi.service.cm.source to target platform

Change-Id: I6e61278467ad11d28c08ee6b49e04dac0593f3e6

14 months agoMerge branch 'stable-6.6' into stable-6.7 45/204045/1
Matthias Sohn [Sun, 3 Sep 2023 00:16:04 +0000 (02:16 +0200)]
Merge branch 'stable-6.6' into stable-6.7

* stable-6.6:
  Prepare 6.6.2-SNAPSHOT builds
  JGit v6.6.1.202309021850-r
  Checkout: better directory handling

Change-Id: Ice82d68b2d343a5fac214807cdb369e486481aab

14 months agoPrepare 6.6.2-SNAPSHOT builds 44/204044/1
Matthias Sohn [Sat, 2 Sep 2023 23:57:43 +0000 (01:57 +0200)]
Prepare 6.6.2-SNAPSHOT builds

Change-Id: Id4e2fbefc49115c7e3de26a34cfbe01ba6de25b2

14 months agoJGit v6.6.1.202309021850-r 43/204043/1 v6.6.1.202309021850-r
Matthias Sohn [Sat, 2 Sep 2023 22:50:37 +0000 (00:50 +0200)]
JGit v6.6.1.202309021850-r

Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Change-Id: I4f173dc9d634e0c9f31305961400b6b35a0a332f

14 months agoCheckout: better directory handling 42/204042/1
Thomas Wolf [Fri, 11 Aug 2023 19:40:13 +0000 (21:40 +0200)]
Checkout: better directory handling

When checking out a file into the working tree ensure that all parent
directories of the file below the working tree root are actually
directories and do exist before we try to create the file.

When multiple files are to be checked out (or even a whole tree), this
may check the same directories over and over again. Asking the file
system every time for file attributes is a potentially expensive
operation. As a remedy, introduce an in-memory cache of directory
states for a particular check-out operation.

Apply the same fix also in the ResolveMerger, which may also check out
files, and also in the PatchApplier. In PatchApplier, also validate
paths.

Change-Id: Ie12864c54c9f901a2ccee7caddec73027f353111
Signed-off-by: Thomas Wolf <twolf@apache.org>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
14 months agoMerge branch 'master' into stable-6.7 39/204039/1
Matthias Sohn [Sat, 2 Sep 2023 07:40:19 +0000 (09:40 +0200)]
Merge branch 'master' into stable-6.7

* master:
  CommitGraphWriter: throw exception on unknown chunk

Change-Id: Iaa0c563917c4195fccd57f5e6839a37008c9b808

14 months agoCommitGraphWriter: throw exception on unknown chunk 61/204061/2
Ivan Frade [Fri, 1 Sep 2023 18:25:50 +0000 (11:25 -0700)]
CommitGraphWriter: throw exception on unknown chunk

CommitGraphWriter first defines the chunks and then writes them. If at
write time a chunk is unknown, it is ignored. This is brittle: if
somebody adds a chunk to the header but not to the actual writing, the
commit-graph is broken and there is no error reported anywhere.

Throw exception if at write time a chunk is unknown. This can only
happen by a coding error in the writer.

Change-Id: Iade677bb6ce368b6941b75a21c622917afa3b751

14 months agoDocument commit-graph options supported by JGit 34/204034/1
Matthias Sohn [Fri, 1 Sep 2023 08:43:21 +0000 (10:43 +0200)]
Document commit-graph options supported by JGit

Change-Id: I0ab1b826232bbfcf28518d7a01ae5c5d82a08e04

14 months agoFix warning raised for local variable hiding DfsPackFile#index 03/204003/1
Matthias Sohn [Thu, 31 Aug 2023 13:13:34 +0000 (15:13 +0200)]
Fix warning raised for local variable hiding DfsPackFile#index

Change-Id: I45cd3be942f798d51af1e024ceb3f4d26c7af324

14 months agoSuppress boxing warnings in DfsPackFile 02/204002/1
Matthias Sohn [Thu, 31 Aug 2023 13:11:50 +0000 (15:11 +0200)]
Suppress boxing warnings in DfsPackFile

Change-Id: I4b5a0a7ffdeaf7d7839787aa8b98ea9c72f70850

14 months agoRemove unused API problem filters 01/204001/1
Matthias Sohn [Thu, 31 Aug 2023 12:46:38 +0000 (14:46 +0200)]
Remove unused API problem filters

Change-Id: I96b73a948794ab5aaadaa558ae75b512f54d64fe

14 months agoSuppress boxing warnings in tests 00/204000/1
Matthias Sohn [Thu, 31 Aug 2023 12:45:36 +0000 (14:45 +0200)]
Suppress boxing warnings in tests

Change-Id: I56731862b0955286f86b1c0699d75313eb192fdf

14 months agoFix warning about empty block 99/203999/1
Matthias Sohn [Thu, 31 Aug 2023 12:43:28 +0000 (14:43 +0200)]
Fix warning about empty block

Change-Id: I569fb9bf39e851bca451e5a35539589766ba5c05

14 months agoUpdate mockito to 5.5.0 98/203998/1
Matthias Sohn [Thu, 31 Aug 2023 10:08:36 +0000 (12:08 +0200)]
Update mockito to 5.5.0

Change-Id: Ic62864aaf15388b8f20b2db8aa65d1dcf03465a6

14 months agoUpdate byte-buddy to 1.14.7 97/203997/1
Matthias Sohn [Thu, 31 Aug 2023 08:37:23 +0000 (10:37 +0200)]
Update byte-buddy to 1.14.7

Change-Id: Iee257eef4cdc3235db6172e19d8d271ff9988fa4

14 months agoPrepare 6.7.0-SNAPSHOT builds 66/203966/1
Matthias Sohn [Wed, 30 Aug 2023 15:46:26 +0000 (17:46 +0200)]
Prepare 6.7.0-SNAPSHOT builds

Change-Id: I49751232464e70b7d1dc3292a9f36b7a7015e44f

14 months agoJGit v6.7.0.202308301100-rc1 64/203964/1 v6.7.0.202308301100-rc1
Matthias Sohn [Wed, 30 Aug 2023 14:57:25 +0000 (16:57 +0200)]
JGit v6.7.0.202308301100-rc1

Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Change-Id: I712a9f6830364ed404d03f3a145c055906273544

14 months agoMerge branch 'master' into stable-6.7 63/203963/1
Matthias Sohn [Wed, 30 Aug 2023 14:43:08 +0000 (16:43 +0200)]
Merge branch 'master' into stable-6.7

* master:
  Remove the cbi-snapshots Maven repository
  Update Orbit to orbit-aggregation/release/4.29.0
  Add target platform for Eclipse 2023-09 (4.29)
  Use release p2 repo for Eclipse 2023-06 (4.28)
  Update tycho to 4.0.2
  Update jmh to 1.37
  Update bouncycastle to 1.76
  Fix some tests in ConfigTest
  Handle global git config $XDG_CONFIG_HOME/git/config
  IO: use JDK convenience methods
  org.eclipse.jgit.junit.ssh/.settings/.api_filters: fix unclosed tags
  ReadChangedPathFilter: fix Non-externalized string literal warning
  Introduce core.packedIndexGitUseStrongRefs config key
  DfsReader: Make PackLoadListener interface visible to subclasses
  DfsGarbageCollector: provide commit graph stats
  DfsGarbageCollector: put only GC commits into the commit graph
  DfsReader: Expose when indices are loaded

Change-Id: Idd78a0a1bc3cd3db5edb475e235c13354d9087a9

14 months agoRemove the cbi-snapshots Maven repository 58/203958/2
Matthias Sohn [Wed, 30 Aug 2023 12:15:27 +0000 (14:15 +0200)]
Remove the cbi-snapshots Maven repository

since it's not used anymore.

Change-Id: I884c5e5854d6a1f5b104d8d3bb0419e860fa34ca

14 months agoUpdate Orbit to orbit-aggregation/release/4.29.0 54/203954/5
Matthias Sohn [Tue, 29 Aug 2023 22:36:29 +0000 (00:36 +0200)]
Update Orbit to orbit-aggregation/release/4.29.0

Switch to bundle dependencies for hamcrest 1.3 to avoid issues with
split packages in that version.

Don't allow hamcrest 2.x yet since junit 4.13.2 still requires hamcrest
1.3.

See Orbit restructuring in
https://github.com/orgs/eclipse-orbit/discussions/49

Change-Id: I8faf519b8f2c4e4a6bd255d694d1aa28017acd85

14 months agoAdd target platform for Eclipse 2023-09 (4.29) 53/203953/2
Matthias Sohn [Tue, 29 Aug 2023 22:12:16 +0000 (00:12 +0200)]
Add target platform for Eclipse 2023-09 (4.29)

Change-Id: I62f9bacebf0a2a2cba6ffde7936572e3f05a629c

14 months agoUse release p2 repo for Eclipse 2023-06 (4.28) 52/203952/1
Matthias Sohn [Tue, 29 Aug 2023 22:11:54 +0000 (00:11 +0200)]
Use release p2 repo for Eclipse 2023-06 (4.28)

Change-Id: I3b8794bdb43db12c2eacda1de27651686c41abf5

14 months agoUpdate tycho to 4.0.2 88/203888/1
Matthias Sohn [Tue, 29 Aug 2023 21:22:57 +0000 (23:22 +0200)]
Update tycho to 4.0.2

Change-Id: Ib619bc09bf79c0f9e7526c0303606f314e8c1209

14 months agoUpdate jmh to 1.37 87/203887/1
Matthias Sohn [Tue, 29 Aug 2023 21:17:50 +0000 (23:17 +0200)]
Update jmh to 1.37

Change-Id: I39e3dda1c13268c44055295398eab36c5ff7eb3e

14 months agoUpdate bouncycastle to 1.76 84/203884/2
Matthias Sohn [Tue, 29 Aug 2023 20:01:03 +0000 (22:01 +0200)]
Update bouncycastle to 1.76

Change-Id: Ic569f348106e917001fbaa25a302fc20cca56244

14 months agoFix some tests in ConfigTest 82/203882/1
Matthias Sohn [Tue, 29 Aug 2023 19:26:34 +0000 (21:26 +0200)]
Fix some tests in ConfigTest

Some of the ConfigTest tests created a FileRepositoryBuilder but didn't
use it to actually create a FileRepository.

Change-Id: I1a4b27891daee1b235a71e7bbf2a7588b9d11a53

14 months agoHandle global git config $XDG_CONFIG_HOME/git/config 48/203248/3
Thomas Wolf [Wed, 5 Jul 2023 20:21:30 +0000 (22:21 +0200)]
Handle global git config $XDG_CONFIG_HOME/git/config

C git uses this alternate fallback location if the file exists and
~/.gitconfig does not. Implement this also for JGit.

If both files exist, reading behavior is as if the XDG config was
inserted between the HOME config and the system config. Writing
behaviour is different: all changes will be applied only in the HOME
config. Updates will occur in the XDG config only if the HOME config
does not exist.

This is consistent with the behavior of C git; compare [1], especially
the sections on FILES and SCOPES, and the description of the --global
option.

[1] https://git-scm.com/docs/git-config

Bug: 581875
Change-Id: I2460b9aa963fd2811ed8a5b77b05107d916f2b44
Signed-off-by: Thomas Wolf <twolf@apache.org>
14 months agoIO: use JDK convenience methods 02/203702/2
Jörg Kubitz [Thu, 17 Aug 2023 09:20:13 +0000 (11:20 +0200)]
IO: use JDK convenience methods

The benefit is that certain InputStreams can override the default
implementation for performance reasons.

Change-Id: I4c924157ec0f0ec63b0eca7cdbdc9325af24cab6

14 months agoorg.eclipse.jgit.junit.ssh/.settings/.api_filters: fix unclosed tags 97/203697/3
Jörg Kubitz [Wed, 16 Aug 2023 12:51:35 +0000 (14:51 +0200)]
org.eclipse.jgit.junit.ssh/.settings/.api_filters: fix unclosed tags

error was introduced with I0fb77bb9b498d48d5da88a93486b99bf8121e3bd

Change-Id: I60af78cf0213a07356cb39b5f756679c58daee56

14 months agoReadChangedPathFilter: fix Non-externalized string literal warning 96/203696/3
Jörg Kubitz [Wed, 16 Aug 2023 12:39:23 +0000 (14:39 +0200)]
ReadChangedPathFilter: fix Non-externalized string literal warning

Change-Id: I78161a2dbc08918267bc59a1ed267c5108f5c391

14 months agoIntroduce core.packedIndexGitUseStrongRefs config key 06/203706/7
Martin Fick [Tue, 15 Aug 2023 03:48:55 +0000 (21:48 -0600)]
Introduce core.packedIndexGitUseStrongRefs config key

Introduce a core.packedIndexGitUseStrongRefs configuration key, which
defaults to true so that the current behavior does not change. However,
setting it to false allows soft references to be used for Pack indices
instead of strong references so that they can be garbage collected when
there is memory pressure.

Pack objects can be large when associated with pack files with large
object counts, and this memory is not really accounted for or tracked by
the WindowCache and it can be very substantial at times, especially with
many large object count projects. A particularly problematic use case is
Gerrit's ls-projects command which loads very little data in the
WindowCache via ByteWindows, but ends up loading and holding many entire
indices in memory, sometimes even after the ByteWindows for their Pack
objects have already been garbage collected since they won't get cleared
until after a new ByteWindow is loaded. By using SoftReferences, single
use indices can get cleared when there is memory pressure and OOMs can
be easily avoided, drastically reducing the amount of memory required to
perform an ls-projects on large sites with many projects and large
object counts.

On one of our test sites, an ls-projects command with strong index
references requires more than 66GB of heap to complete successfully,
with soft index references it requires less than 23GB.

Change-Id: I3cb3df52f4ce1b8c554d378807218f199077d80b
Signed-off-by: Martin Fick <quic_mfick@quicinc.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
15 months agoMerge "DfsGarbageCollector: provide commit graph stats"
Jonathan Tan [Mon, 21 Aug 2023 17:07:51 +0000 (13:07 -0400)]
Merge "DfsGarbageCollector: provide commit graph stats"

15 months agoDfsReader: Make PackLoadListener interface visible to subclasses 20/203720/2
Ivan Frade [Fri, 18 Aug 2023 18:22:35 +0000 (11:22 -0700)]
DfsReader: Make PackLoadListener interface visible to subclasses

A subclass cannot implement a listener with the default access.

Make the interface protected. Not public because so far only
subclasses are interested in this interface. We can widen the
visibility later if needed.

Change-Id: I54e5c0ef1312dfe2fa660bc8fb54e2be35c0f6df

15 months agoDfsGarbageCollector: provide commit graph stats 14/203714/1
Jonathan Tan [Thu, 17 Aug 2023 22:41:02 +0000 (15:41 -0700)]
DfsGarbageCollector: provide commit graph stats

Provide commit graph stats in the same way that we provide reftable
stats.

Signed-off-by: Jonathan Tan <jonathantanmy@google.com>
Change-Id: Ib80c892a26f9b552bc90f3cbe7da83b02ffebdfd

15 months agoDfsGarbageCollector: put only GC commits into the commit graph 86/203686/2
Ivan Frade [Wed, 16 Aug 2023 20:26:39 +0000 (13:26 -0700)]
DfsGarbageCollector: put only GC commits into the commit graph

GC puts all commits reachable from heads and tags into the GC pack,
and commits reachable only from other refs (e.g. refs/changes) into
GC_REST. The commit-graph contains all commits in GC and GC_REST. This
produces too big commit graphs in some repos, beating the purpose of
loading the index.

Limit the commit graph to commits reachable from heads and tags
(i.e. commits in the GC pack).

Change-Id: I4962faea5a726d2ea3e548af0aeae370a6cc8588

15 months agoDfsReader: Expose when indices are loaded 99/203399/11
Ivan Frade [Fri, 28 Jul 2023 09:41:26 +0000 (11:41 +0200)]
DfsReader: Expose when indices are loaded

We want to measure the data used to serve a request. As a first step,
we want to know how many indices are accessed during the request and
their sizes.

Expose an interface in DfsReader to announce when an index is loaded
into the reader, i.e. when its reference is set.

The interface is more flexible to implementors (what/how to collect)
than the existing DfsReaderIOStats object.

Change-Id: I56f7658fde1758efaf869fa779d11b533a81a0a7

15 months agoMerge branch 'stable-6.7' 27/203527/2
Matthias Sohn [Thu, 3 Aug 2023 08:19:05 +0000 (10:19 +0200)]
Merge branch 'stable-6.7'

* stable-6.7:
  Update to Tycho 4.0.1
  Prepare 6.7.0-SNAPSHOT builds
  JGit v6.7.0.202308011830-m2
  Add verification in GcKeepFilesTest that bitmaps are generated
  Express the explicit intention of creating bitmaps in GC
  GC: prune all packfiles after the loosen phase
  Prepare 5.13.3-SNAPSHOT builds
  JGit v5.13.2.202306221912-r

Change-Id: I197d6116a4b5badc58b57d309982d2f6b3e45825

15 months agoMerge branch 'stable-6.6' into stable-6.7 26/203526/2
Matthias Sohn [Thu, 3 Aug 2023 08:17:22 +0000 (10:17 +0200)]
Merge branch 'stable-6.6' into stable-6.7

* stable-6.6:
  Update to Tycho 4.0.1
  Add verification in GcKeepFilesTest that bitmaps are generated
  Express the explicit intention of creating bitmaps in GC
  GC: prune all packfiles after the loosen phase
  Prepare 5.13.3-SNAPSHOT builds
  JGit v5.13.2.202306221912-r

Change-Id: I7294c21748897eb3f94eeffbda944b62e3206c0d

15 months agoMerge branch 'stable-6.5' into stable-6.6 25/203525/2
Matthias Sohn [Thu, 3 Aug 2023 08:14:45 +0000 (10:14 +0200)]
Merge branch 'stable-6.5' into stable-6.6

* stable-6.5:
  Add verification in GcKeepFilesTest that bitmaps are generated
  Express the explicit intention of creating bitmaps in GC
  GC: prune all packfiles after the loosen phase
  Prepare 5.13.3-SNAPSHOT builds
  JGit v5.13.2.202306221912-r

Change-Id: Id2e49252a9dc268210c9439848e77604885371aa

15 months agoUpdate to Tycho 4.0.1 28/203528/1
Matthias Sohn [Thu, 3 Aug 2023 08:12:57 +0000 (10:12 +0200)]
Update to Tycho 4.0.1

Tycho 4.0.0-SNAPSHOT is no longer available and it's a bad practice to
depend on any snapshot version (we had to since this was the only way
to get gpg signing to work in time for releasing 6.6.0).

Change-Id: I1d4af5f69965b4cad50b379fd81f6f442b38c8d0

15 months agoMerge branch 'stable-6.4' into stable-6.5 23/203523/1
Matthias Sohn [Wed, 2 Aug 2023 23:55:12 +0000 (01:55 +0200)]
Merge branch 'stable-6.4' into stable-6.5

* stable-6.4:
  Add verification in GcKeepFilesTest that bitmaps are generated
  Express the explicit intention of creating bitmaps in GC
  GC: prune all packfiles after the loosen phase
  Prepare 5.13.3-SNAPSHOT builds
  JGit v5.13.2.202306221912-r

Change-Id: Idb6dd6160e023673e3650653a15f6b1c540de96e

15 months agoMerge branch 'stable-6.3' into stable-6.4 22/203522/1
Matthias Sohn [Wed, 2 Aug 2023 23:51:36 +0000 (01:51 +0200)]
Merge branch 'stable-6.3' into stable-6.4

* stable-6.3:
  Add verification in GcKeepFilesTest that bitmaps are generated
  Express the explicit intention of creating bitmaps in GC
  GC: prune all packfiles after the loosen phase
  Prepare 5.13.3-SNAPSHOT builds
  JGit v5.13.2.202306221912-r

Change-Id: I0bccc36d9cc9a36f1be9b1562df35ce3a0e95eee

15 months agoMerge branch 'stable-6.2' into stable-6.3 21/203521/1
Matthias Sohn [Wed, 2 Aug 2023 23:37:43 +0000 (01:37 +0200)]
Merge branch 'stable-6.2' into stable-6.3

* stable-6.2:
  Add verification in GcKeepFilesTest that bitmaps are generated
  Express the explicit intention of creating bitmaps in GC
  GC: prune all packfiles after the loosen phase
  Prepare 5.13.3-SNAPSHOT builds
  JGit v5.13.2.202306221912-r

Change-Id: I589ed444b5cbfc5b073cac91323e2cc97ab98087

15 months agoMerge branch 'stable-6.1' into stable-6.2 20/203520/1
Matthias Sohn [Wed, 2 Aug 2023 23:28:07 +0000 (01:28 +0200)]
Merge branch 'stable-6.1' into stable-6.2

* stable-6.1:
  Add verification in GcKeepFilesTest that bitmaps are generated
  Express the explicit intention of creating bitmaps in GC
  GC: prune all packfiles after the loosen phase
  Prepare 5.13.3-SNAPSHOT builds
  JGit v5.13.2.202306221912-r

Change-Id: I5b16c3b613a95b7f28c8f6ac0b20c4c593759cea

15 months agoMerge branch 'stable-6.0' into stable-6.1 19/203519/1
Matthias Sohn [Wed, 2 Aug 2023 23:19:21 +0000 (01:19 +0200)]
Merge branch 'stable-6.0' into stable-6.1

* stable-6.0:
  Add verification in GcKeepFilesTest that bitmaps are generated
  Express the explicit intention of creating bitmaps in GC
  GC: prune all packfiles after the loosen phase
  Prepare 5.13.3-SNAPSHOT builds
  JGit v5.13.2.202306221912-r

Change-Id: Ib08037f6055dac1776e38cfb4ff8c88a50ad3e60

15 months agoMerge branch 'stable-5.13' into stable-6.0 18/203518/1
Matthias Sohn [Wed, 2 Aug 2023 23:17:17 +0000 (01:17 +0200)]
Merge branch 'stable-5.13' into stable-6.0

* stable-5.13:
  Add verification in GcKeepFilesTest that bitmaps are generated
  Express the explicit intention of creating bitmaps in GC
  GC: prune all packfiles after the loosen phase
  Prepare 5.13.3-SNAPSHOT builds
  JGit v5.13.2.202306221912-r

Change-Id: I1f50995d9d9c592ec0e02a04e0e409440b49f9f3

15 months agoPrepare 6.7.0-SNAPSHOT builds 15/203515/1
Matthias Sohn [Wed, 2 Aug 2023 22:05:50 +0000 (00:05 +0200)]
Prepare 6.7.0-SNAPSHOT builds

Change-Id: I936d2d9106a1e3b7a98ec89fec8ae8a92ec765f2

15 months agoJGit v6.7.0.202308011830-m2 60/203460/1 v6.7.0.202308011830-m2
Matthias Sohn [Tue, 1 Aug 2023 22:30:01 +0000 (00:30 +0200)]
JGit v6.7.0.202308011830-m2

Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Change-Id: I255a979e9f48f60a251ef7b74ced3f720f012706

15 months agoAdd missing @since tags 59/203459/1
Matthias Sohn [Tue, 1 Aug 2023 22:19:02 +0000 (00:19 +0200)]
Add missing @since tags

This was missed in c353645a09b6

Change-Id: I4ae5b13bd7bfd09c113d91ece727a26706660826

15 months agoMerge "Merge: Add diff3 style merge conflict formatter."
Han-Wen NIenhuys [Tue, 1 Aug 2023 17:08:34 +0000 (13:08 -0400)]
Merge "Merge: Add diff3 style merge conflict formatter."

15 months agoFix errorprone warning about precedence 42/203442/2
Han-Wen Nienhuys [Mon, 31 Jul 2023 17:51:58 +0000 (19:51 +0200)]
Fix errorprone warning about precedence

The condition looks suspicious, as in case of

  (hasElement==null && hasNext())

the check will generate a NPE

Change-Id: I267f9df6746393d72f5102bd5271441422550968

15 months agoMove footer-line parsing methods from RevCommit to FooterLine 23/203223/14
Nitzan Gur-Furman [Wed, 19 Jul 2023 08:37:39 +0000 (10:37 +0200)]
Move footer-line parsing methods from RevCommit to FooterLine

This allows extracting footers from a messages not associated with a
commit.

The public API of RevCommit is kept intact.

Change-Id: I5809c23df7b7d49641a4be3a26d6f987d3d57c9b
Bug: Google b/287891316

15 months agoMerge: Add diff3 style merge conflict formatter. 80/148280/5
Haamed Gheibi [Tue, 25 Jul 2023 00:50:34 +0000 (17:50 -0700)]
Merge: Add diff3 style merge conflict formatter.

Add base section to the merge conflict hunks.

Bug: 442284
Change-Id: I977b43e7dd8119d6b72d11f09c4e8ec241750383

15 months agoMerge changes I8c60d970,I09bdd4b8,I87ff3933
Jonathan Tan [Wed, 26 Jul 2023 20:39:13 +0000 (16:39 -0400)]
Merge changes I8c60d970,I09bdd4b8,I87ff3933

* changes:
  Pack: open reverse index from file if present
  PackReverseIndex: open file if present otherwise compute
  PackReverseIndex: verify checksums

15 months agoRevCommitCG: Read changed-path-filters directly from commit graph 49/203349/3
Ivan Frade [Tue, 25 Jul 2023 10:25:33 +0000 (03:25 -0700)]
RevCommitCG: Read changed-path-filters directly from commit graph

RevCommit and RevCommitCG were designed like "pointers" to data that
load the content on demand, not on construction. This saves memory.

Make the loading of changed-path-filter follow the same pattern. The
ChangedPathFilters are only pointers to locations in the commit-graph
(not the actual data), so the memory saving is not that big, but this
is more consistent with the rest of the API.

As 6.7 is not released, we can still change the RevWalk API.

Change-Id: Id4186ea744b8a2418d0329facae69f785108d356

15 months agoUpdate commons-codec to 1.16.0 41/203341/2
Matthias Sohn [Tue, 25 Jul 2023 20:27:13 +0000 (22:27 +0200)]
Update commons-codec to 1.16.0

Change-Id: I64617b17a168da1966b93c283c150d549477f3e1

15 months agoAdd missing @since tags for new API methods 40/203340/2
Matthias Sohn [Tue, 25 Jul 2023 20:07:02 +0000 (22:07 +0200)]
Add missing @since tags for new API methods

This was missed in d3b40e72acd3.

Change-Id: I6e90157c6be34ae6618e246b02cf77631c8e9732

15 months agoAdd missing package import needed to use MurmurHash3 39/203339/1
Matthias Sohn [Tue, 25 Jul 2023 20:06:27 +0000 (22:06 +0200)]
Add missing package import needed to use MurmurHash3

This was missed in 49beb5ae519e and broke the OSGi classpath.

Change-Id: I08a307e9e3aade4ed8a5b5e2cc5e5d03c57dfa56

15 months agoMerge "Identify a commit that generates a diffEntry on a rename Event."
Jonathan Tan [Tue, 25 Jul 2023 16:09:40 +0000 (12:09 -0400)]
Merge "Identify a commit that generates a diffEntry on a rename Event."

15 months agoIdentify a commit that generates a diffEntry on a rename Event. 57/203257/13
Ronald Bhuleskar [Wed, 19 Jul 2023 21:25:46 +0000 (14:25 -0700)]
Identify a commit that generates a diffEntry on a rename Event.

When using FollowFilter's rename callback, a callback is generated with the diff. The caller that is interested in the renames knows what the diff's are but have no idea what commit generated that diff.

This will allow FollowFilter's rename callback to track diffEntry for a given commit.

Change-Id: If1e63ccd19fdcb9c58c59137110fe24e0ce023d2

16 months agoMerge changes I60a92463,Ic3b68220
Jonathan Tan [Fri, 21 Jul 2023 18:05:38 +0000 (14:05 -0400)]
Merge changes I60a92463,Ic3b68220

* changes:
  PackReverseIndexV1: reverse index parsed from version 1 file
  ComputedPackReverseIndex: Clarify custom bucket sort algorithm

16 months agoPack: open reverse index from file if present 95/203195/3
Anna Papitto [Fri, 14 Jul 2023 19:19:27 +0000 (12:19 -0700)]
Pack: open reverse index from file if present

The reverse index for a pack is still always computed if needed, which
is slower than parsing it from a file.

Supply the file path where the reverse index file might be so that it
parsed instead of computed if the file is present.

Change-Id: I8c60d970fd587341dfb2763fb87f1c586279f2a5
Signed-off-by: Anna Papitto <annapapitto@google.com>
16 months agoPackReverseIndexV1: reverse index parsed from version 1 file 92/203192/3
Anna Papitto [Fri, 14 Jul 2023 19:19:27 +0000 (12:19 -0700)]
PackReverseIndexV1: reverse index parsed from version 1 file

The reverse index for a pack is used to quickly find an object's
position in the pack's forward index based on that object's pack offset.
It is currently computed from the forward index by sorting the index
entries by the corresponding pack offset. This computation uses
insertion sort, which has an average runtime of O(n^2).

Cgit persists a pack reverse index file
to avoid recomputing the reverse index ordering. Instead they write a
file with format
https://git-scm.com/docs/pack-format#_pack_rev_files_have_the_format
which can later be read and parsed into the in-memory reverse index
each time it is needed.

PackReverseIndexV1 parses a reverse index file with the official
version 1 format into an in-memory representation of the reverse index
which implements methods to find an object's forward index position
from its offset in logorithmic time.

Change-Id: I60a92463fbd6a8cc9c1c7451df1c14d0a21a0f64
Signed-off-by: Anna Papitto <annapapitto@google.com>
16 months agoPackReverseIndex: open file if present otherwise compute 94/203194/3
Anna Papitto [Fri, 14 Jul 2023 19:19:27 +0000 (12:19 -0700)]
PackReverseIndex: open file if present otherwise compute

The existing #read and #computeFromIndex static builder methods require
the caller to choose whether to supply an input stream of a reverse
index file or a forward index to compute the reverse index from, which
is slower.

Allow a caller to provide a file path where the pack's reverse index
might be and the pack's forward index index and simply get some reverse
index instance back. Prefer opening and parsing the file if it is
present, to save computation time. Otherwise, fall back onto computing
the reverse index from the pack's forward index.

Change-Id: I09bdd4b813ad62c86add586417b2ab86e9331aec
Signed-off-by: Anna Papitto <annapapitto@google.com>
16 months agoPackReverseIndex: verify checksums 93/203193/3
Anna Papitto [Fri, 14 Jul 2023 19:19:27 +0000 (12:19 -0700)]
PackReverseIndex: verify checksums

The new version 1 file-based reverse index has a footer with the
checksum of the corresponding pack file and a checksum of its own
contents. The initial implementation doesn't enforce that the pack
checksum matches the checksum found in the forward index nor that the
self checksum matches the contents of the file just read in.

Offer a method for reverse index users to verify the checksums in a way
appropriate to the version being used. For the pre-existing computed
version, always succeed since it is not based on a file so there is no
possibility of corruption.

Check for corruption of the file itself during parsing the checksum
footer, by comparing the self checksum with the digest of the file
contents read.

Change-Id: I87ff3933cf1afa76663350400b616695e4966cb6
Signed-off-by: Anna Papitto <annapapitto@google.com>
16 months agoComputedPackReverseIndex: Clarify custom bucket sort algorithm 90/203190/3
Anna Papitto [Fri, 14 Jul 2023 19:19:27 +0000 (12:19 -0700)]
ComputedPackReverseIndex: Clarify custom bucket sort algorithm

The ComputedPackReverseIndex uses a custom sorting algorithm, based on
bucket sort with insertion sort but with the data managed as a linked
list across two int arrays. This custom algorithm relies on the set of
values being sorted being exactly 0, ..., n-1; so that they can serve a
second purpose of being indexes into a second equally sized list.

This custom algorithm was introduced ~10 years ago in
https://eclipse.googlesource.com/jgit/jgit/+/6cc532a43cf28403cb623d3df8600a2542a40a43.
The original author is no longer an active contributor, so it is
valuable for the code to be readable, especially as there is currently
active work on reverse indexes.

Rename variables and add comments to clarify the algorithm and improve
readability. There are no functional changes to the algorithm.

Change-Id: Ic3b682203f20e06f9f865f81259e034230f9720a
Signed-off-by: Anna Papitto <annapapitto@google.com>
16 months agoCommitGraphWriter: add option for writing/using bloom filters 36/201936/18
Ronald Bhuleskar [Wed, 17 May 2023 23:29:14 +0000 (16:29 -0700)]
CommitGraphWriter: add option for writing/using bloom filters

Currently, bloom filters are written and used without any way to turn
them off. Add a per-repo config variable to control whether bloom
filters are written. As for reading, add a JGit option to control this.
(A JGit option is used instead of a per-repo config variable as there is
usually no reason not to use the bloom filters if they are present, but
a global control to disable them is useful if there turns out to be an
issue with the implementation of bloom filters.)

The config that controls reading is the same as C Git, but the config
for writing is not: C Git has no config to control writing, but whether
bloom filters are written depends on whether bloom filters are already
present and what arguments are passed to "git commit-graph write". See
the manpage of "git commit-graph" for more information.

Change-Id: I1b7b25340387673506252b9260b22bfe147bde58

16 months agoCommitGraphWriter: reuse changed path filters 54/201854/13
Jonathan Tan [Mon, 8 May 2023 20:51:28 +0000 (13:51 -0700)]
CommitGraphWriter: reuse changed path filters

Teach CommitGraphWriter to reuse changed path filters that have been
read from the commit graph file whenever possible.

Change-Id: I1acbfa1613ca7198386a49209028886af360ddb6
Signed-off-by: Jonathan Tan <jonathantanmy@google.com>
16 months agoRevWalk: use changed path filters 53/201853/13
Jonathan Tan [Tue, 2 May 2023 17:44:16 +0000 (10:44 -0700)]
RevWalk: use changed path filters

Teach RevWalk, TreeRevFilter, PathFilter, and FollowFilter to use
changed path filters, whenever available, to speed revision walks by
skipping commits that fail the changed path filter.

This work is based on earlier work by Kyle Zhao
(I441be984b609669cff77617ecfc838b080ce0816).

Change-Id: I7396f70241e571c63aabe337f6de1b8b9800f7ed
Signed-off-by: kylezhao <kylezhao@tencent.com>
Signed-off-by: Jonathan Tan <jonathantanmy@google.com>
16 months agoCommitGraphLoader: read changed-path filters 52/201852/13
Jonathan Tan [Mon, 24 Apr 2023 19:55:30 +0000 (12:55 -0700)]
CommitGraphLoader: read changed-path filters

As described in the parent commit, add support for reading the BIDX and
BDAT chunks of the commit graph file, as described in man gitformat-
commit-graph(5).

This work is based on earlier work by Kyle Zhao
(I160f6b022afaa842c331fb9a086974e49dced7b2).

Change-Id: I82e02e6a3a3b758e6bf9d7bbd2198f0ffe3a331b
Signed-off-by: kylezhao <kylezhao@tencent.com>
Signed-off-by: Jonathan Tan <jonathantanmy@google.com>
16 months agoCommitGraphWriter: write changed-path filters 51/201851/12
Jonathan Tan [Tue, 18 Apr 2023 22:20:02 +0000 (15:20 -0700)]
CommitGraphWriter: write changed-path filters

Add support for writing the BIDX and BDAT chunks of the commit graph
file, as described in man gitformat-commit-graph(5). The ability to read
such chunks will be added in a subsequent commit.

This work is based on earlier work by Kyle Zhao
(Ib863782af209f26381e3ca0a2c119b99e84b679c).

Change-Id: Ic18e6f0eeec7da1e1ff31751aabda5e6952dbe6e
Signed-off-by: kylezhao <kylezhao@tencent.com>
Signed-off-by: Jonathan Tan <jonathantanmy@google.com>
16 months agoMerge "ssh: PKCS#11 support"
Matthias Sohn [Mon, 17 Jul 2023 22:13:06 +0000 (18:13 -0400)]
Merge "ssh: PKCS#11 support"

16 months agossh: PKCS#11 support 78/203078/11
Thomas Wolf [Sun, 9 Jul 2023 18:06:37 +0000 (20:06 +0200)]
ssh: PKCS#11 support

Support PKCS#11 HSMs (like YubiKey PIV) for SSH authentication.

Use the SunPKCS11 provider as described at [1]. This provider
dynamically loads the library from the PKCS11Provider SSH configuration
and creates a Java KeyStore with that provider. A Java CallbackHandler
is needed to feed PIN prompts from the KeyStore into the JGit
CredentialsProvider framework. Because the JGit CredentialsProvider may
be specific to a SSH session but the PKCS11Provider may be used by
several sessions, the CallbackHandler needs to be configurable per
session.

PIN prompts respect the NumberOfPasswordPrompts SSH configuration. As
long as the library asks only for a PIN, we use the KeyPasswordProvider
to prompt for it. This gives automatic integration in Eclipse with the
Eclipse secure storage, so a user has even the option to store the PIN
there. (Eclipse will then ask for the secure storage master password on
first access, so the usefulness of this is debatable.)

By default the provider uses the first PKCS#11 token (slot list index
zero). This can be overridden by a non-standard PKCS11SlotListIndex
ssh configuration entry. (For OpenSSH interoperability, also set
"IgnoreUnknown PKCS11SlotListIndex" in the SSH config file then.)

Once loaded, the provider and its shared library and the keys
contained remain available until the application exits.

Manually tested using SoftHSM. See file manual_tests.txt. Kudos to
Christopher Lamb for additional manual testing with a real YubiKey,
also on Windows.[2]

[1] https://docs.oracle.com/en/java/javase/11/security/pkcs11-reference-guide1.html
[2] https://www.eclipse.org/forums/index.php/t/1113295/

Change-Id: I544c97e1e24d05e28a9f0e803fd4b9151a76ed11
Signed-off-by: Thomas Wolf <twolf@apache.org>