diff options
| author | Florian Zschocke <2362065+flaix@users.noreply.github.com> | 2022-10-16 17:23:48 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-10-16 17:23:48 +0200 |
| commit | 3c54c9f73678d86cf34edf6d0ef3a727ca8286c0 (patch) | |
| tree | fe2566413bba71a09cd8cc8b32af6715827a0e33 /src/main/java/com/gitblit/transport/ssh/SshDaemon.java | |
| parent | 541472fe1d74130d8f0105331a1d16c07c676027 (diff) | |
| parent | 57365bf17dfc2ed222a5bf347dd83a9c228cae1a (diff) | |
| download | gitblit-3c54c9f73678d86cf34edf6d0ef3a727ca8286c0.tar.gz gitblit-3c54c9f73678d86cf34edf6d0ef3a727ca8286c0.zip | |
Merge pull request #1427 from flaix/ssh-upate
Update SSHD to version 1.7.0 and add support for EdDSA user keys
Diffstat (limited to 'src/main/java/com/gitblit/transport/ssh/SshDaemon.java')
| -rw-r--r-- | src/main/java/com/gitblit/transport/ssh/SshDaemon.java | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java index 63fa51dd..8bb880b0 100644 --- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java +++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java @@ -29,7 +29,9 @@ import java.util.concurrent.atomic.AtomicBoolean; import org.apache.sshd.common.io.IoServiceFactoryFactory; import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory; import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory; -import org.apache.sshd.common.util.SecurityUtils; +import org.apache.sshd.common.util.security.SecurityUtils; +import org.apache.sshd.common.util.security.bouncycastle.BouncyCastleSecurityProviderRegistrar; +import org.apache.sshd.common.util.security.eddsa.EdDSASecurityProviderRegistrar; import org.apache.sshd.server.SshServer; import org.apache.sshd.server.auth.pubkey.CachingPublicKeyAuthenticator; import org.bouncycastle.openssl.PEMWriter; @@ -92,9 +94,14 @@ public class SshDaemon { IStoredSettings settings = gitblit.getSettings(); // Ensure that Bouncy Castle is our JCE provider - SecurityUtils.setRegisterBouncyCastle(true); + SecurityUtils.registerSecurityProvider(new BouncyCastleSecurityProviderRegistrar()); if (SecurityUtils.isBouncyCastleRegistered()) { - log.debug("BouncyCastle is registered as a JCE provider"); + log.info("BouncyCastle is registered as a JCE provider"); + } + // Add support for ED25519_SHA512 + SecurityUtils.registerSecurityProvider(new EdDSASecurityProviderRegistrar()); + if (SecurityUtils.isProviderRegistered("EdDSA")) { + log.info("EdDSA is registered as a JCE provider"); } // Generate host RSA and DSA keypairs and create the host keypair provider @@ -160,7 +167,7 @@ public class SshDaemon { sshd.setSessionFactory(new SshServerSessionFactory(sshd)); sshd.setFileSystemFactory(new DisabledFilesystemFactory()); - sshd.setTcpipForwardingFilter(new NonForwardingFilter()); + sshd.setForwardingFilter(new NonForwardingFilter()); sshd.setCommandFactory(new SshCommandFactory(gitblit, workQueue)); sshd.setShellFactory(new WelcomeShell(gitblit)); |