diff options
| author | David Ostrovsky <david@ostrovsky.org> | 2014-03-16 18:28:03 +0100 |
|---|---|---|
| committer | James Moger <james.moger@gitblit.com> | 2014-04-10 18:58:08 -0400 |
| commit | 75ebd391b88884581b1139c87c98bb687941a8fe (patch) | |
| tree | 0050f7a069c483de425e64c5714598a59413893f /src/main/java/com/gitblit/transport/ssh/commands/BaseKeyCommand.java | |
| parent | 282b8fd82c46ba6874fb24c8715af103645f3406 (diff) | |
| download | gitblit-75ebd391b88884581b1139c87c98bb687941a8fe.tar.gz gitblit-75ebd391b88884581b1139c87c98bb687941a8fe.zip | |
Prevent double authentication for the same public key
Openssh client sends two requests, one without a key signature to verify
that the public key is acceptable and the second one with the signature
after having loaded the private key and signed some data for actual
verification.
To prevent that the PublickeyAuthenticator#authenticate is called twice
cache the authentication status for session and public key. Implement
SessionListener to clean up the cache entry when session is destroyed.
This is a workaround for SSHD bug [1].
Inspired-By: Guillaume Nodet <gnodet@apache.org>
[1] https://issues.apache.org/jira/browse/SSHD-300
Diffstat (limited to 'src/main/java/com/gitblit/transport/ssh/commands/BaseKeyCommand.java')
| -rw-r--r-- | src/main/java/com/gitblit/transport/ssh/commands/BaseKeyCommand.java | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/main/java/com/gitblit/transport/ssh/commands/BaseKeyCommand.java b/src/main/java/com/gitblit/transport/ssh/commands/BaseKeyCommand.java index 36475244..f92ea6f9 100644 --- a/src/main/java/com/gitblit/transport/ssh/commands/BaseKeyCommand.java +++ b/src/main/java/com/gitblit/transport/ssh/commands/BaseKeyCommand.java @@ -21,7 +21,7 @@ import java.io.InputStreamReader; import java.io.UnsupportedEncodingException; import java.util.List; -import com.gitblit.transport.ssh.PublicKeyAuthenticator; +import com.gitblit.transport.ssh.CachingPublicKeyAuthenticator; import com.google.common.base.Charsets; /** @@ -51,8 +51,8 @@ public abstract class BaseKeyCommand extends SshCommand { return sshKeys; } - protected PublicKeyAuthenticator authenticator; - public void setAuthenticator(PublicKeyAuthenticator authenticator) { + protected CachingPublicKeyAuthenticator authenticator; + public void setAuthenticator(CachingPublicKeyAuthenticator authenticator) { this.authenticator = authenticator; } } |