diff options
author | ricardop <ricardo.pardini@me.com.br> | 2018-01-03 16:09:27 +0100 |
---|---|---|
committer | Florian Zschocke <f.zschocke+git@gmail.com> | 2022-10-08 21:14:19 +0200 |
commit | 0f3fdd8d4d8884a821069b65e08cfe197bf45bd2 (patch) | |
tree | 5dce3f2f8b36a32c2bfa92ef297c794ddda889b2 /src/main | |
parent | 541472fe1d74130d8f0105331a1d16c07c676027 (diff) | |
download | gitblit-0f3fdd8d4d8884a821069b65e08cfe197bf45bd2.tar.gz gitblit-0f3fdd8d4d8884a821069b65e08cfe197bf45bd2.zip |
upgrade to sshd 1.6.0, add eddsa dependency, upgrade jgit to 4.1.2
(cherry picked from commit d8fbdda2ab3fa48e92bdf37399d4b75c48409c5c@rpardini:master)
# Conflicts:
# .classpath
# build.moxie
# src/test/java/com/gitblit/tests/SshUnitTest.java
Diffstat (limited to 'src/main')
4 files changed, 29 insertions, 20 deletions
diff --git a/src/main/java/com/gitblit/transport/ssh/FileKeyPairProvider.java b/src/main/java/com/gitblit/transport/ssh/FileKeyPairProvider.java index db0741e0..cc91bb8c 100644 --- a/src/main/java/com/gitblit/transport/ssh/FileKeyPairProvider.java +++ b/src/main/java/com/gitblit/transport/ssh/FileKeyPairProvider.java @@ -26,7 +26,7 @@ import java.util.Iterator; import java.util.NoSuchElementException; import org.apache.sshd.common.keyprovider.AbstractKeyPairProvider; -import org.apache.sshd.common.util.SecurityUtils; +import org.apache.sshd.common.util.security.SecurityUtils; import org.bouncycastle.openssl.PEMDecryptorProvider; import org.bouncycastle.openssl.PEMEncryptedKeyPair; import org.bouncycastle.openssl.PEMKeyPair; diff --git a/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java b/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java index f2176cb0..3164ad79 100644 --- a/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java +++ b/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java @@ -21,23 +21,23 @@ import org.apache.sshd.server.forward.ForwardingFilter; public class NonForwardingFilter implements ForwardingFilter { - @Override - public boolean canConnect(Type type, SshdSocketAddress address, Session session) { - return false; - } + @Override + public boolean canConnect(Type type, SshdSocketAddress address, Session session) { + return false; + } - @Override - public boolean canForwardAgent(Session session) { - return false; - } + @Override + public boolean canForwardAgent(Session session, String requestType) { + return false; + } - @Override - public boolean canForwardX11(Session session) { - return false; - } + @Override + public boolean canForwardX11(Session session, String requestType) { + return false; + } - @Override - public boolean canListen(SshdSocketAddress address, Session session) { - return false; - } + @Override + public boolean canListen(SshdSocketAddress address, Session session) { + return false; + } } diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java index 63fa51dd..405c794e 100644 --- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java +++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java @@ -29,7 +29,9 @@ import java.util.concurrent.atomic.AtomicBoolean; import org.apache.sshd.common.io.IoServiceFactoryFactory; import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory; import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory; -import org.apache.sshd.common.util.SecurityUtils; +import org.apache.sshd.common.util.security.SecurityUtils; +import org.apache.sshd.common.util.security.bouncycastle.BouncyCastleSecurityProviderRegistrar; +import org.apache.sshd.common.util.security.eddsa.EdDSASecurityProviderRegistrar; import org.apache.sshd.server.SshServer; import org.apache.sshd.server.auth.pubkey.CachingPublicKeyAuthenticator; import org.bouncycastle.openssl.PEMWriter; @@ -92,9 +94,11 @@ public class SshDaemon { IStoredSettings settings = gitblit.getSettings(); // Ensure that Bouncy Castle is our JCE provider - SecurityUtils.setRegisterBouncyCastle(true); + SecurityUtils.registerSecurityProvider(new BouncyCastleSecurityProviderRegistrar()); + // Add support for ED25519_SHA512 + SecurityUtils.registerSecurityProvider(new EdDSASecurityProviderRegistrar()); if (SecurityUtils.isBouncyCastleRegistered()) { - log.debug("BouncyCastle is registered as a JCE provider"); + log.info("BouncyCastle is registered as a JCE provider"); } // Generate host RSA and DSA keypairs and create the host keypair provider diff --git a/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java b/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java index 7c407d36..7ea0f248 100644 --- a/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java +++ b/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java @@ -57,6 +57,11 @@ public class WelcomeShell implements Factory<Command> { return new SendMessage(gitblit); } + @Override + public Command get() { + return create(); + } + private static class SendMessage implements Command, SessionAware { private final IPublicKeyManager km; |