summaryrefslogtreecommitdiffstats
path: root/src/main
diff options
context:
space:
mode:
authorricardop <ricardo.pardini@me.com.br>2018-01-03 16:09:27 +0100
committerFlorian Zschocke <f.zschocke+git@gmail.com>2022-10-08 21:14:19 +0200
commit0f3fdd8d4d8884a821069b65e08cfe197bf45bd2 (patch)
tree5dce3f2f8b36a32c2bfa92ef297c794ddda889b2 /src/main
parent541472fe1d74130d8f0105331a1d16c07c676027 (diff)
downloadgitblit-0f3fdd8d4d8884a821069b65e08cfe197bf45bd2.tar.gz
gitblit-0f3fdd8d4d8884a821069b65e08cfe197bf45bd2.zip
upgrade to sshd 1.6.0, add eddsa dependency, upgrade jgit to 4.1.2
(cherry picked from commit d8fbdda2ab3fa48e92bdf37399d4b75c48409c5c@rpardini:master) # Conflicts: # .classpath # build.moxie # src/test/java/com/gitblit/tests/SshUnitTest.java
Diffstat (limited to 'src/main')
-rw-r--r--src/main/java/com/gitblit/transport/ssh/FileKeyPairProvider.java2
-rw-r--r--src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java32
-rw-r--r--src/main/java/com/gitblit/transport/ssh/SshDaemon.java10
-rw-r--r--src/main/java/com/gitblit/transport/ssh/WelcomeShell.java5
4 files changed, 29 insertions, 20 deletions
diff --git a/src/main/java/com/gitblit/transport/ssh/FileKeyPairProvider.java b/src/main/java/com/gitblit/transport/ssh/FileKeyPairProvider.java
index db0741e0..cc91bb8c 100644
--- a/src/main/java/com/gitblit/transport/ssh/FileKeyPairProvider.java
+++ b/src/main/java/com/gitblit/transport/ssh/FileKeyPairProvider.java
@@ -26,7 +26,7 @@ import java.util.Iterator;
import java.util.NoSuchElementException;
import org.apache.sshd.common.keyprovider.AbstractKeyPairProvider;
-import org.apache.sshd.common.util.SecurityUtils;
+import org.apache.sshd.common.util.security.SecurityUtils;
import org.bouncycastle.openssl.PEMDecryptorProvider;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMKeyPair;
diff --git a/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java b/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java
index f2176cb0..3164ad79 100644
--- a/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java
+++ b/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java
@@ -21,23 +21,23 @@ import org.apache.sshd.server.forward.ForwardingFilter;
public class NonForwardingFilter implements ForwardingFilter {
- @Override
- public boolean canConnect(Type type, SshdSocketAddress address, Session session) {
- return false;
- }
+ @Override
+ public boolean canConnect(Type type, SshdSocketAddress address, Session session) {
+ return false;
+ }
- @Override
- public boolean canForwardAgent(Session session) {
- return false;
- }
+ @Override
+ public boolean canForwardAgent(Session session, String requestType) {
+ return false;
+ }
- @Override
- public boolean canForwardX11(Session session) {
- return false;
- }
+ @Override
+ public boolean canForwardX11(Session session, String requestType) {
+ return false;
+ }
- @Override
- public boolean canListen(SshdSocketAddress address, Session session) {
- return false;
- }
+ @Override
+ public boolean canListen(SshdSocketAddress address, Session session) {
+ return false;
+ }
}
diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
index 63fa51dd..405c794e 100644
--- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
+++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
@@ -29,7 +29,9 @@ import java.util.concurrent.atomic.AtomicBoolean;
import org.apache.sshd.common.io.IoServiceFactoryFactory;
import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory;
import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory;
-import org.apache.sshd.common.util.SecurityUtils;
+import org.apache.sshd.common.util.security.SecurityUtils;
+import org.apache.sshd.common.util.security.bouncycastle.BouncyCastleSecurityProviderRegistrar;
+import org.apache.sshd.common.util.security.eddsa.EdDSASecurityProviderRegistrar;
import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.auth.pubkey.CachingPublicKeyAuthenticator;
import org.bouncycastle.openssl.PEMWriter;
@@ -92,9 +94,11 @@ public class SshDaemon {
IStoredSettings settings = gitblit.getSettings();
// Ensure that Bouncy Castle is our JCE provider
- SecurityUtils.setRegisterBouncyCastle(true);
+ SecurityUtils.registerSecurityProvider(new BouncyCastleSecurityProviderRegistrar());
+ // Add support for ED25519_SHA512
+ SecurityUtils.registerSecurityProvider(new EdDSASecurityProviderRegistrar());
if (SecurityUtils.isBouncyCastleRegistered()) {
- log.debug("BouncyCastle is registered as a JCE provider");
+ log.info("BouncyCastle is registered as a JCE provider");
}
// Generate host RSA and DSA keypairs and create the host keypair provider
diff --git a/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java b/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java
index 7c407d36..7ea0f248 100644
--- a/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java
+++ b/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java
@@ -57,6 +57,11 @@ public class WelcomeShell implements Factory<Command> {
return new SendMessage(gitblit);
}
+ @Override
+ public Command get() {
+ return create();
+ }
+
private static class SendMessage implements Command, SessionAware {
private final IPublicKeyManager km;