Prevent double authentication for the same public key - gitblit.git - Pure java git solution: https://github.com/gitblit-org/gitblit

diff options

author	David Ostrovsky <david@ostrovsky.org>	2014-03-16 18:28:03 +0100
committer	James Moger <james.moger@gitblit.com>	2014-04-10 18:58:08 -0400
commit	75ebd391b88884581b1139c87c98bb687941a8fe (patch)
tree	0050f7a069c483de425e64c5714598a59413893f /src/test/java/com/gitblit
parent	282b8fd82c46ba6874fb24c8715af103645f3406 (diff)
download	gitblit-75ebd391b88884581b1139c87c98bb687941a8fe.tar.gz gitblit-75ebd391b88884581b1139c87c98bb687941a8fe.zip

Prevent double authentication for the same public key

Openssh client sends two requests, one without a key signature to verify that the public key is acceptable and the second one with the signature after having loaded the private key and signed some data for actual verification. To prevent that the PublickeyAuthenticator#authenticate is called twice cache the authentication status for session and public key. Implement SessionListener to clean up the cache entry when session is destroyed. This is a workaround for SSHD bug [1]. Inspired-By: Guillaume Nodet <gnodet@apache.org> [1] https://issues.apache.org/jira/browse/SSHD-300

Diffstat (limited to 'src/test/java/com/gitblit')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: