summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java4
-rw-r--r--src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java2
-rw-r--r--src/main/java/com/gitblit/transport/ssh/SshDaemon.java4
-rw-r--r--src/main/java/com/gitblit/transport/ssh/SshDaemonClient.java2
-rw-r--r--src/main/java/com/gitblit/transport/ssh/SshServerSessionFactory.java10
-rw-r--r--src/test/java/com/gitblit/tests/SshDaemonTest.java5
-rw-r--r--src/test/java/com/gitblit/tests/SshUnitTest.java26
7 files changed, 37 insertions, 16 deletions
diff --git a/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java b/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java
index c62c4dee..9b494027 100644
--- a/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java
+++ b/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java
@@ -26,9 +26,9 @@ import java.util.TreeMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+import org.apache.sshd.common.config.keys.AuthorizedKeyEntry;
import org.apache.sshd.common.config.keys.KeyUtils;
import org.apache.sshd.common.util.GenericUtils;
-import org.apache.sshd.server.config.keys.AuthorizedKeyEntry;
import com.gitblit.IStoredSettings;
import com.gitblit.Keys;
@@ -212,7 +212,7 @@ public class LdapKeyManager extends IPublicKeyManager {
List<SshKey> keyList = new ArrayList<>(authorizedKeys.size());
for (GbAuthorizedKeyEntry keyEntry : authorizedKeys) {
try {
- SshKey key = new SshKey(keyEntry.resolvePublicKey());
+ SshKey key = new SshKey(keyEntry.resolvePublicKey(null));
key.setComment(keyEntry.getComment());
setKeyPermissions(key, keyEntry);
keyList.add(key);
diff --git a/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java b/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java
index 29f7750d..f2176cb0 100644
--- a/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java
+++ b/src/main/java/com/gitblit/transport/ssh/NonForwardingFilter.java
@@ -15,8 +15,8 @@
*/
package com.gitblit.transport.ssh;
-import org.apache.sshd.common.SshdSocketAddress;
import org.apache.sshd.common.session.Session;
+import org.apache.sshd.common.util.net.SshdSocketAddress;
import org.apache.sshd.server.forward.ForwardingFilter;
public class NonForwardingFilter implements ForwardingFilter {
diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
index 5a053781..63fa51dd 100644
--- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
+++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
@@ -31,7 +31,7 @@ import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory;
import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory;
import org.apache.sshd.common.util.SecurityUtils;
import org.apache.sshd.server.SshServer;
-import org.apache.sshd.server.auth.CachingPublicKeyAuthenticator;
+import org.apache.sshd.server.auth.pubkey.CachingPublicKeyAuthenticator;
import org.bouncycastle.openssl.PEMWriter;
import org.eclipse.jgit.internal.JGitText;
import org.slf4j.Logger;
@@ -158,7 +158,7 @@ public class SshDaemon {
log.info("SSH: adding GSSAPI authentication method.");
}
- sshd.setSessionFactory(new SshServerSessionFactory());
+ sshd.setSessionFactory(new SshServerSessionFactory(sshd));
sshd.setFileSystemFactory(new DisabledFilesystemFactory());
sshd.setTcpipForwardingFilter(new NonForwardingFilter());
sshd.setCommandFactory(new SshCommandFactory(gitblit, workQueue));
diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemonClient.java b/src/main/java/com/gitblit/transport/ssh/SshDaemonClient.java
index af25251b..7024a9a9 100644
--- a/src/main/java/com/gitblit/transport/ssh/SshDaemonClient.java
+++ b/src/main/java/com/gitblit/transport/ssh/SshDaemonClient.java
@@ -17,7 +17,7 @@ package com.gitblit.transport.ssh;
import java.net.SocketAddress;
-import org.apache.sshd.common.session.Session.AttributeKey;
+import org.apache.sshd.common.AttributeStore.AttributeKey;
import com.gitblit.models.UserModel;
diff --git a/src/main/java/com/gitblit/transport/ssh/SshServerSessionFactory.java b/src/main/java/com/gitblit/transport/ssh/SshServerSessionFactory.java
index bc67cec0..fb85781a 100644
--- a/src/main/java/com/gitblit/transport/ssh/SshServerSessionFactory.java
+++ b/src/main/java/com/gitblit/transport/ssh/SshServerSessionFactory.java
@@ -22,7 +22,8 @@ import org.apache.sshd.common.future.CloseFuture;
import org.apache.sshd.common.future.SshFutureListener;
import org.apache.sshd.common.io.IoSession;
import org.apache.sshd.common.io.mina.MinaSession;
-import org.apache.sshd.common.session.AbstractSession;
+import org.apache.sshd.server.ServerFactoryManager;
+import org.apache.sshd.server.session.ServerSessionImpl;
import org.apache.sshd.server.session.SessionFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -36,11 +37,12 @@ public class SshServerSessionFactory extends SessionFactory {
private final Logger log = LoggerFactory.getLogger(getClass());
- public SshServerSessionFactory() {
+ public SshServerSessionFactory(ServerFactoryManager server) {
+ super(server);
}
@Override
- protected AbstractSession createSession(final IoSession io) throws Exception {
+ protected ServerSessionImpl createSession(final IoSession io) throws Exception {
log.info("creating ssh session from {}", io.getRemoteAddress());
if (io instanceof MinaSession) {
@@ -66,7 +68,7 @@ public class SshServerSessionFactory extends SessionFactory {
}
@Override
- protected AbstractSession doCreateSession(IoSession ioSession) throws Exception {
+ protected ServerSessionImpl doCreateSession(IoSession ioSession) throws Exception {
return new SshServerSession(getServer(), ioSession);
}
}
diff --git a/src/test/java/com/gitblit/tests/SshDaemonTest.java b/src/test/java/com/gitblit/tests/SshDaemonTest.java
index c5deb7d5..c7d06198 100644
--- a/src/test/java/com/gitblit/tests/SshDaemonTest.java
+++ b/src/test/java/com/gitblit/tests/SshDaemonTest.java
@@ -44,9 +44,9 @@ public class SshDaemonTest extends SshUnitTest {
@Test
public void testPublicKeyAuthentication() throws Exception {
SshClient client = getClient();
- ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).await().getSession();
+ ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).verify().getSession();
session.addPublicKeyIdentity(rwKeyPair);
- assertTrue(session.auth().await().isSuccess());
+ assertTrue(session.auth().await());
}
@Test
@@ -64,6 +64,7 @@ public class SshDaemonTest extends SshUnitTest {
// set clone restriction
RepositoryModel model = repositories().getRepositoryModel("ticgit.git");
+ assertNotNull("Could not get repository modle for ticgit.git", model);
model.accessRestriction = AccessRestrictionType.CLONE;
model.authorizationControl = AuthorizationControl.NAMED;
repositories().updateRepositoryModel(model.name, model, false);
diff --git a/src/test/java/com/gitblit/tests/SshUnitTest.java b/src/test/java/com/gitblit/tests/SshUnitTest.java
index 27b4ec73..075ab43a 100644
--- a/src/test/java/com/gitblit/tests/SshUnitTest.java
+++ b/src/test/java/com/gitblit/tests/SshUnitTest.java
@@ -21,15 +21,21 @@ import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.Writer;
import java.net.SocketAddress;
+import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PublicKey;
+import java.util.EnumSet;
import java.util.concurrent.atomic.AtomicBoolean;
-import org.apache.sshd.client.ServerKeyVerifier;
import org.apache.sshd.client.SshClient;
import org.apache.sshd.client.channel.ClientChannel;
+import org.apache.sshd.client.channel.ClientChannelEvent;
+import org.apache.sshd.client.config.keys.ClientIdentityLoader;
+import org.apache.sshd.client.future.AuthFuture;
+import org.apache.sshd.client.keyverifier.ServerKeyVerifier;
import org.apache.sshd.client.session.ClientSession;
+import org.apache.sshd.common.config.keys.FilePasswordProvider;
import org.apache.sshd.common.util.SecurityUtils;
import org.junit.After;
import org.junit.AfterClass;
@@ -96,6 +102,16 @@ public abstract class SshUnitTest extends GitblitUnitTest {
protected SshClient getClient() {
SshClient client = SshClient.setUpDefaultClient();
+ client.setClientIdentityLoader(new ClientIdentityLoader() { // Ignore the files under ~/.ssh
+ @Override
+ public boolean isValidLocation(String location) throws IOException {
+ return true;
+ }
+ @Override
+ public KeyPair loadClientIdentity(String location, FilePasswordProvider provider) throws IOException, GeneralSecurityException {
+ return null;
+ }
+ });
client.setServerKeyVerifier(new ServerKeyVerifier() {
@Override
public boolean verifyServerKey(ClientSession sshClientSession, SocketAddress remoteAddress, PublicKey serverKey) {
@@ -112,9 +128,11 @@ public abstract class SshUnitTest extends GitblitUnitTest {
protected String testSshCommand(String cmd, String stdin) throws IOException, InterruptedException {
SshClient client = getClient();
- ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).await().getSession();
+ ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).verify().getSession();
session.addPublicKeyIdentity(rwKeyPair);
- assertTrue(session.auth().await().isSuccess());
+ AuthFuture authFuture = session.auth();
+ assertTrue(authFuture.await());
+ assertTrue(authFuture.isSuccess());
ClientChannel channel = session.createChannel(ClientChannel.CHANNEL_EXEC, cmd);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
@@ -131,7 +149,7 @@ public abstract class SshUnitTest extends GitblitUnitTest {
channel.setErr(err);
channel.open();
- channel.waitFor(ClientChannel.CLOSED, 0);
+ channel.waitFor(EnumSet.of(ClientChannelEvent.CLOSED, ClientChannelEvent.EOF), 0);
String result = out.toString().trim();
channel.close(false);
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-06 19:26:58 +0000