diff options
author | Thomas Wolf <thomas.wolf@paranor.ch> | 2021-03-22 12:20:52 +0100 |
---|---|---|
committer | Thomas Wolf <thomas.wolf@paranor.ch> | 2021-04-01 19:01:32 +0200 |
commit | 2345cc88d0ed7b6d639ba7a1874f2200f3b21df1 (patch) | |
tree | 45baeb86596a2652ae89573bef25f7a09ef756c7 | |
parent | 0c91bf4e174013f0039f39349e8f83ff0d2e51c3 (diff) | |
download | jgit-2345cc88d0ed7b6d639ba7a1874f2200f3b21df1.tar.gz jgit-2345cc88d0ed7b6d639ba7a1874f2200f3b21df1.zip |
sshd: don't lock the known_hosts files on reading
Similar to git config file reading lock the file only when writing.
There may still be lock conflicts on writing, but those in the worst
case result in an entry not being added and thus being asked for later
again.
Because the OpenSshServerkeyDatabase and its HostKeyFiles may be (and
usually are) shared between different SSH sessions, we still need to
ensure in-process mutual exclusion.
Bug: 559548
Change-Id: I4af97628deff9eaac2520576917c856949f2680d
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
3 files changed, 10 insertions, 23 deletions
diff --git a/org.eclipse.jgit.ssh.apache/resources/org/eclipse/jgit/internal/transport/sshd/SshdText.properties b/org.eclipse.jgit.ssh.apache/resources/org/eclipse/jgit/internal/transport/sshd/SshdText.properties index 9c604f214f..5bc0867674 100644 --- a/org.eclipse.jgit.ssh.apache/resources/org/eclipse/jgit/internal/transport/sshd/SshdText.properties +++ b/org.eclipse.jgit.ssh.apache/resources/org/eclipse/jgit/internal/transport/sshd/SshdText.properties @@ -24,7 +24,6 @@ keyEncryptedPrompt=Passphrase keyEncryptedRetry=Encrypted key ''{0}'' could not be decrypted. Enter the passphrase again. keyLoadFailed=Could not load key ''{0}'' knownHostsCouldNotUpdate=Could not update known hosts file {0} -knownHostsFileLockedRead=Could not read known hosts file (locked) {0} knownHostsFileLockedUpdate=Could not update known hosts file (locked) {0} knownHostsFileReadFailed=Failed to read known hosts file {0} knownHostsInvalidLine=Known hosts file {0} contains invalid line {1} diff --git a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyDatabase.java b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyDatabase.java index 47e09b75d7..1a530b7743 100644 --- a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyDatabase.java +++ b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyDatabase.java @@ -21,6 +21,7 @@ import java.net.InetSocketAddress; import java.net.SocketAddress; import java.nio.file.Files; import java.nio.file.InvalidPathException; +import java.nio.file.NoSuchFileException; import java.nio.file.Path; import java.nio.file.Paths; import java.security.GeneralSecurityException; @@ -561,29 +562,17 @@ public class OpenSshServerKeyDatabase @Override public List<HostEntryPair> get() { Path path = getPath(); - try { - if (checkReloadRequired()) { - if (!Files.exists(path)) { - // Has disappeared. - resetReloadAttributes(); - return Collections.emptyList(); - } - LockFile lock = new LockFile(path.toFile()); - if (lock.lock()) { - try { - entries = reload(getPath()); - } finally { - lock.unlock(); - } - } else { - LOG.warn(format(SshdText.get().knownHostsFileLockedRead, - path)); + synchronized (this) { + try { + if (checkReloadRequired()) { + entries = reload(getPath()); } + } catch (IOException e) { + LOG.warn(format(SshdText.get().knownHostsFileReadFailed, + path)); } - } catch (IOException e) { - LOG.warn(format(SshdText.get().knownHostsFileReadFailed, path)); + return Collections.unmodifiableList(entries); } - return Collections.unmodifiableList(entries); } private List<HostEntryPair> reload(Path path) throws IOException { @@ -616,7 +605,7 @@ public class OpenSshServerKeyDatabase } } return newEntries; - } catch (FileNotFoundException e) { + } catch (FileNotFoundException | NoSuchFileException e) { resetReloadAttributes(); return Collections.emptyList(); } diff --git a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/SshdText.java b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/SshdText.java index 99e382aaec..73c2288ccc 100644 --- a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/SshdText.java +++ b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/SshdText.java @@ -44,7 +44,6 @@ public final class SshdText extends TranslationBundle { /***/ public String keyEncryptedRetry; /***/ public String keyLoadFailed; /***/ public String knownHostsCouldNotUpdate; - /***/ public String knownHostsFileLockedRead; /***/ public String knownHostsFileLockedUpdate; /***/ public String knownHostsFileReadFailed; /***/ public String knownHostsInvalidLine; |