sshd: backport upstream fix for SSHD-1231

SSHD-1231[1] may lead to exceptions when trying to authenticate first
with an RSA key that is rejected by the server. The upstream fix is a
one-liner but unfortunately didn't make it into Apache MINA sshd 2.8.0.

Incorporate the upstream fix in JGitPublicKeyAuthentication, and add
a test case for this.

[1] https://issues.apache.org/jira/browse/SSHD-1231

Bug: 577545
Change-Id: Ia744cd4aa569bccd937c855f3bb45c0116915bad
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>

1 files changed, 14 insertions, 0 deletions

diff --git a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitPublicKeyAuthentication.java b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitPublicKeyAuthentication.java
index c082a9a963..2996a221ce 100644
--- a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitPublicKeyAuthentication.java
+++ b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitPublicKeyAuthentication.java
@@ -108,4 +108,18 @@ public class JGitPublicKeyAuthentication extends UserAuthPublicKey {
 			};
 		}
 	}
+
+	@Override
+	protected PublicKeyIdentity resolveAttemptedPublicKeyIdentity(
+			ClientSession session, String service) throws Exception {
+		PublicKeyIdentity result = super.resolveAttemptedPublicKeyIdentity(
+				session, service);
+		// This fixes SSHD-1231. Can be removed once we're using Apache MINA
+		// sshd > 2.8.0.
+		//
+		// See https://issues.apache.org/jira/browse/SSHD-1231
+		currentAlgorithms.clear();
+		return result;
+	}
+
 }