Decouple JSch from JGit Core

Motivation: JSch serves as 'default' implementations of the SSH
transport. If a client application does not use it then there is no need
to pull in this dependency.

Move the classes depending on JSch to an OSGi fragment extending the
org.eclipse.jgit bundle and keep them in the same package as before
since moving them to another package would break API. Defer moving them
to a separate package to the next major release.

Add a new feature org.eclipse.jgit.ssh.jsch feature to enable
installation. With that users can now decide which of the ssh client
integrations (JCraft JSch or Apache Mina SSHD) they want to install.
We will remove the JCraft JSch integration in a later step due to the
reasons discussed in bug 520927.

Bug: 553625
Change-Id: I5979c8a9dbbe878a2e8ac0fbfde7230059d74dc2
Also-by: Michael Dardis <git@md-5.net>
Signed-off-by: Michael Dardis <git@md-5.net>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Signed-off-by: David Ostrovsky <david@ostrovsky.org>

2 files changed, 0 insertions, 1230 deletions

diff --git a/org.eclipse.jgit.test/src/org/eclipse/jgit/transport/ssh/SshTestBase.java b/org.eclipse.jgit.test/src/org/eclipse/jgit/transport/ssh/SshTestBase.java
deleted file mode 100644
index c22c10cb7f..0000000000
--- a/org.eclipse.jgit.test/src/org/eclipse/jgit/transport/ssh/SshTestBase.java
+++ /dev/null
@@ -1,811 +0,0 @@
-/*
- * Copyright (C) 2018, Thomas Wolf <thomas.wolf@paranor.ch> and others
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Distribution License v. 1.0 which is available at
- * https://www.eclipse.org/org/documents/edl-v10.php.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-package org.eclipse.jgit.transport.ssh;
-
-import static java.nio.charset.StandardCharsets.UTF_8;
-import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assume.assumeTrue;
-
-import java.io.File;
-import java.io.IOException;
-import java.nio.file.Files;
-import java.util.List;
-import java.util.Locale;
-
-import org.eclipse.jgit.api.errors.TransportException;
-import org.eclipse.jgit.transport.CredentialItem;
-import org.eclipse.jgit.transport.JschConfigSessionFactory;
-import org.junit.Test;
-import org.junit.experimental.theories.DataPoints;
-import org.junit.experimental.theories.Theory;
-
-/**
- * The ssh tests. Concrete subclasses can re-use these tests by implementing the
- * abstract operations from {@link SshTestHarness}. This gives a way to test
- * different ssh clients against a unified test suite.
- */
-public abstract class SshTestBase extends SshTestHarness {
-
-	@DataPoints
-	public static String[] KEY_RESOURCES = { //
-			"id_dsa", //
-			"id_rsa_1024", //
-			"id_rsa_2048", //
-			"id_rsa_3072", //
-			"id_rsa_4096", //
-			"id_ecdsa_256", //
-			"id_ecdsa_384", //
-			"id_ecdsa_521", //
-			"id_ed25519", //
-			// And now encrypted. Passphrase is "testpass".
-			"id_dsa_testpass", //
-			"id_rsa_1024_testpass", //
-			"id_rsa_2048_testpass", //
-			"id_rsa_3072_testpass", //
-			"id_rsa_4096_testpass", //
-			"id_ecdsa_256_testpass", //
-			"id_ecdsa_384_testpass", //
-			"id_ecdsa_521_testpass", //
-			"id_ed25519_testpass", //
-			"id_ed25519_expensive_testpass" };
-
-	protected File defaultCloneDir;
-
-	@Override
-	public void setUp() throws Exception {
-		super.setUp();
-		defaultCloneDir = new File(getTemporaryDirectory(), "cloned");
-	}
-
-	@Test(expected = TransportException.class)
-	public void testSshWithoutConfig() throws Exception {
-		cloneWith("ssh://" + TEST_USER + "@localhost:" + testPort
-				+ "/doesntmatter", defaultCloneDir, null);
-	}
-
-	@Test
-	public void testSshWithGlobalIdentity() throws Exception {
-		cloneWith(
-				"ssh://" + TEST_USER + "@localhost:" + testPort
-						+ "/doesntmatter",
-				defaultCloneDir, null,
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test
-	public void testSshWithDefaultIdentity() throws Exception {
-		File idRsa = new File(privateKey1.getParentFile(), "id_rsa");
-		Files.copy(privateKey1.toPath(), idRsa.toPath());
-		// We expect the session factory to pick up these keys...
-		cloneWith("ssh://" + TEST_USER + "@localhost:" + testPort
-				+ "/doesntmatter", defaultCloneDir, null);
-	}
-
-	@Test
-	public void testSshWithConfig() throws Exception {
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test
-	public void testSshWithConfigEncryptedUnusedKey() throws Exception {
-		// Copy the encrypted test key from the bundle.
-		File encryptedKey = new File(sshDir, "id_dsa");
-		copyTestResource("id_dsa_testpass", encryptedKey);
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"testpass");
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, provider, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-		assertEquals("CredentialsProvider should not have been called", 0,
-				provider.getLog().size());
-	}
-
-	@Test
-	public void testSshWithConfigEncryptedUnusedKeyInConfigLast()
-			throws Exception {
-		// Copy the encrypted test key from the bundle.
-		File encryptedKey = new File(sshDir, "id_dsa_test_key");
-		copyTestResource("id_dsa_testpass", encryptedKey);
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"testpass");
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, provider, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath(),
-				"IdentityFile " + encryptedKey.getAbsolutePath());
-		// This test passes with JSch per chance because JSch completely ignores
-		// the second IdentityFile
-		assertEquals("CredentialsProvider should not have been called", 0,
-				provider.getLog().size());
-	}
-
-	@Test
-	public void testSshWithConfigEncryptedUnusedKeyInConfigFirst()
-			throws Exception {
-		// Test cannot pass with JSch; it handles only one IdentityFile.
-		// assumeTrue(!(getSessionFactory() instanceof
-		// JschConfigSessionFactory)); gives in bazel a failure with "Never
-		// found parameters that satisfied method assumptions."
-		// In maven it's fine!?
-		if (getSessionFactory() instanceof JschConfigSessionFactory) {
-			return;
-		}
-		// Copy the encrypted test key from the bundle.
-		File encryptedKey = new File(sshDir, "id_dsa_test_key");
-		copyTestResource("id_dsa_testpass", encryptedKey);
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"testpass");
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, provider, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + encryptedKey.getAbsolutePath(),
-				"IdentityFile " + privateKey1.getAbsolutePath());
-		assertEquals("CredentialsProvider should have been called once", 1,
-				provider.getLog().size());
-	}
-
-	@Test
-	public void testSshEncryptedUsedKeyCached() throws Exception {
-		// Make sure we are asked for the password only once if we do several
-		// operations with an encrypted key.
-		File encryptedKey = new File(sshDir, "id_dsa_test_key");
-		copyTestResource("id_dsa_testpass", encryptedKey);
-		File encryptedPublicKey = new File(sshDir, "id_dsa_test_key.pub");
-		copyTestResource("id_dsa_testpass.pub", encryptedPublicKey);
-		server.setTestUserPublicKey(encryptedPublicKey.toPath());
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"testpass");
-		pushTo(provider,
-				cloneWith("ssh://localhost/doesntmatter", //
-						defaultCloneDir, provider, //
-						"Host localhost", //
-						"HostName localhost", //
-						"Port " + testPort, //
-						"User " + TEST_USER, //
-						"IdentityFile " + encryptedKey.getAbsolutePath()));
-		assertEquals("CredentialsProvider should have been called once", 1,
-				provider.getLog().size());
-	}
-
-	@Test(expected = TransportException.class)
-	public void testSshEncryptedUsedKeyWrongPassword() throws Exception {
-		File encryptedKey = new File(sshDir, "id_dsa_test_key");
-		copyTestResource("id_dsa_testpass", encryptedKey);
-		File encryptedPublicKey = new File(sshDir, "id_dsa_test_key.pub");
-		copyTestResource("id_dsa_testpass.pub", encryptedPublicKey);
-		server.setTestUserPublicKey(encryptedPublicKey.toPath());
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"wrongpass");
-		cloneWith("ssh://localhost/doesntmatter", //
-				defaultCloneDir, provider, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"NumberOfPasswordPrompts 1", //
-				"IdentityFile " + encryptedKey.getAbsolutePath());
-	}
-
-	@Test
-	public void testSshEncryptedUsedKeySeveralPassword() throws Exception {
-		File encryptedKey = new File(sshDir, "id_dsa_test_key");
-		copyTestResource("id_dsa_testpass", encryptedKey);
-		File encryptedPublicKey = new File(sshDir, "id_dsa_test_key.pub");
-		copyTestResource("id_dsa_testpass.pub", encryptedPublicKey);
-		server.setTestUserPublicKey(encryptedPublicKey.toPath());
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"wrongpass", "wrongpass2", "testpass");
-		cloneWith("ssh://localhost/doesntmatter", //
-				defaultCloneDir, provider, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + encryptedKey.getAbsolutePath());
-		assertEquals("CredentialsProvider should have been called 3 times", 3,
-				provider.getLog().size());
-	}
-
-	@Test(expected = TransportException.class)
-	public void testSshWithoutKnownHosts() throws Exception {
-		assertTrue("Could not delete known_hosts", knownHosts.delete());
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test
-	public void testSshWithoutKnownHostsWithProviderAsk()
-			throws Exception {
-		File copiedHosts = new File(knownHosts.getParentFile(),
-				"copiedKnownHosts");
-		assertTrue("Failed to rename known_hosts",
-				knownHosts.renameTo(copiedHosts));
-		// The provider will answer "yes" to all questions, so we should be able
-		// to connect and end up with a new known_hosts file with the host key.
-		TestCredentialsProvider provider = new TestCredentialsProvider();
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, provider, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-		List<LogEntry> messages = provider.getLog();
-		assertFalse("Expected user interaction", messages.isEmpty());
-		if (getSessionFactory() instanceof JschConfigSessionFactory) {
-			// JSch doesn't create a non-existing file.
-			assertEquals("Expected to be asked about the key", 1,
-					messages.size());
-			return;
-		}
-		assertEquals(
-				"Expected to be asked about the key, and the file creation",
-				2, messages.size());
-		assertTrue("~/.ssh/known_hosts should exist now", knownHosts.exists());
-		// Instead of checking the file contents, let's just clone again
-		// without provider. If it works, the server host key was written
-		// correctly.
-		File clonedAgain = new File(getTemporaryDirectory(), "cloned2");
-		cloneWith("ssh://localhost/doesntmatter", clonedAgain, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test
-	public void testSshWithoutKnownHostsWithProviderAcceptNew()
-			throws Exception {
-		File copiedHosts = new File(knownHosts.getParentFile(),
-				"copiedKnownHosts");
-		assertTrue("Failed to rename known_hosts",
-				knownHosts.renameTo(copiedHosts));
-		TestCredentialsProvider provider = new TestCredentialsProvider();
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, provider, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"StrictHostKeyChecking accept-new", //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-		if (getSessionFactory() instanceof JschConfigSessionFactory) {
-			// JSch doesn't create new files.
-			assertTrue("CredentialsProvider not called",
-					provider.getLog().isEmpty());
-			return;
-		}
-		assertEquals("Expected to be asked about the file creation", 1,
-				provider.getLog().size());
-		assertTrue("~/.ssh/known_hosts should exist now", knownHosts.exists());
-		// Instead of checking the file contents, let's just clone again
-		// without provider. If it works, the server host key was written
-		// correctly.
-		File clonedAgain = new File(getTemporaryDirectory(), "cloned2");
-		cloneWith("ssh://localhost/doesntmatter", clonedAgain, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test(expected = TransportException.class)
-	public void testSshWithoutKnownHostsDeny() throws Exception {
-		File copiedHosts = new File(knownHosts.getParentFile(),
-				"copiedKnownHosts");
-		assertTrue("Failed to rename known_hosts",
-				knownHosts.renameTo(copiedHosts));
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"StrictHostKeyChecking yes", //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test(expected = TransportException.class)
-	public void testSshModifiedHostKeyDeny()
-			throws Exception {
-		File copiedHosts = new File(knownHosts.getParentFile(),
-				"copiedKnownHosts");
-		assertTrue("Failed to rename known_hosts",
-				knownHosts.renameTo(copiedHosts));
-		// Now produce a new known_hosts file containing some other key.
-		createKnownHostsFile(knownHosts, "localhost", testPort, publicKey1);
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"StrictHostKeyChecking yes", //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test(expected = TransportException.class)
-	public void testSshModifiedHostKeyWithProviderDeny() throws Exception {
-		File copiedHosts = new File(knownHosts.getParentFile(),
-				"copiedKnownHosts");
-		assertTrue("Failed to rename known_hosts",
-				knownHosts.renameTo(copiedHosts));
-		// Now produce a new known_hosts file containing some other key.
-		createKnownHostsFile(knownHosts, "localhost", testPort, publicKey1);
-		TestCredentialsProvider provider = new TestCredentialsProvider();
-		try {
-			cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, provider, //
-					"Host localhost", //
-					"HostName localhost", //
-					"Port " + testPort, //
-					"User " + TEST_USER, //
-					"StrictHostKeyChecking yes", //
-					"IdentityFile " + privateKey1.getAbsolutePath());
-		} catch (Exception e) {
-			assertEquals("Expected to be told about the modified key", 1,
-					provider.getLog().size());
-			assertTrue("Only messages expected", provider.getLog().stream()
-					.flatMap(l -> l.getItems().stream()).allMatch(
-							c -> c instanceof CredentialItem.InformationalMessage));
-			throw e;
-		}
-	}
-
-	private void checkKnownHostsModifiedHostKey(File backup, File newFile,
-			String wrongKey) throws IOException {
-		List<String> oldLines = Files.readAllLines(backup.toPath(), UTF_8);
-		// Find the original entry. We should have that again in known_hosts.
-		String oldKeyPart = null;
-		for (String oldLine : oldLines) {
-			if (oldLine.contains("[localhost]:")) {
-				String[] parts = oldLine.split("\\s+");
-				if (parts.length > 2) {
-					oldKeyPart = parts[parts.length - 2] + ' '
-							+ parts[parts.length - 1];
-					break;
-				}
-			}
-		}
-		assertNotNull("Old key not found", oldKeyPart);
-		List<String> newLines = Files.readAllLines(newFile.toPath(), UTF_8);
-		assertFalse("Old host key still found in known_hosts file" + newFile,
-				hasHostKey("localhost", testPort, wrongKey, newLines));
-		assertTrue("New host key not found in known_hosts file" + newFile,
-				hasHostKey("localhost", testPort, oldKeyPart, newLines));
-
-	}
-
-	@Test
-	public void testSshModifiedHostKeyAllow() throws Exception {
-		assertTrue("Failed to delete known_hosts", knownHosts.delete());
-		createKnownHostsFile(knownHosts, "localhost", testPort, publicKey1);
-		File backup = new File(getTemporaryDirectory(), "backupKnownHosts");
-		Files.copy(knownHosts.toPath(), backup.toPath());
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"StrictHostKeyChecking no", //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-		// File should not have been updated!
-		String[] oldLines = Files
-				.readAllLines(backup.toPath(), UTF_8)
-				.toArray(new String[0]);
-		String[] newLines = Files
-				.readAllLines(knownHosts.toPath(), UTF_8)
-				.toArray(new String[0]);
-		assertArrayEquals("Known hosts file should not be modified", oldLines,
-				newLines);
-	}
-
-	@Test
-	public void testSshModifiedHostKeyAsk() throws Exception {
-		File copiedHosts = new File(knownHosts.getParentFile(),
-				"copiedKnownHosts");
-		assertTrue("Failed to rename known_hosts",
-				knownHosts.renameTo(copiedHosts));
-		String wrongKeyPart = createKnownHostsFile(knownHosts, "localhost",
-				testPort, publicKey1);
-		TestCredentialsProvider provider = new TestCredentialsProvider();
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, provider, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-		checkKnownHostsModifiedHostKey(copiedHosts, knownHosts, wrongKeyPart);
-		assertEquals("Expected to be asked about the modified key", 1,
-				provider.getLog().size());
-	}
-
-	@Test
-	public void testSshCloneWithConfigAndPush() throws Exception {
-		pushTo(cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath()));
-	}
-
-	@Test
-	public void testSftpWithConfig() throws Exception {
-		cloneWith("sftp://localhost/.git", defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test
-	public void testSftpCloneWithConfigAndPush() throws Exception {
-		pushTo(cloneWith("sftp://localhost/.git", defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath()));
-	}
-
-	@Test(expected = TransportException.class)
-	public void testSshWithConfigWrongKey() throws Exception {
-		cloneWith("ssh://localhost/doesntmatter", defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey2.getAbsolutePath());
-	}
-
-	@Test
-	public void testSshWithWrongUserNameInConfig() throws Exception {
-		// Bug 526778
-		cloneWith(
-				"ssh://" + TEST_USER + "@localhost:" + testPort
-						+ "/doesntmatter",
-				defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"User sombody_else", //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test
-	public void testSshWithWrongPortInConfig() throws Exception {
-		// Bug 526778
-		cloneWith(
-				"ssh://" + TEST_USER + "@localhost:" + testPort
-						+ "/doesntmatter",
-				defaultCloneDir, null, //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port 22", //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test
-	public void testSshWithAliasInConfig() throws Exception {
-		// Bug 531118
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath(), "", //
-				"Host localhost", //
-				"HostName localhost", //
-				"Port 22", //
-				"User someone_else", //
-				"IdentityFile " + privateKey2.getAbsolutePath());
-	}
-
-	@Test
-	public void testSshWithUnknownCiphersInConfig() throws Exception {
-		// Bug 535672
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath(), //
-				"Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr");
-	}
-
-	@Test
-	public void testSshWithUnknownHostKeyAlgorithmsInConfig()
-			throws Exception {
-		// Bug 535672
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath(), //
-				"HostKeyAlgorithms foobar,ssh-rsa,ssh-dss");
-	}
-
-	@Test
-	public void testSshWithUnknownKexAlgorithmsInConfig()
-			throws Exception {
-		// Bug 535672
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath(), //
-				"KexAlgorithms foobar,diffie-hellman-group14-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521");
-	}
-
-	@Test
-	public void testSshWithMinimalHostKeyAlgorithmsInConfig()
-			throws Exception {
-		// Bug 537790
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath(), //
-				"HostKeyAlgorithms ssh-rsa,ssh-dss");
-	}
-
-	@Test
-	public void testSshWithUnknownAuthInConfig() throws Exception {
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath(), //
-				"PreferredAuthentications gssapi-with-mic,hostbased,publickey,keyboard-interactive,password");
-	}
-
-	@Test(expected = TransportException.class)
-	public void testSshWithNoMatchingAuthInConfig() throws Exception {
-		// Server doesn't do password, and anyway we set no password.
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath(), //
-				"PreferredAuthentications password");
-	}
-
-	@Test
-	public void testRsaHostKeySecond() throws Exception {
-		// See https://git.eclipse.org/r/#/c/130402/ : server has EcDSA
-		// (preferred), RSA, we have RSA in known_hosts: client and server
-		// should agree on RSA.
-		File newHostKey = new File(getTemporaryDirectory(), "newhostkey");
-		copyTestResource("id_ecdsa_256", newHostKey);
-		server.addHostKey(newHostKey.toPath(), true);
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test
-	public void testEcDsaHostKey() throws Exception {
-		// See https://git.eclipse.org/r/#/c/130402/ : server has RSA
-		// (preferred), EcDSA, we have EcDSA in known_hosts: client and server
-		// should agree on EcDSA.
-		File newHostKey = new File(getTemporaryDirectory(), "newhostkey");
-		copyTestResource("id_ecdsa_256", newHostKey);
-		server.addHostKey(newHostKey.toPath(), false);
-		File newHostKeyPub = new File(getTemporaryDirectory(),
-				"newhostkey.pub");
-		copyTestResource("id_ecdsa_256.pub", newHostKeyPub);
-		createKnownHostsFile(knownHosts, "localhost", testPort, newHostKeyPub);
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, null, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"IdentityFile " + privateKey1.getAbsolutePath());
-	}
-
-	@Test
-	public void testPasswordAuth() throws Exception {
-		server.enablePasswordAuthentication();
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				TEST_USER.toUpperCase(Locale.ROOT));
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, provider, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"PreferredAuthentications password");
-	}
-
-	@Test
-	public void testPasswordAuthSeveralTimes() throws Exception {
-		server.enablePasswordAuthentication();
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"wrongpass", "wrongpass", TEST_USER.toUpperCase(Locale.ROOT));
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, provider, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"PreferredAuthentications password");
-	}
-
-	@Test(expected = TransportException.class)
-	public void testPasswordAuthWrongPassword() throws Exception {
-		server.enablePasswordAuthentication();
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"wrongpass");
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, provider, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"PreferredAuthentications password");
-	}
-
-	@Test(expected = TransportException.class)
-	public void testPasswordAuthNoPassword() throws Exception {
-		server.enablePasswordAuthentication();
-		TestCredentialsProvider provider = new TestCredentialsProvider();
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, provider, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"PreferredAuthentications password");
-	}
-
-	@Test(expected = TransportException.class)
-	public void testPasswordAuthCorrectPasswordTooLate() throws Exception {
-		server.enablePasswordAuthentication();
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"wrongpass", "wrongpass", "wrongpass",
-				TEST_USER.toUpperCase(Locale.ROOT));
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, provider, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"PreferredAuthentications password");
-	}
-
-	@Test
-	public void testKeyboardInteractiveAuth() throws Exception {
-		server.enableKeyboardInteractiveAuthentication();
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				TEST_USER.toUpperCase(Locale.ROOT));
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, provider, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"PreferredAuthentications keyboard-interactive");
-	}
-
-	@Test
-	public void testKeyboardInteractiveAuthSeveralTimes() throws Exception {
-		server.enableKeyboardInteractiveAuthentication();
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"wrongpass", "wrongpass", TEST_USER.toUpperCase(Locale.ROOT));
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, provider, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"PreferredAuthentications keyboard-interactive");
-	}
-
-	@Test(expected = TransportException.class)
-	public void testKeyboardInteractiveAuthWrongPassword() throws Exception {
-		server.enableKeyboardInteractiveAuthentication();
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"wrongpass");
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, provider, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"PreferredAuthentications keyboard-interactive");
-	}
-
-	@Test(expected = TransportException.class)
-	public void testKeyboardInteractiveAuthNoPassword() throws Exception {
-		server.enableKeyboardInteractiveAuthentication();
-		TestCredentialsProvider provider = new TestCredentialsProvider();
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, provider, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"PreferredAuthentications keyboard-interactive");
-	}
-
-	@Test(expected = TransportException.class)
-	public void testKeyboardInteractiveAuthCorrectPasswordTooLate()
-			throws Exception {
-		server.enableKeyboardInteractiveAuthentication();
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"wrongpass", "wrongpass", "wrongpass",
-				TEST_USER.toUpperCase(Locale.ROOT));
-		cloneWith("ssh://git/doesntmatter", defaultCloneDir, provider, //
-				"Host git", //
-				"HostName localhost", //
-				"Port " + testPort, //
-				"User " + TEST_USER, //
-				"PreferredAuthentications keyboard-interactive");
-	}
-
-	@Theory
-	public void testSshKeys(String keyName) throws Exception {
-		// JSch fails on ECDSA 384/521 keys. Compare
-		// https://sourceforge.net/p/jsch/patches/10/
-		assumeTrue(!(getSessionFactory() instanceof JschConfigSessionFactory
-				&& (keyName.contains("ed25519")
-						|| keyName.startsWith("id_ecdsa_384")
-						|| keyName.startsWith("id_ecdsa_521"))));
-		File cloned = new File(getTemporaryDirectory(), "cloned");
-		String keyFileName = keyName + "_key";
-		File privateKey = new File(sshDir, keyFileName);
-		copyTestResource(keyName, privateKey);
-		File publicKey = new File(sshDir, keyFileName + ".pub");
-		copyTestResource(keyName + ".pub", publicKey);
-		server.setTestUserPublicKey(publicKey.toPath());
-		TestCredentialsProvider provider = new TestCredentialsProvider(
-				"testpass");
-		pushTo(provider,
-				cloneWith("ssh://localhost/doesntmatter", //
-						cloned, provider, //
-						"Host localhost", //
-						"HostName localhost", //
-						"Port " + testPort, //
-						"User " + TEST_USER, //
-						"IdentityFile " + privateKey.getAbsolutePath()));
-		int expectedCalls = keyName.endsWith("testpass") ? 1 : 0;
-		assertEquals("Unexpected calls to CredentialsProvider", expectedCalls,
-				provider.getLog().size());
-		// Should now also work without credentials provider, even if the key
-		// was encrypted.
-		cloned = new File(getTemporaryDirectory(), "cloned2");
-		pushTo(null,
-				cloneWith("ssh://localhost/doesntmatter", //
-						cloned, null, //
-						"Host localhost", //
-						"HostName localhost", //
-						"Port " + testPort, //
-						"User " + TEST_USER, //
-						"IdentityFile " + privateKey.getAbsolutePath()));
-	}
-}
diff --git a/org.eclipse.jgit.test/src/org/eclipse/jgit/transport/ssh/SshTestHarness.java b/org.eclipse.jgit.test/src/org/eclipse/jgit/transport/ssh/SshTestHarness.java
deleted file mode 100644
index 632c24b890..0000000000
--- a/org.eclipse.jgit.test/src/org/eclipse/jgit/transport/ssh/SshTestHarness.java
+++ /dev/null
@@ -1,419 +0,0 @@
-/*
- * Copyright (C) 2018, Thomas Wolf <thomas.wolf@paranor.ch> and others
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Distribution License v. 1.0 which is available at
- * https://www.eclipse.org/org/documents/edl-v10.php.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-package org.eclipse.jgit.transport.ssh;
-
-import static java.nio.charset.StandardCharsets.US_ASCII;
-import static java.nio.charset.StandardCharsets.UTF_8;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotEquals;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.nio.file.Files;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Iterator;
-import java.util.List;
-
-import org.eclipse.jgit.api.CloneCommand;
-import org.eclipse.jgit.api.Git;
-import org.eclipse.jgit.api.PushCommand;
-import org.eclipse.jgit.api.ResetCommand.ResetType;
-import org.eclipse.jgit.errors.UnsupportedCredentialItem;
-import org.eclipse.jgit.junit.RepositoryTestCase;
-import org.eclipse.jgit.junit.ssh.SshTestGitServer;
-import org.eclipse.jgit.lib.Constants;
-import org.eclipse.jgit.lib.Repository;
-import org.eclipse.jgit.revwalk.RevCommit;
-import org.eclipse.jgit.transport.CredentialItem;
-import org.eclipse.jgit.transport.CredentialsProvider;
-import org.eclipse.jgit.transport.PushResult;
-import org.eclipse.jgit.transport.RemoteRefUpdate;
-import org.eclipse.jgit.transport.SshSessionFactory;
-import org.eclipse.jgit.transport.URIish;
-import org.eclipse.jgit.util.FS;
-import org.junit.After;
-
-import com.jcraft.jsch.JSch;
-import com.jcraft.jsch.KeyPair;
-
-/**
- * Root class for ssh tests. Sets up the ssh test server. A set of pre-computed
- * keys for testing is provided in the bundle and can be used in test cases via
- * {@link #copyTestResource(String, File)}. These test key files names have four
- * components, separated by a single underscore: "id", the algorithm, the bits
- * (if variable), and the password if the private key is encrypted. For instance
- * "{@code id_ecdsa_384_testpass}" is an encrypted ECDSA-384 key. The passphrase
- * to decrypt is "testpass". The key "{@code id_ecdsa_384}" is the same but
- * unencrypted. All keys were generated and encrypted via ssh-keygen. Note that
- * DSA and ec25519 have no "bits" component. Available keys are listed in
- * {@link SshTestBase#KEY_RESOURCES}.
- */
-public abstract class SshTestHarness extends RepositoryTestCase {
-
-	protected static final String TEST_USER = "testuser";
-
-	protected File sshDir;
-
-	protected File privateKey1;
-
-	protected File privateKey2;
-
-	protected File publicKey1;
-
-	protected SshTestGitServer server;
-
-	private SshSessionFactory factory;
-
-	protected int testPort;
-
-	protected File knownHosts;
-
-	private File homeDir;
-
-	@Override
-	public void setUp() throws Exception {
-		super.setUp();
-		writeTrashFile("file.txt", "something");
-		try (Git git = new Git(db)) {
-			git.add().addFilepattern("file.txt").call();
-			git.commit().setMessage("Initial commit").call();
-		}
-		mockSystemReader.setProperty("user.home",
-				getTemporaryDirectory().getAbsolutePath());
-		mockSystemReader.setProperty("HOME",
-				getTemporaryDirectory().getAbsolutePath());
-		homeDir = FS.DETECTED.userHome();
-		FS.DETECTED.setUserHome(getTemporaryDirectory().getAbsoluteFile());
-		sshDir = new File(getTemporaryDirectory(), ".ssh");
-		assertTrue(sshDir.mkdir());
-		File serverDir = new File(getTemporaryDirectory(), "srv");
-		assertTrue(serverDir.mkdir());
-		// Create two key pairs. Let's not call them "id_rsa".
-		privateKey1 = new File(sshDir, "first_key");
-		privateKey2 = new File(sshDir, "second_key");
-		publicKey1 = createKeyPair(privateKey1);
-		createKeyPair(privateKey2);
-		ByteArrayOutputStream publicHostKey = new ByteArrayOutputStream();
-		// Start a server with our test user and the first key.
-		server = new SshTestGitServer(TEST_USER, publicKey1.toPath(), db,
-				createHostKey(publicHostKey));
-		testPort = server.start();
-		assertTrue(testPort > 0);
-		knownHosts = new File(sshDir, "known_hosts");
-		Files.write(knownHosts.toPath(), Collections.singleton("[localhost]:"
-				+ testPort + ' '
-				+ publicHostKey.toString(US_ASCII.name())));
-		factory = createSessionFactory();
-		SshSessionFactory.setInstance(factory);
-	}
-
-	private static File createKeyPair(File privateKeyFile) throws Exception {
-		// Found no way to do this with MINA sshd except rolling it all
-		// ourselves...
-		JSch jsch = new JSch();
-		KeyPair pair = KeyPair.genKeyPair(jsch, KeyPair.RSA, 2048);
-		try (OutputStream out = new FileOutputStream(privateKeyFile)) {
-			pair.writePrivateKey(out);
-		}
-		File publicKeyFile = new File(privateKeyFile.getParentFile(),
-				privateKeyFile.getName() + ".pub");
-		try (OutputStream out = new FileOutputStream(publicKeyFile)) {
-			pair.writePublicKey(out, TEST_USER);
-		}
-		return publicKeyFile;
-	}
-
-	private static byte[] createHostKey(OutputStream publicKey)
-			throws Exception {
-		JSch jsch = new JSch();
-		KeyPair pair = KeyPair.genKeyPair(jsch, KeyPair.RSA, 2048);
-		pair.writePublicKey(publicKey, "");
-		try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
-			pair.writePrivateKey(out);
-			out.flush();
-			return out.toByteArray();
-		}
-	}
-
-	/**
-	 * Creates a new known_hosts file with one entry for the given host and port
-	 * taken from the given public key file.
-	 *
-	 * @param file
-	 *            to write the known_hosts file to
-	 * @param host
-	 *            for the entry
-	 * @param port
-	 *            for the entry
-	 * @param publicKey
-	 *            to use
-	 * @return the public-key part of the line
-	 * @throws IOException
-	 */
-	protected static String createKnownHostsFile(File file, String host,
-			int port, File publicKey) throws IOException {
-		List<String> lines = Files.readAllLines(publicKey.toPath(), UTF_8);
-		assertEquals("Public key has too many lines", 1, lines.size());
-		String pubKey = lines.get(0);
-		// Strip off the comment.
-		String[] parts = pubKey.split("\\s+");
-		assertTrue("Unexpected key content",
-				parts.length == 2 || parts.length == 3);
-		String keyPart = parts[0] + ' ' + parts[1];
-		String line = '[' + host + "]:" + port + ' ' + keyPart;
-		Files.write(file.toPath(), Collections.singletonList(line));
-		return keyPart;
-	}
-
-	/**
-	 * Checks whether there is a line for the given host and port that also
-	 * matches the given key part in the list of lines.
-	 *
-	 * @param host
-	 *            to look for
-	 * @param port
-	 *            to look for
-	 * @param keyPart
-	 *            to look for
-	 * @param lines
-	 *            to look in
-	 * @return {@code true} if found, {@code false} otherwise
-	 */
-	protected boolean hasHostKey(String host, int port, String keyPart,
-			List<String> lines) {
-		String h = '[' + host + "]:" + port;
-		return lines.stream()
-				.anyMatch(l -> l.contains(h) && l.contains(keyPart));
-	}
-
-	@After
-	public void shutdownServer() throws Exception {
-		if (server != null) {
-			server.stop();
-			server = null;
-		}
-		FS.DETECTED.setUserHome(homeDir);
-		SshSessionFactory.setInstance(null);
-		factory = null;
-	}
-
-	protected abstract SshSessionFactory createSessionFactory();
-
-	protected SshSessionFactory getSessionFactory() {
-		return factory;
-	}
-
-	protected abstract void installConfig(String... config);
-
-	/**
-	 * Copies a test data file contained in the test bundle to the given file.
-	 * Equivalent to {@link #copyTestResource(Class, String, File)} with
-	 * {@code SshTestHarness.class} as first parameter.
-	 *
-	 * @param resourceName
-	 *            of the test resource to copy
-	 * @param to
-	 *            file to copy the resource to
-	 * @throws IOException
-	 *             if the resource cannot be copied
-	 */
-	protected void copyTestResource(String resourceName, File to)
-			throws IOException {
-		copyTestResource(SshTestHarness.class, resourceName, to);
-	}
-
-	/**
-	 * Copies a test data file contained in the test bundle to the given file,
-	 * using {@link Class#getResourceAsStream(String)} to get the test resource.
-	 *
-	 * @param loader
-	 *            {@link Class} to use to load the resource
-	 * @param resourceName
-	 *            of the test resource to copy
-	 * @param to
-	 *            file to copy the resource to
-	 * @throws IOException
-	 *             if the resource cannot be copied
-	 */
-	protected void copyTestResource(Class<?> loader, String resourceName,
-			File to) throws IOException {
-		try (InputStream in = loader.getResourceAsStream(resourceName)) {
-			Files.copy(in, to.toPath());
-		}
-	}
-
-	protected File cloneWith(String uri, File to, CredentialsProvider provider,
-			String... config) throws Exception {
-		installConfig(config);
-		CloneCommand clone = Git.cloneRepository().setCloneAllBranches(true)
-				.setDirectory(to).setURI(uri);
-		if (provider != null) {
-			clone.setCredentialsProvider(provider);
-		}
-		try (Git git = clone.call()) {
-			Repository repo = git.getRepository();
-			assertNotNull(repo.resolve("master"));
-			assertNotEquals(db.getWorkTree(),
-					git.getRepository().getWorkTree());
-			assertTrue(new File(git.getRepository().getWorkTree(), "file.txt")
-					.exists());
-			return repo.getWorkTree();
-		}
-	}
-
-	protected void pushTo(File localClone) throws Exception {
-		pushTo(null, localClone);
-	}
-
-	protected void pushTo(CredentialsProvider provider, File localClone)
-			throws Exception {
-		RevCommit commit;
-		File newFile = null;
-		try (Git git = Git.open(localClone)) {
-			// Write a new file and modify a file.
-			Repository local = git.getRepository();
-			newFile = File.createTempFile("new", "sshtest",
-					local.getWorkTree());
-			write(newFile, "something new");
-			File existingFile = new File(local.getWorkTree(), "file.txt");
-			write(existingFile, "something else");
-			git.add().addFilepattern("file.txt")
-					.addFilepattern(newFile.getName())
-					.call();
-			commit = git.commit().setMessage("Local commit").call();
-			// Push
-			PushCommand push = git.push().setPushAll();
-			if (provider != null) {
-				push.setCredentialsProvider(provider);
-			}
-			Iterable<PushResult> results = push.call();
-			for (PushResult result : results) {
-				for (RemoteRefUpdate u : result.getRemoteUpdates()) {
-					assertEquals(
-							"Could not update " + u.getRemoteName() + ' '
-									+ u.getMessage(),
-							RemoteRefUpdate.Status.OK, u.getStatus());
-				}
-			}
-		}
-		// Now check "master" in the remote repo directly:
-		assertEquals("Unexpected remote commit", commit, db.resolve("master"));
-		assertEquals("Unexpected remote commit", commit,
-				db.resolve(Constants.HEAD));
-		File remoteFile = new File(db.getWorkTree(), newFile.getName());
-		assertFalse("File should not exist on remote", remoteFile.exists());
-		try (Git git = new Git(db)) {
-			git.reset().setMode(ResetType.HARD).setRef(Constants.HEAD).call();
-		}
-		assertTrue("File does not exist on remote", remoteFile.exists());
-		checkFile(remoteFile, "something new");
-	}
-
-	protected static class TestCredentialsProvider extends CredentialsProvider {
-
-		private final List<String> stringStore;
-
-		private final Iterator<String> strings;
-
-		public TestCredentialsProvider(String... strings) {
-			if (strings == null || strings.length == 0) {
-				stringStore = Collections.emptyList();
-			} else {
-				stringStore = Arrays.asList(strings);
-			}
-			this.strings = stringStore.iterator();
-		}
-
-		@Override
-		public boolean isInteractive() {
-			return true;
-		}
-
-		@Override
-		public boolean supports(CredentialItem... items) {
-			return true;
-		}
-
-		@Override
-		public boolean get(URIish uri, CredentialItem... items)
-				throws UnsupportedCredentialItem {
-			System.out.println("URI: " + uri);
-			for (CredentialItem item : items) {
-				System.out.println(item.getClass().getSimpleName() + ' '
-						+ item.getPromptText());
-			}
-			logItems(uri, items);
-			for (CredentialItem item : items) {
-				if (item instanceof CredentialItem.InformationalMessage) {
-					continue;
-				}
-				if (item instanceof CredentialItem.YesNoType) {
-					((CredentialItem.YesNoType) item).setValue(true);
-				} else if (item instanceof CredentialItem.CharArrayType) {
-					if (strings.hasNext()) {
-						((CredentialItem.CharArrayType) item)
-								.setValue(strings.next().toCharArray());
-					} else {
-						return false;
-					}
-				} else if (item instanceof CredentialItem.StringType) {
-					if (strings.hasNext()) {
-						((CredentialItem.StringType) item)
-								.setValue(strings.next());
-					} else {
-						return false;
-					}
-				} else {
-					return false;
-				}
-			}
-			return true;
-		}
-
-		private List<LogEntry> log = new ArrayList<>();
-
-		private void logItems(URIish uri, CredentialItem... items) {
-			log.add(new LogEntry(uri, Arrays.asList(items)));
-		}
-
-		public List<LogEntry> getLog() {
-			return log;
-		}
-	}
-
-	protected static class LogEntry {
-
-		private URIish uri;
-
-		private List<CredentialItem> items;
-
-		public LogEntry(URIish uri, List<CredentialItem> items) {
-			this.uri = uri;
-			this.items = items;
-		}
-
-		public URIish getURIish() {
-			return uri;
-		}
-
-		public List<CredentialItem> getItems() {
-			return items;
-		}
-	}
-}