diff options
Diffstat (limited to 'org.eclipse.jgit.ssh.apache.test')
| -rw-r--r-- | org.eclipse.jgit.ssh.apache.test/META-INF/MANIFEST.MF | 29 | ||||
| -rw-r--r-- | org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/ApacheSshTest.java | 43 |
2 files changed, 58 insertions, 14 deletions
diff --git a/org.eclipse.jgit.ssh.apache.test/META-INF/MANIFEST.MF b/org.eclipse.jgit.ssh.apache.test/META-INF/MANIFEST.MF index 0070730123..1b885af926 100644 --- a/org.eclipse.jgit.ssh.apache.test/META-INF/MANIFEST.MF +++ b/org.eclipse.jgit.ssh.apache.test/META-INF/MANIFEST.MF @@ -7,19 +7,20 @@ Bundle-Version: 6.0.0.qualifier Bundle-Vendor: %Bundle-Vendor Bundle-Localization: plugin Bundle-RequiredExecutionEnvironment: JavaSE-1.8 -Import-Package: org.apache.sshd.client.config.hosts;version="[2.6.0,2.7.0)", - org.apache.sshd.common;version="[2.6.0,2.7.0)", - org.apache.sshd.common.auth;version="[2.6.0,2.7.0)", - org.apache.sshd.common.config.keys;version="[2.6.0,2.7.0)", - org.apache.sshd.common.helpers;version="[2.6.0,2.7.0)", - org.apache.sshd.common.keyprovider;version="[2.6.0,2.7.0)", - org.apache.sshd.common.session;version="[2.6.0,2.7.0)", - org.apache.sshd.common.signature;version="[2.6.0,2.7.0)", - org.apache.sshd.common.util.net;version="[2.6.0,2.7.0)", - org.apache.sshd.common.util.security;version="[2.6.0,2.7.0)", - org.apache.sshd.core;version="[2.6.0,2.7.0)", - org.apache.sshd.server;version="[2.6.0,2.7.0)", - org.apache.sshd.server.forward;version="[2.6.0,2.7.0)", +Import-Package: org.apache.sshd.client.config.hosts;version="[2.7.0,2.8.0)", + org.apache.sshd.common;version="[2.7.0,2.8.0)", + org.apache.sshd.common.auth;version="[2.7.0,2.8.0)", + org.apache.sshd.common.config.keys;version="[2.7.0,2.8.0)", + org.apache.sshd.common.helpers;version="[2.7.0,2.8.0)", + org.apache.sshd.common.kex;version="[2.7.0,2.8.0)", + org.apache.sshd.common.keyprovider;version="[2.7.0,2.8.0)", + org.apache.sshd.common.session;version="[2.7.0,2.8.0)", + org.apache.sshd.common.signature;version="[2.7.0,2.8.0)", + org.apache.sshd.common.util.net;version="[2.7.0,2.8.0)", + org.apache.sshd.common.util.security;version="[2.7.0,2.8.0)", + org.apache.sshd.core;version="[2.7.0,2.8.0)", + org.apache.sshd.server;version="[2.7.0,2.8.0)", + org.apache.sshd.server.forward;version="[2.7.0,2.8.0)", org.eclipse.jgit.api;version="[6.0.0,6.1.0)", org.eclipse.jgit.api.errors;version="[6.0.0,6.1.0)", org.eclipse.jgit.internal.transport.sshd.proxy;version="[6.0.0,6.1.0)", @@ -29,7 +30,7 @@ Import-Package: org.apache.sshd.client.config.hosts;version="[2.6.0,2.7.0)", org.eclipse.jgit.transport;version="[6.0.0,6.1.0)", org.eclipse.jgit.transport.sshd;version="[6.0.0,6.1.0)", org.eclipse.jgit.util;version="[6.0.0,6.1.0)", + org.hamcrest;version="[1.1.0,3.0.0)", org.junit;version="[4.13,5.0.0)", org.junit.experimental.theories;version="[4.13,5.0.0)", org.junit.runner;version="[4.13,5.0.0)" -Require-Bundle: org.hamcrest.core;bundle-version="[1.3.0,2.0.0)" diff --git a/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/ApacheSshTest.java b/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/ApacheSshTest.java index c56d2307c6..c1f5fef3cd 100644 --- a/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/ApacheSshTest.java +++ b/org.eclipse.jgit.ssh.apache.test/tst/org/eclipse/jgit/transport/sshd/ApacheSshTest.java @@ -34,13 +34,18 @@ import java.util.stream.Collectors; import org.apache.sshd.client.config.hosts.KnownHostEntry; import org.apache.sshd.client.config.hosts.KnownHostHashValue; +import org.apache.sshd.common.NamedFactory; import org.apache.sshd.common.config.keys.AuthorizedKeyEntry; import org.apache.sshd.common.config.keys.KeyUtils; import org.apache.sshd.common.config.keys.PublicKeyEntry; import org.apache.sshd.common.config.keys.PublicKeyEntryResolver; +import org.apache.sshd.common.kex.BuiltinDHFactories; +import org.apache.sshd.common.kex.DHFactory; +import org.apache.sshd.common.kex.KeyExchangeFactory; import org.apache.sshd.common.session.Session; import org.apache.sshd.common.util.net.SshdSocketAddress; import org.apache.sshd.server.ServerAuthenticationManager; +import org.apache.sshd.server.ServerBuilder; import org.apache.sshd.server.SshServer; import org.apache.sshd.server.forward.StaticDecisionForwardingFilter; import org.eclipse.jgit.api.Git; @@ -702,4 +707,42 @@ public class ApacheSshTest extends SshTestBase { session.disconnect(); } } + + /** + * Tests that one can log in at an even poorer server that also only has the + * SHA1 KEX methods available. Apparently this is the case for at least some + * Microsoft TFS instances. The user has to enable the poor KEX methods in + * the ssh config explicitly; we don't enable them by default. + * + * @throws Exception + * on failure + */ + @Test + public void testConnectOnlyRsaSha1() throws Exception { + try (SshServer oldServer = createServer(TEST_USER, publicKey1)) { + oldServer.setSignatureFactoriesNames("ssh-rsa"); + List<DHFactory> sha1Factories = BuiltinDHFactories + .parseDHFactoriesList( + "diffie-hellman-group1-sha1,diffie-hellman-group14-sha1") + .getParsedFactories(); + assertEquals(2, sha1Factories.size()); + List<KeyExchangeFactory> kexFactories = NamedFactory + .setUpTransformedFactories(true, sha1Factories, + ServerBuilder.DH2KEX); + oldServer.setKeyExchangeFactories(kexFactories); + oldServer.start(); + registerServer(oldServer); + installConfig("Host server", // + "HostName localhost", // + "Port " + oldServer.getPort(), // + "User " + TEST_USER, // + "IdentityFile " + privateKey1.getAbsolutePath(), // + "KexAlgorithms +diffie-hellman-group1-sha1"); + RemoteSession session = getSessionFactory().getSession( + new URIish("ssh://server/doesntmatter"), null, FS.DETECTED, + 10000); + assertNotNull(session); + session.disconnect(); + } + } } |