summaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit.ssh.apache.test/META-INF
Commit message (Collapse)AuthorAgeFilesLines
* Prepare 5.11.0-SNAPSHOT buildsMatthias Sohn2021-02-241-1/+1
| | | | | Change-Id: If3dbe084ee37ae4b993d3a10ec48b14e8709ff6d Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* JGit v5.11.0.202102240950-m3v5.11.0.202102240950-m3Matthias Sohn2021-02-241-1/+1
| | | | | Change-Id: Iea6b3515fa63db497989194b6bf50fe7324086d0 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Migrate to Apache MINA sshd 2.6.0 and Orbit I20210203173513David Ostrovsky2021-02-041-11/+12
| | | | | | | | | | | | | | | | | | Re-enable DSA, DSA_CERT, and RSA_CERT public key authentication. DSA is discouraged for a long time already, but it might still be way too disruptive to completely drop it. RSA is discouraged for far less long, and dropping that would be really disruptive. Adapt to the changed property handling. Remove work-arounds for shortcomings of earlier sshd versions. Use Orbit I20210203173513, which includes sshd 2.6.0. This also bumps apache.httpclient to 4.5.13 and apache.httpcore to 4.4.14. Change-Id: I2d24a1ce4cc9f616a94bb5c4bdaedbf20dc6638e Signed-off-by: David Ostrovsky <david@ostrovsky.org> Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.11.0-SNAPSHOT buildsMatthias Sohn2020-12-021-10/+10
| | | | | Change-Id: I91e5532526775191fbd34f81e2ef777cba605e3b Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* sshd: support the ProxyJump ssh configThomas Wolf2020-09-191-0/+2
| | | | | | | | | | | | | | This is useful to access git repositories behind a bastion server (jump host). Add a constant for the config; rewrite the whole connection initiation to parse the value and (recursively) set up the chain of hops. Add tests for a single hop and two different ways to configure a two-hop chain. The connection timeout applies to each hop in the chain individually. Change-Id: Idd25af95aa2ec5367404587e4e530b0663c03665 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Prepare 5.10.0-SNAPSHOT buildsMatthias Sohn2020-08-271-10/+10
| | | | | Change-Id: I9a2b39e9e85f27179ceb3b1709d75c466089a3bc Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Add a test for upstream bug SSHD-1028Thomas Wolf2020-07-031-0/+2
| | | | | | | | | SSHD-1028:[1] server doesn't close server-side sessions properly when client disconnects. [1] https://issues.apache.org/jira/projects/SSHD/issues/SSHD-1028 Change-Id: I0d67f49e35abe8375cb1370a494dc01d0fb2c9b1 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Prepare 5.9.0-SNAPSHOT buildsMatthias Sohn2020-06-091-9/+9
| | | | | Change-Id: Ia998e2772df1285a4c674b07201f15d53156eb78 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Decouple JSch from JGit CoreMatthias Sohn2020-06-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Motivation: JSch serves as 'default' implementations of the SSH transport. If a client application does not use it then there is no need to pull in this dependency. Move the classes depending on JSch to an OSGi fragment extending the org.eclipse.jgit bundle and keep them in the same package as before since moving them to another package would break API. Defer moving them to a separate package to the next major release. Add a new feature org.eclipse.jgit.ssh.jsch feature to enable installation. With that users can now decide which of the ssh client integrations (JCraft JSch or Apache Mina SSHD) they want to install. We will remove the JCraft JSch integration in a later step due to the reasons discussed in bug 520927. Bug: 553625 Change-Id: I5979c8a9dbbe878a2e8ac0fbfde7230059d74dc2 Also-by: Michael Dardis <git@md-5.net> Signed-off-by: Michael Dardis <git@md-5.net> Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Signed-off-by: David Ostrovsky <david@ostrovsky.org>
* Update to org.apache.sshd 2.4.0Thomas Wolf2020-03-221-8/+8
| | | | | | | | | | | | | | | | | Change target platforms to Orbit I20200319180910 and regenerate them. Change package imports to [2.4.0,2.5.0); adapt code to upstream API changes. Maven build: update version in root pom. Bazel build: update version & hash in WORKSPACE file. Proxy functionality verified manually using 3proxy (HTTP & SOCKS, with basic authentication) and ssh -vvv -D7020 localhost (SOCKS, no authentication). Bug: 561078 Change-Id: I582f6b98055b013c006f2c749890fe6db801cbaa Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Prepare 5.8.0-SNAPSHOT buildsMatthias Sohn2020-03-091-10/+10
| | | | | Change-Id: I056b45806a82eae80177932e42e3dc806015351a Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Update to Orbit I20200120214610 and JUnit to 4.13David Pursehouse2020-01-221-3/+3
| | | | | | | | | | Since version 4.13 JUnit has an assertThrows method. Remove the implementation in MoreAsserts and use the one from JUnit. CQ: 21439 Change-Id: I086baa94aa3069cebe87c4cbf91ed1534523c6cb Signed-off-by: David Pursehouse <david.pursehouse@gmail.com> Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.7.0-SNAPSHOT buildsMatthias Sohn2019-12-051-10/+10
| | | | | Change-Id: I7efa0cd08dee711d6fefc3e6bb478a3cb11fe85c Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Merge branch 'stable-5.5'Matthias Sohn2019-09-041-1/+9
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * stable-5.5: Prepare 5.4.4-SNAPSHOT builds JGit v5.4.3.201909031940-r Prepare 5.3.6-SNAPSHOT builds JGit v5.3.5.201909031855-r Prepare 5.1.12-SNAPSHOT builds JGit v5.1.11.201909031202-r Prepare 4.11.10-SNAPSHOT builds JGit v4.11.9.201909030838-r Bazel: Update bazlets to the latest master revision Bazel: Remove FileTreeIteratorWithTimeControl from BUILD file BatchRefUpdate: repro racy atomic update, and fix it Delete unused FileTreeIteratorWithTimeControl Fix RacyGitTests#testRacyGitDetection Change RacyGitTests to create a racy git situation in a stable way Silence API warnings sshd: fix proxy connections with the DefaultProxyDataFactory sshd: support the HashKnownHosts configuration sshd: configurable server key verification sshd: allow setting a null ssh config sshd: simplify OpenSshServerKeyVerifier sshd: simplify ServerKeyLookup interface Use https in update site URLs Change-Id: Icd21a8fcccffd56bfedbd037e48028308db6d13b Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| * sshd: support the HashKnownHosts configurationThomas Wolf2019-09-021-1/+2
| | | | | | | | | | | | | | | | | | Add the constant, and implement hashing of known host names in OpenSshServerKeyDatabase. Add a test verifying that the hashing works. Bug: 548492 Change-Id: Iabe82b666da627bd7f4d82519a366d166aa9ddd4 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
| * sshd: configurable server key verificationThomas Wolf2019-09-021-1/+8
| | | | | | | | | | | | | | | | | | | | Provide a wrapper interface and change the implementation such that a client can substitute its own database of known hosts keys instead of the default file-based mechanism. Bug: 547619 Change-Id: Ifc25a4519fa5bcf7bb8541b9f3e2de15215e3d66 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
| * Prepare 5.5.0-SNAPSHOT buildsMatthias Sohn2019-08-281-1/+1
| | | | | | | | | | Change-Id: Ib498303c8787a5fbee89377eaed332a5a6b4f3b0 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| * JGit v5.5.0.201908280940-m3v5.5.0.201908280940-m3Matthias Sohn2019-08-281-1/+1
| | | | | | | | | | Change-Id: I0920767979d7927bc18f3e395963aeebae5ea540 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* | Prepare 5.6.0-SNAPSHOT buildsMatthias Sohn2019-08-291-10/+10
|/ | | | | Change-Id: I9eceb7b1272b27b979144041c75eb09ab4eeca6b Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* sshd: correct the protocol version exchangeThomas Wolf2019-07-151-1/+2
| | | | | | | | | | | | | | | | | | | RFC 4253 section 4.2 allows an ssh server to send additional lines before its server identification string. Apache MINA sshd enforces for these lines the constraints specified for the server identification line, too: no NUL characters and not longer than 255 characters. That is too strict. RFC 4253 doesn't mandate this, and it also doesn't make sense given the rationale for these lines in RFC 4253: a TCP wrapper may not be aware of SSH restrictions, and may not adhere to these constraints. Be more lenient when parsing the server's protocol version. Allow NULs and longer lines in the preamble, and also handle line endings more leniently. Only enforce the restrictions for the actual server identification line. Bug: 545939 Change-Id: I75955e9d8a8daef7c04fc0f39539c2ee93514e1c Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Fix bundle localization of Apache SSH bundleMichael Keppler2019-06-211-1/+2
| | | | | | | | | The placeholders in manifest and plugin.properties did not match. To avoid similar issues, all placeholders have been changed to Bundle-Vendor and Bundle-Name now. Bug:548503 Change-Id: Ibd4b9bc237b323e614506b97e5fbc99416365040 Signed-off-by: Michael Keppler <Michael.Keppler@gmx.de>
* Prepare 5.5.0-SNAPSHOT buildsMatthias Sohn2019-06-131-9/+9
| | | | | Change-Id: I177d637e552a79014816dc5d2ef5ccda506adb39 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.4.1-SNAPSHOT buildsMatthias Sohn2019-06-121-9/+9
| | | | | Change-Id: I8620d03c1cd5c1d0ad04e7607553e9aa18def9bb Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* JGit v5.4.0.201906121030-rv5.4.0.201906121030-rMatthias Sohn2019-06-121-1/+1
| | | | | Change-Id: Ie68828af68d07cf8e3fe778d39436f539f1c73d0 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* JGit v5.4.0.201906120450-rMatthias Sohn2019-06-121-1/+1
| | | | | Change-Id: Iea17cba848d4e53d69d34e952a2476c375721aa4 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.4.0-SNAPSHOT buildsMatthias Sohn2019-05-221-1/+1
| | | | | Change-Id: I9df6fccee253d4087f9afab4cb46e0a40b8a5699 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* JGit v5.4.0.201905221418-m3v5.4.0.201905221418-m3Matthias Sohn2019-05-221-1/+1
| | | | | Change-Id: I8a7e687acfcf8c341abd726ae60b5ee173422215 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.4.0-SNAPSHOT buildsMatthias Sohn2019-05-151-1/+1
| | | | | Change-Id: Ieb4b049972509631f06b5268a90f432a1b9ee207 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* JGit v5.4.0.201905081430-m2v5.4.0.201905081430-m2Matthias Sohn2019-05-081-1/+1
| | | | | Change-Id: I535a98d8ef507d3c8cda7b0f042a2ae835da1279 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.4.0-SNAPSHOT buildsMatthias Sohn2019-03-071-9/+9
| | | | | Change-Id: I90a4791f63d0eba23da744c720e869f1830b86e7 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.3.0-SNAPSHOT buildsMatthias Sohn2018-12-031-9/+9
| | | | | Change-Id: I8951c2cf650cc3e41d2baa0b330b94468cfed5c2 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Apache MINA sshd client: enable support for ed25519 keysThomas Wolf2018-12-021-0/+1
| | | | | | | | | | | | | | | Include the net.i2p.crypto.eddsa bundle via a hard dependency. Add tests for dealing with ed25519 host keys and user key files. Manual tests: fetching from git.eclipse.org with an ed25519 user key, and pushing this change itself using the same ed25519 key. Note that sshd 2.0.0 does not yet support encrypted ed25519 private keys. Bug: 541272 Change-Id: I7072f4014d9eca755b4a2412e19c086235e5eae9 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Prepare 5.2.0-SNAPSHOT buildsMatthias Sohn2018-11-301-1/+1
| | | | | Change-Id: I18646aaeee51047b234b758dcc1c2f89fd01b2f8 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* JGit v5.2.0.201811281532-m3v5.2.0.201811281532-m3Matthias Sohn2018-11-281-1/+1
| | | | | Change-Id: I79988b473d67e565d8f6bcac40ee9a14b26c9e60 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Apache MINA sshd client: proxy supportThomas Wolf2018-11-171-1/+2
| | | | | | | | | | | | | | | | | | | | | | This is not about the ssh config ProxyCommand but about programmatic support for HTTP and SOCKS5 proxies. Eclipse allows the user to specify such proxies, and JSch at least contains code to connect through proxies. So our Apache MINA sshd client also should be able to do this. Add interfaces and provide two implementations for HTTP and SOCKS5 proxies. Adapt the core code to be able to deal with proxy connections at all. The built-in client-side support for this in sshd 2.0.0 is woefully inadequate. Tested manually by running proxies and then fetching various real- world repositories via these proxies from different servers. Proxies tested: ssh -D (SOCKS, anonymous), tinyproxy (HTTP, anonymous), and 3proxy (SOCKS & HTTP, username-password authentication). The GSS-API authentication is untested since I have no Kerberos setup. Bug: 520927 Change-Id: I1a5c34687d439b3ef8373c5d58e24004f93e63ae Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Apache MINA sshd clientThomas Wolf2018-11-131-0/+17
Add a new ssh client implementation based on Apach MINA sshd 2.0.0. This implementation uses JGit's own config file parser and host entry resolver. Code inspection of the Apache MINA implementation revealed a few bugs or idiosyncrasies that immediately would re-introduce bugs already fixed in the past in JGit. Apache MINA sshd is not without quirks either, and I had to configure and override more than I had expected. But at least it was all doable in clean ways. Apache MINA boasts support for Bouncy Castle, so in theory this should open the way to using more ssh key algorithms, such as ed25519. The implementation is in a separate bundle and is still not used in the core org.eclipse.jgit bundle. The tests re-use the ssh tests from the core test bundle. Bug: 520927 Change-Id: Ib35e73c35799140fe050d1ff4fb18d0d3596580e Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-10 06:40:48 +0000