| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| |
| |
| |
| |
| | |
Change-Id: Ib498303c8787a5fbee89377eaed332a5a6b4f3b0
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
| |
| |
| |
| | |
Change-Id: I0920767979d7927bc18f3e395963aeebae5ea540
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|/
|
|
|
| |
Change-Id: I9eceb7b1272b27b979144041c75eb09ab4eeca6b
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
RFC 4253 section 4.2 allows an ssh server to send additional lines
before its server identification string. Apache MINA sshd enforces
for these lines the constraints specified for the server identification
line, too: no NUL characters and not longer than 255 characters. That
is too strict. RFC 4253 doesn't mandate this, and it also doesn't
make sense given the rationale for these lines in RFC 4253: a TCP
wrapper may not be aware of SSH restrictions, and may not adhere to
these constraints.
Be more lenient when parsing the server's protocol version. Allow
NULs and longer lines in the preamble, and also handle line endings
more leniently. Only enforce the restrictions for the actual server
identification line.
Bug: 545939
Change-Id: I75955e9d8a8daef7c04fc0f39539c2ee93514e1c
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
|
|
|
|
|
|
|
|
| |
The placeholders in manifest and plugin.properties did not match. To
avoid similar issues, all placeholders have been changed to
Bundle-Vendor and Bundle-Name now.
Bug:548503
Change-Id: Ibd4b9bc237b323e614506b97e5fbc99416365040
Signed-off-by: Michael Keppler <Michael.Keppler@gmx.de>
|
|
|
|
|
| |
Change-Id: I177d637e552a79014816dc5d2ef5ccda506adb39
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
| |
Change-Id: I8620d03c1cd5c1d0ad04e7607553e9aa18def9bb
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
| |
Change-Id: Ie68828af68d07cf8e3fe778d39436f539f1c73d0
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
| |
Change-Id: Iea17cba848d4e53d69d34e952a2476c375721aa4
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
| |
Change-Id: I9df6fccee253d4087f9afab4cb46e0a40b8a5699
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
| |
Change-Id: I8a7e687acfcf8c341abd726ae60b5ee173422215
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
| |
Change-Id: Ieb4b049972509631f06b5268a90f432a1b9ee207
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
| |
Change-Id: I535a98d8ef507d3c8cda7b0f042a2ae835da1279
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
| |
Change-Id: I90a4791f63d0eba23da744c720e869f1830b86e7
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
| |
Change-Id: I8951c2cf650cc3e41d2baa0b330b94468cfed5c2
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Include the net.i2p.crypto.eddsa bundle via a hard dependency.
Add tests for dealing with ed25519 host keys and user key files.
Manual tests: fetching from git.eclipse.org with an ed25519 user key,
and pushing this change itself using the same ed25519 key.
Note that sshd 2.0.0 does not yet support encrypted ed25519 private
keys.
Bug: 541272
Change-Id: I7072f4014d9eca755b4a2412e19c086235e5eae9
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
|
|
|
|
| |
Change-Id: I18646aaeee51047b234b758dcc1c2f89fd01b2f8
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
| |
Change-Id: I79988b473d67e565d8f6bcac40ee9a14b26c9e60
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is not about the ssh config ProxyCommand but about programmatic
support for HTTP and SOCKS5 proxies. Eclipse allows the user to
specify such proxies, and JSch at least contains code to connect
through proxies. So our Apache MINA sshd client also should be able
to do this.
Add interfaces and provide two implementations for HTTP and SOCKS5
proxies. Adapt the core code to be able to deal with proxy connections
at all. The built-in client-side support for this in sshd 2.0.0 is
woefully inadequate.
Tested manually by running proxies and then fetching various real-
world repositories via these proxies from different servers. Proxies
tested: ssh -D (SOCKS, anonymous), tinyproxy (HTTP, anonymous), and
3proxy (SOCKS & HTTP, username-password authentication). The GSS-API
authentication is untested since I have no Kerberos setup.
Bug: 520927
Change-Id: I1a5c34687d439b3ef8373c5d58e24004f93e63ae
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
|
Add a new ssh client implementation based on Apach MINA sshd 2.0.0.
This implementation uses JGit's own config file parser and host entry
resolver. Code inspection of the Apache MINA implementation revealed
a few bugs or idiosyncrasies that immediately would re-introduce bugs
already fixed in the past in JGit.
Apache MINA sshd is not without quirks either, and I had to configure
and override more than I had expected. But at least it was all doable
in clean ways.
Apache MINA boasts support for Bouncy Castle, so in theory this should
open the way to using more ssh key algorithms, such as ed25519.
The implementation is in a separate bundle and is still not used in
the core org.eclipse.jgit bundle. The tests re-use the ssh tests from
the core test bundle.
Bug: 520927
Change-Id: Ib35e73c35799140fe050d1ff4fb18d0d3596580e
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|