| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Change-Id: I2fc5305e7eaaa4593d418fc3b31d20e4b6e1e585
|
| |
|
|
|
| |
Change-Id: Ic7d86c91ec0ff9aa0678dcb971c197e62a4ca2dc
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* stable-5.11:
Refactor CommitCommand to improve readability
CommitCommand: fix formatting
CommitCommand: remove unncessary comment
Ensure post-commit hook is called after index lock was released
sshd: try all configured signature algorithms for a key
sshd: modernize ssh config file parsing
sshd: implement ssh config PubkeyAcceptedAlgorithms
Change-Id: Ic3235ffd84c9d7537a1fe5ff4f216578e6e26724
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For RSA keys, there may be several configured signature algorithms:
rsa-sha2-512, rsa-sha2-256, and ssh-rsa. Upstream sshd has bug
SSHD-1105 [1] and always and unconditionally uses only the first
configured algorithm. With the default order, this means that it cannot
connect to a server that knows only ssh-rsa, like for instance Apache
MINA sshd servers older than 2.6.0.
This affects for instance bitbucket.org or also AWS Code Commit.
Re-introduce our own pubkey authenticator that fixes this.
Note that a server may impose a penalty (back-off delay) for subsequent
authentication attempts with signature algorithms unknown to the server.
In such cases, users can re-order the signature algorithm list via the
PubkeyAcceptedAlgorithms (formerly PubkeyAcceptedKeyTypes) ssh config.
[1] https://issues.apache.org/jira/browse/SSHD-1105
Bug: 572056
Change-Id: I7fb9c759ab6532e5f3b6524e9084085ddb2f30d6
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Apache MINA sshd 2.6.0 appears to use only the first appropriate
public key signature algorithm for a particular key. See [1]. For
RSA keys, that is rsa-sha2-512. This breaks authentication at servers
that only know the older (and deprecated) ssh-rsa algorithm.
With PubkeyAcceptedAlgorithms, users can re-order algorithms in
the ssh config file per host, if needed. Setting
PubkeyAcceptedAlgorithms ^ssh-rsa
will put "ssh-rsa" at the front of the list of algorithms, and then
authentication at such servers with RSA keys works again.
[1] https://issues.apache.org/jira/browse/SSHD-1105
Bug: 572056
Change-Id: I86c3b93f05960c68936e80642965815926bb2532
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |/
|
|
|
| |
Change-Id: I736de7c3deb11da75777d459f47332df0b486443
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: I94628ccbb5099a65aa4345cfd28a141ff5555b68
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: I8e6855eaf7228459f492036feb4e34ca085698a7
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: I89ed49a6acc53dd75d16f40c99e1140e0c18f646
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: I0a86fa59645888f9f36ea6938c9121e095f02fc6
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: If3dbe084ee37ae4b993d3a10ec48b14e8709ff6d
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: Iea6b3515fa63db497989194b6bf50fe7324086d0
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Re-enable DSA, DSA_CERT, and RSA_CERT public key authentication.
DSA is discouraged for a long time already, but it might still be
way too disruptive to completely drop it. RSA is discouraged for
far less long, and dropping that would be really disruptive.
Adapt to the changed property handling. Remove work-arounds for
shortcomings of earlier sshd versions.
Use Orbit I20210203173513, which includes sshd 2.6.0. This also bumps
apache.httpclient to 4.5.13 and apache.httpcore to 4.4.14.
Change-Id: I2d24a1ce4cc9f616a94bb5c4bdaedbf20dc6638e
Signed-off-by: David Ostrovsky <david@ostrovsky.org>
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make all transports request protocol V2 when fetching. Depending on
the transport, set the GIT_PROTOCOL environment variable (file and
ssh), pass the Git-Protocol header (http), or set the hidden
"\0version=2\0" (git anon). We'll fall back to V0 if the server
doesn't reply with a version 2 answer.
A user can control which protocol the client requests via the git
config protocol.version; if not set, JGit requests protocol V2 for
fetching. Pushing always uses protocol V0 still.
In the API, there is only a new Transport.openFetch() version that
takes a collection of RefSpecs plus additional patterns to construct
the Ref prefixes for the "ls-refs" command in protocol V2. If none
are given, the server will still advertise all refs, even in protocol
V2.
BasePackConnection.readAdvertisedRefs() handles falling back to
protocol V0. It newly returns true if V0 was used and the advertised
refs were read, and false if V2 is used and an explicit "ls-refs" is
needed. (This can't be done transparently inside readAdvertisedRefs()
because a "stateless RPC" transport like TransportHttp may need to
open a new connection for writing.)
BasePackFetchConnection implements the changes needed for the protocol
V2 "fetch" command (stateless protocol, simplified ACK handling,
delimiters, section headers).
In TransportHttp, change readSmartHeaders() to also recognize the
"version 2" packet line as a valid smart server indication.
Adapt tests, and run all the HTTP tests not only with both HTTP
connection factories (JDK and Apache HttpClient) but also with both
protocol V0 and V2. The SSH tests are much slower and much more
focused on the SSH protocol and SSH key handling. Factor out two
very simple cloning and pulling tests and make those run with
protocol V2.
Bug: 553083
Change-Id: I357c7f5daa7efb2872f1c64ee6f6d54229031ae1
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
|
| |
Change-Id: I91e5532526775191fbd34f81e2ef777cba605e3b
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
| |
It seems Eclipse 4.18 reports them as error whereas earlier versions
ignored this maybe since we don't require javadoc comments for all the
test bundles.
Change-Id: I3f4d42ce681ea5c2b4b302991d2641290ac8561d
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit f802f06e7fd5a98f256b7b7727598491f563bf2f.
I had misunderstood how protocol V2 works. This implementation only
works if the negotiation during fetch is done in one round.
Fixing this is substantial work in BasePackFetchConnection. Basically
I think I'd have to change back negotiate to the V0 version, and have
a doFetch() that does
if protocol V2
doFetchV2()
else
doFetchV0()
with doFetchV0 the old code, and doFetchV2 completely new.
Plus there would need to be a HTTP test case requiring several
negotiation rounds.
This is a couple of days work at least, and I don't know when I will
have the time to revisit this. So although the rest of the code is
fine I prefer to back this out completely and not leave a only half
working implementation in the code for an indeterminate time.
Bug: 553083
Change-Id: Icbbbb09882b3b83f9897deac4a06d5f8dc99d84e
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make all transports request protocol V2 when fetching. Depending on
the transport, set the GIT_PROTOCOL environment variable (file and
ssh), pass the Git-Protocol header (http), or set the hidden
"\0version=2\0" (git anon). We'll fall back to V0 if the server
doesn't reply with a version 2 answer.
A user can control which protocol the client requests via the git
config protocol.version; if not set, JGit requests protocol V2 for
fetching. Pushing always uses protocol V0 still.
In the API, there is only a new Transport.openFetch() version that
takes a collection of RefSpecs plus additional patterns to construct
the Ref prefixes for the "ls-refs" command in protocol V2. If none
are given, the server will still advertise all refs, even in protocol
V2.
BasePackConnection.readAdvertisedRefs() handles falling back to
protocol V0. It newly returns true if V0 was used and the advertised
refs were read, and false if V2 is used and an explicit "ls-refs" is
needed. (This can't be done transparently inside readAdvertisedRefs()
because a "stateless RPC" transport like TransportHttp may need to
open a new connection for writing.)
BasePackFetchConnection implements the changes needed for the protocol
V2 "fetch" command (simplified ACK handling, delimiters, section
headers).
In TransportHttp, change readSmartHeaders() to also recognize the
"version 2" packet line as a valid smart server indication.
Adapt tests, and run all the HTTP tests not only with both HTTP
connection factories (JDK and Apache HttpClient) but also with both
protocol V0 and V2. Do the same for the SSH transport tests.
Bug: 553083
Change-Id: Ice9866aa78020f5ca8f397cde84dc224bf5d41b4
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is useful to access git repositories behind a bastion server
(jump host).
Add a constant for the config; rewrite the whole connection initiation
to parse the value and (recursively) set up the chain of hops. Add
tests for a single hop and two different ways to configure a two-hop
chain.
The connection timeout applies to each hop in the chain individually.
Change-Id: Idd25af95aa2ec5367404587e4e530b0663c03665
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
|
| |
Change-Id: I9a2b39e9e85f27179ceb3b1709d75c466089a3bc
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When exceptions occur very early in the SSH connection setup, it's
possible that an exception gets lost. A subsequent authentication
attempt may then never be notified of the failure, and then wait
indefinitely or until its timeout expires.
This is caused by race conditions in sshd. The issue has been reported
upstream as SSHD-1050,[1] but will be fixed at the earliest in sshd
2.6.0.
[1] https://issues.apache.org/jira/projects/SSHD/issues/SSHD-1050
Bug: 565394
Change-Id: If9b62839db38f9e59a5e1137c2257039ba82de98
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
|
|
|
|
|
|
| |
Improve the SshTestGitServer API for accessing the server properties.
Instead of returning the raw property map, return the proper sshd API
abstraction PropertyResolver.
This makes the interface more resilient against upstream changes.
Change-Id: Ie5b685bddc4e59f3eb6c121026d3658d57618ca4
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
| |
Change-Id: Ibb0bf0b1895a07a80a1f73d2fd6df2cb2d09fd77
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
|
|
|
|
|
| |
SSHD-1028:[1] server doesn't close server-side sessions properly when
client disconnects.
[1] https://issues.apache.org/jira/projects/SSHD/issues/SSHD-1028
Change-Id: I0d67f49e35abe8375cb1370a494dc01d0fb2c9b1
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
|
| |
Change-Id: Ia998e2772df1285a4c674b07201f15d53156eb78
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Motivation: JSch serves as 'default' implementations of the SSH
transport. If a client application does not use it then there is no need
to pull in this dependency.
Move the classes depending on JSch to an OSGi fragment extending the
org.eclipse.jgit bundle and keep them in the same package as before
since moving them to another package would break API. Defer moving them
to a separate package to the next major release.
Add a new feature org.eclipse.jgit.ssh.jsch feature to enable
installation. With that users can now decide which of the ssh client
integrations (JCraft JSch or Apache Mina SSHD) they want to install.
We will remove the JCraft JSch integration in a later step due to the
reasons discussed in bug 520927.
Bug: 553625
Change-Id: I5979c8a9dbbe878a2e8ac0fbfde7230059d74dc2
Also-by: Michael Dardis <git@md-5.net>
Signed-off-by: Michael Dardis <git@md-5.net>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Signed-off-by: David Ostrovsky <david@ostrovsky.org>
|
| |
|
|
|
|
|
| |
Avoid using a key written to a file. This makes it clearer that
the test does not rely on files being present.
Change-Id: I31cf4f404aab5b891c32fc4bda906b7f8fe03777
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A builder API provides a more convenient way to define a customized
SshdSessionFactory by hiding the subclassing.
Also provide a new interface SshConfigStore to abstract away the
specifics of reading a ssh config file, and provide a way to customize
the concrete ssh config implementation to be used. This facilitates
using an alternate ssh config implementation that may or may not be
based on files.
Change-Id: Ib9038e8ff2a4eb3a9ce7b3554d1450befec8e1e1
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change target platforms to Orbit I20200319180910 and regenerate them.
Change package imports to [2.4.0,2.5.0); adapt code to upstream API
changes.
Maven build: update version in root pom.
Bazel build: update version & hash in WORKSPACE file.
Proxy functionality verified manually using 3proxy (HTTP & SOCKS,
with basic authentication) and ssh -vvv -D7020 localhost (SOCKS, no
authentication).
Bug: 561078
Change-Id: I582f6b98055b013c006f2c749890fe6db801cbaa
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
|
| |
Change-Id: I056b45806a82eae80177932e42e3dc806015351a
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
|
|
| |
Since version 4.13 JUnit has an assertThrows method. Remove the
implementation in MoreAsserts and use the one from JUnit.
CQ: 21439
Change-Id: I086baa94aa3069cebe87c4cbf91ed1534523c6cb
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
|
|
| |
This is the format given by the Eclipse legal doc generator [1].
[1] https://www.eclipse.org/projects/tools/documentation.php?id=technology.jgit
Bug: 548298
Change-Id: I8d8cabc998ba1b083e3f0906a8d558d391ffb6c4
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: I7efa0cd08dee711d6fefc3e6bb478a3cb11fe85c
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since [1] the gerrit project includes jgit as a submodule, and has this
warning enabled, resulting in 100s of warnings in the console.
Also enable the warning here, and fix them.
At the same time, add missing braces around adjacent and nearby one-line
blocks.
[1] https://gerrit-review.googlesource.com/c/gerrit/+/227897
Change-Id: I81df3fc7ed6eedf6874ce1a3bedfa727a1897e4c
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* stable-5.5:
Prepare 5.4.4-SNAPSHOT builds
JGit v5.4.3.201909031940-r
Prepare 5.3.6-SNAPSHOT builds
JGit v5.3.5.201909031855-r
Prepare 5.1.12-SNAPSHOT builds
JGit v5.1.11.201909031202-r
Prepare 4.11.10-SNAPSHOT builds
JGit v4.11.9.201909030838-r
Bazel: Update bazlets to the latest master revision
Bazel: Remove FileTreeIteratorWithTimeControl from BUILD file
BatchRefUpdate: repro racy atomic update, and fix it
Delete unused FileTreeIteratorWithTimeControl
Fix RacyGitTests#testRacyGitDetection
Change RacyGitTests to create a racy git situation in a stable way
Silence API warnings
sshd: fix proxy connections with the DefaultProxyDataFactory
sshd: support the HashKnownHosts configuration
sshd: configurable server key verification
sshd: allow setting a null ssh config
sshd: simplify OpenSshServerKeyVerifier
sshd: simplify ServerKeyLookup interface
Use https in update site URLs
Change-Id: Icd21a8fcccffd56bfedbd037e48028308db6d13b
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Add the constant, and implement hashing of known host names in
OpenSshServerKeyDatabase. Add a test verifying that the hashing
works.
Bug: 548492
Change-Id: Iabe82b666da627bd7f4d82519a366d166aa9ddd4
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Provide a wrapper interface and change the implementation such that
a client can substitute its own database of known hosts keys instead
of the default file-based mechanism.
Bug: 547619
Change-Id: Ifc25a4519fa5bcf7bb8541b9f3e2de15215e3d66
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| | |
| |
| |
| |
| | |
Change-Id: Ib498303c8787a5fbee89377eaed332a5a6b4f3b0
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| | |
| |
| |
| |
| | |
Change-Id: I0920767979d7927bc18f3e395963aeebae5ea540
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |/
|
|
|
| |
Change-Id: I9eceb7b1272b27b979144041c75eb09ab4eeca6b
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
RFC 4253 section 4.2 allows an ssh server to send additional lines
before its server identification string. Apache MINA sshd enforces
for these lines the constraints specified for the server identification
line, too: no NUL characters and not longer than 255 characters. That
is too strict. RFC 4253 doesn't mandate this, and it also doesn't
make sense given the rationale for these lines in RFC 4253: a TCP
wrapper may not be aware of SSH restrictions, and may not adhere to
these constraints.
Be more lenient when parsing the server's protocol version. Allow
NULs and longer lines in the preamble, and also handle line endings
more leniently. Only enforce the restrictions for the actual server
identification line.
Bug: 545939
Change-Id: I75955e9d8a8daef7c04fc0f39539c2ee93514e1c
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
|
| |
|
|
|
|
|
|
|
| |
The placeholders in manifest and plugin.properties did not match. To
avoid similar issues, all placeholders have been changed to
Bundle-Vendor and Bundle-Name now.
Bug:548503
Change-Id: Ibd4b9bc237b323e614506b97e5fbc99416365040
Signed-off-by: Michael Keppler <Michael.Keppler@gmx.de>
|
| |
|
|
| |
Change-Id: I95de23fbdce125305be08079bcd179413f8f7f5c
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: I177d637e552a79014816dc5d2ef5ccda506adb39
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: I8620d03c1cd5c1d0ad04e7607553e9aa18def9bb
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: Ie68828af68d07cf8e3fe778d39436f539f1c73d0
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: Iea17cba848d4e53d69d34e952a2476c375721aa4
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: I9df6fccee253d4087f9afab4cb46e0a40b8a5699
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: I8a7e687acfcf8c341abd726ae60b5ee173422215
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
| |
|
|
|
| |
Change-Id: Ieb4b049972509631f06b5268a90f432a1b9ee207
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
|
