summaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit.ssh.apache/META-INF/MANIFEST.MF
Commit message (Collapse)AuthorAgeFilesLines
* JGit v5.4.0.201906120450-rMatthias Sohn2019-06-121-1/+1
| | | | | Change-Id: Iea17cba848d4e53d69d34e952a2476c375721aa4 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.4.0-SNAPSHOT buildsMatthias Sohn2019-05-221-1/+1
| | | | | Change-Id: I9df6fccee253d4087f9afab4cb46e0a40b8a5699 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* JGit v5.4.0.201905221418-m3v5.4.0.201905221418-m3Matthias Sohn2019-05-221-1/+1
| | | | | Change-Id: I8a7e687acfcf8c341abd726ae60b5ee173422215 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.4.0-SNAPSHOT buildsMatthias Sohn2019-05-151-1/+1
| | | | | Change-Id: Ieb4b049972509631f06b5268a90f432a1b9ee207 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* JGit v5.4.0.201905081430-m2v5.4.0.201905081430-m2Matthias Sohn2019-05-081-1/+1
| | | | | Change-Id: I535a98d8ef507d3c8cda7b0f042a2ae835da1279 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Apache MINA sshd client: test reading encrypted ed25519 keysThomas Wolf2019-05-061-0/+1
| | | | | | | | | | | | | | | Add encrypted ed25519 keys in the tests; sshd 2.2.0 can finally decrypt encrypted new-style OpenSSH key files. (Needs the "unlimited strength" JCE, which is the default since Java 8u161. On older JREs, users should install the policy files available from Oracle.) The "expensive" key added has been generated with OpenSSH's ssh-keygen -t ed25519 -a 256, i.e., with 256 bcrypt KDF rounds instead of the default 16. On my machine it takes about 2sec to decrypt. Bug: 541703 Change-Id: Id3872ca2fd75d8f009cbc932eeb6357d3d1f267c Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Apache MINA sshd client: adapt to sshd 2.2.0Thomas Wolf2019-05-061-40/+41
| | | | | | | | | | | | | | Update target platforms, maven and bazel builds to use sshd 2.2.0. Adapt internal classes to changed sshd interfaces and remove previous work-arounds for asking repeatedly for key passwords and for loading keys lazily; both are now done by sshd. CQ: 19034 CQ: 19035 Bug: 541425 Change-Id: I85e1df6ebb8a94953a912d9b2b8a7b5bdfbd608a Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.4.0-SNAPSHOT buildsMatthias Sohn2019-03-071-13/+13
| | | | | Change-Id: I90a4791f63d0eba23da744c720e869f1830b86e7 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Prepare 5.3.0-SNAPSHOT buildsMatthias Sohn2018-12-031-13/+13
| | | | | Change-Id: I8951c2cf650cc3e41d2baa0b330b94468cfed5c2 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Apache MINA sshd client: enable support for ed25519 keysThomas Wolf2018-12-021-1/+2
| | | | | | | | | | | | | | | Include the net.i2p.crypto.eddsa bundle via a hard dependency. Add tests for dealing with ed25519 host keys and user key files. Manual tests: fetching from git.eclipse.org with an ed25519 user key, and pushing this change itself using the same ed25519 key. Note that sshd 2.0.0 does not yet support encrypted ed25519 private keys. Bug: 541272 Change-Id: I7072f4014d9eca755b4a2412e19c086235e5eae9 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Prepare 5.2.0-SNAPSHOT buildsMatthias Sohn2018-11-301-1/+1
| | | | | Change-Id: I18646aaeee51047b234b758dcc1c2f89fd01b2f8 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* JGit v5.2.0.201811281532-m3v5.2.0.201811281532-m3Matthias Sohn2018-11-281-1/+1
| | | | | Change-Id: I79988b473d67e565d8f6bcac40ee9a14b26c9e60 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* Apache MINA sshd client: proxy supportThomas Wolf2018-11-171-5/+7
| | | | | | | | | | | | | | | | | | | | | | This is not about the ssh config ProxyCommand but about programmatic support for HTTP and SOCKS5 proxies. Eclipse allows the user to specify such proxies, and JSch at least contains code to connect through proxies. So our Apache MINA sshd client also should be able to do this. Add interfaces and provide two implementations for HTTP and SOCKS5 proxies. Adapt the core code to be able to deal with proxy connections at all. The built-in client-side support for this in sshd 2.0.0 is woefully inadequate. Tested manually by running proxies and then fetching various real- world repositories via these proxies from different servers. Proxies tested: ssh -D (SOCKS, anonymous), tinyproxy (HTTP, anonymous), and 3proxy (SOCKS & HTTP, username-password authentication). The GSS-API authentication is untested since I have no Kerberos setup. Bug: 520927 Change-Id: I1a5c34687d439b3ef8373c5d58e24004f93e63ae Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Apache MINA sshd: use NumberOfPasswordPrompts for encrypted keysThomas Wolf2018-11-141-0/+2
| | | | | | | | | | | sshd only asks exactly once for the password. C.f. upstream issue SSHD-850.[1] So we have to work around this limitation for now. Once we move to sshd > 2.1.0, this can be simplified somewhat. [1] https://issues.apache.org/jira/browse/SSHD-850 Bug: 520927 Change-Id: Id65650228486c5ed30affa9c62eac982e01ae207 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Apache MINA sshd client: properly handle HostKeyAlgorithms configThomas Wolf2018-11-131-0/+1
| | | | | | | | | | | | | | | | | | | By default sshd will use its default built-in list, which matches the one of openssh (as far as the algorithms exist in sshd at all). But it doesn't handle HostKeyAlgorithms from the ssh config at all. Implement this as in openssh, including the '+' and '-' modifiers and reordering the default if there are known host keys for a server already. Add tests for the reordering. Also use a more robust reader for the known hosts file. The default aborts on the first error. Bug: 520927 Change-Id: Ib1684440bfe2e96140536aa1a93c4bd4a0d35916 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Add ssh tests for PreferredAuthenticationsThomas Wolf2018-11-131-0/+1
| | | | | | | | | | | | | | | | | | | | Tests that it works with unknown authentications in the list, and fails if there are no common authentications between server and client. The latter also tests that the ssh config setting is taken into account at all. And promptly the JGit sshd client didn't. Add a fix for this. It's a tiny bit hacky: Apache MINA looks up a custom property set on a hierarchy of "PropertyResolver"s starting with the session. On the session itself this property can never be set since it's read already in the session constructor before anyone had any chance to set it. The next element in the resolver hierarchy is the sshd SshClient, and so we set that property there. Since we use one SshClient and one ClientSession per JGit SshdSession, this is OK. Bug: 520927 Change-Id: I62446fc1fffde125a8965c030240f0918ae234b7 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* Apache MINA sshd clientThomas Wolf2018-11-131-0/+76
Add a new ssh client implementation based on Apach MINA sshd 2.0.0. This implementation uses JGit's own config file parser and host entry resolver. Code inspection of the Apache MINA implementation revealed a few bugs or idiosyncrasies that immediately would re-introduce bugs already fixed in the past in JGit. Apache MINA sshd is not without quirks either, and I had to configure and override more than I had expected. But at least it was all doable in clean ways. Apache MINA boasts support for Bouncy Castle, so in theory this should open the way to using more ssh key algorithms, such as ed25519. The implementation is in a separate bundle and is still not used in the core org.eclipse.jgit bundle. The tests re-use the ssh tests from the core test bundle. Bug: 520927 Change-Id: Ib35e73c35799140fe050d1ff4fb18d0d3596580e Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-13 19:09:39 +0000