From 4c555f0742856bb21efcb2df53c7ceac921ffe80 Mon Sep 17 00:00:00 2001 From: Thomas Wolf Date: Thu, 6 Jan 2022 19:33:44 +0100 Subject: sshd: backport upstream fix for SSHD-1231 SSHD-1231[1] may lead to exceptions when trying to authenticate first with an RSA key that is rejected by the server. The upstream fix is a one-liner but unfortunately didn't make it into Apache MINA sshd 2.8.0. Incorporate the upstream fix in JGitPublicKeyAuthentication, and add a test case for this. [1] https://issues.apache.org/jira/browse/SSHD-1231 Bug: 577545 Change-Id: Ia744cd4aa569bccd937c855f3bb45c0116915bad Signed-off-by: Thomas Wolf --- .../transport/sshd/JGitPublicKeyAuthentication.java | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'org.eclipse.jgit.ssh.apache/src') diff --git a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitPublicKeyAuthentication.java b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitPublicKeyAuthentication.java index c082a9a963..2996a221ce 100644 --- a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitPublicKeyAuthentication.java +++ b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/JGitPublicKeyAuthentication.java @@ -108,4 +108,18 @@ public class JGitPublicKeyAuthentication extends UserAuthPublicKey { }; } } + + @Override + protected PublicKeyIdentity resolveAttemptedPublicKeyIdentity( + ClientSession session, String service) throws Exception { + PublicKeyIdentity result = super.resolveAttemptedPublicKeyIdentity( + session, service); + // This fixes SSHD-1231. Can be removed once we're using Apache MINA + // sshd > 2.8.0. + // + // See https://issues.apache.org/jira/browse/SSHD-1231 + currentAlgorithms.clear(); + return result; + } + } -- cgit v1.2.3