@@ -54,7 +54,7 @@ | |||
<classpathentry kind="lib" path="ext/bcprov-jdk15on-1.57.jar" sourcepath="ext/src/bcprov-jdk15on-1.57.jar" /> | |||
<classpathentry kind="lib" path="ext/bcmail-jdk15on-1.57.jar" sourcepath="ext/src/bcmail-jdk15on-1.57.jar" /> | |||
<classpathentry kind="lib" path="ext/bcpkix-jdk15on-1.57.jar" sourcepath="ext/src/bcpkix-jdk15on-1.57.jar" /> | |||
<classpathentry kind="lib" path="ext/sshd-core-1.0.0.jar" sourcepath="ext/src/sshd-core-1.0.0.jar" /> | |||
<classpathentry kind="lib" path="ext/sshd-core-1.1.0.jar" sourcepath="ext/src/sshd-core-1.1.0.jar" /> | |||
<classpathentry kind="lib" path="ext/mina-core-2.0.21.jar" sourcepath="ext/src/mina-core-2.0.21.jar" /> | |||
<classpathentry kind="lib" path="ext/rome-0.9.jar" sourcepath="ext/src/rome-0.9.jar" /> | |||
<classpathentry kind="lib" path="ext/jdom-1.0.jar" sourcepath="ext/src/jdom-1.0.jar" /> |
@@ -112,7 +112,7 @@ properties: { | |||
bouncycastle.version : 1.57 | |||
selenium.version : 2.28.0 | |||
wikitext.version : 1.4 | |||
sshd.version: 1.0.0 | |||
sshd.version: 1.1.0 | |||
mina.version: 2.0.21 | |||
guice.version : 4.0 | |||
# Gitblit maintains a fork of guice-servlet |
@@ -541,13 +541,13 @@ | |||
</library> | |||
</orderEntry> | |||
<orderEntry type="module-library"> | |||
<library name="sshd-core-1.0.0.jar"> | |||
<library name="sshd-core-1.1.0.jar"> | |||
<CLASSES> | |||
<root url="jar://$MODULE_DIR$/ext/sshd-core-1.0.0.jar!/" /> | |||
<root url="jar://$MODULE_DIR$/ext/sshd-core-1.1.0.jar!/" /> | |||
</CLASSES> | |||
<JAVADOC /> | |||
<SOURCES> | |||
<root url="jar://$MODULE_DIR$/ext/src/sshd-core-1.0.0.jar!/" /> | |||
<root url="jar://$MODULE_DIR$/ext/src/sshd-core-1.1.0.jar!/" /> | |||
</SOURCES> | |||
</library> | |||
</orderEntry> |
@@ -212,7 +212,7 @@ public class LdapKeyManager extends IPublicKeyManager { | |||
List<SshKey> keyList = new ArrayList<>(authorizedKeys.size()); | |||
for (GbAuthorizedKeyEntry keyEntry : authorizedKeys) { | |||
try { | |||
SshKey key = new SshKey(keyEntry.resolvePublicKey()); | |||
SshKey key = new SshKey(keyEntry.resolvePublicKey(null)); | |||
key.setComment(keyEntry.getComment()); | |||
setKeyPermissions(key, keyEntry); | |||
keyList.add(key); |
@@ -31,7 +31,7 @@ import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory; | |||
import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory; | |||
import org.apache.sshd.common.util.SecurityUtils; | |||
import org.apache.sshd.server.SshServer; | |||
import org.apache.sshd.server.auth.CachingPublicKeyAuthenticator; | |||
import org.apache.sshd.server.auth.pubkey.CachingPublicKeyAuthenticator; | |||
import org.bouncycastle.openssl.PEMWriter; | |||
import org.eclipse.jgit.internal.JGitText; | |||
import org.slf4j.Logger; | |||
@@ -158,7 +158,7 @@ public class SshDaemon { | |||
log.info("SSH: adding GSSAPI authentication method."); | |||
} | |||
sshd.setSessionFactory(new SshServerSessionFactory()); | |||
sshd.setSessionFactory(new SshServerSessionFactory(sshd)); | |||
sshd.setFileSystemFactory(new DisabledFilesystemFactory()); | |||
sshd.setTcpipForwardingFilter(new NonForwardingFilter()); | |||
sshd.setCommandFactory(new SshCommandFactory(gitblit, workQueue)); |
@@ -22,7 +22,8 @@ import org.apache.sshd.common.future.CloseFuture; | |||
import org.apache.sshd.common.future.SshFutureListener; | |||
import org.apache.sshd.common.io.IoSession; | |||
import org.apache.sshd.common.io.mina.MinaSession; | |||
import org.apache.sshd.common.session.AbstractSession; | |||
import org.apache.sshd.server.ServerFactoryManager; | |||
import org.apache.sshd.server.session.ServerSessionImpl; | |||
import org.apache.sshd.server.session.SessionFactory; | |||
import org.slf4j.Logger; | |||
import org.slf4j.LoggerFactory; | |||
@@ -36,11 +37,12 @@ public class SshServerSessionFactory extends SessionFactory { | |||
private final Logger log = LoggerFactory.getLogger(getClass()); | |||
public SshServerSessionFactory() { | |||
public SshServerSessionFactory(ServerFactoryManager server) { | |||
super(server); | |||
} | |||
@Override | |||
protected AbstractSession createSession(final IoSession io) throws Exception { | |||
protected ServerSessionImpl createSession(final IoSession io) throws Exception { | |||
log.info("creating ssh session from {}", io.getRemoteAddress()); | |||
if (io instanceof MinaSession) { | |||
@@ -66,7 +68,7 @@ public class SshServerSessionFactory extends SessionFactory { | |||
} | |||
@Override | |||
protected AbstractSession doCreateSession(IoSession ioSession) throws Exception { | |||
protected ServerSessionImpl doCreateSession(IoSession ioSession) throws Exception { | |||
return new SshServerSession(getServer(), ioSession); | |||
} | |||
} |
@@ -44,9 +44,9 @@ public class SshDaemonTest extends SshUnitTest { | |||
@Test | |||
public void testPublicKeyAuthentication() throws Exception { | |||
SshClient client = getClient(); | |||
ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).await().getSession(); | |||
ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).verify().getSession(); | |||
session.addPublicKeyIdentity(rwKeyPair); | |||
assertTrue(session.auth().await().isSuccess()); | |||
assertTrue(session.auth().await()); | |||
} | |||
@Test | |||
@@ -64,6 +64,7 @@ public class SshDaemonTest extends SshUnitTest { | |||
// set clone restriction | |||
RepositoryModel model = repositories().getRepositoryModel("ticgit.git"); | |||
assertNotNull("Could not get repository modle for ticgit.git", model); | |||
model.accessRestriction = AccessRestrictionType.CLONE; | |||
model.authorizationControl = AuthorizationControl.NAMED; | |||
repositories().updateRepositoryModel(model.name, model, false); |
@@ -24,11 +24,13 @@ import java.net.SocketAddress; | |||
import java.security.KeyPair; | |||
import java.security.KeyPairGenerator; | |||
import java.security.PublicKey; | |||
import java.util.EnumSet; | |||
import java.util.concurrent.atomic.AtomicBoolean; | |||
import org.apache.sshd.client.ServerKeyVerifier; | |||
import org.apache.sshd.client.SshClient; | |||
import org.apache.sshd.client.channel.ClientChannel; | |||
import org.apache.sshd.client.future.AuthFuture; | |||
import org.apache.sshd.client.keyverifier.ServerKeyVerifier; | |||
import org.apache.sshd.client.session.ClientSession; | |||
import org.apache.sshd.common.util.SecurityUtils; | |||
import org.junit.After; | |||
@@ -112,9 +114,11 @@ public abstract class SshUnitTest extends GitblitUnitTest { | |||
protected String testSshCommand(String cmd, String stdin) throws IOException, InterruptedException { | |||
SshClient client = getClient(); | |||
ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).await().getSession(); | |||
ClientSession session = client.connect(username, "localhost", GitBlitSuite.sshPort).verify().getSession(); | |||
session.addPublicKeyIdentity(rwKeyPair); | |||
assertTrue(session.auth().await().isSuccess()); | |||
AuthFuture authFuture = session.auth(); | |||
assertTrue(authFuture.await()); | |||
assertTrue(authFuture.isSuccess()); | |||
ClientChannel channel = session.createChannel(ClientChannel.CHANNEL_EXEC, cmd); | |||
ByteArrayOutputStream baos = new ByteArrayOutputStream(); | |||
@@ -131,7 +135,7 @@ public abstract class SshUnitTest extends GitblitUnitTest { | |||
channel.setErr(err); | |||
channel.open(); | |||
channel.waitFor(ClientChannel.CLOSED, 0); | |||
channel.waitFor(EnumSet.of(ClientChannel.ClientChannelEvent.CLOSED), 0); | |||
String result = out.toString().trim(); | |||
channel.close(false); |