Tree:
5c5f7c6b14
master
next
stable-5.10
stable-5.11
stable-5.12
stable-5.2
stable-5.3
stable-5.4
stable-5.5
stable-5.6
stable-5.7
stable-5.8
stable-5.9
stable-0.10
stable-0.11
stable-0.12
stable-0.7
stable-0.8
stable-0.9
stable-1.0
stable-1.1
stable-1.2
stable-1.3
stable-2.0
stable-2.1
stable-2.2
stable-2.3
stable-3.0
stable-3.1
stable-3.2
stable-3.3
stable-3.4
stable-3.5
stable-3.6
stable-3.7
stable-4.0
stable-4.1
stable-4.10
stable-4.11
stable-4.2
stable-4.3
stable-4.4
stable-4.5
stable-4.6
stable-4.7
stable-4.8
stable-4.9
stable-5.0
stable-5.1
v5.12.0.202106021050-rc1
v5.12.0.202106011439-rc1
v5.11.0.202103031150-rc1
v5.10.0.202012021225-rc1
v5.6.0.201912041214-rc1
v5.5.0.201909041048-rc1
v5.3.0.201903061415-rc1
v5.1.0.201809051400-rc1
v5.0.0.201806050710-rc3
v5.0.0.201805301535-rc2
v5.0.0.201805221745-rc1
v4.8.0.201705170830-rc1
v4.4.0.201606011500-rc2
v4.4.0.201605250940-rc1
v4.3.0.201603230630-rc1
v4.0.0.201506020755-rc3
v4.0.0.201505260635-rc2
v4.0.0.201505191015-rc1
v3.7.0.201502031740-rc1
v3.5.0.201409071800-rc1
v3.4.0.201406041058-rc3
v3.4.0.201405281120-rc2
v3.4.0.201405211411-rc1
v3.3.0.201402191814-rc1
v3.1.0.201309270735-rc1
v3.0.2.201309041250-rc2
v3.0.0.201306040240-rc3
v3.0.0.201305281830-rc2
v2.3.0.201302130906
v1.3.0.201202121842-rc4
v1.1.0.201109071825-rc3
v1.1.0.201109011030-rc2
v1.0.0.201106011211-rc3
v0.12.1
v0.11.3
v0.11.1
v0.10.1
v0.9.3
v0.9.1
v0.8.4
v0.8.1
v0.7.1
v0.7.0
v5.12.0.202106070339-r
v5.12.0.202105261145-m3
v5.12.0.202105051250-m2
v5.11.1.202105131744-r
v5.11.0.202103091610-r
v5.11.0.202102240950-m3
v5.11.0.202102031030-m2
v5.10.0.202012080955-r
v5.10.0.202011251205-m3
v5.10.0.202011041322-m2
v5.9.0.202009080501-r
v5.9.0.202008260805-m3
v5.8.1.202007141445-r
v5.8.0.202006091008-r
v5.8.0.202005061305-m2
v5.7.0.202003110725-r
v5.7.0.202003090808-r
v5.7.0.202002241735-m3
v5.7.0.202001151323-m1
v5.6.1.202002131546-r
v5.6.0.201912101111-r
v5.6.0.201911271000-m3
v5.5.1.201910021850-r
v5.5.0.201909110433-r
v5.5.0.201908280940-m3
v5.4.3.201909031940-r
v5.4.2.201908231537-r
v5.4.1.201908211225-r
v5.4.0.201906121030-r
v5.4.0.201905221418-m3
v5.4.0.201905081430-m2
v5.3.9.202012012026-r
v5.3.8.202011260953-r
v5.3.7.202002110540-r
v5.3.6.201910020505-r
v5.3.5.201909031855-r
v5.3.4.201908231101-r
v5.3.3.201908210735-r
v5.3.2.201906051522-r
v5.3.1.201904271842-r
v5.3.0.201903130848-r
v5.3.0.201901162155-m1
v5.3.0.201901161700-m1
v5.2.1.201812262042-r
v5.2.0.201812061821-r
v5.2.0.201811281532-m3
v5.1.16.202106041830-r
v5.1.15.202012011955-r
v5.1.14.202011251942-r
v5.1.13.202002110435-r
v5.1.12.201910011832-r
v5.1.11.201909031202-r
v5.1.10.201908230655-r
v5.1.9.201908210455-r
v5.1.8.201906050907-r
v5.1.7.201904200442-r
v5.1.6.201903130242-r
v5.1.5.201812261915-r
v5.1.4.201812251853-r
v5.1.3.201810200350-r
v5.1.2.201810061102-r
v5.1.1.201809181055-r
v5.1.0.201809111528-r
v5.1.0.201808281540-m3
v5.0.3.201809091024-r
v5.0.2.201807311906-r
v5.0.1.201806211838-r
v5.0.0.201806131550-r
v5.0.0.201805151920-m7
v4.11.9.201909030838-r
v4.11.8.201904181247-r
v4.11.7.201903122105-r
v4.11.6.201812241910-r
v4.11.5.201810191925-r
v4.11.4.201810060650-r
v4.11.3.201809181037-r
v4.11.2.201809100523-r
v4.11.1.201807311124-r
v4.11.0.201803080745-r
v4.10.0.201712302008-r
v4.9.10.201904181027-r
v4.9.9.201903122025-r
v4.9.8.201812241815-r
v4.9.7.201810191756-r
v4.9.6.201810051924-r
v4.9.5.201809180939-r
v4.9.4.201809090327-r
v4.9.3.201807311005-r
v4.9.2.201712150930-r
v4.9.1.201712030800-r
v4.9.0.201710071750-r
v4.8.0.201706111038-r
v4.7.9.201904161809-r
v4.7.8.201903121755-r
v4.7.7.201812240805-r
v4.7.6.201810191618-r
v4.7.5.201810051826-r
v4.7.4.201809180905-r
v4.7.3.201809090215-r
v4.7.2.201807261330-r
v4.7.1.201706071930-r
v4.7.0.201704051617-r
v4.6.1.201703071140-r
v4.6.0.201612231935-r
v4.5.7.201904151645-r
v4.5.6.201903121547-r
v4.5.5.201812240535-r
v4.5.4.201711221230-r
v4.5.3.201708160445-r
v4.5.2.201704071617-r
v4.5.1.201703201650-r
v4.5.0.201609210915-r
v4.4.1.201607150455-r
v4.4.0.201606070830-r
v4.4.0.201605041135-m1
v4.3.1.201605051710-r
v4.3.0.201604071810-r
v4.2.0.201601211800-r
v4.2.0.201511101648-m1
v4.1.2.201602141800-r
v4.1.1.201511131810-r
v4.1.0.201509280440-r
v4.0.1.201506240215-r
v4.0.0.201506090130-r
v4.0.0.201505050340-m2
v4.0.0.201503231230-m1
v3.7.1.201504261725-r
v3.7.0.201502260915-r
v3.6.2.201501210735-r
v3.6.1.201501031845-r
v3.6.0.201412230720-r
v3.6.0.201411121045-m1
v3.5.3.201412180710-r
v3.5.2.201411120430-r
v3.5.1.201410131835-r
v3.5.0.201409260305-r
v3.4.2.201412180340-r
v3.4.1.201406201815-r
v3.4.0.201406110918-r
v3.4.0.201405051725-m7
v3.3.2.201404171909-r
v3.3.1.201403241930-r
v3.3.0.201403021825-r
v3.2.0.201312181205-r
v3.2.0.201311130903-m3
v3.1.0.201310021548-r
v3.0.3.201309161630-r
v3.0.2.201311090911-r
v3.0.0.201306101825-r
v3.0.0.201305080800-m7
v2.3.1.201302201838-r
v2.2.0.201212191850-r
v2.1.0.201209190230-r
v2.0.0.201206130900-r
v1.3.0.201202151440-r
v1.2.0.201112221803-r
v1.1.0.201109151100-r
v1.0.0.201106090707-r
v1.0.0.201106081625-r
v1.0.0.201106071701-r
v1.0.0.201106051725-r
spearce-gpg-pub
6 Commits (5c5f7c6b146b24f2bd4afae1902df85ad6e57ea3)
6 Commits (5c5f7c6b146b24f2bd4afae1902df85ad6e57ea3)
| Author | SHA1 | Message | Date |
|---|---|---|---|
 Matthias Sohn
|
5c5f7c6b14 |
Update EDL 1.0 license headers to new short SPDX compliant format
This is the format given by the Eclipse legal doc generator [1]. [1] https://www.eclipse.org/projects/tools/documentation.php?id=technology.jgit Bug: 548298 Change-Id: I8d8cabc998ba1b083e3f0906a8d558d391ffb6c4 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> |
4 years ago |
 Thomas Wolf
|
3a3c8de85c |
sshd: add missing javadoc in SshTestGitServer
Change-Id: Ie2e207eb05e0f6da8018153f8a5dd636e8f35f4c Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> |
4 years ago |
|
Thomas Wolf
|
b8a514fdcb |
sshd: correct the protocol version exchange
RFC 4253 section 4.2 allows an ssh server to send additional lines before its server identification string. Apache MINA sshd enforces for these lines the constraints specified for the server identification line, too: no NUL characters and not longer than 255 characters. That is too strict. RFC 4253 doesn't mandate this, and it also doesn't make sense given the rationale for these lines in RFC 4253: a TCP wrapper may not be aware of SSH restrictions, and may not adhere to these constraints. Be more lenient when parsing the server's protocol version. Allow NULs and longer lines in the preamble, and also handle line endings more leniently. Only enforce the restrictions for the actual server identification line. Bug: 545939 Change-Id: I75955e9d8a8daef7c04fc0f39539c2ee93514e1c Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> |
4 years ago |
|
Thomas Wolf
|
86cee68e0d |
Apache MINA sshd client: adapt to sshd 2.2.0
Update target platforms, maven and bazel builds to use sshd 2.2.0. Adapt internal classes to changed sshd interfaces and remove previous work-arounds for asking repeatedly for key passwords and for loading keys lazily; both are now done by sshd. CQ: 19034 CQ: 19035 Bug: 541425 Change-Id: I85e1df6ebb8a94953a912d9b2b8a7b5bdfbd608a Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> |
5 years ago |
|
Thomas Wolf
|
00b235f0b8 |
Apache MINA sshd client: test & fix password authentication
Add tests for password and keyboard-interactive authentication. Implement password authentication; the default provided by sshd is non-interactive, which is not useful for JGit. Make sure the CredentialsProvider gets reset on successive password retrieval attempts. Otherwise it might always return the same non- accepted password from a secure storage. (That one was discovered by actually trying this via EGit; the JGit tests don't catch this.) Change the default order of authentication mechanisms to prefer password over keyboard-interactive. This is a mitigation for upstream bug SSHD-866.[1] Also include a fix for upstream bug SSHD-867.[2] [1] https://issues.apache.org/jira/projects/SSHD/issues/SSHD-866 [2] https://issues.apache.org/jira/projects/SSHD/issues/SSHD-867 Bug: 520927 Change-Id: I423e548f06d3b51531016cf08938c8bd7acaa2a9 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> |
5 years ago |
|
Thomas Wolf
|
1316d43e51 |
Move SshTestGitServer to new bundle org.eclipse.jgit.junit.ssh
Create the bundle and move the SshTestGitServer there. Verified that the Eclipse build still works and ran JSchSshTest and ApacheSshTest as junit tests inside Eclipse. Update maven build and features to account for that. Verified by running full maven build including packaging. Update bazel build files to account for that. Verified by a clean-slate bazel build :all, followed by running the JSchSshTest and the ApacheSshTest via bazel. Change-Id: Ia084942f4425b454529de148e00417e7da786a90 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> |
5 years ago |
|
Thomas Wolf
|
ec1116627f |
Apache MINA sshd client: properly handle HostKeyAlgorithms config
By default sshd will use its default built-in list, which matches the one of openssh (as far as the algorithms exist in sshd at all). But it doesn't handle HostKeyAlgorithms from the ssh config at all. Implement this as in openssh, including the '+' and '-' modifiers and reordering the default if there are known host keys for a server already. Add tests for the reordering. Also use a more robust reader for the known hosts file. The default aborts on the first error. Bug: 520927 Change-Id: Ib1684440bfe2e96140536aa1a93c4bd4a0d35916 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> |
5 years ago |
|
Thomas Wolf
|
8001f4c1fe |
Apache MINA sshd client: add gssapi-with-mic authentication
sshd does support gssapi-with-mic on the server side, but has no built-in client-side support for this authentication mechanism. Add our own implementation for it, following RFC 4462.[1] To avoid needlessly re-trying mechanisms that aren't even configured on the client, we disable mechanisms that fail on the very first attempt to use them. Since we have no real Kerberos5 test setup, this cannot be fully tested in CI. The disabling of the authentication mechanism and that it is skipped when not successful _is_ tested. [1] https://www.ietf.org/rfc/rfc4462.txt Bug: 520927 Change-Id: I5d0cdb14103588a57c52f927df541b589ab88d88 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> |
5 years ago |
|
Thomas Wolf
|
0173b25415 |
Add more ssh tests: pushing, known_host file handling, etc.
Add support for git-receive-pack to the ssh git server and add two new tests for pushing. This actually uncovered an undocumented requirement in TransportSftp: the FTP rename operation assumes POSIX semantics, i.e., that the target is removed. This works as written only for servers that support and advertise the "posix-rename@openssh.com" FTP extension. Our little Apache MINA server does not advertise this extension. Fix the FtpChannel implementation for Jsch to handle this case in a meaningful way so that it can pass the new "push over sftp" test. Add more tests to test the behavior of server host key checking. Also refactor the tests generally to separate better the test framework from the actual tests. Bug: 520927 Change-Id: Ia4bb85e17ddacde7b36ee8c2d5d454bbfa66dfc3 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> |
5 years ago |
|
Thomas Wolf
|
08b0a8632d |
Ssh tests with an Apache MINA sshd test git server
Add a simple ssh git server based on Apache MINA sshd, and use it in new tests that verify ssh operations and in particular a number of bugs that had cropped up over time in JSch. The git server supports fetching only, and sftp access. The tests are all in an abstract base class; the concrete JschSshTest class only provides ssh-specific test setup. So the same tests could be run easily also with some other ssh client. Bug: 520927 Change-Id: Ide6687b717fb497a29fc83f22b07390a26dfce1d Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> |
5 years ago |