Tree:
8edde18c8c
master
next
stable-5.10
stable-5.11
stable-5.12
stable-5.2
stable-5.3
stable-5.4
stable-5.5
stable-5.6
stable-5.7
stable-5.8
stable-5.9
stable-0.10
stable-0.11
stable-0.12
stable-0.7
stable-0.8
stable-0.9
stable-1.0
stable-1.1
stable-1.2
stable-1.3
stable-2.0
stable-2.1
stable-2.2
stable-2.3
stable-3.0
stable-3.1
stable-3.2
stable-3.3
stable-3.4
stable-3.5
stable-3.6
stable-3.7
stable-4.0
stable-4.1
stable-4.10
stable-4.11
stable-4.2
stable-4.3
stable-4.4
stable-4.5
stable-4.6
stable-4.7
stable-4.8
stable-4.9
stable-5.0
stable-5.1
v5.12.0.202106021050-rc1
v5.12.0.202106011439-rc1
v5.11.0.202103031150-rc1
v5.10.0.202012021225-rc1
v5.6.0.201912041214-rc1
v5.5.0.201909041048-rc1
v5.3.0.201903061415-rc1
v5.1.0.201809051400-rc1
v5.0.0.201806050710-rc3
v5.0.0.201805301535-rc2
v5.0.0.201805221745-rc1
v4.8.0.201705170830-rc1
v4.4.0.201606011500-rc2
v4.4.0.201605250940-rc1
v4.3.0.201603230630-rc1
v4.0.0.201506020755-rc3
v4.0.0.201505260635-rc2
v4.0.0.201505191015-rc1
v3.7.0.201502031740-rc1
v3.5.0.201409071800-rc1
v3.4.0.201406041058-rc3
v3.4.0.201405281120-rc2
v3.4.0.201405211411-rc1
v3.3.0.201402191814-rc1
v3.1.0.201309270735-rc1
v3.0.2.201309041250-rc2
v3.0.0.201306040240-rc3
v3.0.0.201305281830-rc2
v2.3.0.201302130906
v1.3.0.201202121842-rc4
v1.1.0.201109071825-rc3
v1.1.0.201109011030-rc2
v1.0.0.201106011211-rc3
v0.12.1
v0.11.3
v0.11.1
v0.10.1
v0.9.3
v0.9.1
v0.8.4
v0.8.1
v0.7.1
v0.7.0
v5.12.0.202106070339-r
v5.12.0.202105261145-m3
v5.12.0.202105051250-m2
v5.11.1.202105131744-r
v5.11.0.202103091610-r
v5.11.0.202102240950-m3
v5.11.0.202102031030-m2
v5.10.0.202012080955-r
v5.10.0.202011251205-m3
v5.10.0.202011041322-m2
v5.9.0.202009080501-r
v5.9.0.202008260805-m3
v5.8.1.202007141445-r
v5.8.0.202006091008-r
v5.8.0.202005061305-m2
v5.7.0.202003110725-r
v5.7.0.202003090808-r
v5.7.0.202002241735-m3
v5.7.0.202001151323-m1
v5.6.1.202002131546-r
v5.6.0.201912101111-r
v5.6.0.201911271000-m3
v5.5.1.201910021850-r
v5.5.0.201909110433-r
v5.5.0.201908280940-m3
v5.4.3.201909031940-r
v5.4.2.201908231537-r
v5.4.1.201908211225-r
v5.4.0.201906121030-r
v5.4.0.201905221418-m3
v5.4.0.201905081430-m2
v5.3.9.202012012026-r
v5.3.8.202011260953-r
v5.3.7.202002110540-r
v5.3.6.201910020505-r
v5.3.5.201909031855-r
v5.3.4.201908231101-r
v5.3.3.201908210735-r
v5.3.2.201906051522-r
v5.3.1.201904271842-r
v5.3.0.201903130848-r
v5.3.0.201901162155-m1
v5.3.0.201901161700-m1
v5.2.1.201812262042-r
v5.2.0.201812061821-r
v5.2.0.201811281532-m3
v5.1.16.202106041830-r
v5.1.15.202012011955-r
v5.1.14.202011251942-r
v5.1.13.202002110435-r
v5.1.12.201910011832-r
v5.1.11.201909031202-r
v5.1.10.201908230655-r
v5.1.9.201908210455-r
v5.1.8.201906050907-r
v5.1.7.201904200442-r
v5.1.6.201903130242-r
v5.1.5.201812261915-r
v5.1.4.201812251853-r
v5.1.3.201810200350-r
v5.1.2.201810061102-r
v5.1.1.201809181055-r
v5.1.0.201809111528-r
v5.1.0.201808281540-m3
v5.0.3.201809091024-r
v5.0.2.201807311906-r
v5.0.1.201806211838-r
v5.0.0.201806131550-r
v5.0.0.201805151920-m7
v4.11.9.201909030838-r
v4.11.8.201904181247-r
v4.11.7.201903122105-r
v4.11.6.201812241910-r
v4.11.5.201810191925-r
v4.11.4.201810060650-r
v4.11.3.201809181037-r
v4.11.2.201809100523-r
v4.11.1.201807311124-r
v4.11.0.201803080745-r
v4.10.0.201712302008-r
v4.9.10.201904181027-r
v4.9.9.201903122025-r
v4.9.8.201812241815-r
v4.9.7.201810191756-r
v4.9.6.201810051924-r
v4.9.5.201809180939-r
v4.9.4.201809090327-r
v4.9.3.201807311005-r
v4.9.2.201712150930-r
v4.9.1.201712030800-r
v4.9.0.201710071750-r
v4.8.0.201706111038-r
v4.7.9.201904161809-r
v4.7.8.201903121755-r
v4.7.7.201812240805-r
v4.7.6.201810191618-r
v4.7.5.201810051826-r
v4.7.4.201809180905-r
v4.7.3.201809090215-r
v4.7.2.201807261330-r
v4.7.1.201706071930-r
v4.7.0.201704051617-r
v4.6.1.201703071140-r
v4.6.0.201612231935-r
v4.5.7.201904151645-r
v4.5.6.201903121547-r
v4.5.5.201812240535-r
v4.5.4.201711221230-r
v4.5.3.201708160445-r
v4.5.2.201704071617-r
v4.5.1.201703201650-r
v4.5.0.201609210915-r
v4.4.1.201607150455-r
v4.4.0.201606070830-r
v4.4.0.201605041135-m1
v4.3.1.201605051710-r
v4.3.0.201604071810-r
v4.2.0.201601211800-r
v4.2.0.201511101648-m1
v4.1.2.201602141800-r
v4.1.1.201511131810-r
v4.1.0.201509280440-r
v4.0.1.201506240215-r
v4.0.0.201506090130-r
v4.0.0.201505050340-m2
v4.0.0.201503231230-m1
v3.7.1.201504261725-r
v3.7.0.201502260915-r
v3.6.2.201501210735-r
v3.6.1.201501031845-r
v3.6.0.201412230720-r
v3.6.0.201411121045-m1
v3.5.3.201412180710-r
v3.5.2.201411120430-r
v3.5.1.201410131835-r
v3.5.0.201409260305-r
v3.4.2.201412180340-r
v3.4.1.201406201815-r
v3.4.0.201406110918-r
v3.4.0.201405051725-m7
v3.3.2.201404171909-r
v3.3.1.201403241930-r
v3.3.0.201403021825-r
v3.2.0.201312181205-r
v3.2.0.201311130903-m3
v3.1.0.201310021548-r
v3.0.3.201309161630-r
v3.0.2.201311090911-r
v3.0.0.201306101825-r
v3.0.0.201305080800-m7
v2.3.1.201302201838-r
v2.2.0.201212191850-r
v2.1.0.201209190230-r
v2.0.0.201206130900-r
v1.3.0.201202151440-r
v1.2.0.201112221803-r
v1.1.0.201109151100-r
v1.0.0.201106090707-r
v1.0.0.201106081625-r
v1.0.0.201106071701-r
v1.0.0.201106051725-r
spearce-gpg-pub
4 Commits (8edde18c8c3240dadd7f3411d2065d8df28cdc5c)
4 Commits (8edde18c8c3240dadd7f3411d2065d8df28cdc5c)
| Author | SHA1 | Message | Date |
|---|---|---|---|
 Thomas Wolf
|
8edde18c8c |
sshd: implement server-sig-algs SSH extension (client side)
Apache MINA sshd has an implementation of this, but it doesn't comply to RFC 8308 [1] and it is buggy. (See SSHD-1141 [2].) Add a simpler KexExtensionHandler and if the server sends extension server-sig-algs, use its value to re-order the chosen signature algorithms such that the algorithms the server announced as supported are at the front. If the server didn't tell us anything, don't do anything. RFC 8308 suggests for RSA to default to ssh-rsa, but says once rsa-sha2-* was "widely enough" adopted, defaulting to that might be OK. Currently we seem to be in a transition phase; Fedora 33 has already disabled ssh-rsa by default, and openssh is about to do so. Whatever we might do without info from the server, it'd be good for some servers and bad for others. So don't do anything and let the user re-order via ssh config PubkeyAcceptedAlgorithms on a case-by-case basis. [1] https://tools.ietf.org/html/rfc8308 [2] https://issues.apache.org/jira/browse/SSHD-1141 Bug: 572056 Change-Id: I59aa691a030ffe0fae54289df00ca5c6e165817b Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> |
3 years ago |
|
Thomas Wolf
|
fd3edc7bfc |
sshd: try all configured signature algorithms for a key
For RSA keys, there may be several configured signature algorithms: rsa-sha2-512, rsa-sha2-256, and ssh-rsa. Upstream sshd has bug SSHD-1105 [1] and always and unconditionally uses only the first configured algorithm. With the default order, this means that it cannot connect to a server that knows only ssh-rsa, like for instance Apache MINA sshd servers older than 2.6.0. This affects for instance bitbucket.org or also AWS Code Commit. Re-introduce our own pubkey authenticator that fixes this. Note that a server may impose a penalty (back-off delay) for subsequent authentication attempts with signature algorithms unknown to the server. In such cases, users can re-order the signature algorithm list via the PubkeyAcceptedAlgorithms (formerly PubkeyAcceptedKeyTypes) ssh config. [1] https://issues.apache.org/jira/browse/SSHD-1105 Bug: 572056 Change-Id: I7fb9c759ab6532e5f3b6524e9084085ddb2f30d6 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> |
3 years ago |
|
Thomas Wolf
|
86cee68e0d |
Apache MINA sshd client: adapt to sshd 2.2.0
Update target platforms, maven and bazel builds to use sshd 2.2.0. Adapt internal classes to changed sshd interfaces and remove previous work-arounds for asking repeatedly for key passwords and for loading keys lazily; both are now done by sshd. CQ: 19034 CQ: 19035 Bug: 541425 Change-Id: I85e1df6ebb8a94953a912d9b2b8a7b5bdfbd608a Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> |
5 years ago |
|
Thomas Wolf
|
488d95571f |
Apache MINA sshd client
Add a new ssh client implementation based on Apach MINA sshd 2.0.0.
This implementation uses JGit's own config file parser and host entry
resolver. Code inspection of the Apache MINA implementation revealed
a few bugs or idiosyncrasies that immediately would re-introduce bugs
already fixed in the past in JGit.
Apache MINA sshd is not without quirks either, and I had to configure
and override more than I had expected. But at least it was all doable
in clean ways.
Apache MINA boasts support for Bouncy Castle, so in theory this should
open the way to using more ssh key algorithms, such as
|
5 years ago |
 Matthias Sohn
|
0210e0e299 |
Fix javadoc in org.eclipse.jgit annotations and api packages
Change-Id: I2761ea91f8dfed16ea54e7a6646af03a30c15ec9 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> |
6 years ago |
 David Pursehouse
|
3b4448637f |
Enable and fix warnings about redundant specification of type arguments
Since the introduction of generic type parameter inference in Java 7, it's not necessary to explicitly specify the type of generic parameters. Enable the warning in Eclipse, and fix all occurrences. Change-Id: I9158caf1beca5e4980b6240ac401f3868520aad0 Signed-off-by: David Pursehouse <david.pursehouse@gmail.com> |
7 years ago |
|
Matthias Sohn
|
c394d05a47 |
Add missing @since tags to mark API added in 2.0
Change-Id: I0a86ce0e393dfde9bb27f0b29e036e76c856396e Signed-off-by: Matthias Sohn <matthias.sohn@sap.com> Signed-off-by: Chris Aniszczyk <zx@twitter.com> |
12 years ago |
 Tomasz Zarna
|
92f90eb229 |
Add ApplyCommand to JGit API
Bug: 361548 CQ: 6243 Change-Id: I08e1369e142bb19f42a8d7bbb5a7d062cc8533fc Signed-off-by: Chris Aniszczyk <zx@twitter.com> |
12 years ago |
 Git Development Community
|
1a6964c827 |
Initial JGit contribution to eclipse.org
Per CQ 3448 this is the initial contribution of the JGit project
to eclipse.org. It is derived from the historical JGit repository
at commit
|
14 years ago |