From 2345cc88d0ed7b6d639ba7a1874f2200f3b21df1 Mon Sep 17 00:00:00 2001
From: Thomas Wolf <thomas.wolf@paranor.ch>
Date: Mon, 22 Mar 2021 12:20:52 +0100
Subject: [PATCH] sshd: don't lock the known_hosts files on reading

Similar to git config file reading lock the file only when writing.
There may still be lock conflicts on writing, but those in the worst
case result in an entry not being added and thus being asked for later
again.

Because the OpenSshServerkeyDatabase and its HostKeyFiles may be (and
usually are) shared between different SSH sessions, we still need to
ensure in-process mutual exclusion.

Bug: 559548
Change-Id: I4af97628deff9eaac2520576917c856949f2680d
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
---
 .../transport/sshd/SshdText.properties        |  1 -
 .../sshd/OpenSshServerKeyDatabase.java        | 31 ++++++-------------
 .../internal/transport/sshd/SshdText.java     |  1 -
 3 files changed, 10 insertions(+), 23 deletions(-)

diff --git a/org.eclipse.jgit.ssh.apache/resources/org/eclipse/jgit/internal/transport/sshd/SshdText.properties b/org.eclipse.jgit.ssh.apache/resources/org/eclipse/jgit/internal/transport/sshd/SshdText.properties
index 9c604f214..5bc086767 100644
--- a/org.eclipse.jgit.ssh.apache/resources/org/eclipse/jgit/internal/transport/sshd/SshdText.properties
+++ b/org.eclipse.jgit.ssh.apache/resources/org/eclipse/jgit/internal/transport/sshd/SshdText.properties
@@ -24,7 +24,6 @@ keyEncryptedPrompt=Passphrase
 keyEncryptedRetry=Encrypted key ''{0}'' could not be decrypted. Enter the passphrase again.
 keyLoadFailed=Could not load key ''{0}''
 knownHostsCouldNotUpdate=Could not update known hosts file {0}
-knownHostsFileLockedRead=Could not read known hosts file (locked) {0}
 knownHostsFileLockedUpdate=Could not update known hosts file (locked) {0}
 knownHostsFileReadFailed=Failed to read known hosts file {0}
 knownHostsInvalidLine=Known hosts file {0} contains invalid line {1}
diff --git a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyDatabase.java b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyDatabase.java
index 47e09b75d..1a530b774 100644
--- a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyDatabase.java
+++ b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/OpenSshServerKeyDatabase.java
@@ -21,6 +21,7 @@
 import java.net.SocketAddress;
 import java.nio.file.Files;
 import java.nio.file.InvalidPathException;
+import java.nio.file.NoSuchFileException;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.security.GeneralSecurityException;
@@ -561,29 +562,17 @@ public HostKeyFile(Path path) {
 		@Override
 		public List<HostEntryPair> get() {
 			Path path = getPath();
-			try {
-				if (checkReloadRequired()) {
-					if (!Files.exists(path)) {
-						// Has disappeared.
-						resetReloadAttributes();
-						return Collections.emptyList();
-					}
-					LockFile lock = new LockFile(path.toFile());
-					if (lock.lock()) {
-						try {
-							entries = reload(getPath());
-						} finally {
-							lock.unlock();
-						}
-					} else {
-						LOG.warn(format(SshdText.get().knownHostsFileLockedRead,
-								path));
+			synchronized (this) {
+				try {
+					if (checkReloadRequired()) {
+						entries = reload(getPath());
 					}
+				} catch (IOException e) {
+					LOG.warn(format(SshdText.get().knownHostsFileReadFailed,
+							path));
 				}
-			} catch (IOException e) {
-				LOG.warn(format(SshdText.get().knownHostsFileReadFailed, path));
+				return Collections.unmodifiableList(entries);
 			}
-			return Collections.unmodifiableList(entries);
 		}
 
 		private List<HostEntryPair> reload(Path path) throws IOException {
@@ -616,7 +605,7 @@ private List<HostEntryPair> reload(Path path) throws IOException {
 					}
 				}
 				return newEntries;
-			} catch (FileNotFoundException e) {
+			} catch (FileNotFoundException | NoSuchFileException e) {
 				resetReloadAttributes();
 				return Collections.emptyList();
 			}
diff --git a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/SshdText.java b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/SshdText.java
index 99e382aae..73c2288cc 100644
--- a/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/SshdText.java
+++ b/org.eclipse.jgit.ssh.apache/src/org/eclipse/jgit/internal/transport/sshd/SshdText.java
@@ -44,7 +44,6 @@ public static SshdText get() {
 	/***/ public String keyEncryptedRetry;
 	/***/ public String keyLoadFailed;
 	/***/ public String knownHostsCouldNotUpdate;
-	/***/ public String knownHostsFileLockedRead;
 	/***/ public String knownHostsFileLockedUpdate;
 	/***/ public String knownHostsFileReadFailed;
 	/***/ public String knownHostsInvalidLine;