* master: (38 commits)
Revert "DFS block cache: Refactor to enable parallel index loading"
GitServlet: allow to override default error handlers
Silence API error for new interface method ProtocolV2Hook#onObjectInfo
transport: add object-info capability
Ignore IllegalStateException if JVM is already shutting down
Update orbit to R20210825222808 for 2021-09
Update spotbugs-maven-plugin to 4.3.0
Update ant to 1.10.11 also in pom.xml
DFS block cache: add additional stats to DfsReaderIoStats
Update Orbit to S20210817231813
[gpg] Better GPG home directory determination
FS: cleanup use of final modifier
Ensure FS#searchPath only selects executable files
RevWalk: getMergedInto's result is wrong on the second call
DFS block cache: Refactor to enable parallel index loading
[test] Create keystore with the keytool of the running JDK
[gpg] Update to Bouncy Castle 1.69
[test] Create keystore with the keytool of the running JDK
[sshd] Minor code clean-up
Support commit.template config property
...
Change-Id: I9f99e9a513a23c0c0d252334e79c351512d7355e
Update
- com.google.gson to 2.8.7.v20210624-1215
- javaewah to 1.1.12.v20210622-2206
- org.apache.sshd.osgi to 2.7.0.v20210623-0618
- org.apache.sshd.sftp to 2.7.0.v20210623-0618
- org.tukaani.xz to 1.9.0.v20210624-1259
- Apache MINA sshd to 2.7.0
- Remove work-arounds for problems resolved upstream since 2.6.0, and
adapt to upstream API changes.
- update DEPENDENCIES.
CQ: 23469
CQ: 23470
CQ: 23496
CQ: 23497
CQ: 23498
Bug: 574220
Change-Id: I898b216c3492f8488fbf25fa4b49f1250f86f3c8
Also-by: David Ostrovsky <david@ostrovsky.org>
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* master: (34 commits)
Remove texts which were added by mistake in 00386272
Fix formatting which was broken in 00386272
LockFile: create OutputStream only when needed
Add a cgit interoperability test for LockFile
Add TemporaryBuffer.toString(int limit)
LockFile: create OutputStream only when needed
Prepare 5.12.0-SNAPSHOT builds
JGit v5.12.0.202105051250-m2
Update jetty to 9.4.40.v20210413
[releng] Update eclipse-jarsigner-plugin to 1.3.1
Implement ours/theirs content conflict resolution
ssh: ensure list is modifiable before using Iterator.remove().
Update orbit to S20210406213021 and add 4.20-staging target
Fix typo in test method name
Allow file mode conflicts in virtual base commit on recursive merge.
sshd: don't lock the known_hosts files on reading
Allow info messages in UsernamePasswordCredentialsProvider
ssh config: do environment variable replacement
sshd: implement server-sig-algs SSH extension (client side)
Upgrade ecj to 3.25.0
...
Change-Id: Ibc39a9c4e431d15b67ab4a307241f47a7f3740a9
Apache MINA sshd has an implementation of this, but it doesn't comply
to RFC 8308 [1] and it is buggy. (See SSHD-1141 [2].)
Add a simpler KexExtensionHandler and if the server sends extension
server-sig-algs, use its value to re-order the chosen signature
algorithms such that the algorithms the server announced as supported
are at the front.
If the server didn't tell us anything, don't do anything. RFC 8308
suggests for RSA to default to ssh-rsa, but says once rsa-sha2-* was
"widely enough" adopted, defaulting to that might be OK.
Currently we seem to be in a transition phase; Fedora 33 has already
disabled ssh-rsa by default, and openssh is about to do so. Whatever
we might do without info from the server, it'd be good for some servers
and bad for others. So don't do anything and let the user re-order via
ssh config PubkeyAcceptedAlgorithms on a case-by-case basis.
[1] https://tools.ietf.org/html/rfc8308
[2] https://issues.apache.org/jira/browse/SSHD-1141
Bug: 572056
Change-Id: I59aa691a030ffe0fae54289df00ca5c6e165817b
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* master: (143 commits)
Prepare 5.11.0-SNAPSHOT builds
JGit v5.11.0.202102240950-m3
[releng] japicmp: update last release version
IgnoreNode: include path to file for invalid .gitignore patterns
FastIgnoreRule: include bad pattern in log message
init: add config option to set default for the initial branch name
init: allow specifying the initial branch name for the new repository
Fail clone if initial branch doesn't exist in remote repository
GPG: fix reading unprotected old-format secret keys
Update Orbit to S20210216215844
Add missing bazel dependency for o.e.j.gpg.bc.test
GPG: handle extended private key format
dfs: handle short copies
[GPG] Provide a factory for the BouncyCastleGpgSigner
Fix boxing warnings
GPG: compute the keygrip to find a secret key
GPG signature verification via BouncyCastle
Post commit hook failure should not cause commit failure
Allow to define additional Hook classes outside JGit
GitHook: use default charset for output and error streams
...
Change-Id: I689f4070e79f4a0ac1c02b35698ccaab68ad2f34
Re-enable DSA, DSA_CERT, and RSA_CERT public key authentication.
DSA is discouraged for a long time already, but it might still be
way too disruptive to completely drop it. RSA is discouraged for
far less long, and dropping that would be really disruptive.
Adapt to the changed property handling. Remove work-arounds for
shortcomings of earlier sshd versions.
Use Orbit I20210203173513, which includes sshd 2.6.0. This also bumps
apache.httpclient to 4.5.13 and apache.httpcore to 4.4.14.
Change-Id: I2d24a1ce4cc9f616a94bb5c4bdaedbf20dc6638e
Signed-off-by: David Ostrovsky <david@ostrovsky.org>
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* master:
Remove unused imports
Silence API warnings
Remove erraneously merged source features
Add support for reading symrefs from pack capabilities
Prepare 5.3.9-SNAPSHOT builds
JGit v5.3.8.202011260953-r
Prepare 5.1.15-SNAPSHOT builds
JGit v5.1.14.202011251942-r
GC#deleteOrphans: log warning for deleted orphaned files
GC#deleteOrphans: handle failure to list files in pack directory
Ensure that GC#deleteOrphans respects pack lock
Prepare 5.10.0-SNAPSHOT builds
JGit v5.10.0.202011251205-m3
PacketLineIn: ensure that END != DELIM
Update Orbit to S20201118210000 and add target for 4.18
PacketLineIn: ensure that END != DELIM
PacketLineIn: ensure that END != DELIM
Allow to resolve a conflict by checking out a file
Update Orbit to I20201111205634
Document that setLastModified sets time of symlink target
Fix bug in PerformanceLogContext
Fix IOException occurring during gc
Prepare 5.10.0-SNAPSHOT builds
JGit v5.10.0.202011041322-m2
Revert "Client-side protocol V2 support for fetching"
Close Repository to fix tests failing on Windows
Client-side protocol V2 support for fetching
Update slf4j to 1.7.30
Update Orbit to S20201027182932 (2020-12 M2)
Fix formatting of config option values
Document options in core section supported by JGit
Ensure .gitmodules is loaded when accessing submodule name
Export new package org.eclipse.jgit.logging and import it where used
Ensure GC.deleteOrphans() can delete read-only orphaned files on Windows
Add new performance logging
Implement git describe --all
Compute time differences with Duration
Override config http.userAgent from environment GIT_HTTP_USER_AGENT
Upgrade spotbugs-maven-plugin to 4.1.3
Fix OperatorPrecedence warning flagged by error prone
UploadPackTest#testUploadRedundantBytes: ensure test repo is closed
ObjectDirectory#selectObjectRepresentation: fix formatting
Upgrade ecj to 3.23.0
Support "http.userAgent" and "http.extraHeader" from the git config
sshd: better error report when user cancels authentication
API filters for PackStatistics.Accumulator
Add TypedConfigGetter.getPath()
Make Javadoc consistent for PackStatistics fields
Measure time taken for reachability checks
Measure time taken for negotiation in protocol V2
IndexDiffFilter: handle path prefixes correctly
sshd: support the ProxyJump ssh config
Upgrade jacoco-maven-plugin to 0.8.6
ReceivePackStats: Add size and count of unnecessary pushed objects
Upgrade maven-project-info-reports-plugin to 3.1.1
Prepare 5.9.1-SNAPSHOT builds
JGit v5.9.0.202009080501-r
[releng] Enable japicmp for the fragments added in 5.8.0
GitlinkMergeTest: fix boxing warnings
Remove unused API problem filters
Add missing since tag on BundleWriter#addObjectsAsIs
SshdSession: close channel gracefully
GPG: include signer's user ID in the signature
jgit: Add DfsBundleWriter
Bump Bazel version to 3.5.0
Upgrade maven-resources-plugin to 3.2.0
Upgrade plexus-compiler version to 2.8.8
[bazel] Add missing dependency to slf4j-api
[errorprone] DirCacheEntry: make clear operator precedence
[errorprone] PackWriter#parallelDeltaSearch: avoid suppressed exception
[errorprone] Declare DirCache#version final
Add jgit-4.17-staging target platform for 2020-09
Update target platform to R20200831200620
Prepare 5.10.0-SNAPSHOT builds
Prepare 5.9.0-SNAPSHOT builds
ResolveMerger: do not content-merge gitlinks on del/mod conflicts
ResolveMerger: Adding test cases for GITLINK deletion
ResolveMerger: choose OURS on gitlink when ignoreConflicts
ResolveMerger: improving content merge readability
ResolveMerger: extracting createGitLinksMergeResult method
ResolveMerger: Adding test cases for GITLINK merge
JGit v5.9.0.202008260805-m3
Fix possible NegativeArraySizeException in PackIndexV1
FS: use binary search to determine filesystem timestamp resolution
Do not prematurely create directory of jgit's XDG config file
FS: write to JGit config in a background thread
FS: don't cache fallback if running in background
Keep line endings for text files committed with CR/LF on text=auto
Delay WindowCache statistics JMX MBean registration
[releng] Update plexus-compiler to 2.8.7
DirCache: support index V4
Update javadoc for RemoteSession and SshSessionFactory
Fix JSchProcess.waitFor() with time-out
sshd: work around a race condition in Apache MINA sshd 2.4.0/2.5.x
sshd: store per-session data on the sshd session object
FilterSpec: Use BigInteger.ZERO instead of valueOf(0)
Do not send empty blob in response to blob:none filter
Add support for tree filters when fetching
sshd: use PropertyResolver in test
FS_POSIX: avoid prompt to install the XCode tools on OS X
Remove dependency on JSch from SSH test framework
Use LinkedBlockingQueue for executor determining filesystem attributes
Update API warning filters
Remove unused imports
Bazel: Add workspace status command to stamp final artifact
DiffFormatter: correctly deal with tracked files in ignored folders
Prepare 5.8.2-SNAPSHOT builds
JGit v5.8.1.202007141445-r
Update Jetty to 9.4.30.v20200611
Fix writing GPG signatures with trailing newline
Rename a test method
Add a test for upstream bug SSHD-1028
Improve error message when receive.maxCommandBytes is exceeded
LfsConnectionFactory#getLfsUrl: Fix unconditional break in for-loop
DiffFormatterTest: Add a test to confirm the default rename detection settings
Upgrade maven-site-plugin to 3.9.1
Upgrade build-helper-maven-plugin to 3.2.0
Upgrade spotbugs to 4.0.4
MergedReftable: Include the last reftable in determining minUpdateIndex
Add new osgi fragments to maven-central deploy scripts
PackBitmapIndex: Not buffer inflated bitmap during bitmap creation.
Do not require org.assertj.core.annotations
Upgrade ecj to 3.22.0
Remove workaround for signing jars using Tycho plugins
Use https for URL of jgit website
Fix CI information in pom.xml
Use gitiles as scm url in pom.xml for browsing source code
Update API baseline to 5.8.0.202006091008-r
Remove trailing whitespace
Change-Id: Ie6bc6954741a47cfbd32c0886bdbd7b594f08b31
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
This is useful to access git repositories behind a bastion server
(jump host).
Add a constant for the config; rewrite the whole connection initiation
to parse the value and (recursively) set up the chain of hops. Add
tests for a single hop and two different ways to configure a two-hop
chain.
The connection timeout applies to each hop in the chain individually.
Change-Id: Idd25af95aa2ec5367404587e4e530b0663c03665
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* master:
Prepare 5.8.0-SNAPSHOT builds
JGit v5.8.0.202005061305-m2
Update to bouncycastle 1.65 and orbit I20200506000552
ApplyCommand: use Files#copy to copy file
Apply hunks when renaming or copying from patch files
Create parent directories when renaming a file in ApplyCommand
Reduce BitmappedObjectReachabilityChecker visibility
Add missing @since to new API
Add missing test source file to the build
Upgrade Tycho to 1.7.0
ObjectReachabilityCheckers: Make walk member final
Upgrade wagon-ssh to 3.4.0
UploadPack: Use more relevant refs first in object reachability check
UploadPack: Refactor to generalize the object reachability checks
UploadPack: Use BitmappedReachabilityChecker for not advertised wants
revwalk: Introduce bitmap-based object reachability checker
Bump Bazel version to 3.1.0
revwalk: Extract ObjectReachabilityChecker interface
UploadPack: Extract walk-based reachability check
Enable passing java options to jgit command line executable
RefTreeBatch: fix unclosed resource warning
CherryPickCommand: fix unclosed resource warning
URIish: suppress non-localized message warning
Always use https to access download.eclipse.org
UploadPack: Clear advertised ref map after negotiation
Use Map directly in MetaFilter
Fix human name for local .bundle files
Bazel: Disable SecurityManagerMissingPermissionsTest test
Remove double blank from sentence start
Upgrade maven-antrun-plugin to 3.0.0
Upgrade maven-shade-plugin to 3.2.3
Remove double blank from sentence start
Bump Bazel version to 3.0.0
Scan through all merged reftables for max/min update indices
FileUtils: improve delete (Windows)
FS.runInShell(): handle quoted filters and hooksPath containing blanks
Document gc and pack relevant options
Define constants for pack config option keys
Fix javadoc typo
Upgrade ecj to 3.21.0
ReceivePack: Use error message if set
Handle non-normalized index also for executable files
Update to org.apache.sshd 2.4.0
Scan through all merged reftables for max/min update indices
ResolveMerger: Ignore merge conflicts if asked so
Upgrade spotbugs-maven-plugin to 4.0.0
Upgrade maven-javadoc-plugin to 3.2.0
Upgrade maven-dependency-plugin to 3.1.2
tag option for clone command
Set baseline for japicmp to 5.7.0.202003110725-r
RevWalk: fix bad topo flags error message
RevWalk: new topo sort to not mix lines of history
Upgrade maven-site-plugin to 3.9.0
Upgrade build-helper-maven-plugin to 3.1.0
Prepare 5.7.1-SNAPSHOT builds
JGit v5.7.0.202003110725-r
TransportHttp: support HTTP response 308 Permanent Redirect
Remove unused API problem filters
Change-Id: Ifc0c42fd3881b6026b0dcf7a2eb599e7cdede67e
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Change target platforms to Orbit I20200319180910 and regenerate them.
Change package imports to [2.4.0,2.5.0); adapt code to upstream API
changes.
Maven build: update version in root pom.
Bazel build: update version & hash in WORKSPACE file.
Proxy functionality verified manually using 3proxy (HTTP & SOCKS,
with basic authentication) and ssh -vvv -D7020 localhost (SOCKS, no
authentication).
Bug: 561078
Change-Id: I582f6b98055b013c006f2c749890fe6db801cbaa
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Purpose of the next branch is preparation of breaking changes before
we know when we will release it. Bump the version to the next major
release 6.0.0-SNAPSHOT in order to prevent build results compete with
build results from the version currently used on the master branch
(5.7.0-SNAPSHOT).
Bug: 560424
Change-Id: Iba64a0124f5bfc167098d829a7ef29650948e2d0
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
The placeholders in manifest and plugin.properties did not match. To
avoid similar issues, all placeholders have been changed to
Bundle-Vendor and Bundle-Name now.
Bug:548503
Change-Id: Ibd4b9bc237b323e614506b97e5fbc99416365040
Signed-off-by: Michael Keppler <Michael.Keppler@gmx.de>
Add encrypted ed25519 keys in the tests; sshd 2.2.0 can finally
decrypt encrypted new-style OpenSSH key files. (Needs the "unlimited
strength" JCE, which is the default since Java 8u161. On older JREs,
users should install the policy files available from Oracle.)
The "expensive" key added has been generated with OpenSSH's
ssh-keygen -t ed25519 -a 256, i.e., with 256 bcrypt KDF rounds
instead of the default 16. On my machine it takes about 2sec to
decrypt.
Bug: 541703
Change-Id: Id3872ca2fd75d8f009cbc932eeb6357d3d1f267c
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Update target platforms, maven and bazel builds to use sshd 2.2.0.
Adapt internal classes to changed sshd interfaces and remove previous
work-arounds for asking repeatedly for key passwords and for loading
keys lazily; both are now done by sshd.
CQ: 19034
CQ: 19035
Bug: 541425
Change-Id: I85e1df6ebb8a94953a912d9b2b8a7b5bdfbd608a
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Include the net.i2p.crypto.eddsa bundle via a hard dependency.
Add tests for dealing with ed25519 host keys and user key files.
Manual tests: fetching from git.eclipse.org with an ed25519 user key,
and pushing this change itself using the same ed25519 key.
Note that sshd 2.0.0 does not yet support encrypted ed25519 private
keys.
Bug: 541272
Change-Id: I7072f4014d9eca755b4a2412e19c086235e5eae9
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>