Gitblit devel
parent: 282b8f | patch | commitdiff
David Ostrovsky
2014-03-16 75ebd391b88884581b1139c87c98bb687941a8fe
refs
author David Ostrovsky <david@ostrovsky.org>
Sunday, March 16, 2014 13:28 -0400
committer James Moger <james.moger@gitblit.com>
Thursday, April 10, 2014 18:58 -0400
commit75ebd391b88884581b1139c87c98bb687941a8fe
tree 0050f7a069c483de425e64c5714598a59413893f tree | zip | gz
parent 282b8fd82c46ba6874fb24c8715af103645f3406 view | diff 
Prevent double authentication for the same public key

Openssh client sends two requests, one without a key signature to verify
that the public key is acceptable and the second one with the signature
after having loaded the private key and signed some data for actual
verification.

To prevent that the PublickeyAuthenticator#authenticate is called twice
cache the authentication status for session and public key.  Implement
SessionListener to clean up the cache entry when session is destroyed.

This is a workaround for SSHD bug [1].

Inspired-By: Guillaume Nodet <gnodet@apache.org>
[1] https://issues.apache.org/jira/browse/SSHD-300
1 files added
4 files modified
1 files deleted
223 ■■■■■ changed files
src/main/java/com/gitblit/transport/ssh/CachingPublicKeyAuthenticator.java 117 ●●●●● diff | view | raw | blame | history
src/main/java/com/gitblit/transport/ssh/PublicKeyAuthenticator.java 83 ●●●●● diff | view | raw | blame | history
src/main/java/com/gitblit/transport/ssh/SshCommandFactory.java 7 ●●●● diff | view | raw | blame | history
src/main/java/com/gitblit/transport/ssh/SshDaemon.java 4 ●●● diff | view | raw | blame | history
src/main/java/com/gitblit/transport/ssh/commands/BaseKeyCommand.java 6 ●●●● diff | view | raw | blame | history
src/main/java/com/gitblit/transport/ssh/commands/DispatchCommand.java 6 ●●●● diff | view | raw | blame | history