Merge "Merge branch 'stable-2.9' into stable-2.10" into stable-2.10
diff --git a/Documentation/config-gerrit.txt b/Documentation/config-gerrit.txt
index cf231db..a50c788 100644
--- a/Documentation/config-gerrit.txt
+++ b/Documentation/config-gerrit.txt
@@ -2792,14 +2792,6 @@
[[sshd]]
=== Section sshd
-[[sshd.backend]]sshd.backend::
-+
-Starting from version 0.9.0 Apache SSHD project added support for NIO2
-IoSession. To use the new NIO2 session the `backend` option must be set
-to `NIO2`.
-+
-By default, `MINA`.
-
[[sshd.listenAddress]]sshd.listenAddress::
+
Specifies the local addresses the internal SSHD should listen
diff --git a/gerrit-pgm/src/main/resources/com/google/gerrit/pgm/libraries.config b/gerrit-pgm/src/main/resources/com/google/gerrit/pgm/libraries.config
index 16bceee..b5e702f 100644
--- a/gerrit-pgm/src/main/resources/com/google/gerrit/pgm/libraries.config
+++ b/gerrit-pgm/src/main/resources/com/google/gerrit/pgm/libraries.config
@@ -15,16 +15,16 @@
# Version should match lib/bouncycastle/BUCK
[library "bouncyCastleProvider"]
- name = Bouncy Castle Crypto Provider v151
- url = http://www.bouncycastle.org/download/bcprov-jdk15on-151.jar
- sha1 = 9ab8afcc2842d5ef06eb775a0a2b12783b99aa80
+ name = Bouncy Castle Crypto Provider v149
+ url = http://www.bouncycastle.org/download/bcprov-jdk15on-149.jar
+ sha1 = f5155f04330459104b79923274db5060c1057b99
remove = bcprov-.*[.]jar
# Version should match lib/bouncycastle/BUCK
[library "bouncyCastleSSL"]
- name = Bouncy Castle Crypto SSL v151
- url = http://www.bouncycastle.org/download/bcpkix-jdk15on-151.jar
- sha1 = 6c8c1f61bf27a09f9b1a8abc201523669bba9597
+ name = Bouncy Castle Crypto SSL v149
+ url = http://www.bouncycastle.org/download/bcpkix-jdk15on-149.jar
+ sha1 = 924cc7ad2f589630c97b918f044296ebf1bb6855
needs = bouncyCastleProvider
remove = bcpkix-.*[.]jar
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/contact/EncryptedContactStore.java b/gerrit-server/src/main/java/com/google/gerrit/server/contact/EncryptedContactStore.java
index d82180d..8c1fdb6 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/contact/EncryptedContactStore.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/contact/EncryptedContactStore.java
@@ -38,9 +38,6 @@
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.openpgp.PGPUtil;
-import org.bouncycastle.openpgp.bc.BcPGPPublicKeyRingCollection;
-import org.bouncycastle.openpgp.operator.bc.BcPGPDataEncryptorBuilder;
-import org.bouncycastle.openpgp.operator.bc.BcPublicKeyKeyEncryptionMethodGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -114,7 +111,7 @@
private static PGPPublicKeyRingCollection readPubRing(final File pub) {
try (InputStream fin = new FileInputStream(pub);
InputStream in = PGPUtil.getDecoderStream(fin)) {
- return new BcPGPPublicKeyRingCollection(in);
+ return new PGPPublicKeyRingCollection(in);
} catch (IOException e) {
throw new ProvisionException("Cannot read " + pub, e);
} catch (PGPException e) {
@@ -170,16 +167,12 @@
}
}
+ @SuppressWarnings("deprecation")
private final PGPEncryptedDataGenerator cpk()
throws NoSuchProviderException, PGPException {
- final BcPGPDataEncryptorBuilder builder =
- new BcPGPDataEncryptorBuilder(PGPEncryptedData.CAST5)
- .setSecureRandom(prng);
PGPEncryptedDataGenerator cpk =
- new PGPEncryptedDataGenerator(builder, true);
- final BcPublicKeyKeyEncryptionMethodGenerator methodGenerator =
- new BcPublicKeyKeyEncryptionMethodGenerator(dest);
- cpk.addMethod(methodGenerator);
+ new PGPEncryptedDataGenerator(PGPEncryptedData.CAST5, true, prng, "BC");
+ cpk.addMethod(dest);
return cpk;
}
diff --git a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java
index 32c13b4..6051442 100644
--- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java
+++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshDaemon.java
@@ -45,7 +45,6 @@
import org.apache.sshd.common.KeyExchange;
import org.apache.sshd.common.KeyPairProvider;
import org.apache.sshd.common.NamedFactory;
-import org.apache.sshd.common.RequestHandler;
import org.apache.sshd.common.Session;
import org.apache.sshd.common.Signature;
import org.apache.sshd.common.SshdSocketAddress;
@@ -68,11 +67,10 @@
import org.apache.sshd.common.future.CloseFuture;
import org.apache.sshd.common.future.SshFutureListener;
import org.apache.sshd.common.io.IoAcceptor;
-import org.apache.sshd.common.io.IoServiceFactoryFactory;
+import org.apache.sshd.common.io.IoServiceFactory;
import org.apache.sshd.common.io.IoSession;
-import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory;
+import org.apache.sshd.common.io.mina.MinaServiceFactory;
import org.apache.sshd.common.io.mina.MinaSession;
-import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory;
import org.apache.sshd.common.mac.HMACMD5;
import org.apache.sshd.common.mac.HMACMD596;
import org.apache.sshd.common.mac.HMACSHA1;
@@ -81,7 +79,6 @@
import org.apache.sshd.common.random.JceRandom;
import org.apache.sshd.common.random.SingletonRandomFactory;
import org.apache.sshd.common.session.AbstractSession;
-import org.apache.sshd.common.session.ConnectionService;
import org.apache.sshd.common.signature.SignatureDSA;
import org.apache.sshd.common.signature.SignatureRSA;
import org.apache.sshd.common.util.Buffer;
@@ -94,10 +91,6 @@
import org.apache.sshd.server.auth.gss.GSSAuthenticator;
import org.apache.sshd.server.auth.gss.UserAuthGSS;
import org.apache.sshd.server.channel.ChannelSession;
-import org.apache.sshd.server.global.CancelTcpipForwardHandler;
-import org.apache.sshd.server.global.KeepAliveHandler;
-import org.apache.sshd.server.global.NoMoreSessionsHandler;
-import org.apache.sshd.server.global.TcpipForwardHandler;
import org.apache.sshd.server.kex.DHG1;
import org.apache.sshd.server.kex.DHG14;
import org.apache.sshd.server.session.SessionFactory;
@@ -200,13 +193,8 @@
final String kerberosPrincipal = cfg.getString(
"sshd", null, "kerberosPrincipal");
- SshSessionBackend backend = cfg.getEnum(
- "sshd", null, "backend", SshSessionBackend.MINA);
-
- System.setProperty(IoServiceFactoryFactory.class.getName(),
- backend == SshSessionBackend.MINA
- ? MinaServiceFactoryFactory.class.getName()
- : Nio2ServiceFactoryFactory.class.getName());
+ System.setProperty(IoServiceFactory.class.getName(),
+ MinaServiceFactory.class.getName());
if (SecurityUtils.isBouncyCastleRegistered()) {
initProviderBouncyCastle();
@@ -263,12 +251,6 @@
return new GerritServerSession(server, ioSession);
}
});
- setGlobalRequestHandlers(Arrays.<RequestHandler<ConnectionService>> asList(
- new KeepAliveHandler(),
- new NoMoreSessionsHandler(),
- new TcpipForwardHandler(),
- new CancelTcpipForwardHandler()
- ));
hostKeys = computeHostKeys();
}
@@ -318,10 +300,8 @@
public synchronized void stop() {
if (acceptor != null) {
try {
- acceptor.close(true).await();
+ acceptor.dispose();
log.info("Stopped Gerrit SSHD");
- } catch (InterruptedException e) {
- log.warn("Exception caught while closing", e);
} finally {
acceptor = null;
}
@@ -607,11 +587,6 @@
@Override
public SshFile getFile(String file) {
return null;
- }
-
- @Override
- public FileSystemView getNormalizedView() {
- return null;
}};
}
});
diff --git a/lib/bouncycastle/BUCK b/lib/bouncycastle/BUCK
index d1ec48d..99f960e 100644
--- a/lib/bouncycastle/BUCK
+++ b/lib/bouncycastle/BUCK
@@ -2,19 +2,19 @@
# This version must match the version that also appears in
# gerrit-pgm/src/main/resources/com/google/gerrit/pgm/libraries.config
-VERSION = '1.51'
+VERSION = '1.49'
maven_jar(
name = 'bcprov',
id = 'org.bouncycastle:bcprov-jdk15on:' + VERSION,
- sha1 = '9ab8afcc2842d5ef06eb775a0a2b12783b99aa80',
+ sha1 = 'f5155f04330459104b79923274db5060c1057b99',
license = 'DO_NOT_DISTRIBUTE', #'bouncycastle'
)
maven_jar(
name = 'bcpg',
id = 'org.bouncycastle:bcpg-jdk15on:' + VERSION,
- sha1 = 'b5fa4c280dfbf8bf7c260bc1e78044c7a1de5133',
+ sha1 = '081d84be5b125e1997ab0e2244d1a2276b5de76c',
license = 'DO_NOT_DISTRIBUTE', #'bouncycastle'
deps = [':bcprov'],
)
@@ -22,7 +22,7 @@
maven_jar(
name = 'bcpkix',
id = 'org.bouncycastle:bcpkix-jdk15on:' + VERSION,
- sha1 = '6c8c1f61bf27a09f9b1a8abc201523669bba9597',
+ sha1 = '924cc7ad2f589630c97b918f044296ebf1bb6855',
license = 'DO_NOT_DISTRIBUTE', #'bouncycastle'
deps = [':bcprov'],
)
diff --git a/lib/mina/BUCK b/lib/mina/BUCK
index 5c51d3a..ff1df5a 100644
--- a/lib/mina/BUCK
+++ b/lib/mina/BUCK
@@ -8,17 +8,18 @@
maven_jar(
name = 'sshd',
- id = 'org.apache.sshd:sshd-core:0.13.0',
- sha1 = 'c616c5865cc55473c6d63c6fcf46e60d382be172',
+ id = 'org.apache.sshd:sshd-core:0.9.0-4-g5967cfd',
+ sha1 = '8f4b6f7ebc54655dc7d25a77665cf51f2b1288b2',
license = 'Apache2.0',
deps = [':core'],
exclude = EXCLUDE,
+ repository = GERRIT,
)
maven_jar(
name = 'core',
- id = 'org.apache.mina:mina-core:2.0.8',
- sha1 = 'd6ff69fa049aeaecdf0c04cafbb1ab53b7487883',
+ id = 'org.apache.mina:mina-core:2.0.7',
+ sha1 = 'c878e2aa82de748474a624ec3933e4604e446dec',
license = 'Apache2.0',
exclude = EXCLUDE,
)