commit | fd3edc7bfc65f9bdfe785c92c72790261881dd40 | [log] [tgz] |
---|---|---|
author | Thomas Wolf <thomas.wolf@paranor.ch> | Fri Mar 19 09:35:34 2021 +0100 |
committer | Thomas Wolf <thomas.wolf@paranor.ch> | Fri Mar 19 17:28:24 2021 +0100 |
tree | a0bace2a047603ce40ed087dfba9f2efec753dd5 | |
parent | 6faee128f8930b851d33f1f06cb77b3e1b9a0cc5 [diff] |
sshd: try all configured signature algorithms for a key For RSA keys, there may be several configured signature algorithms: rsa-sha2-512, rsa-sha2-256, and ssh-rsa. Upstream sshd has bug SSHD-1105 [1] and always and unconditionally uses only the first configured algorithm. With the default order, this means that it cannot connect to a server that knows only ssh-rsa, like for instance Apache MINA sshd servers older than 2.6.0. This affects for instance bitbucket.org or also AWS Code Commit. Re-introduce our own pubkey authenticator that fixes this. Note that a server may impose a penalty (back-off delay) for subsequent authentication attempts with signature algorithms unknown to the server. In such cases, users can re-order the signature algorithm list via the PubkeyAcceptedAlgorithms (formerly PubkeyAcceptedKeyTypes) ssh config. [1] https://issues.apache.org/jira/browse/SSHD-1105 Bug: 572056 Change-Id: I7fb9c759ab6532e5f3b6524e9084085ddb2f30d6 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
An implementation of the Git version control system in pure Java.
This project is licensed under the EDL (Eclipse Distribution License).
JGit can be imported straight into Eclipse and built and tested from there. It can be built from the command line using Maven or Bazel. The CI builds use Maven and run on Jenkins.
org.eclipse.jgit
A pure Java library capable of being run standalone, with no additional support libraries. It provides classes to read and write a Git repository and operate on a working directory.
All portions of JGit are covered by the EDL. Absolutely no GPL, LGPL or EPL contributions are accepted within this package.
org.eclipse.jgit.ant
Ant tasks based on JGit.
org.eclipse.jgit.archive
Support for exporting to various archive formats (zip etc).
org.eclipse.jgit.http.apache
Apache httpclient support.
org.eclipse.jgit.http.server
Server for the smart and dumb Git HTTP protocol.
org.eclipse.jgit.lfs
Support for LFS (Large File Storage).
org.eclipse.jgit.lfs.server
Basic LFS server support.
org.eclipse.jgit.packaging
Production of Eclipse features and p2 repository for JGit. See the JGit Wiki on why and how to use this module.
org.eclipse.jgit.pgm
Command-line interface Git commands implemented using JGit (“pgm” stands for program).
org.eclipse.jgit.ssh.apache
Client support for the ssh protocol based on Apache Mina sshd.
org.eclipse.jgit.ui
Simple UI for displaying git log.
Native symbolic links are supported, provided the file system supports them. For Windows you must use a non-administrator account and have the SeCreateSymbolicLinkPrivilege.
Only the timestamp of the index is used by JGit if the index is dirty.
JGit requires at least a Java 8 JDK.
CRLF conversion is performed depending on the core.autocrlf
setting, however Git for Windows by default stores that setting during installation in the “system wide” configuration file. If Git is not installed, use the global or repository configuration for the core.autocrlf setting.
The system wide configuration file is located relative to where C Git is installed. Make sure Git can be found via the PATH environment variable. When installing Git for Windows check the “Run Git from the Windows Command Prompt” option. There are other options like Eclipse settings that can be used for pointing out where C Git is installed. Modifying PATH is the recommended option if C Git is installed.
We try to use the same notation of $HOME
as C Git does. On Windows this is often not the same value as the user.home
system property.
org.eclipse.jgit
Read loose and packed commits, trees, blobs, including deltafied objects.
Read objects from shared repositories
Write loose commits, trees, blobs.
Write blobs from local files or Java InputStreams.
Read blobs as Java InputStreams.
Copy trees to local directory, or local directory to a tree.
Lazily loads objects as necessary.
Read and write .git/config files.
Create a new repository.
Read and write refs, including walking through symrefs.
Read, update and write the Git index.
Checkout in dirty working directory if trivial.
Walk the history from a given set of commits looking for commits introducing changes in files under a specified path.
Object transport
Fetch via ssh, git, http, Amazon S3 and bundles. Push via ssh, git and Amazon S3. JGit does not yet deltify the pushed packs so they may be a lot larger than C Git packs.
Garbage collection
Merge
Rebase
And much more
org.eclipse.jgit.pgm
org.eclipse.jgit.ant
org.eclipse.jgit.archive
org.eclipse.http
There are some missing features:
Post questions, comments or discussions to the jgit-dev@eclipse.org mailing list. You need to be subscribed to post. File bugs and enhancement requests in Bugzilla.
See the EGit Contributor Guide.
More information about Git, its repository format, and the canonical C based implementation can be obtained from the Git website.