Browse Source
Jsch checks only for the availability of the algorithms given by Jsch-internal config keys "CheckCiphers", "CheckKexes", and "CheckSignatures". If the ssh config defines any algorithms unknown to Jsch not listed in those keys, it'll still propose them during the negotiation phase, and run into an NPE later on if the server happens to propose such an algorithm and it gets chosen. Jsch reads those "CheckCiphers" and the other values from either a session-local config, or the global static Jsch config. It bypasses ~/.ssh/config for these values. Therefore, copy these values from the config as read from ~/.ssh/config into the session-specific config. That makes Jsch check _all_ configured algorithms up front, discarding any for which it has no implementation. Thus it proposes only algorithms it actually can handle. Bug: 535672 Change-Id: I6a68e54f4d9a3267e895c536bcf3c58099826ad5 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>stable-5.0
Thomas Wolf
7 years ago
committed by
Matthias Sohn
1 changed files with 21 additions and 0 deletions
Loading…
Reference in new issue