When a server sends a ref advertisement using protocol v2 it contains
lines other than ref names and sha1s. Attempting to get the sha1 out
of such a line using the substring method can result in a SIOOB error
when it doesn't actually contain the sha1 and ref name.
Add a check that the line is of the expected length, and subsequently
that the extracted object id is valid, and if not throw an exception.
Change-Id: Id92fe66ff8b6deb2cf987d81929f8d0602c399f4
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
UploadPack has a setTransferConfig method which allows to set the
transfer config, however since the constructors of TransferConfig
have the default package visibility it is not possible for any
application using UploadPack, for example Gerrit, to actually set
a transfer config.
Make the constructors public. This is consistent with the public
constructors for example on PackConfig.
Change-Id: I07080255838421871403b2b2bcc294aa8f621c57
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
The tag is formed inconsistently to tags in the rest of the JGit code
base (i.e. "4.10.0" with a trailing ".0" where all the others don't).
However since this class is not in the public API, the @since tag is
not necessary and can just be removed.
Change-Id: Ifa3f543f819a39453fcf343278e522b5d7b003c3
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
This makes the implementation consistent with the other similar
methods in this class.
Change-Id: I007876aad883615d696c8eabc886818ae00b10ee
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
The setProtocolV2Hook sets the protocolV2Hook to whatever value is
passed, which could be null, but the invocations of protocolV2Hook's
methods are not guarded by null-checks.
Annotate the parameter as @Nullable and set ProtocolV2Hook.DEFAULT
when null is passed. This makes the implementation consistent with
other similar methods that set a hook or filter with possible null
value.
Change-Id: I70919a3248d4c2658783941a37c47e437cff0baa
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
The class has several methods where passing a null parameter is
valid. Annotate those parameters as @Nullable.
Change-Id: Ie08893ee3ab34c1ffb2db875b4ab049ad065c697
Signed-off-by: David Pursehouse <david.pursehouse@gmail.com>
With the upcoming Eclipse release 2018-12 a new version of Tycho has
been released. Upgrade the Tycho related build steps to the new version
in the Maven build.
Change-Id: Ifff186a9f97ed9faf70f15b20396724b0c9e801c
Signed-off-by: Michael Keppler <Michael.Keppler@gmx.de>
The jgit-last-release-version is used by japicmp as baseline.
Change-Id: If56cc1785b61c92c9a05c8c29c6cb62001e89218
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
In the original contribution of this bundle, japicmp was disabled
as no previous version to compare against existed. Enable it now.
Update the version to compare against to 5.2.0.201812061821-r.
Change-Id: I42f812befde2d0d98db5f87e05230b51af244ae6
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
* committer:
Update list of committers
Add new ssh bundles to Maven central scripts
Update maven site reports
Prepare 5.2.1-SNAPSHOT builds
JGit v5.2.0.201812061821-r
Update Orbit to R20181128170323 for 2018-12
Change-Id: I97c6ce5f0c963bfab4d45462f555563d9c5bbe8a
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
- update name of reports which changed name in
maven-project-info-reports-plugin 3.0.0
- add dependency-covergence report
- add dependency-management report
- add index report
- add summary report
Change-Id: I6d406ecd9e082d96b2bd250704d5ca18e7c8f735
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
* stable-5.2:
Format lib/BUILD with buildifier
Update Orbit to S20181128170323 for 2018-12 RC1
Include id_ed25519 in the known default identity files
Apache MINA sshd client: enable support for ed25519 keys
Prepare 5.2.0-SNAPSHOT builds
Set git environment variables for hooks
JGit v5.2.0.201811281532-m3
Change-Id: If96adcbf35ccf8d9f4da0f5d97491f502f5a72a9
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
Include the net.i2p.crypto.eddsa bundle via a hard dependency.
Add tests for dealing with ed25519 host keys and user key files.
Manual tests: fetching from git.eclipse.org with an ed25519 user key,
and pushing this change itself using the same ed25519 key.
Note that sshd 2.0.0 does not yet support encrypted ed25519 private
keys.
Bug: 541272
Change-Id: I7072f4014d9eca755b4a2412e19c086235e5eae9
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Set GIT_DIR and GIT_WORK_TREE when calling hooks.
Bug: 541622
Change-Id: I6153d8a6a934ec37a3a5e7319c2d0e516f539ab7
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
to consume fix for vulnerability [1] in Apache commons compress which is
fixed in version 1.18.
[1] https://nvd.nist.gov/vuln/detail/CVE-2018-1324
CQ: 18320
Change-Id: I39b1d815e5b8e0208600afafe7a72bb603d04fb8
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
The new dependency to mockito for JDKHttpConnectionTest wasn't added for
bazel test run.
Change-Id: Ie967b7152340a0b3e05cced7eadfd40af78d9995
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
to consume fix for vulnerability [1] in Apache commons compress which is
fixed in version 1.18.
[1] CVE-2018-1324
CQ: 18320
Change-Id: I01e435fda834bbb22892a1cfba411d0196d7de17
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
After cloning a repo with a submodule, non-recursively, JGit would
encounter in its TreeWalk in IndexDiff:
* first, a missing gitlink (in index & HEAD, not in working tree)
* second, the untracked folder (not in index and head, in working tree)
As a result, it would report the submodule as missing. Canonical git
reports a clean workspace.
The root cause of this is that the path of a gitlink "x" did
not compare equal to the path of a tree "x" in JGit.
Correct Paths.compare() to account for that. If two paths are otherwise
equal, then let gitlinks match both trees and files. Matching trees
solves the bug. Matching files is necessary to handle the case where
the gitlink directory was replaced by a file; see the new test case
IndexDiffSubmoduleTest.testSubmoduleReplacedByFile(). Comparisons of
unequal paths are left untouched, so the sort order is unchanged.
After the fix, another bug(?) in WorkingTreeIterator became apparent:
with core.dirNoGitLinks = true, it was no longer possible to overwrite
a gitlink in the index. This is now fixed in WorkingTreeIterator.
Add new test cases for the bug itself and for some related cases
(submodule directory deleted or replaced by a file) in
IndexDiffSubmoduleTest. Add a test for missing files in IndexDiffTest,
and adapt the PathsTest to test matching gitlinks.
Bug: 467631
Change-Id: I0549d10d46b1858e5eec3cc15095aa9f1d5f5280
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
when multiple match options are given in git describe the result must
not depend on the order of the match options. JGit wrongly picked the
first match using the match options in the order they were defined. Fix
this by concatenating the streams of matching tags for all match options
and then choosing the first match on the concatenated stream sorted in
tie break order.
See https://git-scm.com/docs/git-describe#git-describe---matchltpatterngt
Change-Id: Id01433d35fa16fb4c30526605bee041ac1d954b2
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
According to RFC 2616 [1] header field names are case insensitive.
Header fields defined as a comma separated list can have multiple header
fields with the same field name. Add a method to HttpConnection which
retrieves all values with a given header field name with the field name
compared case insensitive.
[1] https://tools.ietf.org/html/rfc2616#section-4.2"
Change-Id: I7f601b21cda99e84f43f866c7c7cb4cb0e3cf5c3
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
This partially reverts commit a551b646: revert the changes in
RawParseUtils.lineMap(). Forcing all blobs containing a NUL byte
as a single line causes blame to produce useless results as soon
as it hits any version containing a NUL byte.
Doing binary detection at this level also has the problem that the
user cannot control it. Not by setting the text attribute nor in any
other way.
This came up in bug 541036, where a Java source inadvertently
contained NUL bytes in strings. Even fixing this by using escapes
"\000" will not fix JGit's blame for this file because the past
versions will still contain the NUL byte.
Native git can blame that file from bug 541036 fine.
Added new tests verifying that blaming a text file containing a NUL
byte produces sensible results.
Bug: 541036
Change-Id: I8991bec88e9827cc096868c6026ea1890b6d0d32
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Update mockito and its dependencies to latest version available in
Orbit:
- mockito 2.13.0.v20180426-1843
- net.bytebuddy.byte-buddy 1.7.9.v20180420-1519
- net.bytebuddy.byte-buddy-agent 1.7.9.v20180420-1519
- org.objenesis 2.6.0.v20180420-1519
CQ: 18301
CQ: 18303
CQ: 18319
Change-Id: I3dd01e5b0b5a023fcb6530e8ec76729cfc41d735
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
This continues what commit d9ac7ddf10
(Remove unnecessary modifiers from interfaces, 2018-11-15) started.
Change-Id: I89720985a5a986722a0dcb9b5e9bbc25996bd5b3
This reverts the workaround introduced by
1c6c73c5a9, which is a patch for dealing
with a buggy C Git client v1.7.5 in 2012. We'll stop supporting very old
C Git clients.
Change-Id: I94999a39101c96f210b5eca3c2f620c15eb1ac1b
Signed-off-by: Masaya Suzuki <masayasuzuki@google.com>
ProxyDataFactory had a parameter of type HostConfigEntry, but actually
it wasn't used anywhere. Remove it -- it was the last leaked type from
Apache MINA sshd.
Also use the logger provided by upstream SshClient instead of creating
a new Logger.
Bug: 520927
Change-Id: Iaa78bbb998a5e574fa091664b75c48a3b9cfb897
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Add tests for password and keyboard-interactive authentication.
Implement password authentication; the default provided by sshd
is non-interactive, which is not useful for JGit.
Make sure the CredentialsProvider gets reset on successive password
retrieval attempts. Otherwise it might always return the same non-
accepted password from a secure storage. (That one was discovered
by actually trying this via EGit; the JGit tests don't catch this.)
Change the default order of authentication mechanisms to prefer
password over keyboard-interactive. This is a mitigation for upstream
bug SSHD-866.[1]
Also include a fix for upstream bug SSHD-867.[2]
[1] https://issues.apache.org/jira/projects/SSHD/issues/SSHD-866
[2] https://issues.apache.org/jira/projects/SSHD/issues/SSHD-867
Bug: 520927
Change-Id: I423e548f06d3b51531016cf08938c8bd7acaa2a9
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
Create the bundle and move the SshTestGitServer there. Verified that
the Eclipse build still works and ran JSchSshTest and ApacheSshTest as
junit tests inside Eclipse.
Update maven build and features to account for that. Verified by
running full maven build including packaging.
Update bazel build files to account for that. Verified by a
clean-slate bazel build :all, followed by running the JSchSshTest
and the ApacheSshTest via bazel.
Change-Id: Ia084942f4425b454529de148e00417e7da786a90
Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>