From: "Shawn O. Pearce" <spearce@spearce•org>
To: Robin Rosenberg <robin.rosenberg@dewire•com>,
Marek Zawirski <marek.zawirski@gmail•com>
Cc: git@vger•kernel.org
Subject: [JGIT PATCH 1/2 v2] Ignore unreadable SSH private keys when autoloading identities
Date: Wed, 27 Aug 2008 17:24:06 -0700 [thread overview]
Message-ID: <20080828002406.GU26523@spearce.org> (raw)
In-Reply-To: <20080827232946.GS26523@spearce.org>
During SSH startup we read all keys in the user's ~/.ssh, even
if we may not need them for this particular transport session.
If a file is not really a key, or it contains a key that JSch
doesn't recognize we shouldn't crash the transport. Instead
we should skip the file and move on. Later on we just don't
have that identity available to us, or we'll crash if we try
to add that identity file explicitly from ~/.ssh/config.
Signed-off-by: Shawn O. Pearce <spearce@spearce•org>
---
"Shawn O. Pearce" <spearce@spearce•org> wrote:
> Marek Zawirski <marek.zawirski@gmail•com> wrote:
> > Shawn O. Pearce wrote:
> >> diff --git a/org.spearce.jgit/src/org/spearce/jgit/transport/DefaultSshSessionFactory.java b/org.spearce.jgit/src/org/spearce/jgit/transport/DefaultSshSessionFactory.java
> > (...)
> >> + try {
> >> + addIdentity(k);
> >> + } catch (JSchException e) {
> >> + if (e.getMessage().startsWith("invalid privatekey: "))
> >> + continue;
> >> + throw e;
> >> + }
> >
> > That's extreme error handling with JSch;) Do you really think it's
> > better to rely on internal error message instead of continuing in any
> > case? Which other exceptions we would like to pass level up?
>
> I guess I can just change this to ignore everything.
.../jgit/transport/DefaultSshSessionFactory.java | 11 +++++++++--
1 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/org.spearce.jgit/src/org/spearce/jgit/transport/DefaultSshSessionFactory.java b/org.spearce.jgit/src/org/spearce/jgit/transport/DefaultSshSessionFactory.java
index a2437c2..74fca66 100644
--- a/org.spearce.jgit/src/org/spearce/jgit/transport/DefaultSshSessionFactory.java
+++ b/org.spearce.jgit/src/org/spearce/jgit/transport/DefaultSshSessionFactory.java
@@ -165,14 +165,21 @@ private void identities() throws JSchException {
final File k = new File(sshdir, n.substring(0, n.length() - 4));
if (!k.isFile())
continue;
- addIdentity(k);
+
+ try {
+ addIdentity(k);
+ } catch (JSchException e) {
+ continue;
+ }
}
}
private void addIdentity(final File identityFile) throws JSchException {
final String path = identityFile.getAbsolutePath();
- if (loadedIdentities.add(path))
+ if (!loadedIdentities.contains(path)) {
userJSch.addIdentity(path);
+ loadedIdentities.add(path);
+ }
}
private static class AWT_UserInfo implements UserInfo,
--
1.6.0.174.gd789c
prev parent reply other threads:[~2008-08-28 0:25 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-08-27 23:02 [JGIT PATCH 1/2] Ignore unreadable SSH private keys when autoloading identities Shawn O. Pearce
2008-08-27 23:02 ` [JGIT PATCH 2/2] pgm.push: Ensure SSH connections are closed Shawn O. Pearce
2008-08-27 23:26 ` [JGIT PATCH 1/2] Ignore unreadable SSH private keys when autoloading identities Marek Zawirski
2008-08-27 23:29 ` Shawn O. Pearce
2008-08-28 0:24 ` Shawn O. Pearce [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080828002406.GU26523@spearce.org \
--to=spearce@spearce$(echo .)org \
--cc=git@vger$(echo .)kernel.org \
--cc=marek.zawirski@gmail$(echo .)com \
--cc=robin.rosenberg@dewire$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox