Sync from SUSE:SLFO:Main jsch revision dae59009e2d141eb1e0503bdf7981c48

This commit is contained in:
Adrian Schröter 2024-05-03 14:05:17 +02:00
commit 4791584c5a
7 changed files with 918 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

BIN
jsch-0.2.15.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.

306
jsch-build.xml Normal file
View File

@ -0,0 +1,306 @@
<?xml version="1.0" encoding="UTF-8"?>
<project name="jsch" default="package" basedir=".">
<!-- ====================================================================== -->
<!-- Build environment properties -->
<!-- ====================================================================== -->
<property file="build.properties"/>
<property name="project.artifactId" value="jsch"/>
<property name="project.version" value="0.2.9"/>
<property name="spec.version" value="0.2"/>
<property name="versionWithoutMinus" value="${project.version}"/>
<property name="compiler.release" value="8"/>
<property name="compiler.source" value="1.${compiler.release}"/>
<property name="compiler.target" value="${compiler.source}"/>
<property name="build.finalName" value="jsch-${project.version}"/>
<property name="build.dir" value="target"/>
<property name="build.outputDir" value="${build.dir}/classes"/>
<property name="build.srcDir" value="src/main/java"/>
<property name="build.templateDir" value="src/main/java-templates"/>
<property name="build.genSrcDir" value="${build.dir}/generated-sources"/>
<property name="build.resourceDir" value="src/main/resources"/>
<property name="build.mrOutputDir" value="${build.outputDir}/META-INF/versions"/>
<property name="build.mrOutputDir.9" value="${build.mrOutputDir}/9"/>
<property name="build.mrSrcDir.9" value="src/main/java9"/>
<property name="build.mrOutputDir.10" value="${build.mrOutputDir}/10"/>
<property name="build.mrSrcDir.10" value="src/main/java10"/>
<property name="build.mrOutputDir.11" value="${build.mrOutputDir}/11"/>
<property name="build.mrSrcDir.11" value="src/main/java11"/>
<property name="build.mrOutputDir.15" value="${build.mrOutputDir}/15"/>
<property name="build.mrSrcDir.15" value="src/main/java15"/>
<property name="build.mrOutputDir.16" value="${build.mrOutputDir}/16"/>
<property name="build.mrSrcDir.16" value="src/main/java16"/>
<property name="reporting.outputDirectory" value="${build.dir}/site"/>
<!-- ====================================================================== -->
<!-- Defining classpaths -->
<!-- ====================================================================== -->
<path id="build.classpath">
<fileset dir="lib">
<include name="**/*.jar"/>
</fileset>
</path>
<!-- ====================================================================== -->
<!-- Cleaning up target -->
<!-- ====================================================================== -->
<target name="clean" description="Clean the output directory">
<delete dir="${build.dir}"/>
</target>
<!-- ====================================================================== -->
<!-- Compilation targets -->
<!-- ====================================================================== -->
<condition property="build9">
<javaversion atleast="9"/>
</condition>
<condition property="build10">
<javaversion atleast="10"/>
</condition>
<condition property="build11">
<javaversion atleast="11"/>
</condition>
<condition property="build15">
<javaversion atleast="15"/>
</condition>
<condition property="build16">
<javaversion atleast="16"/>
</condition>
<target name="compile" description="Compile the code">
<echo>Java/JVM version: ${ant.java.version}</echo>
<mkdir dir="${build.genSrcDir}"/>
<copy todir="${build.genSrcDir}">
<fileset dir="${build.templateDir}"/>
<filterchain>
<expandproperties>
<propertyset>
<propertyref name="versionWithoutMinus"/>
</propertyset>
</expandproperties>
</filterchain>
</copy>
<mkdir dir="${build.outputDir}"/>
<javac destdir="${build.outputDir}"
nowarn="true"
debug="true"
optimize="false"
deprecation="true"
release="${compiler.release}"
verbose="false"
fork="false">
<src>
<pathelement location="${build.srcDir}"/>
<pathelement location="${build.genSrcDir}"/>
</src>
<classpath refid="build.classpath"/>
</javac>
<mkdir dir="${build.mrOutputDir}"/>
</target>
<target name="compile9" description="Compile the overrides for Java 9+" if="build9">
<!-- Override classes for Java 9+ -->
<mkdir dir="${build.mrOutputDir.9}"/>
<javac destdir="${build.mrOutputDir.9}"
nowarn="true"
debug="true"
optimize="false"
deprecation="true"
source="${compiler.source}"
target="${compiler.target}"
verbose="false"
fork="false">
<src>
<pathelement location="${build.mrSrcDir.9}"/>
</src>
<exclude name="**/module-info.java"/>
<classpath>
<path refid="build.classpath"/>
<pathelement location="${build.outputDir}"/>
</classpath>
</javac>
<!-- Build module-info.class -->
<javac destdir="${build.mrOutputDir.9}"
nowarn="true"
debug="true"
optimize="false"
deprecation="true"
release="9"
verbose="false"
fork="false">
<src>
<pathelement location="${build.mrSrcDir.9}"/>
</src>
<include name="**/module-info.java"/>
<modulepath>
<path refid="build.classpath"/>
<pathelement location="${build.outputDir}"/>
</modulepath>
</javac>
</target>
<target name="compile10" description="Compile the overrides for Java 10+" if="build10">
<!-- Override classes for Java 10+ -->
<mkdir dir="${build.mrOutputDir.10}"/>
<javac destdir="${build.mrOutputDir.10}"
nowarn="true"
debug="true"
optimize="false"
deprecation="true"
source="${compiler.source}"
target="${compiler.target}"
verbose="false"
fork="false">
<src>
<pathelement location="${build.mrSrcDir.10}"/>
</src>
<classpath>
<path refid="build.classpath"/>
<pathelement location="${build.outputDir}"/>
</classpath>
</javac>
</target>
<target name="compile11" description="Compile the overrides for Java 11+" if="build11">
<!-- Override classes for Java 11+ -->
<mkdir dir="${build.mrOutputDir.11}"/>
<javac destdir="${build.mrOutputDir.11}"
nowarn="true"
debug="true"
optimize="false"
deprecation="true"
source="${compiler.source}"
target="${compiler.target}"
verbose="false"
fork="false">
<src>
<pathelement location="${build.mrSrcDir.11}"/>
</src>
<classpath>
<path refid="build.classpath"/>
<pathelement location="${build.outputDir}"/>
</classpath>
</javac>
</target>
<target name="compile15" description="Compile the overrides for Java 15+" if="build15">
<!-- Override classes for Java 15+ -->
<mkdir dir="${build.mrOutputDir.15}"/>
<javac destdir="${build.mrOutputDir.15}"
nowarn="true"
debug="true"
optimize="false"
deprecation="true"
source="${compiler.source}"
target="${compiler.target}"
verbose="false"
fork="false">
<src>
<pathelement location="${build.mrSrcDir.15}"/>
</src>
<classpath>
<path refid="build.classpath"/>
<pathelement location="${build.outputDir}"/>
</classpath>
</javac>
</target>
<target name="compile16" description="Compile the overrides for Java 16+" if="build16">
<!-- Override classes for Java 16+ -->
<mkdir dir="${build.mrOutputDir.16}"/>
<javac destdir="${build.mrOutputDir.16}"
nowarn="true"
debug="true"
optimize="false"
deprecation="true"
source="${compiler.source}"
target="${compiler.target}"
verbose="false"
fork="false">
<src>
<pathelement location="${build.mrSrcDir.16}"/>
</src>
<classpath>
<path refid="build.classpath"/>
<pathelement location="${build.outputDir}"/>
</classpath>
</javac>
</target>
<!-- ====================================================================== -->
<!-- Javadoc target -->
<!-- ====================================================================== -->
<target name="javadoc" description="Generates the Javadoc of the application">
<javadoc sourcepath="${build.srcDir}"
destdir="${reporting.outputDirectory}/apidocs"
access="protected"
source="${compiler.source}"
verbose="false"
version="true"
use="true"
author="true"
splitindex="false"
nodeprecated="false"
nodeprecatedlist="false"
notree="false"
noindex="false"
nohelp="false"
nonavbar="false"
serialwarn="false"
charset="ISO-8859-1"
linksource="false"
breakiterator="false">
<classpath refid="build.classpath"/>
</javadoc>
</target>
<!-- ====================================================================== -->
<!-- Package target -->
<!-- ====================================================================== -->
<target name="package" depends="compile,compile9,compile10,compile11,compile15,compile16" description="Package the application">
<jar jarfile="${build.dir}/${build.finalName}.jar"
compress="true"
index="false"
basedir="${build.outputDir}"
excludes="**/package.html">
<manifest>
<attribute name="Bundle-Description" value="JSch is a pure Java implementation of SSH2"/>
<attribute name="Bundle-License" value="https://github.com/mwiede/jsch/blob/master/LICENSE.JZlib.txt,https://github.com/mwiede/jsch/blob/master/LICENSE.jBCrypt.txt,https://github.com/mwiede/jsch/blob/master/LICENSE.txt"/>
<attribute name="Bundle-ManifestVersion" value="2"/>
<attribute name="Bundle-Name" value="JSch"/>
<attribute name="Bundle-SymbolicName" value="com.jcraft.jsch"/>
<attribute name="Bundle-Version" value="${project.version}"/>
<attribute name="Export-Package" value="com.jcraft.jsch;version=&quot;${project.version}&quot;"/>
<attribute name="Implementation-Title" value="JSch"/>
<attribute name="Implementation-Version" value="${project.version}"/>
<attribute name="Import-Package" value="com.sun.jna.platform.win32;resolution:=optional,com.sun.jna;resolution:=optional,javax.crypto,javax.crypto.interfaces,javax.crypto.spec,org.bouncycastle.crypto.digests;resolution:=optional,org.bouncycastle.crypto.engines;resolution:=optional,org.bouncycastle.crypto.generators;resolution:=optional,org.bouncycastle.crypto.macs;resolution:=optional,org.bouncycastle.crypto.modes;resolution:=optional,org.bouncycastle.crypto.params;resolution:=optional,org.bouncycastle.crypto.signers;resolution:=optional,org.bouncycastle.crypto;resolution:=optional,org.ietf.jgss;resolution:=optional,org.slf4j;resolution:=optional"/>
<attribute name="Multi-Release" value="true"/>
<attribute name="Require-Capability" value="osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=${compiler.target}))&quot;"/>
<attribute name="Specification-Title" value="JSch"/>
<attribute name="Specification-Version" value="${spec.version}"/>
</manifest>
</jar>
</target>
<!-- ====================================================================== -->
<!-- A dummy target for the package named after the type it creates -->
<!-- ====================================================================== -->
<target name="jar" depends="package" description="Builds the jar for the application"/>
</project>

35
jsch-junixsocket.patch Normal file
View File

@ -0,0 +1,35 @@
--- a/src/main/java/com/jcraft/jsch/SSHAgentConnector.java
+++ b/src/main/java/com/jcraft/jsch/SSHAgentConnector.java
@@ -93,21 +93,7 @@ public class SSHAgentConnector implements AgentConnector {
}
private static USocketFactory getUSocketFactory() throws AgentProxyException {
- try {
- return new UnixDomainSocketFactory();
- } catch (AgentProxyException e) {
- try {
- return new JUnixSocketFactory();
- } catch (NoClassDefFoundError ee) {
- AgentProxyException eee = new AgentProxyException("junixsocket library unavailable");
- eee.addSuppressed(e);
- eee.addSuppressed(ee);
- throw eee;
- } catch (AgentProxyException ee) {
- ee.addSuppressed(e);
- throw e;
- }
- }
+ return new UnixDomainSocketFactory();
}
private static Path getSshAuthSocket() throws AgentProxyException {
--- a/src/main/java9/module-info.java
+++ b/src/main/java9/module-info.java
@@ -6,7 +6,6 @@ module com.jcraft.jsch {
requires static org.apache.logging.log4j;
requires static org.slf4j;
requires static org.bouncycastle.provider;
- requires static org.newsclub.net.unix;
requires static com.sun.jna;
requires static com.sun.jna.platform;
}

10
jsch-log4j.patch Normal file
View File

@ -0,0 +1,10 @@
--- a/src/main/java9/module-info.java
+++ b/src/main/java9/module-info.java
@@ -3,7 +3,6 @@ module com.jcraft.jsch {
requires static java.security.jgss;
requires static java.logging;
- requires static org.apache.logging.log4j;
requires static org.slf4j;
requires static org.bouncycastle.provider;
requires static com.sun.jna;

425
jsch.changes Normal file
View File

@ -0,0 +1,425 @@
-------------------------------------------------------------------
Wed Dec 20 12:47:08 UTC 2023 - Gus Kenion <gkenion@suse.com>
- Upgrade to version 0.2.15, which includes fix for SSH protocol
vulnerability (bsc#1218134, CVE-2023-48795)
* Changes in 0.2.15:
+ Address CVE-2023-48795 by adding support for new strict key
exchange extension
+ Add support for ext-info-in-auth@openssh.com extension
+ Introduce two new config options to control usage of the new
strict key exchange extension:
~ enable_strict_kex (set to yes by default)
~ require_strict_kex (set to no by default)
~ If either option (or both) is enabled, then JSch will
attempt to use the new strict key exchange extension.
~ If the require_strict_kex option is enabled and JSch detects
the server does not support it, then JSch will terminate the
connection and throw an exception.
~ If the require_strict_kex option is not enabled and JSch
detects the server does not support it, then JSch will
fallback and proceed with the connection without using the
new extension.
+ This gives users the ability to enable a strong security
posture if needed and avoid proceeding with connections to
potentially insecure servers.
* Changes in 0.2.14:
+ #450 use Socket.connect() with a timeout that has been
supported since Java 1.4 instead of using old method of
creating a separate thread and joining to that thread with
timeout
* Changes in 0.2.13:
+ #411 Add flush operation from Fix added is/jsch#39,
with new config option to allow disabling in case it causes
regressions.
+ #403 add a warning when Channel.getInputStream() or
Channel.getExtInputStream() is called after Channel.connect().
* Changes in 0.2.12:
+ Further refine previous fixes for windows line endings in PEM
keys
+ #392 replace call to BigInteger.intValueExact to remain
compatible with android api 30
+ Introduce JSchSessionDisconnectException to allow the
reasonCode to be retrieved without String parsing
+ Introduce specific JSchException for HostKey related failures
* Changes in 0.2.11:
+ update dependencies changes
+ #369 fix multi-line PEM key parsing to work with windows line
endings due to regression from previous fix for #362.
* Changes in 0.2.10:
+ Fix new Java 21 compiler warning: possible 'this' escape
before subclass is fully initialized
+ Tweak OSGi bundle manifest to allow Log4j 3
+ #362 fix PEM key parsing to work with windows line endings
+ #361 guard against UIKeyboardInteractive implementations that
include NULL elements in the String[] returned from
promptKeyboardInteractive()
+ Add a default implmentation of the deprecated decrypt() method
to the Identity interface that throws an
UnsupportedOperationException
-------------------------------------------------------------------
Sat Jun 3 11:03:46 UTC 2023 - Fridrich Strba <fstrba@suse.com>
- Migrate from com.jcraft:jsch to com.github.mwiede:jsch fork
(bsc#1211955)
* Alias to the old artifact since the new one is drop-in
replacement
* Keep the old OSGi bundle symbolic name to avoid extensive
patching of eclipse stack
- Upgrade to version 0.2.9
* Changes of 0.2.9
+ various improvements, #295
~ #293 allow UserAuthNone to be extended.
~ Make JGSS module optional.
~ Tweak OSGi bundle manifest:
~ Avoid self-import.
~ Mark JGSS as optional.
~ Loosen import versions of dependencies.
~ Correctly adhere to the Multi-release JAR spec by ensuring
all public classes under versioned directories preside over
classes present in the top-level directory.
~ Eliminate stray System.err.println() calls.
~ Change PageantConnector to use JNA's built-in support for
User32.SendMessage().
+ Improve error handling in InputStream.close() for SFTP
channels, #331
* Changes of 0.2.8
+ activate sourcecode formatting, #247
+ build improvements, #279
+ #287 add algorithm type information to algorithm negotiation
logs, #290
+ wrap NoClassDefFoundError's for invalid private keys, #289 and
#290
* Changes of 0.2.7
+ #265 change buffer_margin computation to be dynamic based upon
the MAC to allow connections that advertise small maximum
packet sizes.
+ #266 fix PuTTY key parsing to work with unix line endings.
+ Add support for ECDSA and EdDSA type PuTTY keys.
+ #71 add support for PuTTY version 3 format keys.
~ Encrypted PuTTY version 3 format keys requires Bouncy
Castle (bcprov-jdk18on).
+ Eliminate KeyPairDeferred and instead change handling of
OpenSSH V1 type keys to be more like other KeyPair types.
+ Be more vigilant about clearing private key data.
+ Improve PKCS8 key handling and add support for PKCS5 2.1
encryption.
+ Add support for ECDSA type PKCS8 keys.
+ Add support for SCrypt type KDF for PKCS8 keys.
~ PKCS8 keys using SCrypt requires Bouncy Castle
(bcprov-jdk18on).
+ Add support for EdDSA type PKCS8 keys.
~ EdDSA type PKCS8 keys requires Bouncy Castle
(bcprov-jdk18on).
+ Attempt to authenticate using other signature algorithms
supported by the same public key.
~ Allow this behavior to be disabled via
try_additional_pubkey_algorithms config option.
° Some servers incorrectly respond with
SSH_MSG_USERAUTH_PK_OK to an initial auth query that they
don't actually support for RSA keys.
+ Add a new config option enable_pubkey_auth_query to allow
skipping auth queries and proceed directly to attempting
full SSH_MSG_USERAUTH_REQUEST's.
+ Add a new config option enable_auth_none to control whether
an initial auth request for the method none is sent to detect
all supported auth methods available on the server.
* Changes of 0.2.6
+ Include host alias instead of the real host in messages and
exceptions, #257
+ Fix missing keySize set when loading V1 RSA keys, #258
+ Enhancement to present KeyPair.getKeyTypeString() method, #259
* Changes of 0.2.5
+ Explictly free resources in Compression implementations, #241
+ Fix integration test failures on Apple Silicon by skipping
OpenSSH 7.4 tests, #227
+ generate osgi bundle manifest data for jar #248, #249
* Changes of 0.2.4
+ Improved excepton handling by @norrisjeremy in #200
* Changes of 0.2.3
+ #188 fix private key length checks for ssh-ed25519 and
ssh-ed448, #189
* Changes of 0.2.2
+ setup jdk for code-ql analysis, #151
+ misc improvements, #152
+ Fixing Issue #131, #134
+ Update link to bcrypt, #157
* Changes of 0.2.1
+ Allow to set a Logger per JSch-instance rather than a VM-wide
one, #128
+ Preliminary changes prior to Javadoc work, #126
+ remove check to allow setting any filename encoding with any
server version #137, #142
* Changes of 0.2.0
+ Disable RSA/SHA1 signature algorithm by default #75
+ Add basic Logger implementations that can be optionally
utilized with JSch.setLogger():
~ JulLogger, using java.util.logging.Logger
~ JplLogger, using Java 9's JEP 264
~ Log4j2Logger, using Apache Log4j 2
~ Slf4jLogger, using SLF4J
+ Fix client version to be compliant with RFC 4253 section 4.2
by not including minus sign characters #115
+ Add java.util.zip based compression implementation #114
~ This is based upon the CompressionJUZ implementation posted
to the JSch-users mailing list in 2012 by the original JSch
author
~ The existing JZlib implementation remains the default to
maintain strict RFC 4253 section 6.2 compliance
° To use the new implementation globally, execute
JSch.setConfig("zlib@openssh.com",
"com.jcraft.jsch.juz.Compression") +
JSch.setConfig("zlib", "com.jcraft.jsch.juz.Compression")
° To use the new implementation per session, execute
session.setConfig("zlib@openssh.com",
"com.jcraft.jsch.juz.Compression")
+ session.setConfig("zlib",
"com.jcraft.jsch.juz.Compression")
* Changes of 0.1.72
+ Switch chacha20-poly1305@openssh.com algorithm to a pure
Bouncy Castle based implementation
+ implement openssh config behavior to handle append, prepend
and removal of algorithms #104
* Changes of 0.1.71
+ Address #98 by restoring JSch.VERSION
* Changes of 0.1.70
+ Address #89 by fixing rare ECDSA signature validation issue
+ Address #93 by always setting the "want reply" flag for "env"
type channel requests to false
* Changes of 0.1.69
+ Address #83 by sending CR LF at the end of the identification
string
+ Fix earlier change for #76 that failed to correctly make the
"Host" keyword case-insensitive
+ Fix PageantConnector struct class visibility #86
* Changes of 0.1.68
+ Added support for the rijndael-cbc@lysator.liu.se algorithm
+ Added support for the hmac-ripemd160,
hmac-ripemd160@openssh.com and hmac-ripemd160-etm@openssh.com
algorithms using Bouncy Castle
+ Added support for various algorithms from RFC 4253 and
RFC 4344 using Bouncy Castle
~ cast128-cbc
~ cast128-ctr
~ twofish-cbc
~ twofish128-cbc
~ twofish128-ctr
~ twofish192-cbc
~ twofish192-ctr
~ twofish256-cbc
~ twofish256-ctr
+ Added support for the seed-cbc@ssh.com algorithm using Bouncy
Castle
* Changes of 0.1.67
+ Added support for the blowfish-ctr algorithm from RFC 4344
+ Fix bug where ext-info-c was incorrectly advertised during
rekeying
~ According to RFC 8308 section 2.1, ext-info-c should only
advertised during the first key exchange
+ Address #77 by attempting to add compatibility with older
Bouncy Castle releases
* Changes of 0.1.66
+ Added support for RFC 8308 extension negotiation and
server-sig-algs extension
~ This support is enabled by default, but can be controlled
via the enable_server_sig_algs config option (or
jsch.enable_server_sig_algs system property)
~ When enabled and a server-sig-algs message is received from
the server, the algorithms included by the server and also
present in the PubkeyAcceptedKeyTypes config option will be
attempted first when using publickey authentication
~ Additionally if the server is detected as OpenSSH version
7.4, the rsa-sha2-256 and rsa-sha2-512 algorithms will be
added to the received server-sig-algs as a workaround for
OpenSSH bug 2680
+ Added support for various algorithms supported by Tectia
(ssh.com):
~ diffie-hellman-group14-sha224@ssh.com
~ diffie-hellman-group14-sha256@ssh.com
~ diffie-hellman-group15-sha256@ssh.com
~ diffie-hellman-group15-sha384@ssh.com
~ diffie-hellman-group16-sha384@ssh.com
~ diffie-hellman-group16-sha512@ssh.com
~ diffie-hellman-group18-sha512@ssh.com
~ diffie-hellman-group-exchange-sha224@ssh.com
~ diffie-hellman-group-exchange-sha384@ssh.com
~ diffie-hellman-group-exchange-sha512@ssh.com
~ hmac-sha224@ssh.com
~ hmac-sha256@ssh.com
~ hmac-sha256-2@ssh.com
~ hmac-sha384@ssh.com
~ hmac-sha512@ssh.com
~ ssh-rsa-sha224@ssh.com
~ ssh-rsa-sha256@ssh.com
~ ssh-rsa-sha384@ssh.com
~ ssh-rsa-sha512@ssh.com
+ Added support for SHA224 to FingerprintHash
+ Fixing #52
+ Deprecate void setFilenameEncoding(String encoding) in favor
of void setFilenameEncoding(Charset encoding) in ChannelSftp
+ Added support for rsa-sha2-256 and rsa-rsa2-512 algorithms to
ChannelAgentForwarding
+ Address #65 by adding ssh-agent support derived from
jsch-agent-proxy
~ See examples/JSchWithAgentProxy.java for simple example
~ ssh-agent support requires either Java 16's JEP 380 or the
addition of junixsocket to classpath
~ Pageant support is untested and requires the addition of JNA
to classpath
+ Added support for the following algorithms with older Java
releases by using Bouncy Castle:
~ ssh-ed25519
~ ssh-ed448
~ curve25519-sha256
~ curve25519-sha256@libssh.org
~ curve448-sha512
~ chacha20-poly1305@openssh.com
* Changes of 0.1.65
+ Added system properties to allow manipulation of various
crypto algorithms used by default
+ Integrated JZlib, allowing use of zlib@openssh.com and zlib
compressions without the need to provide the JZlib jar-file
+ Modularized the jar-file for use with Java 9 or newer
+ Added runtime controls for the min/max/preferred sizes used
for diffie-hellman-group-exchange-sha256 and
diffie-hellman-group-exchange-sha1
+ Renamed PubkeyAcceptedKeyTypes config to
PubkeyAcceptedAlgorithms to match recent changes in OpenSSH
(PubkeyAcceptedKeyTypes is still accepted for backward
compatibility)
+ Reduced number of algorithms that are runtime checked by
default via CheckCiphers, CheckMacs, CheckKExes and
CheckSignatures to improve runtime performance
* Changes of 0.1.64
+ #55 bug fix
* Changes of 0.1.63
+ fix for #42
* Changes 0.1.62
+ #13 reject HostKey with some servers
+ #20 Include TestBCrypt.java unit test
+ #21 Misc cleanup
+ #27 Update Testcontainers to newest version to fix test
failures
+ #34 NPE with openssh v1 format
* Changes 0.1.61
+ Add support for chacha20-poly1305@openssh.com, ssh-ed25519,
ssh-ed448, curve448-sha512, diffie-hellman-group15-sha512
and diffie-hellman-group17-sha512.
This makes use of the new EdDSA feature added in Java 15's
JEP 339. #17
+ added integration test for public key authentication #19
* Changes of 0.1.60
+ support for openssh-v1-private-key format
+ Fix bug with AEAD ciphers when compression is used. #15
* Changes of 0.1.59
+ fixing issue #6 (originally from
https://sourceforge.net/p/jsch/mailman/message/36872566/)
* Changes of 0.1.58
+ adds support for more algorithms, see #4
* Changes of 0.1.57
+ support for rsa-sha2-256 and rsa-sha2-512. #1
* Changes of 0.1.56
+ support for direct-streamlocal@openssh.com
(see SocketForwardingL.java)
- Removed patches:
* jsch-0.1.54-sourcetarget.patch
* jsch-osgi-manifest.patch
+ both problems are handled differently in the new version
- Added patches:
* jsch-junixsocket.patch
+ disable building with dependency that we don't have
* jsch-log4j.patch
+ disable building with log4j support in order to avoid a
huge build cycle
-------------------------------------------------------------------
Sat Mar 19 21:51:39 UTC 2022 - Fridrich Strba <fstrba@suse.com>
- Modified patch:
* jsch-0.1.54-sourcetarget.patch
+ build with source/target levels 8
-------------------------------------------------------------------
Tue Apr 7 13:56:09 UTC 2020 - Fridrich Strba <fstrba@suse.com>
- Version 0.1.55
-------------------------------------------------------------------
Tue Apr 7 13:52:31 UTC 2020 - Fridrich Strba <fstrba@suse.com>
- Added patch:
* jsch-osgi-manifest.patch
+ create the osgi manifest during the ant build
+ replaces the MANIFEST.MF file
- Miscellaneous clean-up
-------------------------------------------------------------------
Fri Sep 20 13:37:00 UTC 2019 - Fridrich Strba <fstrba@suse.com>
- Remove reference to the parent from pom file, since we are not
building with maven
-------------------------------------------------------------------
Fri Sep 8 08:31:01 UTC 2017 - fstrba@suse.com
- Added patch:
* jsch-0.1.54-sourcetarget.patch
- Specify java source and target levels to 1.6, in order to
allow building with jdk9
-------------------------------------------------------------------
Fri Jun 9 10:59:34 UTC 2017 - tchvatal@suse.com
- Build with full java, does not compile with gcj
-------------------------------------------------------------------
Fri May 19 09:59:03 UTC 2017 - dziolkowski@suse.com
- New build dependency: javapackages-local
-------------------------------------------------------------------
Sun Feb 12 21:45:09 UTC 2017 - guoyunhebrave@gmail.com
- Version 0.1.54
-------------------------------------------------------------------
Wed Mar 18 09:46:14 UTC 2015 - tchvatal@suse.com
- Fix build with new javapackages-tools
-------------------------------------------------------------------
Tue Jun 17 15:49:57 UTC 2014 - tchvatal@suse.com
- Version bump to 0.1.51
- Cleanup with spec-cleaner
- Add maven and osgi things same as in Fedora.
-------------------------------------------------------------------
Mon Sep 9 11:06:06 UTC 2013 - tchvatal@suse.com
- Move from jpackage-utils to javapackage-tools
-------------------------------------------------------------------
Mon May 13 06:15:53 UTC 2013 - mvyskocil@suse.com
- update to 0.1.50
* fixes connection errors with "verify: false" when running on
Java 7u6 (and later).
* The OpenSSH config file and the key exchange method
"diffie-hellman-group-exchange-sha256" are now supported
-------------------------------------------------------------------
Tue Oct 16 08:39:25 UTC 2012 - mvyskocil@suse.com
- update to 0.1.49
* Putty's private key files support
* hmax-sha2-256 defined in RFC6668 is supported
* integration with jsch-agent-proxy
* and many bugfixes
-------------------------------------------------------------------
Tue Apr 28 11:23:11 CEST 2009 - mvyskocil@suse.cz
- Initial SUSE packaging of version 0.1.40 (from jpp5)

116
jsch.spec Normal file
View File

@ -0,0 +1,116 @@
#
# spec file for package jsch
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: jsch
Version: 0.2.15
Release: 0
Summary: Pure Java implementation of SSH2
License: BSD-3-Clause
Group: Development/Libraries/Java
URL: https://github.com/mwiede/jsch/
Source0: https://github.com/mwiede/%{name}/archive/refs/tags/%{name}-%{version}.tar.gz
Source1: %{name}-build.xml
Patch0: jsch-junixsocket.patch
Patch1: jsch-log4j.patch
BuildRequires: ant
BuildRequires: bouncycastle >= 1.77
BuildRequires: fdupes
# We need this for module-info.class
BuildRequires: java-devel >= 9
BuildRequires: javapackages-local >= 6
BuildRequires: jna
BuildRequires: jna-contrib
BuildRequires: slf4j
# The jar still works with Java 8
Requires: java >= 1.8
BuildArch: noarch
%description
JSch allows you to connect to an sshd server and use port forwarding,
X11 forwarding, file transfer, etc., and you can integrate its
functionality into your own Java programs.
%package javadoc
Summary: Pure Java implementation of SSH2
Group: Development/Libraries/Java
%description javadoc
JSch allows you to connect to an sshd server and use port forwarding,
X11 forwarding, file transfer, etc., and you can integrate its
functionality into your own Java programs.
%package demo
Summary: Pure Java implementation of SSH2
Group: Development/Libraries/Java
%description demo
JSch allows you to connect to an sshd server and use port forwarding,
X11 forwarding, file transfer, etc., and you can integrate its
functionality into your own Java programs.
%prep
%setup -q -n %{name}-%{name}-%{version}
cp %{SOURCE1} build.xml
# We don't have junixsocket
%pom_remove_dep com.kohlschutter.junixsocket:
rm -f \
src/main/java/com/jcraft/jsch/JUnixSocketFactory.java
%patch0 -p1
# Do not depend on log4j
%pom_remove_dep org.apache.logging.log4j:
rm -f \
src/main/java/com/jcraft/jsch/Log4j2Logger.java \
src/test/java/com/jcraft/jsch/Log4j2LoggerTest.java
%patch1 -p1
%build
mkdir -p lib
build-jar-repository -s lib jna jna-platform slf4j/api bcprov
%{ant} jar javadoc
%install
# jars
install -Dpm 644 target/%{name}-*.jar %{buildroot}%{_javadir}/%{name}.jar
# pom
install -d -m 755 %{buildroot}%{_mavenpomdir}
%{mvn_install_pom} pom.xml %{buildroot}%{_mavenpomdir}/%{name}.pom
%add_maven_depmap %{name}.pom %{name}.jar -a com.jcraft:jsch
# javadoc
install -dm 755 %{buildroot}%{_javadocdir}/%{name}
cp -pr target/site/apidocs/* %{buildroot}%{_javadocdir}/%{name}
%fdupes -s %{buildroot}%{_javadocdir}/%{name}
# examples
install -dm 755 %{buildroot}%{_datadir}/%{name}
cp -pr examples/* %{buildroot}%{_datadir}/%{name}
%fdupes -s %{buildroot}%{_datadir}/%{name}
%files -f .mfiles
%license LICENSE.txt
%files javadoc
%{_javadocdir}/%{name}
%files demo
%{_datadir}/%{name}
%changelog