diff options
| author | Evan Elias <evan@skeema.net> | 2022-06-20 18:20:18 -0400 |
|---|---|---|
| committer | Máximo Cuadros <mcuadros@gmail.com> | 2022-09-22 10:14:48 +0200 |
| commit | c35b8082c863f2106de1c3c95ba9ed21d30f9371 (patch) | |
| tree | aea2f664d84c32e9ff169d02737d7735d165f36e /go.mod | |
| parent | af1efaa7dfb2a33de9c15597dd2cc65ea626cf35 (diff) | |
| download | go-git-c35b8082c863f2106de1c3c95ba9ed21d30f9371.tar.gz | |
plumbing: transport/ssh, auto-populate ClientConfig.HostKeyAlgorithms. Fixes #411
This commit adjusts the transport/ssh logic in command.connect(), so that it
now auto-populates ssh.ClientConfig.HostKeyAlgorithms. The algorithms are
chosen based on the known host keys for the target host, as obtained from the
known_hosts file.
In order to look-up the algorithms from the known_hosts file, external module
github.com/skeema/knownhosts is used. This package is just a thin wrapper
around golang.org/x/crypto/ssh/knownhosts, adding an extra mechanism to query
the known_hosts keys, implemented in a way which avoids duplication of any
golang.org/x/crypto/ssh/knownhosts logic.
Because HostKeyAlgorithms vary by target host, some related logic for setting
HostKeyCallback has been moved out of the various AuthMethod implementations.
This was necessary because the old HostKeyCallbackHelper is not host-specific.
Since known_hosts handling isn't really tied to AuthMethod anyway, it seems
reasonable to separate these. Previously-exported types/methods remain in
place for backwards compat, but some of them are now unused.
For testing approach, see pull request. Issue #411 can only be reproduced
via end-to-end / integration testing, since it requires actually launching
an SSH connection, in order to see the key mismatch error triggered from
https://github.com/golang/go/issues/29286 as the root cause.
Diffstat (limited to 'go.mod')
| -rw-r--r-- | go.mod | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -17,11 +17,12 @@ require ( github.com/jessevdk/go-flags v1.5.0 github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 github.com/sergi/go-diff v1.1.0 + github.com/skeema/knownhosts v1.1.0 github.com/xanzy/ssh-agent v0.3.1 - golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 - golang.org/x/net v0.0.0-20210326060303-6b1517762897 + golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e + golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c - golang.org/x/text v0.3.3 + golang.org/x/text v0.3.6 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c gopkg.in/warnings.v0 v0.1.2 // indirect ) |