merge (#1)

* Check whether filename is a child of the current file (Fixes hierynomus#341)

* Fixed codacy

* Updated README release notes

* Removed oraclejdk7 as that is no longer supported on trusty, added openjdk

* Added gradle caching to travis config

* Removed use of DataTypeConverter as that is no longer in default JDK9

* Removed build of broken openJDK7 in favour of using animal-sniffer to detect java 1.6 compatibility

* Improved test stability

* Correctly determine KeyType for ECDSA public key (Fixes hierynomus#356)

* fixed build

* Fixed Java9 build?

* Disambiguated signature initialization

* Removed deprecated method

* Organised imports

* Added 'out/' to gitignore

* Added support for new-style fingerprints (hierynomus#365)

* Added support for new-style fingerprints

* Fixed codacy warnings

* Fix decoding signature bytes (Fixes hierynomus#355, hierynomus#354) (hierynomus#361)

* Fix for signature verify in DSA

* Cleaned up signature verification

* Fixed import

* Ignored erroneous pmd warnings

* Updated JavaDoc

* Extracted ASN.1/DER encoding to method (hierynomus#368)

* Update net.i2p.crypto:eddsa to 0.2.0 (hierynomus#372)

* Update net.i2p.crypto:eddsa to 0.2.0

* Update net.i2p.crypto.eddsa to 0.2.0

* Update net.i2p.crypto.eddsa to 0.2.0

* Update net.i2p.crypto.eddsa to 0.2.0

* Log security provider registration failures (hierynomus#374)

* Migrate remaining block ciphers

* Updated README for v0.23.0 release

* Using new release plugin

* Updated build plugins

* Fix escaping in WildcardHostMatcher (hierynomus#382)

* Escape '[' and ']' in WildcardHostMatcher

* Anchoring regex to match entire string (Fixes hierynomus#381)

* Updated builds to include CodeCov

* - Experimenting with travis

* - fix ip for online testing

* - account for different working dir

* - yaml-yaml

* - double before_install

* - still -d

* - try common format

* - Fixed server keys
- Use sshj branding

* - grr, ip

* - minor improvements

* - eh?

* - switch username back

* - orly?

* - desperation

* - One more time

* Upgraded gradle to cope with java9

* Separated out integration tests

* Fixed length bug in putString (Fixes hierynomus#187)

* Removed docker from travis yml as it is included in gradle build now

* Added integration test to travis

* Update AndroidConfig (hierynomus#389)

* Add EdDSA signature for AndroidConfig.

* Initialize KeyExchange- and FileKeyProviderFactories with registered "bouncyCastle" (in fact, SpongyCastle is registered).

See hierynomus#308 for discussion.

* Added integration test for append scenario (Fixes hierynomus#390)

* Fixed headers

Author: CCLiu

.gitignore

@@ -10,6 +10,7 @@
 .settings/
 
 # Output dirs
+out/
 target/
 classes/
 build/

.travis.yml

@@ -1,5 +1,30 @@
 language: java
-sudo: false
+dist: trusty
+sudo: required
+
+services:
+  - docker
+
 jdk:
-  - oraclejdk7
   - oraclejdk8
+  - openjdk8
+  - oraclejdk9
+
+before_cache:
+  - rm -f $HOME/.gradle/caches/modules-2/modules-2.lock
+  - rm -fr $HOME/.gradle/caches/*/plugin-resolution/
+
+cache:
+  directories:
+  - $HOME/.gradle/caches/
+  - $HOME/.gradle/wrapper/
+
+before_install:
+  - pip install --user codecov
+
+script:
+  - ./gradlew check
+  - ./gradlew integrationTest
+
+after_success:
+- codecov

README.adoc

@@ -1,11 +1,14 @@
 = sshj - SSHv2 library for Java
 Jeroen van Erp
 :sshj_groupid: com.hierynomus
-:sshj_version: 0.21.1
+:sshj_version: 0.23.0
 :source-highlighter: pygments
 
+image:https://api.bintray.com/packages/hierynomus/maven/sshj/images/download.svg[link="https://bintray.com/hierynomus/maven/sshj/_latestVersion"]
 image:https://travis-ci.org/hierynomus/sshj.svg?branch=master[link="https://travis-ci.org/hierynomus/sshj"]
 image:https://api.codacy.com/project/badge/Grade/14a0a316bb9149739b5ea26dbfa8da8a["Codacy code quality", link="https://www.codacy.com/app/jeroen_2/sshj?utm_source=github.com&utm_medium=referral&utm_content=hierynomus/sshj&utm_campaign=Badge_Grade"]
+image:https://codecov.io/gh/hierynomus/sshj/branch/master/graph/badge.svg["codecov", link="https://codecov.io/gh/hierynomus/sshj"]
+image:http://www.javadoc.io/badge/com.hierynomus/sshj.svg?color=blue["JavaDocs", link="http://www.javadoc.io/doc/com.hierynomus/sshj"]
 image:https://maven-badges.herokuapp.com/maven-central/com.hierynomus/sshj/badge.svg["Maven Central",link="https://maven-badges.herokuapp.com/maven-central/com.hierynomus/sshj"]
 image:https://javadoc-emblem.rhcloud.com/doc/com.hierynomus/sshj/badge.svg["Javadoc",link="http://www.javadoc.io/doc/com.hierynomus/sshj"]
 
@@ -75,7 +78,7 @@ key exchange::
   `diffie-hellman-group16-sha256`, `[email protected]`, `[email protected]`, `[email protected]`
 
 signatures::
-  `ssh-rsa`, `ssh-dss`, `ecdsa-sha2-nistp256`, `ssh-ed25519`
+  `ssh-rsa`, `ssh-dss`, `ecdsa-sha2-nistp256`, `ecdsa-sha2-nistp384`, `ecdsa-sha2-nistp521`, `ssh-ed25519`
 
 mac::
   `hmac-md5`, `hmac-md5-96`, `hmac-sha1`, `hmac-sha1-96`, `hmac-sha2-256`, `hmac-sha2-512`
@@ -104,7 +107,16 @@ Google Group: http://groups.google.com/group/sshj-users
 Fork away!
 
 == Release history
-SSHJ 0.22.0 (2017-??-??)::
+SSHJ 0.23.0 (2017-10-13)::
+* Merged https://github.com/hierynomus/sshj/pulls/372[#372]: Upgrade to 'net.i2p.crypto:eddsa:0.2.0'
+* Fixed https://github.com/hierynomus/sshj/issues/355[#355] and https://github.com/hierynomus/sshj/issues/354[#354]: Correctly decode signature bytes
+* Fixed https://github.com/hierynomus/sshj/issues/365[#365]: Added support for new-style OpenSSH fingerprints of server keys
+* Fixed https://github.com/hierynomus/sshj/issues/356[#356]: Fixed key type detection for ECDSA public keys
+* Made SSHJ Java9 compatible
+SSHJ 0.22.0 (2017-08-24)::
+* Fixed https://github.com/hierynomus/sshj/pulls/341[#341]: Fixed path walking during recursive copy
+* Merged https://github.com/hierynomus/sshj/pulls/338[#338]: Added ConsolePasswordFinder to read password from stdin
+* Merged https://github.com/hierynomus/sshj/pulls/336[#336]: Added support for ecdsa-sha2-nistp384 and ecdsa-sha2-nistp521 signatures
 * Fixed https://github.com/hierynomus/sshj/issues/331[#331]: Added support for wildcards in known_hosts file
 SSHJ 0.21.1 (2017-04-25)::
 * Merged https://github.com/hierynomus/sshj/pulls/322[#322]: Fix regression from 40f956b (invalid length parameter on outputstream)

build.gradle

@@ -1,42 +1,54 @@
 import java.text.SimpleDateFormat
+import com.bmuschko.gradle.docker.tasks.container.*
+import com.bmuschko.gradle.docker.tasks.image.*
 
 plugins {
   id "java"
   id "groovy"
+  id "jacoco"
   id "osgi"
   id "maven-publish"
-  id "org.ajoberstar.release-opinion" version "1.4.2"
+  id "com.bmuschko.docker-remote-api" version "3.2.1"
+  id 'pl.allegro.tech.build.axion-release' version '1.8.1'
   id "com.github.hierynomus.license" version "0.12.1"
   id "com.jfrog.bintray" version "1.7"
-  id 'ru.vyarus.pom' version '1.0.3'
+  id 'ru.vyarus.java-lib' version '1.0.5'
+  // id 'ru.vyarus.pom' version '1.0.3'
   id 'ru.vyarus.github-info' version '1.1.0'
+  id 'ru.vyarus.animalsniffer' version '1.4.2'
 }
 
 group = "com.hierynomus"
+
 defaultTasks "build"
 
 repositories {
   mavenCentral()
+  maven {
+    url "https://dl.bintray.com/mockito/maven/"
+  }
 }
 
 sourceCompatibility = 1.6
 targetCompatibility = 1.6
 
 configurations.compile.transitive = false
 
-def bouncycastleVersion = "1.56"
+def bouncycastleVersion = "1.57"
 
 dependencies {
+  signature 'org.codehaus.mojo.signature:java16:1.1@signature'
+
   compile "org.slf4j:slf4j-api:1.7.7"
   compile "org.bouncycastle:bcprov-jdk15on:$bouncycastleVersion"
   compile "org.bouncycastle:bcpkix-jdk15on:$bouncycastleVersion"
   compile "com.jcraft:jzlib:1.1.3"
 
-  compile "net.i2p.crypto:eddsa:0.1.0"
+  compile "net.i2p.crypto:eddsa:0.2.0"
 
   testCompile "junit:junit:4.11"
   testCompile 'org.spockframework:spock-core:1.0-groovy-2.4'
-  testCompile "org.mockito:mockito-core:2.8.47"
+  testCompile "org.mockito:mockito-core:2.9.2"
   testCompile "org.apache.sshd:sshd-core:1.2.0"
   testRuntime "ch.qos.logback:logback-classic:1.1.2"
   testCompile 'org.glassfish.grizzly:grizzly-http-server:2.3.17'
@@ -53,14 +65,19 @@ license {
   excludes(['**/djb/Curve25519.java', '**/sshj/common/Base64.java'])
 }
 
-if (project.file('.git').isDirectory()) {
-  release {
-    grgit = org.ajoberstar.grgit.Grgit.open(project.projectDir)
+scmVersion {
+  tag {
+    prefix = 'v'
+    versionSeparator = ''
+  }
+  hooks {
+    pre 'fileUpdate', [file: 'README.adoc', pattern: { v, c -> /:sshj_version: .*/}, replacement: { v, c -> ":sshj_version: $v" }]
+    pre 'commit'
   }
-} else {
-  version = "0.0.0-no.git"
 }
 
+project.version = scmVersion.version
+
 // This disables the pedantic doclint feature of JDK8
 if (JavaVersion.current().isJava8Compatible()) {
   tasks.withType(Javadoc) {
@@ -78,7 +95,6 @@ task writeSshjVersionProperties {
 }
 
 jar.dependsOn writeSshjVersionProperties
-
 jar {
   manifest {
     // please see http://bnd.bndtools.org/chapters/390-wrapping.html
@@ -99,14 +115,7 @@ jar {
   }
 }
 
-task javadocJar(type: Jar) {
-  classifier = 'javadoc'
-  from javadoc
-}
-
-task sourcesJar(type: Jar) {
-  classifier = 'sources'
-  from sourceSets.main.allSource
+sourcesJar {
   manifest {
     attributes(
       // Add the needed OSGI attributes
@@ -119,6 +128,27 @@ task sourcesJar(type: Jar) {
   }
 }
 
+configurations {
+  integrationTestCompile.extendsFrom testCompile
+  integrationTestRuntime.extendsFrom testRuntime
+}
+
+sourceSets {
+  integrationTest {
+    groovy {
+      compileClasspath += sourceSets.main.output + sourceSets.test.output
+      runtimeClasspath += sourceSets.main.output + sourceSets.test.output
+      srcDir file('src/itest/groovy')
+    }
+    resources.srcDir file('src/itest/resources')
+  }
+}
+
+task integrationTest(type: Test) {
+  testClassesDirs = sourceSets.integrationTest.output.classesDirs
+  classpath = sourceSets.integrationTest.runtimeClasspath
+}
+
 tasks.withType(Test) {
   testLogging {
     exceptionFormat = 'full'
@@ -185,21 +215,12 @@ pom {
   }
 }
 
-publishing.publications {
-  Sshj(MavenPublication) {
-    from components.java
-    artifact sourcesJar
-    artifact javadocJar
-  }
-}
-
-
 if (project.hasProperty("bintrayUsername") && project.hasProperty("bintrayApiKey")) {
   bintray {
     user = project.property("bintrayUsername")
     key = project.property("bintrayApiKey")
     publish = true
-    publications = ["Sshj"]
+    publications = ["maven"]
     pkg {
       repo = "maven"
       name = project.name
@@ -226,4 +247,38 @@ if (project.hasProperty("bintrayUsername") && project.hasProperty("bintrayApiKey
   }
 }
 
-project.tasks.release.dependsOn([project.tasks.build, project.tasks.bintrayUpload])
+jacocoTestReport {
+    reports {
+        xml.enabled true
+        html.enabled true
+    }
+}
+
+
+task buildItestImage(type: DockerBuildImage) {
+    inputDir = file('src/itest/docker-image')
+    tag = 'sshj/sshd-itest'
+}
+
+task createItestContainer(type: DockerCreateContainer) {
+    dependsOn buildItestImage
+    targetImageId { buildItestImage.getImageId() }
+    portBindings = ['2222:22']
+}
+
+task startItestContainer(type: DockerStartContainer) {
+    dependsOn createItestContainer
+    targetContainerId { createItestContainer.getContainerId() }
+}
+
+task stopItestContainer(type: DockerStopContainer) {
+    targetContainerId { createItestContainer.getContainerId() }
+}
+
+project.tasks.integrationTest.dependsOn(startItestContainer)
+project.tasks.integrationTest.finalizedBy(stopItestContainer)
+
+project.tasks.release.dependsOn([project.tasks.integrationTest, project.tasks.build])
+project.tasks.release.finalizedBy(project.tasks.bintrayUpload)
+project.tasks.jacocoTestReport.dependsOn(project.tasks.test)
+project.tasks.check.dependsOn(project.tasks.jacocoTestReport)

gradle/wrapper/gradle-wrapper.properties

@@ -3,4 +3,4 @@ distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-4.0-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-4.3-all.zip

src/itest/docker-image/Dockerfile

@@ -0,0 +1,16 @@
+FROM sickp/alpine-sshd:7.5
+
+ADD id_rsa.pub /home/sshj/.ssh/authorized_keys
+
+ADD test-container/ssh_host_ecdsa_key     /etc/ssh/ssh_host_ecdsa_key
+ADD test-container/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub
+
+RUN \
+  echo "root:smile" | chpasswd && \
+  adduser -D -s /bin/ash sshj && \
+  passwd -u sshj && \
+  chmod 600 /home/sshj/.ssh/authorized_keys && \
+  chmod 600 /etc/ssh/ssh_host_ecdsa_key && \
+  chmod 644 /etc/ssh/ssh_host_ecdsa_key.pub && \
+  chown -R sshj:sshj /home/sshj
+

src/itest/docker-image/id_rsa.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAoZ9l6Tkm2aL1tSBy2yw4xU5s8BE9MfqS/4J7DzvsYJxF6oQmTIjmStuhH/CT7UjuDtKXdXZUsIhKtafiizxGO8kHSzKDeitpth2RSr8ddMzZKyD6RNs7MfsgjA3UTtrrSrCXEY6O43S2cnuJrWzkPxtwxaQ3zOvDbS2tiulzyq0VzYmuhA/a4CyuQtJBuu+P2oqmu6pU/VB6IzONpvBvYbNPsH1WDmP7zko5wHPihXPCliztspKxS4DRtOZ7BGXyvg44UmIy0Kf4jOkaBV/eCCA4qH7ZHz71/5ceMOpszPcNOEmLGGYhwI+P3OuGMpkrSAv1f8IY6R8spZNncP6UaQ== no-passphrase

src/itest/docker-image/test-container/ssh_host_ecdsa_key

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIOpOBFjqe0hjK/hs4WZ3dZqnzanq1L3/JbvV1TCkbe4ToAoGCCqGSM49
+AwEHoUQDQgAEVzkrS7Yj0nXML7A3mE08YDthfBR/ZbyYJDIq1vTzcqs6KTaCT529
+swNXWLHO+mbHviZcRiI57ULXHZ1emom/Jw==
+-----END EC PRIVATE KEY-----

src/itest/docker-image/test-container/ssh_host_ecdsa_key.pub

@@ -0,0 +1 @@
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFc5K0u2I9J1zC+wN5hNPGA7YXwUf2W8mCQyKtb083KrOik2gk+dvbMDV1ixzvpmx74mXEYiOe1C1x2dXpqJvyc= root@404b27be2bf4

src/itest/groovy/com/hierynomus/sshj/IntegrationBaseSpec.groovy

@@ -0,0 +1,36 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj
+
+import net.schmizz.sshj.DefaultConfig
+import net.schmizz.sshj.SSHClient
+import net.schmizz.sshj.transport.verification.PromiscuousVerifier
+import spock.lang.Specification
+
+class IntegrationBaseSpec extends Specification {
+    protected static final int DOCKER_PORT = 2222;
+    protected static final String USERNAME = "sshj";
+    protected final static String SERVER_IP = System.getProperty("serverIP", "127.0.0.1");
+
+    protected static SSHClient getConnectedClient() throws IOException {
+        SSHClient sshClient = new SSHClient(new DefaultConfig());
+        sshClient.addHostKeyVerifier(new PromiscuousVerifier());
+        sshClient.connect(SERVER_IP, DOCKER_PORT);
+
+        return sshClient;
+    }
+
+}