Commits on Jun 20, 2022

1. plumbing: transport/ssh, auto-populate ClientConfig.HostKeyAlgorithms. … …

   …Fixes go-git#411
   
   This commit adjusts the transport/ssh logic in command.connect(), so that it
   now auto-populates ssh.ClientConfig.HostKeyAlgorithms. The algorithms are
   chosen based on the known host keys for the target host, as obtained from the
   known_hosts file.
   
   In order to look-up the algorithms from the known_hosts file, external module
   github.com/skeema/knownhosts is used. This package is just a thin wrapper
   around golang.org/x/crypto/ssh/knownhosts, adding an extra mechanism to query
   the known_hosts keys, implemented in a way which avoids duplication of any
   golang.org/x/crypto/ssh/knownhosts logic.
   
   Because HostKeyAlgorithms vary by target host, some related logic for setting
   HostKeyCallback has been moved out of the various AuthMethod implementations.
   This was necessary because the old HostKeyCallbackHelper is not host-specific.
   Since known_hosts handling isn't really tied to AuthMethod anyway, it seems
   reasonable to separate these. Previously-exported types/methods remain in
   place for backwards compat, but some of them are now unused.
   
   For testing approach, see pull request. Issue go-git#411 can only be reproduced
   via end-to-end / integration testing, since it requires actually launching
   an SSH connection, in order to see the key mismatch error triggered from
   golang/go#29286 as the root cause.

   

   evanelias committed Jun 20, 2022
   Copy the full SHA

   c382f61 View commit details

   Browse the repository at this point in the history