commit | 8d62a9da3349ef58817dd98980a0f8e35c500520 | [log] [tgz] |
---|---|---|
author | Thomas Wolf <twolf@apache.org> | Thu May 18 12:12:58 2023 +0200 |
committer | Thomas Wolf <twolf@apache.org> | Fri May 19 21:31:16 2023 +0200 |
tree | cca7885e9c714ccef2265554190954de2e872c44 | |
parent | 8477465c7442711b080bfeca8b38bbaddb525afc [diff] |
GH-370: Also compare file keys in ModifiableFileWatcher Additionally, handle the case of files being modified very quickly, such that the last modified timestamp doesn't change, even though the file was modified. If the modification did not change the file size, such metadata is "racily clean", meaning it indicates the file had not been modified when in fact it was. This can occur because of the finite resolution of file timestamps. If the file timestamp has a granularity of 2 seconds (FAT), two file modifications within these two seconds that don't change the file size cannot be recognized. Hence any file timestamp from the past 2 seconds (measured from the time it was read) is suspect, and the file must be considered potentially modified, and must be re-loaded. This is not a problem unless one frequently writes files and then reads them again within two seconds. (Or if one reads the same file multiple times within two seconds.) In such cases, care should be taken to determine the actual resolution of file timestamps, which often is much better. But for the use cases in SSH the worst-case assumption of two seconds should be fine. Bug: https://github.com/apache/mina-sshd/issues/370
Apache MINA SSHD is a 100% pure java library to support the SSH protocols on both the client and server side. It does not aim at being a replacement for the SSH client or SSH server from Unix operating systems, but rather provides support for Java based applications requiring SSH support.
The library can leverage several I/O back-ends:
AsynchronousSocketChannel
s.Bug reports and improvement or feature requests can be filed at the GitHub issue tracker or at the Apache issue tracker.
Sensitive issues such as security vulnerabilities must be reported through private channels, not via either issue tracker.
Java 8+ (as of version 1.3)
The code only requires the core abstract slf4j-api module. The actual implementation of the logging API can be selected from the many existing adaptors.
sshd-common - contains basic classes used throughout the project as well as code that does not require client or server network support.
sshd-core - contains the basic SSH client/server code implementing the connection, transport, channels, forwarding, etc..
sshd-sftp - contains the server side SFTP subsystem and the SFTP client code.
sshd-scp - contains the server side SCP command handler and the SCP client code.
sshd-ldap - contains server-side password and public key authenticators that use an LDAP server.
sshd-git - contains replacements for JGit SSH session factory.
sshd-osgi - contains an artifact that combines sshd-common and sshd-core so it can be deployed in OSGi environments.
sshd-putty - contains code that can parse PUTTY key files.
sshd-openpgp - contains code that can parse OpenPGP key files (with some limitations - see relevant section)
sshd-cli - contains simple templates for command-line client/server - used to provide look-and-feel similar to the Linux ssh/sshd commands.
sshd-contrib - experimental code that is currently under review and may find its way into one of the other artifacts (or become an entirely new artifact - e.g., sshd-putty evolved this way).
Including tests
mvn clean install
Without tests
mvn -Pquick clean install