Introduced in 2.9.2

Bug fixes

  • CVE-2022-45047 Unsafe deserialization in org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider

  • SSHD-1173 Not fully using up a channel window may lead to hangs (see Channel windows below)

  • SSHD-1287 SFTP: reading with buffers larger than 126kB leads to data corruption

  • SSHD-1293 ExplicitPortForwardingTracker does not unbind auto-allocated port

  • SSHD-1294 Close MinaServiceFactory instances properly

  • SSHD-1297 Avoid OutOfMemoryError when reading a public key from a corrupted Buffer

  • SSHD-1302 Reading from Channel.getInvertedOut() after EOF was reached throws IOException instead of returning -1

  • SSHD-1303 Reading from redirected Channel.getInvertedErr() delivers stdout; should be at EOF

  • SSHD-1307 [NIO2] TCP/IP port forwarding: shut down output stream only after pending writes have been written

  • GH-263 Race condition in BufferedIoOutputStream

  • GH-266 ChannelPipedOutputStream.flush() must be a no-op

Major code re-factoring

Potential compatibility issues

Minor code helpers

  • New utility method KeyUtils.loadPublicKey() to read a public key file.

Behavioral changes and enhancements

  • Netty I/O back-end: respect configurations for CoreModuleProperties.SOCKET_BACKLOG and CoreModuleProperties.SOCKET_REUSEADDR.
  • MINA I/O back-end: use CoreModuleProperties.NIO2_READ_BUFFER_SIZE for the initial read buffer size, if set. A new CoreModuleProperties.MIN_READ_BUFFER_SIZE can be set to control the minimum read buffer size (64 bytes by default in Apache MINA).
  • NIO2 I/O back-end: in TCP/IP port forwarding, shut down the output stream of a socket when a SSH_MSG_CHANNEL_EOF message is received on the SSH channel only after still pending writes have completed. See SSHD-1307. The MINA and Netty I/O back-ends already did so.

Channel windows

Previous versions of Apache MINA sshd (from 2.6.0 to 2.9.1) did not always fully use up a channel window and waited for a SSH_MSG_CHANNEL_WINDOW_ADJUST message from the peer instead. They did so if the available window size was smaller than the packet size of the channel, and also smaller than the amount of data still to be written. There were settings to change this behavior and always fully use up a channel window: these settings were

  • CoreModuleProperties.ASYNC_SERVER_STDOUT_CHUNK_BELOW_WINDOW_SIZE
  • CoreModuleProperties.ASYNC_SERVER_STDERR_CHUNK_BELOW_WINDOW_SIZE
  • SftpModuleProperties.CHUNK_IF_WINDOW_LESS_THAN_PACKET

By default, they were false; if set to true, the window would be used fully.

Not using up a channel window may lead to hangs with peers that send the SSH_MSG_CHANNEL_WINDOW_ADJUST message only when the window size is very low, or even zero. The SSH RFCs do not mandate any particular point at which an implementation should adjust the window. OpenSSH and Apache MINA sshd itself do so when half of the window is used up, but there are other implementations that do so only when the available window size becomes zero.

In this version, the above settings have been removed. Apache MINA sshd behaves always as if they were true, i.e., if there is some window space and there is data to write, data will be written. See Apache MINA sshd issues SSHD-1123 and SSHD-1173.