Update Apache SSHD to 2.4

Change-Id: If15bbf1a25b9125f08b38077b01ba52245080d70

java/com/google/gerrit/sshd/SshDaemon.java

@@ -67,6 +67,7 @@ import java.util.concurrent.atomic.AtomicInteger;
 import org.apache.mina.transport.socket.SocketSessionConfig;
 import org.apache.sshd.common.BaseBuilder;
 import org.apache.sshd.common.NamedFactory;
+import org.apache.sshd.common.NamedResource;
 import org.apache.sshd.common.cipher.Cipher;
 import org.apache.sshd.common.compression.BuiltinCompressions;
 import org.apache.sshd.common.compression.Compression;
@@ -79,7 +80,7 @@ import org.apache.sshd.common.io.IoSession;
 import org.apache.sshd.common.io.mina.MinaServiceFactoryFactory;
 import org.apache.sshd.common.io.mina.MinaSession;
 import org.apache.sshd.common.io.nio2.Nio2ServiceFactoryFactory;
-import org.apache.sshd.common.kex.KeyExchange;
+import org.apache.sshd.common.kex.KeyExchangeFactory;
 import org.apache.sshd.common.keyprovider.KeyPairProvider;
 import org.apache.sshd.common.mac.Mac;
 import org.apache.sshd.common.random.Random;
@@ -92,7 +93,7 @@ import org.apache.sshd.common.util.net.SshdSocketAddress;
 import org.apache.sshd.common.util.security.SecurityUtils;
 import org.apache.sshd.server.ServerBuilder;
 import org.apache.sshd.server.SshServer;
-import org.apache.sshd.server.auth.UserAuth;
+import org.apache.sshd.server.auth.UserAuthFactory;
 import org.apache.sshd.server.auth.gss.GSSAuthenticator;
 import org.apache.sshd.server.auth.gss.UserAuthGSSFactory;
 import org.apache.sshd.server.auth.pubkey.PublickeyAuthenticator;
@@ -438,11 +439,9 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
     return r.toString();
   }
 
-  @SuppressWarnings("unchecked")
   private void initKeyExchanges(Config cfg) {
-    List<NamedFactory<KeyExchange>> a = ServerBuilder.setUpDefaultKeyExchanges(true);
-    setKeyExchangeFactories(
-        filter(cfg, "kex", (NamedFactory<KeyExchange>[]) a.toArray(new NamedFactory<?>[a.size()])));
+    List<KeyExchangeFactory> a = ServerBuilder.setUpDefaultKeyExchanges(true);
+    setKeyExchangeFactories(filter(cfg, "kex", a.toArray(new KeyExchangeFactory[a.size()])));
   }
 
   private void initProviderBouncyCastle(Config cfg) {
@@ -554,17 +553,16 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
   }
 
   @SafeVarargs
-  private static <T> List<NamedFactory<T>> filter(
-      final Config cfg, String key, NamedFactory<T>... avail) {
-    final ArrayList<NamedFactory<T>> def = new ArrayList<>();
-    for (NamedFactory<T> n : avail) {
+  private static <T extends NamedResource> List<T> filter(Config cfg, String key, T... avail) {
+    List<T> def = new ArrayList<>();
+    for (T n : avail) {
       if (n == null) {
         break;
       }
       def.add(n);
     }
 
-    final String[] want = cfg.getStringList("sshd", null, key);
+    String[] want = cfg.getStringList("sshd", null, key);
     if (want == null || want.length == 0) {
       return def;
     }
@@ -583,9 +581,9 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
         def.clear();
       }
 
-      final NamedFactory<T> n = find(name, avail);
+      T n = find(name, avail);
       if (n == null) {
-        final StringBuilder msg = new StringBuilder();
+        StringBuilder msg = new StringBuilder();
         msg.append("sshd.").append(key).append(" = ").append(name).append(" unsupported; only ");
         for (int i = 0; i < avail.length; i++) {
           if (avail[i] == null) {
@@ -611,8 +609,8 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
   }
 
   @SafeVarargs
-  private static <T> NamedFactory<T> find(String name, NamedFactory<T>... avail) {
-    for (NamedFactory<T> n : avail) {
+  private static <T extends NamedResource> T find(String name, T... avail) {
+    for (T n : avail) {
       if (n != null && name.equals(n.getName())) {
         return n;
       }
@@ -621,8 +619,7 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
   }
 
   private void initSignatures() {
-    setSignatureFactories(
-        NamedFactory.setUpBuiltinFactories(false, ServerBuilder.DEFAULT_SIGNATURE_PREFERENCE));
+    setSignatureFactories(ServerBuilder.setUpDefaultSignatureFactories(false));
   }
 
   private void initCompression(boolean enableCompression) {
@@ -669,7 +666,7 @@ public class SshDaemon extends SshServer implements SshInfo, LifecycleListener {
       final GSSAuthenticator kerberosAuthenticator,
       String kerberosKeytab,
       String kerberosPrincipal) {
-    List<NamedFactory<UserAuth>> authFactories = new ArrayList<>();
+    List<UserAuthFactory> authFactories = new ArrayList<>();
     if (kerberosKeytab != null) {
       authFactories.add(UserAuthGSSFactory.INSTANCE);
       logger.atInfo().log("Enabling kerberos with keytab %s", kerberosKeytab);

tools/nongoogle.bzl

@@ -27,18 +27,18 @@ def declare_nongoogle_deps():
         sha1 = "12d3de920c85a3667712877066f93e713c733977",
     )
 
-    SSHD_VERS = "2.3.0"
+    SSHD_VERS = "2.4.0"
 
     maven_jar(
         name = "sshd",
         artifact = "org.apache.sshd:sshd-core:" + SSHD_VERS,
-        sha1 = "21aeea9deba96c9b81ea0935fa4fac61aa3cf646",
+        sha1 = "102eefb7e195aae25096f54f2398e54cb0fe839c",
     )
 
     maven_jar(
         name = "sshd-common",
         artifact = "org.apache.sshd:sshd-common:" + SSHD_VERS,
-        sha1 = "8b6e3baaa0d35b547696965eef3e62477f5e74c9",
+        sha1 = "017be0597f41449518762fc529c707148007f4bc",
     )
 
     maven_jar(
@@ -56,7 +56,7 @@ def declare_nongoogle_deps():
     maven_jar(
         name = "sshd-mina",
         artifact = "org.apache.sshd:sshd-mina:" + SSHD_VERS,
-        sha1 = "55dc0830dfcbceba01f9460812ee454978a15fe8",
+        sha1 = "8aa8715d07bd61ad8315df66d43c0c04b1b755c8",
     )
 
     # elasticsearch-rest-client explicitly depends on this version