Update MINA SSHD to 0.3.0-r881338

We specifically install the ChannelDirectTcpip channel factory
so that the daemon understands this protocol feature but our
TcpIpForwardFilter automatically rejects all connection attempts made
by a client.  This will cause nice error messages to be reported
back, letting the user know their port forwarding was denied,
rather than generating an obtuse error message in the client.

Even if we skipped the ChannelDirectTcpip session factory we must
install the TcpIpForwardFilter.  If we don't MINA SSHD would permit
any client to listen for inbound connections on any of our local
ports and redirect them to the client's own server of choice.

We also now specifically configure the subsystem list to be empty.
This is to disable any SFTP support inherited from MINA SSHD,
we actually don't want to service SFTP for anything at this time.
We might consider enabling SFTP off the same virtual filesystem we
use for scp, but its not a very important feature.

Bug: issue 336
Change-Id: I7a64601524ca84f308b76357290c456dc4613b67
Signed-off-by: Shawn O. Pearce <sop@google.com>

gerrit-war/src/main/java/log4j.properties

@@ -22,6 +22,7 @@ log4j.logger.com.google.gerrit=INFO
 
 # Silence non-critical messages from MINA SSHD.
 #
+log4j.logger.org.apache.mina=WARN
 log4j.logger.org.apache.sshd.common=WARN
 log4j.logger.org.apache.sshd.server=WARN
 log4j.logger.org.apache.sshd.common.keyprovider.FileKeyPairProvider=INFO