Working on #88

Fix for race condition in global request response handling (fixes #236)

.travis.yml

@@ -1 +1,2 @@
-language: java
+language: java
+sudo: false

LICENSE_HEADER

@@ -0,0 +1,13 @@
+Copyright (C)2009 - SSHJ Contributors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

README.adoc

@@ -1,7 +1,7 @@
 = sshj - SSHv2 library for Java
 Jeroen van Erp
 :sshj_groupid: com.hierynomus
-:sshj_version: 0.11.0
+:sshj_version: 0.15.0
 :source-highlighter: pygments
 
 image::https://travis-ci.org/hierynomus/sshj.svg?branch=master[]
@@ -59,13 +59,15 @@ In the `examples` directory, there is a separate Maven project that shows how th
 Implementations / adapters for the following algorithms are included:
 
 ciphers::
-  `aes{128,192,256}-{cbc,ctr}`, `blowfish-cbc`, `3des-cbc`
+  `aes{128,192,256}-{cbc,ctr}`, `blowfish-{cbc,ctr}`, `3des-{cbc,ctr}`, `twofish{128,192,256}-{cbc,ctr}`, `twofish-cbc`, `serpent{128,192,256}-{cbc,ctr}`, `idea-{cbc,ctr}`, `cast128-{cbc,ctr}`, `arcfour`, `arcfour{128,256}`
+  SSHJ also supports the following extended (non official) ciphers: `camellia{128,192,256}-{cbc,ctr}`, `camellia{128,192,256}-{cbc,ctr}@openssh.org`
 
 key exchange::
-  `diffie-hellman-group1-sha1`, `diffie-hellman-group14-sha1`
+  `diffie-hellman-group1-sha1`, `diffie-hellman-group14-sha1`, `diffie-hellman-group-exchange-sha1`, `diffie-hellman-group-exchange-sha256`,
+  `ecdh-sha2-nistp256`, `ecdh-sha2-nistp384`, `ecdh-sha2-nistp521`, `curve25519-sha256@libssh.org`
 
 signatures::
-  `ssh-rsa`, `ssh-dss`
+  `ssh-rsa`, `ssh-dss`, `ecdsa-sha2-nistp256`, `ssh-ed25519`
 
 mac::
   `hmac-md5`, `hmac-md5-96`, `hmac-sha1`, `hmac-sha1-96`, `hmac-sha2-256`, `hmac-sha2-512`
@@ -78,6 +80,8 @@ private key files::
 
 If you need something that is not included, it shouldn't be too hard to add (do contribute it!)
 
+== Comparing to other implementations
+http://ssh-comparison.quendi.de/comparison.html[SSH Implementation Comparison]
 
 == Dependencies
 Java 6+. http://www.slf4j.org/download.html[slf4j] is required. http://www.bouncycastle.org/java.html[bouncycastle] is highly recommended and required for using some of the crypto algorithms. http://www.jcraft.com/jzlib/[jzlib] is required for using zlib compression.
@@ -92,15 +96,47 @@ Google Group: http://groups.google.com/group/sshj-users
 Fork away!
 
 == Release history
-
-* SSHJ 0.11.0 (No date set yet)
-** New maven coordinates `com.hierynomus:sshj:0.11.0` as https://github.com/hierynomus[@hierynomus] took over as maintainer of SSHJ
-** Migrated build system to Gradle 2.2.1
-** Merged https://github.com/hierynomus/sshj/issues/150[#150]: Fix for incorrect file handle on some SSH servers, fixes: https://github.com/hierynomus/sshj/issues/54[#54], https://github.com/hierynomus/sshj/issues/119[#119], https://github.com/hierynomus/sshj/issues/168[#168], https://github.com/hierynomus/sshj/issues/169[#169]
-** Made `jzlib` optional in OSGi bundling, fixes: https://github.com/hierynomus/sshj/issues/162[#162]
-** Improved some log levels, fixes: https://github.com/hierynomus/sshj/issues/161[#161]
-** Merged https://github.com/hierynomus/sshj/issues/156[#156], https://github.com/hierynomus/sshj/issues/164[#164], https://github.com/hierynomus/sshj/issues/165[#165]: Fixed block sizes for `hmac-sha2-256` and `hmac-sha2-512`
-** Merged https://github.com/hierynomus/sshj/issues/141[#141]: Add proxy support
-** Merged https://github.com/hierynomus/sshj/issues/157[#157], https://github.com/hierynomus/sshj/issues/163[#163]: Doc and build fixes
-** Upgraded BouncyCastle to 1.51, fixes: https://github.com/hierynomus/sshj/issues/142[#142]
-** Implemented keep-alive with connection drop detection, fixes https://github.com/hierynomus/sshj/issues/166[#166]
+SSHJ 0.16.0 (2016-??-??)::
+* Fixed https://github.com/hierynomus/sshj/issues/239[#239]: Remote port forwards did not work if you used the empty string as address, or a catch-all address.
+* Fixed https://github.com/hierynomus/sshj/issues/242[#242]: Added OSGI headers to sources jar manifest
+* Fixed https://github.com/hierynomus/sshj/issues/236[#236]: Remote Port forwarding with dynamic port allocation fails with BufferUnderflowException
+* Upgraded gradle distribution to 2.12
+* Closed https://github.com/hierynomus/sshj/issues/234[#234]: Dropped Java6 support (0.15.0 was already Java6 incompatible due to Java7 dependency)
+* Fixed https://github.com/hierynomus/sshj/issues/118[#118]: Added configuration switch for waiting on a server ident before sending the client ident.
+* Fixed https://github.com/hierynomus/sshj/issues/114[#114]: Added javadoc that you always need to call close() on a Command before inspecting the exit codes.
+* Fixed https://github.com/hierynomus/sshj/issues/237[#237]: Fixed race condition if a `hostkeys-00@openssh.com` global request is received directly after a successful auth.
+SSHJ 0.15.0 (2015-11-20)::
+* Fixed https://github.com/hierynomus/sshj/issues/220[#220]: Added support for `ssh-ed25519` host keys
+* Fixed https://github.com/hierynomus/sshj/issues/225[#225]: Fixed bug in ECDSA fingerprint calculation that sometimes produced an incorrect fingerprint
+* Added `arcfour` Stream Ciphers from RFC4253 and RFC4345
+* Added all Block Ciphers from RFC4344 and RFC4253
+SSHJ 0.14.0 (2015-11-04)::
+* Fixed https://github.com/hierynomus/sshj/issues/171[#171]: Added support for `curve25519-sha256@libssh.org` key exchange algorithm
+* Added support for `ecdh-sha2-nistp256`, `ecdh-sha2-nistp384` and  `ecdh-sha2-nistp521` key exchange algorithms
+* Fixed https://github.com/hierynomus/sshj/issues/167[#167]: Added support for `diffie-hellman-group-exchange-sha1` and `diffie-hellman-group-exchange-sha256` key exchange methods
+* Fixed https://github.com/hierynomus/sshj/issues/212[#212]: Configure path escaping to enable shell expansion to work correctly
+* Merged https://github.com/hierynomus/sshj/issues/210[#210]: RemoteFileInputStream.skip returns wrong value (Fixes https://github.com/hierynomus/sshj/issues/209[#209])
+* Merged https://github.com/hierynomus/sshj/issues/208[#208]: Added SCP bandwidth limitation support
+* Merged https://github.com/hierynomus/sshj/issues/211[#211]: Made keyfile format detection more robust
+SSHJ 0.13.0 (2015-08-18)::
+* Merged https://github.com/hierynomus/sshj/issues/199[#199]: Fix for IndexOutOfBoundsException in ReadAheadRemoteFileInputStream, fixes https://github.com/hierynomus/sshj/issues/183[#183]
+* Merged https://github.com/hierynomus/sshj/issues/195[#195]: New authentication supported: `gssapi-with-mic`
+* Merged https://github.com/hierynomus/sshj/issues/201[#201]: New option to verify negotiated key exchange algorithms
+* Merged https://github.com/hierynomus/sshj/issues/196[#196]: Fix for looking up complete hostname in known hosts file
+SSHJ 0.12.0 (2015-04-14)::
+* Added support for HTTP proxies when running JDK6 or JDK7, fixes: https://github.com/hierynomus/sshj/issues/170[#170]
+* Merged https://github.com/hierynomus/sshj/issues/186[#186]: Fix for detecting end-of-stream
+* Compiling to JDK6, fixes https://github.com/hierynomus/sshj/issues/179[#179] and https://github.com/hierynomus/sshj/issues/185[#185]
+* Correctly close socket and channel when LocalPortForwarder fails to open and start the channel (Fixes https://github.com/hierynomus/sshj/issues/175[#175] and https://github.com/hierynomus/sshj/issues/176[#176])
+* Merged https://github.com/hierynomus/sshj/issues/181[#181]: Invalid write packet length when reading with offset (Fixes https://github.com/hierynomus/sshj/issues/180[#180])
+SSHJ 0.11.0 (2015-01-23)::
+* New maven coordinates `com.hierynomus:sshj:0.11.0` as https://github.com/hierynomus[@hierynomus] took over as maintainer of SSHJ
+* Migrated build system to Gradle 2.2.1
+* Merged https://github.com/hierynomus/sshj/issues/150[#150]: Fix for incorrect file handle on some SSH servers, fixes: https://github.com/hierynomus/sshj/issues/54[#54], https://github.com/hierynomus/sshj/issues/119[#119], https://github.com/hierynomus/sshj/issues/168[#168], https://github.com/hierynomus/sshj/issues/169[#169]
+* Made `jzlib` optional in OSGi bundling, fixes: https://github.com/hierynomus/sshj/issues/162[#162]
+* Improved some log levels, fixes: https://github.com/hierynomus/sshj/issues/161[#161]
+* Merged https://github.com/hierynomus/sshj/issues/156[#156], https://github.com/hierynomus/sshj/issues/164[#164], https://github.com/hierynomus/sshj/issues/165[#165]: Fixed block sizes for `hmac-sha2-256` and `hmac-sha2-512`
+* Merged https://github.com/hierynomus/sshj/issues/141[#141]: Add proxy support
+* Merged https://github.com/hierynomus/sshj/issues/157[#157], https://github.com/hierynomus/sshj/issues/163[#163]: Doc and build fixes
+* Upgraded BouncyCastle to 1.51, fixes: https://github.com/hierynomus/sshj/issues/142[#142]
+* Implemented keep-alive with connection drop detection, fixes https://github.com/hierynomus/sshj/issues/166[#166]

build.gradle

@@ -1,80 +1,118 @@
-apply plugin: "java"
-apply plugin: "maven"
-apply plugin: "signing"
-apply plugin: "osgi"
-
-group = "com.hierynomus"
-version = "0.11.0-SNAPSHOT"
-
-repositories {
-  mavenCentral()
-  mavenLocal()
+plugins {
+    id "java"
+    id "maven"
+    id "idea"
+    id "signing"
+    id "osgi"
+    id "org.ajoberstar.release-opinion" version "1.4.0-rc.1"
+    id "com.github.hierynomus.license" version "0.12.1"
 }
 
-configurations {
-  compile {
-    transitive = false
-  }
+group = "com.hierynomus"
+
+repositories {
+    mavenCentral()
+}
+
+sourceCompatibility = 1.7
+targetCompatibility = 1.7
+
+configurations.compile.transitive = false
+
+idea {
+    module {
+        downloadJavadoc = true
+        downloadSources = true
+    }
+}
+
+license {
+    mapping {
+        java = 'SLASHSTAR_STYLE'
+    }
+    header rootProject.file('LICENSE_HEADER')
+    strictCheck true
+}
+
+release {
+    grgit = org.ajoberstar.grgit.Grgit.open(project.projectDir)
 }
 
 test {
-  include "**/*Test.*"
-  afterSuite { descriptor, result ->
-    if (descriptor.className != null) {
-      def indicator = "\u001B[32m✓\u001b[0m"
-      if (result.failedTestCount > 0) {
-        indicator = "\u001B[31m✘\u001b[0m"
-      }
-      logger.lifecycle("$indicator Test ${descriptor.name}; Executed: ${result.testCount}/\u001B[32m${result.successfulTestCount}\u001B[0m/\u001B[31m${result.failedTestCount}\u001B[0m")
+    testLogging {
+        exceptionFormat = 'full'
+    }
+    include "**/*Test.*"
+    if (!project.hasProperty("allTests")) {
+        useJUnit {
+            excludeCategories 'com.hierynomus.sshj.test.SlowTests'
+            excludeCategories 'com.hierynomus.sshj.test.KnownFailingTests'
+        }
+    }
+
+    afterSuite { descriptor, result ->
+        if (descriptor.className != null) {
+            def indicator = "\u001B[32m✓\u001b[0m"
+            if (result.failedTestCount > 0) {
+                indicator = "\u001B[31m✘\u001b[0m"
+            }
+            logger.lifecycle("$indicator Test ${descriptor.name}; Executed: ${result.testCount}/\u001B[32m${result.successfulTestCount}\u001B[0m/\u001B[31m${result.failedTestCount}\u001B[0m")
+        }
     }
-  }
 }
 
 def bouncycastleVersion = "1.51"
 
 dependencies {
-  compile "org.slf4j:slf4j-api:1.7.7"
-  compile "org.bouncycastle:bcprov-jdk15on:$bouncycastleVersion"
-  compile "org.bouncycastle:bcpkix-jdk15on:$bouncycastleVersion"
-  compile "com.jcraft:jzlib:1.1.3"
+    compile "org.slf4j:slf4j-api:1.7.7"
+    compile "org.bouncycastle:bcprov-jdk15on:$bouncycastleVersion"
+    compile "org.bouncycastle:bcpkix-jdk15on:$bouncycastleVersion"
+    compile "com.jcraft:jzlib:1.1.3"
+
+    compile "net.vrallev.ecc:ecc-25519-java:1.0.1"
+
+    testCompile "junit:junit:4.11"
+    testCompile "org.mockito:mockito-core:1.9.5"
+    testCompile "org.apache.sshd:sshd-core:1.1.0"
+    testRuntime "ch.qos.logback:logback-classic:1.1.2"
+    testCompile 'org.glassfish.grizzly:grizzly-http-server:2.3.17'
+    testCompile 'org.apache.httpcomponents:httpclient:4.5.2'
 
-  testCompile "junit:junit:4.11"
-  testCompile "org.mockito:mockito-core:1.9.5"
-  testCompile "org.apache.sshd:sshd-core:0.11.0"
-  testRuntime "ch.qos.logback:logback-classic:1.1.2"
 }
 
 jar {
-  manifest {
-    instruction "Bundle-Description", "SSHv2 library for Java"
-    instruction "Bundle-License", "http://www.apache.org/licenses/LICENSE-2.0.txt"
-    instruction "Import-Package", "!net.schmizz.*"
-    instruction "Import-Package", "javax.crypto*"
-    instruction "Import-Package", "com.jcraft.jzlib*;version=\"[1.1,2)\";resolution:=optional"
-    instruction "Import-Package", "org.slf4j*;version=\"[1.7,5)\""
-    instruction "Import-Package", "org.bouncycastle*"
-    instruction "Import-Package", "*"
-    instruction "Export-Package", "net.schmizz.*"
-  }
+    manifest {
+        instruction "Bundle-Description", "SSHv2 library for Java"
+        instruction "Bundle-License", "http://www.apache.org/licenses/LICENSE-2.0.txt"
+        instruction "Import-Package", "!net.schmizz.*"
+        instruction "Import-Package", "javax.crypto*"
+        instruction "Import-Package", "net.i2p*"
+        instruction "Import-Package", "com.jcraft.jzlib*;version=\"[1.1,2)\";resolution:=optional"
+        instruction "Import-Package", "org.slf4j*;version=\"[1.7,5)\""
+        instruction "Import-Package", "org.bouncycastle*"
+        instruction "Import-Package", "*"
+        instruction "Export-Package", "net.schmizz.*"
+    }
 }
 
 task javadocJar(type: Jar) {
-  classifier = 'javadoc'
-  from javadoc
+    classifier = 'javadoc'
+    from javadoc
 }
 
 task sourcesJar(type: Jar) {
-  classifier = 'sources'
-  from sourceSets.main.allSource
+    classifier = 'sources'
+    from sourceSets.main.allSource
+    manifest = project.tasks.jar.manifest
 }
 
 artifacts {
-  archives javadocJar, sourcesJar
+    archives javadocJar, sourcesJar
 }
 
 signing {
-  required { !version.contains("SNAPSHOT") && gradle.taskGraph.hasTask("uploadArchives") }
-  sign configurations.archives
+    required { !version.toString().contains("SNAPSHOT") && gradle.taskGraph.hasTask("uploadArchives") }
+    sign configurations.archives
 }
 
 // This disables the pedantic doclint feature of JDK8
@@ -85,74 +123,76 @@ if (JavaVersion.current().isJava8Compatible()) {
 }
 
 uploadArchives {
-  if(project.hasProperty('sonatypeUsername')) {
-    repositories.mavenDeployer {
-      beforeDeployment { MavenDeployment deployment -> signing.signPom(deployment) }
+    if (project.hasProperty('sonatypeUsername')) {
+        repositories.mavenDeployer {
+            beforeDeployment { MavenDeployment deployment -> signing.signPom(deployment) }
 
-      configuration = configurations.archives
+            configuration = configurations.archives
 
-      repository(url: 'https://oss.sonatype.org/service/local/staging/deploy/maven2') {
-        authentication(userName: sonatypeUsername, password: sonatypePassword)
-      }
-      snapshotRepository(url: 'https://oss.sonatype.org/content/repositories/snapshots/') {
-        authentication(userName: sonatypeUsername, password: sonatypePassword)
-      }
-
-      pom.project {
-        name "sshj"
-        description "SSHv2 library for Java"
-        url "https://github.com/hierynomus/sshj"
-        inceptionYear "2009"
-
-        issueManagement {
-          system "github"
-          url "https://github.com/hierynomus/sshj/issues"
-        }
-
-        scm {
-          connection "scm:git:git://github.com/hierynomus/sshj.git"
-          developerConnection "scm:git:git@github.com:hierynomus/sshj.git"
-          url "https://github.com/hierynomus/sshj.git"
-        }
-
-        licenses {
-          license {
-            name "Apache 2"
-            url "http://www.apache.org/licenses/LICENSE-2.0.txt"
-            distribution "repo"
-          }
-        }
-
-        developers {
-          developer {
-            id "hierynomus"
-            name "Jeroen van Erp"
-            email "jeroen@javadude.nl"
-            roles {
-              role "Lead developer"
+            repository(url: 'https://oss.sonatype.org/service/local/staging/deploy/maven2') {
+                authentication(userName: sonatypeUsername, password: sonatypePassword)
             }
-          }
-          developer {
-            id "shikhar"
-            name "Shikhar Bhushan"
-            email "shikhar@schmizz.net"
-            url "http://schmizz.net"
-            roles {
-              role "Previous lead developer"
+            snapshotRepository(url: 'https://oss.sonatype.org/content/repositories/snapshots/') {
+                authentication(userName: sonatypeUsername, password: sonatypePassword)
             }
-          }
-          developer {
-            id "iterate"
-            name "David Kocher"
-            email "dkocher@iterate.ch"
-            organization "iterage GmbH"
-            organizationUrl "https://iterate.ch"
-            roles {
-              role "Developer"
+
+            pom.project {
+                name "sshj"
+                description "SSHv2 library for Java"
+                url "https://github.com/hierynomus/sshj"
+                inceptionYear "2009"
+
+                issueManagement {
+                    system "github"
+                    url "https://github.com/hierynomus/sshj/issues"
+                }
+
+                scm {
+                    connection "scm:git:git://github.com/hierynomus/sshj.git"
+                    developerConnection "scm:git:git@github.com:hierynomus/sshj.git"
+                    url "https://github.com/hierynomus/sshj.git"
+                }
+
+                licenses {
+                    license {
+                        name "Apache 2"
+                        url "http://www.apache.org/licenses/LICENSE-2.0.txt"
+                        distribution "repo"
+                    }
+                }
+
+                developers {
+                    developer {
+                        id "hierynomus"
+                        name "Jeroen van Erp"
+                        email "jeroen@javadude.nl"
+                        roles {
+                            role "Lead developer"
+                        }
+                    }
+                    developer {
+                        id "shikhar"
+                        name "Shikhar Bhushan"
+                        email "shikhar@schmizz.net"
+                        url "http://schmizz.net"
+                        roles {
+                            role "Previous lead developer"
+                        }
+                    }
+                    developer {
+                        id "iterate"
+                        name "David Kocher"
+                        email "dkocher@iterate.ch"
+                        organization "iterage GmbH"
+                        organizationUrl "https://iterate.ch"
+                        roles {
+                            role "Developer"
+                        }
+                    }
+                }
             }
-          }
         }
-      }
     }
-  }
-}
+}
+
+tasks.release.dependsOn 'build', 'uploadArchives'

examples/pom.xml

@@ -21,10 +21,10 @@
 
     <modelVersion>4.0.0</modelVersion>
 
-    <groupId>net.schmizz</groupId>
-    <artifactId>sshj</artifactId>
+    <groupId>com.hierynomus</groupId>
+    <artifactId>sshj-examples</artifactId>
     <packaging>jar</packaging>
-    <version>0.10.0</version>
+    <version>0.14.0</version>
 
     <name>sshj-examples</name>
     <description>Examples for SSHv2 library for Java</description>
@@ -53,9 +53,9 @@
 
     <dependencies>
         <dependency>
-            <groupId>net.schmizz</groupId>
+            <groupId>com.hierynomus</groupId>
             <artifactId>sshj</artifactId>
-            <version>0.10.0</version>
+            <version>0.15.0</version>
         </dependency>
     </dependencies>
 

examples/src/main/java/net/schmizz/sshj/examples/Exec.java

@@ -1,18 +1,3 @@
-/**
- * Copyright 2009 sshj contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 package net.schmizz.sshj.examples;
 
 import net.schmizz.sshj.SSHClient;

examples/src/main/java/net/schmizz/sshj/examples/KeepAlive.java

@@ -1,18 +1,3 @@
-/**
- * Copyright 2009 sshj contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 package net.schmizz.sshj.examples;
 
 import net.schmizz.keepalive.KeepAliveProvider;

examples/src/main/java/net/schmizz/sshj/examples/LocalPF.java

@@ -1,18 +1,3 @@
-/**
- * Copyright 2009 sshj contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 package net.schmizz.sshj.examples;
 
 import net.schmizz.sshj.SSHClient;

examples/src/main/java/net/schmizz/sshj/examples/RemotePF.java

@@ -1,18 +1,3 @@
-/**
- * Copyright 2009 sshj contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 package net.schmizz.sshj.examples;
 
 import net.schmizz.sshj.SSHClient;

examples/src/main/java/net/schmizz/sshj/examples/RudimentaryPTY.java

@@ -1,18 +1,3 @@
-/**
- * Copyright 2009 sshj contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 package net.schmizz.sshj.examples;
 
 import net.schmizz.sshj.SSHClient;

examples/src/main/java/net/schmizz/sshj/examples/SCPDownload.java

@@ -1,18 +1,3 @@
-/**
- * Copyright 2009 sshj contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 package net.schmizz.sshj.examples;
 
 import net.schmizz.sshj.SSHClient;
@@ -37,4 +22,4 @@ public class SCPDownload {
         }
     }
 
-}
+}

examples/src/main/java/net/schmizz/sshj/examples/SCPUpload.java

@@ -1,18 +1,3 @@
-/**
- * Copyright 2009 sshj contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 package net.schmizz.sshj.examples;
 
 import net.schmizz.sshj.SSHClient;
@@ -42,4 +27,4 @@ public class SCPUpload {
             ssh.disconnect();
         }
     }
-}
+}

examples/src/main/java/net/schmizz/sshj/examples/SFTPDownload.java

@@ -1,18 +1,3 @@
-/**
- * Copyright 2009 sshj contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 package net.schmizz.sshj.examples;
 
 import net.schmizz.sshj.SSHClient;
@@ -42,4 +27,4 @@ public class SFTPDownload {
         }
     }
 
-}
+}

examples/src/main/java/net/schmizz/sshj/examples/SFTPUpload.java

@@ -1,18 +1,3 @@
-/**
- * Copyright 2009 sshj contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 package net.schmizz.sshj.examples;
 
 import net.schmizz.sshj.SSHClient;
@@ -44,4 +29,4 @@ public class SFTPUpload {
         }
     }
 
-}
+}

examples/src/main/java/net/schmizz/sshj/examples/X11.java

@@ -1,18 +1,3 @@
-/**
- * Copyright 2009 sshj contributors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 package net.schmizz.sshj.examples;
 
 import net.schmizz.sshj.SSHClient;
@@ -67,4 +52,4 @@ public class X11 {
             ssh.disconnect();
         }
     }
-}
+}

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
-#Wed Jan 21 09:17:25 CET 2015
+#Fri Mar 18 11:26:35 CET 2016
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-2.2.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-2.3-all.zip

pom.xml

@@ -1,344 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
-    Copyright 2009 sshj contributors
-
-    Licensed under the Apache License, Version 2.0 (the "License");
-    you may not use this file except in compliance with the License.
-    You may obtain a copy of the License at
-
-        http://www.apache.org/licenses/LICENSE-2.0
-
-    Unless required by applicable law or agreed to in writing, software
-    distributed under the License is distributed on an "AS IS" BASIS,
-    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-    See the License for the specific language governing permissions and
-    limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
-    <modelVersion>4.0.0</modelVersion>
-
-    <groupId>net.schmizz</groupId>
-    <artifactId>sshj</artifactId>
-    <packaging>bundle</packaging>
-    <version>0.10.1-SNAPSHOT</version>
-
-    <name>sshj</name>
-    <description>SSHv2 library for Java</description>
-    <url>http://github.com/hierynomus/sshj</url>
-
-    <inceptionYear>2009</inceptionYear>
-
-    <issueManagement>
-        <system>github</system>
-        <url>http://github.com/hierynomus/sshj/issues</url>
-    </issueManagement>
-
-    <scm>
-        <connection>scm:git:git://github.com/hierynomus/sshj.git</connection>
-        <developerConnection>scm:git:git@github.com:hierynomus/sshj.git</developerConnection>
-        <url>http://github.com/hierynomus/sshj</url>
-    </scm>
-
-    <licenses>
-        <license>
-            <name>Apache 2</name>
-            <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
-            <distribution>repo</distribution>
-        </license>
-    </licenses>
-
-    <parent>
-        <groupId>org.sonatype.oss</groupId>
-        <artifactId>oss-parent</artifactId>
-        <version>7</version>
-    </parent>
-
-    <dependencyManagement>
-        <dependencies>
-            <dependency>
-                <groupId>org.bouncycastle</groupId>
-                <artifactId>bcprov-jdk15on</artifactId>
-                <version>1.51</version>
-            </dependency>
-            <dependency>
-                <groupId>org.bouncycastle</groupId>
-                <artifactId>bcpkix-jdk15on</artifactId>
-                <version>1.51</version>
-            </dependency>
-            <dependency>
-                <groupId>com.jcraft</groupId>
-                <artifactId>jzlib</artifactId>
-                <version>1.1.3</version>
-            </dependency>
-            <dependency>
-                <groupId>ch.qos.logback</groupId>
-                <artifactId>logback-core</artifactId>
-                <version>1.1.2</version>
-            </dependency>
-            <dependency>
-                <groupId>ch.qos.logback</groupId>
-                <artifactId>logback-classic</artifactId>
-                <version>1.1.2</version>
-            </dependency>
-        </dependencies>
-    </dependencyManagement>
-
-    <dependencies>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-api</artifactId>
-            <version>1.7.7</version>
-        </dependency>
-        <dependency>
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcpkix-jdk15on</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.bouncycastle</groupId>
-            <artifactId>bcprov-jdk15on</artifactId>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>com.jcraft</groupId>
-            <artifactId>jzlib</artifactId>
-            <scope>provided</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.sshd</groupId>
-            <artifactId>sshd-core</artifactId>
-            <version>0.11.0</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>ch.qos.logback</groupId>
-            <artifactId>logback-core</artifactId>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
-            <version>4.11</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>ch.qos.logback</groupId>
-            <artifactId>logback-classic</artifactId>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.mockito</groupId>
-            <artifactId>mockito-all</artifactId>
-            <version>1.9.5</version>
-            <scope>test</scope>
-        </dependency>
-    </dependencies>
-
-
-    <developers>
-        <developer>
-            <id>hierynomus</id>
-            <name>Jeroen van Erp</name>
-            <email>jeroen@hierynomus.com</email>
-        </developer>
-        <developer>
-            <id>shikhar</id>
-            <name>Shikhar Bhushan</name>
-            <email>shikhar@schmizz.net</email>
-            <url>http://schmizz.net</url>
-        </developer>
-        <developer>
-            <id>iterate</id>
-            <name>David Kocher</name>
-            <email>dkocher@iterate.ch</email>
-            <organization>iterate GmbH</organization>
-            <organizationUrl>https://iterate.ch</organizationUrl>
-        </developer>
-    </developers>
-
-    <properties>
-        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    </properties>
-
-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.1</version>
-                <configuration>
-                    <source>1.6</source>
-                    <target>1.6</target>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-source-plugin</artifactId>
-                <version>2.2.1</version>
-                <executions>
-                    <execution>
-                        <id>attach-sources</id>
-                        <goals>
-                            <goal>jar</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-javadoc-plugin</artifactId>
-                <version>2.9.1</version>
-                <configuration>
-                    <encoding>${project.build.sourceEncoding}</encoding>
-                </configuration>
-                <executions>
-                    <execution>
-                        <id>attach-javadocs</id>
-                        <goals>
-                            <goal>jar</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.felix</groupId>
-                <artifactId>maven-bundle-plugin</artifactId>
-                <version>2.4.0</version>
-                <extensions>true</extensions>
-                <configuration>
-                    <instructions>
-                        <Import-Package>
-                            !net.schmizz.*,
-                            javax.crypto*,
-                            com.jcraft.jzlib*;version="[1.1,2)";resolution:=optional,
-                            org.slf4j*;version="[1.7,5)",
-                            org.bouncycastle*,
-                            *
-                        </Import-Package>
-                        <Export-Package>net.schmizz.*</Export-Package>
-                    </instructions>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>clirr-maven-plugin</artifactId>
-                <version>2.6.1</version>
-            </plugin>
-            <plugin>
-                <groupId>com.mycila</groupId>
-                <artifactId>license-maven-plugin</artifactId>
-                <version>2.6</version>
-                <configuration>
-                    <header>src/etc/license-header</header>
-                    <properties>
-                        <owner>sshj contributors</owner>
-                        <email>sshj-users@googlegroups.com</email>
-                    </properties>
-                    <excludes>
-                        <exclude>**/README</exclude>
-                        <exclude>src/test/resources/**</exclude>
-                        <exclude>src/main/resources/**</exclude>
-                    </excludes>
-                </configuration>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>check</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-<!--             <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-gpg-plugin</artifactId>
-                <version>1.5</version>
-                <executions>
-                    <execution>
-                        <id>sign-artifacts</id>
-                        <phase>verify</phase>
-                        <goals>
-                            <goal>sign</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.sonatype.plugins</groupId>
-                <artifactId>nexus-staging-maven-plugin</artifactId>
-                <version>1.6.2</version>
-                <extensions>true</extensions>
-                <configuration>
-                    <serverId>ossrh</serverId>
-                    <nexusUrl>https://oss.sonatype.org/</nexusUrl>
-                    <autoReleaseAfterClose>true</autoReleaseAfterClose>
-                </configuration>
-            </plugin>
--->        </plugins>
-    </build>
-
-    <distributionManagement>
-        <repository>
-            <id>sonatype-nexus-staging</id>
-            <name>Nexus Release Repository</name>
-            <url>http://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
-        </repository>
-        <snapshotRepository>
-            <id>sonatype-nexus-snapshots</id>
-            <name>Sonatype Nexus Snapshots</name>
-            <url>http://oss.sonatype.org/content/repositories/snapshots</url>
-        </snapshotRepository>
-    </distributionManagement>
-
-    <profiles>
-        <profile>
-            <id>full-deps</id>
-            <dependencies>
-                <dependency>
-                    <groupId>org.bouncycastle</groupId>
-                    <artifactId>bcprov-jdk15on</artifactId>
-                </dependency>
-                <dependency>
-                    <groupId>com.jcraft</groupId>
-                    <artifactId>jzlib</artifactId>
-                </dependency>
-                <dependency>
-                    <groupId>ch.qos.logback</groupId>
-                    <artifactId>logback-core</artifactId>
-                </dependency>
-                <dependency>
-                    <groupId>ch.qos.logback</groupId>
-                    <artifactId>logback-classic</artifactId>
-                </dependency>
-            </dependencies>
-        </profile>
-        <profile>
-            <id>doclint-java8-disable</id>
-            <activation>
-                <jdk>[1.8,)</jdk>
-            </activation>
-            <build>
-                <plugins>
-                    <plugin>
-                        <groupId>org.apache.maven.plugins</groupId>
-                        <artifactId>maven-javadoc-plugin</artifactId>
-                        <configuration>
-                            <additionalparam>-Xdoclint:none</additionalparam>
-                        </configuration>
-                    </plugin>
-                </plugins>
-            </build>
-        </profile>
-    </profiles>
-    <reporting>
-        <plugins>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>clirr-maven-plugin</artifactId>
-                <version>2.6.1</version>
-            </plugin>
-        </plugins>
-    </reporting>
-</project>

settings.gradle

@@ -0,0 +1 @@
+rootProject.name = "sshj"

src/itest/java/nl/javadude/sshj/connection/channel/ChannelCloseEofTest.java

@@ -1,39 +0,0 @@
-package nl.javadude.sshj.connection.channel;
-
-import net.schmizz.sshj.SSHClient;
-import net.schmizz.sshj.connection.channel.direct.Session;
-import net.schmizz.sshj.transport.verification.PromiscuousVerifier;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.IOException;
-
-import static org.hamcrest.MatcherAssert.assertThat;
-
-public class ChannelCloseEofTest {
-
-    private SSHClient sshClient;
-
-    @Before
-    public void setUp() throws Exception {
-        sshClient = new SSHClient();
-    }
-
-    @After
-    public void tearDown() throws IOException {
-        sshClient.disconnect();
-    }
-
-    @Test
-    public void shouldCorrectlyHandleSessionChannelEof() throws IOException, InterruptedException {
-        sshClient.addHostKeyVerifier(new PromiscuousVerifier());
-        sshClient.connect("172.16.37.129");
-        sshClient.authPassword("jeroen", "jeroen");
-        Session session = sshClient.startSession();
-        session.allocateDefaultPTY();
-        session.close();
-        Thread.sleep(1000);
-        assertThat("Should still be connected", sshClient.isConnected());
-    }
-}

src/main/java/com/hierynomus/sshj/backport/JavaVersion.java

@@ -0,0 +1,26 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.backport;
+
+public class JavaVersion {
+    public static boolean isJava7OrEarlier() {
+        String property = System.getProperty("java.specification.version");
+        float diff = Float.parseFloat(property) - 1.7f;
+
+        return diff < 0.01;
+    }
+
+}

src/main/java/com/hierynomus/sshj/backport/Jdk7HttpProxySocket.java

@@ -0,0 +1,77 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.backport;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.*;
+import java.nio.charset.Charset;
+
+public class Jdk7HttpProxySocket extends Socket {
+
+    private Proxy httpProxy = null;
+
+    public Jdk7HttpProxySocket(Proxy proxy) {
+        super(proxy.type() == Proxy.Type.HTTP ? Proxy.NO_PROXY : proxy);
+        if (proxy.type() == Proxy.Type.HTTP) {
+            this.httpProxy = proxy;
+        }
+    }
+
+    @Override
+    public void connect(SocketAddress endpoint, int timeout) throws IOException {
+        if (httpProxy != null) {
+            connectHttpProxy(endpoint, timeout);
+        } else {
+            super.connect(endpoint, timeout);
+        }
+    }
+
+    private void connectHttpProxy(SocketAddress endpoint, int timeout) throws IOException {
+        super.connect(httpProxy.address(), timeout);
+
+        if (!(endpoint instanceof InetSocketAddress)) {
+            throw new SocketException("Expected an InetSocketAddress to connect to, got: " + endpoint);
+        }
+        InetSocketAddress isa = (InetSocketAddress) endpoint;
+        String httpConnect = "CONNECT " + isa.getHostName() + ":" + isa.getPort() + " HTTP/1.0\n\n";
+        getOutputStream().write(httpConnect.getBytes(Charset.forName("UTF-8")));
+        checkAndFlushProxyResponse();
+    }
+
+    private void checkAndFlushProxyResponse()throws IOException {
+        InputStream socketInput = getInputStream();
+        byte[] tmpBuffer = new byte[512];
+        int len = socketInput.read(tmpBuffer, 0, tmpBuffer.length);
+
+        if (len == 0) {
+            throw new SocketException("Empty response from proxy");
+        }
+
+        String proxyResponse = new String(tmpBuffer, 0, len, "UTF-8");
+
+        // Expecting HTTP/1.x 200 OK
+        if (proxyResponse.contains("200")) {
+            // Flush any outstanding message in buffer
+            if (socketInput.available() > 0) {
+                socketInput.skip(socketInput.available());
+            }
+            // Proxy Connect Successful
+        } else {
+            throw new SocketException("Fail to create Socket\nResponse was:" + proxyResponse);
+        }
+    }
+}

src/main/java/com/hierynomus/sshj/backport/Sockets.java

@@ -0,0 +1,41 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.backport;
+
+import java.io.Closeable;
+import java.io.IOException;
+import java.net.Socket;
+
+public class Sockets {
+
+    /**
+     * Java 7 and up have Socket implemented as Closeable, whereas Java6 did not have this inheritance.
+     * @param socket The socket to wrap as Closeable
+     * @return The (potentially wrapped) Socket as a Closeable.
+     */
+    public static Closeable asCloseable(final Socket socket) {
+        if (Closeable.class.isAssignableFrom(socket.getClass())) {
+            return Closeable.class.cast(socket);
+        } else {
+            return new Closeable() {
+                @Override
+                public void close() throws IOException {
+                    socket.close();
+                }
+            };
+        }
+    }
+}

src/main/java/com/hierynomus/sshj/secg/SecgUtils.java

@@ -0,0 +1,70 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.secg;
+
+import net.schmizz.sshj.common.SSHRuntimeException;
+
+import java.math.BigInteger;
+import java.security.spec.ECPoint;
+import java.security.spec.EllipticCurve;
+import java.util.Arrays;
+
+public class SecgUtils {
+    /**
+     * SECG 2.3.4 Octet String to ECPoint
+     */
+    public static ECPoint getDecoded(byte[] M, EllipticCurve curve) {
+        int elementSize = getElementSize(curve);
+        if (M.length != 2 * elementSize + 1 || M[0] != 0x04) {
+            throw new SSHRuntimeException("Invalid 'f' for Elliptic Curve " + curve.toString());
+        }
+        byte[] xBytes = new byte[elementSize];
+        byte[] yBytes = new byte[elementSize];
+        System.arraycopy(M, 1, xBytes, 0, elementSize);
+        System.arraycopy(M, 1 + elementSize, yBytes, 0, elementSize);
+        return new ECPoint(new BigInteger(1, xBytes), new BigInteger(1, yBytes));
+    }
+
+    /**
+     * SECG 2.3.3 ECPoint to Octet String
+     */
+    public static byte[] getEncoded(ECPoint point, EllipticCurve curve) {
+        int elementSize = getElementSize(curve);
+        byte[] M = new byte[2 * elementSize + 1];
+        M[0] = 0x04;
+
+        byte[] xBytes = stripLeadingZeroes(point.getAffineX().toByteArray());
+        byte[] yBytes = stripLeadingZeroes(point.getAffineY().toByteArray());
+        System.arraycopy(xBytes, 0, M, 1 + elementSize - xBytes.length, xBytes.length);
+        System.arraycopy(yBytes, 0, M, 1 + 2 * elementSize - yBytes.length, yBytes.length);
+        return M;
+    }
+
+    private static byte[] stripLeadingZeroes(byte[] bytes) {
+        int start = 0;
+        while (bytes[start] == 0x0) {
+            start++;
+        }
+
+        return Arrays.copyOfRange(bytes, start, bytes.length);
+    }
+
+    private static int getElementSize(EllipticCurve curve) {
+        int fieldSize = curve.getField().getFieldSize();
+        return (fieldSize + 7) / 8;
+    }
+
+}

src/main/java/com/hierynomus/sshj/signature/Ed25519PublicKey.java

@@ -0,0 +1,55 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.signature;
+
+import net.i2p.crypto.eddsa.EdDSAPublicKey;
+import net.i2p.crypto.eddsa.spec.EdDSANamedCurveSpec;
+import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
+import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec;
+import net.schmizz.sshj.common.SSHRuntimeException;
+
+import java.util.Arrays;
+
+/**
+ * Our own extension of the EdDSAPublicKey that comes from ECC-25519, as that class does not implement equality.
+ * The code uses the equality of the keys as an indicator whether they're the same during host key verification.
+ */
+public class Ed25519PublicKey extends EdDSAPublicKey {
+
+    public Ed25519PublicKey(EdDSAPublicKeySpec spec) {
+        super(spec);
+
+        EdDSANamedCurveSpec ed25519 = EdDSANamedCurveTable.getByName("ed25519-sha-512");
+        if (!spec.getParams().getCurve().equals(ed25519.getCurve())) {
+            throw new SSHRuntimeException("Cannot create Ed25519 Public Key from wrong spec");
+        }
+    }
+
+    @Override
+    public boolean equals(Object other) {
+        if (!(other instanceof Ed25519PublicKey)) {
+            return false;
+        }
+
+        Ed25519PublicKey otherKey = (Ed25519PublicKey) other;
+        return Arrays.equals(getAbyte(), otherKey.getAbyte());
+    }
+
+    @Override
+    public int hashCode() {
+        return getA().hashCode();
+    }
+}

src/main/java/com/hierynomus/sshj/signature/SignatureEdDSA.java

@@ -0,0 +1,109 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.signature;
+
+import net.i2p.crypto.eddsa.EdDSAEngine;
+import net.schmizz.sshj.common.Buffer;
+import net.schmizz.sshj.common.KeyType;
+import net.schmizz.sshj.common.SSHRuntimeException;
+import net.schmizz.sshj.signature.Signature;
+
+import java.security.*;
+
+public class SignatureEdDSA implements Signature {
+    public static class Factory implements net.schmizz.sshj.common.Factory.Named<Signature> {
+
+        @Override
+        public String getName() {
+            return KeyType.ED25519.toString();
+        }
+
+        @Override
+        public Signature create() {
+            return new SignatureEdDSA();
+        }
+    }
+
+    final EdDSAEngine engine;
+
+    protected SignatureEdDSA() {
+        try {
+            engine = new EdDSAEngine(MessageDigest.getInstance("SHA-512"));
+        } catch (NoSuchAlgorithmException e) {
+            throw new SSHRuntimeException(e);
+        }
+    }
+
+    @Override
+    public void init(PublicKey pubkey, PrivateKey prvkey) {
+        try {
+            if (pubkey != null) {
+                engine.initVerify(pubkey);
+            }
+
+            if (prvkey != null) {
+                engine.initSign(prvkey);
+            }
+        } catch (InvalidKeyException e) {
+            throw new SSHRuntimeException(e);
+        }
+    }
+
+    @Override
+    public void update(byte[] H) {
+        update(H, 0, H.length);
+    }
+
+    @Override
+    public void update(byte[] H, int off, int len) {
+        try {
+            engine.update(H, off, len);
+        } catch (SignatureException e) {
+            throw new SSHRuntimeException(e);
+        }
+    }
+
+    @Override
+    public byte[] sign() {
+        try {
+            return engine.sign();
+        } catch (SignatureException e) {
+            throw new SSHRuntimeException(e);
+        }
+    }
+
+    @Override
+    public byte[] encode(byte[] signature) {
+        return signature;
+    }
+
+    @Override
+    public boolean verify(byte[] sig) {
+        try {
+            Buffer.PlainBuffer plainBuffer = new Buffer.PlainBuffer(sig);
+            String algo = plainBuffer.readString();
+            if (!"ssh-ed25519".equals(algo)) {
+                throw new SSHRuntimeException("Expected 'ssh-ed25519' key algorithm, but was: " + algo);
+            }
+            byte[] bytes = plainBuffer.readBytes();
+            return engine.verify(bytes);
+        } catch (SignatureException e) {
+            throw new SSHRuntimeException(e);
+        } catch (Buffer.BufferException e) {
+            throw new SSHRuntimeException(e);
+        }
+    }
+}

src/main/java/com/hierynomus/sshj/transport/cipher/BlockCiphers.java

@@ -0,0 +1,136 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.transport.cipher;
+
+import net.schmizz.sshj.transport.cipher.BlockCipher;
+import net.schmizz.sshj.transport.cipher.Cipher;
+
+/**
+ * All BlockCiphers supported by SSH according to the following RFCs
+ *
+ * - https://tools.ietf.org/html/rfc4344#section-3.1
+ * - https://tools.ietf.org/html/rfc4253#section-6.3
+ *
+ * TODO: https://tools.ietf.org/html/rfc5647
+ *
+ * Some of the Ciphers are still implemented in net.schmizz.sshj.transport.cipher.*. These are scheduled to be migrated to here.
+ */
+public class BlockCiphers {
+
+    public static final String COUNTER_MODE = "CTR";
+    public static final String CIPHER_BLOCK_CHAINING_MODE = "CBC";
+
+    public static Factory BlowfishCTR() {
+        return new Factory(8, 256, "blowfish-ctr", "Blowfish", COUNTER_MODE);
+    }
+    public static Factory Twofish128CTR() {
+        return new Factory(16, 128, "twofish128-ctr", "Twofish", COUNTER_MODE);
+    }
+    public static Factory Twofish192CTR() {
+        return new Factory(16, 192, "twofish192-ctr", "Twofish", COUNTER_MODE);
+    }
+    public static Factory Twofish256CTR() {
+        return new Factory(16, 256, "twofish256-ctr", "Twofish", COUNTER_MODE);
+    }
+    public static Factory Twofish128CBC() {
+        return new Factory(16, 128, "twofish128-cbc", "Twofish", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static Factory Twofish192CBC() {
+        return new Factory(16, 192, "twofish192-cbc", "Twofish", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static Factory Twofish256CBC() {
+        return new Factory(16, 256, "twofish256-cbc", "Twofish", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static Factory TwofishCBC() {
+        return new Factory(16, 256, "twofish-cbc", "Twofish", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static Factory Serpent128CTR() {
+        return new Factory(16, 128, "serpent128-ctr", "Serpent", COUNTER_MODE);
+    }
+    public static Factory Serpent192CTR() {
+        return new Factory(16, 192, "serpent192-ctr", "Serpent", COUNTER_MODE);
+    }
+    public static Factory Serpent256CTR() {
+        return new Factory(16, 256, "serpent256-ctr", "Serpent", COUNTER_MODE);
+    }
+    public static Factory Serpent128CBC() {
+        return new Factory(16, 128, "serpent128-cbc", "Serpent", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static Factory Serpent192CBC() {
+        return new Factory(16, 192, "serpent192-cbc", "Serpent", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static Factory Serpent256CBC() {
+        return new Factory(16, 256, "serpent256-cbc", "Serpent", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static Factory IDEACTR() {
+        return new Factory(8, 128, "idea-ctr", "IDEA", COUNTER_MODE);
+    }
+    public static Factory IDEACBC() {
+        return new Factory(8, 128, "idea-cbc", "IDEA", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static Factory Cast128CTR() {
+        return new Factory(8, 128, "cast128-ctr", "CAST5", COUNTER_MODE);
+    }
+    public static Factory Cast128CBC() {
+        return new Factory(8, 128, "cast128-cbc", "CAST5", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static Factory TripleDESCTR() {
+        return new Factory(8, 192, "3des-ctr", "DESede", COUNTER_MODE);
+    }
+
+    /** Named factory for BlockCipher */
+    public static class Factory
+            implements net.schmizz.sshj.common.Factory.Named<Cipher> {
+
+        private int keysize;
+        private String cipher;
+        private String mode;
+        private String name;
+        private int ivsize;
+
+        /**
+         * @param ivsize
+         * @param keysize The keysize used in bits.
+         * @param name
+         * @param cipher
+         * @param mode
+         */
+        public Factory(int ivsize, int keysize, String name, String cipher, String mode) {
+            this.name = name;
+            this.keysize = keysize;
+            this.cipher = cipher;
+            this.mode = mode;
+            this.ivsize = ivsize;
+        }
+
+        @Override
+        public Cipher create() {
+            return new BlockCipher(ivsize, keysize / 8, cipher, cipher + "/" + mode + "/NoPadding");
+        }
+
+        @Override
+        public String getName() {
+            return name;
+        }
+
+        @Override
+        public String toString() {
+            return getName();
+        }
+    }
+
+
+}

src/main/java/com/hierynomus/sshj/transport/cipher/ExtendedBlockCiphers.java

@@ -0,0 +1,67 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.transport.cipher;
+
+import static com.hierynomus.sshj.transport.cipher.BlockCiphers.CIPHER_BLOCK_CHAINING_MODE;
+import static com.hierynomus.sshj.transport.cipher.BlockCiphers.COUNTER_MODE;
+
+/**
+ * Set of Block Ciphers that are (not yet) part of any of the official RFCs for SSH, but
+ * that are either supported by other SSH implementations, or are being pushed for to be
+ * included in a new RFC.
+ *
+ * - http://tools.ietf.org/id/draft-kanno-secsh-camellia-01.txt
+ */
+public class ExtendedBlockCiphers {
+    public static BlockCiphers.Factory Camellia128CTR() {
+        return new BlockCiphers.Factory(16, 128, "camellia128-ctr", "Camellia", COUNTER_MODE);
+    }
+    public static BlockCiphers.Factory Camellia128CTROpenSSHOrg() {
+        return new BlockCiphers.Factory(16, 128, "camellia128-ctr@openssh.org", "Camellia", COUNTER_MODE);
+    }
+    public static BlockCiphers.Factory Camellia192CTR() {
+        return new BlockCiphers.Factory(16, 192, "camellia192-ctr", "Camellia", COUNTER_MODE);
+    }
+    public static BlockCiphers.Factory Camellia192CTROpenSSHOrg() {
+        return new BlockCiphers.Factory(16, 192, "camellia192-ctr@openssh.org", "Camellia", COUNTER_MODE);
+    }
+    public static BlockCiphers.Factory Camellia256CTR() {
+        return new BlockCiphers.Factory(16, 256, "camellia256-ctr", "Camellia", COUNTER_MODE);
+    }
+    public static BlockCiphers.Factory Camellia256CTROpenSSHOrg() {
+        return new BlockCiphers.Factory(16, 256, "camellia256-ctr@openssh.org", "Camellia", COUNTER_MODE);
+    }
+    public static BlockCiphers.Factory Camellia128CBC() {
+        return new BlockCiphers.Factory(16, 128, "camellia128-cbc", "Camellia", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static BlockCiphers.Factory Camellia128CBCOpenSSHOrg() {
+        return new BlockCiphers.Factory(16, 128, "camellia128-cbc@openssh.org", "Camellia", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static BlockCiphers.Factory Camellia192CBC() {
+        return new BlockCiphers.Factory(16, 192, "camellia192-cbc", "Camellia", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static BlockCiphers.Factory Camellia192CBCOpenSSHOrg() {
+        return new BlockCiphers.Factory(16, 192, "camellia192-cbc@openssh.org", "Camellia", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static BlockCiphers.Factory Camellia256CBC() {
+        return new BlockCiphers.Factory(16, 256, "camellia256-cbc", "Camellia", CIPHER_BLOCK_CHAINING_MODE);
+    }
+    public static BlockCiphers.Factory Camellia256CBCOpenSSHOrg() {
+        return new BlockCiphers.Factory(16, 256, "camellia256-cbc@openssh.org", "Camellia", CIPHER_BLOCK_CHAINING_MODE);
+    }
+
+
+}

src/main/java/com/hierynomus/sshj/transport/cipher/StreamCipher.java

@@ -0,0 +1,34 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.transport.cipher;
+
+import net.schmizz.sshj.transport.cipher.BaseCipher;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.SecureRandom;
+
+public class StreamCipher extends BaseCipher {
+
+    public StreamCipher(int bsize, String algorithm, String transformation) {
+        super(0, bsize, algorithm, transformation);
+    }
+
+    @Override
+    protected void initCipher(javax.crypto.Cipher cipher, Mode mode, byte[] key, byte[] iv) throws InvalidKeyException, InvalidAlgorithmParameterException {
+        cipher.init(getMode(mode), getKeySpec(key), new SecureRandom());
+    }
+}

src/main/java/com/hierynomus/sshj/transport/cipher/StreamCiphers.java

@@ -0,0 +1,76 @@
+/*
+ * Copyright (C)2009 - SSHJ Contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.hierynomus.sshj.transport.cipher;
+
+import net.schmizz.sshj.transport.cipher.Cipher;
+
+/**
+ * Implementations of the Stream Ciphers that are defined in the RFCs
+ *
+ * - https://tools.ietf.org/html/rfc4253#section-6.3
+ * - https://tools.ietf.org/html/rfc4345
+ */
+public class StreamCiphers {
+
+    public static Factory Arcfour() {
+        return new Factory(128, "arcfour", "ARCFOUR", "ECB");
+    }
+    public static Factory Arcfour128() {
+        return new Factory(128, "arcfour128", "RC4", "ECB");
+    }
+    public static Factory Arcfour256() {
+        return new Factory(256, "arcfour256", "RC4", "ECB");
+    }
+
+    /** Named factory for BlockCipher */
+    public static class Factory
+            implements net.schmizz.sshj.common.Factory.Named<Cipher> {
+
+        private int keysize;
+        private String cipher;
+        private String mode;
+        private String name;
+
+        /**
+         * @param keysize The keysize used in bits.
+         * @param name
+         * @param cipher
+         * @param mode
+         */
+        public Factory(int keysize, String name, String cipher, String mode) {
+            this.name = name;
+            this.keysize = keysize;
+            this.cipher = cipher;
+            this.mode = mode;
+        }
+
+        @Override
+        public Cipher create() {
+            return new StreamCipher(keysize / 8, cipher, cipher + "/" + mode + "/NoPadding");
+        }
+
+        @Override
+        public String getName() {
+            return name;
+        }
+
+        @Override
+        public String toString() {
+            return getName();
+        }
+    }
+
+}

src/main/java/net/schmizz/concurrent/ErrorDeliveryUtil.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/concurrent/Event.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -143,4 +143,4 @@ public class Event<T extends Throwable> {
         return promise.toString();
     }
 
-}
+}

src/main/java/net/schmizz/concurrent/ExceptionChainer.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -37,4 +37,4 @@ public interface ExceptionChainer<Z extends Throwable> {
 
     Z chain(Throwable t);
 
-}
+}

src/main/java/net/schmizz/concurrent/Promise.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/keepalive/Heartbeater.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/keepalive/KeepAlive.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/keepalive/KeepAliveProvider.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/keepalive/KeepAliveRunner.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/AbstractService.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/AndroidConfig.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/Config.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -155,4 +155,24 @@ public interface Config {
      * @param keepAliveProvider keep-alive provider
      */
     void setKeepAliveProvider(KeepAliveProvider keepAliveProvider);
+
+    /**
+     * Gets whether the client should first wait for a received server ident, before sending the client ident.
+     * <p/>
+     * <stong>NB:</stong> This is non-standard behaviour, and can potentially deadlock if the server also waits on the client ident.
+     *
+     * The default value is set to false.
+     *
+     * @return Whether to first wait for the server ident.
+     */
+    boolean isWaitForServerIdentBeforeSendingClientIdent();
+
+    /**
+     * Sets whether the SSH client should wait for a received server ident, before sending the client ident.
+     * <p/>
+     * <stong>NB:</stong> This is non-standard behaviour, and can potentially deadlock if the server also waits on the client ident.
+
+     * @param waitForServerIdentBeforeSendingClientIdent Whether to wait for the server ident.
+     */
+    void setWaitForServerIdentBeforeSendingClientIdent(boolean waitForServerIdentBeforeSendingClientIdent);
 }

src/main/java/net/schmizz/sshj/ConfigImpl.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -44,6 +44,8 @@ public class ConfigImpl
     private List<Factory.Named<Signature>> signatureFactories;
     private List<Factory.Named<FileKeyProvider>> fileKeyProviderFactories;
 
+    private boolean waitForServerIdentBeforeSendingClientIdent = false;
+
     @Override
     public List<Factory.Named<Cipher>> getCipherFactories() {
         return cipherFactories;
@@ -157,4 +159,14 @@ public class ConfigImpl
     public void setKeepAliveProvider(KeepAliveProvider keepAliveProvider) {
         this.keepAliveProvider = keepAliveProvider;
     }
-}
+
+    @Override
+    public boolean isWaitForServerIdentBeforeSendingClientIdent() {
+        return waitForServerIdentBeforeSendingClientIdent;
+    }
+
+    @Override
+    public void setWaitForServerIdentBeforeSendingClientIdent(boolean waitForServerIdentBeforeSendingClientIdent) {
+        this.waitForServerIdentBeforeSendingClientIdent = waitForServerIdentBeforeSendingClientIdent;
+    }
+}

src/main/java/net/schmizz/sshj/DefaultConfig.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,6 +15,9 @@
  */
 package net.schmizz.sshj;
 
+import com.hierynomus.sshj.signature.SignatureEdDSA;
+import com.hierynomus.sshj.transport.cipher.BlockCiphers;
+import com.hierynomus.sshj.transport.cipher.StreamCiphers;
 import net.schmizz.keepalive.KeepAliveProvider;
 import net.schmizz.sshj.common.Factory;
 import net.schmizz.sshj.common.SecurityUtils;
@@ -31,8 +34,7 @@ import net.schmizz.sshj.transport.cipher.BlowfishCBC;
 import net.schmizz.sshj.transport.cipher.Cipher;
 import net.schmizz.sshj.transport.cipher.TripleDESCBC;
 import net.schmizz.sshj.transport.compression.NoneCompression;
-import net.schmizz.sshj.transport.kex.DHG1;
-import net.schmizz.sshj.transport.kex.DHG14;
+import net.schmizz.sshj.transport.kex.*;
 import net.schmizz.sshj.transport.mac.HMACMD5;
 import net.schmizz.sshj.transport.mac.HMACMD596;
 import net.schmizz.sshj.transport.mac.HMACSHA1;
@@ -49,6 +51,7 @@ import net.schmizz.sshj.userauth.keyprovider.PuTTYKeyFile;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.awt.image.ByteLookupTable;
 import java.util.Arrays;
 import java.util.Iterator;
 import java.util.LinkedList;
@@ -81,7 +84,7 @@ public class DefaultConfig
 
     private final Logger log = LoggerFactory.getLogger(getClass());
 
-    private static final String VERSION = "SSHJ_0_9_2";
+    private static final String VERSION = "SSHJ_0_14_0";
 
     public DefaultConfig() {
         setVersion(VERSION);
@@ -98,9 +101,16 @@ public class DefaultConfig
 
     protected void initKeyExchangeFactories(boolean bouncyCastleRegistered) {
         if (bouncyCastleRegistered)
-            setKeyExchangeFactories(new DHG14.Factory(), new DHG1.Factory());
+            setKeyExchangeFactories(new Curve25519SHA256.Factory(),
+                    new DHGexSHA256.Factory(),
+                    new ECDHNistP.Factory521(),
+                    new ECDHNistP.Factory384(),
+                    new ECDHNistP.Factory256(),
+                    new DHGexSHA1.Factory(),
+                    new DHG14.Factory(),
+                    new DHG1.Factory());
         else
-            setKeyExchangeFactories(new DHG1.Factory());
+            setKeyExchangeFactories(new DHG1.Factory(), new DHGexSHA1.Factory());
     }
 
     protected void initRandomFactory(boolean bouncyCastleRegistered) {
@@ -124,7 +134,29 @@ public class DefaultConfig
                 new AES192CBC.Factory(),
                 new AES256CBC.Factory(),
                 new TripleDESCBC.Factory(),
-                new BlowfishCBC.Factory()));
+                new BlowfishCBC.Factory(),
+                BlockCiphers.BlowfishCTR(),
+                BlockCiphers.Cast128CBC(),
+                BlockCiphers.Cast128CTR(),
+                BlockCiphers.IDEACBC(),
+                BlockCiphers.IDEACTR(),
+                BlockCiphers.Serpent128CBC(),
+                BlockCiphers.Serpent128CTR(),
+                BlockCiphers.Serpent192CBC(),
+                BlockCiphers.Serpent192CTR(),
+                BlockCiphers.Serpent256CBC(),
+                BlockCiphers.Serpent256CTR(),
+                BlockCiphers.TripleDESCTR(),
+                BlockCiphers.Twofish128CBC(),
+                BlockCiphers.Twofish128CTR(),
+                BlockCiphers.Twofish192CBC(),
+                BlockCiphers.Twofish192CTR(),
+                BlockCiphers.Twofish256CBC(),
+                BlockCiphers.Twofish256CTR(),
+                BlockCiphers.TwofishCBC(),
+                StreamCiphers.Arcfour(),
+                StreamCiphers.Arcfour128(),
+                StreamCiphers.Arcfour256()));
 
         boolean warn = false;
         // Ref. https://issues.apache.org/jira/browse/SSHD-24
@@ -138,6 +170,7 @@ public class DefaultConfig
                 c.init(Cipher.Mode.Encrypt, key, iv);
             } catch (Exception e) {
                 warn = true;
+                log.warn(e.getCause().getMessage());
                 i.remove();
             }
         }
@@ -145,10 +178,11 @@ public class DefaultConfig
             log.warn("Disabling high-strength ciphers: cipher strengths apparently limited by JCE policy");
 
         setCipherFactories(avail);
+        log.debug("Available cipher factories: {}", avail);
     }
 
     protected void initSignatureFactories() {
-        setSignatureFactories(new SignatureECDSA.Factory(), new SignatureRSA.Factory(), new SignatureDSA.Factory());
+        setSignatureFactories(new SignatureECDSA.Factory(), new SignatureRSA.Factory(), new SignatureDSA.Factory(), new SignatureEdDSA.Factory());
     }
 
     protected void initMACFactories() {

src/main/java/net/schmizz/sshj/SSHClient.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -39,6 +39,7 @@ import net.schmizz.sshj.transport.TransportImpl;
 import net.schmizz.sshj.transport.compression.DelayedZlibCompression;
 import net.schmizz.sshj.transport.compression.NoneCompression;
 import net.schmizz.sshj.transport.compression.ZlibCompression;
+import net.schmizz.sshj.transport.verification.AlgorithmsVerifier;
 import net.schmizz.sshj.transport.verification.HostKeyVerifier;
 import net.schmizz.sshj.transport.verification.OpenSSHKnownHosts;
 import net.schmizz.sshj.userauth.UserAuth;
@@ -49,24 +50,30 @@ import net.schmizz.sshj.userauth.keyprovider.KeyFormat;
 import net.schmizz.sshj.userauth.keyprovider.KeyPairWrapper;
 import net.schmizz.sshj.userauth.keyprovider.KeyProvider;
 import net.schmizz.sshj.userauth.keyprovider.KeyProviderUtil;
+import net.schmizz.sshj.userauth.method.AuthGssApiWithMic;
 import net.schmizz.sshj.userauth.method.AuthKeyboardInteractive;
 import net.schmizz.sshj.userauth.method.AuthMethod;
 import net.schmizz.sshj.userauth.method.AuthPassword;
 import net.schmizz.sshj.userauth.method.AuthPublickey;
 import net.schmizz.sshj.userauth.method.PasswordResponseProvider;
 import net.schmizz.sshj.userauth.password.PasswordFinder;
+import net.schmizz.sshj.userauth.password.PasswordUpdateProvider;
 import net.schmizz.sshj.userauth.password.PasswordUtils;
 import net.schmizz.sshj.userauth.password.Resource;
 import net.schmizz.sshj.xfer.scp.SCPFileTransfer;
+import org.ietf.jgss.Oid;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.security.auth.login.LoginContext;
+
 import java.io.Closeable;
 import java.io.File;
 import java.io.IOException;
 import java.net.ServerSocket;
 import java.security.KeyPair;
 import java.security.PublicKey;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Deque;
 import java.util.LinkedList;
@@ -153,10 +160,19 @@ public class SSHClient
      * Add a {@link HostKeyVerifier} which will be invoked for verifying host key during connection establishment and
      * future key exchanges.
      *
-     * @param hostKeyVerifier {@link HostKeyVerifier} instance
+     * @param verifier {@link HostKeyVerifier} instance
      */
-    public void addHostKeyVerifier(HostKeyVerifier hostKeyVerifier) {
-        trans.addHostKeyVerifier(hostKeyVerifier);
+    public void addHostKeyVerifier(HostKeyVerifier verifier) {
+        trans.addHostKeyVerifier(verifier);
+    }
+
+    /**
+     * Add a {@link AlgorithmsVerifier} which will be invoked for verifying negotiated algorithms.
+     *
+     * @param verifier {@link AlgorithmsVerifier} instance
+     */
+    public void addAlgorithmsVerifier(AlgorithmsVerifier verifier) {
+        trans.addAlgorithmsVerifier(verifier);
     }
 
     /**
@@ -205,7 +221,7 @@ public class SSHClient
     public void auth(String username, Iterable<AuthMethod> methods)
             throws UserAuthException, TransportException {
         checkConnected();
-        final Deque<UserAuthException> savedEx = new LinkedList<UserAuthException>();
+        final Deque<UserAuthException> savedEx = new LinkedList<>();
         for (AuthMethod method: methods) {
             try {
                 if (auth.authenticate(username, (Service) conn, method, trans.getTimeoutMs()))
@@ -278,6 +294,22 @@ public class SSHClient
         auth(username, new AuthPassword(pfinder), new AuthKeyboardInteractive(new PasswordResponseProvider(pfinder)));
     }
 
+    /**
+     * Authenticate {@code username} using the {@code "password"} authentication method and as a fallback basic
+     * challenge-response authentication.
+     *
+     * @param username user to authenticate
+     * @param pfinder  the {@link PasswordFinder} to use for authentication
+     * @param newPasswordProvider  the {@link PasswordUpdateProvider} to use when a new password is being requested from the user.
+     *
+     * @throws UserAuthException  in case of authentication failure
+     * @throws TransportException if there was a transport-layer error
+     */
+    public void authPassword(String username, PasswordFinder pfinder, PasswordUpdateProvider newPasswordProvider)
+            throws UserAuthException, TransportException {
+        auth(username, new AuthPassword(pfinder, newPasswordProvider), new AuthKeyboardInteractive(new PasswordResponseProvider(pfinder)));
+    }
+
     /**
      * Authenticate {@code username} using the {@code "publickey"} authentication method, with keys from some common
      * locations on the file system. This method relies on {@code ~/.ssh/id_rsa} and {@code ~/.ssh/id_dsa}.
@@ -310,7 +342,7 @@ public class SSHClient
      */
     public void authPublickey(String username, Iterable<KeyProvider> keyProviders)
             throws UserAuthException, TransportException {
-        final List<AuthMethod> am = new LinkedList<AuthMethod>();
+        final List<AuthMethod> am = new LinkedList<>();
         for (KeyProvider kp : keyProviders)
             am.add(new AuthPublickey(kp));
         auth(username, am);
@@ -353,7 +385,7 @@ public class SSHClient
      */
     public void authPublickey(String username, String... locations)
             throws UserAuthException, TransportException {
-        final List<KeyProvider> keyProviders = new LinkedList<KeyProvider>();
+        final List<KeyProvider> keyProviders = new LinkedList<>();
         for (String loc : locations) {
             try {
                 log.debug("Attempting to load key from: {}", loc);
@@ -365,6 +397,30 @@ public class SSHClient
         authPublickey(username, keyProviders);
     }
 
+    /**
+     * Authenticate {@code username} using the {@code "gssapi-with-mic"} authentication method, given a login context
+     * for the peer GSS machine and a list of supported OIDs.
+     * <p/>
+     * Supported OIDs should be ordered by preference as the SSH server will choose the first OID that it also
+     * supports. At least one OID is required
+     *
+     * @param username      user to authenticate
+     * @param context       {@code LoginContext} for the peer GSS machine
+     * @param supportedOid  first supported OID
+     * @param supportedOids other supported OIDs
+     *
+     * @throws UserAuthException  in case of authentication failure
+     * @throws TransportException if there was a transport-layer error
+     */
+    public void authGssApiWithMic(String username, LoginContext context, Oid supportedOid, Oid... supportedOids)
+            throws UserAuthException, TransportException {
+        // insert supportedOid to the front of the list since ordering matters
+        List<Oid> oids = new ArrayList<>(Arrays.asList(supportedOids));
+        oids.add(0, supportedOid);
+
+        auth(username, new AuthGssApiWithMic(context, oids));
+    }
+
     /**
      * Disconnects from the connected SSH server. {@code SSHClient} objects are not reusable therefore it is incorrect
      * to attempt connection after this method has been called.
@@ -720,4 +776,4 @@ public class SSHClient
         }
     }
 
-}
+}

src/main/java/net/schmizz/sshj/Service.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/SocketClient.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,6 +15,9 @@
  */
 package net.schmizz.sshj;
 
+import com.hierynomus.sshj.backport.JavaVersion;
+import com.hierynomus.sshj.backport.Jdk7HttpProxySocket;
+
 import javax.net.SocketFactory;
 import java.io.IOException;
 import java.io.InputStream;
@@ -45,34 +48,53 @@ public abstract class SocketClient {
         this.defaultPort = defaultPort;
     }
 
-    public void connect(InetAddress host, int port)
-            throws IOException {
+    public void connect(InetAddress host, int port) throws IOException {
         socket = socketFactory.createSocket();
         socket.connect(new InetSocketAddress(host, port), connectTimeout);
         onConnect();
     }
 
-    public void connect(InetAddress host, int port, Proxy proxy)
-            throws IOException {
-        socket = new Socket(proxy);
+
+    /**
+     * Connect to a host via a proxy.
+     * @param host The host address to connect to.
+     * @param port The port to connect to.
+     * @param proxy The proxy to connect via.
+     * @deprecated This method will be removed after v0.12.0. If you want to connect via a proxy, you can do this by injecting a {@link javax.net.SocketFactory}
+     *             into the SocketClient. The SocketFactory should create sockets using the {@link java.net.Socket#Socket(java.net.Proxy)} constructor.
+     */
+    @Deprecated
+    public void connect(InetAddress host, int port, Proxy proxy) throws IOException {
+        if (JavaVersion.isJava7OrEarlier() && proxy.type() == Proxy.Type.HTTP) {
+            // Java7 and earlier have no support for HTTP Connect proxies, return our custom socket.
+            socket = new Jdk7HttpProxySocket(proxy);
+        } else {
+            socket = new Socket(proxy);
+        }
         socket.connect(new InetSocketAddress(host, port), connectTimeout);
         onConnect();
     }
 
-    public void connect(String hostname, int port)
-            throws IOException {
+    public void connect(String hostname, int port) throws IOException {
         this.hostname = hostname;
         connect(InetAddress.getByName(hostname), port);
     }
 
-    public void connect(String hostname, int port, Proxy proxy)
-            throws IOException {
+    /**
+     * Connect to a host via a proxy.
+     * @param hostname The host name to connect to.
+     * @param port The port to connect to.
+     * @param proxy The proxy to connect via.
+     * @deprecated This method will be removed after v0.12.0. If you want to connect via a proxy, you can do this by injecting a {@link javax.net.SocketFactory}
+     *             into the SocketClient. The SocketFactory should create sockets using the {@link java.net.Socket#Socket(java.net.Proxy)} constructor.
+     */
+    @Deprecated
+    public void connect(String hostname, int port, Proxy proxy) throws IOException {
         this.hostname = hostname;
         connect(InetAddress.getByName(hostname), port, proxy);
     }
 
-    public void connect(InetAddress host, int port,
-                        InetAddress localAddr, int localPort)
+    public void connect(InetAddress host, int port, InetAddress localAddr, int localPort)
             throws IOException {
         socket = socketFactory.createSocket();
         socket.bind(new InetSocketAddress(localAddr, localPort));
@@ -80,35 +102,44 @@ public abstract class SocketClient {
         onConnect();
     }
 
-    public void connect(String hostname, int port,
-                        InetAddress localAddr, int localPort)
-            throws IOException {
+    public void connect(String hostname, int port, InetAddress localAddr, int localPort) throws IOException {
         this.hostname = hostname;
         connect(InetAddress.getByName(hostname), port, localAddr, localPort);
     }
 
-    public void connect(InetAddress host)
-            throws IOException {
+    public void connect(InetAddress host) throws IOException {
         connect(host, defaultPort);
     }
 
-    public void connect(String hostname)
-            throws IOException {
+    public void connect(String hostname) throws IOException {
         connect(hostname, defaultPort);
     }
 
-    public void connect(InetAddress host, Proxy proxy)
-            throws IOException {
+    /**
+     * Connect to a host via a proxy.
+     * @param host The host address to connect to.
+     * @param proxy The proxy to connect via.
+     * @deprecated This method will be removed after v0.12.0. If you want to connect via a proxy, you can do this by injecting a {@link javax.net.SocketFactory}
+     *             into the SocketClient. The SocketFactory should create sockets using the {@link java.net.Socket#Socket(java.net.Proxy)} constructor.
+     */
+    @Deprecated
+    public void connect(InetAddress host, Proxy proxy) throws IOException {
         connect(host, defaultPort, proxy);
     }
 
-    public void connect(String hostname, Proxy proxy)
-            throws IOException {
+    /**
+     * Connect to a host via a proxy.
+     * @param hostname The host name to connect to.
+     * @param proxy The proxy to connect via.
+     * @deprecated This method will be removed after v0.12.0. If you want to connect via a proxy, you can do this by injecting a {@link javax.net.SocketFactory}
+     *             into the SocketClient. The SocketFactory should create sockets using the {@link java.net.Socket#Socket(java.net.Proxy)} constructor.
+     */
+    @Deprecated
+    public void connect(String hostname, Proxy proxy) throws IOException {
         connect(hostname, defaultPort, proxy);
     }
 
-    public void disconnect()
-            throws IOException {
+    public void disconnect() throws IOException {
         if (socket != null) {
             socket.close();
             socket = null;
@@ -131,7 +162,6 @@ public abstract class SocketClient {
         return socket.getLocalPort();
     }
 
-
     public InetAddress getLocalAddress() {
         return socket.getLocalAddress();
     }
@@ -149,10 +179,11 @@ public abstract class SocketClient {
     }
 
     public void setSocketFactory(SocketFactory factory) {
-        if (factory == null)
+        if (factory == null) {
             socketFactory = SocketFactory.getDefault();
-        else
+        } else {
             socketFactory = factory;
+        }
     }
 
     public SocketFactory getSocketFactory() {
@@ -187,8 +218,7 @@ public abstract class SocketClient {
         return output;
     }
 
-    void onConnect()
-            throws IOException {
+    void onConnect() throws IOException {
         socket.setSoTimeout(timeout);
         input = socket.getInputStream();
         output = socket.getOutputStream();

src/main/java/net/schmizz/sshj/common/Base64.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/Buffer.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/ByteArrayUtils.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/DisconnectReason.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/ErrorNotifiable.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/Factory.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/IOUtils.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/KeyType.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,6 +15,13 @@
  */
 package net.schmizz.sshj.common;
 
+import com.hierynomus.sshj.secg.SecgUtils;
+import com.hierynomus.sshj.signature.Ed25519PublicKey;
+import net.i2p.crypto.eddsa.EdDSAPublicKey;
+import net.i2p.crypto.eddsa.math.GroupElement;
+import net.i2p.crypto.eddsa.spec.EdDSANamedCurveSpec;
+import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
+import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec;
 import org.bouncycastle.asn1.nist.NISTNamedCurves;
 import org.bouncycastle.asn1.x9.X9ECParameters;
 import org.bouncycastle.jce.spec.ECParameterSpec;
@@ -24,7 +31,10 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.math.BigInteger;
-import java.security.*;
+import java.security.GeneralSecurityException;
+import java.security.Key;
+import java.security.KeyFactory;
+import java.security.PublicKey;
 import java.security.interfaces.*;
 import java.security.spec.DSAPublicKeySpec;
 import java.security.spec.RSAPublicKeySpec;
@@ -135,7 +145,7 @@ public enum KeyType {
                 BigInteger bigY = new BigInteger(1, y);
 
                 X9ECParameters ecParams = NISTNamedCurves.getByName("p-256");
-                ECPoint pPublicPoint = ecParams.getCurve().createPoint(bigX, bigY, false);
+                ECPoint pPublicPoint = ecParams.getCurve().createPoint(bigX, bigY);
                 ECParameterSpec spec = new ECParameterSpec(ecParams.getCurve(),
                         ecParams.getG(), ecParams.getN());
                 ECPublicKeySpec publicSpec = new ECPublicKeySpec(pPublicPoint, spec);
@@ -151,35 +161,54 @@ public enum KeyType {
         @Override
         public void putPubKeyIntoBuffer(PublicKey pk, Buffer<?> buf) {
             final ECPublicKey ecdsa = (ECPublicKey) pk;
-            final java.security.spec.ECPoint point = ecdsa.getW();
-            final byte[] x = trimStartingZeros(point.getAffineX().toByteArray());
-            final byte[] y = trimStartingZeros(point.getAffineY().toByteArray());
+            byte[] encoded = SecgUtils.getEncoded(ecdsa.getW(), ecdsa.getParams().getCurve());
 
             buf.putString(sType)
                 .putString(NISTP_CURVE)
-                .putUInt32(1 + x.length + y.length)
-                .putRawBytes(new byte[] { (byte) 0x04 })
-                .putRawBytes(x)
-                .putRawBytes(y)
-            ;
+                .putBytes(encoded);
         }
 
         @Override
         protected boolean isMyType(Key key) {
             return ("ECDSA".equals(key.getAlgorithm()));
         }
+    },
 
-        private byte[] trimStartingZeros(byte[] in) {
-
-            int i = 0;
-            for (; i < in.length; i++) {
-                if (in[i] != 0) {
-                    break;
+    ED25519("ssh-ed25519") {
+        private final Logger logger = LoggerFactory.getLogger(KeyType.class);
+        @Override
+        public PublicKey readPubKeyFromBuffer(String type, Buffer<?> buf) throws GeneralSecurityException {
+            try {
+                final int keyLen = buf.readUInt32AsInt();
+                final byte[] p = new byte[keyLen];
+                buf.readRawBytes(p);
+                if (logger.isDebugEnabled()) {
+                    logger.debug(String.format("Key algo: %s, Key curve: 25519, Key Len: %s\np: %s",
+                            type,
+                            keyLen,
+                            Arrays.toString(p))
+                    );
                 }
+
+                EdDSANamedCurveSpec ed25519 = EdDSANamedCurveTable.getByName("ed25519-sha-512");
+                GroupElement point = ed25519.getCurve().createPoint(p, true);
+                EdDSAPublicKeySpec publicSpec = new EdDSAPublicKeySpec(point, ed25519);
+                return new Ed25519PublicKey(publicSpec);
+
+            } catch (Buffer.BufferException be) {
+                throw new SSHRuntimeException(be);
             }
-            final byte[] out = new byte[in.length - i];
-            System.arraycopy(in, i, out, 0, out.length);
-            return out;
+        }
+
+        @Override
+        public void putPubKeyIntoBuffer(PublicKey pk, Buffer<?> buf) {
+            EdDSAPublicKey key = (EdDSAPublicKey) pk;
+            buf.putString(sType).putBytes(key.getAbyte());
+        }
+
+        @Override
+        protected boolean isMyType(Key key) {
+            return "EdDSA".equals(key.getAlgorithm());
         }
     },
 

src/main/java/net/schmizz/sshj/common/Message.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -30,7 +30,7 @@ public enum Message {
 
     KEXDH_INIT(30),
 
-    /** { KEXDH_REPLY, KEXDH_GEX_GROUP } */
+    /** { KEXDH_REPLY, KEXDH_GEX_GROUP, SSH_MSG_KEX_ECDH_REPLY } */
     KEXDH_31(31),
 
     KEX_DH_GEX_INIT(32),
@@ -46,6 +46,9 @@ public enum Message {
     USERAUTH_60(60),
     USERAUTH_INFO_RESPONSE(61),
 
+    USERAUTH_GSSAPI_EXCHANGE_COMPLETE(63),
+    USERAUTH_GSSAPI_MIC(66),
+
     GLOBAL_REQUEST(80),
     REQUEST_SUCCESS(81),
     REQUEST_FAILURE(82),

src/main/java/net/schmizz/sshj/common/SSHException.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/SSHPacket.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/SSHPacketHandler.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/SSHRuntimeException.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/SecurityUtils.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/common/StreamCopier.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/Connection.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/ConnectionException.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/ConnectionImpl.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -64,9 +64,8 @@ public class ConnectionImpl
     /**
      * Create with an associated {@link Transport}.
      *
-     * @param config the ssh config
      * @param trans transport layer
-     * @param keepAlive
+     * @param keepAlive the keep alive provider
      */
     public ConnectionImpl(Transport trans, KeepAliveProvider keepAlive) {
         super("ssh-connection", trans);
@@ -216,13 +215,15 @@ public class ConnectionImpl
             throws ConnectionException {
         synchronized (globalReqPromises) {
             Promise<SSHPacket, ConnectionException> gr = globalReqPromises.poll();
-            if (gr == null)
+            if (gr == null) {
                 throw new ConnectionException(DisconnectReason.PROTOCOL_ERROR,
-                                              "Got a global request response when none was requested");
-            else if (response == null)
+                        "Got a global request response when none was requested");
+            } else if (response == null) {
                 gr.deliverError(new ConnectionException("Global request [" + gr + "] failed"));
-            else
-                gr.deliver(response);
+            } else {
+                // To prevent a race condition, copy the packet before delivering, as it will be handled in a different thread.
+                gr.deliver(new SSHPacket(response));
+            }
         }
     }
 
@@ -278,4 +279,4 @@ public class ConnectionImpl
         return keepAlive;
     }
 
-}
+}

src/main/java/net/schmizz/sshj/connection/channel/AbstractChannel.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/Channel.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/ChannelInputStream.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -130,7 +130,12 @@ public final class ChannelInputStream
             buf.putRawBytes(data, offset, len);
             buf.notifyAll();
         }
-        win.consume(len);
+        // Potential fix for #203 (window consumed below 0).
+        // This seems to be a race condition if we receive more data, while we're already sending a SSH_MSG_CHANNEL_WINDOW_ADJUST
+        // And the window has not expanded yet.
+        synchronized (win) {
+            win.consume(len);
+        }
         if (chan.getAutoExpand())
             checkWindow();
     }
@@ -153,4 +158,4 @@ public final class ChannelInputStream
         return "< ChannelInputStream for Channel #" + chan.getID() + " >";
     }
 
-}
+}

src/main/java/net/schmizz/sshj/connection/channel/ChannelOutputStream.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/OpenFailException.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/SocketStreamCopyMonitor.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,11 +18,12 @@ package net.schmizz.sshj.connection.channel;
 import net.schmizz.concurrent.Event;
 import net.schmizz.sshj.common.IOUtils;
 
-import java.io.Closeable;
 import java.io.IOException;
 import java.net.Socket;
 import java.util.concurrent.TimeUnit;
 
+import static com.hierynomus.sshj.backport.Sockets.asCloseable;
+
 public class SocketStreamCopyMonitor
         extends Thread {
 
@@ -32,16 +33,6 @@ public class SocketStreamCopyMonitor
         setDaemon(true);
     }
 
-    private static Closeable wrapSocket(final Socket socket) {
-        return new Closeable() {
-            @Override
-            public void close()
-                    throws IOException {
-                socket.close();
-            }
-        };
-    }
-
     public static void monitor(final int frequency, final TimeUnit unit,
                                final Event<IOException> x, final Event<IOException> y,
                                final Channel channel, final Socket socket) {
@@ -54,7 +45,7 @@ public class SocketStreamCopyMonitor
                     }
                 } catch (IOException ignored) {
                 } finally {
-                    IOUtils.closeQuietly(channel, wrapSocket(socket));
+                    IOUtils.closeQuietly(channel, asCloseable(socket));
                 }
             }
         }).start();

src/main/java/net/schmizz/sshj/connection/channel/Window.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/direct/AbstractDirectChannel.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/direct/LocalPortForwarder.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,12 +16,12 @@
 package net.schmizz.sshj.connection.channel.direct;
 
 import net.schmizz.concurrent.Event;
+import net.schmizz.sshj.common.IOUtils;
 import net.schmizz.sshj.common.SSHPacket;
 import net.schmizz.sshj.common.StreamCopier;
 import net.schmizz.sshj.connection.Connection;
-import net.schmizz.sshj.connection.ConnectionException;
 import net.schmizz.sshj.connection.channel.SocketStreamCopyMonitor;
-import net.schmizz.sshj.transport.TransportException;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -30,6 +30,8 @@ import java.net.ServerSocket;
 import java.net.Socket;
 import java.util.concurrent.TimeUnit;
 
+import static com.hierynomus.sshj.backport.Sockets.asCloseable;
+
 public class LocalPortForwarder {
 
     public static class Parameters {
@@ -112,11 +114,15 @@ public class LocalPortForwarder {
         this.serverSocket = serverSocket;
     }
 
-    protected DirectTCPIPChannel openChannel(Socket socket)
-            throws TransportException, ConnectionException {
-        final DirectTCPIPChannel chan = new DirectTCPIPChannel(conn, socket, parameters);
-        chan.open();
-        return chan;
+    private void startChannel(Socket socket) throws IOException {
+        DirectTCPIPChannel chan = new DirectTCPIPChannel(conn, socket, parameters);
+        try {
+            chan.open();
+            chan.start();
+        } catch (IOException e) {
+            IOUtils.closeQuietly(chan, asCloseable(socket));
+            throw e;
+        }
     }
 
     /**
@@ -130,7 +136,7 @@ public class LocalPortForwarder {
         while (!Thread.currentThread().isInterrupted()) {
             final Socket socket = serverSocket.accept();
             log.debug("Got connection from {}", socket.getRemoteSocketAddress());
-            openChannel(socket).start();
+            startChannel(socket);
         }
         log.debug("Interrupted!");
     }

src/main/java/net/schmizz/sshj/connection/channel/direct/PTYMode.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/direct/Session.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -48,18 +48,24 @@ public interface Session
         /**
          * If the command exit violently {@link #getExitSignal() with a signal}, an error message would have been
          * received and can be retrieved via this method. Otherwise, this method will return {@code null}.
+         * <p/>
+         * <strong>NOTE: </strong> Always call {@link #close()} first before inspecting the exit error message.
          */
         String getExitErrorMessage();
 
         /**
          * Returns the {@link Signal signal} if the command exit violently, or {@code null} if this information was not
          * received.
+         * <p/>
+         * <strong>NOTE: </strong> Always call {@link #close()} first before inspecting the exit signal.
          */
         Signal getExitSignal();
 
         /**
          * Returns the exit status of the command if it was received, or {@code null} if this information was not
          * received.
+         * <p/>
+         * <strong>NOTE: </strong> Always call {@link #close()} first before inspecting the exit status.
          */
         Integer getExitStatus();
 

src/main/java/net/schmizz/sshj/connection/channel/direct/SessionChannel.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/direct/SessionFactory.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/direct/Signal.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/forwarded/AbstractForwardedChannel.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/forwarded/AbstractForwardedChannelOpener.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/forwarded/ConnectListener.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/forwarded/ForwardedChannelOpener.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/forwarded/RemotePortForwarder.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -117,6 +117,34 @@ public class RemotePortForwarder
             return address + ":" + port;
         }
 
+        private boolean handles(ForwardedTCPIPChannel channel) {
+            Forward channelForward = channel.getParentForward();
+            if (channelForward.getPort() != port) {
+                return false;
+            }
+            if ("".equals(address)) {
+                // This forward handles all protocols
+                return true;
+            }
+            if (channelForward.address.equals(address)) {
+                // Addresses match up
+                return true;
+            }
+            if ("localhost".equals(address) && (channelForward.address.equals("127.0.0.1") || channelForward.address.equals("::1"))) {
+                // Localhost special case.
+                return true;
+            }
+            if ("::".equals(address) && channelForward.address.indexOf("::") > 0) {
+                // Listen on all IPv6
+                return true;
+            }
+            if ("0.0.0.0".equals(address) && channelForward.address.indexOf('.') > 0) {
+                // Listen on all IPv4
+                return true;
+            }
+            return false;
+        }
+
     }
 
     /** A {@code forwarded-tcpip} channel. */
@@ -224,11 +252,15 @@ public class RemotePortForwarder
         } catch (Buffer.BufferException be) {
             throw new ConnectionException(be);
         }
-        if (listeners.containsKey(chan.getParentForward()))
-            callListener(listeners.get(chan.getParentForward()), chan);
-        else
-            chan.reject(OpenFailException.Reason.ADMINISTRATIVELY_PROHIBITED, "Forwarding was not requested on `"
-                    + chan.getParentForward() + "`");
+
+        for (Forward forward : listeners.keySet()) {
+            if (forward.handles(chan)) {
+                callListener(listeners.get(forward), chan);
+                return;
+            }
+        }
+        chan.reject(OpenFailException.Reason.ADMINISTRATIVELY_PROHIBITED, "Forwarding was not requested on `"
+                + chan.getParentForward() + "`");
     }
 
-}
+}

src/main/java/net/schmizz/sshj/connection/channel/forwarded/SocketForwardingConnectListener.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/connection/channel/forwarded/X11Forwarder.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/FileAttributes.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/FileMode.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/OpenMode.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/PacketReader.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/PacketType.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/PathComponents.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,8 +18,15 @@ package net.schmizz.sshj.sftp;
 public class PathComponents {
 
     static String adjustForParent(String parent, String path, String pathSep) {
-        return (path.startsWith(pathSep)) ? path // Absolute path, nothing to adjust
-                : (parent + (parent.endsWith(pathSep) ? "" : pathSep) + path); // Relative path
+        if (path.startsWith(pathSep)) { // Absolute path
+            return path;
+//        } else if (parent.isEmpty()) { // Relative path
+//            return path;
+        } else if (parent.endsWith(pathSep)) {
+            return parent + path;
+        } else {
+            return parent + pathSep + path;
+        }
     }
 
     static String trimTrailingSeparator(String somePath, String pathSep) {
@@ -63,4 +70,4 @@ public class PathComponents {
         return "[parent=" + parent + "; name=" + name + "; path=" + path + "]";
     }
 
-}
+}

src/main/java/net/schmizz/sshj/sftp/PathHelper.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/RandomAccessRemoteFile.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/RemoteDirectory.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/RemoteFile.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,6 +19,7 @@ import net.schmizz.concurrent.Promise;
 import net.schmizz.sshj.common.Buffer;
 import net.schmizz.sshj.sftp.Response.StatusCode;
 
+import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
@@ -33,37 +34,31 @@ public class RemoteFile
         super(requester, path, handle);
     }
 
-    public FileAttributes fetchAttributes()
-            throws IOException {
+    public FileAttributes fetchAttributes() throws IOException {
         return requester.request(newRequest(PacketType.FSTAT))
                 .retrieve(requester.getTimeoutMs(), TimeUnit.MILLISECONDS)
                 .ensurePacketTypeIs(PacketType.ATTRS)
                 .readFileAttributes();
     }
 
-    public long length()
-            throws IOException {
+    public long length() throws IOException {
         return fetchAttributes().getSize();
     }
 
-    public void setLength(long len)
-            throws IOException {
+    public void setLength(long len) throws IOException {
         setAttributes(new FileAttributes.Builder().withSize(len).build());
     }
 
-    public int read(long fileOffset, byte[] to, int offset, int len)
-            throws IOException {
+    public int read(long fileOffset, byte[] to, int offset, int len) throws IOException {
         final Response res = asyncRead(fileOffset, len).retrieve(requester.getTimeoutMs(), TimeUnit.MILLISECONDS);
         return checkReadResponse(res, to, offset);
     }
 
-    protected Promise<Response, SFTPException> asyncRead(long fileOffset, int len)
-            throws IOException {
+    protected Promise<Response, SFTPException> asyncRead(long fileOffset, int len) throws IOException {
         return requester.request(newRequest(PacketType.READ).putUInt64(fileOffset).putUInt32(len));
     }
 
-    protected int checkReadResponse(Response res, byte[] to, int offset)
-            throws Buffer.BufferException, SFTPException {
+    protected int checkReadResponse(Response res, byte[] to, int offset) throws Buffer.BufferException, SFTPException {
         switch (res.getType()) {
             case DATA:
                 int recvLen = res.readUInt32AsInt();
@@ -79,27 +74,25 @@ public class RemoteFile
         }
     }
 
-    public void write(long fileOffset, byte[] data, int off, int len)
-            throws IOException {
+    public void write(long fileOffset, byte[] data, int off, int len) throws IOException {
         checkWriteResponse(asyncWrite(fileOffset, data, off, len));
     }
 
     protected Promise<Response, SFTPException> asyncWrite(long fileOffset, byte[] data, int off, int len)
             throws IOException {
         return requester.request(newRequest(PacketType.WRITE)
-                                         .putUInt64(fileOffset)
-                                         .putUInt32(len - off)
-                                         .putRawBytes(data, off, len)
+                        .putUInt64(fileOffset)
+                        // TODO The SFTP spec claims this field is unneeded...? See #187
+                        .putUInt32(len)
+                        .putRawBytes(data, off, len)
         );
     }
 
-    private void checkWriteResponse(Promise<Response, SFTPException> responsePromise)
-            throws SFTPException {
+    private void checkWriteResponse(Promise<Response, SFTPException> responsePromise) throws SFTPException {
         responsePromise.retrieve(requester.getTimeoutMs(), TimeUnit.MILLISECONDS).ensureStatusPacketIsOK();
     }
 
-    public void setAttributes(FileAttributes attrs)
-            throws IOException {
+    public void setAttributes(FileAttributes attrs) throws IOException {
         requester.request(newRequest(PacketType.FSETSTAT).putFileAttributes(attrs))
                 .retrieve(requester.getTimeoutMs(), TimeUnit.MILLISECONDS).ensureStatusPacketIsOK();
     }
@@ -139,15 +132,13 @@ public class RemoteFile
         }
 
         @Override
-        public void write(int w)
-                throws IOException {
+        public void write(int w) throws IOException {
             b[0] = (byte) w;
             write(b, 0, 1);
         }
 
         @Override
-        public void write(byte[] buf, int off, int len)
-                throws IOException {
+        public void write(byte[] buf, int off, int len) throws IOException {
             if (unconfirmedWrites.size() > maxUnconfirmedWrites) {
                 checkWriteResponse(unconfirmedWrites.remove());
             }
@@ -156,23 +147,20 @@ public class RemoteFile
         }
 
         @Override
-        public void flush()
-                throws IOException {
+        public void flush() throws IOException {
             while (!unconfirmedWrites.isEmpty()) {
                 checkWriteResponse(unconfirmedWrites.remove());
             }
         }
 
         @Override
-        public void close()
-                throws IOException {
+        public void close() throws IOException {
             flush();
         }
 
     }
 
-    public class RemoteFileInputStream
-            extends InputStream {
+    public class RemoteFileInputStream extends InputStream {
 
         private final byte[] b = new byte[1];
 
@@ -200,31 +188,32 @@ public class RemoteFile
         }
 
         @Override
-        public void reset()
-                throws IOException {
+        public void reset() throws IOException {
             fileOffset = markPos;
         }
 
         @Override
-        public long skip(long n)
-                throws IOException {
-            return (this.fileOffset = Math.min(fileOffset + n, length()));
+        public long skip(long n) throws IOException {
+			final long fileLength = length();
+			final Long previousFileOffset = fileOffset;
+			fileOffset = Math.min(fileOffset + n, fileLength);
+			return fileOffset - previousFileOffset;
         }
 
         @Override
-        public int read()
-                throws IOException {
+        public int read() throws IOException {
             return read(b, 0, 1) == -1 ? -1 : b[0] & 0xff;
         }
 
         @Override
-        public int read(byte[] into, int off, int len)
-                throws IOException {
+        public int read(byte[] into, int off, int len) throws IOException {
             int read = RemoteFile.this.read(fileOffset, into, off, len);
             if (read != -1) {
                 fileOffset += read;
-                if (markPos != 0 && read > readLimit) // Invalidate mark position
+                if (markPos != 0 && read > readLimit) {
+                    // Invalidate mark position
                     markPos = 0;
+                }
             }
             return read;
         }
@@ -237,27 +226,56 @@ public class RemoteFile
         private final byte[] b = new byte[1];
 
         private final int maxUnconfirmedReads;
-        private final Queue<Promise<Response, SFTPException>> unconfirmedReads;
+        private final Queue<Promise<Response, SFTPException>> unconfirmedReads = new LinkedList<Promise<Response, SFTPException>>();
+        private final Queue<Long> unconfirmedReadOffsets = new LinkedList<Long>();
 
-        private long fileOffset;
+        private long requestOffset;
+        private long responseOffset;
         private boolean eof;
 
         public ReadAheadRemoteFileInputStream(int maxUnconfirmedReads) {
+            assert 0 <= maxUnconfirmedReads;
+
             this.maxUnconfirmedReads = maxUnconfirmedReads;
-            this.unconfirmedReads = new LinkedList<Promise<Response, SFTPException>>();
-            this.fileOffset = 0;
         }
 
         public ReadAheadRemoteFileInputStream(int maxUnconfirmedReads, long fileOffset) {
+            assert 0 <= maxUnconfirmedReads;
+            assert 0 <= fileOffset;
+
             this.maxUnconfirmedReads = maxUnconfirmedReads;
-            this.unconfirmedReads = new LinkedList<Promise<Response, SFTPException>>();
-            this.fileOffset = fileOffset;
+            this.requestOffset = this.responseOffset = fileOffset;
         }
 
-        @Override
-        public long skip(long n)
-                throws IOException {
-            throw new IOException("skip is not supported by ReadAheadFileInputStream, use RemoteFileInputStream instead");
+        private ByteArrayInputStream pending = new ByteArrayInputStream(new byte[0]);
+
+        private boolean retrieveUnconfirmedRead(boolean blocking) throws IOException {
+            if (unconfirmedReads.size() <= 0) {
+                return false;
+            }
+
+            if (!blocking && !unconfirmedReads.peek().isDelivered()) {
+                return false;
+            }
+
+            unconfirmedReadOffsets.remove();
+            final Response res = unconfirmedReads.remove().retrieve(requester.getTimeoutMs(), TimeUnit.MILLISECONDS);
+            switch (res.getType()) {
+                case DATA:
+                    int recvLen = res.readUInt32AsInt();
+                    responseOffset += recvLen;
+                    pending = new ByteArrayInputStream(res.array(), res.rpos(), recvLen);
+                    break;
+
+                case STATUS:
+                    res.ensureStatusIs(Response.StatusCode.EOF);
+                    eof = true;
+                    break;
+
+                default:
+                    throw new SFTPException("Unexpected packet: " + res.getType());
+            }
+            return true;
         }
 
         @Override
@@ -267,26 +285,66 @@ public class RemoteFile
         }
 
         @Override
-        public int read(byte[] into, int off, int len)
-                throws IOException {
-            while (!eof && unconfirmedReads.size() <= maxUnconfirmedReads) {
-                // Send read requests as long as there is no EOF and we have not reached the maximum parallelism
-                unconfirmedReads.add(asyncRead(fileOffset, len));
-                fileOffset += len;
+        public int read(byte[] into, int off, int len) throws IOException {
+
+            while (!eof && pending.available() <= 0) {
+
+                // we also need to go here for len <= 0, because pending may be at
+                // EOF in which case it would return -1 instead of 0
+
+                while (unconfirmedReads.size() <= maxUnconfirmedReads) {
+                    // Send read requests as long as there is no EOF and we have not reached the maximum parallelism
+                    int reqLen = Math.max(1024, len); // don't be shy!
+                    unconfirmedReads.add(RemoteFile.this.asyncRead(requestOffset, reqLen));
+                    unconfirmedReadOffsets.add(requestOffset);
+                    requestOffset += reqLen;
+                }
+
+                long nextOffset = unconfirmedReadOffsets.peek();
+                if (responseOffset != nextOffset) {
+
+                    // the server could not give us all the data we needed, so
+                    // we try to fill the gap synchronously
+
+                    assert responseOffset < nextOffset;
+                    assert 0 < (nextOffset - responseOffset);
+                    assert (nextOffset - responseOffset) <= Integer.MAX_VALUE;
+
+                    byte[] buf = new byte[(int) (nextOffset - responseOffset)];
+                    int recvLen = RemoteFile.this.read(responseOffset, buf, 0, buf.length);
+
+                    if (recvLen < 0) {
+                        eof = true;
+                        return -1;
+                    }
+
+                    if (0 == recvLen) {
+                        // avoid infinite loops
+                        throw new SFTPException("Unexpected response size (0), bailing out");
+                    }
+
+                    responseOffset += recvLen;
+                    pending = new ByteArrayInputStream(buf, 0, recvLen);
+                } else if (!retrieveUnconfirmedRead(true /*blocking*/)) {
+
+                    // this may happen if we change prefetch strategy
+                    // currently, we should never get here...
+
+                    throw new IllegalStateException("Could not retrieve data for pending read request");
+                }
             }
-            if (unconfirmedReads.isEmpty()) {
-                assert eof;
-                return -1;
-            }
-            // Retrieve first in
-            final Response res = unconfirmedReads.remove().retrieve(requester.getTimeoutMs(), TimeUnit.MILLISECONDS);
-            final int recvLen = checkReadResponse(res, into, off);
-            if (recvLen == -1) {
-                eof = true;
-            }
-            return recvLen;
+
+            return pending.read(into, off, len);
         }
 
+        @Override
+        public int available() throws IOException {
+            boolean lastRead = true;
+            while (!eof && (pending.available() <= 0) && lastRead) {
+              lastRead = retrieveUnconfirmedRead(false /*blocking*/);
+            }
+            return pending.available();
+        }
     }
+}
 
-}

src/main/java/net/schmizz/sshj/sftp/RemoteResource.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/RemoteResourceFilter.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/RemoteResourceInfo.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/Request.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

src/main/java/net/schmizz/sshj/sftp/Requester.java

@@ -1,5 +1,5 @@
-/**
- * Copyright 2009 sshj contributors
+/*
+ * Copyright (C)2009 - SSHJ Contributors
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.