Previous versions of Apache MINA sshd used SFTP file handles that were twice as large as configured via SftpModuleProperties.FILE_HANDLE_SIZE. The reason for this was that the file handle bytes were stringified, representing each byte as two hex characters. This stringified file handle was then send over the wire. If SftpModuleProperties.FILE_HANDLE_SIZE was configured as 16, the actual file handle size was thus 32 bytes.
This has been fixed in this version.
Additionally, the default setting for the size of file handles has been changed from 16 to 4 bytes. OpenSSH also uses 4-byte SFTP file handles. Using the same size not only means that there is a little more space left in SSH packets for actual data transfer, it also completely avoids the WS_FTP bug mentioned in GH-403.
Potential compatibility issues
KeepAliveHandler global request handler moved from server to common global requests package
Was previously only on server-side - now also for client (see SSHD-1330). This should be fully backward compatible since most servers do not send this request. However, if users have somehow added this handler to the client side independently, the code should be re-examined and the independent handler removed or make it replace the global one.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps org.apache.sshd:sshd-core from 2.10.0 to 2.11.0.
Release notes
Sourced from org.apache.sshd:sshd-core's releases.
... (truncated)
Changelog
Sourced from org.apache.sshd:sshd-core's changelog.
Commits
d65128c
[maven-release-plugin] prepare release sshd-2.11.0ed83224
Prepare 2.11.0 release9cb6fad
Bump version to 2.11.09b485a7
GH-420: avoid spurious exceptions on closing forwarded channelc49e82c
Upgraded Bouncycastle version to 1.766dade0c
GH-328 Added configurable timeout(s) to DefaultSftpClient1283515
Merge pull request #416 from lgoldstein/SSHD-1330d12e052
[SSHD-1330] Using common keep-alive global request handler in client as well ...ba8f36e
Fix detection of Android O/S from system propertiese92a46b
GH-414: Correct error handling in KeyExchangeMessageHandlerDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show