thomas-seag commented on issue #525: URL: https://github.com/apache/mina-sshd/issues/525#issuecomment-2287997523
@quic-nasserg Hi Nasser! What do you mean by > doesn't call that method? https://github.com/apache/mina-sshd/blob/4f2ccf885292adde1d3a0d5f9abd9fb513b07688/sshd-core/src/main/java/org/apache/sshd/common/kex/BuiltinDHFactories.java#L340-L343 calls `BuiltinKEM.sntrup761.isSupported()`: https://github.com/apache/mina-sshd/blob/4f2ccf885292adde1d3a0d5f9abd9fb513b07688/sshd-core/src/main/java/org/apache/sshd/common/kex/BuiltinKEM.java#L41-L44 which calls `SNTRUP761.isSupported()`: https://github.com/apache/mina-sshd/blob/4f2ccf885292adde1d3a0d5f9abd9fb513b07688/sshd-core/src/main/java/org/apache/sshd/common/kex/SNTRUP761.java#L44-L53 which does the key size check and which also returns false if BC doesn't have `SNTRUPrimeParameters.sntrup761` at all. The DH factories are set up by default in https://github.com/apache/mina-sshd/blob/4f2ccf885292adde1d3a0d5f9abd9fb513b07688/sshd-core/src/main/java/org/apache/sshd/server/ServerBuilder.java#L177-L179 which gets called at https://github.com/apache/mina-sshd/blob/4f2ccf885292adde1d3a0d5f9abd9fb513b07688/sshd-core/src/main/java/org/apache/sshd/server/ServerBuilder.java#L119 with `ignoreUnsupported == false` (and likewise for `ClientBuilder`), so https://github.com/apache/mina-sshd/blob/a9504ba8ffd7ee52532304c51da7dcd4486fd355/sshd-common/src/main/java/org/apache/sshd/common/NamedFactory.java#L51-L57 should call `isSupported()`. I have no idea why it the check might not be effective for some setups. I have been wondering, though, why everybody seems to use "[soft requirements](https://maven.apache.org/pom.html#dependency-version-requirement-specification)" with maven. In OSGi (e.g., the JGit MANIFEST.MFs) we always use hard requirements with strict version ranges. It seems that even though we specify 1.78.1 as minimum it can be at runtime still resolve to an earlier BC version? There might also be something not quite right with our `bnd` setup to generate manifests. I see that org.apache.sshd:sshd-osgi:2.13.2 has for BC the version range "[1.78,2)" in its MANIFEST.MF. I would have expected that to be "[1.78.1,2)". -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
