Merge branch 'stable-2.10' into stable-2.11

* stable-2.10:
  Revert "Revert "SSH: Simplify CachingPublicKeyAuthenticator implementation""
  Remove stripping # in login redirect

Change-Id: I052e45a3220b43923e1ee414c97f1bbfe845620a

2 files changed, 4 insertions, 51 deletions

diff --git a/gerrit-httpd/src/main/resources/com/google/gerrit/httpd/auth/container/LoginRedirect.html b/gerrit-httpd/src/main/resources/com/google/gerrit/httpd/auth/container/LoginRedirect.html
index d88af9a42f..0567468e8c 100644
--- a/gerrit-httpd/src/main/resources/com/google/gerrit/httpd/auth/container/LoginRedirect.html
+++ b/gerrit-httpd/src/main/resources/com/google/gerrit/httpd/auth/container/LoginRedirect.html
@@ -7,10 +7,7 @@
       var p = href.indexOf('#');
       var token;
       if (p >= 0) {
-        token = href.substring(p + 1);
-        if (token.length != 0 && token.charAt(0) == '/') {
-          token = token.substring(1);
-        }
+        token = href.substring(p);
         href = href.substring(0, p);
       } else {
         token = '';
diff --git a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/CachingPublicKeyAuthenticator.java b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/CachingPublicKeyAuthenticator.java
index f315cff3b8..0471af8d44 100644
--- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/CachingPublicKeyAuthenticator.java
+++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/CachingPublicKeyAuthenticator.java
@@ -17,56 +17,12 @@ package com.google.gerrit.sshd;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
 
-import org.apache.sshd.common.Session;
-import org.apache.sshd.common.SessionListener;
-import org.apache.sshd.server.PublickeyAuthenticator;
-import org.apache.sshd.server.session.ServerSession;
-
-import java.security.PublicKey;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
-
 @Singleton
-public class CachingPublicKeyAuthenticator implements PublickeyAuthenticator,
-    SessionListener {
-
-  private final PublickeyAuthenticator authenticator;
-  private final Map<ServerSession, Map<PublicKey, Boolean>> sessionCache;
+public class CachingPublicKeyAuthenticator
+    extends org.apache.sshd.server.auth.CachingPublicKeyAuthenticator {
 
   @Inject
   public CachingPublicKeyAuthenticator(DatabasePubKeyAuth authenticator) {
-    this.authenticator = authenticator;
-    this.sessionCache = new ConcurrentHashMap<>();
-  }
-
-  @Override
-  public boolean authenticate(String username, PublicKey key,
-      ServerSession session) {
-    Map<PublicKey, Boolean> m = sessionCache.get(session);
-    if (m == null) {
-      m = new HashMap<>();
-      sessionCache.put(session, m);
-      session.addListener(this);
-    }
-    if (m.containsKey(key)) {
-      return m.get(key);
-    }
-    boolean r = authenticator.authenticate(username, key, session);
-    m.put(key, r);
-    return r;
-  }
-
-  @Override
-  public void sessionCreated(Session session) {
-  }
-
-  @Override
-  public void sessionEvent(Session sesssion, Event event) {
-  }
-
-  @Override
-  public void sessionClosed(Session session) {
-    sessionCache.remove(session);
+    super(authenticator);
   }
 }