You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2022/08/01 10:31:29 UTC
[camel] branch camel-3.14.x updated (5a202d09db8 -> 039dcc8e624)
This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a change to branch camel-3.14.x
in repository https://gitbox.apache.org/repos/asf/camel.git
from 5a202d09db8 CAMEL-18318: camel-quartz - Add ignoreExpiredNextFireTime option.
new 6205ab8342c CAMEL-18264: allow to configure JSch server keys settings (#8077)
new 039dcc8e624 CAMEL-18264: allow to configure JSch server keys settings (#8077)
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../org/apache/camel/catalog/components/sftp.json | 2 +
.../file/remote/SftpEndpointConfigurer.java | 12 +++
.../file/remote/SftpEndpointUriFactory.java | 4 +-
.../apache/camel/component/file/remote/sftp.json | 2 +
.../component/file/remote/SftpConfiguration.java | 30 +++++++
.../component/file/remote/SftpOperations.java | 12 +++
...java => SftpPublicKeyAcceptedAlgorithmsIT.java} | 66 +++------------
...eProtocolsIT.java => SftpServerHostKeysIT.java} | 55 ++++--------
.../endpoint/dsl/SftpEndpointBuilderFactory.java | 99 ++++++++++++++++++++++
9 files changed, 190 insertions(+), 92 deletions(-)
copy components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/{SftpKeyExchangeProtocolsIT.java => SftpPublicKeyAcceptedAlgorithmsIT.java} (52%)
copy components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/{SftpKeyExchangeProtocolsIT.java => SftpServerHostKeysIT.java} (66%)
[camel] 01/02: CAMEL-18264: allow to configure JSch server keys settings (#8077)
Posted by da...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch camel-3.14.x
in repository https://gitbox.apache.org/repos/asf/camel.git
commit 6205ab8342c72a018b8d981b7eed6d72702d2fe4
Author: Konrad Stachera <ko...@gmail.com>
AuthorDate: Sun Jul 31 10:36:50 2022 +0200
CAMEL-18264: allow to configure JSch server keys settings (#8077)
---
.../org/apache/camel/catalog/components/sftp.json | 2 +
.../file/remote/SftpEndpointConfigurer.java | 12 +++
.../file/remote/SftpEndpointUriFactory.java | 4 +-
.../apache/camel/component/file/remote/sftp.json | 2 +
.../component/file/remote/SftpConfiguration.java | 30 +++++++
.../component/file/remote/SftpOperations.java | 12 +++
.../SftpPublicKeyAcceptedAlgorithmsIT.java | 69 +++++++++++++++
.../remote/integration/SftpServerHostKeysIT.java | 94 ++++++++++++++++++++
.../endpoint/dsl/SftpEndpointBuilderFactory.java | 99 ++++++++++++++++++++++
9 files changed, 323 insertions(+), 1 deletion(-)
diff --git a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/sftp.json b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/sftp.json
index ac3c128e92a..75328892a30 100644
--- a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/sftp.json
+++ b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/sftp.json
@@ -149,6 +149,8 @@
"privateKeyFile": { "kind": "parameter", "displayName": "Private Key File", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Set the private key file so that the SFTP endpoint can do private key verification." },
"privateKeyPassphrase": { "kind": "parameter", "displayName": "Private Key Passphrase", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Set the private key file passphrase so that the SFTP endpoint can do private key verification." },
"privateKeyUri": { "kind": "parameter", "displayName": "Private Key Uri", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Set the private key file (loaded from classpath by default) so that the SFTP endpoint can do private key veri [...]
+ "publicKeyAcceptedAlgorithms": { "kind": "parameter", "displayName": "Public Key Accepted Algorithms", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Set a comma separated list of public key accepted algorithms. Some examples inc [...]
+ "serverHostKeys": { "kind": "parameter", "displayName": "Server Host Keys", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Set a comma separated list of algorithms supported for the server host key. Some examples include: ssh-ed2 [...]
"strictHostKeyChecking": { "kind": "parameter", "displayName": "Strict Host Key Checking", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "enum": [ "no", "yes" ], "deprecated": false, "autowired": false, "secret": false, "defaultValue": "no", "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Sets whether to use strict host key checking." },
"username": { "kind": "parameter", "displayName": "Username", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Username to use for login" },
"useUserKnownHostsFile": { "kind": "parameter", "displayName": "Use User Known Hosts File", "group": "security", "label": "security", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": true, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "If knownHostFile has not been explicit configured then use the host file fro [...]
diff --git a/components/camel-ftp/src/generated/java/org/apache/camel/component/file/remote/SftpEndpointConfigurer.java b/components/camel-ftp/src/generated/java/org/apache/camel/component/file/remote/SftpEndpointConfigurer.java
index 334c95e9e7a..2701c9adbc8 100644
--- a/components/camel-ftp/src/generated/java/org/apache/camel/component/file/remote/SftpEndpointConfigurer.java
+++ b/components/camel-ftp/src/generated/java/org/apache/camel/component/file/remote/SftpEndpointConfigurer.java
@@ -162,6 +162,8 @@ public class SftpEndpointConfigurer extends PropertyConfigurerSupport implements
case "processstrategy":
case "processStrategy": target.setProcessStrategy(property(camelContext, org.apache.camel.component.file.GenericFileProcessStrategy.class, value)); return true;
case "proxy": target.setProxy(property(camelContext, com.jcraft.jsch.Proxy.class, value)); return true;
+ case "publickeyacceptedalgorithms":
+ case "publicKeyAcceptedAlgorithms": target.getConfiguration().setPublicKeyAcceptedAlgorithms(property(camelContext, java.lang.String.class, value)); return true;
case "readlock":
case "readLock": target.setReadLock(property(camelContext, java.lang.String.class, value)); return true;
case "readlockcheckinterval":
@@ -211,6 +213,8 @@ public class SftpEndpointConfigurer extends PropertyConfigurerSupport implements
case "serverAliveCountMax": target.getConfiguration().setServerAliveCountMax(property(camelContext, int.class, value)); return true;
case "serveraliveinterval":
case "serverAliveInterval": target.getConfiguration().setServerAliveInterval(property(camelContext, int.class, value)); return true;
+ case "serverhostkeys":
+ case "serverHostKeys": target.getConfiguration().setServerHostKeys(property(camelContext, java.lang.String.class, value)); return true;
case "shuffle": target.setShuffle(property(camelContext, boolean.class, value)); return true;
case "sotimeout":
case "soTimeout": target.getConfiguration().setSoTimeout(property(camelContext, int.class, value)); return true;
@@ -389,6 +393,8 @@ public class SftpEndpointConfigurer extends PropertyConfigurerSupport implements
case "processstrategy":
case "processStrategy": return org.apache.camel.component.file.GenericFileProcessStrategy.class;
case "proxy": return com.jcraft.jsch.Proxy.class;
+ case "publickeyacceptedalgorithms":
+ case "publicKeyAcceptedAlgorithms": return java.lang.String.class;
case "readlock":
case "readLock": return java.lang.String.class;
case "readlockcheckinterval":
@@ -438,6 +444,8 @@ public class SftpEndpointConfigurer extends PropertyConfigurerSupport implements
case "serverAliveCountMax": return int.class;
case "serveraliveinterval":
case "serverAliveInterval": return int.class;
+ case "serverhostkeys":
+ case "serverHostKeys": return java.lang.String.class;
case "shuffle": return boolean.class;
case "sotimeout":
case "soTimeout": return int.class;
@@ -617,6 +625,8 @@ public class SftpEndpointConfigurer extends PropertyConfigurerSupport implements
case "processstrategy":
case "processStrategy": return target.getProcessStrategy();
case "proxy": return target.getProxy();
+ case "publickeyacceptedalgorithms":
+ case "publicKeyAcceptedAlgorithms": return target.getConfiguration().getPublicKeyAcceptedAlgorithms();
case "readlock":
case "readLock": return target.getReadLock();
case "readlockcheckinterval":
@@ -666,6 +676,8 @@ public class SftpEndpointConfigurer extends PropertyConfigurerSupport implements
case "serverAliveCountMax": return target.getConfiguration().getServerAliveCountMax();
case "serveraliveinterval":
case "serverAliveInterval": return target.getConfiguration().getServerAliveInterval();
+ case "serverhostkeys":
+ case "serverHostKeys": return target.getConfiguration().getServerHostKeys();
case "shuffle": return target.isShuffle();
case "sotimeout":
case "soTimeout": return target.getConfiguration().getSoTimeout();
diff --git a/components/camel-ftp/src/generated/java/org/apache/camel/component/file/remote/SftpEndpointUriFactory.java b/components/camel-ftp/src/generated/java/org/apache/camel/component/file/remote/SftpEndpointUriFactory.java
index 010ecfa425b..c432b732571 100644
--- a/components/camel-ftp/src/generated/java/org/apache/camel/component/file/remote/SftpEndpointUriFactory.java
+++ b/components/camel-ftp/src/generated/java/org/apache/camel/component/file/remote/SftpEndpointUriFactory.java
@@ -20,7 +20,7 @@ public class SftpEndpointUriFactory extends org.apache.camel.support.component.E
private static final Set<String> PROPERTY_NAMES;
private static final Set<String> SECRET_PROPERTY_NAMES;
static {
- Set<String> props = new HashSet<>(127);
+ Set<String> props = new HashSet<>(129);
props.add("disconnect");
props.add("moveExistingFileStrategy");
props.add("fileName");
@@ -36,6 +36,7 @@ public class SftpEndpointUriFactory extends org.apache.camel.support.component.E
props.add("directoryName");
props.add("readLockDeleteOrphanLockFiles");
props.add("schedulerProperties");
+ props.add("serverHostKeys");
props.add("serverAliveInterval");
props.add("inProgressRepository");
props.add("soTimeout");
@@ -142,6 +143,7 @@ public class SftpEndpointUriFactory extends org.apache.camel.support.component.E
props.add("knownHosts");
props.add("useList");
props.add("privateKey");
+ props.add("publicKeyAcceptedAlgorithms");
props.add("tempFileName");
props.add("ignoreFileNotFoundOrPermissionError");
props.add("antFilterCaseSensitive");
diff --git a/components/camel-ftp/src/generated/resources/org/apache/camel/component/file/remote/sftp.json b/components/camel-ftp/src/generated/resources/org/apache/camel/component/file/remote/sftp.json
index ac3c128e92a..75328892a30 100644
--- a/components/camel-ftp/src/generated/resources/org/apache/camel/component/file/remote/sftp.json
+++ b/components/camel-ftp/src/generated/resources/org/apache/camel/component/file/remote/sftp.json
@@ -149,6 +149,8 @@
"privateKeyFile": { "kind": "parameter", "displayName": "Private Key File", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Set the private key file so that the SFTP endpoint can do private key verification." },
"privateKeyPassphrase": { "kind": "parameter", "displayName": "Private Key Passphrase", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Set the private key file passphrase so that the SFTP endpoint can do private key verification." },
"privateKeyUri": { "kind": "parameter", "displayName": "Private Key Uri", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Set the private key file (loaded from classpath by default) so that the SFTP endpoint can do private key veri [...]
+ "publicKeyAcceptedAlgorithms": { "kind": "parameter", "displayName": "Public Key Accepted Algorithms", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Set a comma separated list of public key accepted algorithms. Some examples inc [...]
+ "serverHostKeys": { "kind": "parameter", "displayName": "Server Host Keys", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Set a comma separated list of algorithms supported for the server host key. Some examples include: ssh-ed2 [...]
"strictHostKeyChecking": { "kind": "parameter", "displayName": "Strict Host Key Checking", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "enum": [ "no", "yes" ], "deprecated": false, "autowired": false, "secret": false, "defaultValue": "no", "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Sets whether to use strict host key checking." },
"username": { "kind": "parameter", "displayName": "Username", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "Username to use for login" },
"useUserKnownHostsFile": { "kind": "parameter", "displayName": "Use User Known Hosts File", "group": "security", "label": "security", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": true, "configurationClass": "org.apache.camel.component.file.remote.SftpConfiguration", "configurationField": "configuration", "description": "If knownHostFile has not been explicit configured then use the host file fro [...]
diff --git a/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/SftpConfiguration.java b/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/SftpConfiguration.java
index a48f6024f13..5c34df7e8e4 100644
--- a/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/SftpConfiguration.java
+++ b/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/SftpConfiguration.java
@@ -77,6 +77,10 @@ public class SftpConfiguration extends RemoteFileConfiguration {
private String keyExchangeProtocols;
@UriParam(label = "producer,advanced")
private String chmodDirectory;
+ @UriParam(label = "security")
+ private String serverHostKeys;
+ @UriParam(label = "security")
+ private String publicKeyAcceptedAlgorithms;
public SftpConfiguration() {
setProtocol("sftp");
@@ -362,4 +366,30 @@ public class SftpConfiguration extends RemoteFileConfiguration {
public void setKeyExchangeProtocols(String keyExchangeProtocols) {
this.keyExchangeProtocols = keyExchangeProtocols;
}
+
+ public String getServerHostKeys() {
+ return serverHostKeys;
+ }
+
+ /**
+ * Set a comma separated list of algorithms supported for the server host key. Some examples include:
+ * ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 If not
+ * specified the default list from JSCH will be used.
+ */
+ public void setServerHostKeys(String serverHostKeys) {
+ this.serverHostKeys = serverHostKeys;
+ }
+
+ public String getPublicKeyAcceptedAlgorithms() {
+ return publicKeyAcceptedAlgorithms;
+ }
+
+ /**
+ * Set a comma separated list of public key accepted algorithms. Some examples include:
+ * ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 If not
+ * specified the default list from JSCH will be used.
+ */
+ public void setPublicKeyAcceptedAlgorithms(String publicKeyAcceptedAlgorithms) {
+ this.publicKeyAcceptedAlgorithms = publicKeyAcceptedAlgorithms;
+ }
}
diff --git a/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/SftpOperations.java b/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/SftpOperations.java
index b024a9c1dde..392ed8cf45b 100644
--- a/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/SftpOperations.java
+++ b/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/SftpOperations.java
@@ -326,6 +326,18 @@ public class SftpOperations implements RemoteFileOperations<SftpRemoteFile> {
session.setConfig("PreferredAuthentications", sftpConfig.getPreferredAuthentications());
}
+ // set the ServerHostKeys
+ if (sftpConfig.getServerHostKeys() != null) {
+ LOG.debug("Using ServerHostKeys: {}", sftpConfig.getServerHostKeys());
+ session.setConfig("server_host_key", sftpConfig.getServerHostKeys());
+ }
+
+ // set the PublicKeyAcceptedAlgorithms
+ if (sftpConfig.getPublicKeyAcceptedAlgorithms() != null) {
+ LOG.debug("Using PublicKeyAcceptedAlgorithms: {}", sftpConfig.getPublicKeyAcceptedAlgorithms());
+ session.setConfig("PubkeyAcceptedAlgorithms", sftpConfig.getPublicKeyAcceptedAlgorithms());
+ }
+
// set user information
session.setUserInfo(new ExtendedUserInfo() {
public String getPassphrase() {
diff --git a/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/SftpPublicKeyAcceptedAlgorithmsIT.java b/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/SftpPublicKeyAcceptedAlgorithmsIT.java
new file mode 100644
index 00000000000..158ce96234e
--- /dev/null
+++ b/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/SftpPublicKeyAcceptedAlgorithmsIT.java
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.file.remote.integration;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.file.remote.sftp.integration.SftpServerTestSupport;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.junit.jupiter.api.Test;
+
+public class SftpPublicKeyAcceptedAlgorithmsIT extends SftpServerTestSupport {
+
+ @Test
+ public void testSingleKey() throws Exception {
+ final MockEndpoint mock = getMockEndpoint("mock:result");
+ mock.expectedMessageCount(1);
+
+ template.sendBodyAndHeader("sftp://admin@localhost:{{ftp.server.port}}/{{ftp.root.dir}}/publicKeyAcceptedAlgorithms" +
+ "?password=admin" +
+ "&publicKeyAcceptedAlgorithms=rsa-sha2-512",
+ "a", Exchange.FILE_NAME,
+ "a.txt");
+
+ mock.assertIsSatisfied();
+ }
+
+ @Test
+ public void testMultipleKey() throws Exception {
+ final MockEndpoint mock = getMockEndpoint("mock:result");
+ mock.expectedMessageCount(1);
+
+ template.sendBodyAndHeader("sftp://admin@localhost:{{ftp.server.port}}/{{ftp.root.dir}}/publicKeyAcceptedAlgorithms" +
+ "?password=admin" +
+ "&publicKeyAcceptedAlgorithms=rsa-sha2-512,not-supported-key",
+ "a", Exchange.FILE_NAME,
+ "a.txt");
+
+ mock.assertIsSatisfied();
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() {
+ return new RouteBuilder() {
+ @Override
+ public void configure() {
+ from(getFtpUrl()).routeId("myRoute").to("mock:result");
+ }
+ };
+ }
+
+ protected String getFtpUrl() {
+ return "sftp://admin@localhost:{{ftp.server.port}}/{{ftp.root.dir}}/publicKeyAcceptedAlgorithms/?password=admin"
+ + "&noop=true";
+ }
+}
diff --git a/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/SftpServerHostKeysIT.java b/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/SftpServerHostKeysIT.java
new file mode 100644
index 00000000000..698f0251cc1
--- /dev/null
+++ b/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/SftpServerHostKeysIT.java
@@ -0,0 +1,94 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.file.remote.integration;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.camel.CamelExecutionException;
+import org.apache.camel.Exchange;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.file.remote.sftp.integration.SftpServerTestSupport;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.hamcrest.MatcherAssert;
+import org.hamcrest.Matchers;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+
+public class SftpServerHostKeysIT extends SftpServerTestSupport {
+
+ @Test
+ public void testNonExistingKey() {
+ Throwable exception = Assertions.assertThrows(CamelExecutionException.class,
+ () -> template.sendBodyAndHeader("sftp://admin@localhost:{{ftp.server.port}}/{{ftp.root.dir}}/serverHostKeys" +
+ "?password=admin" +
+ "&serverHostKeys=not-supported-key",
+ "a", Exchange.FILE_NAME,
+ "a.txt"));
+
+ final List<String> errorMessages = new ArrayList<>();
+ while (exception.getCause() != null) {
+ errorMessages.add(exception.getCause().getMessage());
+ exception = exception.getCause();
+ }
+
+ MatcherAssert.assertThat(errorMessages, Matchers.hasItem("Algorithm negotiation fail"));
+ }
+
+ @Test
+ public void testSingleKey() throws Exception {
+ final MockEndpoint mock = getMockEndpoint("mock:result");
+ mock.expectedMessageCount(1);
+
+ template.sendBodyAndHeader("sftp://admin@localhost:{{ftp.server.port}}/{{ftp.root.dir}}/serverHostKeys" +
+ "?password=admin" +
+ "&serverHostKeys=rsa-sha2-512",
+ "a", Exchange.FILE_NAME,
+ "a.txt");
+
+ mock.assertIsSatisfied();
+ }
+
+ @Test
+ public void testMultipleKey() throws Exception {
+ final MockEndpoint mock = getMockEndpoint("mock:result");
+ mock.expectedMessageCount(1);
+
+ template.sendBodyAndHeader("sftp://admin@localhost:{{ftp.server.port}}/{{ftp.root.dir}}/serverHostKeys" +
+ "?password=admin" +
+ "&serverHostKeys=rsa-sha2-512,not-supported-key",
+ "a", Exchange.FILE_NAME,
+ "a.txt");
+
+ mock.assertIsSatisfied();
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() {
+ return new RouteBuilder() {
+ @Override
+ public void configure() {
+ from(getFtpUrl()).routeId("myRoute").to("mock:result");
+ }
+ };
+ }
+
+ protected String getFtpUrl() {
+ return "sftp://admin@localhost:{{ftp.server.port}}/{{ftp.root.dir}}/serverHostKeys/?password=admin"
+ + "&noop=true";
+ }
+}
diff --git a/core/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/SftpEndpointBuilderFactory.java b/core/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/SftpEndpointBuilderFactory.java
index f3e844e048f..f8e8c760e9d 100644
--- a/core/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/SftpEndpointBuilderFactory.java
+++ b/core/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/SftpEndpointBuilderFactory.java
@@ -2565,6 +2565,39 @@ public interface SftpEndpointBuilderFactory {
doSetProperty("privateKeyUri", privateKeyUri);
return this;
}
+ /**
+ * Set a comma separated list of public key accepted algorithms. Some
+ * examples include:
+ * ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 If not specified the default list from JSCH will be used.
+ *
+ * The option is a: <code>java.lang.String</code> type.
+ *
+ * Group: security
+ *
+ * @param publicKeyAcceptedAlgorithms the value to set
+ * @return the dsl builder
+ */
+ default SftpEndpointConsumerBuilder publicKeyAcceptedAlgorithms(
+ String publicKeyAcceptedAlgorithms) {
+ doSetProperty("publicKeyAcceptedAlgorithms", publicKeyAcceptedAlgorithms);
+ return this;
+ }
+ /**
+ * Set a comma separated list of algorithms supported for the server
+ * host key. Some examples include:
+ * ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 If not specified the default list from JSCH will be used.
+ *
+ * The option is a: <code>java.lang.String</code> type.
+ *
+ * Group: security
+ *
+ * @param serverHostKeys the value to set
+ * @return the dsl builder
+ */
+ default SftpEndpointConsumerBuilder serverHostKeys(String serverHostKeys) {
+ doSetProperty("serverHostKeys", serverHostKeys);
+ return this;
+ }
/**
* Sets whether to use strict host key checking.
*
@@ -4521,6 +4554,39 @@ public interface SftpEndpointBuilderFactory {
doSetProperty("privateKeyUri", privateKeyUri);
return this;
}
+ /**
+ * Set a comma separated list of public key accepted algorithms. Some
+ * examples include:
+ * ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 If not specified the default list from JSCH will be used.
+ *
+ * The option is a: <code>java.lang.String</code> type.
+ *
+ * Group: security
+ *
+ * @param publicKeyAcceptedAlgorithms the value to set
+ * @return the dsl builder
+ */
+ default SftpEndpointProducerBuilder publicKeyAcceptedAlgorithms(
+ String publicKeyAcceptedAlgorithms) {
+ doSetProperty("publicKeyAcceptedAlgorithms", publicKeyAcceptedAlgorithms);
+ return this;
+ }
+ /**
+ * Set a comma separated list of algorithms supported for the server
+ * host key. Some examples include:
+ * ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 If not specified the default list from JSCH will be used.
+ *
+ * The option is a: <code>java.lang.String</code> type.
+ *
+ * Group: security
+ *
+ * @param serverHostKeys the value to set
+ * @return the dsl builder
+ */
+ default SftpEndpointProducerBuilder serverHostKeys(String serverHostKeys) {
+ doSetProperty("serverHostKeys", serverHostKeys);
+ return this;
+ }
/**
* Sets whether to use strict host key checking.
*
@@ -6004,6 +6070,39 @@ public interface SftpEndpointBuilderFactory {
doSetProperty("privateKeyUri", privateKeyUri);
return this;
}
+ /**
+ * Set a comma separated list of public key accepted algorithms. Some
+ * examples include:
+ * ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 If not specified the default list from JSCH will be used.
+ *
+ * The option is a: <code>java.lang.String</code> type.
+ *
+ * Group: security
+ *
+ * @param publicKeyAcceptedAlgorithms the value to set
+ * @return the dsl builder
+ */
+ default SftpEndpointBuilder publicKeyAcceptedAlgorithms(
+ String publicKeyAcceptedAlgorithms) {
+ doSetProperty("publicKeyAcceptedAlgorithms", publicKeyAcceptedAlgorithms);
+ return this;
+ }
+ /**
+ * Set a comma separated list of algorithms supported for the server
+ * host key. Some examples include:
+ * ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256 If not specified the default list from JSCH will be used.
+ *
+ * The option is a: <code>java.lang.String</code> type.
+ *
+ * Group: security
+ *
+ * @param serverHostKeys the value to set
+ * @return the dsl builder
+ */
+ default SftpEndpointBuilder serverHostKeys(String serverHostKeys) {
+ doSetProperty("serverHostKeys", serverHostKeys);
+ return this;
+ }
/**
* Sets whether to use strict host key checking.
*
[camel] 02/02: CAMEL-18264: allow to configure JSch server keys settings (#8077)
Posted by da...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch camel-3.14.x
in repository https://gitbox.apache.org/repos/asf/camel.git
commit 039dcc8e624af11c88c40fde229489bf5df8b902
Author: Claus Ibsen <cl...@gmail.com>
AuthorDate: Sun Jul 31 11:12:25 2022 +0200
CAMEL-18264: allow to configure JSch server keys settings (#8077)
---
.../file/remote/integration/SftpPublicKeyAcceptedAlgorithmsIT.java | 2 ++
1 file changed, 2 insertions(+)
diff --git a/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/SftpPublicKeyAcceptedAlgorithmsIT.java b/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/SftpPublicKeyAcceptedAlgorithmsIT.java
index 158ce96234e..2448809acd1 100644
--- a/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/SftpPublicKeyAcceptedAlgorithmsIT.java
+++ b/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/integration/SftpPublicKeyAcceptedAlgorithmsIT.java
@@ -21,7 +21,9 @@ import org.apache.camel.builder.RouteBuilder;
import org.apache.camel.component.file.remote.sftp.integration.SftpServerTestSupport;
import org.apache.camel.component.mock.MockEndpoint;
import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.parallel.Isolated;
+@Isolated
public class SftpPublicKeyAcceptedAlgorithmsIT extends SftpServerTestSupport {
@Test