You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by da...@apache.org on 2015/09/20 04:52:00 UTC
maven-wagon git commit: [WAGON-426] Prevent fingerprints loss in
known_hosts. Append in known_host instead of the current "clean and write"
that filters unknown formats (like ecdsa-sha2-nistp256). Tested with
wagon-maven-plugin This closes #16
Repository: maven-wagon
Updated Branches:
refs/heads/master 178161ceb -> fc34bf340
[WAGON-426] Prevent fingerprints loss in known_hosts. Append in
known_host instead of the current "clean and write" that filters unknown
formats (like ecdsa-sha2-nistp256). Tested with wagon-maven-plugin This
closes #16
Project: http://git-wip-us.apache.org/repos/asf/maven-wagon/repo
Commit: http://git-wip-us.apache.org/repos/asf/maven-wagon/commit/fc34bf34
Tree: http://git-wip-us.apache.org/repos/asf/maven-wagon/tree/fc34bf34
Diff: http://git-wip-us.apache.org/repos/asf/maven-wagon/diff/fc34bf34
Branch: refs/heads/master
Commit: fc34bf340e64f42ea969b29bb83aa73d0b10d910
Parents: 178161c
Author: dantran <da...@gmail.com>
Authored: Sat Sep 19 19:51:55 2015 -0700
Committer: dantran <da...@gmail.com>
Committed: Sat Sep 19 19:51:55 2015 -0700
----------------------------------------------------------------------
.../knownhost/AbstractKnownHostsProvider.java | 15 ++++--
.../ssh/knownhost/FileKnownHostsProvider.java | 17 +++++--
.../ssh/knownhost/KnownHostsProvider.java | 3 ++
.../providers/ssh/jsch/AbstractJschWagon.java | 53 +++++++++-----------
.../ssh/jsch/EmbeddedScpWagonTest.java | 6 +++
.../ssh/jsch/EmbeddedScpWagonWithKeyTest.java | 6 +++
6 files changed, 63 insertions(+), 37 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/AbstractKnownHostsProvider.java
----------------------------------------------------------------------
diff --git a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/AbstractKnownHostsProvider.java b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/AbstractKnownHostsProvider.java
index 19c9f3f..6b9117a 100644
--- a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/AbstractKnownHostsProvider.java
+++ b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/AbstractKnownHostsProvider.java
@@ -34,7 +34,7 @@ public abstract class AbstractKnownHostsProvider
{
/**
* Valid values are ask, yes, no.
- *
+ *
* @plexus.configuration default-value="ask"
*/
private String hostKeyChecking = "ask";
@@ -43,7 +43,7 @@ public abstract class AbstractKnownHostsProvider
* the known hosts, in the openssh format
*/
protected String contents;
-
+
protected Set<KnownHostEntry> knownHosts = new HashSet<KnownHostEntry>();
public void setHostKeyChecking( String hostKeyChecking )
@@ -60,11 +60,16 @@ public abstract class AbstractKnownHostsProvider
{
return contents;
}
-
+
public void storeKnownHosts( String contents )
throws IOException
{
}
-
-
+
+ public void addKnownHost( KnownHostEntry knownHost )
+ throws IOException
+ {
+ }
+
+
}
http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/FileKnownHostsProvider.java
----------------------------------------------------------------------
diff --git a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/FileKnownHostsProvider.java b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/FileKnownHostsProvider.java
index 399c1d2..48ab250 100644
--- a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/FileKnownHostsProvider.java
+++ b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/FileKnownHostsProvider.java
@@ -33,7 +33,7 @@ import org.codehaus.plexus.util.FileUtils;
*
* @author Juan F. Codagnone
* @since Sep 12, 2005
- *
+ *
* @plexus.component role="org.apache.maven.wagon.providers.ssh.knownhost.KnownHostsProvider"
* role-hint="file"
* instantiation-strategy="per-lookup"
@@ -72,7 +72,7 @@ public class FileKnownHostsProvider
throws IOException
{
Set<KnownHostEntry> hosts = this.loadKnownHosts( contents );
-
+
if ( ! this.knownHosts.equals( hosts ) )
{
file.getParentFile().mkdirs();
@@ -80,7 +80,18 @@ public class FileKnownHostsProvider
this.knownHosts = hosts;
}
}
-
+
+ public void addKnownHost( KnownHostEntry knownHostEntry )
+ throws IOException
+ {
+ if ( !this.knownHosts.contains( knownHostEntry ) )
+ {
+ String knownHost = knownHostEntry.getHostName() + " " + knownHostEntry.getKeyType() + " "
+ + knownHostEntry.getKeyValue() + "\n";
+ FileUtils.fileAppend( file.getAbsolutePath(), knownHost );
+ }
+ }
+
public File getFile()
{
return file;
http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/KnownHostsProvider.java
----------------------------------------------------------------------
diff --git a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/KnownHostsProvider.java b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/KnownHostsProvider.java
index 85ce9aa..abaebef 100644
--- a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/KnownHostsProvider.java
+++ b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/KnownHostsProvider.java
@@ -34,6 +34,9 @@ public interface KnownHostsProvider
void storeKnownHosts( String contents )
throws IOException;
+ void addKnownHost( KnownHostEntry knownHost )
+ throws IOException;
+
void setHostKeyChecking( String hostKeyChecking );
String getHostKeyChecking();
http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java
----------------------------------------------------------------------
diff --git a/wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java b/wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java
index 9ae7625..0b3ad5a 100644
--- a/wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java
+++ b/wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java
@@ -25,8 +25,6 @@ import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
-import java.io.PrintWriter;
-import java.io.StringWriter;
import java.util.List;
import java.util.Properties;
@@ -48,6 +46,7 @@ import org.apache.maven.wagon.providers.ssh.interactive.InteractiveUserInfo;
import org.apache.maven.wagon.providers.ssh.interactive.NullInteractiveUserInfo;
import org.apache.maven.wagon.providers.ssh.jsch.interactive.UserInfoUIKeyboardInteractiveProxy;
import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostChangedException;
+import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostEntry;
import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostsProvider;
import org.apache.maven.wagon.providers.ssh.knownhost.UnknownHostException;
import org.apache.maven.wagon.proxy.ProxyInfo;
@@ -55,10 +54,6 @@ import org.apache.maven.wagon.resource.Resource;
import org.codehaus.plexus.util.IOUtil;
import org.codehaus.plexus.util.StringInputStream;
-import com.jcraft.jsch.agentproxy.AgentProxyException;
-import com.jcraft.jsch.agentproxy.Connector;
-import com.jcraft.jsch.agentproxy.ConnectorFactory;
-import com.jcraft.jsch.agentproxy.RemoteIdentityRepository;
import com.jcraft.jsch.ChannelExec;
import com.jcraft.jsch.HostKey;
import com.jcraft.jsch.HostKeyRepository;
@@ -71,6 +66,10 @@ import com.jcraft.jsch.ProxySOCKS5;
import com.jcraft.jsch.Session;
import com.jcraft.jsch.UIKeyboardInteractive;
import com.jcraft.jsch.UserInfo;
+import com.jcraft.jsch.agentproxy.AgentProxyException;
+import com.jcraft.jsch.agentproxy.Connector;
+import com.jcraft.jsch.agentproxy.ConnectorFactory;
+import com.jcraft.jsch.agentproxy.RemoteIdentityRepository;
/**
* AbstractJschWagon
@@ -251,24 +250,9 @@ public abstract class AbstractJschWagon
session.setUserInfo( ui );
- StringWriter stringWriter = new StringWriter();
try
{
session.connect();
-
- if ( getKnownHostsProvider() != null )
- {
- PrintWriter w = new PrintWriter( stringWriter );
-
- HostKeyRepository hkr = sch.getHostKeyRepository();
- HostKey[] keys = hkr.getHostKey();
-
- for ( int i = 0; keys != null && i < keys.length; i++ )
- {
- HostKey key = keys[i];
- w.println( key.getHost() + " " + key.getType() + " " + key.getKey() );
- }
- }
}
catch ( JSchException e )
{
@@ -286,16 +270,27 @@ public abstract class AbstractJschWagon
}
}
- try
- {
- getKnownHostsProvider().storeKnownHosts( stringWriter.toString() );
- }
- catch ( IOException e )
+ if ( getKnownHostsProvider() != null )
{
- closeConnection();
+ HostKeyRepository hkr = sch.getHostKeyRepository();
+
+ HostKey[] hk = hkr.getHostKey( host, null );
+ try
+ {
+ for ( HostKey hostKey : hk )
+ {
+ KnownHostEntry knownHostEntry = new KnownHostEntry( hostKey.getHost(), hostKey.getType(),
+ hostKey.getKey() );
+ getKnownHostsProvider().addKnownHost( knownHostEntry );
+ }
+ }
+ catch ( IOException e )
+ {
+ closeConnection();
- throw new AuthenticationException(
- "Connection aborted - failed to write to known_hosts. Reason: " + e.getMessage(), e );
+ throw new AuthenticationException(
+ "Connection aborted - failed to write to known_hosts. Reason: " + e.getMessage(), e );
+ }
}
}
http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonTest.java
----------------------------------------------------------------------
diff --git a/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonTest.java b/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonTest.java
index 7ff8fee..72dc1c0 100644
--- a/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonTest.java
+++ b/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonTest.java
@@ -21,6 +21,7 @@ package org.apache.maven.wagon.providers.ssh.jsch;
import org.apache.maven.wagon.Wagon;
import org.apache.maven.wagon.providers.ssh.AbstractEmbeddedScpWagonTest;
+import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostEntry;
import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostsProvider;
import java.io.IOException;
@@ -47,6 +48,11 @@ public class EmbeddedScpWagonTest
}
+ public void addKnownHost( KnownHostEntry knownHost )
+ throws IOException
+ {
+ }
+
public void setHostKeyChecking( String hostKeyChecking )
{
}
http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonWithKeyTest.java
----------------------------------------------------------------------
diff --git a/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonWithKeyTest.java b/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonWithKeyTest.java
index c46609f..47d642d 100644
--- a/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonWithKeyTest.java
+++ b/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonWithKeyTest.java
@@ -22,6 +22,7 @@ package org.apache.maven.wagon.providers.ssh.jsch;
import org.apache.maven.wagon.Wagon;
import org.apache.maven.wagon.authentication.AuthenticationInfo;
import org.apache.maven.wagon.providers.ssh.AbstractEmbeddedScpWagonWithKeyTest;
+import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostEntry;
import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostsProvider;
import java.io.File;
@@ -50,6 +51,11 @@ public class EmbeddedScpWagonWithKeyTest
}
+ public void addKnownHost( KnownHostEntry knownHost )
+ throws IOException
+ {
+ }
+
public void setHostKeyChecking( String hostKeyChecking )
{
}