You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by be...@apache.org on 2011/02/10 14:46:48 UTC
svn commit: r1069389 - in /maven/release/trunk/maven-release-manager: ./
src/main/java/org/apache/maven/shared/release/scm/ src/main/resources/
src/main/resources/META-INF/ src/main/resources/META-INF/plexus/
src/test/java/org/apache/maven/shared/relea...
Author: bentmann
Date: Thu Feb 10 13:46:48 2011
New Revision: 1069389
URL: http://svn.apache.org/viewvc?rev=1069389&view=rev
Log:
[MRELEASE-648] Putting SVN password in settings.xml doesn't support password encryption
Added:
maven/release/trunk/maven-release-manager/src/main/resources/
maven/release/trunk/maven-release-manager/src/main/resources/META-INF/
maven/release/trunk/maven-release-manager/src/main/resources/META-INF/plexus/
maven/release/trunk/maven-release-manager/src/main/resources/META-INF/plexus/components.xml (with props)
maven/release/trunk/maven-release-manager/src/test/resources/settings-security.xml (with props)
Modified:
maven/release/trunk/maven-release-manager/pom.xml
maven/release/trunk/maven-release-manager/src/main/java/org/apache/maven/shared/release/scm/DefaultScmRepositoryConfigurator.java
maven/release/trunk/maven-release-manager/src/test/java/org/apache/maven/shared/release/scm/DefaultScmRepositoryConfiguratorTest.java
Modified: maven/release/trunk/maven-release-manager/pom.xml
URL: http://svn.apache.org/viewvc/maven/release/trunk/maven-release-manager/pom.xml?rev=1069389&r1=1069388&r2=1069389&view=diff
==============================================================================
--- maven/release/trunk/maven-release-manager/pom.xml (original)
+++ maven/release/trunk/maven-release-manager/pom.xml Thu Feb 10 13:46:48 2011
@@ -68,6 +68,12 @@
</dependency>
<dependency>
+ <groupId>org.sonatype.plexus</groupId>
+ <artifactId>plexus-sec-dispatcher</artifactId>
+ <version>1.3</version>
+ </dependency>
+
+ <dependency>
<groupId>org.apache.maven</groupId>
<artifactId>maven-model</artifactId>
<version>${mavenVersion}</version>
@@ -223,6 +229,9 @@
<!-- Disabled for now - we can't mock classes from plexus-utils in surefire -->
<exclude>**/ForkedMavenExecutorTest.java</exclude>
</excludes>
+ <systemPropertyVariables>
+ <settings.security>${project.build.testOutputDirectory}/settings-security.xml</settings.security>
+ </systemPropertyVariables>
</configuration>
</plugin>
<plugin>
Modified: maven/release/trunk/maven-release-manager/src/main/java/org/apache/maven/shared/release/scm/DefaultScmRepositoryConfigurator.java
URL: http://svn.apache.org/viewvc/maven/release/trunk/maven-release-manager/src/main/java/org/apache/maven/shared/release/scm/DefaultScmRepositoryConfigurator.java?rev=1069389&r1=1069388&r2=1069389&view=diff
==============================================================================
--- maven/release/trunk/maven-release-manager/src/main/java/org/apache/maven/shared/release/scm/DefaultScmRepositoryConfigurator.java (original)
+++ maven/release/trunk/maven-release-manager/src/main/java/org/apache/maven/shared/release/scm/DefaultScmRepositoryConfigurator.java Thu Feb 10 13:46:48 2011
@@ -32,6 +32,8 @@ import org.apache.maven.settings.Setting
import org.apache.maven.shared.release.config.ReleaseDescriptor;
import org.codehaus.plexus.logging.AbstractLogEnabled;
import org.codehaus.plexus.util.StringUtils;
+import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
+import org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException;
/**
* Tool that gets a configured SCM repository from release configuration.
@@ -50,6 +52,14 @@ public class DefaultScmRepositoryConfigu
*/
private ScmManager scmManager;
+ /**
+ * When this plugin requires Maven 3.0 as minimum, this component can be removed and o.a.m.s.c.SettingsDecrypter be
+ * used instead.
+ *
+ * @plexus.requirement role-hint="mng-4384"
+ */
+ private SecDispatcher secDispatcher;
+
public ScmRepository getConfiguredRepository( ReleaseDescriptor releaseDescriptor, Settings settings )
throws ScmRepositoryException, NoSuchScmProviderException
{
@@ -99,7 +109,7 @@ public class DefaultScmRepositoryConfigu
if ( password == null )
{
- password = server.getPassword();
+ password = decrypt( server.getPassword(), host );
}
if ( privateKey == null )
@@ -109,7 +119,7 @@ public class DefaultScmRepositoryConfigu
if ( passphrase == null )
{
- passphrase = server.getPassphrase();
+ passphrase = decrypt( server.getPassphrase(), host );
}
}
}
@@ -158,6 +168,29 @@ public class DefaultScmRepositoryConfigu
return repository;
}
+ private String decrypt( String str, String server )
+ {
+ try
+ {
+ return secDispatcher.decrypt( str );
+ }
+ catch ( SecDispatcherException e )
+ {
+ String msg =
+ "Failed to decrypt password/passphrase for server " + server + ", using auth token as is: "
+ + e.getMessage();
+ if ( getLogger().isDebugEnabled() )
+ {
+ getLogger().warn( msg, e );
+ }
+ else
+ {
+ getLogger().warn( msg );
+ }
+ return str;
+ }
+ }
+
public ScmProvider getRepositoryProvider( ScmRepository repository )
throws NoSuchScmProviderException
{
Added: maven/release/trunk/maven-release-manager/src/main/resources/META-INF/plexus/components.xml
URL: http://svn.apache.org/viewvc/maven/release/trunk/maven-release-manager/src/main/resources/META-INF/plexus/components.xml?rev=1069389&view=auto
==============================================================================
--- maven/release/trunk/maven-release-manager/src/main/resources/META-INF/plexus/components.xml (added)
+++ maven/release/trunk/maven-release-manager/src/main/resources/META-INF/plexus/components.xml Thu Feb 10 13:46:48 2011
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<component-set>
+ <components>
+ <component>
+ <role>org.sonatype.plexus.components.sec.dispatcher.SecDispatcher</role>
+ <role-hint>mng-4384</role-hint>
+ <implementation>org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher</implementation>
+ <requirements>
+ <requirement>
+ <role>org.sonatype.plexus.components.cipher.PlexusCipher</role>
+ <role-hint>mng-4384</role-hint>
+ <field-name>_cipher</field-name>
+ </requirement>
+ </requirements>
+ <configuration>
+ <_configuration-file>~/.m2/settings-security.xml</_configuration-file>
+ </configuration>
+ </component>
+ <component>
+ <role>org.sonatype.plexus.components.cipher.PlexusCipher</role>
+ <role-hint>mng-4384</role-hint>
+ <implementation>org.sonatype.plexus.components.cipher.DefaultPlexusCipher</implementation>
+ </component>
+ </components>
+</component-set>
Propchange: maven/release/trunk/maven-release-manager/src/main/resources/META-INF/plexus/components.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: maven/release/trunk/maven-release-manager/src/main/resources/META-INF/plexus/components.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Modified: maven/release/trunk/maven-release-manager/src/test/java/org/apache/maven/shared/release/scm/DefaultScmRepositoryConfiguratorTest.java
URL: http://svn.apache.org/viewvc/maven/release/trunk/maven-release-manager/src/test/java/org/apache/maven/shared/release/scm/DefaultScmRepositoryConfiguratorTest.java?rev=1069389&r1=1069388&r2=1069389&view=diff
==============================================================================
--- maven/release/trunk/maven-release-manager/src/test/java/org/apache/maven/shared/release/scm/DefaultScmRepositoryConfiguratorTest.java (original)
+++ maven/release/trunk/maven-release-manager/src/test/java/org/apache/maven/shared/release/scm/DefaultScmRepositoryConfiguratorTest.java Thu Feb 10 13:46:48 2011
@@ -113,6 +113,30 @@ public class DefaultScmRepositoryConfigu
assertEquals( "check passphrase", "settings-passphrase", providerRepository.getPassphrase() );
}
+ public void testGetConfiguredRepositoryWithEncryptedPasswords()
+ throws ScmRepositoryException, NoSuchScmProviderException
+ {
+ Settings settings = new Settings();
+ Server server = new Server();
+ server.setId( "localhost" );
+ server.setUsername( "testuser" );
+ server.setPassword( "{Ael0S2tnXv8H3X+gHKpZAvAA25D8+gmU2w2RrGaf5v8=}" );
+ server.setPassphrase( "{7zK9P8hNVeUHbTsjiA/vnOs0zUXbND+9MBNPvdvl+x4=}" );
+ settings.addServer( server );
+
+ ReleaseDescriptor releaseDescriptor = new ReleaseDescriptor();
+ releaseDescriptor.setScmSourceUrl( "scm:svn:svn://localhost/repo" );
+
+ ScmRepository repository = scmRepositoryConfigurator.getConfiguredRepository( releaseDescriptor, settings );
+
+ ScmProviderRepositoryWithHost providerRepository =
+ (ScmProviderRepositoryWithHost) repository.getProviderRepository();
+ assertEquals( "check host", "localhost", providerRepository.getHost() );
+ assertEquals( "check username", "testuser", providerRepository.getUser() );
+ assertEquals( "check password", "testpass", providerRepository.getPassword() );
+ assertEquals( "check passphrase", "testphrase", providerRepository.getPassphrase() );
+ }
+
public void testGetConfiguredRepositoryInvalidScmUrl()
throws Exception
{
Added: maven/release/trunk/maven-release-manager/src/test/resources/settings-security.xml
URL: http://svn.apache.org/viewvc/maven/release/trunk/maven-release-manager/src/test/resources/settings-security.xml?rev=1069389&view=auto
==============================================================================
--- maven/release/trunk/maven-release-manager/src/test/resources/settings-security.xml (added)
+++ maven/release/trunk/maven-release-manager/src/test/resources/settings-security.xml Thu Feb 10 13:46:48 2011
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<settingsSecurity>
+ <master>{1wQaa6S/o8MH7FnaTNL53XmhT5O0SEGXQi3gC49o6OY=}</master>
+</settingsSecurity>
Propchange: maven/release/trunk/maven-release-manager/src/test/resources/settings-security.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: maven/release/trunk/maven-release-manager/src/test/resources/settings-security.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision