Repository: maven-wagon Updated Branches: refs/heads/master 178161ceb -> fc34bf340
[WAGON-426] Prevent fingerprints loss in known_hosts. Append in known_host instead of the current "clean and write" that filters unknown formats (like ecdsa-sha2-nistp256). Tested with wagon-maven-plugin This closes #16 Project: http://git-wip-us.apache.org/repos/asf/maven-wagon/repo Commit: http://git-wip-us.apache.org/repos/asf/maven-wagon/commit/fc34bf34 Tree: http://git-wip-us.apache.org/repos/asf/maven-wagon/tree/fc34bf34 Diff: http://git-wip-us.apache.org/repos/asf/maven-wagon/diff/fc34bf34 Branch: refs/heads/master Commit: fc34bf340e64f42ea969b29bb83aa73d0b10d910 Parents: 178161c Author: dantran <dant...@gmail.com> Authored: Sat Sep 19 19:51:55 2015 -0700 Committer: dantran <dant...@gmail.com> Committed: Sat Sep 19 19:51:55 2015 -0700 ---------------------------------------------------------------------- .../knownhost/AbstractKnownHostsProvider.java | 15 ++++-- .../ssh/knownhost/FileKnownHostsProvider.java | 17 +++++-- .../ssh/knownhost/KnownHostsProvider.java | 3 ++ .../providers/ssh/jsch/AbstractJschWagon.java | 53 +++++++++----------- .../ssh/jsch/EmbeddedScpWagonTest.java | 6 +++ .../ssh/jsch/EmbeddedScpWagonWithKeyTest.java | 6 +++ 6 files changed, 63 insertions(+), 37 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/AbstractKnownHostsProvider.java ---------------------------------------------------------------------- diff --git a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/AbstractKnownHostsProvider.java b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/AbstractKnownHostsProvider.java index 19c9f3f..6b9117a 100644 --- a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/AbstractKnownHostsProvider.java +++ b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/AbstractKnownHostsProvider.java @@ -34,7 +34,7 @@ public abstract class AbstractKnownHostsProvider { /** * Valid values are ask, yes, no. - * + * * @plexus.configuration default-value="ask" */ private String hostKeyChecking = "ask"; @@ -43,7 +43,7 @@ public abstract class AbstractKnownHostsProvider * the known hosts, in the openssh format */ protected String contents; - + protected Set<KnownHostEntry> knownHosts = new HashSet<KnownHostEntry>(); public void setHostKeyChecking( String hostKeyChecking ) @@ -60,11 +60,16 @@ public abstract class AbstractKnownHostsProvider { return contents; } - + public void storeKnownHosts( String contents ) throws IOException { } - - + + public void addKnownHost( KnownHostEntry knownHost ) + throws IOException + { + } + + } http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/FileKnownHostsProvider.java ---------------------------------------------------------------------- diff --git a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/FileKnownHostsProvider.java b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/FileKnownHostsProvider.java index 399c1d2..48ab250 100644 --- a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/FileKnownHostsProvider.java +++ b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/FileKnownHostsProvider.java @@ -33,7 +33,7 @@ import org.codehaus.plexus.util.FileUtils; * * @author Juan F. Codagnone * @since Sep 12, 2005 - * + * * @plexus.component role="org.apache.maven.wagon.providers.ssh.knownhost.KnownHostsProvider" * role-hint="file" * instantiation-strategy="per-lookup" @@ -72,7 +72,7 @@ public class FileKnownHostsProvider throws IOException { Set<KnownHostEntry> hosts = this.loadKnownHosts( contents ); - + if ( ! this.knownHosts.equals( hosts ) ) { file.getParentFile().mkdirs(); @@ -80,7 +80,18 @@ public class FileKnownHostsProvider this.knownHosts = hosts; } } - + + public void addKnownHost( KnownHostEntry knownHostEntry ) + throws IOException + { + if ( !this.knownHosts.contains( knownHostEntry ) ) + { + String knownHost = knownHostEntry.getHostName() + " " + knownHostEntry.getKeyType() + " " + + knownHostEntry.getKeyValue() + "\n"; + FileUtils.fileAppend( file.getAbsolutePath(), knownHost ); + } + } + public File getFile() { return file; http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/KnownHostsProvider.java ---------------------------------------------------------------------- diff --git a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/KnownHostsProvider.java b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/KnownHostsProvider.java index 85ce9aa..abaebef 100644 --- a/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/KnownHostsProvider.java +++ b/wagon-providers/wagon-ssh-common/src/main/java/org/apache/maven/wagon/providers/ssh/knownhost/KnownHostsProvider.java @@ -34,6 +34,9 @@ public interface KnownHostsProvider void storeKnownHosts( String contents ) throws IOException; + void addKnownHost( KnownHostEntry knownHost ) + throws IOException; + void setHostKeyChecking( String hostKeyChecking ); String getHostKeyChecking(); http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java ---------------------------------------------------------------------- diff --git a/wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java b/wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java index 9ae7625..0b3ad5a 100644 --- a/wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java +++ b/wagon-providers/wagon-ssh/src/main/java/org/apache/maven/wagon/providers/ssh/jsch/AbstractJschWagon.java @@ -25,8 +25,6 @@ import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; -import java.io.PrintWriter; -import java.io.StringWriter; import java.util.List; import java.util.Properties; @@ -48,6 +46,7 @@ import org.apache.maven.wagon.providers.ssh.interactive.InteractiveUserInfo; import org.apache.maven.wagon.providers.ssh.interactive.NullInteractiveUserInfo; import org.apache.maven.wagon.providers.ssh.jsch.interactive.UserInfoUIKeyboardInteractiveProxy; import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostChangedException; +import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostEntry; import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostsProvider; import org.apache.maven.wagon.providers.ssh.knownhost.UnknownHostException; import org.apache.maven.wagon.proxy.ProxyInfo; @@ -55,10 +54,6 @@ import org.apache.maven.wagon.resource.Resource; import org.codehaus.plexus.util.IOUtil; import org.codehaus.plexus.util.StringInputStream; -import com.jcraft.jsch.agentproxy.AgentProxyException; -import com.jcraft.jsch.agentproxy.Connector; -import com.jcraft.jsch.agentproxy.ConnectorFactory; -import com.jcraft.jsch.agentproxy.RemoteIdentityRepository; import com.jcraft.jsch.ChannelExec; import com.jcraft.jsch.HostKey; import com.jcraft.jsch.HostKeyRepository; @@ -71,6 +66,10 @@ import com.jcraft.jsch.ProxySOCKS5; import com.jcraft.jsch.Session; import com.jcraft.jsch.UIKeyboardInteractive; import com.jcraft.jsch.UserInfo; +import com.jcraft.jsch.agentproxy.AgentProxyException; +import com.jcraft.jsch.agentproxy.Connector; +import com.jcraft.jsch.agentproxy.ConnectorFactory; +import com.jcraft.jsch.agentproxy.RemoteIdentityRepository; /** * AbstractJschWagon @@ -251,24 +250,9 @@ public abstract class AbstractJschWagon session.setUserInfo( ui ); - StringWriter stringWriter = new StringWriter(); try { session.connect(); - - if ( getKnownHostsProvider() != null ) - { - PrintWriter w = new PrintWriter( stringWriter ); - - HostKeyRepository hkr = sch.getHostKeyRepository(); - HostKey[] keys = hkr.getHostKey(); - - for ( int i = 0; keys != null && i < keys.length; i++ ) - { - HostKey key = keys[i]; - w.println( key.getHost() + " " + key.getType() + " " + key.getKey() ); - } - } } catch ( JSchException e ) { @@ -286,16 +270,27 @@ public abstract class AbstractJschWagon } } - try - { - getKnownHostsProvider().storeKnownHosts( stringWriter.toString() ); - } - catch ( IOException e ) + if ( getKnownHostsProvider() != null ) { - closeConnection(); + HostKeyRepository hkr = sch.getHostKeyRepository(); + + HostKey[] hk = hkr.getHostKey( host, null ); + try + { + for ( HostKey hostKey : hk ) + { + KnownHostEntry knownHostEntry = new KnownHostEntry( hostKey.getHost(), hostKey.getType(), + hostKey.getKey() ); + getKnownHostsProvider().addKnownHost( knownHostEntry ); + } + } + catch ( IOException e ) + { + closeConnection(); - throw new AuthenticationException( - "Connection aborted - failed to write to known_hosts. Reason: " + e.getMessage(), e ); + throw new AuthenticationException( + "Connection aborted - failed to write to known_hosts. Reason: " + e.getMessage(), e ); + } } } http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonTest.java ---------------------------------------------------------------------- diff --git a/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonTest.java b/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonTest.java index 7ff8fee..72dc1c0 100644 --- a/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonTest.java +++ b/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonTest.java @@ -21,6 +21,7 @@ package org.apache.maven.wagon.providers.ssh.jsch; import org.apache.maven.wagon.Wagon; import org.apache.maven.wagon.providers.ssh.AbstractEmbeddedScpWagonTest; +import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostEntry; import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostsProvider; import java.io.IOException; @@ -47,6 +48,11 @@ public class EmbeddedScpWagonTest } + public void addKnownHost( KnownHostEntry knownHost ) + throws IOException + { + } + public void setHostKeyChecking( String hostKeyChecking ) { } http://git-wip-us.apache.org/repos/asf/maven-wagon/blob/fc34bf34/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonWithKeyTest.java ---------------------------------------------------------------------- diff --git a/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonWithKeyTest.java b/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonWithKeyTest.java index c46609f..47d642d 100644 --- a/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonWithKeyTest.java +++ b/wagon-providers/wagon-ssh/src/test/java/org/apache/maven/wagon/providers/ssh/jsch/EmbeddedScpWagonWithKeyTest.java @@ -22,6 +22,7 @@ package org.apache.maven.wagon.providers.ssh.jsch; import org.apache.maven.wagon.Wagon; import org.apache.maven.wagon.authentication.AuthenticationInfo; import org.apache.maven.wagon.providers.ssh.AbstractEmbeddedScpWagonWithKeyTest; +import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostEntry; import org.apache.maven.wagon.providers.ssh.knownhost.KnownHostsProvider; import java.io.File; @@ -50,6 +51,11 @@ public class EmbeddedScpWagonWithKeyTest } + public void addKnownHost( KnownHostEntry knownHost ) + throws IOException + { + } + public void setHostKeyChecking( String hostKeyChecking ) { }
