Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
  • 10 commits
  • 11 files changed
  • 0 comments
  • 1 contributor
3  changelog.html
@@ -66,6 +66,9 @@
66 66
     Default e-mail suffix should be used to complete the domain name portion of the recipients list.
67 67
     (<a href="https://github.com/jenkinsci/jenkins/pull/324">pull #324</a>)
68 68
   <li class="bug">
  69
+    Closure execution after <tt>CLI.upgrade()</tt> should carry over the transport credential.
  70
+    <a href="https://issues.jenkins-ci.org/browse/JENKINS-10890">issue 10890</a>
  71
+  <li class="bug">
69 72
     Incorrect path delimiter used in ZipArchiver when creating archive on Windows.
70 73
     <a href="https://issues.jenkins-ci.org/browse/JENKINS-9942">issue 9942</a>
71 74
   <li class="rfe">
4  core/src/main/java/hudson/FilePath.java
@@ -879,9 +879,9 @@ public String getBaseName() {
879 879
         return n.substring(0,idx);
880 880
     }
881 881
     /**
882  
-     * Gets just the file name portion.
  882
+     * Gets just the file name portion without directories.
883 883
      *
884  
-     * This method assumes that the file name is the same between local and remote.
  884
+     * For example, "foo.txt" for "../abc/foo.txt"
885 885
      */
886 886
     public String getName() {
887 887
         String r = remote;
28  core/src/main/java/hudson/cli/CliManagerImpl.java
@@ -23,8 +23,12 @@
23 23
  */
24 24
 package hudson.cli;
25 25
 
  26
+import hudson.remoting.CallableFilter;
26 27
 import hudson.remoting.Channel;
27 28
 import hudson.remoting.Pipe;
  29
+import org.acegisecurity.Authentication;
  30
+import org.acegisecurity.context.SecurityContext;
  31
+import org.acegisecurity.context.SecurityContextHolder;
28 32
 
29 33
 import java.io.InputStream;
30 34
 import java.io.OutputStream;
@@ -33,6 +37,7 @@
33 37
 import java.util.Collections;
34 38
 import java.util.List;
35 39
 import java.util.Locale;
  40
+import java.util.concurrent.Callable;
36 41
 import java.util.logging.Logger;
37 42
 
38 43
 /**
@@ -42,9 +47,29 @@
42 47
  */
43 48
 public class CliManagerImpl implements CliEntryPoint, Serializable {
44 49
     private transient final Channel channel;
  50
+    
  51
+    private Authentication transportAuth;
  52
+
  53
+    /**
  54
+     * Runs callable from this CLI client with the transport authentication credential.
  55
+     */
  56
+    private final CallableFilter authenticationFilter = new CallableFilter() {
  57
+        public <V> V call(Callable<V> callable) throws Exception {
  58
+            SecurityContext context = SecurityContextHolder.getContext();
  59
+            Authentication old = context.getAuthentication();
  60
+            if (transportAuth!=null)
  61
+                context.setAuthentication(transportAuth);
  62
+            try {
  63
+                return callable.call();
  64
+            } finally {
  65
+                context.setAuthentication(old);
  66
+            }
  67
+        }
  68
+    };
45 69
 
46 70
     public CliManagerImpl(Channel channel) {
47 71
         this.channel = channel;
  72
+        channel.addLocalExecutionInterceptor(authenticationFilter);
48 73
     }
49 74
 
50 75
     public int main(List<String> args, Locale locale, InputStream stdin, OutputStream stdout, OutputStream stderr) {
@@ -62,7 +87,8 @@ public int main(List<String> args, Locale locale, InputStream stdin, OutputStrea
62 87
             cmd.channel = Channel.current();
63 88
             final CLICommand old = CLICommand.setCurrent(cmd);
64 89
             try {
65  
-                cmd.setTransportAuth(Channel.current().getProperty(CLICommand.TRANSPORT_AUTHENTICATION));
  90
+                transportAuth = Channel.current().getProperty(CLICommand.TRANSPORT_AUTHENTICATION);
  91
+                cmd.setTransportAuth(transportAuth);
66 92
                 return cmd.main(args.subList(1,args.size()),locale, stdin, out, err);
67 93
             } finally {
68 94
                 CLICommand.setCurrent(old);
5  core/src/main/java/hudson/security/SparseACL.java
@@ -32,7 +32,7 @@
32 32
 import static java.util.logging.Level.FINE;
33 33
 
34 34
 /**
35  
- * Accses control list.
  35
+ * Access control list.
36 36
  *
37 37
  * @author Kohsuke Kawaguchi
38 38
  */
@@ -51,6 +51,9 @@ public Entry(Sid sid, Permission permission, boolean allowed) {
51 51
     }
52 52
 
53 53
     private final List<Entry> entries = new ArrayList<Entry>();
  54
+    /**
  55
+     * Parent to delegate to. Can be null.
  56
+     */
54 57
     private ACL parent;
55 58
 
56 59
     public SparseACL(ACL parent) {
37  core/src/main/java/hudson/security/csrf/CrumbExclusion.java
... ...
@@ -0,0 +1,37 @@
  1
+/**
  2
+ * Copyright (c) 2011 CloudBees, Inc.
  3
+ * All rights reserved.
  4
+ * The copyrights to the contents of this file are licensed under the MIT License (http://www.opensource.org/licenses/mit-license.php)
  5
+ */
  6
+package hudson.security.csrf;
  7
+
  8
+import hudson.ExtensionList;
  9
+import hudson.ExtensionPoint;
  10
+import jenkins.model.Jenkins;
  11
+
  12
+import javax.servlet.FilterChain;
  13
+import javax.servlet.ServletException;
  14
+import javax.servlet.http.HttpServletRequest;
  15
+import javax.servlet.http.HttpServletResponse;
  16
+import java.io.IOException;
  17
+
  18
+/**
  19
+ * Allows plugins to define exceptions to the CSRF protection filter.
  20
+ *
  21
+ * @author Kohsuke Kawaguchi
  22
+ * @since 1.446
  23
+ */
  24
+public abstract class CrumbExclusion implements ExtensionPoint {
  25
+    /**
  26
+     * This method is called for every incoming POST request.
  27
+     *
  28
+     * @return
  29
+     *      true to indicate that the callee had processed this request
  30
+     *      (for example by reporting an error, or by executing the rest of the chain.)
  31
+     */
  32
+    public abstract boolean process(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException;
  33
+
  34
+    public static ExtensionList<CrumbExclusion> all() {
  35
+        return Jenkins.getInstance().getExtensionList(CrumbExclusion.class);
  36
+    }
  37
+}
14  core/src/main/java/hudson/security/csrf/CrumbFilter.java
@@ -34,7 +34,7 @@
34 34
      */
35 35
     public CrumbIssuer getCrumbIssuer() {
36 36
         Jenkins h = Jenkins.getInstance();
37  
-        if(h==null)     return null;    // before Hudson is initialized?
  37
+        if(h==null)     return null;    // before Jenkins is initialized?
38 38
         return h.getCrumbIssuer();
39 39
     }
40 40
 
@@ -49,10 +49,17 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
49 49
         }
50 50
 
51 51
         HttpServletRequest httpRequest = (HttpServletRequest) request;
52  
-        String crumbFieldName = crumbIssuer.getDescriptor().getCrumbRequestField();
53  
-        String crumbSalt = crumbIssuer.getDescriptor().getCrumbSalt();
  52
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
54 53
 
55 54
         if ("POST".equals(httpRequest.getMethod())) {
  55
+            for (CrumbExclusion e : CrumbExclusion.all()) {
  56
+                if (e.process(httpRequest,httpResponse,chain))
  57
+                    return;
  58
+            }
  59
+
  60
+            String crumbFieldName = crumbIssuer.getDescriptor().getCrumbRequestField();
  61
+            String crumbSalt = crumbIssuer.getDescriptor().getCrumbSalt();
  62
+
56 63
             String crumb = httpRequest.getHeader(crumbFieldName);
57 64
             boolean valid = false;
58 65
             if (crumb == null) {
@@ -78,7 +85,6 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
78 85
                 chain.doFilter(request, response);
79 86
             } else {
80 87
                 LOGGER.warning("No valid crumb was included in request for " + httpRequest.getRequestURI() + ".  Returning " + HttpServletResponse.SC_FORBIDDEN + ".");
81  
-                HttpServletResponse httpResponse = (HttpServletResponse) response;
82 88
                 httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN,"No valid crumb was included in the request");
83 89
             }
84 90
         } else {
12  core/src/main/java/hudson/slaves/WorkspaceList.java
@@ -169,8 +169,16 @@ public synchronized Lease acquire(FilePath p) throws InterruptedException {
169 169
      *      This makes other calls to {@link #allocate(FilePath)} to wait for the release of this workspace.
170 170
      */
171 171
     public synchronized Lease acquire(FilePath p, boolean quick) throws InterruptedException {
172  
-        while (inUse.containsKey(p))
173  
-            wait();
  172
+        Thread t = Thread.currentThread();
  173
+        String oldName = t.getName();
  174
+        t.setName("Waiting to acquire "+p+" : "+t.getName());
  175
+        try {
  176
+            while (inUse.containsKey(p)) {
  177
+                wait();
  178
+            }
  179
+        } finally {
  180
+            t.setName(oldName);
  181
+        }
174 182
         log("acquired "+p);
175 183
         inUse.put(p,new Entry(p,quick));
176 184
         return lease(p);
9  core/src/main/java/hudson/tasks/Mailer.java
@@ -507,13 +507,20 @@ public UserProperty(String emailAddress) {
507 507
 
508 508
         @Exported
509 509
         public String getAddress() {
510  
-            if(Util.fixEmptyAndTrim(emailAddress)!=null)
  510
+            if(hasExplicitlyConfiguredAddress())
511 511
                 return emailAddress;
512 512
 
513 513
             // try the inference logic
514 514
             return MailAddressResolver.resolve(user);
515 515
         }
516 516
 
  517
+        /**
  518
+         * Has the user configured a value explicitly (true), or is it inferred (false)?
  519
+         */
  520
+        public boolean hasExplicitlyConfiguredAddress() {
  521
+            return Util.fixEmptyAndTrim(emailAddress)!=null;
  522
+        }
  523
+
517 524
         @Extension
518 525
         public static final class DescriptorImpl extends UserPropertyDescriptor {
519 526
             public String getDisplayName() {
18  core/src/main/java/hudson/tools/ToolDescriptor.java
@@ -27,11 +27,15 @@
27 27
 import hudson.model.Descriptor;
28 28
 import hudson.util.DescribableList;
29 29
 
  30
+import java.lang.reflect.ParameterizedType;
  31
+import java.lang.reflect.Type;
  32
+import java.util.Arrays;
30 33
 import java.util.Collections;
31 34
 import java.util.List;
32 35
 import java.io.IOException;
33 36
 import java.lang.reflect.Array;
34 37
 import net.sf.json.JSONObject;
  38
+import org.jvnet.tiger_types.Types;
35 39
 import org.kohsuke.stapler.StaplerRequest;
36 40
 
37 41
 /**
@@ -51,7 +55,19 @@
51 55
      *      can be empty but never null.
52 56
      */
53 57
     public T[] getInstallations() {
54  
-        return installations.clone();
  58
+        if (installations != null)
  59
+            return installations.clone();
  60
+
  61
+        Type bt = Types.getBaseClass(getClass(), ToolDescriptor.class);
  62
+        if (bt instanceof ParameterizedType) {
  63
+            ParameterizedType pt = (ParameterizedType) bt;
  64
+            // this 't' is the closest approximation of T of Descriptor<T>.
  65
+            Class t = Types.erasure(pt.getActualTypeArguments()[0]);
  66
+            return (T[])Array.newInstance(t,0);
  67
+        } else {
  68
+            // can't infer the type. fallacbk
  69
+            return (T[])new Object[0];
  70
+        }
55 71
     }
56 72
 
57 73
     /**
2  pom.xml
@@ -188,7 +188,7 @@ THE SOFTWARE.
188 188
       <dependency>
189 189
         <groupId>org.jenkins-ci.main</groupId>
190 190
         <artifactId>remoting</artifactId>
191  
-        <version>2.11</version>
  191
+        <version>2.12</version>
192 192
       </dependency>
193 193
 
194 194
       <dependency>
1  test/src/main/java/org/jvnet/hudson/test/HudsonTestCase.java
@@ -306,6 +306,7 @@ protected void setUp() throws Exception {
306 306
         hudson.servletContext.setAttribute("app",hudson);
307 307
         hudson.servletContext.setAttribute("version","?");
308 308
         WebAppMain.installExpressionFactory(new ServletContextEvent(hudson.servletContext));
  309
+        Mailer.descriptor().setHudsonUrl(getURL().toExternalForm());
309 310
 
310 311
         // set a default JDK to be the one that the harness is using.
311 312
         hudson.getJDKs().add(new JDK("default",System.getProperty("java.home")));

No commit comments for this range

Something went wrong with that request. Please try again.