Merge pull request #540 from jtnord/remove-FileOnMaster-and-SECURITY-…

…1322-migration

Remove FileOnMasterKeyStroreSource and SECURITY-1322 migration

pom.xml

@@ -169,6 +169,9 @@
  </goals>
  </execution>
  </executions>
+ <configuration>
+ <compatibleSinceVersion>1354</compatibleSinceVersion>
+ </configuration>
  </plugin>
  <plugin>
  <groupId>org.antlr</groupId>

src/main/java/com/cloudbees/plugins/credentials/impl/CertificateCredentialsImpl.java

@@ -37,14 +37,10 @@
 import hudson.util.FormValidation;
 import hudson.util.Secret;
 import java.io.ByteArrayInputStream;
-import java.io.File;
 import java.io.IOException;
 import java.io.ObjectStreamException;
 import java.io.Serializable;
 import java.nio.charset.StandardCharsets;
-import java.nio.file.Files;
-import java.nio.file.InvalidPathException;
-import java.nio.file.Paths;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
@@ -58,7 +54,6 @@
 import java.util.logging.LogRecord;
 import java.util.logging.Logger;
 
-import jenkins.model.Jenkins;
 import net.jcip.annotations.GuardedBy;
 import org.apache.commons.fileupload.FileItem;
 import org.apache.commons.lang.StringUtils;
@@ -335,72 +330,6 @@ protected static FormValidation validateCertificateKeystore(String type, byte[]
  }
  }
 
- /**
- * Let the user reference a file on the disk.
- * @deprecated This approach has security vulnerabilities and should be migrated to {@link UploadedKeyStoreSource}
- */
- @Deprecated
- public static class FileOnMasterKeyStoreSource extends KeyStoreSource {
-
- /**
- * Our logger.
- */
- private static final Logger LOGGER = Logger.getLogger(FileOnMasterKeyStoreSource.class.getName());
-
- /**
- * The path of the file on the controller.
- */
- private final String keyStoreFile;
-
- public FileOnMasterKeyStoreSource(String keyStoreFile) {
- this.keyStoreFile = keyStoreFile;
- }
-
- /**
- * {@inheritDoc}
- */
- @NonNull
- @Override
- public byte[] getKeyStoreBytes() {
- try {
- return Files.readAllBytes(Paths.get(keyStoreFile));
- } catch (IOException | InvalidPathException e) {
- LOGGER.log(Level.WARNING, "Could not read private key file " + keyStoreFile, e);
- return new byte[0];
- }
- }
-
- /**
- * {@inheritDoc}
- */
- @Override
- public long getKeyStoreLastModified() {
- return new File(keyStoreFile).lastModified();
- }
-
- /**
- * {@inheritDoc}
- */
- @Override
- public String toString() {
- return "FileOnMasterKeyStoreSource{" +
- "keyStoreFile='" + keyStoreFile + '\'' +
- "}";
- }
-
- private Object readResolve() {
- if (!Jenkins.get().hasPermission(Jenkins.RUN_SCRIPTS)) {
- LOGGER.warning("SECURITY-1322: Permission failure migrating FileOnMasterKeyStoreSource to UploadedKeyStoreSource for a Certificate. An administrator may need to perform the migration.");
- Jenkins.get().checkPermission(Jenkins.RUN_SCRIPTS);
- }
-
- LOGGER.log(Level.INFO, "SECURITY-1322: Migrating FileOnMasterKeyStoreSource to UploadedKeyStoreSource. The containing item may need to be saved to complete the migration.");
- SecretBytes secretBytes = SecretBytes.fromBytes(getKeyStoreBytes());
- return new UploadedKeyStoreSource(secretBytes);
- }
-
- }
-
  /**
  * Let the user reference an uploaded file.
  */