-
-
Notifications
You must be signed in to change notification settings - Fork 273
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow disabling HTTPs cert validation of JNLP endpoint when starting Remoting from Main #210
Changes from 5 commits
833838a
328a766
db10434
9e2e1a9
2a8f663
77621ec
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -27,7 +27,6 @@ | |
import hudson.remoting.FileSystemJarCache; | ||
import java.io.ByteArrayInputStream; | ||
import java.io.FileInputStream; | ||
import java.io.FileNotFoundException; | ||
import java.io.UnsupportedEncodingException; | ||
import java.security.cert.CertificateException; | ||
import java.security.cert.CertificateFactory; | ||
|
@@ -45,14 +44,15 @@ | |
import java.util.logging.Logger; | ||
import java.util.logging.Level; | ||
import static java.util.logging.Level.INFO; | ||
import static java.util.logging.Level.WARNING; | ||
|
||
import java.util.List; | ||
import java.util.ArrayList; | ||
import java.net.URL; | ||
import java.io.IOException; | ||
|
||
import hudson.remoting.Engine; | ||
import hudson.remoting.EngineListener; | ||
import java.nio.file.Path; | ||
|
||
import javax.annotation.CheckForNull; | ||
import javax.annotation.Nonnull; | ||
|
@@ -103,6 +103,16 @@ public class Main { | |
"certificate file to read.") | ||
public List<String> candidateCertificates; | ||
|
||
/** | ||
* Disables HTTPs Certificate validation of the server when using {@link org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver}. | ||
* | ||
* This option is not recommended for production use. | ||
* @since TODO | ||
*/ | ||
@Option(name="-disableHttpsCertValidation", | ||
usage="Ignore SSL validation errors - use as a last resort only.") | ||
public boolean disableHttpsCertValidation = false; | ||
|
||
/** | ||
* Specifies a destination for error logs. | ||
* If specified, this option overrides the default destination within {@link #workDir}. | ||
|
@@ -243,6 +253,12 @@ public Engine createEngine() { | |
engine.setJarCache(new FileSystemJarCache(jarCache,true)); | ||
engine.setNoReconnect(noReconnect); | ||
engine.setKeepAlive(!noKeepAlive); | ||
|
||
if (disableHttpsCertValidation) { | ||
LOGGER.log(WARNING, "Certificate validation for HTTPs endpoints is disabled"); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Could be nice to make the rest of the calls also consistent. In that class there are currently 3 ways to create logs : LOGGER.fine(...), LOGGER.log(INFO,..., and LOGGER.log(Level.WARNING,... There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Let's do refactoring as a follow-up |
||
} | ||
engine.setDisableHttpsCertValidation(disableHttpsCertValidation); | ||
|
||
|
||
// TODO: ideally logging should be initialized before the "Setting up slave" entry | ||
if (agentLog != null) { | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -24,6 +24,9 @@ | |
package org.jenkinsci.remoting.engine; | ||
|
||
import hudson.remoting.Base64; | ||
import org.jenkinsci.remoting.util.https.NoCheckHostnameVerifier; | ||
import org.jenkinsci.remoting.util.https.NoCheckTrustManager; | ||
|
||
import java.io.IOException; | ||
import java.net.ConnectException; | ||
import java.net.HttpURLConnection; | ||
|
@@ -38,7 +41,9 @@ | |
import java.net.URL; | ||
import java.net.URLConnection; | ||
import java.security.KeyFactory; | ||
import java.security.KeyManagementException; | ||
import java.security.NoSuchAlgorithmException; | ||
import java.security.SecureRandom; | ||
import java.security.interfaces.RSAPublicKey; | ||
import java.security.spec.InvalidKeySpecException; | ||
import java.security.spec.X509EncodedKeySpec; | ||
|
@@ -58,6 +63,9 @@ | |
import javax.net.ssl.HttpsURLConnection; | ||
import javax.net.ssl.SSLSocketFactory; | ||
|
||
import javax.net.ssl.SSLContext; | ||
import javax.net.ssl.TrustManager; | ||
|
||
import static java.util.logging.Level.INFO; | ||
import static org.jenkinsci.remoting.util.ThrowableUtils.chain; | ||
|
||
|
@@ -80,6 +88,8 @@ public class JnlpAgentEndpointResolver { | |
|
||
private String tunnel; | ||
|
||
private boolean disableHttpsCertValidation; | ||
|
||
/** | ||
* If specified, only the protocols from the list will be tried during the connection. | ||
* The option provides protocol names, but the order of the check is defined internally and cannot be changed. | ||
|
@@ -137,6 +147,27 @@ public void setTunnel(String tunnel) { | |
this.tunnel = tunnel; | ||
} | ||
|
||
/** | ||
* Determine if certificate checking should be ignored for JNLP endpoint | ||
* | ||
* @return {@code true} if the HTTPs certificate is disabled, endpoint check is ignored | ||
*/ | ||
|
||
public boolean isDisableHttpsCertValidation() { | ||
return disableHttpsCertValidation; | ||
} | ||
|
||
/** | ||
* Sets if the HTTPs certificate check should be disabled. | ||
* | ||
* This behavior is no recommended. | ||
* @param disableHttpsCertValidation | ||
* @since TODO | ||
*/ | ||
public void setDisableHttpsCertValidation(boolean disableHttpsCertValidation) { | ||
this.disableHttpsCertValidation = disableHttpsCertValidation; | ||
} | ||
|
||
@CheckForNull | ||
public JnlpAgentEndpoint resolve() throws IOException { | ||
IOException firstError = null; | ||
|
@@ -157,7 +188,7 @@ public JnlpAgentEndpoint resolve() throws IOException { | |
|
||
// find out the TCP port | ||
HttpURLConnection con = | ||
(HttpURLConnection) openURLConnection(salURL, credentials, proxyCredentials, sslSocketFactory); | ||
(HttpURLConnection) openURLConnection(salURL, credentials, proxyCredentials, sslSocketFactory, disableHttpsCertValidation); | ||
try { | ||
try { | ||
con.setConnectTimeout(30000); | ||
|
@@ -314,7 +345,7 @@ public void waitForReady() throws InterruptedException { | |
t.setName(oldName + ": trying " + url + " for " + retries + " times"); | ||
|
||
HttpURLConnection con = | ||
(HttpURLConnection) openURLConnection(url, credentials, proxyCredentials, sslSocketFactory); | ||
(HttpURLConnection) openURLConnection(url, credentials, proxyCredentials, sslSocketFactory, disableHttpsCertValidation); | ||
con.setConnectTimeout(5000); | ||
con.setReadTimeout(5000); | ||
con.connect(); | ||
|
@@ -335,7 +366,6 @@ public void waitForReady() throws InterruptedException { | |
} finally { | ||
t.setName(oldName); | ||
} | ||
|
||
} | ||
|
||
@CheckForNull | ||
|
@@ -382,7 +412,7 @@ static InetSocketAddress getResolvedHttpProxyAddress(@Nonnull String host, int p | |
* Credentials can be passed e.g. to support running Jenkins behind a (reverse) proxy requiring authorization | ||
*/ | ||
static URLConnection openURLConnection(URL url, String credentials, String proxyCredentials, | ||
SSLSocketFactory sslSocketFactory) throws IOException { | ||
SSLSocketFactory sslSocketFactory, boolean disableHttpsCertValidation) throws IOException { | ||
String httpProxy = null; | ||
// If http.proxyHost property exists, openConnection() uses it. | ||
if (System.getProperty("http.proxyHost") == null) { | ||
|
@@ -411,8 +441,30 @@ static URLConnection openURLConnection(URL url, String credentials, String proxy | |
String encoding = Base64.encode(proxyCredentials.getBytes("UTF-8")); | ||
con.setRequestProperty("Proxy-Authorization", "Basic " + encoding); | ||
} | ||
if (con instanceof HttpsURLConnection && sslSocketFactory != null) { | ||
((HttpsURLConnection) con).setSSLSocketFactory(sslSocketFactory); | ||
|
||
if (con instanceof HttpsURLConnection) { | ||
final HttpsURLConnection httpsConnection = (HttpsURLConnection) con; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It prevents somebody from modifying a field in the logic just in case |
||
if (disableHttpsCertValidation) { | ||
System.err.println("Warning: HTTPs certificate check is disabled for the endpoint"); | ||
|
||
try { | ||
SSLContext ctx = SSLContext.getInstance("TLS"); | ||
ctx.init(null, new TrustManager[]{new NoCheckTrustManager()}, new SecureRandom()); | ||
sslSocketFactory = ctx.getSocketFactory(); | ||
|
||
httpsConnection.setHostnameVerifier(new NoCheckHostnameVerifier()); | ||
httpsConnection.setSSLSocketFactory(sslSocketFactory); | ||
} catch (KeyManagementException | NoSuchAlgorithmException ex) { | ||
// We could just suppress it, but the exception will unlikely happen. | ||
// So let's just propagate the error and fail the resolution | ||
throw new IOException("Cannot initialize the insecure HTTPs mode", ex); | ||
} | ||
|
||
} else if (sslSocketFactory != null) { | ||
httpsConnection.setSSLSocketFactory(sslSocketFactory); | ||
//FIXME: Is it really required in this path? Seems like a bug | ||
httpsConnection.setHostnameVerifier(new NoCheckHostnameVerifier()); | ||
} | ||
} | ||
return con; | ||
} | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
/* | ||
* | ||
* The MIT License | ||
* | ||
* Copyright (c) 2017 CloudBees, Inc. | ||
* | ||
* Permission is hereby granted, free of charge, to any person obtaining a copy | ||
* of this software and associated documentation files (the "Software"), to deal | ||
* in the Software without restriction, including without limitation the rights | ||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
* copies of the Software, and to permit persons to whom the Software is | ||
* furnished to do so, subject to the following conditions: | ||
* | ||
* The above copyright notice and this permission notice shall be included in | ||
* all copies or substantial portions of the Software. | ||
* | ||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | ||
* THE SOFTWARE. | ||
* | ||
*/ | ||
|
||
package org.jenkinsci.remoting.util.https; | ||
|
||
import org.kohsuke.accmod.Restricted; | ||
import org.kohsuke.accmod.restrictions.NoExternalUse; | ||
|
||
import javax.net.ssl.HostnameVerifier; | ||
import javax.net.ssl.SSLSession; | ||
|
||
/** | ||
* Hostname verifier, which accepts any hostname. | ||
*/ | ||
@Restricted(NoExternalUse.class) | ||
public class NoCheckHostnameVerifier implements HostnameVerifier { | ||
|
||
@Override | ||
public boolean verify(String s, SSLSession sslSession) { | ||
return true; | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done