Skip to content

Commit

Permalink
Merge pull request #2161 from Microsoft/users/jasholl/ftpsSelfSigned
Browse files Browse the repository at this point in the history
FtpUpload: rejectUnauthorized option
  • Loading branch information
Jason Sholl authored Aug 1, 2016
2 parents 5c07722 + 3509a6d commit 7d74422
Show file tree
Hide file tree
Showing 5 changed files with 51 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -17,5 +17,7 @@
"loc.input.label.overwrite": "Overwrite",
"loc.input.help.overwrite": "Overwrite existing files in the remote directory.",
"loc.input.label.preservePaths": "Preserve file paths",
"loc.input.help.preservePaths": "If selected, the relative local directory structure is recreated under the remote directory where files are uploaded. Otherwise, files are uploaded directly to the remote directory without creating additional subdirectories.<p>For example, suppose your source folder is: <b>`/home/user/source/`</b> and contains the file: <b>`foo/bar/foobar.txt`</b>, and your remote directory is: <b>`/uploads/`</b>.<br>If selected, the file is uploaded to: <b>`/uploads/foo/bar/foobar.txt`</b>. Otherwise, to: <b>`/uploads/foobar.txt`</b>."
"loc.input.help.preservePaths": "If selected, the relative local directory structure is recreated under the remote directory where files are uploaded. Otherwise, files are uploaded directly to the remote directory without creating additional subdirectories.<p>For example, suppose your source folder is: <b>`/home/user/source/`</b> and contains the file: <b>`foo/bar/foobar.txt`</b>, and your remote directory is: <b>`/uploads/`</b>.<br>If selected, the file is uploaded to: <b>`/uploads/foo/bar/foobar.txt`</b>. Otherwise, to: <b>`/uploads/foobar.txt`</b>.",
"loc.input.label.rejectUnauthorized": "Reject unauthorized SSL certificates",
"loc.input.help.rejectUnauthorized": "If selected, when connecting in secure mode with ftps://, the FTP server certificate is verified with several well known root certificate authorities (e.g. Verisign). This option protects against invalid server authentication certificates which may be expired or revoked (e.g. if they were compromised). Disabling this option should be done with care, but is necessary if using self-signed certificates."
}
5 changes: 4 additions & 1 deletion Tasks/FtpUpload/ftpuploadtask.ts
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ export class FtpOptions {
clean: boolean = tl.getBoolInput('clean', true);
overwrite: boolean = tl.getBoolInput('overwrite', true);
preservePaths: boolean = tl.getBoolInput('preservePaths', true);
rejectUnauthorized: boolean = tl.getBoolInput('rejectUnauthorized', true);
}

function doWork() {
Expand Down Expand Up @@ -98,8 +99,10 @@ function doWork() {
var secure = ftpOptions.serverEndpointUrl.protocol.toLowerCase() == 'ftps:' ? true : false;
tl.debug('secure ftp=' + secure);

var secureOptions = { 'rejectUnauthorized': ftpOptions.rejectUnauthorized };

console.log('connecting to: ' + ftpOptions.serverEndpointUrl.host);
ftpClient.connect({ 'host': ftpOptions.serverEndpointUrl.host, 'user': ftpOptions.username, 'password': ftpOptions.password, 'secure': secure });
ftpClient.connect({ 'host': ftpOptions.serverEndpointUrl.host, 'user': ftpOptions.username, 'password': ftpOptions.password, 'secure': secure, 'secureOptions': secureOptions });
}

doWork();
11 changes: 10 additions & 1 deletion Tasks/FtpUpload/task.json
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
"version": {
"Major": "1",
"Minor": "0",
"Patch": "0"
"Patch": "1"
},
"instanceNameFormat": "FTP Upload: $(rootFolder)",
"groups": [
Expand Down Expand Up @@ -87,6 +87,15 @@
"required": true,
"helpMarkDown": "If selected, the relative local directory structure is recreated under the remote directory where files are uploaded. Otherwise, files are uploaded directly to the remote directory without creating additional subdirectories.<p>For example, suppose your source folder is: <b>`/home/user/source/`</b> and contains the file: <b>`foo/bar/foobar.txt`</b>, and your remote directory is: <b>`/uploads/`</b>.<br>If selected, the file is uploaded to: <b>`/uploads/foo/bar/foobar.txt`</b>. Otherwise, to: <b>`/uploads/foobar.txt`</b>.",
"groupName": "advanced"
},
{
"name": "rejectUnauthorized",
"type": "boolean",
"label": "Reject unauthorized SSL certificates",
"defaultValue": "true",
"required": true,
"helpMarkDown": "If selected, when connecting in secure mode with ftps://, the FTP server certificate is verified with several well known root certificate authorities (e.g. Verisign). This option protects against invalid server authentication certificates which may be expired or revoked (e.g. if they were compromised). Disabling this option should be done with care, but is necessary if using self-signed certificates.",
"groupName": "advanced"
}
], "execution": {
"Node": {
Expand Down
11 changes: 10 additions & 1 deletion Tasks/FtpUpload/task.loc.json
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
"version": {
"Major": "1",
"Minor": "0",
"Patch": "0"
"Patch": "1"
},
"instanceNameFormat": "ms-resource:loc.instanceNameFormat",
"groups": [
Expand Down Expand Up @@ -87,6 +87,15 @@
"required": true,
"helpMarkDown": "ms-resource:loc.input.help.preservePaths",
"groupName": "advanced"
},
{
"name": "rejectUnauthorized",
"type": "boolean",
"label": "ms-resource:loc.input.label.rejectUnauthorized",
"defaultValue": "true",
"required": true,
"helpMarkDown": "ms-resource:loc.input.help.rejectUnauthorized",
"groupName": "advanced"
}
],
"execution": {
Expand Down
24 changes: 24 additions & 0 deletions Tests/L0/FtpUpload/_suite.ts
Original file line number Diff line number Diff line change
Expand Up @@ -169,6 +169,29 @@ describe(jobName + ' Suite', function () {
done(err);
});
});
it(os + ' check args: rejectUnauthorized', (done) => {
setResponseFile(responseFile);

var tr = new trm.TaskRunner(jobName, true);
tr.setInput('serverEndpoint', 'ID1');
tr.setInput('rootFolder', 'rootFolder');
tr.setInput('filePatterns', '**');
tr.setInput('remotePath', '/upload/');
tr.setInput('clean', 'true');
tr.setInput('overwrite', 'true');
tr.setInput('preservePaths', 'true');

tr.run()
.then(() => {
assert(tr.stderr.indexOf('Input required: rejectUnauthorized') != -1, 'should have written to stderr');
assert(tr.failed, 'task should have failed');
done();
})
.fail((err) => {
console.log(err)
done(err);
});
});
it(os + ' check args: bogusURL', (done) => {
setResponseFile(responseFile);

Expand All @@ -180,6 +203,7 @@ describe(jobName + ' Suite', function () {
tr.setInput('clean', 'true');
tr.setInput('overwrite', 'true');
tr.setInput('preservePaths', 'true');
tr.setInput('rejectUnauthorized', 'true');

tr.run()
.then(() => {
Expand Down

0 comments on commit 7d74422

Please sign in to comment.