Details

    • Similar Issues:

      Description

        Attachments

          Issue Links

            Activity

            danielbeck Daniel Beck created issue -
            danielbeck Daniel Beck made changes -
            Field Original Value New Value
            Epic Link JENKINS-41349 [ 178128 ]
            danielbeck Daniel Beck made changes -
            Link This issue is related to JENKINS-26463 [ JENKINS-26463 ]
            Hide
            danielbeck Daniel Beck added a comment -

            First experiments in https://github.com/daniel-beck/jenkins-ssh-cli to see whether a pure SSH CLI could work.

            Show
            danielbeck Daniel Beck added a comment - First experiments in https://github.com/daniel-beck/jenkins-ssh-cli to see whether a pure SSH CLI could work.
            jglick Jesse Glick made changes -
            Assignee Jesse Glick [ jglick ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-12543 [ JENKINS-12543 ]
            jglick Jesse Glick made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            jglick Jesse Glick made changes -
            Link This issue relates to SECURITY-463 [ SECURITY-463 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-22177 [ JENKINS-22177 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-22472 [ JENKINS-22472 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-27026 [ JENKINS-27026 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-20333 [ JENKINS-20333 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-40056 [ JENKINS-40056 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-38623 [ JENKINS-38623 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-7052 [ JENKINS-7052 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-20709 [ JENKINS-20709 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-15657 [ JENKINS-15657 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-11560 [ JENKINS-11560 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-12310 [ JENKINS-12310 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-32488 [ JENKINS-32488 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-16126 [ JENKINS-16126 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-18301 [ JENKINS-18301 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-16531 [ JENKINS-16531 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-20667 [ JENKINS-20667 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-31194 [ JENKINS-31194 ]
            Hide
            jglick Jesse Glick added a comment -

            Linking any issues I could find that might be related, affected, or obsoleted.

            Show
            jglick Jesse Glick added a comment - Linking any issues I could find that might be related, affected, or obsoleted.
            jglick Jesse Glick made changes -
            Remote Link This issue links to "PR 2795 (Web Link)" [ 15659 ]
            jglick Jesse Glick made changes -
            Link This issue depends on JENKINS-41765 [ JENKINS-41765 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-22346 [ JENKINS-22346 ]
            danielbeck Daniel Beck made changes -
            Labels security
            jglick Jesse Glick made changes -
            Link This issue relates to SECURITY-466 [ SECURITY-466 ]
            jglick Jesse Glick made changes -
            Remote Link This issue links to "sshd-module PR 10 (Web Link)" [ 15712 ]
            jglick Jesse Glick made changes -
            Description Followup to the November 2016 security fix. We need ideas for making the CLI less (not?) vulnerable to that kind of exploit.

            https://groups.google.com/d/msg/jenkinsci-dev/ijnIr8LhBG0/tM4Jc39cDgAJ (public)
            https://groups.google.com/d/msg/jenkinsci-cert/3dnPu7x88a8/7JwwMKj7BgAJ (Jenkins CERT private)
            Followup to the November 2016 security fix. We need ideas for making the CLI less (not?) vulnerable to that kind of exploit.

            [https://groups.google.com/d/msg/jenkinsci-dev/ijnIr8LhBG0/tM4Jc39cDgAJ]
            jglick Jesse Glick made changes -
            Remote Link This issue links to "Formal proposal (Web Link)" [ 15719 ]
            jglick Jesse Glick made changes -
            Description Followup to the November 2016 security fix. We need ideas for making the CLI less (not?) vulnerable to that kind of exploit.

            [https://groups.google.com/d/msg/jenkinsci-dev/ijnIr8LhBG0/tM4Jc39cDgAJ]
            [Proposal|https://gist.github.com/jglick/9721427da892a9b2f75dc5bc09f8e6b3]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-33595 [ JENKINS-33595 ]
            Hide
            jglick Jesse Glick added a comment -

            Tasks not tracked in core PR:

            • offer a support-core-plugin patch
            • check acceptance-test-harness

             

            Show
            jglick Jesse Glick added a comment - Tasks not tracked in core PR: offer a support-core-plugin patch check acceptance-test-harness  
            Hide
            jglick Jesse Glick added a comment - - edited

            Also:

            Show
            jglick Jesse Glick added a comment - - edited Also: update https://github.com/jenkinsci-cert/SECURITY-218  to note that this is now obsolete
            jglick Jesse Glick made changes -
            Remote Link This issue links to "support-core PR 110 (Web Link)" [ 15901 ]
            jglick Jesse Glick made changes -
            Remote Link This issue links to "sshd-module PR 11 (Web Link)" [ 15902 ]
            jglick Jesse Glick made changes -
            Remote Link This issue links to "jenkins.io PR 802 (Web Link)" [ 15903 ]
            jglick Jesse Glick made changes -
            Remote Link This issue links to "SECURITY-218 page PR 8 (Web Link)" [ 15904 ]
            jglick Jesse Glick made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Steven Christou
            Path:
            src/main/java/com/cloudbees/jenkins/support/SupportCommand.java
            http://jenkins-ci.org/commit/support-core-plugin/9b3442585e6394e0b0f119817d6752a8cf913641
            Log:
            Merge pull request #110 from jglick/CLI-JENKINS-41745

            JENKINS-41745 Allow SupportCommand to work without a Remoting channel

            Compare: https://github.com/jenkinsci/support-core-plugin/compare/17ac51588ad9...9b3442585e63

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Steven Christou Path: src/main/java/com/cloudbees/jenkins/support/SupportCommand.java http://jenkins-ci.org/commit/support-core-plugin/9b3442585e6394e0b0f119817d6752a8cf913641 Log: Merge pull request #110 from jglick/CLI- JENKINS-41745 JENKINS-41745 Allow SupportCommand to work without a Remoting channel Compare: https://github.com/jenkinsci/support-core-plugin/compare/17ac51588ad9...9b3442585e63
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Jesse Glick
            Path:
            cli/pom.xml
            cli/src/main/java/hudson/cli/CLI.java
            cli/src/main/java/hudson/util/QuotedStringTokenizer.java
            cli/src/main/resources/hudson/cli/client/Messages.properties
            core/src/main/java/hudson/util/QuotedStringTokenizer.java
            test/src/test/groovy/hudson/cli/SetBuildParameterCommandTest.groovy
            http://jenkins-ci.org/commit/jenkins/492dbbed10cbf524f01f165e3c50b0ccfe1ea134
            Log:
            JENKINS-41745 Make jenkins-cli.jar connect to the SSH port by default.

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: cli/pom.xml cli/src/main/java/hudson/cli/CLI.java cli/src/main/java/hudson/util/QuotedStringTokenizer.java cli/src/main/resources/hudson/cli/client/Messages.properties core/src/main/java/hudson/util/QuotedStringTokenizer.java test/src/test/groovy/hudson/cli/SetBuildParameterCommandTest.groovy http://jenkins-ci.org/commit/jenkins/492dbbed10cbf524f01f165e3c50b0ccfe1ea134 Log: JENKINS-41745 Make jenkins-cli.jar connect to the SSH port by default.
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Jesse Glick
            Path:
            test/src/test/java/hudson/cli/CLIActionTest.java
            http://jenkins-ci.org/commit/jenkins/c2a5d8512356aca5532be83a5444b2f941e72510
            Log:
            Establishing baseline behavior of JENKINS-12543: no workaround when using Remoting transport other than SSH authentication.
            (Verifying that this affects only @Argument in CLICommand, not @CLIMethod.)
            With the new HTTP protocol in JENKINS-41745, API tokens may be used to set a transport authentication.

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: test/src/test/java/hudson/cli/CLIActionTest.java http://jenkins-ci.org/commit/jenkins/c2a5d8512356aca5532be83a5444b2f941e72510 Log: Establishing baseline behavior of JENKINS-12543 : no workaround when using Remoting transport other than SSH authentication. (Verifying that this affects only @Argument in CLICommand, not @CLIMethod.) With the new HTTP protocol in JENKINS-41745 , API tokens may be used to set a transport authentication.
            jglick Jesse Glick made changes -
            Status In Review [ 10005 ] Resolved [ 5 ]
            Resolution Fixed [ 1 ]
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Jesse Glick
            Path:
            content/doc/book/managing/cli.adoc
            http://jenkins-ci.org/commit/jenkins.io/9c8f1c743245095069feb0dc1e7bc70505acb5bb
            Log:
            JENKINS-41745 Updating CLI documentation for non-Remoting modes

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: content/doc/book/managing/cli.adoc http://jenkins-ci.org/commit/jenkins.io/9c8f1c743245095069feb0dc1e7bc70505acb5bb Log: JENKINS-41745 Updating CLI documentation for non-Remoting modes
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Daniel Beck
            Path:
            content/doc/book/managing/cli.adoc
            http://jenkins-ci.org/commit/jenkins.io/b1b7dd91e4243efde4906333c9707696607244f3
            Log:
            Merge pull request #802 from jglick/patch-1

            JENKINS-41745 Updating CLI documentation for non-Remoting modes

            Compare: https://github.com/jenkins-infra/jenkins.io/compare/3359e99eaef7...b1b7dd91e424

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Daniel Beck Path: content/doc/book/managing/cli.adoc http://jenkins-ci.org/commit/jenkins.io/b1b7dd91e4243efde4906333c9707696607244f3 Log: Merge pull request #802 from jglick/patch-1 JENKINS-41745 Updating CLI documentation for non-Remoting modes Compare: https://github.com/jenkins-infra/jenkins.io/compare/3359e99eaef7...b1b7dd91e424
            jglick Jesse Glick made changes -
            Link This issue is blocked by JENKINS-21695 [ JENKINS-21695 ]
            jglick Jesse Glick made changes -
            Link This issue is blocked by JENKINS-43517 [ JENKINS-43517 ]
            Hide
            danielbeck Daniel Beck added a comment -

            Whoever brought up this issue on the changelog community feedback, please file a new issue and link it. Thanks!

            Show
            danielbeck Daniel Beck added a comment - Whoever brought up this issue on the changelog community feedback, please file a new issue and link it. Thanks!
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Jesse Glick
            Path:
            cli/pom.xml
            cli/src/main/java/hudson/cli/CLI.java
            cli/src/main/java/hudson/cli/CLIConnectionFactory.java
            cli/src/main/java/hudson/cli/CliEntryPoint.java
            cli/src/main/java/hudson/cli/CliPort.java
            cli/src/main/java/hudson/cli/Connection.java
            cli/src/main/java/hudson/cli/DiagnosedStreamCorruptionException.java
            cli/src/main/java/hudson/cli/FlightRecorderInputStream.java
            cli/src/main/java/hudson/cli/FullDuplexHttpStream.java
            cli/src/main/java/hudson/cli/HexDump.java
            cli/src/main/java/hudson/cli/PlainCLIProtocol.java
            cli/src/main/java/hudson/cli/SSHCLI.java
            cli/src/main/java/hudson/cli/SequenceOutputStream.java
            cli/src/main/java/hudson/util/QuotedStringTokenizer.java
            cli/src/main/resources/hudson/cli/client/Messages.properties
            cli/src/test/java/hudson/cli/PlainCLIProtocolTest.java
            cli/src/test/java/hudson/cli/PrivateKeyProviderTest.java
            core/pom.xml
            core/src/main/java/hudson/cli/CLIAction.java
            core/src/main/java/hudson/cli/CLICommand.java
            core/src/main/java/hudson/cli/CliManagerImpl.java
            core/src/main/java/hudson/cli/CliProtocol.java
            core/src/main/java/hudson/cli/CliProtocol2.java
            core/src/main/java/hudson/cli/CliTransportAuthenticator.java
            core/src/main/java/hudson/cli/ClientAuthenticationCache.java
            core/src/main/java/hudson/cli/CommandDuringBuild.java
            core/src/main/java/hudson/cli/ConsoleCommand.java
            core/src/main/java/hudson/cli/HelpCommand.java
            core/src/main/java/hudson/cli/InstallPluginCommand.java
            core/src/main/java/hudson/cli/InstallToolCommand.java
            core/src/main/java/hudson/cli/LoginCommand.java
            core/src/main/java/hudson/cli/LogoutCommand.java
            core/src/main/java/hudson/cli/SetBuildParameterCommand.java
            core/src/main/java/hudson/cli/SetBuildResultCommand.java
            core/src/main/java/hudson/cli/util/ScriptLoader.java
            core/src/main/java/hudson/model/FileParameterDefinition.java
            core/src/main/java/hudson/model/FullDuplexHttpChannel.java
            core/src/main/java/hudson/model/ParameterDefinition.java
            core/src/main/java/hudson/security/AbstractPasswordBasedSecurityRealm.java
            core/src/main/java/hudson/security/CliAuthenticator.java
            core/src/main/java/hudson/security/SecurityRealm.java
            core/src/main/java/hudson/util/QuotedStringTokenizer.java
            core/src/main/java/jenkins/CLI.java
            core/src/main/java/jenkins/install/SetupWizard.java
            core/src/main/java/jenkins/util/FullDuplexHttpService.java
            core/src/main/resources/hudson/cli/Messages.properties
            core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message.jelly
            core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message.properties
            core/src/main/resources/jenkins/CLI/config.jelly
            core/src/main/resources/jenkins/CLI/help-enabled.html
            pom.xml
            test/pom.xml
            test/src/test/groovy/hudson/cli/SetBuildParameterCommandTest.groovy
            test/src/test/java/hudson/cli/BuildCommand2Test.java
            test/src/test/java/hudson/cli/CLIActionTest.java
            test/src/test/java/hudson/cli/CLITest.java
            test/src/test/java/hudson/cli/GetJobCommandTest.java
            test/src/test/java/hudson/cli/InstallPluginCommandTest.java
            test/src/test/java/hudson/model/ComputerSetTest.java
            test/src/test/java/hudson/model/listeners/ItemListenerTest.java
            test/src/test/java/hudson/security/CliAuthenticationTest.java
            test/src/test/java/jenkins/CLITest.java
            test/src/test/java/jenkins/security/Security218BlackBoxTest.java
            test/src/test/java/jenkins/security/Security218CliTest.java
            test/src/test/java/jenkins/security/Security232Test.java
            test/src/test/resources/hudson/cli/id_rsa
            test/src/test/resources/hudson/cli/id_rsa.pub
            war/pom.xml
            war/src/main/webapp/help/parameter/file.html
            http://jenkins-ci.org/commit/jenkins/de629fc0a0d6b96b0d3ca89c59e8416f64afc4d7
            Log:
            [FIXED JENKINS-41745] Merged #2795: non-Remoting-based CLI.

            (cherry picked from commit 729016989e13632bc980957d05060510efddf41f)

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Jesse Glick Path: cli/pom.xml cli/src/main/java/hudson/cli/CLI.java cli/src/main/java/hudson/cli/CLIConnectionFactory.java cli/src/main/java/hudson/cli/CliEntryPoint.java cli/src/main/java/hudson/cli/CliPort.java cli/src/main/java/hudson/cli/Connection.java cli/src/main/java/hudson/cli/DiagnosedStreamCorruptionException.java cli/src/main/java/hudson/cli/FlightRecorderInputStream.java cli/src/main/java/hudson/cli/FullDuplexHttpStream.java cli/src/main/java/hudson/cli/HexDump.java cli/src/main/java/hudson/cli/PlainCLIProtocol.java cli/src/main/java/hudson/cli/SSHCLI.java cli/src/main/java/hudson/cli/SequenceOutputStream.java cli/src/main/java/hudson/util/QuotedStringTokenizer.java cli/src/main/resources/hudson/cli/client/Messages.properties cli/src/test/java/hudson/cli/PlainCLIProtocolTest.java cli/src/test/java/hudson/cli/PrivateKeyProviderTest.java core/pom.xml core/src/main/java/hudson/cli/CLIAction.java core/src/main/java/hudson/cli/CLICommand.java core/src/main/java/hudson/cli/CliManagerImpl.java core/src/main/java/hudson/cli/CliProtocol.java core/src/main/java/hudson/cli/CliProtocol2.java core/src/main/java/hudson/cli/CliTransportAuthenticator.java core/src/main/java/hudson/cli/ClientAuthenticationCache.java core/src/main/java/hudson/cli/CommandDuringBuild.java core/src/main/java/hudson/cli/ConsoleCommand.java core/src/main/java/hudson/cli/HelpCommand.java core/src/main/java/hudson/cli/InstallPluginCommand.java core/src/main/java/hudson/cli/InstallToolCommand.java core/src/main/java/hudson/cli/LoginCommand.java core/src/main/java/hudson/cli/LogoutCommand.java core/src/main/java/hudson/cli/SetBuildParameterCommand.java core/src/main/java/hudson/cli/SetBuildResultCommand.java core/src/main/java/hudson/cli/util/ScriptLoader.java core/src/main/java/hudson/model/FileParameterDefinition.java core/src/main/java/hudson/model/FullDuplexHttpChannel.java core/src/main/java/hudson/model/ParameterDefinition.java core/src/main/java/hudson/security/AbstractPasswordBasedSecurityRealm.java core/src/main/java/hudson/security/CliAuthenticator.java core/src/main/java/hudson/security/SecurityRealm.java core/src/main/java/hudson/util/QuotedStringTokenizer.java core/src/main/java/jenkins/CLI.java core/src/main/java/jenkins/install/SetupWizard.java core/src/main/java/jenkins/util/FullDuplexHttpService.java core/src/main/resources/hudson/cli/Messages.properties core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message.jelly core/src/main/resources/jenkins/CLI/WarnWhenEnabled/message.properties core/src/main/resources/jenkins/CLI/config.jelly core/src/main/resources/jenkins/CLI/help-enabled.html pom.xml test/pom.xml test/src/test/groovy/hudson/cli/SetBuildParameterCommandTest.groovy test/src/test/java/hudson/cli/BuildCommand2Test.java test/src/test/java/hudson/cli/CLIActionTest.java test/src/test/java/hudson/cli/CLITest.java test/src/test/java/hudson/cli/GetJobCommandTest.java test/src/test/java/hudson/cli/InstallPluginCommandTest.java test/src/test/java/hudson/model/ComputerSetTest.java test/src/test/java/hudson/model/listeners/ItemListenerTest.java test/src/test/java/hudson/security/CliAuthenticationTest.java test/src/test/java/jenkins/CLITest.java test/src/test/java/jenkins/security/Security218BlackBoxTest.java test/src/test/java/jenkins/security/Security218CliTest.java test/src/test/java/jenkins/security/Security232Test.java test/src/test/resources/hudson/cli/id_rsa test/src/test/resources/hudson/cli/id_rsa.pub war/pom.xml war/src/main/webapp/help/parameter/file.html http://jenkins-ci.org/commit/jenkins/de629fc0a0d6b96b0d3ca89c59e8416f64afc4d7 Log: [FIXED JENKINS-41745] Merged #2795: non-Remoting-based CLI. (cherry picked from commit 729016989e13632bc980957d05060510efddf41f)
            jglick Jesse Glick made changes -
            Link This issue is blocked by JENKINS-43666 [ JENKINS-43666 ]
            jglick Jesse Glick made changes -
            Link This issue is blocked by JENKINS-46659 [ JENKINS-46659 ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-49205 [ JENKINS-49205 ]

              People

              • Assignee:
                jglick Jesse Glick
                Reporter:
                danielbeck Daniel Beck
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: