Apache/jclouds
1
0
Fork 0
mirror of https://github.com/apache/jclouds.git synced 2025-02-07 10:39:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,844 Commits 23 Branches 132 Tags
Commit Graph

123 Commits

Author SHA1 Message Date
Andrew Gaul
552eb95c44 Fix Files name collision 
Regression from b282b5cbfef760be026660522e78d1bba81988ac.
 2022-11-21 07:49:18 +09:00
Jonathan Leitschuh
b282b5cbfe vuln-fix: Temporary File Information Disclosure 
This fixes temporary file information disclosure vulnerability due to the use
of the vulnerable `File.createTempFile()` method. The vulnerability is fixed by
using the `Files.createTempFile()` method which sets the correct posix permissions.

Weakness: CWE-377: Insecure Temporary File
Severity: Medium
CVSSS: 5.5
Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.SecureTempFileCreation)

Reported-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>

Bug-tracker: https://github.com/JLLeitschuh/security-research/issues/18


Co-authored-by: Moderne <team@moderne.io>
 2022-11-20 21:31:45 +09:00
Andrew Gaul
36f351cd18 Next development version 2.6.0-SNAPSHOT 2022-03-26 18:30:06 +09:00
Andrew Gaul
e8e78689e6 Next development version 2.4.0-SNAPSHOT 2021-09-19 08:58:25 +09:00
Andrew Gaul
7ad7890ad0 Next development version 2.4.0-SNAPSHOT 2021-04-14 23:07:54 +09:00
gurkerl83
32f6c4d50f Remove the OSGi configuration from each module. The approach of defining OSGi configuration through common properties and serving them to the bundle plugin gets no longer used; instead, OSGi configuration gets defined in each module's dedicated bnd file. 2020-10-26 19:58:41 +09:00
gurkerl83
7a9cd345a6 Onboard bnd-configuration files, one per module 2020-10-26 19:58:41 +09:00
Andrew Gaul
62767a1461 JCLOUDS-1333: JCLOUDS-1334: JCLOUDS-1470: Require Java 8 and Guava 22 
This allows compatibility with Guava 29.  Also unwind some older
workarounds.
 2020-06-25 08:11:30 +09:00
Colm O hEigeartaigh
b96158e6ed JCLOUDS-1532 - Update SSHJ + JSCH (#57) 2019-12-03 17:17:06 +01:00
Ignasi Barrera
f5b29c7028 Next development version 2.3.0-SNAPSHOT 2019-10-21 10:32:43 +02:00
Ignasi Barrera
7221844fac Apache jclouds 2.2.0-rc1 release 2019-10-21 10:32:43 +02:00
Andrew Gaul
46a9f574e2 Fix some orphaned format strings 
These lack values to format with.  Found via error-prone 2.3.0.
 2018-04-19 08:43:46 -07:00
andreaturli
d17487b223 fix typo in project.version 
- from 2.2.0-SNAPSHOST to 2.2.0-SNAPSHOT
 2018-02-21 16:45:43 +01:00
andreaturli
a5db565581 Next development version 2.2.0-SNAPSHOST 2018-02-16 11:23:12 +01:00
andreaturli
9273bd56ad Apache jclouds 2.1.0-rc3 release 2018-02-16 11:20:21 +01:00
Andrew Gaul
a493e2ca2f JCLOUDS-1225: Address Guava 18 Objects changes 
Fixed with:

find -name \*.java | xargs sed -i 's/Objects.[Tt]oStringHelper/More&/g'
find -name \*.java | xargs sed -i 's/Objects.firstNonNull/More&/g'
find -name \*.java | xargs sed -i 's/^\(import com.google.common.base.\)\(Objects.*\)/\1More\2\n\1\2/g'
find -name \*.java | xargs java -jar google-java-format-1.3-all-deps.jar -i --fix-imports-only --skip-sorting-imports
 2017-08-22 17:12:53 -07:00
Andrea Turli
014f7a4fb9 bump sshj version to 0.20.0 
- this version contains some bux fixes especially useful for OSGi
 2017-03-06 17:03:53 +01:00
Ignasi Barrera
2f70f85c2b Remove all sonatype snapshot repositories 2017-03-03 10:49:48 +01:00
Ignasi Barrera
d290705419 Next development version 2.1.0-SNAPSHOT 2016-11-15 01:12:59 +01:00
Ignasi Barrera
6a3a37f4e0 Apache jclouds 2.0.0-rc3 release 2016-11-09 22:30:45 +01:00
Ignasi Barrera
edbb2c0e6f Log information according to the auth precedence 2016-10-19 10:45:50 +02:00
Ignasi Barrera
7dc73ee0bf Do not try to connect to ssh if already connected 2016-08-12 00:39:28 +02:00
Andrew Gaul
cdbf856900 Address error-prone AssertFalse warnings 2016-04-27 18:54:09 -07:00
Andrew Gaul
66cda12b50 Avoid eager evaluation of Preconditions messages 
Found via error-prone.
 2016-04-24 23:28:55 -07:00
Reijhanniel Jearl Campos
a4b8a73790 JCLOUDS-1053: Fallback to -1 when sshj exit status returns null 2016-01-22 12:40:35 +01:00
Nikolay Sokolov
060b66a4f7 Close connection during ExecChannel 2015-10-25 23:02:33 +01:00
Stuart Hendren
4f649b43f4 JCLOUDS-827: Upgrading sshj to 0.12.0 (new group ID too) 
Also upgraded jsch.agentproxy.* to 0.0.9 and bouncycastle
to 1.51 - required for the sshj change.
 2015-08-12 13:47:41 -04:00
Stuart Hendren
f6a97139c9 JCLOUDS-921 prioritise key over password in SSHClientConnection 
From ticket:
If keyboard interactive login is not allowed on the box but the user also requires a sudo password the ssh fails as it prioritises the password.
If you remove the password then the sudo fails in the SudoAwareInitManager.
It would seem better to prioritise the key over the password in SSHClientConnection or possibly try both if they are both present, and the first fails.

This commit swaps the order of the if else check to use the ssh key if present.
 2015-06-11 13:48:19 +02:00
Andrew Phillips
7f38520314 JCLOUDS-884: Only try netcat over ssh-agent as an agentproxy 
See http://markmail.org/thread/oto47qk2kzcdtebb
 2015-04-09 09:48:40 -04:00
Ignasi Barrera
f469cf8b51 Next development version 2.0.0-SNAPSHOT 2015-03-24 10:52:01 +01:00
Ignasi Barrera
bb41ed4341 Apache jclouds 1.9.0 release 2015-03-24 10:35:42 +01:00
Adrian Cole
3980cd791b Revert "JCLOUDS-653: Address Guava 18 deprecations" 
This reverts commit 95cfc0d950861e5bc753ee3b0669aa5c59c217e8.

Many conflicts due to duration between above commit and now
 2014-10-24 10:45:58 -07:00
Andrew Phillips
b3882cbfed Updating jsch.agentproxy 0.0.7 -> 0.0.8 
New version uses net.java.dev.jna:jna 4.1.0. The old version uses 3.4.0,
which is only LGPL-licensed.
 2014-10-18 16:23:18 -04:00
Andrew Phillips
53fc568743 Using net.java.dev.jna:jna 4.0.0 for jsch.agentproxy 
The default version 3.4.0 is only LGPL-licensed.

This commit can be reverted once SMX4-1859 is published and we can
update to 0.0.8 agentproxy versions.
 2014-10-06 18:26:24 -04:00
Andrew Gaul
74fb8f0183 Add whitespace after semicolons 
Also correct some bad line-wrapping.
 2014-08-26 11:06:00 -07:00
Andrew Gaul
95cfc0d950 JCLOUDS-653: Address Guava 18 deprecations 
Mostly renaming Objects.toStringHelper to MoreObjects.toStringHelper.
 2014-08-08 11:12:21 -07:00
Andrew Phillips
e3d9851216 Up to 2.0.0-SNAPSHOT after the 1.8.0 release 2014-08-05 09:10:24 +02:00
Aled Sage
1fb286809e JCLOUDS-549: Fix NPE in LoginCredentials.toString 
- also deprecates LoginCredentails.get(Password|PrivateKey)
- use getOptionalPassword and getOptionalPrivateKey instead
 2014-07-18 14:09:18 +01:00
Andrew Gaul
fb60d76704 JCLOUDS-622: Remove most vestiges of InputSupplier 
Guava 16 deprecated InputSupplier and a future release will remove it.
 2014-07-16 16:07:59 -07:00
Andrew Gaul
086fb9c728 JCLOUDS-629: SshjSshClient Payload without length 
sshj treats -1 as an unknown length and uses a less efficient copying
mechanism.
 2014-07-15 13:11:37 -07:00
Andrew Gaul
9cdd53b0b7 JCLOUDS-546: Remove Javadoc @author annotations 
Annotations removed with:

find -name \*.java | xargs sed -i /@author/d

Empty Javadoc removed with multiple iterations of:

find -name \*.java | xargs sed -i -z 's/ \*\n \*\// \*\//'
find -name \*.java | xargs sed -i -z 's/ \* \n \*\// \*\//'
find -name \*.java | xargs sed -i -z 's/\/\*\*\n \*\/\n//'
 2014-06-07 21:44:54 -07:00
Andrew Gaul
bae4377dca Prefer File.delete over File.deleteOnExit 
The former has deterministic behavior and avoids resource leaks.
 2014-05-23 16:17:10 -07:00
Ignasi Barrera
aef9fc8d83 JCLOUDS-561: Properly populate the ssh agent connection in the builder methods 2014-05-08 08:52:58 +02:00
Pasi Niemi
85a1a8c1dd JCLOUDS-516: Add ssh agent support via sch agentproxy 2014-03-27 09:04:34 +01:00
Andrew Phillips
4330eaec57 JCLOUDS-452: Adding bcpkix to the jclouds-sshj driver. Required by sshj. 
Thanks to Andrea Turli and Ignasi Barrera for research and testing!
 2014-02-05 17:02:15 +00:00
Andrew Gaul
c7b0f66544 Replace calls to Closeables.closeQuietly 
Guava 16 removes this API.  Replace with Closeables2.closeQuietly.
References JCLOUDS-413 and JCLOUDS-415.
 2013-12-21 12:30:59 -08:00
Andrew Bayer
c1ee11d9bd Updating to 1.8.0-SNAPSHOT 2013-12-17 11:31:56 -08:00
Andrew Gaul
828d8790c2 Enforce no unused imports via Checkstyle 
Removed with:

mvn checkstyle:checkstyle --quiet -Dcheckstyle.output.file=/dev/stdout -Dcheckstyle.output.format=plain | tac | while read i; do echo $i | sed -n 's/\([^:]*\):\([^:]*\):.*/sed -i \2d \1/p' | bash; done
 2013-12-11 17:27:43 -08:00
Andrew Gaul
17ce72794c Enable RedundantModifier for Checkstyle 2013-10-31 10:23:30 -07:00
adriancole
ed2f18a1af JCLOUDS-31. updated to ASF headers via mvn com.mycila.maven-license-plugin:maven-license-plugin:format 2013-05-16 21:30:37 -07:00