Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-10586 Prioritized ssh-rsa algorithm in SFTP Processors 

- The default configuration prioritizes ssh-rsa when Key Algorithms Allowed is not specified

Signed-off-by: Nathan Gough <thenatog@gmail.com>

This closes #6479.
This commit is contained in:
exceptionfactory 2022-10-03 17:27:58 -05:00 committed by Nathan Gough
parent 1ec8c84b6a
commit d1145ee34e
2 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/ssh/StandardSSHConfigProvider.java
View File

@ -67,6 +67,12 @@ public class StandardSSHConfigProvider implements SSHConfigProvider {
getOptionalProperty(context, KEY_EXCHANGE_ALGORITHMS_ALLOWED).ifPresent(property -> config.setKeyExchangeFactories(getFilteredValues(property, config.getKeyExchangeFactories())));
getOptionalProperty(context, MESSAGE_AUTHENTICATION_CODES_ALLOWED).ifPresent(property -> config.setMACFactories(getFilteredValues(property, config.getMACFactories())));
final String keyAlgorithmsAllowed = context.getProperty(KEY_ALGORITHMS_ALLOWED).evaluateAttributeExpressions().getValue();
if (keyAlgorithmsAllowed == null) {
// Prioritize ssh-rsa when Key Algorithms Allowed is not specified
config.prioritizeSshRsaKeyAlgorithm();
}
return config;
}

8
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/test/java/org/apache/nifi/processors/standard/ssh/StandardSSHConfigProviderTest.java
View File

@ -50,7 +50,7 @@ import static org.mockito.Mockito.when;
@ExtendWith(MockitoExtension.class)
public class StandardSSHConfigProviderTest {
private static final Config DEFAULT_CONFIG = new DefaultConfig();
private static final Config DEFAULT_CONFIG;
private static final String FIRST_ALLOWED_CIPHER = "aes128-ctr";
@ -66,6 +66,12 @@ public class StandardSSHConfigProviderTest {
private static final String IDENTIFIER = UUID.randomUUID().toString();
static {
final DefaultConfig prioritizedConfig = new DefaultConfig();
prioritizedConfig.prioritizeSshRsaKeyAlgorithm();
DEFAULT_CONFIG = prioritizedConfig;
}
@Mock
private PropertyContext context;