Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[FIXED JENKINS-12629]
Added the -noCertificateCheck option (the option name is consistent with
the slave.jar) that lets users bypass the HTTPS certificate check.

This allows trivial man-in-the-middle attack, so HTTPS will no longer be
HTTPS.
  • Loading branch information
kohsuke committed Feb 23, 2013
1 parent 5d68a20 commit 2edf322
Show file tree
Hide file tree
Showing 3 changed files with 44 additions and 3 deletions.
20 changes: 20 additions & 0 deletions cli/src/main/java/hudson/cli/CLI.java
Expand Up @@ -36,6 +36,11 @@

import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
Expand All @@ -60,6 +65,7 @@
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.DSAPublicKeySpec;
Expand Down Expand Up @@ -400,6 +406,20 @@ public static int _main(String[] _args) throws Exception {
args = args.subList(2,args.size());
continue;
}
if (head.equals("-noCertificateCheck")) {
System.out.println("Skipping HTTPS certificate checks altogether. Note that this is not secure at all.");
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new TrustManager[]{new NoCheckTrustManager()}, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
// bypass host name check, too.
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
args = args.subList(1,args.size());
continue;
}
if(head.equals("-i") && args.size()>=2) {
File f = new File(args.get(1));
if (!f.exists()) {
Expand Down
20 changes: 20 additions & 0 deletions cli/src/main/java/hudson/cli/NoCheckTrustManager.java
@@ -0,0 +1,20 @@
package hudson.cli;

import javax.net.ssl.TrustManager;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/**
* @author Kohsuke Kawaguchi
*/
public class NoCheckTrustManager implements TrustManager {

This comment has been minimized.

Copy link
@jglick

jglick Feb 25, 2013

Member

Why is this public?

public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}

public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
}

public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
7 changes: 4 additions & 3 deletions cli/src/main/resources/hudson/cli/client/Messages.properties
@@ -1,9 +1,10 @@
CLI.Usage=Jenkins CLI\n\
Usage: java -jar jenkins-cli.jar [-s URL] command [opts...] args...\n\
Options:\n\
\ -s URL : the server URL (defaults to the JENKINS_URL env var)\n\
\ -i KEY : SSH private key file used for authentication\n\
\ -p HOST:PORT : HTTP proxy host and port for HTTPS proxy tunneling. See http://jenkins-ci.org/https-proxy-tunnel\n\
-s URL : the server URL (defaults to the JENKINS_URL env var)\n\

This comment has been minimized.

Copy link
@jglick

jglick Feb 25, 2013

Member

I think the \ was actually needed here.

-i KEY : SSH private key file used for authentication\n\
-p HOST:PORT : HTTP proxy host and port for HTTPS proxy tunneling. See http://jenkins-ci.org/https-proxy-tunnel\n\
-noCertificateCheck : bypass HTTPS certificate check entirely. Use with caution\n\
\n\
The available commands depend on the server. Run the 'help' command to\n\
see the list.
Expand Down

0 comments on commit 2edf322

Please sign in to comment.