From 76691dfa147a860f25c1567a1f2c7e438b8aa0f9 Mon Sep 17 00:00:00 2001 From: PJ Fanning Date: Sun, 21 Jan 2024 01:13:25 +0100 Subject: [PATCH] HADOOP-18894: upgrade sshd-core due to CVEs (#6060) Contributed by PJ Fanning. Reviewed-by: He Xiaoqiao Reviewed-by: Steve Loughran Signed-off-by: Shilun Fan --- LICENSE-binary | 3 +++ hadoop-common-project/hadoop-common/pom.xml | 5 +++++ .../hadoop/fs/contract/sftp/SFTPContract.java | 7 +++---- .../hadoop/fs/sftp/TestSFTPFileSystem.java | 18 +++++++----------- hadoop-project/pom.xml | 8 +++++++- 5 files changed, 25 insertions(+), 16 deletions(-) diff --git a/LICENSE-binary b/LICENSE-binary index 1ebc44b058..3720a78095 100644 --- a/LICENSE-binary +++ b/LICENSE-binary @@ -335,6 +335,9 @@ org.apache.kerby:kerby-pkix:2.0.3 org.apache.kerby:kerby-util:2.0.3 org.apache.kerby:kerby-xdr:2.0.3 org.apache.kerby:token-provider:2.0.3 +org.apache.sshd:sshd-common:2.11.0 +org.apache.sshd:sshd-core:2.11.0 +org.apache.sshd:sshd-sftp:2.11.0 org.apache.solr:solr-solrj:8.11.2 org.apache.yetus:audience-annotations:0.5.0 org.apache.zookeeper:zookeeper:3.8.3 diff --git a/hadoop-common-project/hadoop-common/pom.xml b/hadoop-common-project/hadoop-common/pom.xml index 448f644b6d..3b3279ff4e 100644 --- a/hadoop-common-project/hadoop-common/pom.xml +++ b/hadoop-common-project/hadoop-common/pom.xml @@ -316,6 +316,11 @@ sshd-core test + + org.apache.sshd + sshd-sftp + test + org.apache.ftpserver ftpserver-core diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/contract/sftp/SFTPContract.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/contract/sftp/SFTPContract.java index f72a2aec86..631c895865 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/contract/sftp/SFTPContract.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/contract/sftp/SFTPContract.java @@ -31,12 +31,11 @@ import org.apache.hadoop.fs.Path; import org.apache.hadoop.fs.contract.AbstractFSContract; import org.apache.hadoop.fs.sftp.SFTPFileSystem; -import org.apache.sshd.common.NamedFactory; import org.apache.sshd.server.SshServer; -import org.apache.sshd.server.auth.UserAuth; +import org.apache.sshd.server.auth.UserAuthFactory; import org.apache.sshd.server.auth.password.UserAuthPasswordFactory; import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider; -import org.apache.sshd.server.subsystem.sftp.SftpSubsystemFactory; +import org.apache.sshd.sftp.server.SftpSubsystemFactory; public class SFTPContract extends AbstractFSContract { @@ -61,7 +60,7 @@ public void init() throws IOException { sshd.setPort(0); sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider()); - List> userAuthFactories = new ArrayList<>(); + List userAuthFactories = new ArrayList<>(); userAuthFactories.add(new UserAuthPasswordFactory()); sshd.setUserAuthFactories(userAuthFactories); diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/sftp/TestSFTPFileSystem.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/sftp/TestSFTPFileSystem.java index e8ba5f211e..e425c2dea2 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/sftp/TestSFTPFileSystem.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/sftp/TestSFTPFileSystem.java @@ -22,7 +22,7 @@ import java.nio.file.Files; import java.nio.file.attribute.BasicFileAttributes; import java.util.ArrayList; -import java.util.Arrays; +import java.util.Collections; import java.util.List; import org.apache.hadoop.conf.Configuration; @@ -35,18 +35,13 @@ import org.apache.hadoop.test.GenericTestUtils; import static org.apache.hadoop.test.PlatformAssumptions.assumeNotWindows; -import org.apache.sshd.common.NamedFactory; -import org.apache.sshd.server.Command; import org.apache.sshd.server.SshServer; -import org.apache.sshd.server.auth.UserAuth; +import org.apache.sshd.server.auth.UserAuthFactory; import org.apache.sshd.server.auth.password.PasswordAuthenticator; import org.apache.sshd.server.auth.password.UserAuthPasswordFactory; import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider; import org.apache.sshd.server.session.ServerSession; -import org.apache.sshd.server.subsystem.sftp.SftpSubsystemFactory; - -import org.junit.After; -import org.junit.AfterClass; +import org.apache.sshd.sftp.server.SftpSubsystemFactory; import static org.assertj.core.api.Assertions.assertThat; import static org.junit.Assert.assertArrayEquals; @@ -54,6 +49,8 @@ import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; +import org.junit.After; +import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; import org.junit.Rule; @@ -82,8 +79,7 @@ private static void startSshdServer() throws IOException { sshd.setPort(0); sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider()); - List> userAuthFactories = - new ArrayList>(); + List userAuthFactories = new ArrayList<>(); userAuthFactories.add(new UserAuthPasswordFactory()); sshd.setUserAuthFactories(userAuthFactories); @@ -100,7 +96,7 @@ public boolean authenticate(String username, String password, }); sshd.setSubsystemFactories( - Arrays.>asList(new SftpSubsystemFactory())); + Collections.singletonList(new SftpSubsystemFactory())); sshd.start(); port = sshd.getPort(); diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml index ae5c434afd..e2fe8846ae 100644 --- a/hadoop-project/pom.xml +++ b/hadoop-project/pom.xml @@ -202,6 +202,7 @@ 1.5.4 2.0 + 2.11.0 1.7.1 2.2.4 4.13.2 @@ -1133,7 +1134,12 @@ org.apache.sshd sshd-core - 1.6.0 + ${sshd.version} + + + org.apache.sshd + sshd-sftp + ${sshd.version} org.apache.ftpserver