big-data/hadoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HADOOP-18894: upgrade sshd-core due to CVEs (#6060) Contributed by PJ Fanning.

Browse Source 
Reviewed-by: He Xiaoqiao <hexiaoqiao@apache.org>
Reviewed-by: Steve Loughran <stevel@cloudera.com>
Signed-off-by: Shilun Fan <slfan1989@apache.org>
This commit is contained in:
PJ Fanning 2024-01-21 01:13:25 +01:00 committed by GitHub
parent 2a1ee8dfcd
commit 76691dfa14
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 25 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
LICENSE-binary
View File

@ -335,6 +335,9 @@ org.apache.kerby:kerby-pkix:2.0.3
org.apache.kerby:kerby-util:2.0.3 org.apache.kerby:kerby-util:2.0.3
org.apache.kerby:kerby-xdr:2.0.3 org.apache.kerby:kerby-xdr:2.0.3
org.apache.kerby:token-provider:2.0.3 org.apache.kerby:token-provider:2.0.3
org.apache.sshd:sshd-common:2.11.0
org.apache.sshd:sshd-core:2.11.0
org.apache.sshd:sshd-sftp:2.11.0
org.apache.solr:solr-solrj:8.11.2 org.apache.solr:solr-solrj:8.11.2
org.apache.yetus:audience-annotations:0.5.0 org.apache.yetus:audience-annotations:0.5.0
org.apache.zookeeper:zookeeper:3.8.3 org.apache.zookeeper:zookeeper:3.8.3

5
hadoop-common-project/hadoop-common/pom.xml
View File

@ -316,6 +316,11 @@
<artifactId>sshd-core</artifactId> <artifactId>sshd-core</artifactId>
<scope>test</scope> <scope>test</scope>
</dependency> </dependency>
<dependency>
<groupId>org.apache.sshd</groupId>
<artifactId>sshd-sftp</artifactId>
<scope>test</scope>
</dependency>
<dependency> <dependency>
<groupId>org.apache.ftpserver</groupId> <groupId>org.apache.ftpserver</groupId>
<artifactId>ftpserver-core</artifactId> <artifactId>ftpserver-core</artifactId>

7
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/contract/sftp/SFTPContract.java
View File

@ -31,12 +31,11 @@
import org.apache.hadoop.fs.Path; import org.apache.hadoop.fs.Path;
import org.apache.hadoop.fs.contract.AbstractFSContract; import org.apache.hadoop.fs.contract.AbstractFSContract;
import org.apache.hadoop.fs.sftp.SFTPFileSystem; import org.apache.hadoop.fs.sftp.SFTPFileSystem;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.server.SshServer; import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.auth.UserAuth; import org.apache.sshd.server.auth.UserAuthFactory;
import org.apache.sshd.server.auth.password.UserAuthPasswordFactory; import org.apache.sshd.server.auth.password.UserAuthPasswordFactory;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider; import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.subsystem.sftp.SftpSubsystemFactory; import org.apache.sshd.sftp.server.SftpSubsystemFactory;
public class SFTPContract extends AbstractFSContract { public class SFTPContract extends AbstractFSContract {
@ -61,7 +60,7 @@ public void init() throws IOException {
sshd.setPort(0); sshd.setPort(0);
sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider()); sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider());
List<NamedFactory<UserAuth>> userAuthFactories = new ArrayList<>(); List<UserAuthFactory> userAuthFactories = new ArrayList<>();
userAuthFactories.add(new UserAuthPasswordFactory()); userAuthFactories.add(new UserAuthPasswordFactory());
sshd.setUserAuthFactories(userAuthFactories); sshd.setUserAuthFactories(userAuthFactories);

18
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/fs/sftp/TestSFTPFileSystem.java
View File

@ -22,7 +22,7 @@
import java.nio.file.Files; import java.nio.file.Files;
import java.nio.file.attribute.BasicFileAttributes; import java.nio.file.attribute.BasicFileAttributes;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Collections;
import java.util.List; import java.util.List;
import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.conf.Configuration;
@ -35,18 +35,13 @@
import org.apache.hadoop.test.GenericTestUtils; import org.apache.hadoop.test.GenericTestUtils;
import static org.apache.hadoop.test.PlatformAssumptions.assumeNotWindows; import static org.apache.hadoop.test.PlatformAssumptions.assumeNotWindows;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.server.Command;
import org.apache.sshd.server.SshServer; import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.auth.UserAuth; import org.apache.sshd.server.auth.UserAuthFactory;
import org.apache.sshd.server.auth.password.PasswordAuthenticator; import org.apache.sshd.server.auth.password.PasswordAuthenticator;
import org.apache.sshd.server.auth.password.UserAuthPasswordFactory; import org.apache.sshd.server.auth.password.UserAuthPasswordFactory;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider; import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
import org.apache.sshd.server.session.ServerSession; import org.apache.sshd.server.session.ServerSession;
import org.apache.sshd.server.subsystem.sftp.SftpSubsystemFactory; import org.apache.sshd.sftp.server.SftpSubsystemFactory;
import org.junit.After;
import org.junit.AfterClass;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertArrayEquals;
@ -54,6 +49,8 @@
import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertTrue;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before; import org.junit.Before;
import org.junit.BeforeClass; import org.junit.BeforeClass;
import org.junit.Rule; import org.junit.Rule;
@ -82,8 +79,7 @@ private static void startSshdServer() throws IOException {
sshd.setPort(0); sshd.setPort(0);
sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider()); sshd.setKeyPairProvider(new SimpleGeneratorHostKeyProvider());
List<NamedFactory<UserAuth>> userAuthFactories = List<UserAuthFactory> userAuthFactories = new ArrayList<>();
new ArrayList<NamedFactory<UserAuth>>();
userAuthFactories.add(new UserAuthPasswordFactory()); userAuthFactories.add(new UserAuthPasswordFactory());
sshd.setUserAuthFactories(userAuthFactories); sshd.setUserAuthFactories(userAuthFactories);
@ -100,7 +96,7 @@ public boolean authenticate(String username, String password,
}); });
sshd.setSubsystemFactories( sshd.setSubsystemFactories(
Arrays.<NamedFactory<Command>>asList(new SftpSubsystemFactory())); Collections.singletonList(new SftpSubsystemFactory()));
sshd.start(); sshd.start();
port = sshd.getPort(); port = sshd.getPort();

8
hadoop-project/pom.xml
View File

@ -202,6 +202,7 @@
<swagger-annotations-version>1.5.4</swagger-annotations-version> <swagger-annotations-version>1.5.4</swagger-annotations-version>
<snakeyaml.version>2.0</snakeyaml.version> <snakeyaml.version>2.0</snakeyaml.version>
<sshd.version>2.11.0</sshd.version>
<hbase.one.version>1.7.1</hbase.one.version> <hbase.one.version>1.7.1</hbase.one.version>
<hbase.two.version>2.2.4</hbase.two.version> <hbase.two.version>2.2.4</hbase.two.version>
<junit.version>4.13.2</junit.version> <junit.version>4.13.2</junit.version>
@ -1133,7 +1134,12 @@
<dependency> <dependency>
<groupId>org.apache.sshd</groupId> <groupId>org.apache.sshd</groupId>
<artifactId>sshd-core</artifactId> <artifactId>sshd-core</artifactId>
<version>1.6.0</version> <version>${sshd.version}</version>
</dependency>
<dependency>
<groupId>org.apache.sshd</groupId>
<artifactId>sshd-sftp</artifactId>
<version>${sshd.version}</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.apache.ftpserver</groupId> <groupId>org.apache.ftpserver</groupId>