Merge branch 'security-stable-2.19' into security-stable-2.32

00a75819 · Jesse Glick · 53c022d2 · a0833ee4 · 00a75819 · 00a75819
5 changed file
--- a/core/src/main/java/hudson/console/ConsoleNote.java
+++ b/core/src/main/java/hudson/console/ConsoleNote.java
@@ -189,9 +189,11 @@ public abstract class ConsoleNote<T> implements Serializable, Describable<Consol
        DataOutputStream dos = new DataOutputStream(new Base64OutputStream(buf2,true,-1,null));
        try {
            buf2.write(PREAMBLE);
-            byte[] mac = MAC.mac(buf.toByteArray());
+            if (Jenkins.getInstanceOrNull() != null) { // else we are in another JVM and cannot sign; result will be ignored unless INSECURE
-            dos.writeInt(- mac.length); // negative to differentiate from older form
+                byte[] mac = MAC.mac(buf.toByteArray());
-            dos.write(mac);
+                dos.writeInt(- mac.length); // negative to differentiate from older form
+                dos.write(mac);
+            }
            dos.writeInt(buf.size());
            buf.writeTo(dos);
        } finally {

--- a/core/src/main/java/jenkins/security/ConfidentialStore.java
+++ b/core/src/main/java/jenkins/security/ConfidentialStore.java
@@ -59,9 +59,7 @@ public abstract class ConfidentialStore {
     * Retrieves the currently active singleton instance of {@link ConfidentialStore}.
     */
    public static @Nonnull ConfidentialStore get() {
-        if (TEST != null) {
+        if (TEST!=null) return TEST.get();
-            return TEST;
-        }
        Jenkins j = Jenkins.getInstance();
        Lookup lookup = j.lookup;
@@ -92,7 +90,7 @@ public abstract class ConfidentialStore {
    /**
     * Testing only. Used for testing {@link ConfidentialKey} without {@link Jenkins}
     */
-    /*package*/ static ConfidentialStore TEST = null;
+    /*package*/ static ThreadLocal<ConfidentialStore> TEST = null;
    private static final Logger LOGGER = Logger.getLogger(ConfidentialStore.class.getName());
 }
--- a/core/src/test/java/hudson/model/TaskActionTest.java
+++ b/core/src/test/java/hudson/model/TaskActionTest.java
 package hudson.model;
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertTrue;
 import java.io.ByteArrayOutputStream;
 import hudson.console.AnnotatedLargeText;
 import hudson.security.ACL;
 import hudson.security.Permission;
-import jenkins.security.ConfidentialStoreRule;
 import org.acegisecurity.Authentication;
-import static org.hamcrest.CoreMatchers.startsWith;
-import org.junit.Rule;
 import org.junit.Test;
 /**
@@ -18,9 +15,6 @@ import org.junit.Test;
 */
 public class TaskActionTest {
-    @Rule
-    public ConfidentialStoreRule confidentialStoreRule = new ConfidentialStoreRule();
    private static class MyTaskThread extends TaskThread {
        MyTaskThread(TaskAction taskAction) {
            super(taskAction, ListenerAndText.forMemory(taskAction));
@@ -69,6 +63,6 @@ public class TaskActionTest {
        }
        ByteArrayOutputStream os = new ByteArrayOutputStream();
        annotatedText.writeLogTo(0, os);
-        assertThat(os.toString("UTF-8"), startsWith("a linkCompleted"));
+        assertTrue(os.toString("UTF-8").startsWith("a linkCompleted"));
    }
 }
--- a/core/src/test/java/jenkins/security/ConfidentialStoreRule.java
+++ b/core/src/test/java/jenkins/security/ConfidentialStoreRule.java
@@ -14,13 +14,16 @@ public class ConfidentialStoreRule extends ExternalResource {
    @Override
    protected void before() throws Throwable {
        tmp.create();
-        ConfidentialStore.TEST = new DefaultConfidentialStore(tmp.getRoot());
+        ConfidentialStore.TEST.set(new DefaultConfidentialStore(tmp.getRoot()));
    }
    @Override
    protected void after() {
-        ConfidentialStore.TEST = null;
+        ConfidentialStore.TEST.set(null);
        tmp.delete();
    }
+    static {
+        ConfidentialStore.TEST = new ThreadLocal<ConfidentialStore>();
+    }
 }
--- a/core/src/test/java/hudson/console/AnnotatedLargeTextTest.java
+++ b/core/src/test/java/hudson/console/AnnotatedLargeTextTest.java
@@ -29,23 +29,23 @@ import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.PrintStream;
 import java.io.StringWriter;
-import jenkins.security.ConfidentialStoreRule;
 import org.apache.commons.io.Charsets;
 import static org.hamcrest.CoreMatchers.*;
 import static org.junit.Assert.*;
+import org.junit.ClassRule;
 import org.junit.Test;
-import org.junit.Rule;
 import org.jvnet.hudson.test.For;
 import org.jvnet.hudson.test.Issue;
+import org.jvnet.hudson.test.JenkinsRule;
 import org.kohsuke.stapler.framework.io.ByteBuffer;
 @For({AnnotatedLargeText.class, ConsoleNote.class, ConsoleAnnotationOutputStream.class, PlainTextConsoleOutputStream.class})
 public class AnnotatedLargeTextTest {
-    @Rule
+    @ClassRule
-    public ConfidentialStoreRule confidentialStoreRule = new ConfidentialStoreRule();
+    public static JenkinsRule r = new JenkinsRule();
-    /* TODO in trunk:
+    /* TODO in master:
    @Rule
    public LoggerRule logging = new LoggerRule().record(ConsoleAnnotationOutputStream.class, Level.FINE).capture(100);
    */