Merge branch 'stable-2.13'
* stable-2.13: Gerrit command line utility to set/update secure.config Fix naming and message prompt for entering passwords Don't truncate long lines in diff screens Change-Id: I2210d94e0bc7374eff26614145e3a76b526177f5
This commit is contained in:
commit
3e9fb7fe82
@ -33,6 +33,9 @@ link:pgm-rulec.html[rulec]::
|
|||||||
version::
|
version::
|
||||||
Display the release version of Gerrit Code Review.
|
Display the release version of Gerrit Code Review.
|
||||||
|
|
||||||
|
link:pgm-passwd.html[passwd]::
|
||||||
|
Set or reset password in secure.config.
|
||||||
|
|
||||||
=== Transition Utilities
|
=== Transition Utilities
|
||||||
|
|
||||||
link:pgm-LocalUsernamesToLowerCase.html[LocalUsernamesToLowerCase]::
|
link:pgm-LocalUsernamesToLowerCase.html[LocalUsernamesToLowerCase]::
|
||||||
|
49
Documentation/pgm-passwd.txt
Normal file
49
Documentation/pgm-passwd.txt
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
= passwd
|
||||||
|
|
||||||
|
== NAME
|
||||||
|
passwd - Set or reset password in secure.config.
|
||||||
|
|
||||||
|
== SYNOPSIS
|
||||||
|
[verse]
|
||||||
|
--
|
||||||
|
_java_ -jar gerrit.war _passwd_
|
||||||
|
-d <SITE_PATH>
|
||||||
|
<SECTION.KEY>
|
||||||
|
[PASSWORD]
|
||||||
|
|
||||||
|
--
|
||||||
|
|
||||||
|
== DESCRIPTION
|
||||||
|
Set or reset password in an existing Gerrit server installation,
|
||||||
|
interactively prompting for a new password or using the one
|
||||||
|
provided in the command line argument.
|
||||||
|
|
||||||
|
== OPTIONS
|
||||||
|
|
||||||
|
-d::
|
||||||
|
--site-path::
|
||||||
|
Location of the `gerrit.config` file, and all other per-site
|
||||||
|
configuration data, supporting libraries and log files.
|
||||||
|
|
||||||
|
== ARGUMENTS
|
||||||
|
|
||||||
|
SECTION.KEY::
|
||||||
|
Section and key in the `secure.config` file for setting or editing the
|
||||||
|
password value.
|
||||||
|
|
||||||
|
PASSWORD::
|
||||||
|
New password to set in `secure.config` associated to the section and key.
|
||||||
|
When specified as argument, automatically implies batch mode and the command
|
||||||
|
would not ask anything interactively.
|
||||||
|
|
||||||
|
== CONTEXT
|
||||||
|
|
||||||
|
This utility is typically useful when a secure store is configured
|
||||||
|
to encrypt password values and thus editing the file manually is not an option.
|
||||||
|
|
||||||
|
GERRIT
|
||||||
|
------
|
||||||
|
Part of link:index.html[Gerrit Code Review]
|
||||||
|
|
||||||
|
SEARCHBOX
|
||||||
|
---------
|
@ -37,7 +37,7 @@ limitations under the License.
|
|||||||
}
|
}
|
||||||
|
|
||||||
.difftable .CodeMirror pre {
|
.difftable .CodeMirror pre {
|
||||||
overflow: hidden;
|
overflow: visible;
|
||||||
border-right: 0;
|
border-right: 0;
|
||||||
width: auto;
|
width: auto;
|
||||||
}
|
}
|
||||||
|
@ -36,7 +36,7 @@ limitations under the License.
|
|||||||
}
|
}
|
||||||
|
|
||||||
.difftable .CodeMirror pre {
|
.difftable .CodeMirror pre {
|
||||||
overflow: hidden;
|
overflow: visible;
|
||||||
border-right: 0;
|
border-right: 0;
|
||||||
width: auto;
|
width: auto;
|
||||||
}
|
}
|
||||||
|
@ -82,6 +82,8 @@ public final class GerritLauncher {
|
|||||||
System.err.println(" daemon Run the Gerrit network daemons");
|
System.err.println(" daemon Run the Gerrit network daemons");
|
||||||
System.err.println(" gsql Run the interactive query console");
|
System.err.println(" gsql Run the interactive query console");
|
||||||
System.err.println(" version Display the build version number");
|
System.err.println(" version Display the build version number");
|
||||||
|
System.err.println(" passwd Set or change password in secure.config");
|
||||||
|
|
||||||
System.err.println();
|
System.err.println();
|
||||||
System.err.println(" ls List files available for cat");
|
System.err.println(" ls List files available for cat");
|
||||||
System.err.println(" cat FILE Display a file from the archive");
|
System.err.println(" cat FILE Display a file from the archive");
|
||||||
|
89
gerrit-pgm/src/main/java/com/google/gerrit/pgm/Passwd.java
Normal file
89
gerrit-pgm/src/main/java/com/google/gerrit/pgm/Passwd.java
Normal file
@ -0,0 +1,89 @@
|
|||||||
|
// Copyright (C) 2017 The Android Open Source Project
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
|
||||||
|
package com.google.gerrit.pgm;
|
||||||
|
|
||||||
|
import com.google.gerrit.extensions.config.FactoryModule;
|
||||||
|
import com.google.gerrit.pgm.init.api.ConsoleUI;
|
||||||
|
import com.google.gerrit.pgm.init.api.InstallAllPlugins;
|
||||||
|
import com.google.gerrit.pgm.init.api.InstallPlugins;
|
||||||
|
import com.google.gerrit.pgm.init.api.Section;
|
||||||
|
import com.google.gerrit.pgm.util.SiteProgram;
|
||||||
|
import com.google.gerrit.server.config.GerritServerConfigModule;
|
||||||
|
import com.google.gerrit.server.config.SitePath;
|
||||||
|
import com.google.gerrit.server.securestore.SecureStoreClassName;
|
||||||
|
import com.google.inject.Guice;
|
||||||
|
import com.google.inject.Injector;
|
||||||
|
import com.google.inject.Module;
|
||||||
|
import com.google.inject.TypeLiteral;
|
||||||
|
import com.google.inject.util.Providers;
|
||||||
|
|
||||||
|
import org.kohsuke.args4j.Argument;
|
||||||
|
|
||||||
|
import java.nio.file.Path;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
public class Passwd extends SiteProgram {
|
||||||
|
private String section;
|
||||||
|
private String key;
|
||||||
|
|
||||||
|
@Argument(metaVar = "SECTION.KEY", index = 0, required = true,
|
||||||
|
usage = "Section and key separated by a dot of the password to set")
|
||||||
|
private String sectionAndKey;
|
||||||
|
|
||||||
|
@Argument(metaVar = "PASSWORD", index = 1, required = false,
|
||||||
|
usage = "Password to set")
|
||||||
|
private String password;
|
||||||
|
|
||||||
|
private void init() {
|
||||||
|
String[] varParts = sectionAndKey.split("\\.");
|
||||||
|
if (varParts.length != 2) {
|
||||||
|
throw new IllegalArgumentException("Invalid name '" + sectionAndKey
|
||||||
|
+ "': expected section.key format");
|
||||||
|
}
|
||||||
|
section = varParts[0];
|
||||||
|
key = varParts[1];
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int run() throws Exception {
|
||||||
|
init();
|
||||||
|
SetPasswd setPasswd = getSysInjector().getInstance(SetPasswd.class);
|
||||||
|
setPasswd.run(section, key, password);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
private Injector getSysInjector() {
|
||||||
|
List<Module> modules = new ArrayList<>();
|
||||||
|
modules.add(new FactoryModule() {
|
||||||
|
@Override
|
||||||
|
protected void configure() {
|
||||||
|
bind(Path.class).annotatedWith(SitePath.class)
|
||||||
|
.toInstance(getSitePath());
|
||||||
|
bind(ConsoleUI.class).toInstance(
|
||||||
|
ConsoleUI.getInstance(password != null));
|
||||||
|
factory(Section.Factory.class);
|
||||||
|
bind(Boolean.class).annotatedWith(InstallAllPlugins.class).toInstance(
|
||||||
|
Boolean.FALSE);
|
||||||
|
bind(new TypeLiteral<List<String>>() {}).annotatedWith(
|
||||||
|
InstallPlugins.class).toInstance(new ArrayList<String>());
|
||||||
|
bind(String.class).annotatedWith(SecureStoreClassName.class)
|
||||||
|
.toProvider(Providers.of(getConfiguredSecureStoreClass()));
|
||||||
|
}
|
||||||
|
});
|
||||||
|
modules.add(new GerritServerConfigModule());
|
||||||
|
return Guice.createInjector(modules);
|
||||||
|
}
|
||||||
|
}
|
@ -0,0 +1,43 @@
|
|||||||
|
// Copyright (C) 2017 The Android Open Source Project
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
|
||||||
|
package com.google.gerrit.pgm;
|
||||||
|
|
||||||
|
import com.google.gerrit.pgm.init.api.ConsoleUI;
|
||||||
|
import com.google.gerrit.pgm.init.api.Section;
|
||||||
|
import com.google.gerrit.pgm.init.api.Section.Factory;
|
||||||
|
import com.google.inject.Inject;
|
||||||
|
|
||||||
|
public class SetPasswd {
|
||||||
|
|
||||||
|
private ConsoleUI ui;
|
||||||
|
private Factory sections;
|
||||||
|
|
||||||
|
@Inject
|
||||||
|
public SetPasswd(ConsoleUI ui, Section.Factory sections) {
|
||||||
|
this.ui = ui;
|
||||||
|
this.sections = sections;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void run(String section, String key, String password) throws Exception {
|
||||||
|
Section passwordSection = sections.get(section, null);
|
||||||
|
|
||||||
|
if (ui.isBatch()) {
|
||||||
|
passwordSection.setSecure(key, password);
|
||||||
|
} else {
|
||||||
|
ui.header("Set password for [%s]", section);
|
||||||
|
passwordSection.passwordForKey("Enter password", key);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -171,20 +171,20 @@ public class Section {
|
|||||||
return nv;
|
return nv;
|
||||||
}
|
}
|
||||||
|
|
||||||
public String passwordForKey(String key, String password) {
|
public String passwordForKey(String prompt, String passwordKey) {
|
||||||
String ov = getSecure(password);
|
String ov = getSecure(passwordKey);
|
||||||
if (ov != null) {
|
if (ov != null) {
|
||||||
// If the password is already stored, try to reuse it
|
// If the password is already stored, try to reuse it
|
||||||
// rather than prompting for a whole new one.
|
// rather than prompting for a whole new one.
|
||||||
//
|
//
|
||||||
if (ui.isBatch() || !ui.yesno(false, "Change %s", key)) {
|
if (ui.isBatch() || !ui.yesno(false, "Change %s", passwordKey)) {
|
||||||
return ov;
|
return ov;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
final String nv = ui.password("%s", key);
|
final String nv = ui.password("%s", prompt);
|
||||||
if (!eq(ov, nv)) {
|
if (!eq(ov, nv)) {
|
||||||
setSecure(password, nv);
|
setSecure(passwordKey, nv);
|
||||||
}
|
}
|
||||||
return nv;
|
return nv;
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user