remove hard-coded ssh public key from check-static

cgroschupp · cgroschupp · commit 79fa8ce280bd · 2020-07-24T16:04:18.000+02:00
diff --git a/src/main/java/hudson/plugins/ec2/SlaveTemplate.java b/src/main/java/hudson/plugins/ec2/SlaveTemplate.java
@@ -238,6 +238,8 @@ public class SlaveTemplate implements Describable<SlaveTemplate> {
     
     public HostKeyVerificationStrategyEnum hostKeyVerificationStrategy;
 
+    public final String staticHostKeys;
+
     public final boolean associatePublicIp;
 
     protected transient EC2Cloud parent;
@@ -292,7 +294,7 @@ public SlaveTemplate(String ami, String zone, SpotConfiguration spotConfig, Stri
                          boolean useEphemeralDevices, boolean useDedicatedTenancy, String launchTimeoutStr, boolean associatePublicIp,
                          String customDeviceMapping, boolean connectBySSHProcess, boolean monitoring,
                          boolean t2Unlimited, ConnectionStrategy connectionStrategy, int maxTotalUses,
-                         List<? extends NodeProperty<?>> nodeProperties, HostKeyVerificationStrategyEnum hostKeyVerificationStrategy) {
+                         List<? extends NodeProperty<?>> nodeProperties, HostKeyVerificationStrategyEnum hostKeyVerificationStrategy, String staticHostKeys) {
         if(StringUtils.isNotBlank(remoteAdmin) || StringUtils.isNotBlank(jvmopts) || StringUtils.isNotBlank(tmpDir)){
             LOGGER.log(Level.FINE, "As remoteAdmin, jvmopts or tmpDir is not blank, we must ensure the user has ADMINISTER rights.");
             // Can be null during tests
@@ -355,7 +357,8 @@ public SlaveTemplate(String ami, String zone, SpotConfiguration spotConfig, Stri
         this.customDeviceMapping = customDeviceMapping;
         this.t2Unlimited = t2Unlimited;
 
-        this.hostKeyVerificationStrategy = hostKeyVerificationStrategy != null ? hostKeyVerificationStrategy : HostKeyVerificationStrategyEnum.CHECK_NEW_SOFT; 
+        this.hostKeyVerificationStrategy = hostKeyVerificationStrategy != null ? hostKeyVerificationStrategy : HostKeyVerificationStrategyEnum.CHECK_NEW_SOFT;
+        this.staticHostKeys = staticHostKeys;
         
         readResolve(); // initialize
     }
@@ -378,7 +381,7 @@ public SlaveTemplate(String ami, String zone, SpotConfiguration spotConfig, Stri
                 useEphemeralDevices, useDedicatedTenancy, launchTimeoutStr, associatePublicIp,
                 customDeviceMapping, connectBySSHProcess, monitoring,
                 t2Unlimited, connectionStrategy, maxTotalUses,
-                nodeProperties, null);
+                nodeProperties, null, "");
     }
 
     @Deprecated
@@ -738,7 +741,11 @@ public void setHostKeyVerificationStrategy(HostKeyVerificationStrategyEnum hostK
     public HostKeyVerificationStrategyEnum getHostKeyVerificationStrategy() {
         return hostKeyVerificationStrategy != null ? hostKeyVerificationStrategy : HostKeyVerificationStrategyEnum.CHECK_NEW_SOFT;
     }
-    
+
+    public String getStaticHostKeys() {
+        return staticHostKeys;
+    }
+
     @Override
     public String toString() {
         return "SlaveTemplate{" +
diff --git a/src/main/java/hudson/plugins/ec2/ssh/verifiers/CheckStaticStrategy.java b/src/main/java/hudson/plugins/ec2/ssh/verifiers/CheckStaticStrategy.java
@@ -27,9 +27,12 @@
 import hudson.plugins.ec2.EC2Cloud;
 import hudson.plugins.ec2.EC2Computer;
 import hudson.slaves.OfflineCause;
+
+import java.util.ArrayList;
 import java.util.Base64;
 
 import java.io.IOException;
+import java.util.Scanner;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -47,21 +50,44 @@
 public class CheckStaticStrategy extends SshHostKeyVerificationStrategy {
     private static final Logger LOGGER = Logger.getLogger(CheckStaticStrategy.class.getName());
 
+    private ArrayList<HostKey> getStaticHostKeys(EC2Computer computer) {
+        ArrayList<HostKey> hostKeys = new ArrayList<>();
+
+        Scanner scanner = new Scanner(computer.getSlaveTemplate().getStaticHostKeys());
+        while (scanner.hasNextLine()) {
+            String hostKeyString = scanner.nextLine();
+            String[] hostKeyParts = hostKeyString.split(" ");
+            if (hostKeyParts.length != 2) {
+                EC2Cloud.log(LOGGER, Level.WARNING, computer.getListener(), "invalid static SSH key");
+                continue;
+            }
+            HostKey hostKey = new HostKey(hostKeyParts[0], Base64.getDecoder().decode(hostKeyParts[1]));
+            hostKeys.add(hostKey);
+        }
+        scanner.close();
+        return hostKeys;
+    }
+
     @Override
     public boolean verify(EC2Computer computer, HostKey hostKey, TaskListener listener) throws IOException {
         HostKey existingHostKey = HostKeyHelper.getInstance().getHostKey(computer);
-        if (null == existingHostKey) {
-            byte[] key = Base64.getDecoder().decode("AAAAC3NzaC1lZDI1NTE5AAAAIFGNRfg0pVrEdViJgKEdRKqFRG6kS/jOnFQC+wa5cp0v");
-            HostKey staticHostKey = new HostKey("ssh-ed25519", key);
+        ArrayList<HostKey> staticHostKeys = getStaticHostKeys(computer);
 
-            if (hostKey.equals(staticHostKey)) {
-                HostKeyHelper.getInstance().saveHostKey(computer, hostKey);
-                EC2Cloud.log(LOGGER, Level.INFO, computer.getListener(), String.format("The SSH key %s %s has been successfully checked against the instance console for connections to %s", hostKey.getAlgorithm(), hostKey.getFingerprint(), computer.getName()));
-                return true;
-            }
+        if (staticHostKeys.size() < 1) {
+            EC2Cloud.log(LOGGER, Level.WARNING, computer.getListener(), "No static SSH keys found");
+            // To avoid reconnecting continuously
+            computer.setTemporarilyOffline(true, OfflineCause.create(Messages._OfflineCause_SSHKeyCheckFailed()));
+            return false;
+        }
 
-            EC2Cloud.log(LOGGER, Level.WARNING, computer.getListener(), String.format("The SSH key (%s %s) presented by the instance is different from the one printed out on the instance console (%s %s). The connection to %s is closed to prevent a possible man-in-the-middle attack",
-                    hostKey.getAlgorithm(), hostKey.getFingerprint(), staticHostKey.getAlgorithm(), staticHostKey.getFingerprint(), computer.getName()));
+        if (null == existingHostKey) {
+            for (HostKey staticHostKey : staticHostKeys) {
+                if (hostKey.equals(staticHostKey)) {
+                    HostKeyHelper.getInstance().saveHostKey(computer, hostKey);
+                    EC2Cloud.log(LOGGER, Level.INFO, computer.getListener(), String.format("The SSH key %s %s has been successfully checked against the instance console for connections to %s", hostKey.getAlgorithm(), hostKey.getFingerprint(), computer.getName()));
+                    return true;
+                }
+            }
             // To avoid reconnecting continuously
             computer.setTemporarilyOffline(true, OfflineCause.create(Messages._OfflineCause_SSHKeyCheckFailed()));
             return false;
diff --git a/src/main/resources/hudson/plugins/ec2/SlaveTemplate/config.jelly b/src/main/resources/hudson/plugins/ec2/SlaveTemplate/config.jelly
@@ -199,6 +199,10 @@ THE SOFTWARE.
       <f:entry title="${%Host Key Verification Strategy}" field="hostKeyVerificationStrategy">
           <f:select default="${descriptor.defaultHostKeyVerificationStrategy}"/>
       </f:entry>
+
+    <f:entry title="${%Static Host Keys}" field="staticHostKeys">
+        <f:textbox />
+    </f:entry>
       
     <f:entry title="${%Maximum Total Uses}" field="maxTotalUses">
       <f:textbox default="-1"/>
diff --git a/src/test/java/hudson/plugins/ec2/SlaveTemplateTest.java b/src/test/java/hudson/plugins/ec2/SlaveTemplateTest.java
@@ -167,7 +167,7 @@ public void testConfigRoundtripWithCustomSSHHostKeyVerificationStrategy() throws
         // We check this one is set
         final HostKeyVerificationStrategyEnum STRATEGY_TO_CHECK = HostKeyVerificationStrategyEnum.OFF;
         
-        SlaveTemplate orig = new SlaveTemplate(ami, EC2AbstractSlave.TEST_ZONE, null, "default", "foo", InstanceType.M1Large, false, "ttt", Node.Mode.NORMAL, description, "bar", "bbb", "aaa", "10", "fff", null, "-Xmx1g", false, "subnet 456", tags, null, 0, 0, null, "", true, false, false, "", false, "", false, false, false, ConnectionStrategy.PUBLIC_IP, -1, null, STRATEGY_TO_CHECK);
+        SlaveTemplate orig = new SlaveTemplate(ami, EC2AbstractSlave.TEST_ZONE, null, "default", "foo", InstanceType.M1Large, false, "ttt", Node.Mode.NORMAL, description, "bar", "bbb", "aaa", "10", "fff", null, "-Xmx1g", false, "subnet 456", tags, null, 0, 0, null, "", true, false, false, "", false, "", false, false, false, ConnectionStrategy.PUBLIC_IP, -1, null, STRATEGY_TO_CHECK, "");
 
         List<SlaveTemplate> templates = new ArrayList<SlaveTemplate>();
         templates.add(orig);
