From 44c3037a4cb5714a0d212ca081cd84fa8cd25e3f Mon Sep 17 00:00:00 2001 From: Olivier Lamy Date: Wed, 18 Sep 2024 11:38:33 +1000 Subject: [PATCH] Adapt to changes from credentials regarding password length in FIPS mode https://github.com/jenkinsci/credentials-plugin/pull/558 Signed-off-by: Olivier Lamy --- pom.xml | 1 + .../hudson/plugins/emailext/MailAccount.java | 19 +++++++++++++------ .../plugins/emailext/MailAccountFIPSTest.java | 8 ++++++-- .../plugins/emailext/MailAccountTest.java | 2 +- 4 files changed, 21 insertions(+), 9 deletions(-) diff --git a/pom.xml b/pom.xml index cada5462..33ba0c8a 100644 --- a/pom.xml +++ b/pom.xml @@ -126,6 +126,7 @@ org.jenkins-ci.plugins credentials + 1378.v81ef4269d764 org.jenkins-ci.plugins diff --git a/src/main/java/hudson/plugins/emailext/MailAccount.java b/src/main/java/hudson/plugins/emailext/MailAccount.java index f8d3c240..86491f68 100644 --- a/src/main/java/hudson/plugins/emailext/MailAccount.java +++ b/src/main/java/hudson/plugins/emailext/MailAccount.java @@ -309,12 +309,19 @@ private void migrateCredentials() { if (StringUtils.isBlank(credentialsId)) { // If we couldn't find any existing credentials, // create new credentials with the principal and secret and use it. - final StandardUsernamePasswordCredentials newCredentials = new UsernamePasswordCredentialsImpl( - CredentialsScope.GLOBAL, - null, - "Migrated from email-ext username/password", - smtpUsername, - smtpPassword.getPlainText()); + final StandardUsernamePasswordCredentials newCredentials; + try { + newCredentials = new UsernamePasswordCredentialsImpl( + CredentialsScope.GLOBAL, + null, + "Migrated from email-ext username/password", + smtpUsername, + smtpPassword.getPlainText()); + } catch (Descriptor.FormException e) { + // safe to ignore as too short password should happen only in FIPS mode + // and migrating from no FIPS to FIPS is not supported, but only fresh start + throw new RuntimeException(e); + } SystemCredentialsProvider.getInstance().getCredentials().add(newCredentials); credentialsId = newCredentials.getId(); } diff --git a/src/test/java/hudson/plugins/emailext/MailAccountFIPSTest.java b/src/test/java/hudson/plugins/emailext/MailAccountFIPSTest.java index 08f68a60..092b81fe 100644 --- a/src/test/java/hudson/plugins/emailext/MailAccountFIPSTest.java +++ b/src/test/java/hudson/plugins/emailext/MailAccountFIPSTest.java @@ -68,12 +68,16 @@ public void testIsValidAuthConfigAndTLS() { } @Test - public void testFormValidationForInsecureAuth() { + public void testFormValidationForInsecureAuth() throws Exception { final String validCredentialId = "valid-id"; SystemCredentialsProvider.getInstance() .getCredentials() .add(new UsernamePasswordCredentialsImpl( - CredentialsScope.GLOBAL, validCredentialId, "description", "username", "password")); + CredentialsScope.GLOBAL, + validCredentialId, + "description", + "username", + "password-must-be-longer-for-fips")); MailAccountDescriptor mad = (MailAccountDescriptor) Jenkins.get().getDescriptor(MailAccount.class); diff --git a/src/test/java/hudson/plugins/emailext/MailAccountTest.java b/src/test/java/hudson/plugins/emailext/MailAccountTest.java index 126bfb6b..8cbfb2b4 100644 --- a/src/test/java/hudson/plugins/emailext/MailAccountTest.java +++ b/src/test/java/hudson/plugins/emailext/MailAccountTest.java @@ -118,7 +118,7 @@ public void testUpgradeDuringCredentialsGetter() { } @Test - public void testFormValidationForInsecureAuth() { + public void testFormValidationForInsecureAuth() throws Exception { final String validCredentialId = "valid-id"; SystemCredentialsProvider.getInstance() .getCredentials()