-
Improvement
-
Resolution: Fixed
-
Minor
-
None
Basically getJnlpMac() does JnlpSlaveAgentProtocol.SLAVE_SECRET.mac(getName()), and EncryptedSlaveAgentJnlpFile.generateResponse does: JnlpSlaveAgentProtocol.SLAVE_SECRET.mac(slaveName.getBytes("UTF-8"))
I'd like to be able to override getJnlpMac and have the key used consistently.
- is related to
-
JENKINS-40413 Create JNLPMacProvider interface and have AccessControlled inherit from it
-
- Open
-
[JENKINS-40286] EncryptedSlaveAgentJnlpFile should use SlaveComputer.getJnlpMac() instead of reimplementing it
Summary | Original: EncryptedSlaveAgentJnlpFile should use SlaveComputer.getJnlpMac() instead of implementing it | New: EncryptedSlaveAgentJnlpFile should use SlaveComputer.getJnlpMac() instead of reimplementing it |
Issue Type | Original: Bug [ 1 ] | New: Improvement [ 4 ] |
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
Link | New: This issue is related to JENKINS-40413 [ JENKINS-40413 ] |
Specifically i think EncryptedSlaveAgentJnlpFile should change it from being an AccessControlled to being a SlaveComputer and the line with JnlpSlaveAgentProtocol.SLAVE_SECRET.mac(slaveName.getBytes("UTF-8")) should become byte[] jnlpMac = Util.fromHexString(it.getJnlpMac())
Thus making the SlaveComputer the one-and-only authority on the secret.