Affects Version: 6.0.0
Rule Set:
<?xml version="1.0"?>
<ruleset name="MINA SSHD PMD ruleset"
xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 http://pmd.sourceforge.net/ruleset_2_0_0.xsd">
<description>
This ruleset defines the PMD rules for MINA SSHD project
</description>
<!-- See https://pmd.github.io/pmd-5.6.1/pmd-java/rules/index.html -->
<rule ref="rulesets/java/basic.xml/AvoidMultipleUnaryOperators" />
<rule ref="rulesets/java/basic.xml/AvoidUsingOctalValues" />
<rule ref="rulesets/java/basic.xml/BooleanInstantiation" />
<rule ref="rulesets/java/basic.xml/BrokenNullCheck" />
<rule ref="rulesets/java/basic.xml/ExtendsObject" />
<rule ref="rulesets/java/basic.xml/MisplacedNullCheck" />
<rule ref="rulesets/java/basic.xml/OverrideBothEqualsAndHashcode" />
<rule ref="rulesets/java/basic.xml/ReturnFromFinallyBlock" />
<rule ref="rulesets/java/basic.xml/UnconditionalIfStatement" />
<rule ref="rulesets/java/braces.xml" />
<rule ref="rulesets/java/clone.xml/ProperCloneImplementation" />
<rule ref="rulesets/java/clone.xml/CloneMethodMustImplementCloneable" />
<rule ref="rulesets/java/controversial.xml/AssignmentInOperand" />
<rule ref="rulesets/java/controversial.xml/AtLeastOneConstructor" />
<rule ref="rulesets/java/design.xml/UseNotifyAllInsteadOfNotify" />
<rule ref="rulesets/java/empty.xml">
<exclude name="EmptyCatchBlock" /> <!-- Enforced by checkstyle -->
</rule>
<rule ref="rulesets/java/finalizers.xml" />
<rule ref="rulesets/java/javabeans.xml/MissingSerialVersionUID" />
<rule ref="rulesets/java/logging-java.xml/AvoidPrintStackTrace" />
</ruleset>
Description:
Upgraded from 5.6.1 to 6.0.0 and tried to verify the code
Code Sample demonstrating the issue:
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.sshd.client.auth;
import java.security.KeyPair;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.apache.sshd.client.auth.password.PasswordIdentityProvider;
import org.apache.sshd.common.config.keys.KeyUtils;
import org.apache.sshd.common.keyprovider.KeyIdentityProvider;
import org.apache.sshd.common.util.GenericUtils;
/**
* @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
*/
public interface AuthenticationIdentitiesProvider extends KeyIdentityProvider, PasswordIdentityProvider {
/**
* Compares 2 password identities - returns zero ONLY if <U>both</U> compared
* objects are {@link String}s and equal to each other
*/
Comparator<Object> PASSWORD_IDENTITY_COMPARATOR = (o1, o2) -> {
if (!(o1 instanceof String) || !(o2 instanceof String)) {
return -1;
} else {
return ((String) o1).compareTo((String) o2);
}
};
/**
* Compares 2 {@link KeyPair} identities - returns zero ONLY if <U>both</U> compared
* objects are {@link KeyPair}s and equal to each other
*/
Comparator<Object> KEYPAIR_IDENTITY_COMPARATOR = (o1, o2) -> {
if ((!(o1 instanceof KeyPair)) || (!(o2 instanceof KeyPair))) {
return -1;
} else if (KeyUtils.compareKeyPairs((KeyPair) o1, (KeyPair) o2)) {
return 0;
} else {
return 1;
}
};
/**
* @return All the currently available identities - passwords, keys, etc...
*/
Iterable<?> loadIdentities();
static int findIdentityIndex(List<?> identities, Comparator<? super Object> comp, Object target) {
for (int index = 0; index < identities.size(); index++) {
Object value = identities.get(index);
if (comp.compare(value, target) == 0) {
return index;
}
}
return -1;
}
/**
* @param identities The {@link Iterable} identities - OK if {@code null}/empty
* @return An {@link AuthenticationIdentitiesProvider} wrapping the identities
*/
static AuthenticationIdentitiesProvider wrap(Iterable<?> identities) {
return new AuthenticationIdentitiesProvider() {
@Override
public Iterable<KeyPair> loadKeys() {
return selectIdentities(KeyPair.class);
}
@Override
public Iterable<String> loadPasswords() {
return selectIdentities(String.class);
}
@Override
public Iterable<?> loadIdentities() {
return selectIdentities(Object.class);
}
// NOTE: returns a NEW Collection on every call so that the original
// identities remain unchanged
private <T> Collection<T> selectIdentities(Class<T> type) {
Collection<T> matches = null;
for (Iterator<?> iter = GenericUtils.iteratorOf(identities); iter.hasNext();) {
Object o = iter.next();
Class<?> t = o.getClass();
if (!type.isAssignableFrom(t)) {
continue;
}
if (matches == null) {
matches = new LinkedList<>();
}
matches.add(type.cast(o));
}
return (matches == null) ? Collections.<T>emptyList() : matches;
}
};
}
}
Also
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.sshd.client.config.keys;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import org.apache.sshd.common.config.keys.FilePasswordProvider;
import org.apache.sshd.common.util.ValidateUtils;
import org.apache.sshd.common.util.io.IoUtils;
import org.apache.sshd.common.util.security.SecurityUtils;
/**
* @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
*/
public interface ClientIdentityLoader {
/**
* <P>A default implementation that assumes a file location that <U>must</U> exist.</P>
*
* <P>
* <B>Note:</B> It calls {@link SecurityUtils#loadKeyPairIdentity(String, InputStream, FilePasswordProvider)}
* </P>
*/
ClientIdentityLoader DEFAULT = new ClientIdentityLoader() {
@Override
public boolean isValidLocation(String location) throws IOException {
Path path = toPath(location);
return Files.exists(path, IoUtils.EMPTY_LINK_OPTIONS);
}
@Override
public KeyPair loadClientIdentity(String location, FilePasswordProvider provider) throws IOException, GeneralSecurityException {
Path path = toPath(location);
try (InputStream inputStream = Files.newInputStream(path, IoUtils.EMPTY_OPEN_OPTIONS)) {
return SecurityUtils.loadKeyPairIdentity(path.toString(), inputStream, provider);
}
}
@Override
public String toString() {
return "DEFAULT";
}
private Path toPath(String location) {
Path path = Paths.get(ValidateUtils.checkNotNullAndNotEmpty(location, "No location"));
path = path.toAbsolutePath();
path = path.normalize();
return path;
}
};
/**
* @param location The identity key-pair location - the actual meaning (file, URL, etc.)
* depends on the implementation.
* @return {@code true} if it represents a valid location - the actual meaning of
* the validity depends on the implementation
* @throws IOException If failed to validate the location
*/
boolean isValidLocation(String location) throws IOException;
/**
* @param location The identity key-pair location - the actual meaning (file, URL, etc.)
* depends on the implementation.
* @param provider The {@link FilePasswordProvider} to consult if the location contains
* an encrypted identity
* @return The loaded {@link KeyPair} - {@code null} if location is empty
* and it is OK that it does not exist
* @throws IOException If failed to access / process the remote location
* @throws GeneralSecurityException If failed to convert the contents into
* a valid identity
*/
KeyPair loadClientIdentity(String location, FilePasswordProvider provider) throws IOException, GeneralSecurityException;
}
Running PMD through: [Maven]
Apache Maven 3.5.2 (138edd61fd100ec658bfa2d307c43b76940a5d7d; 2017-10-18T10:58:13+03:00)
Maven home: /home/lyor/Software/apache-maven-3.5.2
Java version: 1.8.0_151, vendor: Oracle Corporation
Java home: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.151-1.b12.fc25.x86_64/jre
Default locale: en_US, platform encoding: UTF-8
OS name: "linux", version: "4.13.16-100.fc25.x86_64", arch: "amd64", family: "unix"
[INFO] >>> maven-pmd-plugin:3.8:check (pmd-checker) > :pmd @ sshd-core >>>
[INFO]
[INFO] --- maven-pmd-plugin:3.8:pmd (pmd) @ sshd-core ---
Dec 20, 2017 12:48:24 PM net.sourceforge.pmd.cache.NoopAnalysisCache <init>
WARNING: This analysis could be faster, please consider using Incremental Analysis: https://pmd.github.io/pmd/pmd_userdocs_getting_started.html#incremental-analysis
Dec 20, 2017 12:48:24 PM net.sourceforge.pmd.RuleSetFactory parseRuleSetReferenceNode
WARNING: The RuleSet rulesets/java/braces.xml has been deprecated.
Dec 20, 2017 12:48:25 PM net.sourceforge.pmd.RuleSetFactory parseRuleSetReferenceNode
WARNING: The RuleSet rulesets/java/empty.xml has been deprecated.
Dec 20, 2017 12:48:25 PM net.sourceforge.pmd.RuleSetFactory parseRuleSetReferenceNode
WARNING: The RuleSet rulesets/java/finalizers.xml has been deprecated.
[ERROR] PMD processing errors:
[ERROR] /home/lyor/workspace/mina-sshd/sshd-core/src/main/java/org/apache/sshd/client/auth/AuthenticationIdentitiesProvider.java: Error while parsing /home/lyor/workspace/mina-sshd/sshd-core/src/main/java/org/apache/sshd/client/auth/AuthenticationIdentitiesProvider.java
/home/lyor/workspace/mina-sshd/sshd-core/src/main/java/org/apache/sshd/client/config/keys/ClientIdentityLoader.java: Error while parsing /home/lyor/workspace/mina-sshd/sshd-core/src/main/java/org/apache/sshd/client/config/keys/ClientIdentityLoader.java
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4