Skip to content

Commit

Permalink
Unify two entrypoints
Browse files Browse the repository at this point in the history
  • Loading branch information
basil committed Oct 13, 2023
1 parent 3b293d5 commit bcf78a8
Show file tree
Hide file tree
Showing 6 changed files with 368 additions and 590 deletions.
4 changes: 2 additions & 2 deletions docs/inbound-agent.md
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ This mechanism requires a download of the `agent.jar`, as described for "Downloa

Once all the prerequisite files and data have been obtained, the agent can be launched with a command like this
```
java -cp agent.jar hudson.remoting.jnlp.Main \
java -jar agent.jar \
-workDir <work directory> \
-direct <HOST:PORT> \
-protocols JNLP4-connect \
Expand All @@ -102,7 +102,7 @@ Additional descriptions of configuring this mechanism are located at [Installing

There are a number of different launch parameters that control how the agent connects and behaves.
The parameters available and the default behavior may vary depending upon the entry point.
You can obtain usage information by executing `java -cp agent.jar hudson.remoting.jnlp.Main` or `java -jar agent.jar --help`.
You can obtain usage information by executing `java -jar agent.jar --help`.
Not all parameters work together and some parameters require the use of others.

There are also system or environment variables that control some advanced behaviors documented at [Remoting Configuration](https://github.com/jenkinsci/remoting/blob/master/docs/configuration.md).
Expand Down
14 changes: 9 additions & 5 deletions src/main/java/hudson/remoting/Engine.java
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,8 @@
import org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException;
import org.jenkinsci.remoting.util.KeyUtils;
import org.jenkinsci.remoting.util.VersionNumber;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;

/**
* Agent engine that proactively connects to Jenkins controller.
Expand Down Expand Up @@ -169,7 +171,7 @@ public Thread newThread(@NonNull final Runnable r) {
private String proxyCredentials = System.getProperty("proxyCredentials");

/**
* See {@link hudson.remoting.jnlp.Main#tunnel} for the documentation.
* See {@link Launcher#tunnel} for the documentation.
*/
@CheckForNull
private String tunnel;
Expand Down Expand Up @@ -885,7 +887,7 @@ private JnlpEndpointResolver createEndpointResolver(List<String> jenkinsUrls) {
if (directConnection == null) {
SSLSocketFactory sslSocketFactory = null;
try {
sslSocketFactory = getSSLSocketFactory();
sslSocketFactory = getSSLSocketFactory(candidateCertificates);
} catch (Exception e) {
events.error(e);
}
Expand Down Expand Up @@ -1034,16 +1036,18 @@ private static FileInputStream getFileInputStream(final File file) throws Privil
});
}

private SSLSocketFactory getSSLSocketFactory()
@CheckForNull
@Restricted(NoExternalUse.class)
static SSLSocketFactory getSSLSocketFactory(List<X509Certificate> x509Certificates)
throws PrivilegedActionException, KeyStoreException, NoSuchProviderException, CertificateException,
NoSuchAlgorithmException, IOException, KeyManagementException {
SSLSocketFactory sslSocketFactory = null;
if (candidateCertificates != null && !candidateCertificates.isEmpty()) {
if (x509Certificates != null && !x509Certificates.isEmpty()) {
KeyStore keyStore = getCacertsKeyStore();
// load the keystore
keyStore.load(null, null);
int i = 0;
for (X509Certificate c : candidateCertificates) {
for (X509Certificate c : x509Certificates) {
keyStore.setCertificateEntry(String.format("alias-%d", i++), c);
}
// prepare the trust manager
Expand Down
Loading

0 comments on commit bcf78a8

Please sign in to comment.