Issue #7063 - Adding testcase for Password command line

Signed-off-by: Joakim Erdfelt <[email protected]>
jetty · Dec 8, 2021 · fedd66e · fedd66e
1 parent f474571
commit fedd66e
Show file tree

Hide file tree

Showing 3 changed files with 64 additions and 2 deletions.
diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/security/Credential.java b/jetty-util/src/main/java/org/eclipse/jetty/util/security/Credential.java
@@ -187,7 +187,14 @@ public static class MD5 extends Credential
         MD5(String digest)
         {
             digest = digest.startsWith(__TYPE) ? digest.substring(__TYPE.length()) : digest;
-            _digest = TypeUtil.parseBytes(digest, 16);
+            // intentionally not using TypeUtil.parseBytes as using TypeUtil introduces
+            // a logging requirement that is not supported by Command Line Password util
+            byte[] digestBytes = new byte[digest.length() / 2];
+            for (int i = 0; i < digest.length(); i += 2)
+            {
+                digestBytes[i / 2] = (byte)TypeUtil.parseInt(digest, i, 2, 16);
+            }
+            _digest = digestBytes;
         }
 
         public byte[] getDigest()
@@ -274,7 +281,18 @@ public static String digest(String password)
                     digest = __md.digest();
                 }
 
-                return __TYPE + TypeUtil.toString(digest, 16);
+                // Intentionally not using TypeUtil.toString() here as TypeUtil
+                // introduces a Logging requirement that is not compatible
+                // with Password command line.
+                final char[] HEX = "0123456789ABCDEF".toCharArray();
+                int len = digest.length;
+                char[] out = new char[len * 2];
+                for (int i = 0; i < len; i++)
+                {
+                    out[i * 2] = HEX[(digest[i] & 0xF0) >> 4];
+                    out[(i * 2) + 1] = HEX[(digest[i] & 0x0F)];
+                }
+                return __TYPE + String.valueOf(out);
             }
             catch (Exception e)
             {

diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/security/Password.java b/jetty-util/src/main/java/org/eclipse/jetty/util/security/Password.java
@@ -245,5 +245,6 @@ public static void main(String[] arg)
         System.err.println(Credential.MD5.digest(p));
         if (arg.length == 2)
             System.err.println(Credential.Crypt.crypt(arg[0], pw.toString()));
+        System.exit(0);
     }
 }
diff --git a/jetty-util/src/test/java/org/eclipse/jetty/util/security/PasswordTest.java b/jetty-util/src/test/java/org/eclipse/jetty/util/security/PasswordTest.java
@@ -13,9 +13,21 @@
 
 package org.eclipse.jetty.util.security;
 
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
+
+import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
 import org.junit.jupiter.api.Test;
 
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.not;
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.fail;
 
 public class PasswordTest
 {
@@ -44,4 +56,35 @@ public void testObfuscateUnicode()
         String obfuscate = Password.obfuscate(password);
         assertEquals(password, Password.deobfuscate(obfuscate));
     }
+
+    @Test
+    public void testCommandLineUsage() throws IOException, InterruptedException
+    {
+        ProcessBuilder passwordBuilder = new ProcessBuilder()
+            .directory(MavenTestingUtils.getTargetDir())
+            .command("java",
+                "-cp", MavenTestingUtils.getTargetPath("classes").toString(),
+                Password.class.getName(),
+                "user", "password")
+            .redirectErrorStream(true);
+
+        Process passwordProcess = passwordBuilder.start();
+        try (InputStreamReader inputStreamReader = new InputStreamReader(passwordProcess.getInputStream());
+             BufferedReader reader = new BufferedReader(inputStreamReader))
+        {
+            String output = reader.lines().collect(Collectors.joining(System.lineSeparator()));
+            if (passwordProcess.waitFor(5, TimeUnit.SECONDS))
+            {
+                int exitCode = passwordProcess.exitValue();
+                assertThat("Non-error exit code: " + output, exitCode, is(0));
+                assertThat("Output", output, not(containsString("Exception")));
+            }
+            else
+            {
+                System.out.println(output);
+                fail("Process didn't exit properly (was forcibly destroyed)");
+                passwordProcess.destroy();
+            }
+        }
+    }
 }