[SECURITY-2604]

README.adoc

@@ -18,7 +18,10 @@ image:docs/images/configuration.png[]
 
 This section goes into the details of how the managed Windows agent launcher actually works.
 
-This launcher uses several protocols that has been around for a quite some time.
+Jenkins uses multiple protocols to install the actual agent as a Windows service and then start it. These protocols have been around for a quite some time.
+
+IMPORTANT: The installation process assumes that the JRE is installed and accessible on the agent. Please see link:docs/troubleshooting.adoc[Troubleshooting WMI Windows Agents] if you need further help.
+
 
 * It first uses http://en.wikipedia.org/wiki/Server_Message_Block[CIFS] (also known as "Windows file share protocol") to push files into the
 agent. 
@@ -29,13 +32,6 @@ http://en.wikipedia.org/wiki/Distributed_Component_Object_Model[DCOM] to
 talk to
 http://en.wikipedia.org/wiki/Windows_Management_Instrumentation[WMI] to
 install and start a service remotely.
-* Jenkins uses two services, one is called
-https://github.com/jenkinsci/lib-windows-remote-command[Remote Communication Service] and this provides a general-purpose remote command execution capability. 
-Jenkins uses this to check if Java is available and if not install it. 
-A failure to do this is not fatal problem, as Jenkins will proceed by assuming that Java is available in a reasonable place.
-This service is destroyed after it is used so as not to cause any harm to the security. 
-The communication between Jenkins controller and this service happens over a named pipe, which itself is protected by access control.
-* Jenkins then installs the actual agent as a Windows service, by using the WMI over DCOM, then it starts this service.
 
 == Troubleshooting
 

docs/troubleshooting.adoc

@@ -169,36 +169,6 @@ NAT is not security damn it!
 
 == Windows registry related issues
 
-=== Remote Communication Service
-
-The Remote Communication Service "RemComSvc" must be running in order to launch commands remotely. 
-If not started, Jenkins will try to (remotely) start this service, assuming it is well configured. 
-If not, you may get an error like :
-
-```
-....
-Checking if Java exists
-ERROR: Failed to prepare Java
-java.lang.reflect.UndeclaredThrowableException
-....
-```
-
-In some cases (especially Windows 2008 R2) this can be caused by the lack of the Visual C++ runtime libraries needed by the service. 
-If this is the case you will see an error in the windows event log similar to:
-
-```
-....
-Activation context generation failed for "C:\Windows\RemComSvc.exe".
-Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
-Please use sxstrace.exe for detailed diagnosis.
-....
-```
-
-To solve this issue install the http://www.microsoft.com/download/en/details.aspx?id=5582[Visual C++ 2008 x86] libraries.
-
-The Remote Communication Service source code is a
-https://github.com/jenkinsci/lib-windows-remote-command[part of Jenkins].
-
 === Remote Registry Service
 
 The Remote Registry service must be running in order to install the Jenkins service, but it may be stopped on your computer.  

pom.xml

@@ -60,19 +60,15 @@
     <dependencies>
         <dependency>
             <groupId>org.jenkins-ci</groupId>
-            <artifactId>windows-remote-command</artifactId>
-            <version>1.4</version>
+            <artifactId>jinterop-wmi</artifactId>
+            <version>1.1</version>
             <exclusions>
                 <exclusion>
                     <groupId>org.jvnet</groupId>
                     <artifactId>tiger-types</artifactId>
                 </exclusion>
             </exclusions>
         </dependency>
-        <dependency>
-            <groupId>org.jenkins-ci.plugins</groupId>
-            <artifactId>jdk-tool</artifactId>
-        </dependency>
         <dependency>
             <groupId>io.jenkins</groupId>
             <artifactId>configuration-as-code</artifactId>

src/main/java/hudson/os/windows/ManagedWindowsServiceLauncher.java

@@ -37,9 +37,6 @@
 import hudson.remoting.Channel.Listener;
 import hudson.remoting.SocketChannelStream;
 import hudson.slaves.*;
-import hudson.tools.JDKInstaller;
-import hudson.tools.JDKInstaller.CPU;
-import hudson.tools.JDKInstaller.Platform;
 import hudson.util.DescribableList;
 import hudson.util.Secret;
 import hudson.util.jna.DotNet;
@@ -48,7 +45,6 @@
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.Socket;
-import java.net.URL;
 import java.net.UnknownHostException;
 import java.util.Date;
 import java.util.logging.Level;
@@ -67,7 +63,6 @@
 import org.jinterop.dcom.common.JIDefaultAuthInfoImpl;
 import org.jinterop.dcom.common.JIException;
 import org.jinterop.dcom.core.JISession;
-import org.jvnet.hudson.remcom.WindowsRemoteProcessLauncher;
 import org.jvnet.hudson.wmi.SWbemServices;
 import org.jvnet.hudson.wmi.WMI;
 import org.jvnet.hudson.wmi.Win32Service;
@@ -221,38 +216,6 @@ public void launch(final SlaveComputer computer, final TaskListener listener) th
 
             String java = resolveJava(computer);
 
-            try {// does Java exist?
-                logger.println("Checking if Java exists");
-                WindowsRemoteProcessLauncher wrpl = new WindowsRemoteProcessLauncher(name, auth);
-                Process proc = wrpl.launch("\"" + java + "\" -version", "c:\\");
-                proc.getOutputStream().close();
-                StringWriter console = new StringWriter();
-                IOUtils.copy(proc.getInputStream(), console);
-                proc.getInputStream().close();
-                int exitCode = proc.waitFor();
-                if (exitCode == 1) {// we'll get this error code if Java is not found
-                    logger.println("No Java found. Downloading JDK");
-                    JDKInstaller jdki = new JDKInstaller("jdk-6u16-oth-JPR@CDS-CDS_Developer", true);
-                    URL jdk = jdki.locate(listener, Platform.WINDOWS, CPU.i386);
-
-                    listener.getLogger().println("Installing JDK");
-                    copyStreamAndClose(jdk.openStream(), new SmbFile(remoteRoot, "jdk.exe").getOutputStream());
-
-                    String javaDir = path + "\\jdk"; // this is where we install Java to
-
-                    WindowsRemoteFileSystem fs = new WindowsRemoteFileSystem(name, createSmbAuth());
-                    fs.mkdirs(javaDir);
-
-                    jdki.install(new WindowsRemoteLauncher(listener, wrpl), Platform.WINDOWS,
-                            fs, listener, javaDir, path + "\\jdk.exe");
-                } else {
-                    checkJavaVersion(logger, java, new BufferedReader(new StringReader(console.toString())));
-                }
-            } catch (Exception e) {
-                e.printStackTrace(listener.error("Failed to prepare Java"));
-                return;
-            }
-
 // this just doesn't work --- trying to obtain the type or check the existence of smb://server/C$/ results in "access denied"
 //            {// check if the administrative share exists
 //                String fullpath = remoteRoot.getPath();