July 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-6896) Upgrade HAL to 2.8.27.Final

by Harald Pehl (JIRA)

[ https://issues.jboss.org/browse/WFLY-6896?page=com.atlassian.jira.plugin.... ] Harald Pehl updated WFLY-6896: ------------------------------ Comment: was deleted (was: Targets WildFly 11.0.0.Alpha1) > Upgrade HAL to 2.8.27.Final > --------------------------- > > Key: WFLY-6896 > URL: https://issues.jboss.org/browse/WFLY-6896 > Project: WildFly > Issue Type: Component Upgrade > Components: Web Console > Reporter: Harald Pehl > Assignee: Harald Pehl > Priority: Blocker > Fix For: 10.1.0.CR1, 11.0.0.Alpha1 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-616) Release WildFly Elytron 1.0.3.Final

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-616?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse resolved ELY-616. ---------------------------------- Resolution: Done > Release WildFly Elytron 1.0.3.Final > ----------------------------------- > > Key: ELY-616 > URL: https://issues.jboss.org/browse/ELY-616 > Project: WildFly Elytron > Issue Type: Release > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.0.3.CR1 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-612) Missing or unnecessary null check in AbstractDigestMechanism

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-612?page=com.atlassian.jira.plugin.sy... ] David Lloyd resolved ELY-612. ----------------------------- Resolution: Done > Missing or unnecessary null check in AbstractDigestMechanism > ------------------------------------------------------------ > > Key: ELY-612 > URL: https://issues.jboss.org/browse/ELY-612 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.1.0.Beta7 > Reporter: Ondrej Lukas > Assignee: David Lloyd > Labels: static_analysis > Fix For: 1.1.0.Beta8 > > > There is missing or unnecessary null check in {{getSaltedPasswordFromTwoWay}} method of org.wildfly.security.sasl.digest.AbstractDigestMechanism. {{char[] passwordChars}} is assigned on line 650 [1]. > * In case when null can be assigned to {{passwordChars}} then there is missing null check before calling {{userRealmPasswordDigest(messageDigest, username, realm, passwordChars);}} on line 658 which can result to NPE. > * In case when null cannot be assigned to {{passwordChars}} then there is unnecessary null check on line 659. > [1] https://github.com/wildfly-security/wildfly-elytron/blob/e01a09572b02f33d... -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-610) Missing null check in build() method of X509CertificateBuilder

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-610?page=com.atlassian.jira.plugin.sy... ] David Lloyd resolved ELY-610. ----------------------------- Resolution: Done > Missing null check in build() method of X509CertificateBuilder > -------------------------------------------------------------- > > Key: ELY-610 > URL: https://issues.jboss.org/browse/ELY-610 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.1.0.Beta7 > Reporter: Ondrej Lukas > Assignee: David Lloyd > Labels: static_analysis > Fix For: 1.1.0.Beta8 > > > Calling {{ASN1.oidFromSignatureAlgorithm(String)}} in {{org.wildfly.security.x500.cert.X509CertificateBuilder.build()}} method on line 375 [1] for unknown algorithms returns null which is assigned to {{signatureAlgorithmOid}} and results to NPE thrown from {{derEncoder.encodeObjectIdentifier(signatureAlgorithmOid)}} on line 377. > [1] https://github.com/wildfly-security/wildfly-elytron/blob/e01a09572b02f33d... -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-611) Unintentional integer overflow in LongNameSetPermissionCollection

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-611?page=com.atlassian.jira.plugin.sy... ] David Lloyd resolved ELY-611. ----------------------------- Resolution: Done > Unintentional integer overflow in LongNameSetPermissionCollection > ----------------------------------------------------------------- > > Key: ELY-611 > URL: https://issues.jboss.org/browse/ELY-611 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.1.0.Beta7 > Reporter: Ondrej Lukas > Assignee: David Lloyd > Labels: static_analysis > Fix For: 1.1.0.Beta8 > > > There are potentially overflowing expressions in org.wildfly.security.permission.LongNameSetPermissionCollection in {{getBitsForName}} method. Expressions {{1 << nameEnumeration.size()}} and {{1 << nameEnumeration.indexOf(name)}} are evaluated as integer but assigned to {{bits}} variable which is long. It can be avoided by casting {{1}} to long. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-614) Missing null check in equals() method of AbstractPermission

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-614?page=com.atlassian.jira.plugin.sy... ] David Lloyd resolved ELY-614. ----------------------------- Resolution: Done > Missing null check in equals() method of AbstractPermission > ----------------------------------------------------------- > > Key: ELY-614 > URL: https://issues.jboss.org/browse/ELY-614 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.1.0.Beta7 > Reporter: Ondrej Lukas > Assignee: David Lloyd > Labels: static_analysis > Fix For: 1.1.0.Beta8 > > > There is missing null check in {{org.wildfly.security.permission.AbstractPermission.equals(Object obj)}} method. NPE is thrown for null {{obj}} parameter. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6896) Upgrade HAL to 2.8.27.Final

by Harald Pehl (JIRA)

[ https://issues.jboss.org/browse/WFLY-6896?page=com.atlassian.jira.plugin.... ] Harald Pehl updated WFLY-6896: ------------------------------ Fix Version/s: 11.0.0.Alpha1 > Upgrade HAL to 2.8.27.Final > --------------------------- > > Key: WFLY-6896 > URL: https://issues.jboss.org/browse/WFLY-6896 > Project: WildFly > Issue Type: Component Upgrade > Components: Web Console > Reporter: Harald Pehl > Assignee: Harald Pehl > Priority: Blocker > Fix For: 10.1.0.CR1, 11.0.0.Alpha1 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-616) Release WildFly Elytron 1.0.3.Final

by Darran Lofthouse (JIRA)

Darran Lofthouse created ELY-616: ------------------------------------ Summary: Release WildFly Elytron 1.0.3.Final Key: ELY-616 URL: https://issues.jboss.org/browse/ELY-616 Project: WildFly Elytron Issue Type: Release Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 1.0.3.CR1 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-438) There is not possibility to use alternative JSSE Cipher Suite Names for IBM JDK

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-438?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse resolved ELY-438. ---------------------------------- Resolution: Done > There is not possibility to use alternative JSSE Cipher Suite Names for IBM JDK > ------------------------------------------------------------------------------- > > Key: ELY-438 > URL: https://issues.jboss.org/browse/ELY-438 > Project: WildFly Elytron > Issue Type: Bug > Components: SSL > Reporter: Hynek Švábek > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 1.1.0.Beta8, 1.0.3.CR1 > > > There is not possibility to use alternative JSSE Cipher Suite Names for IBM JDK8 > Interchange TLS prefix to SSL and vice versa is not supported. > Here is list of standard JSSE Cipher Suite Names > http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNa... > In my opinion this file is mapping file for our purpose. It is? > https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/... > For IBM JDK are different JSSE Cipher Suite Names (different prefix). > Most items from this list are missing in MechanismDatabase.properties mentioned above. > http://www.ibm.com/support/knowledgecenter/SSYKE2_8.0.0/com.ibm.java.secu... > For example: > JSSE Cipher Suite Name *SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA* is only defined for IBM JDK. > It is *TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA* for Oracle JDK. > If I try start server with JSSE Cipher Suite Name *SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA* I will get this error: > {code} > 16:55:25,594 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.undertow.listener.https: org.jboss.msc.service.StartException in service jboss.undertow.listener.https: Failed to start service > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1904) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1153) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) > at java.lang.Thread.run(Thread.java:785) > Caused by: java.lang.IllegalArgumentException: ELY05017: Token "SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA" not allowed at offset 33 of mechanism selection string "SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA" > at org.wildfly.security.ssl.CipherSuiteSelector.fromString(CipherSuiteSelector.java:399) > at org.wildfly.extension.undertow.HttpsListenerService.startListening(HttpsListenerService.java:125) > at org.wildfly.extension.undertow.ListenerService.start(ListenerService.java:138) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) > ... 3 more > 16:55:25,598 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "undertow"), > ("server" => "default-server"), > ("https-listener" => "https") > ]) - failure description: {"WFLYCTL0080: Failed services" => {"jboss.undertow.listener.https" => "org.jboss.msc.service.StartException in service jboss.undertow.listener.https: Failed to start service > Caused by: java.lang.IllegalArgumentException: ELY05017: Token \"SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA\" not allowed at offset 33 of mechanism selection string \"SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA\""}} > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1680) Tab completion for echo-dmr command is broken

by Jean-Francois Denise (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1680?page=com.atlassian.jira.plugi... ] Jean-Francois Denise reassigned WFCORE-1680: -------------------------------------------- Assignee: Jean-Francois Denise (was: Alexey Loubyansky) > Tab completion for echo-dmr command is broken > --------------------------------------------- > > Key: WFCORE-1680 > URL: https://issues.jboss.org/browse/WFCORE-1680 > Project: WildFly Core > Issue Type: Bug > Components: CLI > Reporter: Petr Kremensky > Assignee: Jean-Francois Denise > > Tab completion for echo-dmr command doesn't work. > To reproduce, start the standalone server and connect with CLI > *actual 3.0.0.Alpha5-SNAPSHOT 77673c5* > {noformat} > [standalone@localhost:9990 /] echo-dmr /sub[TAB] > core-service deployment deployment-overlay extension interface path socket-binding-group subsystem system-property > [standalone@localhost:9990 /] echo-dmr /subsystem=log[TAB] > core-service deployment deployment-overlay extension interface path socket-binding-group subsystem system-property > {noformat} > *expected* > {noformat} > [standalone@localhost:9990 /] echo-dmr /sub[TAB] > [standalone@localhost:9990 /] echo-dmr /subsystem= > [standalone@localhost:9990 /] echo-dmr /subsystem=log[TAB] > [standalone@localhost:9990 /] echo-dmr /subsystem=logging > {noformat} > The issue is not reproducible with 2.2.0.CR7 (EAP 7.1.0.DR1). -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira July 2016