[qpid-site] branch asf-site updated: hack to ensure broker-j 7.0.7 treated as 'current' for mirroring, and list on download page due to missing link in release announcement
This is an automated email from the ASF dual-hosted git repository. robbie pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/qpid-site.git The following commit(s) were added to refs/heads/asf-site by this push: new 2b5b0e7 hack to ensure broker-j 7.0.7 treated as 'current' for mirroring, and list on download page due to missing link in release announcement 2b5b0e7 is described below commit 2b5b0e7d0df0bdc715d41c1a7db224745d6036be Author: Robbie Gemmell AuthorDate: Fri Mar 1 21:53:49 2019 + hack to ensure broker-j 7.0.7 treated as 'current' for mirroring, and list on download page due to missing link in release announcement --- content/download.html | 2 +- content/releases/qpid-broker-j-7.0.7/index.html | 2 +- input/_transom_config.py| 1 + input/download.md | 1 + input/releases/qpid-broker-j-7.0.7/index.md | 4 ++-- 5 files changed, 6 insertions(+), 4 deletions(-) diff --git a/content/download.html b/content/download.html index eb6449a..4e03d1e 100644 --- a/content/download.html +++ b/content/download.html @@ -192,7 +192,7 @@ https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/> Broker-J - 7.1.1 + 7.0.7 http://www.apache.org/dyn/closer.lua/qpid/broker-j/7.0.7/apache-qpid-broker-j-7.0.7-src.tar.gz;>Source (https://www.apache.org/dist/qpid/broker-j/7.0.7/apache-qpid-broker-j-7.0.7-src.tar.gz.asc;>ASC, https://www.apache.org/dist/qpid/broker-j/7.0.7/apache-qpid-broker-j-7.0.7-src.tar.gz.sha512;>SHA512), http://www.apache.org/dyn/closer.lua/qpid/broker-j/7.0.7/binaries/apache-qpid-broker-j-7.0.7-bin.tar.gz;>Binary (Release Page diff --git a/content/releases/qpid-broker-j-7.0.7/index.html b/content/releases/qpid-broker-j-7.0.7/index.html index 5e6d145..629ef78 100644 --- a/content/releases/qpid-broker-j-7.0.7/index.html +++ b/content/releases/qpid-broker-j-7.0.7/index.html @@ -191,7 +191,7 @@ files you download. _deferredFunctions.push(function() { - if ("7.0.7" === "7.1.1") { + if ("7.0.7" === "7.0.7") { _modifyCurrentReleaseLinks(); } }); diff --git a/input/_transom_config.py b/input/_transom_config.py index e3059c0..3cb0b07 100644 --- a/input/_transom_config.py +++ b/input/_transom_config.py @@ -23,6 +23,7 @@ class _Release(object): return "{}".format(self.url, self.number) broker_j_release = _Release(site_url, "Qpid Broker-J", "qpid-broker-j", "7.1.1") +other_current_broker_j_release = "7.0.7" cpp_release = _Release(site_url, "Qpid C++", "qpid-cpp", "1.39.0") dispatch_release = _Release(site_url, "Qpid Dispatch", "qpid-dispatch", "1.5.0") interop_test_release = _Release(site_url, "Qpid Interop Test", "qpid-interop-test", "0.2.0") diff --git a/input/download.md b/input/download.md index 4136c3c..b961076 100644 --- a/input/download.md +++ b/input/download.md @@ -40,6 +40,7 @@ It is important to [verify the integrity](#verify-what-you-download) of the file | Content | Version | Download | More | | --- | --- | | | | [Broker-J]({{site_url}}/components/broker-j/index.html) | {{current_broker_j_release}} | [Source](http://www.apache.org/dyn/closer.lua/qpid/broker-j/{{current_broker_j_release}}/apache-qpid-broker-j-{{current_broker_j_release}}-src.tar.gz) ([ASC](https://www.apache.org/dist/qpid/broker-j/{{current_broker_j_release}}/apache-qpid-broker-j-{{current_broker_j_release}}-src.tar.gz.asc), [SHA512](https://www.apache.org/dist/qpid/broker-j/{{current_broker_j_release}}/apache-qpid-broker-j-{{cu [...] +| [Broker-J]({{site_url}}/components/broker-j/index.html) | {{other_current_broker_j_release}} | [Source](http://www.apache.org/dyn/closer.lua/qpid/broker-j/{{other_current_broker_j_release}}/apache-qpid-broker-j-{{other_current_broker_j_release}}-src.tar.gz) ([ASC](https://www.apache.org/dist/qpid/broker-j/{{other_current_broker_j_release}}/apache-qpid-broker-j-{{other_current_broker_j_release}}-src.tar.gz.asc), [SHA512](
[qpid-site] branch asf-site updated: Include temporarely links to download 7.0.7 release bundles into download page
This is an automated email from the ASF dual-hosted git repository. orudyy pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/qpid-site.git The following commit(s) were added to refs/heads/asf-site by this push: new ff5543e Include temporarely links to download 7.0.7 release bundles into download page ff5543e is described below commit ff5543e98ab6c355b68838e9c439e2184778400c Author: Alex Rudyy AuthorDate: Fri Mar 1 20:58:27 2019 + Include temporarely links to download 7.0.7 release bundles into download page --- content/download.html | 6 ++ 1 file changed, 6 insertions(+) diff --git a/content/download.html b/content/download.html index daea032..eb6449a 100644 --- a/content/download.html +++ b/content/download.html @@ -191,6 +191,12 @@ https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/> Release Page + Broker-J + 7.1.1 + http://www.apache.org/dyn/closer.lua/qpid/broker-j/7.0.7/apache-qpid-broker-j-7.0.7-src.tar.gz;>Source (https://www.apache.org/dist/qpid/broker-j/7.0.7/apache-qpid-broker-j-7.0.7-src.tar.gz.asc;>ASC, https://www.apache.org/dist/qpid/broker-j/7.0.7/apache-qpid-broker-j-7.0.7-src.tar.gz.sha512;>SHA512), http://www.apache.org/dyn/closer.lua/qpid/broker-j/7.0.7/binaries/apache-qpid-broker-j-7.0.7-bin.tar.gz;>Binary (Release Page + + C++ broker 1.39.0 http://www.apache.org/dyn/closer.lua/qpid/cpp/1.39.0/qpid-cpp-1.39.0.tar.gz;>Source (https://www.apache.org/dist/qpid/cpp/1.39.0/qpid-cpp-1.39.0.tar.gz.asc;>ASC, https://www.apache.org/dist/qpid/cpp/1.39.0/qpid-cpp-1.39.0.tar.gz.sha512;>SHA512) - To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org
[qpid-site] branch asf-site updated: Add description of CVE-2019-0200 in Qpid BRoker-J security pages
This is an automated email from the ASF dual-hosted git repository. orudyy pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/qpid-site.git The following commit(s) were added to refs/heads/asf-site by this push: new 605e179 Add description of CVE-2019-0200 in Qpid BRoker-J security pages 605e179 is described below commit 605e179e2b6c7b82177f70b6d2123c6b29e58eec Author: Alex Rudyy AuthorDate: Fri Mar 1 20:45:23 2019 + Add description of CVE-2019-0200 in Qpid BRoker-J security pages --- content/components/broker-j/security.html | 7 ++ .../security.html => cves/CVE-2019-0200.html} | 122 + input/components/broker-j/security.md | 2 + input/cves/CVE-2019-0200.md| 49 + 4 files changed, 111 insertions(+), 69 deletions(-) diff --git a/content/components/broker-j/security.html b/content/components/broker-j/security.html index 862dbf3..1627456 100644 --- a/content/components/broker-j/security.html +++ b/content/components/broker-j/security.html @@ -176,6 +176,13 @@ https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/> 7.0.5 Denial of Service + + CVE-2019-0200 + Important + 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.1.0, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6 and 7.1.0 + 7.0.7, 7.1.1 + Denial of Service + diff --git a/content/components/broker-j/security.html b/content/cves/CVE-2019-0200.html similarity index 73% copy from content/components/broker-j/security.html copy to content/cves/CVE-2019-0200.html index 862dbf3..fe34b6d 100644 --- a/content/components/broker-j/security.html +++ b/content/cves/CVE-2019-0200.html @@ -21,7 +21,7 @@ --> http://www.w3.org/1999/xhtml; xml:lang="en"> -Security - Apache Qpid +CVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands - Apache Qpid @@ -111,76 +111,60 @@ https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/> -HomeComponentsBroker-JSecurity +HomeCVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands - Security - - - - - CVE-ID - Severity - Affected versions - Fixed versions - Summary - - - - - CVE-2016-3094 - Important - 6.0.0, 6.0.1, and 6.0.2 - 6.0.3 - Denial of service - - - CVE-2016-4432 - Important - 6.0.2 and earlier - 6.0.3 - Authentication bypass - - - CVE-2016-8741 - Moderate - 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, and 6.1.0 - 6.0.6, 6.1.1 - Information leakage - - - CVE-2017-15701 - Important - 6.1.0, 6.1.1, 6.1.2, 6.1.3, and 6.1.4 - 6.1.5 - Denial of Service - - - CVE-2017-15702 - Important - 0.18, 0.20, 0.22, 0.24, 0.26, 0.28, 0.30, and 0.32 - 6.0.0 - Authentication vulnerability - - - CVE-2018-1298 - Important - 7.0.0 - 7.0.1 - Denial of Service - - - CVE-2018-8030 - Important - 7.0.0, 7.0.1, 7.0.2, 7.0.3 and 7.0.4 - 7.0.5 - Denial of Service - - - - -See the main security page for general -information and details for other components. + CVE-2019-0200: Apache Qpid Broker-J Denial of Service due to malformed AMQP 0-8 to 0-10 commands + +Severity + +Critical + +Affected components + +Qpid Broker-J + +Affected versions + +6.0.0-7.0.6 and 7.1.0 + +Fixed versions + +7.0.7 +7.1.1 + +Description + +A Denial of Service vulnerability was found in Apache Qpid Broker-J +versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated +attacker to crash the broker instance by sending specially crafted +commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and +0-10). + +Resolution + +Users of Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 +utilizing AMQP protocols 0-8, 0-9, 0-91, 0-10 must upgrade to Qpid +Broker-J versions 7.0.7 or 7.1.1 or later. + +Mitigation + +If upgrade of the broker is not possible, the support for AMQP protocols +0-8...0-10 can be disabled on AMQP ports. The change can be made either +directly in the broker configuration file or by using management interfaces. + +An example of REST API call restricting AMQP port to support only AMQP 1.0 +using curl utility is provided below: + +sh +curl --user user-name -X POST -d '{"protocols":["AMQP_1_0"]}' https://broker host:broker port/api/latest/port/port name + + +References + + +https://issues.apache.org/jira/browse/QPID-8273;>QPID-8273 + diff --git a/input/components/broker-j/security.md b/input/components/broker-j/security.md index 89019a6..efee99f 100644 --- a/input/components/broker-j/security.md +++ b/input/components/broker-j/security.md @@ -28,6 +28,8 @@ | [CVE-2017-15702]({{site_url}}/cves/CVE-2017-15702.html) | Important | 0.18, 0.20, 0.22, 0.24, 0.26, 0.28, 0.30, and 0.32 | 6.0.0 | Authentication vulnerability | |
[qpid-dispatch] 01/02: DISPATCH-1274: Optimize qd_timer_schedule(0)
This is an automated email from the ASF dual-hosted git repository. aconway pushed a commit to branch schedule-zero in repository https://gitbox.apache.org/repos/asf/qpid-dispatch.git commit de5c509d073f279a5b8b38016e8555b13e7a Author: Alan Conway AuthorDate: Fri Mar 1 10:49:54 2019 -0500 DISPATCH-1274: Optimize qd_timer_schedule(0) Introduced pn_immediate_t, a simpler schedule for immediate requests. qd_timer_schedule delegates schedule(0) requests. --- src/CMakeLists.txt | 1 + src/immediate.c | 96 src/{timer_private.h => immediate_private.h} | 39 +-- src/server.c | 20 -- src/server_private.h | 1 + src/timer.c | 15 - src/timer_private.h | 2 + 7 files changed, 150 insertions(+), 24 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 1544db9..cb8ad70 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -66,6 +66,7 @@ set(qpid_dispatch_SOURCES entity_cache.c failoverlist.c hash.c + immediate.c iterator.c log.c message.c diff --git a/src/immediate.c b/src/immediate.c new file mode 100644 index 000..6149be7 --- /dev/null +++ b/src/immediate.c @@ -0,0 +1,96 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +#include "immediate_private.h" +#include "server_private.h" + +#include +#include + +struct qd_immediate_t { +qd_server_t *server; +void (*handler)(void* context); +void *context; +bool armed; +}; + +/* Array rather than list for fast access and cache-coherence */ +static qd_immediate_t immediates[256] = {0}; +static size_t count = 0; +static sys_mutex_t *lock = NULL; + +void qd_immediate_initialize(void) { +lock = sys_mutex(); +} + +void qd_immediate_finalize(void) { +sys_mutex_free(lock); +lock = 0; +} + +qd_immediate_t *qd_immediate(qd_dispatch_t *qd, void (*handler)(void*), void* context) { +sys_mutex_lock(lock); +if (count >= sizeof(immediates)/sizeof(immediates[0])) { +assert("exceeded max number of qd_immediate_t objects" == 0); +return 0; +} +qd_immediate_t *i = [count++]; +i->server = qd ? qd->server : NULL; +i->handler = handler; +i->context = context; +i->armed = false; +sys_mutex_unlock(lock); +return i; +} + +void qd_immediate_arm(qd_immediate_t *i) { +bool interrupt = false; +sys_mutex_lock(lock); +if (!i->armed) { +interrupt = i->armed = true; +} +sys_mutex_unlock(lock); +if (interrupt && i->server) { +qd_server_interrupt(i->server); +} +} + +void qd_immediate_disarm(qd_immediate_t *i) { +sys_mutex_lock(lock); +i->armed = false; +sys_mutex_unlock(lock); +} + +void qd_immediate_free(qd_immediate_t *i) { +/* Just disarm, its harmless to leave it in place. */ +qd_immediate_disarm(i); +} + +void qd_immediate_visit() { +sys_mutex_lock(lock); +for (qd_immediate_t *i = immediates; i < immediates + count; ++i) { +if (i->armed) { +i->armed = false; +sys_mutex_unlock(lock); +i->handler(i->context); +sys_mutex_lock(lock); +} +} +sys_mutex_unlock(lock); +} diff --git a/src/timer_private.h b/src/immediate_private.h similarity index 52% copy from src/timer_private.h copy to src/immediate_private.h index 537eb4b..cd8d11b 100644 --- a/src/timer_private.h +++ b/src/immediate_private.h @@ -1,5 +1,5 @@ -#ifndef __timer_private_h__ -#define __timer_private_h__ 1 +#ifndef __immediate_private_h__ +#define __immediate_private_h__ 1 /* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file @@ -19,26 +19,27 @@ * under the License. */ -#include -#include -#include -struct qd_timer_t { -DEQ_LINKS(qd_timer_t); -qd_server_t *server; -qd_timer_cb_t handler; -void *context; -qd_timestamp_tdelta_time; -bool scheduled; /* true means on scheduled list, false on idle list */ -}; +#include
[qpid-dispatch] branch schedule-zero created (now 9c2371e)
This is an automated email from the ASF dual-hosted git repository. aconway pushed a change to branch schedule-zero in repository https://gitbox.apache.org/repos/asf/qpid-dispatch.git. at 9c2371e DISPATCH-1274: Separate qd_timer_t lock from server This branch includes the following new commits: new de5c509 DISPATCH-1274: Optimize qd_timer_schedule(0) new 9c2371e DISPATCH-1274: Separate qd_timer_t lock from server The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. - To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org
[qpid-dispatch] 02/02: DISPATCH-1274: Separate qd_timer_t lock from server
This is an automated email from the ASF dual-hosted git repository. aconway pushed a commit to branch schedule-zero in repository https://gitbox.apache.org/repos/asf/qpid-dispatch.git commit 9c2371e9628aee40356fbea36e3b53493b0a0853 Author: Alan Conway AuthorDate: Fri Mar 1 14:42:38 2019 -0500 DISPATCH-1274: Separate qd_timer_t lock from server qd_timer_t was sharing a lock with qd_server_t for historical reasons. Code inspection shows there is no need for the sharing. - timer.c calls qd_server_timeout() which is thread-safe, and no other server functions. - timer calls handlers outside the lock so it doesn't mater what lock is used. --- src/server.c| 2 +- src/timer.c | 5 +++-- src/timer_private.h | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/src/server.c b/src/server.c index 1863546..760126d 100644 --- a/src/server.c +++ b/src/server.c @@ -1227,7 +1227,7 @@ qd_server_t *qd_server(qd_dispatch_t *qd, int thread_count, const char *containe qd_server->cond = sys_cond(); DEQ_INIT(qd_server->conn_list); -qd_timer_initialize(qd_server->lock); +qd_timer_initialize(); qd_server->pause_requests = 0; qd_server->threads_paused = 0; diff --git a/src/timer.c b/src/timer.c index 0fd87c7..c76f77d 100644 --- a/src/timer.c +++ b/src/timer.c @@ -182,10 +182,10 @@ void qd_timer_cancel(qd_timer_t *timer) //= -void qd_timer_initialize(sys_mutex_t *server_lock) +void qd_timer_initialize() { qd_immediate_initialize(); -lock = server_lock; +lock = sys_mutex(); DEQ_INIT(idle_timers); DEQ_INIT(scheduled_timers); time_base = 0; @@ -194,6 +194,7 @@ void qd_timer_initialize(sys_mutex_t *server_lock) void qd_timer_finalize(void) { +sys_mutex_free(lock); lock = 0; qd_immediate_finalize(); } diff --git a/src/timer_private.h b/src/timer_private.h index 263fca5..9f6f1cb 100644 --- a/src/timer_private.h +++ b/src/timer_private.h @@ -36,7 +36,7 @@ struct qd_timer_t { DEQ_DECLARE(qd_timer_t, qd_timer_list_t); -void qd_timer_initialize(sys_mutex_t *server_lock); +void qd_timer_initialize(void); void qd_timer_finalize(void); void qd_timer_visit(); - To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org
svn commit: r32719 - /release/qpid/broker-j/7.1.0/
Author: orudyy Date: Fri Mar 1 17:29:31 2019 New Revision: 32719 Log: QPID-8277: Remove Apache Qpid Broker-J 7.1.0 version bundles after releasing version 7.1.1 Removed: release/qpid/broker-j/7.1.0/ - To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org
[qpid-site] branch asf-site updated (09349e2 -> ff1148b)
This is an automated email from the ASF dual-hosted git repository. orudyy pushed a change to branch asf-site in repository https://gitbox.apache.org/repos/asf/qpid-site.git. from 09349e2 update site content for qpid-proton-0.27.0 new 7f82d57 QPID-8239: Update site for Qpid Broker-J release 7.0.7 new ff1148b QPID-8277 :Update site for Qpid Broker-J release 7.1.1 The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: content/components/broker-j/index.html | 14 +- content/dashboard.html | 2 +- content/documentation.html | 2 +- content/download.html | 6 +- content/releases/index.html| 4 +- content/releases/qpid-broker-j-7.0.0/index.html| 2 +- content/releases/qpid-broker-j-7.0.1/index.html| 2 +- content/releases/qpid-broker-j-7.0.2/index.html| 2 +- content/releases/qpid-broker-j-7.0.3/index.html| 2 +- content/releases/qpid-broker-j-7.0.4/index.html| 2 +- content/releases/qpid-broker-j-7.0.5/index.html| 2 +- content/releases/qpid-broker-j-7.0.6/index.html| 2 +- .../book/Apache-Qpid-Broker-J-Book.html| 153 ++ ...Java-Broker-Appendix-Environment-Variables.html | 197 .../Java-Broker-Appendix-Operation-Logging.html| 561 + .../book/Java-Broker-Appendix-Queue-Alerts.html} | 115 ++--- ...va-Broker-Appendix-Queue-Declare-Arguments.html | 224 ...Java-Broker-Appendix-Statistics-Reporting.html} | 95 +--- .../Java-Broker-Appendix-System-Properties.html} | 98 +--- ...oker-Backup-And-Recovery-Virtualhost-Node.html} | 100 +--- ...va-Broker-Backup-And-Recovery-Virtualhost.html} | 97 +--- .../book/Java-Broker-Backup-And-Recovery.html} | 91 +--- ...-Broker-Concepts-Authentication-Providers.html} | 40 +- .../book/Java-Broker-Concepts-Broker.html} | 36 +- .../book/Java-Broker-Concepts-Exchanges.html | 205 .../book/Java-Broker-Concepts-Other-Services.html} | 95 +--- .../book/Java-Broker-Concepts-Ports.html} | 99 +--- .../book/Java-Broker-Concepts-Queues.html | 322 ...va-Broker-Concepts-RemoteReplicationNodes.html} | 37 +- .../Java-Broker-Concepts-Virtualhost-Nodes.html} | 42 +- .../book/Java-Broker-Concepts-Virtualhosts.html} | 103 +--- .../book/Java-Broker-Concepts.html | 177 +++ .../Java-Broker-Getting-Started-CommandLine.html | 201 .../book/Java-Broker-Getting-Started-Logging.html} | 39 +- ...er-Getting-Started-Starting-Stopping-Unix.html} | 100 +--- ...Getting-Started-Starting-Stopping-Windows.html} | 100 +--- .../book/Java-Broker-Getting-Started.html} | 43 +- .../Java-Broker-High-Availability-Backup.html} | 37 +- .../Java-Broker-High-Availability-Behaviour.html | 226 + ...a-Broker-High-Availability-ClientFailover.html} | 40 +- ...ava-Broker-High-Availability-CreatingGroup.html | 182 +++ .../Java-Broker-High-Availability-DiskSpace.html} | 39 +- ...er-High-Availability-Network-Requirements.html} | 40 +- ...a-Broker-High-Availability-NodeOperations.html} | 108 +--- ...Java-Broker-High-Availability-OverviewOfHA.html | 168 ++ ...igh-Availability-Reset-Group-Infomational.html} | 95 +--- .../Java-Broker-High-Availability-Security.html} | 38 +- .../book/Java-Broker-High-Availability.html} | 97 +--- ...al-Configuration-Configuration-Properties.html} | 111 +--- ...itial-Configuration-Create-Initial-Config.html} | 103 +--- ...Java-Broker-Initial-Configuration-Example.html} | 187 +++ ...ial-Configuration-Initial-Config-Location.html} | 46 +- ...ava-Broker-Initial-Configuration-Location.html} | 43 +- .../Java-Broker-Initial-Configuration-Type.html} | 105 +--- .../book/Java-Broker-Initial-Configuration.html} | 98 +--- .../book/Java-Broker-Installation-Download.html} | 38 +- ...Java-Broker-Installation-InstallationUnix.html} | 112 +--- ...a-Broker-Installation-InstallationWindows.html} | 113 + ...-Broker-Installation-OptionalDependencies.html} | 38 +- .../Java-Broker-Installation-Prerequistes.html}| 107 +--- .../book/Java-Broker-Installation.html}| 89 +--- .../book/Java-Broker-Introduction.html}| 97 +--- ...Broker-Management-Channel-AMQP-Intrinstic.html} | 38 +- .../Java-Broker-Management-Channel-REST-API.html | 394 +++ ...Java-Broker-Management-Channel-Web-Console.html | 191 +++ .../book/Java-Broker-Management-Channel.html | 156 ++ ...agement-Managing-Access-Control-Providers.html} | 38 +- ...nagement-Managing-Authentication-Providers.html | 163 ++ .../Java-Broker-Management-Managing-Broker.html|
[qpid-broker-j] branch 7.1.x updated: QPID-8281: [Broker-J][Tests] Explicitly specify type of keystores and truststores in tests
This is an automated email from the ASF dual-hosted git repository. orudyy pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git The following commit(s) were added to refs/heads/7.1.x by this push: new ad5728a QPID-8281: [Broker-J][Tests] Explicitly specify type of keystores and truststores in tests ad5728a is described below commit ad5728a2ed724c3523f7b77b68bc544f931b2145 Author: Alex Rudyy AuthorDate: Fri Mar 1 11:45:12 2019 + QPID-8281: [Broker-J][Tests] Explicitly specify type of keystores and truststores in tests (cherry picked from commit c5f129e31ec80fcdaf57dfd2eb3ddcdf13f5263c) --- .../qpid/server/security/FileKeyStoreTest.java | 15 -- .../qpid/server/security/FileTrustStoreTest.java | 24 -- .../qpid/server/security/NonJavaKeyStoreTest.java | 5 +++-- .../server/security/NonJavaTrustStoreTest.java | 3 ++- .../security/SiteSpecificTrustStoreTest.java | 3 ++- .../manager/oauth2/OAuth2MockEndpointHolder.java | 17 ++- .../apache/qpid/server/ssl/TrustManagerTest.java | 2 +- .../apache/qpid/test/utils/TestSSLConstants.java | 2 ++ .../org/apache/qpid/tests/http/HttpTestHelper.java | 5 +++-- .../resources/config-http-management-tests.json| 3 ++- .../PreemptiveAuthenticationTest.java | 4 +++- .../systests/QpidJmsClientConnectionBuilder.java | 10 + .../extensions/management/AmqpManagementTest.java | 24 ++ .../extensions/sasl/AuthenticationTest.java| 21 +-- .../systests/jms_1_1/extensions/tls/TlsTest.java | 20 -- 15 files changed, 136 insertions(+), 22 deletions(-) diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java index 6eaf8f4..3d75ac0 100644 --- a/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java +++ b/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java @@ -22,6 +22,7 @@ package org.apache.qpid.server.security; import static org.apache.qpid.server.security.FileTrustStoreTest.SYMMETRIC_KEY_KEYSTORE_RESOURCE; import static org.apache.qpid.server.security.FileTrustStoreTest.createDataUrlForFile; +import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; @@ -88,6 +89,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.NAME, "myFileKeyStore"); attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH); attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker); @@ -105,6 +107,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH); attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD); attributes.put(FileKeyStore.CERTIFICATE_ALIAS, BROKER_KEYSTORE_ALIAS); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker); @@ -121,6 +124,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.NAME, "myFileKeyStore"); attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH); attributes.put(FileKeyStore.PASSWORD, "wrong"); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); try { @@ -144,6 +148,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.STORE_URL, CLIENT_KEYSTORE_PATH); attributes.put(FileKeyStore.PASSWORD, CLIENT_KEYSTORE_PASSWORD); attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "notknown"); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); try { @@ -166,6 +171,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.STORE_URL, CLIENT_KEYSTORE_PATH); attributes.put(FileKeyStore.PASSWORD, CLIENT_KEYSTORE_PASSWORD); attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "rootca"); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); try { @@ -189,6 +195,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.NAME, "myFileKeyStore"); attributes.put(FileKeyStore.STORE_URL, trustStoreAsDataUrl); attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD); +
[qpid-broker-j] branch master updated: QPID-8281: [Broker-J][Tests] Explicitly specify type of keystores and truststores in tests
This is an automated email from the ASF dual-hosted git repository. orudyy pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git The following commit(s) were added to refs/heads/master by this push: new c5f129e QPID-8281: [Broker-J][Tests] Explicitly specify type of keystores and truststores in tests c5f129e is described below commit c5f129e31ec80fcdaf57dfd2eb3ddcdf13f5263c Author: Alex Rudyy AuthorDate: Fri Mar 1 11:45:12 2019 + QPID-8281: [Broker-J][Tests] Explicitly specify type of keystores and truststores in tests --- .../qpid/server/security/FileKeyStoreTest.java | 15 -- .../qpid/server/security/FileTrustStoreTest.java | 24 -- .../qpid/server/security/NonJavaKeyStoreTest.java | 5 +++-- .../server/security/NonJavaTrustStoreTest.java | 3 ++- .../security/SiteSpecificTrustStoreTest.java | 3 ++- .../manager/oauth2/OAuth2MockEndpointHolder.java | 17 ++- .../apache/qpid/server/ssl/TrustManagerTest.java | 2 +- .../apache/qpid/test/utils/TestSSLConstants.java | 2 ++ .../org/apache/qpid/tests/http/HttpTestHelper.java | 5 +++-- .../resources/config-http-management-tests.json| 3 ++- .../PreemptiveAuthenticationTest.java | 4 +++- .../systests/QpidJmsClientConnectionBuilder.java | 10 + .../extensions/management/AmqpManagementTest.java | 24 ++ .../extensions/sasl/AuthenticationTest.java| 21 +-- .../systests/jms_1_1/extensions/tls/TlsTest.java | 20 -- 15 files changed, 136 insertions(+), 22 deletions(-) diff --git a/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java b/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java index 6eaf8f4..3d75ac0 100644 --- a/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java +++ b/broker-core/src/test/java/org/apache/qpid/server/security/FileKeyStoreTest.java @@ -22,6 +22,7 @@ package org.apache.qpid.server.security; import static org.apache.qpid.server.security.FileTrustStoreTest.SYMMETRIC_KEY_KEYSTORE_RESOURCE; import static org.apache.qpid.server.security.FileTrustStoreTest.createDataUrlForFile; +import static org.apache.qpid.test.utils.TestSSLConstants.JAVA_KEYSTORE_TYPE; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; @@ -88,6 +89,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.NAME, "myFileKeyStore"); attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH); attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker); @@ -105,6 +107,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH); attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD); attributes.put(FileKeyStore.CERTIFICATE_ALIAS, BROKER_KEYSTORE_ALIAS); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); FileKeyStoreImpl fileKeyStore = (FileKeyStoreImpl) _factory.create(KeyStore.class, attributes, _broker); @@ -121,6 +124,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.NAME, "myFileKeyStore"); attributes.put(FileKeyStore.STORE_URL, BROKER_KEYSTORE_PATH); attributes.put(FileKeyStore.PASSWORD, "wrong"); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); try { @@ -144,6 +148,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.STORE_URL, CLIENT_KEYSTORE_PATH); attributes.put(FileKeyStore.PASSWORD, CLIENT_KEYSTORE_PASSWORD); attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "notknown"); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); try { @@ -166,6 +171,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.STORE_URL, CLIENT_KEYSTORE_PATH); attributes.put(FileKeyStore.PASSWORD, CLIENT_KEYSTORE_PASSWORD); attributes.put(FileKeyStore.CERTIFICATE_ALIAS, "rootca"); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); try { @@ -189,6 +195,7 @@ public class FileKeyStoreTest extends UnitTestBase attributes.put(FileKeyStore.NAME, "myFileKeyStore"); attributes.put(FileKeyStore.STORE_URL, trustStoreAsDataUrl); attributes.put(FileKeyStore.PASSWORD, BROKER_KEYSTORE_PASSWORD); +attributes.put(FileKeyStore.KEY_STORE_TYPE, JAVA_KEYSTORE_TYPE); FileKeyStoreImpl fileKeyStore
[qpid-proton-j] branch master updated: PROTON-1998: add trace output for the AMQP and SASL headers being sent+received
This is an automated email from the ASF dual-hosted git repository. robbie pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/qpid-proton-j.git The following commit(s) were added to refs/heads/master by this push: new 0ca7831 PROTON-1998: add trace output for the AMQP and SASL headers being sent+received 0ca7831 is described below commit 0ca7831d222cce58f21fa368b2005a49eb3707a1 Author: Robbie Gemmell AuthorDate: Thu Feb 28 17:50:40 2019 + PROTON-1998: add trace output for the AMQP and SASL headers being sent+received --- .../qpid/proton/engine/impl/FrameParser.java | 19 ++- .../qpid/proton/engine/impl/ProtocolTracer.java| 4 + .../qpid/proton/engine/impl/SaslFrameParser.java | 23 ++- .../apache/qpid/proton/engine/impl/SaslImpl.java | 19 ++- .../qpid/proton/engine/impl/TransportImpl.java | 25 ++- .../qpid/proton/engine/impl/FrameParserTest.java | 2 +- .../proton/engine/impl/SaslFrameParserTest.java| 10 +- .../qpid/proton/engine/impl/TransportImplTest.java | 187 - 8 files changed, 278 insertions(+), 11 deletions(-) diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/FrameParser.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/FrameParser.java index e3b3c55..ce4283e 100644 --- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/FrameParser.java +++ b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/FrameParser.java @@ -40,6 +40,7 @@ import org.apache.qpid.proton.framing.TransportFrame; class FrameParser implements TransportInput { private static final Logger TRACE_LOGGER = Logger.getLogger("proton.trace"); +private static final String HEADER_DESCRIPTION = "AMQP"; private static final ByteBuffer _emptyInputBuffer = newWriteableBuffer(0); @@ -67,6 +68,7 @@ class FrameParser implements TransportInput private final ByteBufferDecoder _decoder; private final int _inputBufferSize; private final int _localMaxFrameSize; +private final TransportImpl _transport; private ByteBuffer _inputBuffer = null; private boolean _tail_closed = false; @@ -89,12 +91,13 @@ class FrameParser implements TransportInput * We store the last result when processing input so that * we know not to process any more input if it was an error. */ -FrameParser(FrameHandler frameHandler, ByteBufferDecoder decoder, int localMaxFrameSize) +FrameParser(FrameHandler frameHandler, ByteBufferDecoder decoder, int localMaxFrameSize, TransportImpl transport) { _frameHandler = frameHandler; _decoder = decoder; _localMaxFrameSize = localMaxFrameSize; _inputBufferSize = _localMaxFrameSize > 0 ? _localMaxFrameSize : 16*1024; +_transport = transport; } private void input(ByteBuffer in) throws TransportException @@ -238,6 +241,9 @@ class FrameParser implements TransportInput state = State.ERROR; break; } + +logHeader(); + state = State.SIZE_0; } else @@ -583,4 +589,15 @@ class FrameParser implements TransportInput { return _framesInput; } + +private void logHeader() { +if (_transport.isFrameTracingEnabled()) { +_transport.log(TransportImpl.INCOMING, HEADER_DESCRIPTION); + +ProtocolTracer tracer = _transport.getProtocolTracer(); +if (tracer != null) { +tracer.receivedHeader(HEADER_DESCRIPTION); +} +} +} } diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ProtocolTracer.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ProtocolTracer.java index ff1468c..0b92884 100644 --- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ProtocolTracer.java +++ b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ProtocolTracer.java @@ -30,6 +30,10 @@ public interface ProtocolTracer { public void receivedFrame(TransportFrame transportFrame); public void sentFrame(TransportFrame transportFrame); + default void receivedSaslBody(SaslFrameBody saslFrameBody) {} default void sentSaslBody(SaslFrameBody saslFrameBody) {} + +default void receivedHeader(String header) {} +default void sentHeader(String header) {} } diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/SaslFrameParser.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/SaslFrameParser.java index a6f75d5..141ec31 100644 --- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/SaslFrameParser.java +++ b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/SaslFrameParser.java @@ -33,6 +33,8 @@ import org.apache.qpid.proton.engine.TransportException; class SaslFrameParser { +private static final String