Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for specifying SecureRandom in SSLContext initialization #14058

Merged
merged 7 commits into from
May 22, 2024
Merged

Add support for specifying SecureRandom in SSLContext initialization #14058

merged 7 commits into from
May 22, 2024

Conversation

thxwelchs
Copy link
Sponsor Contributor

@thxwelchs thxwelchs commented May 19, 2024
edited

Motivation:

Enhance security by supporting specific secure randomness source in SSLContext initialization

Modification:

Support building SecureRandom in SslContextBuilder.
Allow passing SecureRandom as a parameter when creating an instance of JdkSslServerContext through its constructor.

Result:

Enhance security

Fixes #14026

@thxwelchs thxwelchs mentioned this pull request May 19, 2024
Closed
chrisvest
chrisvest reviewed May 20, 2024
View reviewed changes
handler/src/main/java/io/netty/handler/ssl/SslContextBuilder.java Outdated
Comment on lines 605 to 606
/**
* @param secureRandom the source of randomness for SslContext
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
/**
* @param secureRandom the source of randomness for SslContext
/**
* Specify a non-default source of randomness for the {@link SSLContext}.
* <p>
* In general, the best practice is to leave this unspecified, or to assign a new random source using the
* default {@code new SecureRandom()} constructor.
* Only assign this something when you have a good reason to.
*
* @param secureRandom the source of randomness for {@link SSLContext}

Copy link
Sponsor Contributor Author

@thxwelchs thxwelchs May 21, 2024
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this explanation is very good. 56bee2e

My understanding is that this is only used in the JDK SslProvider (JdkSslServerContext JdkSslClientContext), is that correct? If so, what do you think about adding this to the comments?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@thxwelchs please add this.

Copy link
Sponsor Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added!
4408ced

netty/handler/src/main/java/io/netty/handler/ssl/SslContextBuilder.java

Lines 606 to 612 in 047d95a

* Specify a non-default source of randomness for the {@link JdkSslContext}
* <p>
* In general, the best practice is to leave this unspecified, or to assign a new random source using the
* default {@code new SecureRandom()} constructor.
* Only assign this something when you have a good reason to.
*
* @param secureRandom the source of randomness for {@link JdkSslContext}

handler/src/test/java/io/netty/handler/ssl/SslContextBuilderTest.java Outdated Show resolved Hide resolved
@chrisvest
Copy link
Contributor

The JDK 17+ builds are actually failing on the new test, because Mockito can't mock SecureRandom:

2024-05-19T13:06:51.4838344Z [ERROR] Tests run: 19, Failures: 0, Errors: 1, Skipped: 3, Time elapsed: 2.26 s <<< FAILURE! - in io.netty.handler.ssl.SslContextBuilderTest
2024-05-19T13:06:51.4839796Z [ERROR] testSecureRandom  Time elapsed: 0.028 s  <<< ERROR!
2024-05-19T13:06:51.4840598Z org.mockito.exceptions.base.MockitoException: 
2024-05-19T13:06:51.4841009Z 
2024-05-19T13:06:51.4841246Z Mockito cannot mock this class: class java.security.SecureRandom.
2024-05-19T13:06:51.4841615Z 
2024-05-19T13:06:51.4841867Z Mockito can only mock non-private & non-final classes.
2024-05-19T13:06:51.4842542Z If you're not sure why you're getting this error, please report to the mailing list.
2024-05-19T13:06:51.4842983Z 
2024-05-19T13:06:51.4842987Z 
2024-05-19T13:06:51.4843086Z Java               : 21
2024-05-19T13:06:51.4843376Z JVM vendor name    : Azul Systems, Inc.
2024-05-19T13:06:51.4843768Z JVM vendor version : 21.0.2+13-LTS
2024-05-19T13:06:51.4844182Z JVM name           : OpenJDK 64-Bit Server VM
2024-05-19T13:06:51.4844591Z JVM version        : 21.0.2+13-LTS
2024-05-19T13:06:51.4844923Z JVM info           : mixed mode, sharing
2024-05-19T13:06:51.4845265Z OS name            : Linux
2024-05-19T13:06:51.4845583Z OS version         : 6.5.0-1021-azure
2024-05-19T13:06:51.4845807Z 
2024-05-19T13:06:51.4845812Z 
2024-05-19T13:06:51.4846818Z Underlying exception : java.lang.IllegalStateException: Cannot access annotation property public abstract boolean jdk.internal.util.random.RandomSupport$RandomGeneratorProperties.isStochastic()
2024-05-19T13:06:51.4848201Z 	at io.netty.handler.ssl.SslContextBuilderTest.testSecureRandom(SslContextBuilderTest.java:251)
2024-05-19T13:06:51.4849195Z 	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
2024-05-19T13:06:51.4849991Z 	at java.base/java.lang.reflect.Method.invoke(Method.java:580)
2024-05-19T13:06:51.4850882Z 	at org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:727)
2024-05-19T13:06:51.4851763Z 	at org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60)
2024-05-19T13:06:51.4852845Z 	at org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:131)
2024-05-19T13:06:51.4854285Z 	at org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:156)
2024-05-19T13:06:51.4855295Z 	at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:147)
2024-05-19T13:06:51.4856343Z 	at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:86)
2024-05-19T13:06:51.4857620Z 	at org.junit.jupiter.engine.execution.InterceptingExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(InterceptingExecutableInvoker.java:103)
2024-05-19T13:06:51.4859229Z 	at org.junit.jupiter.engine.execution.InterceptingExecutableInvoker.lambda$invoke$0(InterceptingExecutableInvoker.java:93)
2024-05-19T13:06:51.4860494Z 	at org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:106)
2024-05-19T13:06:51.4861693Z 	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:64)
2024-05-19T13:06:51.4862833Z 	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:45)
2024-05-19T13:06:51.4863966Z 	at org.junit.jupiter.engine.execution.InvocationInterceptorChain.invoke(InvocationInterceptorChain.java:37)
2024-05-19T13:06:51.4865073Z 	at org.junit.jupiter.engine.execution.InterceptingExecutableInvoker.invoke(InterceptingExecutableInvoker.java:92)
2024-05-19T13:06:51.4866218Z 	at org.junit.jupiter.engine.execution.InterceptingExecutableInvoker.invoke(InterceptingExecutableInvoker.java:86)
2024-05-19T13:06:51.4867409Z 	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$7(TestMethodTestDescriptor.java:217)
2024-05-19T13:06:51.4868550Z 	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
2024-05-19T13:06:51.4869680Z 	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.invokeTestMethod(TestMethodTestDescriptor.java:213)
2024-05-19T13:06:51.4870815Z 	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:138)
2024-05-19T13:06:51.4871885Z 	at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:68)
2024-05-19T13:06:51.4872977Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$6(NodeTestTask.java:151)
2024-05-19T13:06:51.4874065Z 	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
2024-05-19T13:06:51.4875151Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:141)
2024-05-19T13:06:51.4876077Z 	at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
2024-05-19T13:06:51.4877005Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$9(NodeTestTask.java:139)
2024-05-19T13:06:51.4878098Z 	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
2024-05-19T13:06:51.4879317Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:138)
2024-05-19T13:06:51.4880314Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:95)
2024-05-19T13:06:51.4881058Z 	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
2024-05-19T13:06:51.4882156Z 	at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.invokeAll(SameThreadHierarchicalTestExecutorService.java:41)
2024-05-19T13:06:51.4883674Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$6(NodeTestTask.java:155)
2024-05-19T13:06:51.4884810Z 	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
2024-05-19T13:06:51.4885903Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:141)
2024-05-19T13:06:51.4886910Z 	at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
2024-05-19T13:06:51.4887841Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$9(NodeTestTask.java:139)
2024-05-19T13:06:51.4888927Z 	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
2024-05-19T13:06:51.4889985Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:138)
2024-05-19T13:06:51.4890979Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:95)
2024-05-19T13:06:51.4891719Z 	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
2024-05-19T13:06:51.4892834Z 	at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.invokeAll(SameThreadHierarchicalTestExecutorService.java:41)
2024-05-19T13:06:51.4894491Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$6(NodeTestTask.java:155)
2024-05-19T13:06:51.4895596Z 	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
2024-05-19T13:06:51.4896680Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:141)
2024-05-19T13:06:51.4897610Z 	at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
2024-05-19T13:06:51.4898536Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$9(NodeTestTask.java:139)
2024-05-19T13:06:51.4899617Z 	at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
2024-05-19T13:06:51.4900696Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:138)
2024-05-19T13:06:51.4901688Z 	at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:95)
2024-05-19T13:06:51.4902949Z 	at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.submit(SameThreadHierarchicalTestExecutorService.java:35)
2024-05-19T13:06:51.4904341Z 	at org.junit.platform.engine.support.hierarchical.HierarchicalTestExecutor.execute(HierarchicalTestExecutor.java:57)
2024-05-19T13:06:51.4905504Z 	at org.junit.platform.engine.support.hierarchical.HierarchicalTestEngine.execute(HierarchicalTestEngine.java:54)
2024-05-19T13:06:51.4906497Z 	at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:220)
2024-05-19T13:06:51.4907368Z 	at org.junit.platform.launcher.core.DefaultLauncher.lambda$execute$6(DefaultLauncher.java:188)
2024-05-19T13:06:51.4908326Z 	at org.junit.platform.launcher.core.DefaultLauncher.withInterceptedStreams(DefaultLauncher.java:202)
2024-05-19T13:06:51.4909242Z 	at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:181)
2024-05-19T13:06:51.4910060Z 	at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:128)
2024-05-19T13:06:51.4911034Z 	at org.apache.maven.surefire.junitplatform.JUnitPlatformProvider.invokeAllTests(JUnitPlatformProvider.java:150)
2024-05-19T13:06:51.4912255Z 	at org.apache.maven.surefire.junitplatform.JUnitPlatformProvider.invoke(JUnitPlatformProvider.java:124)
2024-05-19T13:06:51.4913311Z 	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:384)
2024-05-19T13:06:51.4914276Z 	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:345)
2024-05-19T13:06:51.4915109Z 	at org.apache.maven.surefire.booter.ForkedBooter.execute(ForkedBooter.java:126)
2024-05-19T13:06:51.4916007Z 	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:418)
2024-05-19T13:06:51.4917229Z Caused by: java.lang.IllegalStateException: Cannot access annotation property public abstract boolean jdk.internal.util.random.RandomSupport$RandomGeneratorProperties.isStochastic()
2024-05-19T13:06:51.4918676Z 	at net.bytebuddy.description.annotation.AnnotationDescription$ForLoadedAnnotation.getValue(AnnotationDescription.java:677)
2024-05-19T13:06:51.4919850Z 	at net.bytebuddy.implementation.attribute.AnnotationAppender$Default.handle(AnnotationAppender.java:232)
2024-05-19T13:06:51.4920869Z 	at net.bytebuddy.implementation.attribute.AnnotationAppender$Default.doAppend(AnnotationAppender.java:291)
2024-05-19T13:06:51.4921894Z 	at net.bytebuddy.implementation.attribute.AnnotationAppender$Default.append(AnnotationAppender.java:270)
2024-05-19T13:06:51.4922985Z 	at net.bytebuddy.implementation.attribute.TypeAttributeAppender$ForInstrumentedType.apply(TypeAttributeAppender.java:74)
2024-05-19T13:06:51.4924005Z 	at net.bytebuddy.dynamic.scaffold.TypeWriter$Default$ForCreation.create(TypeWriter.java:4153)
2024-05-19T13:06:51.4924808Z 	at net.bytebuddy.dynamic.scaffold.TypeWriter$Default.make(TypeWriter.java:1634)
2024-05-19T13:06:51.4925752Z 	at net.bytebuddy.dynamic.scaffold.subclass.SubclassDynamicTypeBuilder.make(SubclassDynamicTypeBuilder.java:174)
2024-05-19T13:06:51.4927073Z 	at net.bytebuddy.dynamic.scaffold.subclass.SubclassDynamicTypeBuilder.make(SubclassDynamicTypeBuilder.java:155)
2024-05-19T13:06:51.4928026Z 	at net.bytebuddy.dynamic.DynamicType$Builder$AbstractBase.make(DynamicType.java:2669)
2024-05-19T13:06:51.4929006Z 	at org.mockito.internal.creation.bytebuddy.SubclassBytecodeGenerator.mockClass(SubclassBytecodeGenerator.java:123)
2024-05-19T13:06:51.4930152Z 	at org.mockito.internal.creation.bytebuddy.TypeCachingBytecodeGenerator$1.call(TypeCachingBytecodeGenerator.java:37)
2024-05-19T13:06:51.4931308Z 	at org.mockito.internal.creation.bytebuddy.TypeCachingBytecodeGenerator$1.call(TypeCachingBytecodeGenerator.java:34)
2024-05-19T13:06:51.4932165Z 	at net.bytebuddy.TypeCache.findOrInsert(TypeCache.java:137)
2024-05-19T13:06:51.4932810Z 	at net.bytebuddy.TypeCache$WithInlineExpunction.findOrInsert(TypeCache.java:344)
2024-05-19T13:06:51.4933648Z 	at net.bytebuddy.TypeCache.findOrInsert(TypeCache.java:159)
2024-05-19T13:06:51.4934356Z 	at net.bytebuddy.TypeCache$WithInlineExpunction.findOrInsert(TypeCache.java:353)
2024-05-19T13:06:51.4935341Z 	at org.mockito.internal.creation.bytebuddy.TypeCachingBytecodeGenerator.mockClass(TypeCachingBytecodeGenerator.java:32)
2024-05-19T13:06:51.4936590Z 	at org.mockito.internal.creation.bytebuddy.SubclassByteBuddyMockMaker.createMockType(SubclassByteBuddyMockMaker.java:71)
2024-05-19T13:06:51.4937799Z 	at org.mockito.internal.creation.bytebuddy.SubclassByteBuddyMockMaker.createMock(SubclassByteBuddyMockMaker.java:42)
2024-05-19T13:06:51.4938899Z 	at org.mockito.internal.creation.bytebuddy.ByteBuddyMockMaker.createMock(ByteBuddyMockMaker.java:25)
2024-05-19T13:06:51.4939722Z 	at org.mockito.internal.util.MockUtil.createMock(MockUtil.java:35)
2024-05-19T13:06:51.4940324Z 	at org.mockito.internal.MockitoCore.mock(MockitoCore.java:65)
2024-05-19T13:06:51.4940818Z 	at org.mockito.Mockito.mock(Mockito.java:1875)
2024-05-19T13:06:51.4941232Z 	at org.mockito.Mockito.mock(Mockito.java:1784)
2024-05-19T13:06:51.4941587Z 	... 64 more
2024-05-19T13:06:51.4943246Z Caused by: java.lang.IllegalAccessException: class net.bytebuddy.description.annotation.AnnotationDescription$ForLoadedAnnotation cannot access interface jdk.internal.util.random.RandomSupport$RandomGeneratorProperties (in module java.base) because module java.base does not export jdk.internal.util.random to unnamed module @3abbfa04
2024-05-19T13:06:51.4945370Z 	at java.base/jdk.internal.reflect.Reflection.newIllegalAccessException(Reflection.java:394)
2024-05-19T13:06:51.4946225Z 	at java.base/java.lang.reflect.AccessibleObject.checkAccess(AccessibleObject.java:714)
2024-05-19T13:06:51.4946930Z 	at java.base/java.lang.reflect.Method.invoke(Method.java:571)
2024-05-19T13:06:51.4947951Z 	at net.bytebuddy.description.annotation.AnnotationDescription$ForLoadedAnnotation.getValue(AnnotationDescription.java:673)
2024-05-19T13:06:51.4948701Z 	... 88 more

chrisvest
chrisvest requested changes May 20, 2024
View reviewed changes
Copy link
Contributor

@chrisvest chrisvest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Avoid mocking SecureRandom

@thxwelchs thxwelchs force-pushed the support-build-sslContext-secureRandom branch from 939a083 to 608bf20 Compare May 21, 2024 07:48
@normanmaurer normanmaurer added this to the 4.1.110.Final milestone May 21, 2024
chrisvest
chrisvest approved these changes May 21, 2024
View reviewed changes
Copy link
Contributor

@chrisvest chrisvest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two small comments, but otherwise looks good

handler/src/main/java/io/netty/handler/ssl/SslContextBuilder.java Outdated
Comment on lines 603 to 604
}
/**
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
}
/**
}
/**

Copy link
Sponsor Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed!

047d95a

handler/src/test/java/io/netty/handler/ssl/SslContextBuilderTest.java Outdated
@@ -20,6 +20,7 @@
import io.netty.util.CharsetUtil;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.function.Executable;
import org.mockito.Mockito;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
import org.mockito.Mockito;

We don't need to import mockito anymore

Copy link
Sponsor Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed!

525fa19

@thxwelchs
Copy link
Sponsor Contributor Author

thxwelchs commented May 22, 2024
edited

Two small comments, but otherwise looks good

@chrisvest @normanmaurer
JdkSslClientContext also added support for SecureRandom constructor

4408ced

@normanmaurer normanmaurer merged commit ebf0e41 into netty:4.1 May 22, 2024
17 checks passed
@normanmaurer
Copy link
Member

@thxwelchs thanks a lot!

normanmaurer added a commit that referenced this pull request May 22, 2024
@thxwelchs @normanmaurer
Add support for specifying SecureRandom in SSLContext initialization (#…
9841b19 
…14058)

Motivation:

Enhance security by supporting specific secure randomness source in
SSLContext initialization

Modification:

Support building SecureRandom in `SslContextBuilder`.
Allow passing SecureRandom as a parameter when creating an instance of
`JdkSslServerContext` through its constructor.

Result:

Enhance security

Fixes #14026

---------

Co-authored-by: Norman Maurer <norman_maurer@apple.com>
normanmaurer added a commit that referenced this pull request May 22, 2024
@thxwelchs @normanmaurer
Add support for specifying SecureRandom in SSLContext initialization (#…
f3ff91c 
…14058)

Motivation:

Enhance security by supporting specific secure randomness source in
SSLContext initialization

Modification:

Support building SecureRandom in `SslContextBuilder`.
Allow passing SecureRandom as a parameter when creating an instance of
`JdkSslServerContext` through its constructor.

Result:

Enhance security

Fixes #14026

---------

Co-authored-by: Norman Maurer <norman_maurer@apple.com>
@panbingkun panbingkun mentioned this pull request May 26, 2024
Closed
LuciferYang pushed a commit to apache/spark that referenced this pull request May 28, 2024
@panbingkun @LuciferYang
[SPARK-48420][BUILD] Upgrade netty to 4.1.110.Final
a88cc1a 
### What changes were proposed in this pull request?
The pr aims to upgrade `netty` from `4.1.109.Final` to `4.1.110.Final`.

### Why are the changes needed?
- https://netty.io/news/2024/05/22/4-1-110-Final.html
  This version has brought some bug fixes and improvements, such as:
  Fix Zstd throws Exception on read-only volumes (netty/netty#13982)
  Add unix domain socket transport in netty 4.x via JDK16+ ([#13965](netty/netty#13965))
  Backport #13075: Add the AdaptivePoolingAllocator ([#13976](netty/netty#13976))
  Add no-value key handling only for form body ([#13998](netty/netty#13998))
  Add support for specifying SecureRandom in SSLContext initialization ([#14058](netty/netty#14058))

- https://github.com/netty/netty/issues?q=milestone%3A4.1.110.Final+is%3Aclosed

### Does this PR introduce _any_ user-facing change?
No.

### How was this patch tested?
Pass GA.

### Was this patch authored or co-authored using generative AI tooling?
No.

Closes #46744 from panbingkun/SPARK-48420.

Authored-by: panbingkun <panbingkun@baidu.com>
Signed-off-by: yangjie01 <yangjie01@baidu.com>
riyaverm-db pushed a commit to riyaverm-db/spark that referenced this pull request Jun 7, 2024
@panbingkun @riyaverm-db
[SPARK-48420][BUILD] Upgrade netty to 4.1.110.Final
6def306 
### What changes were proposed in this pull request?
The pr aims to upgrade `netty` from `4.1.109.Final` to `4.1.110.Final`.

### Why are the changes needed?
- https://netty.io/news/2024/05/22/4-1-110-Final.html
  This version has brought some bug fixes and improvements, such as:
  Fix Zstd throws Exception on read-only volumes (netty/netty#13982)
  Add unix domain socket transport in netty 4.x via JDK16+ ([apache#13965](netty/netty#13965))
  Backport apache#13075: Add the AdaptivePoolingAllocator ([apache#13976](netty/netty#13976))
  Add no-value key handling only for form body ([apache#13998](netty/netty#13998))
  Add support for specifying SecureRandom in SSLContext initialization ([apache#14058](netty/netty#14058))

- https://github.com/netty/netty/issues?q=milestone%3A4.1.110.Final+is%3Aclosed

### Does this PR introduce _any_ user-facing change?
No.

### How was this patch tested?
Pass GA.

### Was this patch authored or co-authored using generative AI tooling?
No.

Closes apache#46744 from panbingkun/SPARK-48420.

Authored-by: panbingkun <panbingkun@baidu.com>
Signed-off-by: yangjie01 <yangjie01@baidu.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chrisvest chrisvest chrisvest approved these changes

@normanmaurer normanmaurer normanmaurer approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
4.1.110.Final
Development

Successfully merging this pull request may close these issues.

A suggestion about specifying a source of secure randomness for better security
3 participants
@thxwelchs @chrisvest @normanmaurer