Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WFCORE-6024]Upgrade Undertow to 2.2.19.Final (fixes CVE-2022-1319, CVE-2022-2053) #5170

Merged
merged 1 commit into from
Aug 14, 2022
Merged

[WFCORE-6024]Upgrade Undertow to 2.2.19.Final (fixes CVE-2022-1319, CVE-2022-2053) #5170

merged 1 commit into from
Aug 14, 2022

Conversation

fl4via
Copy link
Contributor

@fl4via fl4via commented Aug 11, 2022

Signed-off-by: Flavia Rainone frainone@redhat.com

Jira: https://issues.redhat.com/browse/WFCORE-6024
Main PR: #5169

    Release Notes - Undertow - Version 2.2.19.Final

Bug

  • [UNDERTOW-1790] - UT000010: Session is invalid due to concurrent calls changeSessionId() calls on same session
  • [UNDERTOW-1900] - InMemorySessionManager#SessionImpl.changeSessionId does not check if session exist before replacing
  • [UNDERTOW-1934] - onClose not called when network drops
  • [UNDERTOW-1997] - SecurityPathMatches fails to match default path ('/')
  • [UNDERTOW-2031] - protocol error with HTTP/2 and Expect: 100-continue
  • [UNDERTOW-2064] - Revert HTTP2 Fix for UT005085, it is causing issues with WildFly HTTP Client
  • [UNDERTOW-2083] - bad read timeout message
  • [UNDERTOW-2112] - Client Cert Renegotiation Test Case is failing
  • [UNDERTOW-2113] - Read Timeout Test Case Fail on Windows with JDK17 due to different exception message
  • [UNDERTOW-2116] - ServletOutputStreamImpl incorrectly sets Content-Length to 0
  • [UNDERTOW-2124] - ProgramaticLazyEndpointTest and BinaryEndpointTest failures with JDK-17
  • [UNDERTOW-2125] - ReadTimeoutStreamSourceConduit expires when connection is closed
  • [UNDERTOW-2130] - Classes with annotation RunWith are triggered as TestCase.
  • [UNDERTOW-2133] - CVE-2022-2053: Large AJP request may cause DoS
  • [UNDERTOW-2135] - Properly handle HTTP Continue with HTTP2 upgrade

Task

  • [UNDERTOW-2063] - Review fix for UT005085, it is causing RST messages to be sent to client sometimes

@fl4via
[WFCORE-6024]Upgrade Undertow to 2.2.19.Final
8419a26 
Signed-off-by: Flavia Rainone <frainone@redhat.com>
@fl4via fl4via mentioned this pull request Aug 11, 2022
Merged
@yersan yersan added the 18.x PRs meant for 18.x (corresponding to WildFly 26.x) label Aug 11, 2022
@wildfly-ci
Copy link

Core - Full Integration Build 10991 outcome was FAILURE using a merge of 8419a26
Summary: Tests failed: 2 (2 new), passed: 4124, ignored: 41 Build time: 01:48:06

Failed tests

org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.testSendMessageInClientQueue: java.util.concurrent.TimeoutException
	at java.util.concurrent.FutureTask.get(FutureTask.java:205)
	at org.jboss.as.test.integration.common.HttpRequest.execute(HttpRequest.java:52)
	at org.jboss.as.test.integration.common.HttpRequest.get(HttpRequest.java:82)
	at org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.sendAndReceiveMessage(DiscoveryGroupExternalMessagingDeploymentTestCase.java:269)
	at org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.testSendMessageInClientQueue(DiscoveryGroupExternalMessagingDeploymentTestCase.java:257)
------- Stdout: -------
 [0m08:17:47,271 INFO  [org.wildfly.extension.messaging-activemq] (MSC service thread 1-2) WFLYMSGAMQ0006: Unbound messaging object to jndi name java:/ConnectionFactory
 [0m [0m08:17:47,271 INFO  [org.jboss.as.connector.deployment] (MSC service thread 1-2) WFLYJCA0119: Unbinding connection factory named java:/JmsXA to alias java:jboss/DefaultJMSConnectionFactory
 [0m [0m08:17:47,272 INFO  [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-2) WFLYJCA0010: Unbound data source [java:jboss/datasources/ExampleDS]
 [0m [0m08:17:47,272 INFO  [org.jboss.as.connector.deployment] (MSC service thread 1-2) WFLYJCA0011: Unbound Jakarta Connectors ConnectionFactory [java:/JmsXA]
 [0m [0m08:17:47,272 INFO  [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-8) WFLYJCA0019: Stopped Driver service with driver-name = h2
 [0m [0m08:17:47,274 INFO  [org.wildfly.extension.messaging-activemq] (MSC service thread 1-1) WFLYMSGAMQ0006: Unbound messaging object to jndi name java:jboss/exported/jms/RemoteConnectionFactory
 [0m [0m08:17:47,274 INFO  [org.jboss.as.server.deployment] (MSC service thread 1-8) WFLYSRV0028: Stopped deployment arquillian-service (runtime-name: arquillian-service) in 13ms
 [0m [0m08:17:47,275 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-7) WFLYUT0019: Host default-host stopping
 [0m [0m08:17:47,275 INFO  [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 27) WFLYCLINF0003: Stopped http-remoting-connector cache from ejb container
 [0m [0m08:17:47,287 INFO  [org.apache.activemq.artemis.ra.ActiveMQRALogger] (ServerService Thread Pool -- 26) AMQ151003: resource adaptor stopped
 [0m [0m08:17:47,429 INFO  [org.apache.activemq.artemis.core.server] (ServerService Thread Pool -- 26) AMQ221002: Apache ActiveMQ Artemis Message Broker version 2.19.1 [e0f2d450-194d-11ed-acd6-525400f4d74e] stopped, uptime 2.672 seconds
 [0m [0m08:17:47,432 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0008: Undertow HTTP listener default suspending
 [0m [0m08:17:47,432 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-1) WFLYUT0007: Undertow HTTP listener default stopped, was bound to [::1]:8080
 [0m [0m08:17:47,433 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-6) WFLYUT0004: Undertow 2.2.19.Final stopping
 [0m [0m08:17:47,447 INFO  [org.jboss.as] (MSC service thread 1-8) WFLYSRV0050: Test 26.1.2.Final-SNAPSHOT (WildFly Core 18.1.2.Final-SNAPSHOT) stopped in 186ms
 [0m [0m08:17:47,448 INFO  [org.jboss.as] (MSC service thread 1-5) WFLYSRV0049: Test 26.1.2.Final-SNAPSHOT (WildFly Core 18.1.2.Final-SNAPSHOT) starting
 [0m [0m08:17:47,510 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http)
 [0m [0m08:17:47,515 INFO  [org.jboss.as.patching] (MSC service thread 1-8) WFLYPAT0050: Test cumulative patch ID is: base, one-off patches include: none
 [0m [33m08:17:47,531 WARN  [org.wildfly.extension.elytron] (MSC service thread 1-5) WFLYELY00023: KeyStore file '/opt/buildAgent/work/ce8f2f3320903e86/full/testsuite/integration/basic/target/wildfly-ejb-embedded-broker/standalone/configuration/application.keystore' does not exist. Used blank.
 [0m [33m08:17:47,531 WARN  [org.wildfly.extension.elytron] (MSC service thread 1-5) WFLYELY01084: KeyStore /opt/buildAgent/work/ce8f2f3320903e86/full/testsuite/integration/basic/target/wildfly-ejb-embedded-broker/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self-signed certificate for host localhost
 [0m [33m08:17:47,533 WARN  [org.jboss.as.domain.http.api.undertow] (MSC service thread 1-5) WFLYDMHTTP0003: Unable to load console module for slot main, disabling console
 [0m [0m08:17:47,553 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
 [0m [0m08:17:47,553 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: Test 26.1.2.Final-SNAPSHOT (WildFly Core 18.1.2.Final-SNAPSHOT) started in 104ms - Started 71 of 82 services (25 services are lazy, passive or on-demand) - Server configuration file in use: standalone.xml
 [0m [0m08:17:47,554 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://[::1]:9990/management
 [0m [0m08:17:47,554 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0054: Admin console is not enabled
 [0m [0m08:17:47,761 INFO  [org.jboss.as] (MSC service thread 1-5) WFLYSRV0050: Test 26.1.2.Final-SNAPSHOT (WildFly Core 18.1.2.Final-SNAPSHOT) stopped in 7ms
 [0m [0m08:17:47,762 INFO  [org.jboss.as] (MSC service thread 1-8) WFLYSRV0049: Test 26.1.2.Final-SNAPSHOT (WildFly Core 18.1.2.Final-SNAPSHOT) starting
 [0m [0m08:17:47,856 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http)
 [0m [0m08:17:47,893 INFO  [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 32) WFLYJCA0004: Deploying JDBC-compliant driver class org.h2.Driver (version 1.4)
 [0m [0m08:17:47,916 INFO  [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 40) WFLYCLINF0001: Activating Infinispan subsystem.
 [0m [0m08:17:47,918 INFO  [org.wildfly.extension.io] (ServerService Thread Pool -- 41) WFLYIO001: Worker 'default' has auto-configured to 8 IO threads with 64 max task threads based on your 4 available processors
 [0m [0m08:17:47,919 INFO  [org.jboss.as.ejb3] (MSC service thread 1-1) WFLYEJB0481: Strict pool slsb-strict-max-pool is using a max instance size of 64 (per class), which is derived from thread worker pool sizing.
 [0m [0m08:17:47,920 INFO  [org.jboss.as.ejb3] (MSC service thread 1-1) WFLYEJB0482: Strict pool mdb-strict-max-pool is using a max instance size of 16 (per class), which is derived from the number of CPUs on this host.
 [0m [0m08:17:47,925 INFO  [org.wildfly.extension.health] (ServerService Thread Pool -- 39) WFLYHEALTH0001: Activating Base Health Subsystem
 [0m [0m08:17:47,927 INFO  [org.jboss.as.connector] (MSC service thread 1-1) WFLYJCA0009: Starting Jakarta Connectors Subsystem (WildFly/IronJacamar 1.5.3.Final)
 [0m [0m08:17:47,935 INFO  [org.jboss.as.jaxrs] (ServerService Thread Pool -- 42) WFLYRS0016: RESTEasy version 4.7.6.Final
 [0m [0m08:17:47,936 INFO  [org.wildfly.extension.metrics] (ServerService Thread Pool -- 47) WFLYMETRICS0001: Activating Base Metrics Subsystem
 [0m [0m08:17:47,943 INFO  [org.jboss.as.naming] (ServerService Thread Pool -- 48) WFLYNAM0001: Activating Naming Subsystem
 [0m [0m08:17:47,945 INFO  [org.wildfly.extension.messaging-activemq] (ServerService Thread Pool -- 46) WFLYMSGAMQ0002: Bound messaging object to jndi name java:/jms/DependentMessagingDeploymentTestCase/myQueue
 [0m [0m08:17:47,945 INFO  [org.wildfly.extension.messaging-activemq] (ServerService Thread Pool -- 46) WFLYMSGAMQ0002: Bound messaging object to jndi name /topic/myAwesomeClientQueue
 [0m [0m08:17:47,947 INFO  [org.wildfly.extension.messaging-activemq] (ServerService Thread Pool -- 46) WFLYMSGAMQ0002: Bound messaging object to jndi name java:/jms/DependentMessagingDeploymentTestCase/myTopic
 [0m [0m08:17:47,947 INFO  [org.wildfly.extension.messaging-activemq] (ServerService Thread Pool -- 46) WFLYMSGAMQ0002: Bound messaging object to jndi name /topic/myAwesomeClientTopic
 [0m [0m08:17:47,953 INFO  [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-4) WFLYJCA0018: Started Driver service with driver-name = h2
 [0m [33m08:17:47,953 WARN  [org.wildfly.extension.elytron] (MSC service thread 1-5) WFLYELY00023: KeyStore file '/opt/buildAgent/work/ce8f2f3320903e86/full/testsuite/integration/basic/target/wildfly-ejb-embedded-broker/standalone/configuration/application.keystore' does not exist. Used blank.


org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.testSendMessageInClientTopic: java.util.concurrent.TimeoutException
	at java.util.concurrent.FutureTask.get(FutureTask.java:205)
	at org.jboss.as.test.integration.common.HttpRequest.execute(HttpRequest.java:52)
	at org.jboss.as.test.integration.common.HttpRequest.get(HttpRequest.java:82)
	at org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.sendAndReceiveMessage(DiscoveryGroupExternalMessagingDeploymentTestCase.java:269)
	at org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.testSendMessageInClientTopic(DiscoveryGroupExternalMessagingDeploymentTestCase.java:262)
------- Stdout: -------
 [33m08:18:48,505 WARN  [org.jboss.jca.core.connectionmanager.pool.strategy.PoolByCri] (default task-1) IJ000604: Throwable while attempting to get a new connection: null: javax.resource.ResourceException: Failed to create session factory
	at org.apache.activemq.artemis.ra.ActiveMQRAManagedConnection.setup(ActiveMQRAManagedConnection.java:778)
	at org.apache.activemq.artemis.ra.ActiveMQRAManagedConnection.<init>(ActiveMQRAManagedConnection.java:161)
	at org.apache.activemq.artemis.ra.ActiveMQRAManagedConnectionFactory.createManagedConnection(ActiveMQRAManagedConnectionFactory.java:152)
	at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1328)
	at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:505)
	at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:640)
	at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:605)
	at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
	at org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:440)
	at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
	at org.apache.activemq.artemis.ra.ActiveMQRASessionFactoryImpl.allocateConnection(ActiveMQRASessionFactoryImpl.java:867)
	at org.apache.activemq.artemis.ra.ActiveMQRASessionFactoryImpl.createSession(ActiveMQRASessionFactoryImpl.java:526)
	at org.apache.activemq.artemis.ra.ActiveMQRASessionFactoryImpl.createSession(ActiveMQRASessionFactoryImpl.java:741)
	at org.apache.activemq.artemis.ra.ActiveMQRASessionFactoryImpl.createSession(ActiveMQRASessionFactoryImpl.java:746)
	at org.apache.activemq.artemis.ra.ActiveMQRAConnectionFactoryImpl.validateUser(ActiveMQRAConnectionFactoryImpl.java:474)
	at org.apache.activemq.artemis.ra.ActiveMQRAConnectionFactoryImpl.createContext(ActiveMQRAConnectionFactoryImpl.java:431)
	at org.wildfly.extension.messaging.activemq.deployment.injection.AbstractJMSContext.createContext(AbstractJMSContext.java:60)
	at org.wildfly.extension.messaging.activemq.deployment.injection.AbstractJMSContext.lambda$getContext$0(AbstractJMSContext.java:47)
	at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1660)
	at org.wildfly.extension.messaging.activemq.deployment.injection.AbstractJMSContext.getContext(AbstractJMSContext.java:46)
	at org.jboss.weld.bean.proxy.AbstractBeanInstance.invoke(AbstractBeanInstance.java:38)
	at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106)
	at org.wildfly.extension.messaging.activemq.deployment.injection.RequestedJMSContext$Proxy$_$$_WeldClientProxy.getContext(Unknown Source)
	at org.wildfly.extension.messaging.activemq.deployment.injection.InjectedJMSContext.getDelegate(InjectedJMSContext.java:92)
	at org.wildfly.extension.messaging.activemq.deployment.injection.JMSContextWrapper.createTemporaryQueue(JMSContextWrapper.java:252)
	at org.jboss.as.test.integration.messaging.jms.external.MessagingServlet.sendAndReceiveMessage(MessagingServlet.java:76)
	at org.jboss.as.test.integration.messaging.jms.external.MessagingServlet.doGet(MessagingServlet.java:71)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:503)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
	at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
	at org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.lambda$handleRequest$1(ElytronRunAsHandler.java:68)
	at org.wildfly.security.auth.server.FlexibleIdentityAssociation.runAsFunctionEx(FlexibleIdentityAssociation.java:103)
	at org.wildfly.security.auth.server.Scoped.runAsFunctionEx(Scoped.java:161)
	at org.wildfly.security.auth.server.Scoped.runAs(Scoped.java:73)
	at org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.handleRequest(ElytronRunAsHandler.java:67)
	at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117)
	at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)

@wildfly-ci
Copy link

Core - Full Integration Build 11097 outcome was FAILURE using a merge of 8419a26
Summary: Tests failed: 2 (2 new), passed: 7247, ignored: 150 Build time: 03:28:46

Failed tests

org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.testSendMessageInClientQueue: java.util.concurrent.TimeoutException
	at java.util.concurrent.FutureTask.get(FutureTask.java:205)
	at org.jboss.as.test.integration.common.HttpRequest.execute(HttpRequest.java:52)
	at org.jboss.as.test.integration.common.HttpRequest.get(HttpRequest.java:82)
	at org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.sendAndReceiveMessage(DiscoveryGroupExternalMessagingDeploymentTestCase.java:269)
	at org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.testSendMessageInClientQueue(DiscoveryGroupExternalMessagingDeploymentTestCase.java:257)
------- Stdout: -------
 [0m08:13:35,547 INFO  [org.jboss.as.mail.extension] (MSC service thread 1-1) WFLYMAIL0002: Unbound mail session [java:jboss/mail/Default]
 [0m [0m08:13:35,547 INFO  [org.wildfly.extension.messaging-activemq] (MSC service thread 1-1) WFLYMSGAMQ0006: Unbound messaging object to jndi name java:/ConnectionFactory
 [0m [0m08:13:35,547 INFO  [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-7) WFLYJCA0010: Unbound data source [java:jboss/datasources/ExampleDS]
 [0m [0m08:13:35,547 INFO  [org.jboss.as.connector.deployment] (MSC service thread 1-8) WFLYJCA0119: Unbinding connection factory named java:/JmsXA to alias java:jboss/DefaultJMSConnectionFactory
 [0m [0m08:13:35,548 INFO  [org.jboss.as.connector.deployment] (MSC service thread 1-8) WFLYJCA0011: Unbound Jakarta Connectors ConnectionFactory [java:/JmsXA]
 [0m [0m08:13:35,549 INFO  [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1-4) WFLYJCA0019: Stopped Driver service with driver-name = h2
 [0m [0m08:13:35,549 INFO  [org.wildfly.extension.messaging-activemq] (MSC service thread 1-4) WFLYMSGAMQ0006: Unbound messaging object to jndi name java:jboss/exported/jms/RemoteConnectionFactory
 [0m [0m08:13:35,549 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-2) WFLYUT0019: Host default-host stopping
 [0m [0m08:13:35,550 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-3) WFLYUT0008: Undertow HTTPS listener https suspending
 [0m [0m08:13:35,550 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-3) WFLYUT0007: Undertow HTTPS listener https stopped, was bound to [::1]:8443
 [0m [0m08:13:35,551 INFO  [org.jboss.as.server.deployment] (MSC service thread 1-3) WFLYSRV0028: Stopped deployment arquillian-service (runtime-name: arquillian-service) in 8ms
 [0m [0m08:13:35,551 INFO  [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 36) WFLYCLINF0003: Stopped http-remoting-connector cache from ejb container
 [0m [0m08:13:35,560 INFO  [org.apache.activemq.artemis.ra.ActiveMQRALogger] (ServerService Thread Pool -- 39) AMQ151003: resource adaptor stopped
 [0m [0m08:13:35,675 INFO  [org.apache.activemq.artemis.core.server] (ServerService Thread Pool -- 39) AMQ221002: Apache ActiveMQ Artemis Message Broker version 2.19.1 [01e3b633-194d-11ed-b61d-525400d4bd5a] stopped, uptime 1.821 seconds
 [0m [0m08:13:35,676 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-8) WFLYUT0008: Undertow HTTP listener default suspending
 [0m [0m08:13:35,677 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-8) WFLYUT0007: Undertow HTTP listener default stopped, was bound to [::1]:8080
 [0m [0m08:13:35,677 INFO  [org.wildfly.extension.undertow] (MSC service thread 1-6) WFLYUT0004: Undertow 2.2.19.Final stopping
 [0m [0m08:13:35,689 INFO  [org.jboss.as] (MSC service thread 1-4) WFLYSRV0050: WildFly Full 26.1.2.Final-SNAPSHOT (WildFly Core 18.1.2.Final-SNAPSHOT) stopped in 146ms
 [0m [0m08:13:35,689 INFO  [org.jboss.as] (MSC service thread 1-4) WFLYSRV0049: WildFly Full 26.1.2.Final-SNAPSHOT (WildFly Core 18.1.2.Final-SNAPSHOT) starting
 [0m [0m08:13:35,748 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http)
 [0m [0m08:13:35,751 INFO  [org.jboss.as.patching] (MSC service thread 1-5) WFLYPAT0050: WildFly Full cumulative patch ID is: base, one-off patches include: none
 [0m [33m08:13:35,757 WARN  [org.wildfly.extension.elytron] (MSC service thread 1-7) WFLYELY00023: KeyStore file '/opt/buildAgent/work/ce8f2f3320903e86/full/testsuite/integration/basic/target/wildfly/standalone/configuration/application.keystore' does not exist. Used blank.
 [0m [33m08:13:35,757 WARN  [org.wildfly.extension.elytron] (MSC service thread 1-7) WFLYELY01084: KeyStore /opt/buildAgent/work/ce8f2f3320903e86/full/testsuite/integration/basic/target/wildfly/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self-signed certificate for host localhost
 [0m [0m08:13:35,783 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
 [0m [0m08:13:35,783 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: WildFly Full 26.1.2.Final-SNAPSHOT (WildFly Core 18.1.2.Final-SNAPSHOT) started in 94ms - Started 72 of 87 services (29 services are lazy, passive or on-demand) - Server configuration file in use: standalone-full.xml
 [0m [0m08:13:35,784 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://[::1]:9990/management
 [0m [0m08:13:35,784 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0054: Admin console is not enabled
 [0m [0m08:13:35,859 INFO  [org.jboss.as.protocol] (management I/O-2) WFLYPRT0057:  cancelled task by interrupting thread Thread[management-handler-thread - 1,5,management-handler-thread]
 [0m [0m08:13:35,964 INFO  [org.jboss.as] (MSC service thread 1-6) WFLYSRV0050: WildFly Full 26.1.2.Final-SNAPSHOT (WildFly Core 18.1.2.Final-SNAPSHOT) stopped in 7ms
 [0m [0m08:13:35,964 INFO  [org.jboss.as] (MSC service thread 1-3) WFLYSRV0049: WildFly Full 26.1.2.Final-SNAPSHOT (WildFly Core 18.1.2.Final-SNAPSHOT) starting
 [0m [0m08:13:36,056 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: Creating http management service using socket-binding (management-http)
 [0m [0m08:13:36,072 INFO  [org.jboss.as.connector.subsystems.datasources] (ServerService Thread Pool -- 47) WFLYJCA0004: Deploying JDBC-compliant driver class org.h2.Driver (version 1.4)
 [0m [0m08:13:36,076 INFO  [org.wildfly.extension.elytron.oidc._private] (ServerService Thread Pool -- 55) WFLYOIDC0001: Activating WildFly Elytron OIDC Subsystem
 [0m [33m08:13:36,079 WARN  [org.wildfly.extension.elytron] (MSC service thread 1-2) WFLYELY00023: KeyStore file '/opt/buildAgent/work/ce8f2f3320903e86/full/testsuite/integration/basic/target/wildfly/standalone/configuration/application.keystore' does not exist. Used blank.
 [0m [33m08:13:36,079 WARN  [org.wildfly.extension.elytron] (MSC service thread 1-7) WFLYELY01084: KeyStore /opt/buildAgent/work/ce8f2f3320903e86/full/testsuite/integration/basic/target/wildfly/standalone/configuration/application.keystore not found, it will be auto generated on first use with a self-signed certificate for host localhost
 [0m [0m08:13:36,081 INFO  [org.wildfly.iiop.openjdk] (ServerService Thread Pool -- 57) WFLYIIOP0001: Activating IIOP Subsystem
 [0m [0m08:13:36,084 INFO  [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 58) WFLYCLINF0001: Activating Infinispan subsystem.
 [0m [0m08:13:36,090 INFO  [org.wildfly.extension.health] (ServerService Thread Pool -- 56) WFLYHEALTH0001: Activating Base Health Subsystem
 [0m [0m08:13:36,099 INFO  [org.jboss.as.webservices] (ServerService Thread Pool -- 82) WFLYWS0002: Activating WebServices Extension
 [0m [33m08:13:36,099 WARN  [org.jboss.as.txn] (ServerService Thread Pool -- 80) WFLYTX0013: The node-identifier attribute on the /subsystem=transactions is set to the default value. This is a danger for environments running multiple servers. Please make sure the attribute value is unique.
 [0m [0m08:13:36,098 INFO  [org.wildfly.extension.microprofile.opentracing] (ServerService Thread Pool -- 72) WFLYTRACEXT0001: Activating MicroProfile OpenTracing Subsystem
 [0m [0m08:13:36,098 INFO  [org.jboss.as.naming] (ServerService Thread Pool -- 73) WFLYNAM0001: Activating Naming Subsystem
 [0m [0m08:13:36,097 INFO  [org.wildfly.extension.microprofile.jwt.smallrye] (ServerService Thread Pool -- 71) WFLYJWT0001: Activating MicroProfile JWT Subsystem
 [0m [0m08:13:36,097 INFO  [org.wildfly.extension.microprofile.config.smallrye] (ServerService Thread Pool -- 70) WFLYCONF0001: Activating MicroProfile Config Subsystem


org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.testSendMessageInClientTopic: java.util.concurrent.TimeoutException
	at java.util.concurrent.FutureTask.get(FutureTask.java:205)
	at org.jboss.as.test.integration.common.HttpRequest.execute(HttpRequest.java:52)
	at org.jboss.as.test.integration.common.HttpRequest.get(HttpRequest.java:82)
	at org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.sendAndReceiveMessage(DiscoveryGroupExternalMessagingDeploymentTestCase.java:269)
	at org.jboss.as.test.integration.messaging.jms.external.DiscoveryGroupExternalMessagingDeploymentTestCase.testSendMessageInClientTopic(DiscoveryGroupExternalMessagingDeploymentTestCase.java:262)
------- Stdout: -------
 [33m08:14:36,376 WARN  [org.jboss.jca.core.connectionmanager.pool.strategy.PoolByCri] (default task-1) IJ000604: Throwable while attempting to get a new connection: null: javax.resource.ResourceException: Failed to create session factory
	at org.apache.activemq.artemis.ra.ActiveMQRAManagedConnection.setup(ActiveMQRAManagedConnection.java:778)
	at org.apache.activemq.artemis.ra.ActiveMQRAManagedConnection.<init>(ActiveMQRAManagedConnection.java:161)
	at org.apache.activemq.artemis.ra.ActiveMQRAManagedConnectionFactory.createManagedConnection(ActiveMQRAManagedConnectionFactory.java:152)
	at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1328)
	at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.getConnection(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:505)
	at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getSimpleConnection(AbstractPool.java:640)
	at org.jboss.jca.core.connectionmanager.pool.AbstractPool.getConnection(AbstractPool.java:605)
	at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.getManagedConnection(AbstractConnectionManager.java:624)
	at org.jboss.jca.core.connectionmanager.tx.TxConnectionManagerImpl.getManagedConnection(TxConnectionManagerImpl.java:440)
	at org.jboss.jca.core.connectionmanager.AbstractConnectionManager.allocateConnection(AbstractConnectionManager.java:789)
	at org.apache.activemq.artemis.ra.ActiveMQRASessionFactoryImpl.allocateConnection(ActiveMQRASessionFactoryImpl.java:867)
	at org.apache.activemq.artemis.ra.ActiveMQRASessionFactoryImpl.createSession(ActiveMQRASessionFactoryImpl.java:526)
	at org.apache.activemq.artemis.ra.ActiveMQRASessionFactoryImpl.createSession(ActiveMQRASessionFactoryImpl.java:741)
	at org.apache.activemq.artemis.ra.ActiveMQRASessionFactoryImpl.createSession(ActiveMQRASessionFactoryImpl.java:746)
	at org.apache.activemq.artemis.ra.ActiveMQRAConnectionFactoryImpl.validateUser(ActiveMQRAConnectionFactoryImpl.java:474)
	at org.apache.activemq.artemis.ra.ActiveMQRAConnectionFactoryImpl.createContext(ActiveMQRAConnectionFactoryImpl.java:431)
	at org.wildfly.extension.messaging.activemq.deployment.injection.AbstractJMSContext.createContext(AbstractJMSContext.java:60)
	at org.wildfly.extension.messaging.activemq.deployment.injection.AbstractJMSContext.lambda$getContext$0(AbstractJMSContext.java:47)
	at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1660)
	at org.wildfly.extension.messaging.activemq.deployment.injection.AbstractJMSContext.getContext(AbstractJMSContext.java:46)
	at org.jboss.weld.bean.proxy.AbstractBeanInstance.invoke(AbstractBeanInstance.java:38)
	at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106)
	at org.wildfly.extension.messaging.activemq.deployment.injection.RequestedJMSContext$Proxy$_$$_WeldClientProxy.getContext(Unknown Source)
	at org.wildfly.extension.messaging.activemq.deployment.injection.InjectedJMSContext.getDelegate(InjectedJMSContext.java:92)
	at org.wildfly.extension.messaging.activemq.deployment.injection.JMSContextWrapper.createTemporaryQueue(JMSContextWrapper.java:252)
	at org.jboss.as.test.integration.messaging.jms.external.MessagingServlet.sendAndReceiveMessage(MessagingServlet.java:76)
	at org.jboss.as.test.integration.messaging.jms.external.MessagingServlet.doGet(MessagingServlet.java:71)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:503)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
	at io.opentracing.contrib.jaxrs2.server.SpanFinishingFilter.doFilter(SpanFinishingFilter.java:52)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
	at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
	at org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.lambda$handleRequest$1(ElytronRunAsHandler.java:68)
	at org.wildfly.security.auth.server.FlexibleIdentityAssociation.runAsFunctionEx(FlexibleIdentityAssociation.java:103)
	at org.wildfly.security.auth.server.Scoped.runAsFunctionEx(Scoped.java:161)
	at org.wildfly.security.auth.server.Scoped.runAs(Scoped.java:73)
	at org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.handleRequest(ElytronRunAsHandler.java:67)

@bstansberry bstansberry changed the title [WFCORE-6024]Upgrade Undertow to 2.2.19.Final [WFCORE-6024]Upgrade Undertow to 2.2.19.Final (fixes CVE-2022-1319, CVE-2022-2053) Aug 14, 2022
@bstansberry bstansberry merged commit 2b001b8 into wildfly:18.x Aug 14, 2022
@bstansberry
Copy link
Contributor

Thanks @fl4via

@bstansberry bstansberry mentioned this pull request Aug 14, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
18.x PRs meant for 18.x (corresponding to WildFly 26.x)
Projects
None yet
Milestone
No milestone
4 participants
@fl4via @wildfly-ci @bstansberry @yersan