GitHub-Mirror/rundeck-api-java-client
2
0
Fork 0
mirror of https://github.com/Fishwaldo/rundeck-api-java-client.git synced 2025-07-06 13:08:38 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #18 from Sylvain-Bugat/pom-update

Browse source 
Http client upgrade to fix CVE-2014-3577
This commit is contained in:
Greg Schueler 2014-11-24 14:02:44 -08:00
commit eeaf4a3944
3 changed files with 57 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

13
dependencies-check-rules.xml Normal file
View file

@ -0,0 +1,13 @@
<ruleset comparisonMethod="maven"
xmlns="http://mojo.codehaus.org/versions-maven-plugin/rule/2.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://mojo.codehaus.org/versions-maven-plugin/rule/2.0.0 http://mojo.codehaus.org/versions-maven-plugin/xsd/rule-2.0.0.xsd">
<!--Ignore alpha, beta, release-candidate and draft versions-->
<ignoreVersions>
<ignoreVersion type="regex">.*[\.-](?i)alpha[0-9]*$</ignoreVersion>
<ignoreVersion type="regex">.*[\.-](?i)b(eta)?-?[0-9]*$</ignoreVersion>
<ignoreVersion type="regex">.*[\.-](?i)rc?[0-9]*$</ignoreVersion>
<ignoreVersion type="regex">.*[\.-](?i)draft.*$</ignoreVersion>
</ignoreVersions>
</ruleset>

36
pom.xml
View file

@ -17,6 +17,10 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<prerequisites>
<maven>2.2.1</maven>
</prerequisites>
<!-- For deploying to Sonatype OSS Nexus -->
<parent>
<groupId>org.sonatype.oss</groupId>
@ -88,6 +92,16 @@
<project.build.targetJdk>1.6</project.build.targetJdk>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<!-- Dependencies version -->
<apache.httpcomponents.version>4.3.6</apache.httpcomponents.version>
<commons-lang.version>2.6</commons-lang.version>
<commons-io.version>2.1</commons-io.version>
<dom4j.version>1.6.1</dom4j.version>
<jaxen.version>1.1.1</jaxen.version>
<junit.version>4.10</junit.version>
<betamax.version>1.0</betamax.version>
<groovy.version>1.8.4</groovy.version>
<!-- Plugins version -->
<plugin.antrun.version>1.7</plugin.antrun.version>
<plugin.assembly.version>2.2.2</plugin.assembly.version>
@ -114,7 +128,7 @@
<plugin.source.version>2.1.2</plugin.source.version>
<plugin.surefire.version>2.10</plugin.surefire.version>
<plugin.taglist.version>2.4</plugin.taglist.version>
<plugin.versions.version>1.2</plugin.versions.version>
<plugin.versions.version>2.1</plugin.versions.version>
</properties>
<build>
@ -392,7 +406,7 @@
</reportSet>
</reportSets>
<configuration>
<comparisonMethod>mercury</comparisonMethod>
<rulesUri>file:./dependencies-check-rules.xml</rulesUri>
</configuration>
</plugin>
<plugin>
@ -423,52 +437,52 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.1.2</version>
<version>${apache.httpcomponents.version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>
<version>4.1.2</version>
<version>${apache.httpcomponents.version}</version>
</dependency>
<!-- Commons -->
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>2.6</version>
<version>${commons-lang.version}</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.1</version>
<version>${commons-io.version}</version>
</dependency>
<!-- XML Parsing -->
<dependency>
<groupId>dom4j</groupId>
<artifactId>dom4j</artifactId>
<version>1.6.1</version>
<version>${dom4j.version}</version>
</dependency>
<dependency>
<groupId>jaxen</groupId>
<artifactId>jaxen</artifactId>
<version>1.1.1</version>
<version>${jaxen.version}</version>
</dependency>
<!-- Test -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.10</version>
<version>${junit.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.github.robfletcher</groupId>
<artifactId>betamax</artifactId>
<version>1.0</version>
<version>${betamax.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.codehaus.groovy</groupId>
<artifactId>groovy-all</artifactId>
<version>1.8.4</version>
<version>${groovy.version}</version>
<scope>test</scope>
</dependency>
</dependencies>

7
src/main/java/org/rundeck/api/ApiCall.java
View file

@ -37,7 +37,6 @@ import org.apache.http.params.HttpProtocolParams;
import org.apache.http.protocol.HTTP;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.EntityUtils;
import org.dom4j.Document;
import org.rundeck.api.RundeckApiException.RundeckApiLoginException;
import org.rundeck.api.RundeckApiException.RundeckApiTokenException;
import org.rundeck.api.parser.ParserHelper;
@ -639,11 +638,11 @@ class ApiCall {
while (true) {
try {
HttpPost postLogin = new HttpPost(location);
List params = new ArrayList();
List<BasicNameValuePair> params = new ArrayList<BasicNameValuePair>();
params.add(new BasicNameValuePair("j_username", client.getLogin()));
params.add(new BasicNameValuePair("j_password", client.getPassword()));
params.add(new BasicNameValuePair("action", "login"));
postLogin.setEntity(new UrlEncodedFormEntity(params, HTTP.UTF_8));
postLogin.setEntity(new UrlEncodedFormEntity(params, Consts.UTF_8));
HttpResponse response = httpClient.execute(postLogin);
if (response.getStatusLine().getStatusCode() / 100 == 3) {
@ -663,7 +662,7 @@ class ApiCall {
}
try {
String content = EntityUtils.toString(response.getEntity(), HTTP.UTF_8);
String content = EntityUtils.toString(response.getEntity(), Consts.UTF_8);
if (StringUtils.contains(content, "j_security_check")) {
throw new RundeckApiLoginException("Login failed for user " + client.getLogin());
}