CLM SCAN VULNERABILITIES

author wasala <przemyslaw.wasala@nokia.com>

Tue, 16 Oct 2018 08:36:59 +0000 (10:36 +0200)

committer wasala <przemyslaw.wasala@nokia.com>

Tue, 16 Oct 2018 08:40:58 +0000 (10:40 +0200)
author wasala <przemyslaw.wasala@nokia.com>
Tue, 16 Oct 2018 08:36:59 +0000 (10:36 +0200)
committer wasala <przemyslaw.wasala@nokia.com>
Tue, 16 Oct 2018 08:40:58 +0000 (10:40 +0200)
diff --git a/pom.xml b/pom.xml

index 1749eaf..05d2f99 100644 (file)
--- a/pom.xml
+++ b/pom.xml
@@ -32,7 +32,7 @@
  
    <groupId>org.onap.dcaegen2.services</groupId>
    <artifactId>prh</artifactId>
-  <version>1.1.0-SNAPSHOT</version>
+  <version>1.1.1-SNAPSHOT</version>
  
    <name>dcaegen2-services-prh</name>
    <description>PNF Registration Handler</description>
@@ -48,8 +48,8 @@
    <properties>
      <java.version>8</java.version>
      <immutables.version>2.5.6</immutables.version>
-    <spring.version>5.0.5.RELEASE</spring.version>
-    <spring-boot.version>2.0.4.RELEASE</spring-boot.version>
+    <spring.version>5.1.0.RELEASE</spring.version>
+    <spring-boot.version>2.0.5.RELEASE</spring-boot.version>
      <tomcat.version>8.5.32</tomcat.version>
      <slf4j.version>1.7.25</slf4j.version>
      <junit-jupiter.version>5.1.0</junit-jupiter.version>
@@ -133,10 +133,15 @@
        <dependency>
          <groupId>io.projectreactor</groupId>
          <artifactId>reactor-bom</artifactId>
-        <version>Bismuth-SR10</version>
+        <version>Bismuth-SR12</version>
          <type>pom</type>
          <scope>import</scope>
        </dependency>
+      <dependency>
+        <groupId>io.projectreactor.netty</groupId>
+        <artifactId>reactor-netty</artifactId>
+        <version>0.8.1.RELEASE</version>
+      </dependency>
        <dependency>
          <groupId>org.springframework.boot</groupId>
          <artifactId>spring-boot-dependencies</artifactId>
@@ -160,6 +165,16 @@
          <artifactId>spring-beans</artifactId>
          <version>${spring.version}</version>
        </dependency>
+      <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-core</artifactId>
+        <version>${spring.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-web</artifactId>
+        <version>${spring.version}</version>
+      </dependency>
        <dependency>
          <groupId>org.springframework</groupId>
          <artifactId>spring-context</artifactId>
diff --git a/prh-aai-client/pom.xml b/prh-aai-client/pom.xml

index b86e904..f08fed3 100644 (file)
--- a/prh-aai-client/pom.xml
+++ b/prh-aai-client/pom.xml
@@ -26,7 +26,7 @@
    <parent>
      <groupId>org.onap.dcaegen2.services</groupId>
      <artifactId>prh</artifactId>
-    <version>1.1.0-SNAPSHOT</version>
+    <version>1.1.1-SNAPSHOT</version>
    </parent>
  
    <groupId>org.onap.dcaegen2.services.prh</groupId>
@@ -46,10 +46,18 @@
        <groupId>org.springframework</groupId>
        <artifactId>spring-beans</artifactId>
      </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-core</artifactId>
+    </dependency>
      <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-context</artifactId>
      </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-web</artifactId>
+    </dependency>
      <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-webflux</artifactId>
@@ -58,6 +66,10 @@
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-reactor-netty</artifactId>
      </dependency>
+    <dependency>
+      <groupId>io.projectreactor.netty</groupId>
+      <artifactId>reactor-netty</artifactId>
+    </dependency>
      <dependency>
        <groupId>org.onap.dcaegen2.services.prh</groupId>
        <artifactId>prh-commons</artifactId>
diff --git a/prh-aai-client/src/main/java/org/onap/dcaegen2/services/prh/service/AaiReactiveWebClient.java b/prh-aai-client/src/main/java/org/onap/dcaegen2/services/prh/service/AaiReactiveWebClient.java

index 0dfe1f9..256aa3b 100644 (file)
--- a/prh-aai-client/src/main/java/org/onap/dcaegen2/services/prh/service/AaiReactiveWebClient.java
+++ b/prh-aai-client/src/main/java/org/onap/dcaegen2/services/prh/service/AaiReactiveWebClient.java
@@ -35,7 +35,9 @@ import org.onap.dcaegen2.services.prh.config.AaiClientConfiguration;
  import org.slf4j.Logger;
  import org.slf4j.LoggerFactory;
  import org.slf4j.MDC;
+import org.springframework.http.client.reactive.ClientHttpConnector;
  import org.springframework.http.client.reactive.ReactorClientHttpConnector;
+import org.springframework.http.client.reactive.ReactorResourceFactory;
  import org.springframework.web.reactive.function.client.ExchangeFilterFunction;
  import org.springframework.web.reactive.function.client.WebClient;
  import reactor.core.publisher.Mono;
@@ -68,18 +70,15 @@ public class AaiReactiveWebClient {
       * @return WebClient
       */
      public WebClient build() throws SSLException {
-        SslContext sslContext;
-        sslContext = SslContextBuilder
+        LOGGER.debug("Setting ssl context");
+        SslContext sslContext = SslContextBuilder
              .forClient()
              .trustManager(InsecureTrustManagerFactory.INSTANCE)
              .build();
-        LOGGER.debug("Setting ssl context");
-
+        ClientHttpConnector reactorClientHttpConnector = new ReactorClientHttpConnector(new ReactorResourceFactory(),
+            httpClient -> httpClient.secure(sslContextSpec -> sslContextSpec.sslContext(sslContext)));
          return WebClient.builder()
-            .clientConnector(new ReactorClientHttpConnector(clientOptions -> {
-                clientOptions.sslContext(sslContext);
-                clientOptions.disablePool();
-            }))
+            .clientConnector(reactorClientHttpConnector)
              .defaultHeaders(httpHeaders -> httpHeaders.setAll(aaiHeaders))
              .filter(basicAuthentication(aaiUserName, aaiUserPassword))
              .filter(logRequest())
diff --git a/prh-app-server/pom.xml b/prh-app-server/pom.xml

index df76b2b..6584b5f 100644 (file)
--- a/prh-app-server/pom.xml
+++ b/prh-app-server/pom.xml
@@ -26,7 +26,7 @@
    <parent>
      <groupId>org.onap.dcaegen2.services</groupId>
      <artifactId>prh</artifactId>
-    <version>1.1.0-SNAPSHOT</version>
+    <version>1.1.1-SNAPSHOT</version>
    </parent>
  
    <groupId>org.onap.dcaegen2.services.prh</groupId>
@@ -130,12 +130,6 @@
      <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
-      <!--<exclusions>-->
-        <!--<exclusion>-->
-          <!--<groupId>com.fasterxml.jackson.core</groupId>-->
-          <!--<artifactId>jackson-databind</artifactId>-->
-        <!--</exclusion>-->
-      <!--</exclusions>-->
      </dependency>
      <dependency>
        <groupId>org.springframework.boot</groupId>
diff --git a/prh-commons/pom.xml b/prh-commons/pom.xml

index 7cc7838..27b2efe 100644 (file)
--- a/prh-commons/pom.xml
+++ b/prh-commons/pom.xml
@@ -26,7 +26,7 @@
    <parent>
      <groupId>org.onap.dcaegen2.services</groupId>
      <artifactId>prh</artifactId>
-    <version>1.1.0-SNAPSHOT</version>
+    <version>1.1.1-SNAPSHOT</version>
    </parent>
  
    <groupId>org.onap.dcaegen2.services.prh</groupId>
@@ -73,7 +73,6 @@
      <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-web</artifactId>
-      <version>5.0.5.RELEASE</version>
      </dependency>
    </dependencies>
  </project>
diff --git a/prh-dmaap-client/pom.xml b/prh-dmaap-client/pom.xml

index 9778e8c..384f652 100644 (file)
--- a/prh-dmaap-client/pom.xml
+++ b/prh-dmaap-client/pom.xml
@@ -26,7 +26,7 @@
    <parent>
      <groupId>org.onap.dcaegen2.services</groupId>
      <artifactId>prh</artifactId>
-    <version>1.1.0-SNAPSHOT</version>
+    <version>1.1.1-SNAPSHOT</version>
    </parent>
  
    <groupId>org.onap.dcaegen2.services.prh</groupId>
@@ -46,6 +46,18 @@
        <groupId>org.springframework</groupId>
        <artifactId>spring-context</artifactId>
      </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-web</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-core</artifactId>
+    </dependency>
+    <dependency>
+    <groupId>io.projectreactor.netty</groupId>
+    <artifactId>reactor-netty</artifactId>
+    </dependency>
      <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-webflux</artifactId>
diff --git a/version.properties b/version.properties

index 73415a7..11ad59d 100644 (file)
--- a/version.properties
+++ b/version.properties
@@ -1,6 +1,6 @@
  major=1\r
  minor=1\r
-patch=0\r
+patch=1\r
  base_version=${major}.${minor}.${patch}\r
  release_version=${base_version}\r
  snapshot_version=${base_version}-SNAPSHOT\r
author	wasala <przemyslaw.wasala@nokia.com>
	Tue, 16 Oct 2018 08:36:59 +0000 (10:36 +0200)
committer	wasala <przemyslaw.wasala@nokia.com>
	Tue, 16 Oct 2018 08:40:58 +0000 (10:40 +0200)
pom.xml		patch \| blob \| history
prh-aai-client/pom.xml		patch \| blob \| history
prh-aai-client/src/main/java/org/onap/dcaegen2/services/prh/service/AaiReactiveWebClient.java		patch \| blob \| history
prh-app-server/pom.xml		patch \| blob \| history
prh-commons/pom.xml		patch \| blob \| history
prh-dmaap-client/pom.xml		patch \| blob \| history
version.properties		patch \| blob \| history