Issues
- opennms-webapp-remoting JARs are not signedNMS-9638Resolved issue: NMS-9638Benjamin Reed
- Enhance manual topology map with "modify amp" modeNMS-9582
- Exceptions in Bridge DiscoveryNMS-9557Resolved issue: NMS-9557Antonio Russo
- support graphml updateNMS-9556Resolved issue: NMS-9556
- Eventd does not respect event configuration order when reloadingNMS-9551Resolved issue: NMS-9551Jesse White
- The reason parameter for a nodeLostService event is limited to 255 charactersNMS-9550Resolved issue: NMS-9550Alejandro Galue
- Document supported products and versions for Remedy integrationNMS-9538Resolved issue: NMS-9538Jeff Gehlbach
- Northbounders implementation are not sending feedback events for reloadDaemonConfigNMS-9524Resolved issue: NMS-9524Alejandro Galue
- Programmable Northbounder InterfacesNMS-9513Resolved issue: NMS-9513Alejandro Galue
- ConcurrentModificationException thrown by StatsdNMS-9511Resolved issue: NMS-9511Jesse White
- Clone foreign source requisition overwrites config of other requisition without any hint or warningNMS-9481Resolved issue: NMS-9481Alejandro Galue
- Document the logic behind the response time value reported by the SnmpMonitorNMS-9475Resolved issue: NMS-9475Alejandro Galue
- NPE discovery bridge topologyNMS-9471Resolved issue: NMS-9471Antonio Russo
- Improve logging for EventIpcManagerDefaultImplNMS-9452Resolved issue: NMS-9452Alejandro Galue
- Event Configuration Screen Requires Alarm TypeNMS-9422Resolved issue: NMS-9422Alejandro Galue
- TCP persistence strategy should output time in milliseconds, not secondsNMS-9409Resolved issue: NMS-9409Jesse White
- Allow provisiond to perform reverse lookups without requiring an A record (foundation-2016)NMS-9406Resolved issue: NMS-9406Jesse White
- Remove snmpIpAdEntNetmask from the snmpInterface tableNMS-9385Resolved issue: NMS-9385Benjamin Reed
- Incorrect sysoid for the systemDef Juniper J-RoutersNMS-9372Resolved issue: NMS-9372Christian Pape
- XSS vulnerability on node error pageNMS-9354Resolved issue: NMS-9354Jesse White
- Page sequence monitor (PSM) follows http redirects by default. Add a parameter to disallow automatic (httpclients) redirectsNMS-9070
- collectd does not unschedule deleted nodesNMS-5105Resolved issue: NMS-5105Jesse White
opennms-webapp-remoting JARs are not signed
Description
Environment
Acceptance / Success Criteria
depends on
Lucidchart Diagrams
Details
Assignee
Benjamin ReedBenjamin ReedReporter
Aaron ScamehornAaron ScamehornComponents
Sprint
NonePriority
Major
Details
Details
Assignee
Reporter
Components
Sprint
Priority
MajorPagerDuty
PagerDuty
PagerDuty
Activity
Seth LegerOctober 18, 2017 at 4:22 PM
This bug was caused when issue was implemented.
Benjamin ReedOctober 11, 2017 at 9:12 PM
So I spent all day building and re-building trying to reproduce this, and realized I know exactly why it happens.
When we make an "official" release, I prime the maven cache with a ./compile.pl I do on the build machine, so I can do assembly-only builds for RPMs, DEBs, etc and not have to do all that compiler work multiple times. In the official release docs, I don't include the `run-expensive-tasks` profile so it's skipping jar-signing.
I have updated the release docs to include the fixes.
Aaron ScamehornSeptember 20, 2017 at 3:48 PM
Hi Seth,
I did not build the code; this was from the RPM's.
I tried both versions 19 & 20.
I also tried to self sign the jars, but ran into problems with the eclipse jars because those were signed...
Seth LegerSeptember 20, 2017 at 2:48 PM
Also, why did you mar this issue as 19.1.0? Did you also verify that this is a problem in the 19.1.0 release packages?
Seth LegerSeptember 20, 2017 at 2:47 PM
Hi Aaron, did you build the code yourself or is this from the release RPMs/DEBs?
$ rpm -q opennms-webapp-remoting
opennms-webapp-remoting-20.0.2-1.noarch
$ jarsigner -verify org.opennms.features.remote-poller-20.0.2.jar
jar is unsigned.
None of the JARs appear signed with the exception of the eclipse stuff:
$ jarsigner -verify -verbose org.eclipse.persistence.moxy-2.5.1.jar
Signed by "CN="Eclipse.org Foundation, Inc.", OU=IT, O="Eclipse.org Foundation, Inc.", L=Ottawa, ST=Ontario, C=CA"
Digest algorithm: SHA1
Signature algorithm: SHA1withRSA, 2048-bit key
Timestamped by "CN=GeoTrust Timestamping Signer 1, O=GeoTrust Inc, C=US" on Wed Sep 18 13:20:08 UTC 2013
Timestamp digest algorithm: SHA-1
Timestamp signature algorithm: SHA1withRSA, 1024-bit key
jar verified.