CLM SCAN VULNERABILITIES
*Upgraded Spring from 5.0.5 -> 5.1.0i
*Changed implementation of SSL in AAICLient
Change-Id: I1341c19931031da67c2d0deb14940a2748b0203b
Issue-ID: DCAEGEN2-870
Signed-off-by: wasala <przemyslaw.wasala@nokia.com>
diff --git a/pom.xml b/pom.xml
index 1749eaf..05d2f99 100644
--- a/pom.xml
+++ b/pom.xml
@@ -32,7 +32,7 @@
<groupId>org.onap.dcaegen2.services</groupId>
<artifactId>prh</artifactId>
- <version>1.1.0-SNAPSHOT</version>
+ <version>1.1.1-SNAPSHOT</version>
<name>dcaegen2-services-prh</name>
<description>PNF Registration Handler</description>
@@ -48,8 +48,8 @@
<properties>
<java.version>8</java.version>
<immutables.version>2.5.6</immutables.version>
- <spring.version>5.0.5.RELEASE</spring.version>
- <spring-boot.version>2.0.4.RELEASE</spring-boot.version>
+ <spring.version>5.1.0.RELEASE</spring.version>
+ <spring-boot.version>2.0.5.RELEASE</spring-boot.version>
<tomcat.version>8.5.32</tomcat.version>
<slf4j.version>1.7.25</slf4j.version>
<junit-jupiter.version>5.1.0</junit-jupiter.version>
@@ -133,11 +133,16 @@
<dependency>
<groupId>io.projectreactor</groupId>
<artifactId>reactor-bom</artifactId>
- <version>Bismuth-SR10</version>
+ <version>Bismuth-SR12</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
+ <groupId>io.projectreactor.netty</groupId>
+ <artifactId>reactor-netty</artifactId>
+ <version>0.8.1.RELEASE</version>
+ </dependency>
+ <dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>${spring-boot.version}</version>
@@ -162,6 +167,16 @@
</dependency>
<dependency>
<groupId>org.springframework</groupId>
+ <artifactId>spring-core</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-web</artifactId>
+ <version>${spring.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
diff --git a/prh-aai-client/pom.xml b/prh-aai-client/pom.xml
index b86e904..f08fed3 100644
--- a/prh-aai-client/pom.xml
+++ b/prh-aai-client/pom.xml
@@ -26,7 +26,7 @@
<parent>
<groupId>org.onap.dcaegen2.services</groupId>
<artifactId>prh</artifactId>
- <version>1.1.0-SNAPSHOT</version>
+ <version>1.1.1-SNAPSHOT</version>
</parent>
<groupId>org.onap.dcaegen2.services.prh</groupId>
@@ -48,10 +48,18 @@
</dependency>
<dependency>
<groupId>org.springframework</groupId>
+ <artifactId>spring-core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
+ <artifactId>spring-web</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
<artifactId>spring-webflux</artifactId>
</dependency>
<dependency>
@@ -59,6 +67,10 @@
<artifactId>spring-boot-starter-reactor-netty</artifactId>
</dependency>
<dependency>
+ <groupId>io.projectreactor.netty</groupId>
+ <artifactId>reactor-netty</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.onap.dcaegen2.services.prh</groupId>
<artifactId>prh-commons</artifactId>
<version>${project.version}</version>
diff --git a/prh-aai-client/src/main/java/org/onap/dcaegen2/services/prh/service/AaiReactiveWebClient.java b/prh-aai-client/src/main/java/org/onap/dcaegen2/services/prh/service/AaiReactiveWebClient.java
index 0dfe1f9..256aa3b 100644
--- a/prh-aai-client/src/main/java/org/onap/dcaegen2/services/prh/service/AaiReactiveWebClient.java
+++ b/prh-aai-client/src/main/java/org/onap/dcaegen2/services/prh/service/AaiReactiveWebClient.java
@@ -35,7 +35,9 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.MDC;
+import org.springframework.http.client.reactive.ClientHttpConnector;
import org.springframework.http.client.reactive.ReactorClientHttpConnector;
+import org.springframework.http.client.reactive.ReactorResourceFactory;
import org.springframework.web.reactive.function.client.ExchangeFilterFunction;
import org.springframework.web.reactive.function.client.WebClient;
import reactor.core.publisher.Mono;
@@ -68,18 +70,15 @@
* @return WebClient
*/
public WebClient build() throws SSLException {
- SslContext sslContext;
- sslContext = SslContextBuilder
+ LOGGER.debug("Setting ssl context");
+ SslContext sslContext = SslContextBuilder
.forClient()
.trustManager(InsecureTrustManagerFactory.INSTANCE)
.build();
- LOGGER.debug("Setting ssl context");
-
+ ClientHttpConnector reactorClientHttpConnector = new ReactorClientHttpConnector(new ReactorResourceFactory(),
+ httpClient -> httpClient.secure(sslContextSpec -> sslContextSpec.sslContext(sslContext)));
return WebClient.builder()
- .clientConnector(new ReactorClientHttpConnector(clientOptions -> {
- clientOptions.sslContext(sslContext);
- clientOptions.disablePool();
- }))
+ .clientConnector(reactorClientHttpConnector)
.defaultHeaders(httpHeaders -> httpHeaders.setAll(aaiHeaders))
.filter(basicAuthentication(aaiUserName, aaiUserPassword))
.filter(logRequest())
diff --git a/prh-app-server/pom.xml b/prh-app-server/pom.xml
index df76b2b..6584b5f 100644
--- a/prh-app-server/pom.xml
+++ b/prh-app-server/pom.xml
@@ -26,7 +26,7 @@
<parent>
<groupId>org.onap.dcaegen2.services</groupId>
<artifactId>prh</artifactId>
- <version>1.1.0-SNAPSHOT</version>
+ <version>1.1.1-SNAPSHOT</version>
</parent>
<groupId>org.onap.dcaegen2.services.prh</groupId>
@@ -130,12 +130,6 @@
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
- <!--<exclusions>-->
- <!--<exclusion>-->
- <!--<groupId>com.fasterxml.jackson.core</groupId>-->
- <!--<artifactId>jackson-databind</artifactId>-->
- <!--</exclusion>-->
- <!--</exclusions>-->
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
diff --git a/prh-commons/pom.xml b/prh-commons/pom.xml
index 7cc7838..27b2efe 100644
--- a/prh-commons/pom.xml
+++ b/prh-commons/pom.xml
@@ -26,7 +26,7 @@
<parent>
<groupId>org.onap.dcaegen2.services</groupId>
<artifactId>prh</artifactId>
- <version>1.1.0-SNAPSHOT</version>
+ <version>1.1.1-SNAPSHOT</version>
</parent>
<groupId>org.onap.dcaegen2.services.prh</groupId>
@@ -73,7 +73,6 @@
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
- <version>5.0.5.RELEASE</version>
</dependency>
</dependencies>
</project>
diff --git a/prh-dmaap-client/pom.xml b/prh-dmaap-client/pom.xml
index 9778e8c..384f652 100644
--- a/prh-dmaap-client/pom.xml
+++ b/prh-dmaap-client/pom.xml
@@ -26,7 +26,7 @@
<parent>
<groupId>org.onap.dcaegen2.services</groupId>
<artifactId>prh</artifactId>
- <version>1.1.0-SNAPSHOT</version>
+ <version>1.1.1-SNAPSHOT</version>
</parent>
<groupId>org.onap.dcaegen2.services.prh</groupId>
@@ -48,6 +48,18 @@
</dependency>
<dependency>
<groupId>org.springframework</groupId>
+ <artifactId>spring-web</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>io.projectreactor.netty</groupId>
+ <artifactId>reactor-netty</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
<artifactId>spring-webflux</artifactId>
</dependency>
<dependency>
diff --git a/version.properties b/version.properties
index 73415a7..11ad59d 100644
--- a/version.properties
+++ b/version.properties
@@ -1,6 +1,6 @@
major=1
minor=1
-patch=0
+patch=1
base_version=${major}.${minor}.${patch}
release_version=${base_version}
snapshot_version=${base_version}-SNAPSHOT