Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-37302

JNLP3 challenge response generates invalid string encoding

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Won't Fix
    • Component/s: remoting
    • Labels:
      None
    • Similar Issues:

      Description

      Oh looky here

      https://github.com/jenkinsci/remoting/blob/master/src/main/java/org/jenkinsci/remoting/engine/Jnlp3Util.java#L93

      So the digest can generate any bytes you care... but not all byte sequences are valid UTF-8... thus you have a random chance of failure to validate... isn't that wonderful!

        Attachments

          Activity

          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Stephen Connolly Taking the current stae of JNLP3, I suppose it's "Won't fix". I will consider creating Errata before closing

          Show
          oleg_nenashev Oleg Nenashev added a comment - Stephen Connolly Taking the current stae of JNLP3, I suppose it's "Won't fix". I will consider creating Errata before closing
          Hide
          stephenconnolly Stephen Connolly added a comment -

          IMHO this should be WONTFIX... it is one of the reasons for dropping JNLP3 in favour of JNLP4

          Show
          stephenconnolly Stephen Connolly added a comment - IMHO this should be WONTFIX... it is one of the reasons for dropping JNLP3 in favour of JNLP4
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          docs/protocols.md
          src/main/java/org/jenkinsci/remoting/engine/JnlpProtocol3Handler.java
          http://jenkins-ci.org/commit/remoting/fe2587b7f9d78334e0ab05ab0b95f39b4b600a25
          Log:
          Docs - Noting JENKINS-37302, JENKINS-33886, and JENKINS-34121 in Errata

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: docs/protocols.md src/main/java/org/jenkinsci/remoting/engine/JnlpProtocol3Handler.java http://jenkins-ci.org/commit/remoting/fe2587b7f9d78334e0ab05ab0b95f39b4b600a25 Log: Docs - Noting JENKINS-37302 , JENKINS-33886 , and JENKINS-34121 in Errata
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Oleg Nenashev
          Path:
          docs/protocols.md
          src/main/java/org/jenkinsci/remoting/engine/JnlpProtocol3Handler.java
          http://jenkins-ci.org/commit/remoting/86e13055079fd679a46b06fc7ce54ea1eb33ac1f
          Log:
          Merge pull request #155 from oleg-nenashev/doc/jnlp3_errata

          [Docs] - Noting JENKINS-37302, JENKINS-33886, and JENKINS-34121 in JNLP3 Errata

          Compare: https://github.com/jenkinsci/remoting/compare/b8f10d809829...86e13055079f

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oleg Nenashev Path: docs/protocols.md src/main/java/org/jenkinsci/remoting/engine/JnlpProtocol3Handler.java http://jenkins-ci.org/commit/remoting/86e13055079fd679a46b06fc7ce54ea1eb33ac1f Log: Merge pull request #155 from oleg-nenashev/doc/jnlp3_errata [Docs] - Noting JENKINS-37302 , JENKINS-33886 , and JENKINS-34121 in JNLP3 Errata Compare: https://github.com/jenkinsci/remoting/compare/b8f10d809829...86e13055079f
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Closing as "Won't fix", upgrade to JNLP4 is the recommended solution.

          If somebody wants to fix it, please feel free to reopen it and to create a pull request

          Show
          oleg_nenashev Oleg Nenashev added a comment - Closing as "Won't fix", upgrade to JNLP4 is the recommended solution. If somebody wants to fix it, please feel free to reopen it and to create a pull request

            People

            • Assignee:
              Unassigned
              Reporter:
              stephenconnolly Stephen Connolly
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: