marek/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
16,626 Commits 4 Branches 227 Tags
b607304f7be3c319b45bc76366f0b00e54be77b0
Commit Graph

247 Commits

Author SHA1 Message Date
zzz
5cbdb7d806 Tomcat 9.0.62 2022-05-02 11:31:45 -04:00
idk
c4cfe420a6 disable any chance of JNDI lookups in log4j.properties file by setting %m{nolookups}. I don't think we're actually vulnerable to CVE-2021-44228 if I'm understanding correctly, by default it doesn't seem like we actually use log4j for much of anything and we don't do much logging of arbitrarily crafted remote inputs, but also it seems like this JNDI lookups thing is way more trouble than it could possibly be worth to us. Maybe it's a good idea to make sure it's turned off by default. 2021-12-10 21:01:37 -05:00
zzz
6b823e6381 Tomcat 9.0.54 2021-10-11 10:46:26 -04:00
zzz
af97381461 Jetty 9.3.30.v20211001 
Remove patched SslConnection.java for Jetty #6072, fix included in this release
 2021-10-10 12:09:12 -04:00
zzz
877b1f5f56 Build: Add resources to dependencies 
remove unused systray icons
 2021-07-30 10:35:12 -04:00
zzz
8710aa0065 Fix package for new "filter" 2021-07-13 08:23:32 -04:00
idk
1911132f11 Adds an X-I2P-Location header filter to the default I2P site 2021-07-12 14:21:23 +00:00
zzz
e5186b0f7b Improve error handling on sort 2021-06-20 09:39:12 -04:00
zzz
fd6219356d Jetty: Case-insensitive sort on directory listing, put directories first 2021-06-20 09:28:10 -04:00
zzz
cb7dcda57f Fix dup patched/unpatched jetty classes 2021-05-18 08:47:18 -04:00
Zlatin Balevsky
8532103e64 reproducible builds with Gradle 2021-05-11 17:50:14 +00:00
zzz
3d362814df Console: Update bug report URLs 2021-05-02 09:37:26 -04:00
zzz
28ea0e9025 Tomcat 9.0.45 2021-04-25 10:53:47 -04:00
zzz
78168be85c Jetty: Add patch for CVE-2021-28165 - Jetty #6072 - 
Jetty server high CPU when client send data length > 17408

This affects SSL connections only, which is not part of our default setup.
Adapted from workaround at:
https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w
Put the new checks directly in the unwrap() method,
rather than subclassing SslConnection, as that would require config file changes.
 2021-04-24 16:04:33 -04:00
zzz
41e46448d5 Jetty: SslConnection.java unmodified from 9.3.29.v20201019 
Patch to follow in next commit
 2021-04-24 15:56:51 -04:00
zzz
b55fbbf099 Boolean.valueOf() -> Boolean.parseBoolean() 2021-03-20 12:27:46 -04:00
zzz
7f3f46c8ba Jetty: Fix detection of SSL connector for registration with PortMapper 2021-02-24 10:13:37 -05:00
zzz
6e2292354a Build: More prep for different release and API versions 
Use API version as manifest Specification-Version
Use API version in I2CP
Reduce sybil penalty for version and banlist
 2021-02-23 10:43:32 -05:00
zzz
6e3b483c03 Util: Store multiple eepsite ports in PortMapper 
Jetty: Register all servers with PortMapper
Console: List all Jetty servers in sidebar
 2021-02-21 09:17:31 -05:00
zzz
1dfdf79d15 Console: Spelling fixes all over, from pospelchek 2021-01-27 11:03:57 -05:00
zzz
5f3c41244b Jetty: Fix URI in request logs 
Use standard getRequestURI() instead of Jetty internal getHttpURI(),
which apparently changed somewhere along the way

Hide Jetty ClosedChannelException from I2P logs
 2021-01-13 08:54:46 -05:00
zzz
d2a79e8837 Build: Add version where missing from jar manifests 2020-12-28 08:07:50 -05:00
Zlatin Balevsky
183280871f get gradle assemble to work 2020-12-11 20:12:27 +00:00
zzz
7e5dc6ad64 Tomcat 9.0.40 2020-11-20 14:11:59 +00:00
zzz
c9e6bef825 Jetty: Patch to fix console not starting on Java 11.0.9.1 
Backport JavaVersion.java from Jetty 9.4.34
Jetty does not plan to fix in 9.3.x
ref:
https://github.com/eclipse/jetty.project/issues/5682
https://github.com/eclipse/jetty.project/issues/2284
http://zzz.i2p/topics/2991
 2020-11-17 15:50:10 +00:00
zzz
0f002b9b69 Jetty 9.3.29.v20201019/ 2020-11-17 15:39:08 +00:00
zzz
a9a5d13e06 Build: Set javac release property (ticket #2775) 
Ant version 1.9.8 or higher now required
Drop support for Xenial package build
Fix up BOB build configuration
Fix i2psnark standalone build
 2020-10-07 13:33:41 +00:00
zzz
2af7066074 Jetty: Switch from jetty to tomcat jar for servlet-api 
to get the 4.0 dtds
Put servlet version on the logs page
 2020-06-07 16:22:21 +00:00
zzz
edfbc4081b Tomcat 9.0.35 (Servlet 4.0) 
Switch Bionic to 9.x
Disco+ already on 9.x
Xenial remains on 8.x
Update dependencies doc
 2020-05-31 15:35:18 +00:00
zzz
03b1a4dfc0 Installer: Require Java 8 (ticket #2511) 
Jetty 9.3.28 (ticket #2098)
This breaks Debian builds, fixes to follow
 2020-05-27 16:08:54 +00:00
zzz
25a80c78b5 Build: Manifests for test, source, and javadoc jars 2020-04-21 12:52:23 +00:00
zzz
5976d4952f Jetty: Add GzipHandler for eepsites on Jetty 9.3/9.4 (ticket #2599) 
by adding jetty-gzip.xml. JettyStart will copy the file
and add it to the configuration list automatically.
This does not affect standard installs which are still on 9.2;
it's only for Debian installs.
See also ticket #2098.
Partial backport from branch i2p.i2p.zzz.jetty93
 2020-04-10 18:10:48 +00:00
zzz
ea05af42fa Jetty 9.2.29.v20191105, Tomcat 8.5.50 2020-01-08 14:16:16 +00:00
zzz
fa9f60bcd9 Console, webapps: CSP improvements 
i2ptunnel, susidns: Add headers.jsi
Console: Remove onload and use nonce for inline scripts where able
Version remaining js links
 2019-12-25 12:18:00 +00:00
zzz
b2aa649c2a Build: Add encoding to all javac targets 2019-12-19 11:19:52 +00:00
zzz
320569ef7f Tomcat 8.5.46 2019-09-21 14:30:57 +00:00
zzz
64ba43c007 Jetty: Log stack trace if 2nd arg is a Throwable (ticket #2592) 2019-08-18 14:53:32 +00:00
str4d
cf4298f759 Jetty: Fix Gradle build 2019-08-10 16:10:07 +00:00
zzz
eff2bdbf87 Build: Fix Debian (ticket #2517) 2019-06-02 10:17:59 +00:00
zzz
e174a46801 javadoc fixes 2019-05-12 20:45:17 +00:00
zzz
adb1c6f58e Jetty: Fix webapps in eepsite (ticket #2477) 2019-05-12 18:14:55 +00:00
str4d
e70a2c765b Update Jetty and Tomcat versions in Gradle build scripts 2019-04-21 16:37:28 +00:00
zzz
8d00774b5e Tomcat 8.5.40 2019-04-15 11:45:52 +00:00
zzz
6237fc89ad Jetty: Hide sizes and dates of directories in listings 2019-04-10 18:25:20 +00:00
zzz
6cc39a2672 Build: Fix up javadoc targets in sub-build.xml files for maven central 2019-04-07 18:09:04 +00:00
zzz
2b00bfa58b Fix Debian builds with Jetty 9.4.15 (ticket #2457) 2019-03-16 16:54:36 +00:00
zzz
2aa093754d Tomcat 8.5.38 2019-02-18 18:44:37 +00:00
zzz
316011e047 Debian: Fix version detection of Tomcat 9 required for reproducible builds 2019-01-31 11:55:43 +00:00
zzz
3527f251c8 Debian: Add build option for libtomcat9 (ticket #2364) 2019-01-24 14:15:04 +00:00
zzz
e68182a157 Build: Provide option to prevent Class-Path in manifests (ticket #2317) 2018-10-10 12:30:34 +00:00