From 7eac8fb61c382a016f4581fc9975b46e41ea6360 Mon Sep 17 00:00:00 2001 From: Idel Pivnitskiy Date: Thu, 22 Aug 2019 04:58:22 -0700 Subject: [PATCH 1/5] Use `AppendableCharSequence.charAtUnsafe(int)` in `HttpObjectDecoder` (#9492) Motivation: `HttpObjectDecoder` pre-checks that it doesn't request characters outside of the `AppendableCharSequence`'s length. `0` is always allowed because the minimal length of `AppendableCharSequence` is `1`. We can legally skip index check by using `AppendableCharSequence.charAtUnsafe(int)` in all existing cases in `HttpObjectDecoder`. Modifications: - Use `AppendableCharSequence.charAtUnsafe(int)` instead of `AppendableCharSequence.charAt(int)` in `HttpObjectDecoder`. Result: No unnecessary index checks in `HttpObjectDecoder`. (cherry picked from commit 85fcf4e58164806645b79239d0e6bf00287e26dc) --- .../io/netty/handler/codec/http/HttpObjectDecoder.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java index 6d1d596f781..b6ce94b63e3 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java @@ -575,7 +575,7 @@ private State readHeaders(ByteBuf buffer) { } if (line.length() > 0) { do { - char firstChar = line.charAt(0); + char firstChar = line.charAtUnsafe(0); if (name != null && (firstChar == ' ' || firstChar == '\t')) { //please do not make one line from below code //as it breaks +XX:OptimizeStringConcat optimization @@ -643,7 +643,7 @@ private LastHttpContent readTrailingHeaders(ByteBuf buffer) { trailer = this.trailer = new DefaultLastHttpContent(Unpooled.EMPTY_BUFFER, validateHeaders); } while (line.length() > 0) { - char firstChar = line.charAt(0); + char firstChar = line.charAtUnsafe(0); if (lastHeader != null && (firstChar == ' ' || firstChar == '\t')) { List current = trailer.trailingHeaders().getAll(lastHeader); if (!current.isEmpty()) { @@ -727,14 +727,14 @@ private void splitHeader(AppendableCharSequence sb) { nameStart = findNonWhitespace(sb, 0); for (nameEnd = nameStart; nameEnd < length; nameEnd ++) { - char ch = sb.charAt(nameEnd); + char ch = sb.charAtUnsafe(nameEnd); if (ch == ':' || Character.isWhitespace(ch)) { break; } } for (colonEnd = nameEnd; colonEnd < length; colonEnd ++) { - if (sb.charAt(colonEnd) == ':') { + if (sb.charAtUnsafe(colonEnd) == ':') { colonEnd ++; break; } From 55b7c072486afcf551dd75c677030969c31d4059 Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Fri, 20 Sep 2019 21:02:11 +0200 Subject: [PATCH 2/5] Correctly handle whitespaces in HTTP header names as defined by RFC7230#section-3.2.4 (#9585) Motivation: When parsing HTTP headers special care needs to be taken when a whitespace is detected in the header name. Modifications: - Ignore whitespace when decoding response (just like before) - Throw exception when whitespace is detected during parsing - Add unit tests Result: Fixes https://github.com/netty/netty/issues/9571 (cherry picked from commit 39cafcb05c99f2aa9fce7e6597664c9ed6a63a95) --- .../handler/codec/http/HttpObjectDecoder.java | 16 +++++++++++++++- .../codec/http/HttpRequestDecoderTest.java | 14 ++++++++++++++ .../codec/http/HttpResponseDecoderTest.java | 15 +++++++++++++++ 3 files changed, 44 insertions(+), 1 deletion(-) diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java index b6ce94b63e3..818273c8d23 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java @@ -728,7 +728,21 @@ private void splitHeader(AppendableCharSequence sb) { nameStart = findNonWhitespace(sb, 0); for (nameEnd = nameStart; nameEnd < length; nameEnd ++) { char ch = sb.charAtUnsafe(nameEnd); - if (ch == ':' || Character.isWhitespace(ch)) { + // https://tools.ietf.org/html/rfc7230#section-3.2.4 + // + // No whitespace is allowed between the header field-name and colon. In + // the past, differences in the handling of such whitespace have led to + // security vulnerabilities in request routing and response handling. A + // server MUST reject any received request message that contains + // whitespace between a header field-name and colon with a response code + // of 400 (Bad Request). A proxy MUST remove any such whitespace from a + // response message before forwarding the message downstream. + if (ch == ':' || + // In case of decoding a request we will just continue processing and header validation + // is done in the DefaultHttpHeaders implementation. + // + // In the case of decoding a response we will "skip" the whitespace. + (!isDecodingRequest() && Character.isWhitespace(ch))) { break; } } diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java index 45720631c40..2b2d0cc5eb7 100644 --- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java +++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java @@ -320,4 +320,18 @@ public void testTooLargeHeaders() { assertTrue(request.decoderResult().cause() instanceof TooLongFrameException); assertFalse(channel.finish()); } + + @Test + public void testWhitespace() { + EmbeddedChannel channel = new EmbeddedChannel(new HttpRequestDecoder()); + String requestStr = "GET /some/path HTTP/1.1\r\n" + + "Transfer-Encoding : chunked\r\n" + + "Host: netty.io\n\r\n"; + + assertTrue(channel.writeInbound(Unpooled.copiedBuffer(requestStr, CharsetUtil.US_ASCII))); + HttpRequest request = channel.readInbound(); + assertTrue(request.decoderResult().isFailure()); + assertTrue(request.decoderResult().cause() instanceof IllegalArgumentException); + assertFalse(channel.finish()); + } } diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java index f062da2bf1f..6378a376b11 100644 --- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java +++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java @@ -712,4 +712,19 @@ public void testTrailerWithEmptyLineInSeparateBuffer() { assertFalse(channel.finish()); } + + @Test + public void testWhitespace() { + EmbeddedChannel channel = new EmbeddedChannel(new HttpResponseDecoder()); + String requestStr = "HTTP/1.1 200 OK\r\n" + + "Transfer-Encoding : chunked\r\n" + + "Host: netty.io\n\r\n"; + + assertTrue(channel.writeInbound(Unpooled.copiedBuffer(requestStr, CharsetUtil.US_ASCII))); + HttpResponse response = channel.readInbound(); + assertFalse(response.decoderResult().isFailure()); + assertEquals(HttpHeaderValues.CHUNKED.toString(), response.headers().get(HttpHeaderNames.TRANSFER_ENCODING)); + assertEquals("netty.io", response.headers().get(HttpHeaderNames.HOST)); + assertFalse(channel.finish()); + } } From 18ce1ac4e81583f8ed780eaffd4f81ecd13b344e Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Wed, 11 Dec 2019 15:49:07 +0100 Subject: [PATCH 3/5] Detect missing colon when parsing http headers with no value (#9871) Motivation: Technical speaking its valid to have http headers with no values so we should support it. That said we need to detect if these are "generated" because of an "invalid" fold. Modifications: - Detect if a colon is missing when parsing headers. - Add unit test Result: Fixes https://github.com/netty/netty/issues/9866 (cherry picked from commit a7c18d44b46e02dadfe3da225a06e5091f5f328e) --- .../handler/codec/http/HttpObjectDecoder.java | 5 +++++ .../codec/http/HttpRequestDecoderTest.java | 16 ++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java index 818273c8d23..17181526681 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java @@ -747,6 +747,11 @@ private void splitHeader(AppendableCharSequence sb) { } } + if (nameEnd == length) { + // There was no colon present at all. + throw new IllegalArgumentException("No colon found"); + } + for (colonEnd = nameEnd; colonEnd < length; colonEnd ++) { if (sb.charAtUnsafe(colonEnd) == ':') { colonEnd ++; diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java index 2b2d0cc5eb7..414a0336b52 100644 --- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java +++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java @@ -334,4 +334,20 @@ public void testWhitespace() { assertTrue(request.decoderResult().cause() instanceof IllegalArgumentException); assertFalse(channel.finish()); } + + @Test + public void testHeaderWithNoValueAndMissingColon() { + EmbeddedChannel channel = new EmbeddedChannel(new HttpRequestDecoder()); + String requestStr = "GET /some/path HTTP/1.1\r\n" + + "Content-Length: 0\r\n" + + "Host:\r\n" + + "netty.io\r\n\r\n"; + + assertTrue(channel.writeInbound(Unpooled.copiedBuffer(requestStr, CharsetUtil.US_ASCII))); + HttpRequest request = channel.readInbound(); + System.err.println(request.headers().names().toString()); + assertTrue(request.decoderResult().isFailure()); + assertTrue(request.decoderResult().cause() instanceof IllegalArgumentException); + assertFalse(channel.finish()); + } } From db07502148322c068968452f54f9e7cb5b87d51b Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Fri, 13 Dec 2019 08:53:19 +0100 Subject: [PATCH 4/5] Verify we do not receive multiple content-length headers or a content-length and transfer-encoding: chunked header when using HTTP/1.1 (#9865) Motivation: RFC7230 states that we should not accept multiple content-length headers and also should not accept a content-length header in combination with transfer-encoding: chunked Modifications: - Check for multiple content-length headers and if found mark message as invalid - Check if we found a content-length header and also a transfer-encoding: chunked and if so mark the message as invalid - Add unit test Result: Fixes https://github.com/netty/netty/issues/9861 (cherry picked from commit 8494b046ec7e4f28dbd44bc699cc4c4c92251729) --- .../handler/codec/http/HttpObjectDecoder.java | 50 +++++++++++++-- .../codec/http/HttpRequestDecoderTest.java | 64 ++++++++++++++++--- 2 files changed, 99 insertions(+), 15 deletions(-) diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java index 17181526681..8d4fc1d4295 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java @@ -600,23 +600,61 @@ private State readHeaders(ByteBuf buffer) { if (name != null) { headers.add(name, value); } + // reset name and value fields name = null; value = null; - State nextState; + List values = headers.getAll(HttpHeaderNames.CONTENT_LENGTH); + int contentLengthValuesCount = values.size(); + + if (contentLengthValuesCount > 0) { + // Guard against multiple Content-Length headers as stated in + // https://tools.ietf.org/html/rfc7230#section-3.3.2: + // + // If a message is received that has multiple Content-Length header + // fields with field-values consisting of the same decimal value, or a + // single Content-Length header field with a field value containing a + // list of identical decimal values (e.g., "Content-Length: 42, 42"), + // indicating that duplicate Content-Length header fields have been + // generated or combined by an upstream message processor, then the + // recipient MUST either reject the message as invalid or replace the + // duplicated field-values with a single valid Content-Length field + // containing that decimal value prior to determining the message body + // length or forwarding the message. + if (contentLengthValuesCount > 1 && message.protocolVersion() == HttpVersion.HTTP_1_1) { + throw new IllegalArgumentException("Multiple Content-Length headers found"); + } + contentLength = Long.parseLong(values.get(0)); + } if (isContentAlwaysEmpty(message)) { HttpUtil.setTransferEncodingChunked(message, false); - nextState = State.SKIP_CONTROL_CHARS; + return State.SKIP_CONTROL_CHARS; } else if (HttpUtil.isTransferEncodingChunked(message)) { - nextState = State.READ_CHUNK_SIZE; + // See https://tools.ietf.org/html/rfc7230#section-3.3.3 + // + // If a message is received with both a Transfer-Encoding and a + // Content-Length header field, the Transfer-Encoding overrides the + // Content-Length. Such a message might indicate an attempt to + // perform request smuggling (Section 9.5) or response splitting + // (Section 9.4) and ought to be handled as an error. A sender MUST + // remove the received Content-Length field prior to forwarding such + // a message downstream. + // + // This is also what http_parser does: + // https://github.com/nodejs/http-parser/blob/v2.9.2/http_parser.c#L1769 + if (contentLengthValuesCount > 0 && message.protocolVersion() == HttpVersion.HTTP_1_1) { + throw new IllegalArgumentException( + "Both 'Content-Length: " + contentLength + "' and 'Transfer-Encoding: chunked' found"); + } + + return State.READ_CHUNK_SIZE; } else if (contentLength() >= 0) { - nextState = State.READ_FIXED_LENGTH_CONTENT; + return State.READ_FIXED_LENGTH_CONTENT; } else { - nextState = State.READ_VARIABLE_LENGTH_CONTENT; + return State.READ_VARIABLE_LENGTH_CONTENT; } - return nextState; } private long contentLength() { diff --git a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java index 414a0336b52..717b5809015 100644 --- a/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java +++ b/codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java @@ -323,29 +323,75 @@ public void testTooLargeHeaders() { @Test public void testWhitespace() { - EmbeddedChannel channel = new EmbeddedChannel(new HttpRequestDecoder()); String requestStr = "GET /some/path HTTP/1.1\r\n" + "Transfer-Encoding : chunked\r\n" + "Host: netty.io\n\r\n"; - - assertTrue(channel.writeInbound(Unpooled.copiedBuffer(requestStr, CharsetUtil.US_ASCII))); - HttpRequest request = channel.readInbound(); - assertTrue(request.decoderResult().isFailure()); - assertTrue(request.decoderResult().cause() instanceof IllegalArgumentException); - assertFalse(channel.finish()); + testInvalidHeaders0(requestStr); } @Test public void testHeaderWithNoValueAndMissingColon() { - EmbeddedChannel channel = new EmbeddedChannel(new HttpRequestDecoder()); String requestStr = "GET /some/path HTTP/1.1\r\n" + "Content-Length: 0\r\n" + "Host:\r\n" + "netty.io\r\n\r\n"; + testInvalidHeaders0(requestStr); + } + + @Test + public void testMultipleContentLengthHeaders() { + String requestStr = "GET /some/path HTTP/1.1\r\n" + + "Content-Length: 1\r\n" + + "Content-Length: 0\r\n\r\n" + + "b"; + testInvalidHeaders0(requestStr); + } + + @Test + public void testMultipleContentLengthHeaders2() { + String requestStr = "GET /some/path HTTP/1.1\r\n" + + "Content-Length: 1\r\n" + + "Connection: close\r\n" + + "Content-Length: 0\r\n\r\n" + + "b"; + testInvalidHeaders0(requestStr); + } + + @Test + public void testContentLengthHeaderWithCommaValue() { + String requestStr = "GET /some/path HTTP/1.1\r\n" + + "Content-Length: 1,1\r\n\r\n" + + "b"; + testInvalidHeaders0(requestStr); + } + @Test + public void testMultipleContentLengthHeadersWithFolding() { + String requestStr = "POST / HTTP/1.1\r\n" + + "Host: example.com\r\n" + + "Connection: close\r\n" + + "Content-Length: 5\r\n" + + "Content-Length:\r\n" + + "\t6\r\n\r\n" + + "123456"; + testInvalidHeaders0(requestStr); + } + + @Test + public void testContentLengthHeaderAndChunked() { + String requestStr = "POST / HTTP/1.1\r\n" + + "Host: example.com\r\n" + + "Connection: close\r\n" + + "Content-Length: 5\r\n" + + "Transfer-Encoding: chunked\r\n\r\n" + + "0\r\n\r\n"; + testInvalidHeaders0(requestStr); + } + + private static void testInvalidHeaders0(String requestStr) { + EmbeddedChannel channel = new EmbeddedChannel(new HttpRequestDecoder()); assertTrue(channel.writeInbound(Unpooled.copiedBuffer(requestStr, CharsetUtil.US_ASCII))); HttpRequest request = channel.readInbound(); - System.err.println(request.headers().names().toString()); assertTrue(request.decoderResult().isFailure()); assertTrue(request.decoderResult().cause() instanceof IllegalArgumentException); assertFalse(channel.finish()); From 55207c3282422ac1ef418c47f869957eab02cf5f Mon Sep 17 00:00:00 2001 From: Dan LaRocque Date: Tue, 7 Apr 2020 06:11:25 -0500 Subject: [PATCH 5/5] Version bump to 4.1.34.3.dse Compared against 4.1.34.2.dse, this tag cherry-picks upstream commits that fixed bugs in HttpObjectDecoder/HttpRequestDecoder, plus two intermediate refactoring commits that indirectly affect those bugfix commits. What follows is a list of PR links, issue links, CVE links, and hashes associated with the cherry-picked commits. Verify we do not receive multiple content-length headers or a content-length and transfer-encoding: chunked header when using HTTP/1.1 (#9865) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7238 https://github.com/netty/netty/issues/9861 https://github.com/netty/netty/pull/9865 8494b046ec7e4f28dbd44bc699cc4c4c92251729 Detect missing colon when parsing http headers with no value (#9871) https://nvd.nist.gov/vuln/detail/CVE-2019-20444 https://github.com/netty/netty/issues/9866 https://github.com/netty/netty/pull/9871 a7c18d44b46e02dadfe3da225a06e5091f5f328e Fix typos in javadocs (#9527) skipped Correctly handle whitespaces in HTTP header names as defined by RFC7230#section-3.2.4 (#9585) https://nvd.nist.gov/vuln/detail/CVE-2019-16869 https://github.com/netty/netty/issues/9571 https://github.com/netty/netty/pull/9585 39cafcb05c99f2aa9fce7e6597664c9ed6a63a95 Use `AppendableCharSequence.charAtUnsafe(int)` in `HttpObjectDecoder` (#9492) https://github.com/netty/netty/pull/9492 85fcf4e58164806645b79239d0e6bf00287e26dc --- all/pom.xml | 2 +- bom/pom.xml | 67 +++++++++++----------- buffer/pom.xml | 2 +- codec-dns/pom.xml | 2 +- codec-haproxy/pom.xml | 2 +- codec-http/pom.xml | 2 +- codec-http2/pom.xml | 2 +- codec-memcache/pom.xml | 2 +- codec-mqtt/pom.xml | 2 +- codec-redis/pom.xml | 2 +- codec-smtp/pom.xml | 2 +- codec-socks/pom.xml | 2 +- codec-stomp/pom.xml | 2 +- codec-xml/pom.xml | 2 +- codec/pom.xml | 2 +- common/pom.xml | 2 +- dev-tools/pom.xml | 3 +- example/pom.xml | 2 +- handler-proxy/pom.xml | 2 +- handler/pom.xml | 2 +- microbench/pom.xml | 2 +- pom.xml | 3 +- resolver-dns/pom.xml | 2 +- resolver/pom.xml | 2 +- tarball/pom.xml | 2 +- testsuite-autobahn/pom.xml | 2 +- testsuite-http2/pom.xml | 2 +- testsuite-osgi/pom.xml | 2 +- testsuite-shading/pom.xml | 2 +- testsuite/pom.xml | 2 +- transport-native-epoll/pom.xml | 2 +- transport-native-kqueue/pom.xml | 2 +- transport-native-unix-common-tests/pom.xml | 2 +- transport-native-unix-common/pom.xml | 2 +- transport-rxtx/pom.xml | 2 +- transport-sctp/pom.xml | 2 +- transport-udt/pom.xml | 2 +- transport/pom.xml | 2 +- 38 files changed, 70 insertions(+), 73 deletions(-) diff --git a/all/pom.xml b/all/pom.xml index 53319253ff0..e0ca51fc0bc 100644 --- a/all/pom.xml +++ b/all/pom.xml @@ -21,7 +21,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-all diff --git a/bom/pom.xml b/bom/pom.xml index 7a9fee8b3d3..b78da2b70dc 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -25,7 +25,7 @@ io.netty netty-bom - 4.1.34.2.dse + 4.1.34.3.dse pom Netty/BOM @@ -49,7 +49,6 @@ https://github.com/netty/netty scm:git:git://github.com/netty/netty.git scm:git:ssh://git@github.com/netty/netty.git - netty-4.1.34.2.dse @@ -69,165 +68,165 @@ io.netty netty-buffer - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-dns - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-haproxy - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-http - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-http2 - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-memcache - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-mqtt - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-redis - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-smtp - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-socks - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-stomp - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-codec-xml - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-common - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-dev-tools - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-handler - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-handler-proxy - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-resolver - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-resolver-dns - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-transport - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-transport-rxtx - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-transport-sctp - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-transport-udt - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-example - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-all - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-transport-native-unix-common - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-transport-native-unix-common - 4.1.34.2.dse + 4.1.34.3.dse linux-x86_64 io.netty netty-transport-native-unix-common - 4.1.34.2.dse + 4.1.34.3.dse osx-x86_64 io.netty netty-transport-native-epoll - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-transport-native-epoll - 4.1.34.2.dse + 4.1.34.3.dse linux-x86_64 io.netty netty-transport-native-kqueue - 4.1.34.2.dse + 4.1.34.3.dse io.netty netty-transport-native-kqueue - 4.1.34.2.dse + 4.1.34.3.dse osx-x86_64 diff --git a/buffer/pom.xml b/buffer/pom.xml index 74029b434c6..4e5586497c9 100644 --- a/buffer/pom.xml +++ b/buffer/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-buffer diff --git a/codec-dns/pom.xml b/codec-dns/pom.xml index 06dad59b77d..94de3b97e69 100644 --- a/codec-dns/pom.xml +++ b/codec-dns/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-dns diff --git a/codec-haproxy/pom.xml b/codec-haproxy/pom.xml index a51ac224d9c..5f2ee5c3615 100644 --- a/codec-haproxy/pom.xml +++ b/codec-haproxy/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-haproxy diff --git a/codec-http/pom.xml b/codec-http/pom.xml index b61c319b5a4..d3953462213 100644 --- a/codec-http/pom.xml +++ b/codec-http/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-http diff --git a/codec-http2/pom.xml b/codec-http2/pom.xml index a97427f6ce8..7973628d221 100644 --- a/codec-http2/pom.xml +++ b/codec-http2/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-http2 diff --git a/codec-memcache/pom.xml b/codec-memcache/pom.xml index 4fdb3017aa0..f54cfca998f 100644 --- a/codec-memcache/pom.xml +++ b/codec-memcache/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-memcache diff --git a/codec-mqtt/pom.xml b/codec-mqtt/pom.xml index 4d749ef7953..08c05023911 100644 --- a/codec-mqtt/pom.xml +++ b/codec-mqtt/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-mqtt diff --git a/codec-redis/pom.xml b/codec-redis/pom.xml index 7988ca93bef..b92ca2f0c71 100644 --- a/codec-redis/pom.xml +++ b/codec-redis/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-redis diff --git a/codec-smtp/pom.xml b/codec-smtp/pom.xml index 1666e036413..d8570d8b204 100644 --- a/codec-smtp/pom.xml +++ b/codec-smtp/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-smtp diff --git a/codec-socks/pom.xml b/codec-socks/pom.xml index f3c39368030..67c68c3c4dc 100644 --- a/codec-socks/pom.xml +++ b/codec-socks/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-socks diff --git a/codec-stomp/pom.xml b/codec-stomp/pom.xml index 8a2388037ee..58ac05cfb58 100644 --- a/codec-stomp/pom.xml +++ b/codec-stomp/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-stomp diff --git a/codec-xml/pom.xml b/codec-xml/pom.xml index 9ea5f853836..ff0e5598a92 100644 --- a/codec-xml/pom.xml +++ b/codec-xml/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec-xml diff --git a/codec/pom.xml b/codec/pom.xml index 6b455474fd4..b36a60b8196 100644 --- a/codec/pom.xml +++ b/codec/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-codec diff --git a/common/pom.xml b/common/pom.xml index 91d62d522ae..6c041034b3c 100644 --- a/common/pom.xml +++ b/common/pom.xml @@ -21,7 +21,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-common diff --git a/dev-tools/pom.xml b/dev-tools/pom.xml index 523999d283c..c3fb1e662da 100644 --- a/dev-tools/pom.xml +++ b/dev-tools/pom.xml @@ -25,7 +25,7 @@ io.netty netty-dev-tools - 4.1.34.2.dse + 4.1.34.3.dse Netty/Dev-Tools @@ -52,6 +52,5 @@ - netty-4.1.34.2.dse diff --git a/example/pom.xml b/example/pom.xml index 51e1e9e36d8..b528fd6019d 100644 --- a/example/pom.xml +++ b/example/pom.xml @@ -21,7 +21,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-example diff --git a/handler-proxy/pom.xml b/handler-proxy/pom.xml index d31ef689abd..24f20e6e7e6 100644 --- a/handler-proxy/pom.xml +++ b/handler-proxy/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-handler-proxy diff --git a/handler/pom.xml b/handler/pom.xml index f7a6535e859..028cea90bcf 100644 --- a/handler/pom.xml +++ b/handler/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-handler diff --git a/microbench/pom.xml b/microbench/pom.xml index 41905a70dc8..75e7356f717 100644 --- a/microbench/pom.xml +++ b/microbench/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-microbench diff --git a/pom.xml b/pom.xml index 04eb02ab2d8..77de42766bc 100644 --- a/pom.xml +++ b/pom.xml @@ -26,7 +26,7 @@ io.netty netty-parent pom - 4.1.34.2.dse + 4.1.34.3.dse Netty http://netty.io/ @@ -53,7 +53,6 @@ https://github.com/netty/netty scm:git:git://github.com/netty/netty.git scm:git:ssh://git@github.com/netty/netty.git - netty-4.1.34.2.dse diff --git a/resolver-dns/pom.xml b/resolver-dns/pom.xml index e8a9622d5db..8c48330700f 100644 --- a/resolver-dns/pom.xml +++ b/resolver-dns/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-resolver-dns diff --git a/resolver/pom.xml b/resolver/pom.xml index e0c7b05985d..9918805ef9f 100644 --- a/resolver/pom.xml +++ b/resolver/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-resolver diff --git a/tarball/pom.xml b/tarball/pom.xml index 8165b9784ee..b3f8c9f8098 100644 --- a/tarball/pom.xml +++ b/tarball/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-tarball diff --git a/testsuite-autobahn/pom.xml b/testsuite-autobahn/pom.xml index 5283ab2a539..65d776c766e 100644 --- a/testsuite-autobahn/pom.xml +++ b/testsuite-autobahn/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-testsuite-autobahn diff --git a/testsuite-http2/pom.xml b/testsuite-http2/pom.xml index d503940bf57..d4809c7779b 100644 --- a/testsuite-http2/pom.xml +++ b/testsuite-http2/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-testsuite-http2 diff --git a/testsuite-osgi/pom.xml b/testsuite-osgi/pom.xml index 8ac8d5f2fa2..47c564c859a 100644 --- a/testsuite-osgi/pom.xml +++ b/testsuite-osgi/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-testsuite-osgi diff --git a/testsuite-shading/pom.xml b/testsuite-shading/pom.xml index e87b4afad44..e461c749947 100644 --- a/testsuite-shading/pom.xml +++ b/testsuite-shading/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-testsuite-shading diff --git a/testsuite/pom.xml b/testsuite/pom.xml index fb00796e4d6..319cce6fbd6 100644 --- a/testsuite/pom.xml +++ b/testsuite/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-testsuite diff --git a/transport-native-epoll/pom.xml b/transport-native-epoll/pom.xml index 3f202b05a9b..32f2771168c 100644 --- a/transport-native-epoll/pom.xml +++ b/transport-native-epoll/pom.xml @@ -19,7 +19,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-transport-native-epoll diff --git a/transport-native-kqueue/pom.xml b/transport-native-kqueue/pom.xml index d25b44954a0..fbb9284aa6b 100644 --- a/transport-native-kqueue/pom.xml +++ b/transport-native-kqueue/pom.xml @@ -19,7 +19,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-transport-native-kqueue diff --git a/transport-native-unix-common-tests/pom.xml b/transport-native-unix-common-tests/pom.xml index ca6f864e59b..62dbb1eda59 100644 --- a/transport-native-unix-common-tests/pom.xml +++ b/transport-native-unix-common-tests/pom.xml @@ -19,7 +19,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-transport-native-unix-common-tests diff --git a/transport-native-unix-common/pom.xml b/transport-native-unix-common/pom.xml index 4797cc7d20c..10b6d5bc6bd 100644 --- a/transport-native-unix-common/pom.xml +++ b/transport-native-unix-common/pom.xml @@ -19,7 +19,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-transport-native-unix-common diff --git a/transport-rxtx/pom.xml b/transport-rxtx/pom.xml index 00541684c98..37d4317d96b 100644 --- a/transport-rxtx/pom.xml +++ b/transport-rxtx/pom.xml @@ -21,7 +21,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-transport-rxtx diff --git a/transport-sctp/pom.xml b/transport-sctp/pom.xml index 73d942baaba..90d1230497d 100644 --- a/transport-sctp/pom.xml +++ b/transport-sctp/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-transport-sctp diff --git a/transport-udt/pom.xml b/transport-udt/pom.xml index 84ac430e666..f01ae9c19f7 100644 --- a/transport-udt/pom.xml +++ b/transport-udt/pom.xml @@ -21,7 +21,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-transport-udt diff --git a/transport/pom.xml b/transport/pom.xml index c3c4a851619..ff87fbec631 100644 --- a/transport/pom.xml +++ b/transport/pom.xml @@ -20,7 +20,7 @@ io.netty netty-parent - 4.1.34.2.dse + 4.1.34.3.dse netty-transport