Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-49650

JEP-200: Unreliable Slave plugin: javax.mail.internet.InternetAddress

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      javax.mail.internet.InternetAddress from additional jar mail-1.4.4.jar appears to be missing from whitelist :

      févr. 19, 2018 3:29:28 PM jenkins.security.ClassFilterImpl lambda$isBlacklisted$1
      AVERTISSEMENT: javax.mail.internet.InternetAddress in file:/C:/dev/programmes/Jenkins/war/WEB-INF/lib/mail-1.4.4.jar might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/
      

      This is making trouble to read some job configuration, and for data cleaning :

      ConversionException: Refusing to unmarshal javax.mail.internet.InternetAddress for security reasons; see https://jenkins.io/redirect/class-filter/ ---- Debugging information ---- class : javax.mail.internet.InternetAddress required-type : javax.mail.internet.InternetAddress converter-type : hudson.util.XStream2$BlacklistedTypesConverter path : /org.jenkinsci.plugins.detection.unreliable.slave.UnreliableSlaveDetection$DescriptorImpl/settings/addresses/javax.mail.internet.InternetAddress line number : 5 class[1] : [Ljavax.mail.internet.InternetAddress; converter-type[1] : com.thoughtworks.xstream.converters.collections.ArrayConverter -------------------------------, MissingFieldException: No field 'numberOfFailureInRow' found in class 'org.jenkinsci.plugins.detection.unreliable.slave.UnreliableSlaveDetection$DescriptorImpl'
      

      Workaround:

      Add the following argument to jenkins command line:

      -Dhudson.remoting.ClassFilter=javax.mail.internet.InternetAddress
      

        Attachments

          Activity

          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Lucie Votypkova could you please take a look?

          https://plugins.jenkins.io/unreliable-slave-plugin has only 78 installations, so I doubt we will prioritize it high as JEP-200 maintainers.

          Show
          oleg_nenashev Oleg Nenashev added a comment - Lucie Votypkova could you please take a look? https://plugins.jenkins.io/unreliable-slave-plugin has only 78 installations, so I doubt we will prioritize it high as JEP-200 maintainers.
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          The plugin also has no automated tests && its plugin POM is extremely outdated. Facelifting it would take a significant time.

          Let's wait for feedback from contributors.
          Also cc Oliver Gondža

          Show
          oleg_nenashev Oleg Nenashev added a comment - The plugin also has no automated tests && its plugin POM is extremely outdated. Facelifting it would take a significant time. Let's wait for feedback from contributors. Also cc Oliver Gondža
          Hide
          rmaura Régis Maura added a comment -

          No worries about the delay for fix.
          Even if it is not fixed, it is not blocking as long as we can use the option "-Dhudson.remoting.ClassFilter".
          My goal was mostly informative for other users of the plugin.

          Show
          rmaura Régis Maura added a comment - No worries about the delay for fix. Even if it is not fixed, it is not blocking as long as we can use the option "-Dhudson.remoting.ClassFilter". My goal was mostly informative for other users of the plugin.
          Hide
          lvotypkova Lucie Votypkova added a comment -

          Hello,

          I did not do any change for so long time in this plugin! I guess that whole implementation is very old and need some actualization. Oleg is right .... it would deserve some tests too. I do not have time for it, but if you sent pull request I will happily accept it. I do not have a usage for this plugin anymore (I would maintain it only for community) so handover of the plugin to someone else is welcome too!

          Show
          lvotypkova Lucie Votypkova added a comment - Hello, I did not do any change for so long time in this plugin! I guess that whole implementation is very old and need some actualization. Oleg is right .... it would deserve some tests too. I do not have time for it, but if you sent pull request I will happily accept it. I do not have a usage for this plugin anymore (I would maintain it only for community) so handover of the plugin to someone else is welcome too!
          Show
          oleg_nenashev Oleg Nenashev added a comment - Lucie Votypkova could you please mark the plugin for adoption then? https://wiki.jenkins.io/display/JENKINS/Adopt+a+Plugin#AdoptaPlugin-HowcanImarkapluginforadoption?
          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          Lucie Votypkova gentle ping

          Show
          oleg_nenashev Oleg Nenashev added a comment - Lucie Votypkova gentle ping
          Hide
          oleg_nenashev Oleg Nenashev added a comment -
          Show
          oleg_nenashev Oleg Nenashev added a comment - Lucie Votypkova ping

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            rmaura Régis Maura
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: