diff --git a/patches/server/Backport-log4j-2.15.0-bugfix.patch b/patches/server/Backport-log4j-2.15.0-bugfix.patch deleted file mode 100644 index 2d4dc479f9..0000000000 --- a/patches/server/Backport-log4j-2.15.0-bugfix.patch +++ /dev/null @@ -1,385 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Ralph Goers -Date: Sat, 4 Dec 2021 21:03:32 -0700 -Subject: [PATCH] Backport log4j 2.15.0 bugfix - - -diff --git a/src/main/java/org/apache/logging/log4j/core/appender/mom/JmsAppender.java b/src/main/java/org/apache/logging/log4j/core/appender/mom/JmsAppender.java -index 0000000000000000000000000000000000000000..0000000000000000000000000000000000000000 100644 ---- a/src/main/java/org/apache/logging/log4j/core/appender/mom/JmsAppender.java -+++ b/src/main/java/org/apache/logging/log4j/core/appender/mom/JmsAppender.java -@@ -0,0 +0,0 @@ import java.io.Serializable; - import java.util.Properties; - import java.util.concurrent.TimeUnit; - --import javax.jms.JMSException; -- - import org.apache.logging.log4j.core.Appender; - import org.apache.logging.log4j.core.Filter; - import org.apache.logging.log4j.core.Layout; -@@ -0,0 +0,0 @@ public class JmsAppender extends AbstractAppender { - @PluginBuilderAttribute - private boolean immediateFail; - -+ @PluginBuilderAttribute -+ private String allowedLdapClasses; -+ -+ @PluginBuilderAttribute -+ private String allowedLdapHosts; -+ -+ @PluginBuilderAttribute -+ private String allowedJndiProtocols; -+ - // Programmatic access only for now. - private JmsManager jmsManager; - -@@ -0,0 +0,0 @@ public class JmsAppender extends AbstractAppender { - JmsManager actualJmsManager = jmsManager; - JmsManagerConfiguration configuration = null; - if (actualJmsManager == null) { -+ Properties additionalProperties = null; -+ if (allowedLdapClasses != null || allowedLdapHosts != null) { -+ additionalProperties = new Properties(); -+ if (allowedLdapHosts != null) { -+ additionalProperties.put(JndiManager.ALLOWED_HOSTS, allowedLdapHosts); -+ } -+ if (allowedLdapClasses != null) { -+ additionalProperties.put(JndiManager.ALLOWED_CLASSES, allowedLdapClasses); -+ } -+ if (allowedJndiProtocols != null) { -+ additionalProperties.put(JndiManager.ALLOWED_PROTOCOLS, allowedJndiProtocols); -+ } -+ } - final Properties jndiProperties = JndiManager.createProperties(factoryName, providerUrl, urlPkgPrefixes, -- securityPrincipalName, securityCredentials, null); -+ securityPrincipalName, securityCredentials, additionalProperties); - configuration = new JmsManagerConfiguration(jndiProperties, factoryBindingName, destinationBindingName, - userName, password, false, reconnectIntervalMillis); - actualJmsManager = AbstractManager.getManager(getName(), JmsManager.FACTORY, configuration); -@@ -0,0 +0,0 @@ public class JmsAppender extends AbstractAppender { - LOGGER.error("No layout provided for JmsAppender"); - return null; - } -- try { -+ //try { - return new JmsAppender(getName(), getFilter(), layout, isIgnoreExceptions(), getPropertyArray(), - actualJmsManager); -- } catch (final JMSException e) { -+ /*} catch (final JMSException e) { - // Never happens since the ctor no longer actually throws a JMSException. - throw new IllegalStateException(e); -- } -+ }*/ - } - - public Builder setDestinationBindingName(final String destinationBindingName) { -@@ -0,0 +0,0 @@ public class JmsAppender extends AbstractAppender { - return this; - } - -+ public Builder setAllowedLdapClasses(final String allowedLdapClasses) { -+ this.allowedLdapClasses = allowedLdapClasses; -+ return this; -+ } -+ -+ public Builder setAllowedLdapHosts(final String allowedLdapHosts) { -+ this.allowedLdapHosts = allowedLdapHosts; -+ return this; -+ } -+ -+ public Builder setAllowedJndiProtocols(final String allowedJndiProtocols) { -+ this.allowedJndiProtocols = allowedJndiProtocols; -+ return this; -+ } -+ - /** - * Does not include the password. - */ -@@ -0,0 +0,0 @@ public class JmsAppender extends AbstractAppender { - + ", securityCredentials=" + securityCredentials + ", factoryBindingName=" + factoryBindingName - + ", destinationBindingName=" + destinationBindingName + ", username=" + userName + ", layout=" - + getLayout() + ", filter=" + getFilter() + ", ignoreExceptions=" + isIgnoreExceptions() -- + ", jmsManager=" + jmsManager + "]"; -+ + ", jmsManager=" + jmsManager + ", allowedLdapClasses=" + allowedLdapClasses -+ + ", allowedLdapHosts=" + allowedLdapHosts + ", allowedJndiProtocols=" + allowedJndiProtocols + "]"; - } - - } -@@ -0,0 +0,0 @@ public class JmsAppender extends AbstractAppender { - - private volatile JmsManager manager; - -- /** -- * -- * @throws JMSException not thrown as of 2.9 but retained in the signature for compatibility, will be removed in 3.0 -- */ - protected JmsAppender(final String name, final Filter filter, final Layout layout, -- final boolean ignoreExceptions, final Property[] properties, final JmsManager manager) throws JMSException { -+ final boolean ignoreExceptions, final Property[] properties, final JmsManager manager) /*throws JMSException*/ { - super(name, filter, layout, ignoreExceptions, properties); - this.manager = manager; - } - -- /** -- * -- * @throws JMSException not thrown as of 2.9 but retained in the signature for compatibility, will be removed in 3.0 -- * @deprecated -- */ - @Deprecated - protected JmsAppender(final String name, final Filter filter, final Layout layout, -- final boolean ignoreExceptions, final JmsManager manager) throws JMSException { -+ final boolean ignoreExceptions, final JmsManager manager) /*throws JMSException*/ { - super(name, filter, layout, ignoreExceptions, Property.EMPTY_ARRAY); - this.manager = manager; - } -diff --git a/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java b/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java -index 0000000000000000000000000000000000000000..0000000000000000000000000000000000000000 100644 ---- a/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java -+++ b/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java -@@ -0,0 +0,0 @@ - - package org.apache.logging.log4j.core.net; - -+import java.net.URI; -+import java.net.URISyntaxException; -+import java.util.ArrayList; -+import java.util.Arrays; -+import java.util.HashMap; -+import java.util.List; -+import java.util.Locale; -+import java.util.Map; - import java.util.Properties; - import java.util.concurrent.TimeUnit; - - import javax.naming.Context; --import javax.naming.InitialContext; -+import javax.naming.NamingEnumeration; - import javax.naming.NamingException; -+import javax.naming.directory.Attribute; -+import javax.naming.directory.Attributes; -+import javax.naming.directory.DirContext; -+import javax.naming.directory.InitialDirContext; - - import org.apache.logging.log4j.core.appender.AbstractManager; - import org.apache.logging.log4j.core.appender.ManagerFactory; - import org.apache.logging.log4j.core.util.JndiCloser; -+import org.apache.logging.log4j.core.util.NetUtils; -+import org.apache.logging.log4j.util.PropertiesUtil; - - /** -- * Manages a JNDI {@link javax.naming.Context}. -+ * Manages a JNDI {@link javax.naming.directory.DirContext}. - * - * @since 2.1 - */ - public class JndiManager extends AbstractManager { - -+ public static final String ALLOWED_HOSTS = "allowedLdapHosts"; -+ public static final String ALLOWED_CLASSES = "allowedLdapClasses"; -+ public static final String ALLOWED_PROTOCOLS = "allowedJndiProtocols"; -+ - private static final JndiManagerFactory FACTORY = new JndiManagerFactory(); -+ private static final String PREFIX = "log4j2."; -+ private static final String LDAP = "ldap"; -+ private static final String LDAPS = "ldaps"; -+ private static final String JAVA = "java"; -+ private static final List permanentAllowedHosts = NetUtils.getLocalIps(); -+ private static final List permanentAllowedClasses = Arrays.asList(Boolean.class.getName(), -+ Byte.class.getName(), Character.class.getName(), Double.class.getName(), Float.class.getName(), -+ Integer.class.getName(), Long.class.getName(), Short.class.getName(), String.class.getName()); -+ private static final List permanentAllowedProtocols = Arrays.asList(JAVA, LDAP, LDAPS); -+ private static final String SERIALIZED_DATA = "javaSerializedData"; -+ private static final String CLASS_NAME = "javaClassName"; -+ private static final String REFERENCE_ADDRESS = "javaReferenceAddress"; -+ private static final String OBJECT_FACTORY = "javaFactory"; -+ private final List allowedHosts; -+ private final List allowedClasses; -+ private final List allowedProtocols; - -- private final Context context; -+ private final DirContext context; - -- private JndiManager(final String name, final Context context) { -+ private JndiManager(final String name, final DirContext context, final List allowedHosts, -+ final List allowedClasses, final List allowedProtocols) { - super(null, name); - this.context = context; -+ this.allowedHosts = allowedHosts; -+ this.allowedClasses = allowedClasses; -+ this.allowedProtocols = allowedProtocols; - } - - /** -@@ -0,0 +0,0 @@ public class JndiManager extends AbstractManager { - * @throws NamingException if a naming exception is encountered - */ - @SuppressWarnings("unchecked") -- public T lookup(final String name) throws NamingException { -+ public synchronized T lookup(final String name) throws NamingException { -+ try { -+ URI uri = new URI(name); -+ if (uri.getScheme() != null) { -+ if (!allowedProtocols.contains(uri.getScheme().toLowerCase(Locale.ROOT))) { -+ LOGGER.warn("Log4j JNDI does not allow protocol {}", uri.getScheme()); -+ return null; -+ } -+ if (LDAP.equalsIgnoreCase(uri.getScheme()) || LDAPS.equalsIgnoreCase(uri.getScheme())) { -+ if (!allowedHosts.contains(uri.getHost())) { -+ LOGGER.warn("Attempt to access ldap server not in allowed list"); -+ return null; -+ } -+ Attributes attributes = this.context.getAttributes(name); -+ if (attributes != null) { -+ // In testing the "key" for attributes seems to be lowercase while the attribute id is -+ // camelcase, but that may just be true for the test LDAP used here. This copies the Attributes -+ // to a Map ignoring the "key" and using the Attribute's id as the key in the Map so it matches -+ // the Java schema. -+ Map attributeMap = new HashMap<>(); -+ NamingEnumeration enumeration = attributes.getAll(); -+ while (enumeration.hasMore()) { -+ Attribute attribute = enumeration.next(); -+ attributeMap.put(attribute.getID(), attribute); -+ } -+ Attribute classNameAttr = attributeMap.get(CLASS_NAME); -+ if (attributeMap.get(SERIALIZED_DATA) != null) { -+ if (classNameAttr != null) { -+ String className = classNameAttr.get().toString(); -+ if (!allowedClasses.contains(className)) { -+ LOGGER.warn("Deserialization of {} is not allowed", className); -+ return null; -+ } -+ } else { -+ LOGGER.warn("No class name provided for {}", name); -+ return null; -+ } -+ } else if (attributeMap.get(REFERENCE_ADDRESS) != null -+ || attributeMap.get(OBJECT_FACTORY) != null) { -+ LOGGER.warn("Referenceable class is not allowed for {}", name); -+ return null; -+ } -+ } -+ } -+ } -+ } catch (URISyntaxException ex) { -+ LOGGER.warn("Invalid JNDI URI - {}", name); -+ return null; -+ } - return (T) this.context.lookup(name); - } - -@@ -0,0 +0,0 @@ public class JndiManager extends AbstractManager { - - @Override - public JndiManager createManager(final String name, final Properties data) { -+ String hosts = data != null ? data.getProperty(ALLOWED_HOSTS) : null; -+ String classes = data != null ? data.getProperty(ALLOWED_CLASSES) : null; -+ String protocols = data != null ? data.getProperty(ALLOWED_PROTOCOLS) : null; -+ List allowedHosts = new ArrayList<>(); -+ List allowedClasses = new ArrayList<>(); -+ List allowedProtocols = new ArrayList<>(); -+ addAll(hosts, allowedHosts, permanentAllowedHosts, ALLOWED_HOSTS, data); -+ addAll(classes, allowedClasses, permanentAllowedClasses, ALLOWED_CLASSES, data); -+ addAll(protocols, allowedProtocols, permanentAllowedProtocols, ALLOWED_PROTOCOLS, data); - try { -- return new JndiManager(name, new InitialContext(data)); -+ return new JndiManager(name, new InitialDirContext(data), allowedHosts, allowedClasses, -+ allowedProtocols); - } catch (final NamingException e) { - LOGGER.error("Error creating JNDI InitialContext.", e); - return null; - } - } -+ -+ private void addAll(String toSplit, List list, List permanentList, String propertyName, -+ Properties data) { -+ if (toSplit != null) { -+ list.addAll(Arrays.asList(toSplit.split("\\s*,\\s*"))); -+ data.remove(propertyName); -+ } -+ toSplit = PropertiesUtil.getProperties().getStringProperty(PREFIX + propertyName); -+ if (toSplit != null) { -+ list.addAll(Arrays.asList(toSplit.split("\\s*,\\s*"))); -+ } -+ list.addAll(permanentList); -+ } - } - - @Override -diff --git a/src/main/java/org/apache/logging/log4j/core/util/NetUtils.java b/src/main/java/org/apache/logging/log4j/core/util/NetUtils.java -index 0000000000000000000000000000000000000000..0000000000000000000000000000000000000000 100644 ---- a/src/main/java/org/apache/logging/log4j/core/util/NetUtils.java -+++ b/src/main/java/org/apache/logging/log4j/core/util/NetUtils.java -@@ -0,0 +0,0 @@ - package org.apache.logging.log4j.core.util; - - import java.io.File; -+import java.net.Inet4Address; -+import java.net.Inet6Address; - import java.net.InetAddress; - import java.net.MalformedURLException; - import java.net.NetworkInterface; -@@ -0,0 +0,0 @@ import java.net.URI; - import java.net.URISyntaxException; - import java.net.URL; - import java.net.UnknownHostException; -+import java.util.ArrayList; - import java.util.Arrays; - import java.util.Enumeration; -+import java.util.List; - - import org.apache.logging.log4j.Logger; - import org.apache.logging.log4j.status.StatusLogger; -+import org.apache.logging.log4j.util.Strings; - - /** - * Networking-related convenience methods. -@@ -0,0 +0,0 @@ public final class NetUtils { - } - } - -+ /** -+ * Returns all the local host names and ip addresses. -+ * @return The local host names and ip addresses. -+ */ -+ public static List getLocalIps() { -+ List localIps = new ArrayList<>(); -+ localIps.add("localhost"); -+ localIps.add("127.0.0.1"); -+ try { -+ final InetAddress addr = Inet4Address.getLocalHost(); -+ setHostName(addr, localIps); -+ } catch (final UnknownHostException ex) { -+ // Ignore this. -+ } -+ try { -+ final Enumeration interfaces = NetworkInterface.getNetworkInterfaces(); -+ if (interfaces != null) { -+ while (interfaces.hasMoreElements()) { -+ final NetworkInterface nic = interfaces.nextElement(); -+ final Enumeration addresses = nic.getInetAddresses(); -+ while (addresses.hasMoreElements()) { -+ final InetAddress address = addresses.nextElement(); -+ setHostName(address, localIps); -+ } -+ } -+ } -+ } catch (final SocketException se) { -+ // ignore. -+ } -+ return localIps; -+ } -+ -+ private static void setHostName(InetAddress address, List localIps) { -+ String[] parts = address.toString().split("\\s*/\\s*"); -+ if (parts.length > 0) { -+ for (String part : parts) { -+ if (Strings.isNotBlank(part) && !localIps.contains(part)) { -+ localIps.add(part); -+ } -+ } -+ } -+ } -+ - /** - * Returns the local network interface's MAC address if possible. The local network interface is defined here as - * the {@link java.net.NetworkInterface} that is both up and not a loopback interface. diff --git a/patches/server/Set-AsyncAppender-dispatch-thread-to-be-a-daemon-thr.patch b/patches/server/Set-AsyncAppender-dispatch-thread-to-be-a-daemon-thr.patch deleted file mode 100644 index 0930f854b0..0000000000 --- a/patches/server/Set-AsyncAppender-dispatch-thread-to-be-a-daemon-thr.patch +++ /dev/null @@ -1,19 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Jason Penilla <11360596+jpenilla@users.noreply.github.com> -Date: Wed, 18 Aug 2021 12:02:02 -0500 -Subject: [PATCH] Set AsyncAppender dispatch thread to be a daemon thread - -This diff will be included in the not yet released Log4j 2.14.2. When Log4j 2.14.2 is released this patch should be dropped in favor of bumping Log4j. - -diff --git a/src/main/java/org/apache/logging/log4j/core/appender/AsyncAppenderEventDispatcher.java b/src/main/java/org/apache/logging/log4j/core/appender/AsyncAppenderEventDispatcher.java -index 0000000000000000000000000000000000000000..0000000000000000000000000000000000000000 100644 ---- a/src/main/java/org/apache/logging/log4j/core/appender/AsyncAppenderEventDispatcher.java -+++ b/src/main/java/org/apache/logging/log4j/core/appender/AsyncAppenderEventDispatcher.java -@@ -0,0 +0,0 @@ class AsyncAppenderEventDispatcher extends Log4jThread { - final List appenders, - final BlockingQueue queue) { - super("AsyncAppenderEventDispatcher-" + THREAD_COUNTER.incrementAndGet() + "-" + name); -+ this.setDaemon(true); // Paper - Backport change from not yet released Log4j 2.14.2 - this.errorAppender = errorAppender; - this.appenders = appenders; - this.queue = queue; diff --git a/patches/server/Update-Log4j.patch b/patches/server/Update-Log4j.patch new file mode 100644 index 0000000000..23a6ef3e7c --- /dev/null +++ b/patches/server/Update-Log4j.patch @@ -0,0 +1,25 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: darbyjack +Date: Thu, 9 Dec 2021 19:17:02 -0600 +Subject: [PATCH] Update Log4j + + +diff --git a/build.gradle.kts b/build.gradle.kts +index 0000000000000000000000000000000000000000..0000000000000000000000000000000000000000 100644 +--- a/build.gradle.kts ++++ b/build.gradle.kts +@@ -0,0 +0,0 @@ dependencies { + all its classes to check if they are plugins. + Scanning takes about 1-2 seconds so adding this speeds up the server start. + */ +- implementation("org.apache.logging.log4j:log4j-core:2.14.1") // Paper - implementation +- annotationProcessor("org.apache.logging.log4j:log4j-core:2.14.1") // Paper - Needed to generate meta for our Log4j plugins ++ implementation("org.apache.logging.log4j:log4j-core:2.15.0") // Paper - implementation ++ annotationProcessor("org.apache.logging.log4j:log4j-core:2.15.0") // Paper - Needed to generate meta for our Log4j plugins + // Paper end +- implementation("org.apache.logging.log4j:log4j-iostreams:2.14.1") // Paper ++ implementation("org.apache.logging.log4j:log4j-iostreams:2.15.0") // Paper ++ implementation("org.apache.logging.log4j:log4j-slf4j18-impl:2.15.0") // Paper + implementation("org.ow2.asm:asm:9.2") + implementation("org.ow2.asm:asm-commons:9.2") // Paper - ASM event executor generation + runtimeOnly("org.xerial:sqlite-jdbc:3.36.0.3")