diff --git a/activemq.spec b/activemq.spec index 79ccaa2352356632c16f57172d384d04e0fcf3f9..a622f0f18a2d0e1d8ffc955ebb1e621ca4e95537 100644 --- a/activemq.spec +++ b/activemq.spec @@ -1,10 +1,13 @@ %define check_testcase 0 Name: activemq Version: 5.16.7 -Release: 1 +Release: 2 Summary: Open source messaging and Integration Patterns server License: ASL 2.0 URL: http://activemq.apache.org + +Patch0: backport-Fix-IntrospectionSupport-to-deal-with-SSLSocket-properties.patch + Source0: https://github.com/apache/%{name}/archive/refs/tags/%{name}-%{version}.tar.gz Requires: java BuildRequires: maven java @@ -60,6 +63,9 @@ cd %{_builddir} %{_datadir}/javadoc %changelog +* Fri Jul 19 2024 zhangxingrong- - 5.16.7-2 +- Fix IntrospectionSupport to deal with SSLSocket properties + * Wed Dec 06 2023 wangkai <13474090681@163.com> - 5.16.7-1 - Upgrade to 5.16.7 for fix CVE-2022-41678 diff --git a/backport-Fix-IntrospectionSupport-to-deal-with-SSLSocket-properties.patch b/backport-Fix-IntrospectionSupport-to-deal-with-SSLSocket-properties.patch new file mode 100644 index 0000000000000000000000000000000000000000..0b13549e7148405f278109b756c25c15d79c03da --- /dev/null +++ b/backport-Fix-IntrospectionSupport-to-deal-with-SSLSocket-properties.patch @@ -0,0 +1,47 @@ +From 550cb9b2be32e5a6454e7bee5e31632498626a9c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?JB=20Onofr=C3=A9?= +Date: Thu, 11 Apr 2024 09:09:10 +0200 +Subject: [PATCH] AMQ-9473: Fix IntrospectionSupport to deal with SSLSocket + properties + +--- + .../java/org/apache/activemq/util/IntrospectionSupport.java | 3 +++ + .../org/apache/activemq/jms/pool/IntrospectionSupport.java | 4 ++++ + 2 files changed, 7 insertions(+) + +diff --git a/activemq-client/src/main/java/org/apache/activemq/util/IntrospectionSupport.java b/activemq-client/src/main/java/org/apache/activemq/util/IntrospectionSupport.java +index c43b3a2bdb9..d69fd5b6b26 100644 +--- a/activemq-client/src/main/java/org/apache/activemq/util/IntrospectionSupport.java ++++ b/activemq-client/src/main/java/org/apache/activemq/util/IntrospectionSupport.java +@@ -169,6 +169,9 @@ public static boolean setProperty(Object target, String name, Object value) { + if (target instanceof SSLServerSocket) { + // overcome illegal access issues with internal implementation class + clazz = SSLServerSocket.class; ++ } else if (target instanceof javax.net.ssl.SSLSocket) { ++ // overcome illegal access issues with internal implementation class ++ clazz = javax.net.ssl.SSLSocket.class; + } + Method setter = findSetterMethod(clazz, name); + if (setter == null) { +diff --git a/activemq-jms-pool/src/main/java/org/apache/activemq/jms/pool/IntrospectionSupport.java b/activemq-jms-pool/src/main/java/org/apache/activemq/jms/pool/IntrospectionSupport.java +index c0b223d1376..ac45f7ffd6a 100644 +--- a/activemq-jms-pool/src/main/java/org/apache/activemq/jms/pool/IntrospectionSupport.java ++++ b/activemq-jms-pool/src/main/java/org/apache/activemq/jms/pool/IntrospectionSupport.java +@@ -22,6 +22,7 @@ + import java.util.Map.Entry; + + import javax.net.ssl.SSLServerSocket; ++import javax.net.ssl.SSLSocket; + + import org.slf4j.Logger; + import org.slf4j.LoggerFactory; +@@ -60,6 +61,9 @@ public static boolean setProperty(Object target, String name, Object value) { + if (target instanceof SSLServerSocket) { + // overcome illegal access issues with internal implementation class + clazz = SSLServerSocket.class; ++ } else if (target instanceof javax.net.ssl.SSLSocket) { ++ // overcome illegal access issues with internal implementation class ++ clazz = javax.net.ssl.SSLSocket.class; + } + Method setter = findSetterMethod(clazz, name); + if (setter == null) {