Add SsrfSafeAddressResolverGroup that validates resolved IPs at Netty
connection time, eliminating the TOCTOU gap where DNS rebinding domains
resolve to safe IPs during validation but to private/metadata IPs at
connection time. Disable HTTP redirects in TbHttpClient to prevent
redirect-based SSRF bypass.
Add allow-list support (SSRF_ALLOWED_HOSTS) to SsrfProtectionValidator
so customers with IoT devices on private networks can whitelist specific
addresses or CIDR ranges while keeping SSRF protection enabled.
Add SSRF validation to MS Teams webhook, custom OAuth2 mapper, and
GitHub OAuth2 mapper endpoints. Log a warning when SSRF protection is
disabled.
When Maven runs with -T N, all modules using the packaging profile invoke
gradle-maven-plugin against the same gradleProjectDirectory
(packaging/java or packaging/js), causing them to share and contend on
the same .gradle/ project cache directory simultaneously.
Two fixes:
- Pass --project-cache-dir pointing to each module's own target/.gradle,
fully isolating parallel Gradle invocations from each other.
- Add maven-clean-plugin filesets to remove packaging/java/.gradle and
packaging/js/.gradle on mvn clean. Gradle always writes project-level
metadata to the project directory regardless of --project-cache-dir,
so these would otherwise accumulate on CI agents with persistent home
directories.
Root pluginManagement and netty-mqtt hardcoded version 3.1.1 while
the jar-plugin.version property (used by dao and others) was set to
3.4.0, causing build failures due to incompatible commons-io dependency.
Replace both hardcoded 3.1.1 occurrences with ${jar-plugin.version}
so all modules consistently use the version defined in one place.
Fixes#15037
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Static fields RESOURCE_ID_3303_12_5700_TS_0/TS_1 in Lwm2mTestHelper are never
reset between test runs. On CI retries the await() at the start of the test
passes immediately (both timestamps are still > 0 from the previous run), so
the telemetry query uses stale timestamps and the second await() times out.
Fix: add @Before that resets both timestamps to 0 before each test method,
which was already correctly implied by the unused @Before import.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Leshan's NotificationDataStore.toKey() can throw NPE when the server reference
is null during CoAP observe-relation cleanup on client shutdown (race condition).
This NPE was caught by the outer try-catch in startUpdating(), which prevented
leshanClient.start() from being called, leaving the simulated device stuck in
UPDATING state and causing the awaitility timeout in the OTA integration test.
Fix: wrap leshanClient.stop(false) in its own try-catch so that a Leshan
internal exception during stop does not abort the subsequent client restart.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Make setupSsl package-private so the test can call it directly, ensuring
tests exercise the real production code path.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add RSA_4096 and EC_P256 alongside RSA_2048 and EC_P384
- Parameterize encrypted key tests (RSA-only, EC encrypted keys
are a pre-existing PemSslCredentials limitation)
- 14 test scenarios total
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add EC_P384 key type alongside RSA_2048
- Parameterize separateCertAndKeyFiles and combinedPemFile tests
- Write private keys in PKCS#8 format for EC compatibility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Use forPort(0) instead of TestSocketUtils for random port
- Replace manual poll loop with Awaitility
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Tests mirror EdgeGrpcService.setupSsl() using PemSslCredentials:
- Separate cert and key files (existing behavior)
- Combined PEM file (cert + key)
- Encrypted private key with key_password
- Error when no private key found
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Keep privateKeyFile.pem as the default so existing users with
separate cert/key file configs are not affected.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Reuse PemSslCredentials (already handles combined PEM, separate files,
and encrypted keys) instead of duplicating PEM parsing logic.
Wire it into gRPC via GrpcSslContexts + KeyManagerFactory.
- Make private_key config optional (default empty) for combined PEM
- Add key_password config for encrypted private keys
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- TimeseriesServiceNoSqlTest.shouldSaveEntryOfEachTypeWithTtl: await
tsService.save() with bounded .get(MAX_TIMEOUT, TimeUnit.SECONDS)
- EntityServiceTest.testFindTenantTelemetry: await timeseriesService.save()
and attributesService.save() with .get(TIMEOUT, TimeUnit.SECONDS) to
prevent both the race condition and an indefinite hang
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
EntityViewControllerTest was importing MQTT_PORT from AbstractMqttIntegrationTest,
a static final field initialized once per JVM. When running in the same Surefire
fork alongside other test classes that also use this constant (e.g. MqttGatewayRateLimitsTest,
DeviceEdgeTest), each class gets a different Spring context key but all try to bind
MqttTransportService to the same port, causing BindException.
Fix: define a private static MQTT_PORT/MQTT_URL directly in EntityViewControllerTest
so its Spring context gets its own independently allocated port.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
In Jackson 2.18.x, EXISTING_PROPERTY type info combined with the no-arg
@JsonIgnoreProperties causes the triggerType discriminator field to be
silently excluded from the serialized JSON. When the server then tries to
deserialize the POST body for /api/notification/rule, Jackson cannot find
triggerType and throws "missing type id property 'triggerType'", resulting
in a 500 for NotificationEdgeTest.testNotificationRule.
Fix by:
1. Adding @JsonProperty("triggerType") to force the field into normal bean
serialization, overriding any suppression by the type info machinery.
2. Replacing the no-arg @JsonIgnoreProperties with @JsonIgnoreProperties(
ignoreUnknown = true) so unknown properties are ignored rather than
causing errors (e.g. for forward compatibility).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Viacheslav Klimov
Sergey Matvienko
Vladyslav_Prykhodko
Andrii Landiak