我的java应用程序使用base64编码,它\n在每76个字符后放置一个新的line().我需要将此编码的字符串放在属性文件中,换行符会破坏功能.
当我做的encodedString.replaceAll("\n", "");事情工作正常,但我只是想确保这是预期的,我不会引入一个隐藏的问题.
是否有任何特定的排除列表禁用SSLv3密码不是TLSv1/2.
我有码头8,升级到9现在不是一个选择.我目前的jetty-ssl.xml如下所示
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<Arg>
<New class="org.eclipse.jetty.http.ssl.SslContextFactory">
.........
</New>
</Arg>
<Set name="ExcludeCipherSuites">
<Array type="java.lang.String">
<Item>SSL_RSA_WITH_NULL_MD5</Item>
<Item>SSL_RSA_WITH_NULL_SHA</Item>
<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
<Item>SSL_RSA_WITH_RC4_128_MD5</Item>
<Item>SSL_RSA_WITH_RC4_128_SHA</Item>
<Item>SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5</Item>
<Item>SSL_RSA_WITH_IDEA_CBC_SHA</Item>
<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DH_DSS_WITH_DES_CBC_SHA</Item>
<Item>SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA</Item>
<Item>SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DH_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</Item>
<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</Item>
<Item>SSL_DH_anon_WITH_RC4_128_MD5</Item>
<Item>SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DH_anon_WITH_DES_CBC_SHA</Item>
<Item>SSL_DH_anon_WITH_3DES_EDE_CBC_SHA</Item>
<Item>SSL_FORTEZZA_KEA_WITH_NULL_SHA</Item>
<Item>SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA</Item>
<Item>SSL_FORTEZZA_KEA_WITH_RC4_128_SHA</Item>
<Item>SSL_DHE_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>SSL_RSA_WITH_AES_128_CBC_SHA</Item>
</Array>
</Set>
</New>
</Arg>
</Call>
还是当我运行"sslscan --no-failed --ssl3 localhost:443"时,我得到了
Supported Server Cipher(s):
Accepted SSLv3 128 bits DHE-RSA-AES128-SHA
Accepted SSLv3 128 bits AES128-SHA
Prefered Server Cipher(s):
SSLv3 128 bits …来自oracle
Server JRE包括用于JVM监视的工具和服务器应用程序通常需要的工具,但不包括浏览器集成(Java插件).
从服务器端工具的使用情况来看,最常用于监控的工具列表是jstack,jvisualvm,jstat,jconsole; 服务器jre包的jdk/bin中缺少所有内容.
任何关于这种捆绑背后的理性的想法.
这只是"服务器jre 8"的情况.对于"服务器jre 7",所有这些工具都存在.
我的应用程序运行正常,直到我将jre升级到7u40.当我的应用程序初始化时,它正在执行Logger.getLogger("ClassName"),并且我得到以下异常.
java.lang.ExceptionInInitializerError
at java.util.logging.Logger.demandLogger(Unknown Source)
at java.util.logging.Logger.getLogger(Unknown Source)
at com.company.Application.Applet.<clinit>(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.sun.javaws.Launcher.executeApplication(Unknown Source)
at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
at com.sun.javaws.Launcher.doLaunchApp(Unknown Source)
at com.sun.javaws.Launcher.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.NullPointerException
at java.util.logging.Logger.setParent(Unknown Source)
at java.util.logging.LogManager$6.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.util.logging.LogManager.doSetParent(Unknown Source)
at java.util.logging.LogManager.access$1100(Unknown Source)
at java.util.logging.LogManager$LogNode.walkAndSetParent(Unknown Source)
at java.util.logging.LogManager$LoggerContext.addLocalLogger(Unknown Source)
at java.util.logging.LogManager$LoggerContext.addLocalLogger(Unknown Source)
at java.util.logging.LogManager.addLogger(Unknown Source)
at java.util.logging.LogManager$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.util.logging.LogManager.<clinit>(Unknown Source)
例外来自这条线:
private static …我正在尝试在我的java应用程序上启用FIPS 180-3.FIPS 180-3只允许使用5个安全[哈希](http://csrc.nist.gov/publications/fips/fips180-3/fips180-3_final.pdf),MD5不是其中之一.因此,我试图以编程方式从Sun提供程序中删除MD5算法.这是示例代码.
public static void main(String[] args) throws Exception {
Security.removeProvider("SUN");
Sun sun = new Sun();
sun.remove("MessageDigest.MD5"); //Comment and it will work !!!
Security.addProvider(sun);
Cipher ciph = Cipher.getInstance("AES");
}
但这是抛出以下异常.如果你评论"sun.remove(.."该程序工作正常.如果我删除MD2,而不是MD5,那么它也可以正常工作.
对我来说,看起来jre libs正在使用MD5进行签名,但我检查了jre/lib/ext/sunjce_provider.jar签名者及其使用sha1.
知道为什么我的代码失败了这个错误?
TestRemoveMD5.main中的javax.crypto.Cipher.getInstance(DashoA13*..)中的线程"main"java.lang.ExceptionInInitializerError中的异常(TestRemoveMD5.java:20)
引起:java.lang.SecurityException:无法在javax.crypto.SunJCE_b上为受信任的CA设置证书.(DashoA13*..)... 3更多
引起:java.lang.SecurityException:签名类已经被javax.crypto.SunJCE_b中的javax.crypto.SunJCE_b.d(DashoA13*..)篡改了javax.crypto.SunJCE_b $ 1 .run(DashoA13*..)at java.security.AccessController.doPrivileged(Native Method)... 4更多
我的服务器应用程序在负载下有时无响应,我发现该问题与很长的“GC 备注”有关。没有实施垃圾收集调整。我的测试服务器是 4 核/8 GB/8 GB 交换。
这是 gc 日志的日志输出。
2014-04-06T04:39:58.426+0530: 67263.405: [GC remark, 46.7308340 secs]
2014-04-06T04:40:45.167+0530: 67310.146: [GC cleanup 1951M->1750M(2954M), 0.0037930 secs]
2014-04-06T04:40:45.174+0530: 67310.153: [GC concurrent-cleanup-start]
2014-04-06T04:40:45.175+0530: 67310.154: [GC concurrent-cleanup-end, 0.0002800 secs]
2014-04-06T04:40:45.633+0530: 67310.612: [GC pause (young) 2451M->1546M(2954M), 0.0764360 secs]
2014-04-06T04:40:45.815+0530: 67310.794: [GC pause (young) (initial-mark) 1672M->1554M(2954M), 0.0687640 secs]
2014-04-06T04:40:45.884+0530: 67310.863: [GC concurrent-root-region-scan-start]
2014-04-06T04:40:45.912+0530: 67310.891: [GC concurrent-root-region-scan-end, 0.0285320 secs]
2014-04-06T04:40:45.912+0530: 67310.891: [GC concurrent-mark-start]
2014-04-06T04:40:46.919+0530: 67311.898: [GC pause (young) 2590M->1622M(2954M), 0.0752180 secs]
2014-04-06T04:40:47.231+0530: 67312.210: [GC concurrent-mark-end, 1.3191870 secs]
2014-04-06T04:40:47.239+0530: 67312.218: …我正在从 elasticsearch 2.x 迁移到 5.x 并在启动时面临这个问题。
[2017-02-28T14:38:24,490][INFO ][o.e.b.BootstrapChecks ] [node1] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks
[2017-02-28T14:38:24,494][ERROR][o.e.b.Bootstrap ] [node1] node validation exception
bootstrap checks failed
max file descriptors [8192] for elasticsearch process is too low, increase to at least [65536]
max size virtual memory [52729364480] for user [elastic] is too low, increase to [unlimited]
max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
我的 yml 如下所示
node.name: node1
network.host: …来自https://snyk.io/research/zip-slip-vulnerability
此zip文件的内容必须手工制作.尽管zip规范允许,存档创建工具通常不允许用户添加具有这些路径的文件.但是,使用正确的工具,可以轻松地使用这些路径创建文件.
我想创建一个测试有效负载,以便我可以检查一些我的zip处理逻辑.但我找不到如何创建一个的任何线索.
:~/Desktop # touch "../../../../../../../../tmp/evil.sh"
:~/Desktop # ll
:~/Desktop # ll /tmp/evil.sh
-rw-r--r-- 1 root root 0 Jun 14 09:27 /tmp/evil.sh