-
-
Notifications
You must be signed in to change notification settings - Fork 8.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Null out ProxyConfiguration.userName
on save
#8990
Merged
NotMyFault
merged 5 commits into
jenkinsci:master
from
jglick:ProxyConfiguration.userName
Feb 28, 2024
Merged
Null out ProxyConfiguration.userName
on save
#8990
NotMyFault
merged 5 commits into
jenkinsci:master
from
jglick:ProxyConfiguration.userName
Feb 28, 2024
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Vlatombe
reviewed
Feb 26, 2024
Vlatombe
approved these changes
Feb 26, 2024
…oxyConfiguration.userName
… historical `userName` of `""` jenkinsci#8990 (comment)
Vlatombe
approved these changes
Feb 26, 2024
NotMyFault
added
the
rfe
For changelog: Minor enhancement. use `major-rfe` for changes to be highlighted
label
Feb 27, 2024
res0nance
approved these changes
Feb 27, 2024
timja
approved these changes
Feb 27, 2024
StefanSpieker
approved these changes
Feb 27, 2024
/label ready-for-merge This PR is now ready for merge. We will merge it after ~24 hours if there is no negative feedback. |
comment-ops-bot
bot
added
the
ready-for-merge
The PR is ready to go, and it will be merged soon if there is no negative feedback
label
Feb 27, 2024
…oxyConfiguration.userName
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
ready-for-merge
The PR is ready to go, and it will be merged soon if there is no negative feedback
rfe
For changelog: Minor enhancement. use `major-rfe` for changes to be highlighted
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Analysis of a bug report for CloudBees CI showed that when a proxy was configured with a username & password, uses of
newHttpClientBuilder
would (silently!) fail to pass anAuthorization
header to the real server, but only on Java 17 or newer. (As of openjdk/jdk@028f2e1 I think; the same code works on Java 11.) This issue is described in JDK-8306745 complete with a unit test, but alas that was closed. The test there looks similar to the Jenkins authenticator, including the logicjenkins/core/src/main/java/hudson/ProxyConfiguration.java
Line 162 in f7fea8d
newHttpClientBuilder
behave correctly on Java 17 when an authenticated proxy is configured: the bug evaluation says you shouldwhich is only an option if the complete usage including request is redesigned to manually check for a 407 and retry with a
Proxy-Authorization
header, but that logic cannot be encapsulated in aHttpClient.Builder
return value unless Jenkins implemented its ownBuilder
and a special delegating implementation ofHttpClient
.While looking at that, I saw that the reproducer claimed the bug occurred even when a username was not set, which seems to be because the GUI configuration of the proxy after #3935 saved
""
rather thannull
when the username text field was left blank. This at least is easy to fix, limiting the scope of the problem.Testing done
Without
setUserName
change, test failsProposed changelog entries
Before the changes are marked as
ready-for-merge
:Maintainer checklist
upgrade-guide-needed
label is set and there is a Proposed upgrade guidelines section in the pull request title (see example).lts-candidate
to be considered (see query).