Revert "Patched security vulnerability by updating Ranger libraries t…

…o the ne… (apache#15363)" This reverts commit c14cfc2.
LakshSingla · Feb 12, 2024 · 1788660 · 1788660
1 parent 376f5ae
commit 1788660
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 169 deletions.
diff --git a/distribution/bin/check-licenses.py b/distribution/bin/check-licenses.py
@@ -301,7 +301,6 @@ def build_compatible_license_names():
 
     compatible_licenses['Creative Commons CC0'] = 'Creative Commons CC0'
     compatible_licenses['CC0'] = 'Creative Commons CC0'
-    compatible_licenses['Public Domain, per Creative Commons CC0'] = 'Creative Commons CC0'
 
     compatible_licenses['The MIT License'] = 'MIT License'
     compatible_licenses['MIT License'] = 'MIT License'

diff --git a/...-security/src/main/java/org/apache/druid/security/ranger/authorizer/RangerAuthorizer.java b/...-security/src/main/java/org/apache/druid/security/ranger/authorizer/RangerAuthorizer.java
@@ -134,7 +134,7 @@ class RangerDruidAccessRequest extends RangerAccessRequestImpl
 {
   public RangerDruidAccessRequest(RangerDruidResource resource, String user, Set<String> userGroups, Action action)
   {
-    super(resource, action.name().toLowerCase(Locale.ENGLISH), user, userGroups, null);
+    super(resource, action.name().toLowerCase(Locale.ENGLISH), user, userGroups);
     setAccessTime(new Date());
   }
 }
diff --git a/...rity/src/test/java/org/apache/druid/security/ranger/authorizer/RangerAdminClientImpl.java b/...rity/src/test/java/org/apache/druid/security/ranger/authorizer/RangerAdminClientImpl.java
@@ -22,7 +22,6 @@
 import com.google.gson.Gson;
 import com.google.gson.GsonBuilder;
 import org.apache.druid.java.util.common.logger.Logger;
-import org.apache.hadoop.conf.Configuration;
 import org.apache.ranger.admin.client.AbstractRangerAdminClient;
 import org.apache.ranger.plugin.util.ServicePolicies;
 
@@ -40,9 +39,9 @@ public class RangerAdminClientImpl extends AbstractRangerAdminClient
   protected Gson gson;
 
   @Override
-  public void init(String serviceName, String appId, String configPropertyPrefix, Configuration config)
+  public void init(String serviceName, String appId, String configPropertyPrefix)
   {
-    super.init(serviceName, appId, configPropertyPrefix, config);
+    super.init(serviceName, appId, configPropertyPrefix);
 
     try {
       gson = new GsonBuilder().setDateFormat("yyyyMMdd-HH:mm:ss.SSS-Z").setPrettyPrinting().create();
@@ -53,8 +52,7 @@ public void init(String serviceName, String appId, String configPropertyPrefix,
   }
 
   @Override
-  public ServicePolicies getServicePoliciesIfUpdated(long lastKnownVersion, long lastActivationTimeInMillis)
-      throws Exception
+  public ServicePolicies getServicePoliciesIfUpdated(long lastKnownVersion, long lastActivationTimeInMillis) throws Exception
   {
 
     String basedir = System.getProperty("basedir");

diff --git a/licenses.yaml b/licenses.yaml
@@ -2740,13 +2740,13 @@ libraries:
 
 ---
 
-name: org.codehaus.woodstox stax2-api
+name: com.github.pjfanning jersey-json
 license_category: binary
-version: 4.2.1
 module: druid-kerberos
-license_name: BSD-3-Clause License
+license_name: CDDL 1.1
+version: 1.20
 libraries:
-  - org.codehaus.woodstox: stax2-api
+  - com.github.pjfanning: jersey-json
 
 ---
 
@@ -4602,7 +4602,7 @@ notice: |
 
 name: org.apache.ranger ranger-plugins-audit
 license_category: binary
-version: 2.4.0
+version: 2.0.0
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:
@@ -4612,41 +4612,31 @@ libraries:
 
 name: org.apache.ranger ranger-plugins-common
 license_category: binary
-version: 2.4.0
+version: 2.0.0
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:
   - org.apache.ranger: ranger-plugins-common
 
 ---
 
-name: com.kstruct gethostname4j
+name: com.101tec zkclient
 license_category: binary
-version: 1.0.0
-module: druid-ranger-security
-license_name: MIT License
-libraries:
-  - com.kstruct: gethostname4j
-
----
-
-name: com.carrotsearch hppc
-license_category: binary
-version: 0.8.0
+version: '0.10'
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:
-  - com.carrotsearch: hppc
+  - com.101tec: zkclient
 
 ---
 
-name: org.locationtech.spatial4j spatial4j
+name: com.kstruct gethostname4j
 license_category: binary
-version: 0.7
+version: 0.0.2
 module: druid-ranger-security
-license_name: Apache License version 2.0
+license_name: MIT License
 libraries:
-  - org.locationtech.spatial4j: spatial4j
+  - com.kstruct: gethostname4j
 
 ---
 
@@ -4672,7 +4662,7 @@ libraries:
 
 name: JOpt Simple
 license_category: binary
-version: 5.0.2
+version: 5.0.4
 module: druid-ranger-security
 license_name: MIT License
 libraries:
@@ -4683,103 +4673,17 @@ copyright: Paul R. Holser, Jr.
 
 name: org.apache.httpcomponents httpmime
 license_category: binary
-version: 4.5.6
+version: 4.5.3
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:
   - org.apache.httpcomponents: httpmime
 
 ---
 
-name: org.apache.httpcomponents httpasyncclient
-license_category: binary
-version: 4.1.3
-module: druid-ranger-security
-license_name: Apache License version 2.0
-libraries:
-  - org.apache.httpcomponents: httpasyncclient
-
----
-
-name: org.elasticsearch securesm
-license_category: binary
-version: 2.1.9
-module: druid-ranger-security
-license_name: Creative Commons CC0
-libraries:
-  - org.hdrhistogram: HdrHistogram
-
----
-
-name: Apache Lucene
-license_category: binary
-version: 8.4.0
-module: druid-ranger-security
-license_name: Apache License version 2.0
-libraries:
-  - org.apache.lucene: lucene-analyzers-common
-  - org.apache.lucene: lucene-backward-codecs
-  - org.apache.lucene: lucene-core
-  - org.apache.lucene: lucene-grouping
-  - org.apache.lucene: lucene-highlighter
-  - org.apache.lucene: lucene-join
-  - org.apache.lucene: lucene-memory
-  - org.apache.lucene: lucene-misc
-  - org.apache.lucene: lucene-queries
-  - org.apache.lucene: lucene-queryparser
-  - org.apache.lucene: lucene-sandbox
-  - org.apache.lucene: lucene-spatial
-  - org.apache.lucene: lucene-spatial-extras
-  - org.apache.lucene: lucene-spatial3d
-  - org.apache.lucene: lucene-suggest
-
----
-
-name: org.elasticsearch securesm
-license_category: binary
-version: 1.2
-module: druid-ranger-security
-license_name: Apache License version 2.0
-libraries:
-  - org.elasticsearch: securesm
-
----
-
-name: Elastic Search
-license_category: binary
-version: 7.10.2
-module: druid-ranger-security
-license_name: Apache License version 2.0
-libraries:
-  - org.elasticsearch: elasticsearch
-  - org.elasticsearch: elasticsearch-cli
-  - org.elasticsearch: elasticsearch-core
-  - org.elasticsearch: elasticsearch-geo
-  - org.elasticsearch: elasticsearch-secure-sm
-  - org.elasticsearch: elasticsearch-x-content
-  - org.elasticsearch.client: elasticsearch-rest-client
-  - org.elasticsearch.client: elasticsearch-rest-high-level-client
-  - org.elasticsearch.plugin: aggs-matrix-stats-client
-  - org.elasticsearch.plugin: lang-mustache-client
-  - org.elasticsearch.plugin: mapper-extras-client
-  - org.elasticsearch.plugin: parent-join-client
-  - org.elasticsearch.plugin: rank-eval-client
-
----
-
-name: org.apache.httpcomponents httpcore-nio
-license_category: binary
-version: 4.4.6
-module: druid-ranger-security
-license_name: Apache License version 2.0
-libraries:
-  - org.apache.httpcomponents: httpcore-nio
-
----
-
 name: Apache Kafka
 license_category: binary
-version: 2.8.1
+version: 2.0.0
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:
@@ -4792,70 +4696,29 @@ the CDDL License. The source code of jersey can be found at https://github.com/j
 
 ---
 
-name: org.apache.ranger ranger-plugins
+name: org.apache.kafka kafka_2.11
 license_category: binary
-version: 2.4.0
-module: druid-ranger-security
-license_name: Apache License version 2.0
-libraries:
-  - org.apache.ranger: ranger-plugins-cred
-  - org.apache.ranger: ranger-plugin-classloader
-
----
-
-name: Woodstox
-license_category: binary
-version: 6.2.4
-module: druid-ranger-security
-license_name: Apache License version 2.0
-libraries:
-  - com.fasterxml.woodstox: woodstox-core
-
----
-
-name: com.github.spullara.mustache.java
-license_category: binary
-version: 0.9.6
-module: druid-ranger-security
-license_name: Apache License version 2.0
-libraries:
-  - com.github.spullara.mustache.java: compiler
-
----
-
-name: com.tdunning t-digest
-license_category: binary
-version: 3.2
-module: druid-ranger-security
-license_name: Apache License version 2.0
-libraries:
-  - com.tdunning: t-digest
-
----
-
-name: io.sgr s2-geometry-library-java
-license_category: binary
-version: 1.0.0
+version: 2.0.0
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:
-  - io.sgr: s2-geometry-library-java
+  - org.apache.kafka: kafka_2.11
 
 ---
 
-name: org.apache.orc orc-core
+name: org.apache.ranger ranger-plugins-cred
 license_category: binary
-version: 1.5.8
+version: 2.0.0
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:
-  - org.apache.orc: orc-core
+  - org.apache.ranger: ranger-plugins-cred
 
 ---
 
 name: org.apache.solr solr-solrj
 license_category: binary
-version: 8.11.2
+version: 7.7.1
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:
@@ -4865,7 +4728,7 @@ libraries:
 
 name: snappy-java
 license_category: binary
-version: 1.1.10.4
+version: 1.1.8.4
 module: druid-ranger-security
 license_name: Apache License version 2.0
 libraries:

diff --git a/pom.xml b/pom.xml
@@ -78,7 +78,7 @@
         <apache.curator.version>5.5.0</apache.curator.version>
         <apache.kafka.version>3.6.1</apache.kafka.version>
         <apache.ranger.version>2.0.0</apache.ranger.version>
-        <apache.ranger.gson.version>2.10.1</apache.ranger.gson.version>
+        <apache.ranger.gson.version>2.2.4</apache.ranger.gson.version>
         <scala.library.version>2.13.11</scala.library.version>
         <avatica.version>1.23.0</avatica.version>
         <avro.version>1.11.3</avro.version>