woggioni-opencode-agent/rbcs
1
0
Fork 0
forked from woggioni/rbcs
Code Pull Requests Activity
146 Commits 1 Branch 40 Tags
cd2f1de610e620cf6b53ddeb81f24eb206745bab
Commit Graph

146 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
opencode cd2f1de610 Use X509ExtendedTrustManager to avoid JDK AlgorithmChecker constraints 
Netty 4.2.15 fixed CVE-2026-50010 by removing the silent wrapping of
plain X509TrustManager in X509ExtendedTrustManager. When a plain
X509TrustManager is used, the JDK wraps it in AbstractTrustManagerWrapper
and runs TrustManagerImpl.checkTrusted() with AlgorithmChecker before
calling the custom trust manager.

This caused client certificates signed with SHA3-512withECDSA to be
rejected even though they are not explicitly blacklisted in java.security,
because the JDK's internal PKIX validator applies stricter constraints.

By making our custom trust managers implement X509ExtendedTrustManager
directly, the JDK calls the 3-arg methods directly and bypasses its
internal TrustManagerImpl, restoring the pre-4.2.15 behavior where
only our custom PKIX validation runs.

Files changed:
- rbcs-common/RBCS.kt: getTrustManager() returns X509ExtendedTrustManager
- rbcs-client/RemoteBuildCacheClient.kt: trust-all manager uses X509ExtendedTrustManager
 2026-06-12 00:29:46 +00:00
woggioni cdd4f7bd04 tmp 2026-06-12 00:27:52 +08:00
woggioni b4a97845ca tmp 2026-06-09 22:32:40 +08:00
woggioni 77cc044d0e restored docker image environmental variables 2026-05-30 12:56:03 +08:00
opencode 9a7a2566fa Generalize OTEL API and add memcache tracing support 
- Rename RedisSpan -> SpanHandle for generic span handling
- Generalize TelemetryController methods: startSpan/endSpan with dbSystem param
- Rename RedisOtelSpan -> OtelSpanHandle in rbcs-server-otel
- Update Redis cache handler to use new generic API
- Add OpenTelemetry tracing for memcache GET and SET commands
- Add channel property to MemcacheRequestController for server address attribution
- Add uses TelemetryController directive in memcache module-info

Memcache spans follow the same pattern as Redis:
db.system=memcache, db.operation=GET|SET, server.address, server.port
 2026-05-27 23:37:50 +08:00
opencode f154bbd33c Add OpenTelemetry tracing support for Redis commands 
- Add RedisSpan interface in rbcs-api for opaque span handles
- Extend TelemetryController with startRedisSpan/endRedisSpan methods
- Implement Redis tracing in rbcs-server-otel via OtelController and RedisOtelSpan
- Instrument RedisCacheHandler to create spans around GET and SET commands
- Add uses directive in rbcs-server-redis module-info for ServiceLoader discovery

Redis spans are created as CLIENT spans with attributes:
db.system=redis, db.operation=GET|SET, server.address, server.port
 2026-05-23 23:46:37 +08:00
woggioni 316f9e61b0 minor fix 2026-05-21 07:07:07 +08:00
woggioni 953d687651 optimized imports 2026-05-21 06:58:17 +08:00
woggioni 9c9f98cd72 fixed Dockerfile 2026-05-20 22:43:12 +08:00
woggioni df7f747168 updated lys-catalog to 2026.05.16 2026-05-20 22:39:20 +08:00
woggioni 4d9a424528 removed telemetry switch from configuration 2026-05-20 22:20:29 +08:00
woggioni ab2a06e810 refactor 2026-04-30 02:15:34 +08:00
woggioni 1d938b7ea3 Add optional OpenTelemetry Netty server instrumentation 
- Update lys.version to 2026.04.14

- Add optional compileOnly dependency on opentelemetry-netty-4.1 in rbcs-server

- Add runtime guard to only activate instrumentation when OTel classes are on classpath

- Insert OTel combined handler after HttpServerCodec in the Netty pipeline

- Add requires-static JPMS directives for optional module support
 2026-04-29 02:59:51 +08:00
woggioni 5d190d81ab version bump to 0.5.0 2026-04-13 22:28:33 +08:00
woggioni e6f35f4340 Added support for client certificate forwarding 2026-04-13 22:19:12 +08:00
woggioni 6d214eb066 uniformed Docker images 2026-04-13 22:19:12 +08:00
woggioni 0a50ae0643 improved error handling 2026-04-13 22:19:12 +08:00
woggioni 742c025fa5 Update netty to 4.2.12 0.4.0 2026-03-26 20:23:44 +08:00
woggioni e3a3f21721 renamed docker image tags 2026-03-26 20:18:38 +08:00
woggioni a696eebbf9 added redis-enabled docker image 2026-03-26 20:03:34 +08:00
woggioni c9390ea51d added experimental redis support 2026-03-03 02:59:48 +08:00
woggioni 43fdf131fa Added AGENT.md and updated docs 0.3.7 2026-02-22 05:12:45 +08:00
woggioni b58462a085 improved logging 2026-02-21 20:47:18 +08:00
woggioni e9f9f23f91 Update Gradle to 9.3.1, Netty to 4.2.10 and Kotlin to 2.3.10 2026-02-20 06:55:57 +08:00
woggioni 5854a632f8 Added server support for proxy protocol 2025-12-29 22:21:34 +08:00
woggioni 9a9cb4ed2c bump Netty 4.2.9 and Kotlin 2.3.0 2025-12-26 17:14:31 +08:00
woggioni 03a3dafecc updated dependencies 0.3.6 2025-11-21 22:12:27 +08:00
woggioni 1ffe938c22 update to JDK 25 0.3.5 2025-10-24 07:00:25 +08:00
woggioni ce8e93f9d5 updated to netty 4.2.6 and Gradle 9.1.0 0.3.4 2025-09-30 21:40:03 +08:00
woggioni 94021d94c3 updated Netty to 4.2.4 0.3.3 2025-08-15 10:44:38 +08:00
woggioni b3c6f29c0f updated library dependencies 0.3.2 2025-07-29 13:15:42 +08:00
woggioni ce7e5bb4a0 added documentation 2025-06-18 09:59:48 +08:00
woggioni aeae98d9eb resolved race condition hendling pipelined requests 0.3.1 2025-06-17 23:06:04 +08:00
woggioni 6cba4d24bb resolved race condition in the client for response lifetime 
improved memory usage of the in-memory cache backend
 2025-06-17 21:40:48 +08:00
woggioni 52a1b4c200 moved builds to woryzen 2025-06-13 20:52:27 +08:00
woggioni 559ad5e528 fixed module-info.java 2025-06-13 20:46:35 +08:00
woggioni fd0bd1ee5f added optional key prefix to memcache backend 2025-06-13 17:45:15 +08:00
woggioni 0e92998f16 downgraded toi GraalVM 23 because of bugs in GraalVM 24 2025-06-13 14:32:25 +08:00
woggioni 9eef91ebba removed excessive logging 2025-06-13 14:16:57 +08:00
woggioni 3416c327b9 updated GraalVM configuration 2025-06-13 14:09:38 +08:00
woggioni 9bdaa0d32e optimize imports 2025-06-13 14:08:46 +08:00
woggioni 206bcd6319 fixed bug with throttling handler when requests are delayed 2025-06-13 13:50:35 +08:00
woggioni 3774ab8ef0 updated Netty to 4.2.2 0.3.0 2025-06-10 16:34:16 +08:00
woggioni 303828392e updated Netty to 4.2.1 0.3.0-SNAPSHOT 2025-05-07 14:46:02 +08:00
woggioni 5d8cbe34ef updated tomcat configuration 2025-05-01 03:42:37 +08:00
woggioni 85c0d4a384 update Netty to 4.2.0 2025-04-16 01:06:28 +08:00
woggioni ae8817ad2a updated benchmarks 2025-03-24 15:01:56 +08:00
woggioni 69f215e68f tuned GC parameters in Docker images 0.2.1 2025-03-24 14:42:04 +08:00
woggioni 222b475223 ensured in-memory-cache is allocated to heap memory 0.2.0-RC5 0.2.0 2025-03-11 12:29:43 +08:00
woggioni ede515e2ca rebuild native image with wider ISA compatibility 2025-03-10 22:28:55 +08:00