...
 
Commits (2)
......@@ -2,7 +2,7 @@
<project name="orekit" default="jar" basedir=".">
<property name="project.version" value="7.1" />
<property name="project.version" value="7.2.1" />
<property name="src.dir" location="src" />
<property name="main.src.dir" value="${src.dir}/main/java" />
......
......@@ -5,7 +5,7 @@
<groupId>org.orekit</groupId>
<artifactId>orekit</artifactId>
<packaging>jar</packaging>
<version>7.2</version>
<version>7.2.1</version>
<name>ORbit Extrapolation KIT</name>
<url>http://www.orekit.org/</url>
......@@ -36,10 +36,13 @@
<orekit.maven-project-info-reports-plugin.version>2.9</orekit.maven-project-info-reports-plugin.version>
<orekit.maven-resources-plugin.version>2.7</orekit.maven-resources-plugin.version>
<orekit.maven-site-plugin.version>3.5</orekit.maven-site-plugin.version>
<orekit.maven-source-plugin.version>3.0.0</orekit.maven-source-plugin.version>
<orekit.maven-surefire-plugin.version>2.19.1</orekit.maven-surefire-plugin.version>
<orekit.maven-surefire-report-plugin.version>2.19.1</orekit.maven-surefire-report-plugin.version>
<orekit.jgit.buildnumber.version>1.2.10</orekit.jgit.buildnumber.version>
<orekit.build-helper-maven-plugin.version>3.0.0</orekit.build-helper-maven-plugin.version>
<orekit.nexus-staging-maven-plugin.version>1.6.8</orekit.nexus-staging-maven-plugin.version>
<orekit.maven-gpg-plugin.version>1.6</orekit.maven-gpg-plugin.version>
<orekit.maven-install-plugin.version>2.5.2</orekit.maven-install-plugin.version>
<orekit.apache-commons-math.version>3.6.1</orekit.apache-commons-math.version>
<orekit.junit.version>4.12</orekit.junit.version>
<orekit.compiler.source>1.6</orekit.compiler.source>
......@@ -278,8 +281,9 @@
<version>${orekit.maven-assembly-plugin.version}</version>
<configuration>
<descriptors>
<descriptor>src/main/assembly/source-assembly.xml</descriptor>
<descriptor>src/main/assembly/binary-assembly.xml</descriptor>
<descriptor>src/main/assembly/source-jar-assembly.xml</descriptor>
<descriptor>src/main/assembly/source-distribution-assembly.xml</descriptor>
<descriptor>src/main/assembly/binary-distribution-assembly.xml</descriptor>
</descriptors>
</configuration>
</plugin>
......@@ -405,7 +409,7 @@
<limit>
<counter>METHOD</counter>
<value>COVEREDRATIO</value>
<minimum>0.95</minimum>
<minimum>0.93</minimum>
</limit>
<limit>
<counter>BRANCH</counter>
......@@ -612,21 +616,119 @@
<id>release</id>
<build>
<plugins>
<plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>${orekit.maven-source-plugin.version}</version>
<artifactId>maven-javadoc-plugin</artifactId>
<version>${orekit.maven-javadoc-plugin.version}</version>
<executions>
<execution>
<id>create-source-jar</id>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
<phase>package</phase>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>${orekit.nexus-staging-maven-plugin.version}</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
<nexusUrl>https://oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>false</autoReleaseAfterClose>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
<version>${orekit.build-helper-maven-plugin.version}</version>
<executions>
<execution>
<id>attach-artifacts</id>
<phase>verify</phase>
<goals>
<goal>attach-artifact</goal>
</goals>
<configuration>
<artifacts>
<artifact>
<file>${basedir}/target/orekit-${project.version}-sources.jar</file>
<type>source-jar</type>
</artifact>
</artifacts>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>${orekit.maven-gpg-plugin.version}</version>
<configuration>
<gpgArguments>
<arg>--digest-algo=SHA512</arg>
</gpgArguments>
</configuration>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-install-plugin</artifactId>
<version>${orekit.maven-install-plugin.version}</version>
<configuration>
<createChecksum>true</createChecksum>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>eclipse</id>
<activation>
<property>
<name>m2e.version</name>
</property>
</activation>
<build>
<pluginManagement>
<plugins>
<plugin>
<!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
<groupId>org.eclipse.m2e</groupId>
<artifactId>lifecycle-mapping</artifactId>
<version>1.0.0</version>
<configuration>
<lifecycleMappingMetadata>
<pluginExecutions>
<pluginExecution>
<pluginExecutionFilter>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<versionRange>[${orekit.maven-bundle-plugin.version},)</versionRange>
<goals>
<goal>manifest</goal>
</goals>
</pluginExecutionFilter>
<action>
<ignore></ignore>
</action>
</pluginExecution>
</pluginExecutions>
</lifecycleMappingMetadata>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
</profile>
</profiles>
......
<assembly>
<id>bin</id>
<formats>
<format>zip</format>
</formats>
<componentDescriptors>
<componentDescriptor>src/main/assembly/misc-files.xml</componentDescriptor>
<componentDescriptor>src/main/assembly/jar-files.xml</componentDescriptor>
</componentDescriptors>
</assembly>
\ No newline at end of file
<component>
<assembly>
<id>bin</id>
<formats>
<format>zip</format>
</formats>
<fileSets>
<fileSet>
<includes>
<include>README.txt</include>
<include>LICENSE.txt</include>
<include>NOTICE.txt</include>
</includes>
</fileSet>
<fileSet>
<directory>target</directory>
<outputDirectory></outputDirectory>
......@@ -8,4 +19,4 @@
</includes>
</fileSet>
</fileSets>
</component>
\ No newline at end of file
</assembly>
\ No newline at end of file
<assembly>
<id>sources</id>
<formats>
<format>zip</format>
</formats>
<componentDescriptors>
<componentDescriptor>src/main/assembly/misc-files.xml</componentDescriptor>
<componentDescriptor>src/main/assembly/building-files.xml</componentDescriptor>
</componentDescriptors>
</assembly>
\ No newline at end of file
<component>
<assembly>
<id>sources</id>
<formats>
<format>zip</format>
</formats>
<fileSets>
<fileSet>
<includes>
<include>BUILDING.txt</include>
<include>pom.xml</include>
<include>build.xml</include>
<include>checkstyle.xml</include>
<include>findbugs-exclude-filter.xml</include>
<include>license-header.txt</include>
<include>README.txt</include>
<include>LICENSE.txt</include>
<include>NOTICE.txt</include>
<include>BUILDING.txt</include>
<include>pom.xml</include>
<include>build.xml</include>
<include>checkstyle.xml</include>
<include>findbugs-exclude-filter.xml</include>
<include>license-header.txt</include>
</includes>
<useDefaultExcludes>true</useDefaultExcludes>
</fileSet>
......@@ -16,4 +23,4 @@
<useDefaultExcludes>true</useDefaultExcludes>
</fileSet>
</fileSets>
</component>
\ No newline at end of file
</assembly>
\ No newline at end of file
<component>
<assembly>
<id>sources</id>
<formats>
<format>jar</format>
</formats>
<includeBaseDirectory>false</includeBaseDirectory>
<fileSets>
<fileSet>
<includes>
<include>README.txt</include>
<include>LICENSE.txt</include>
<include>NOTICE.txt</include>
</includes>
</fileSet>
<fileSet>
<directory>src/main/java</directory>
<outputDirectory>.</outputDirectory>
<includes>
<include>**/*.java</include>
</includes>
<useDefaultExcludes>true</useDefaultExcludes>
</fileSet>
</fileSets>
</component>
</assembly>
\ No newline at end of file
......@@ -37,6 +37,7 @@ import org.orekit.time.TimeScalesFactory;
import org.orekit.utils.Constants;
import org.orekit.utils.IERSConventions;
import org.xml.sax.Attributes;
import org.xml.sax.EntityResolver;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.XMLReader;
......@@ -114,6 +115,14 @@ class RapidDataAndPredictionXMLLoader implements EOPHistoryLoader {
// set up a reader for line-oriented bulletin B files
final XMLReader reader = SAXParserFactory.newInstance().newSAXParser().getXMLReader();
reader.setContentHandler(new EOPContentHandler(name));
// disable external entities
reader.setEntityResolver(new EntityResolver() {
/** {@inheritDoc} */
@Override
public InputSource resolveEntity(final String publicId, final String systemId) {
return new InputSource();
}
});
// read all file, ignoring header
reader.parse(new InputSource(new InputStreamReader(input, "UTF-8")));
......
......@@ -41,6 +41,13 @@ with groupID org.orekit and artifactId orekit so maven
internal mechanism will download automatically all artifacts and dependencies
as required.
| package | link |
|----------|---------------------------------------------------------------------------------------------------------------|
| source | [orekit-7.2.1-sources.zip](https://www.orekit.org/forge/attachments/download/678/orekit-7.2.1-sources.zip) |
| binary | [orekit-7.2.1.jar](https://www.orekit.org/forge/attachments/download/679/orekit-7.2.1.jar) |
| javadoc | [orekit-7.2.1-javadoc.jar](https://www.orekit.org/forge/attachments/download/680/orekit-7.2.1-javadoc.jar) |
version 7.2.1 downloads (release date: 2017-11-03)
| package | link |
|----------|-----------------------------------------------------------------------------------------------------------|
| source | [orekit-7.2-sources.zip](https://www.orekit.org/forge/attachments/download/601/orekit-7.2-sources.zip) |
......
......@@ -20,7 +20,15 @@
<title>Orekit Changes</title>
</properties>
<body>
<release version="7.2" date="TBC"
<release version="7.2.1" date="2017-11-01"
description="Version 7.2.1 is a patch release of Orekit.
It fixes security issus 368.">
<action dev="evan" type="fix">
Disabled XML external resources when parsing rapid XML EOP files.
Part of issue #368.
</action>
</release>
<release version="7.2" date="2016-04-05"
description="Version 7.2 is a minor release of Orekit. It introduces several new
features and bug fixes. The most important features introduced in version 7.2
are handling of GLONASS and QZSS time scales, support for local time zones
......
......@@ -17,10 +17,12 @@
package org.orekit.frames;
import java.net.MalformedURLException;
import java.util.Collections;
import java.util.SortedSet;
import java.util.TreeSet;
import org.hamcrest.CoreMatchers;
import org.junit.Assert;
import org.junit.Test;
import org.orekit.data.AbstractFilesLoaderTest;
......@@ -35,6 +37,33 @@ public class RapidDataAndPredictionXMLLoaderTest extends AbstractFilesLoaderTest
private static final ChronologicalComparator COMP = new ChronologicalComparator();
@Test
public void testExternalResourcesAreIgnoredIssue368() throws OrekitException {
// setup
setRoot("external-resources");
IERSConventions.NutationCorrectionConverter converter =
IERSConventions.IERS_1996.getNutationCorrectionConverter();
SortedSet<EOPEntry> history = new TreeSet<EOPEntry>(new ChronologicalComparator());
RapidDataAndPredictionXMLLoader loader =
new RapidDataAndPredictionXMLLoader("^finals2000A\\..*\\.xml$");
// action
try {
loader.fillHistory(converter, history);
// verify
Assert.fail("Expected Exception");
} catch (OrekitException e) {
// Malformed URL exception indicates external resource was disabled
// file not found exception indicates parser tried to load the resource
Assert.assertThat(e.getCause(),
CoreMatchers.instanceOf(MalformedURLException.class));
}
// problem if any EOP data is loaded
Assert.assertEquals(0, history.size());
}
@Test
public void testStartDateDaily1980() throws OrekitException {
setRoot("rapid-data-xml");
......
---------------
UTC-TAI.history
---------------
RELATIONSHIP BETWEEN TAI AND UTC
-------------------------------------------------------------------------------
Limits of validity(at 0h UTC) TAI - UTC
1961 Jan. 1 - 1961 Aug. 1 1.422 818 0s + (MJD - 37 300) x 0.001 296s
Aug. 1 - 1962 Jan. 1 1.372 818 0s + ""
1962 Jan. 1 - 1963 Nov. 1 1.845 858 0s + (MJD - 37 665) x 0.001 123 2s
1963 Nov. 1 - 1964 Jan. 1 1.945 858 0s + ""
1964 Jan. 1 - April 1 3.240 130 0s + (MJD - 38 761) x 0.001 296s
April 1 - Sept. 1 3.340 130 0s + ""
Sept. 1 - 1965 Jan. 1 3.440 130 0s + ""
1965 Jan. 1 - March 1 3.540 130 0s + ""
March 1 - Jul. 1 3.640 130 0s + ""
Jul. 1 - Sept. 1 3.740 130 0s + ""
Sept. 1 - 1966 Jan. 1 3.840 130 0s + ""
1966 Jan. 1 - 1968 Feb. 1 4.313 170 0s + (MJD - 39 126) x 0.002 592s
1968 Feb. 1 - 1972 Jan. 1 4.213 170 0s + ""
1972 Jan. 1 - Jul. 1 10s
Jul. 1 - 1973 Jan. 1 11s
1973 Jan. 1 - 1974 Jan. 1 12s
1974 Jan. 1 - 1975 Jan. 1 13s
1975 Jan. 1 - 1976 Jan. 1 14s
1976 Jan. 1 - 1977 Jan. 1 15s
1977 Jan. 1 - 1978 Jan. 1 16s
1978 Jan. 1 - 1979 Jan. 1 17s
1979 Jan. 1 - 1980 Jan. 1 18s
1980 Jan. 1 - 1981 Jul. 1 19s
1981 Jul. 1 - 1982 Jul. 1 20s
1982 Jul. 1 - 1983 Jul. 1 21s
1983 Jul. 1 - 1985 Jul. 1 22s
1985 Jul. 1 - 1988 Jan. 1 23s
1988 Jan. 1 - 1990 Jan. 1 24s
1990 Jan. 1 - 1991 Jan. 1 25s
1991 Jan. 1 - 1992 Jul. 1 26s
1992 Jul. 1.- 1993 Jul 1 27s
1993 Jul. 1 - 1994 Jul. 1 28s
1994 Jul. 1 - 1996 Jan. 1 29s
1996 Jan. 1 - 1997 Jul. 1 30s
1997 Jul. 1.- 1999 Jan. 1 31s
1999 Jan. 1.- 2006 Jan. 1 32s
2006 Jan. 1.- 2009 Jan. 1 33s
2009 Jan. 1.- 2012 Jul 1 34s
2012 Jul 1 - 2015 Jul 1 35s
2015 Jul 1 - 36s
----------------------------------------------------------------------
<?xml version="1.0"?>
<!DOCTYPE foo SYSTEM "file:./not-a-real-file.xml">
<foo>bar</foo>