Merge branch 'jetty-8' of ssh://git.eclipse.org/gitroot/jetty/org.eclipse.jetty.project into jetty-8

This commit is contained in:
Greg Wilkins 2012-01-18 17:05:22 +11:00
commit 0a88d47a23
41 changed files with 843 additions and 373 deletions

View File

@ -1,5 +1,33 @@
jetty-8.1.0-SNAPSHOT
jetty-8.1.0.RC4 - 13 January 2012
+ 365048 jetty Http client does not send proxy authentication when requesting
a Https-resource through a web-proxy.
+ 366774 removed XSS vulnerbility
+ 367099 Upgrade jetty-websocket for RFC 6455 - Addendum.
+ 367433 added tests to investigate
+ 367435 improved D00 test harness
+ 367485 HttpExchange canceled before response do not release connection.
+ 367502 WebSocket connections should be closed when application context is
stopped.
+ 367548 jetty-osgi-boot must not import the nested package twice
+ 367591 corrected configuration.xml version to 7.6
+ 367635 Added support for start.d directory
+ 367716 simplified maxIdleTime logic
+ 368035 WebSocketClientFactory does not invoke super.doStop().
+ 368060 do not encode sendRedirect URLs
+ 368112 NPE on <jsp-config><taglib> element parsing web.xml
+ 368113 Support servlet mapping to ""
+ 368114 Protect against non-Strings in System properties for Log
+ 368189 WebSocketClientFactory should not manage external thread pool. 368240
- Improve AggregateLifeCycle handling of shared lifecycles
+ 368215 Remove debug from jaspi
+ 368240 Better handling of locally created ThreadPool. Forgot to null out
field.
+ 368291 Change warning to info for NoSuchFieldException on
BeanELResolver.properties
+ 367638 limit number of form parameters to avoid DOS
+ JETTY-1467 close half closed when idle
jetty-8.1.0.RC2 - 22 December 2011
+ 359329 jetty-jaspi must exports its packages. jetty-plus must import
@ -43,6 +71,21 @@ jetty-8.1.0.RC0 - 30 November 2011
+ 364283 can't parse the servlet multipart-config for the web.xml
+ 364430 Support web.xml enabled state for servlets
jetty-7.6.0.RC4 - 13 January 2012
+ 365048 jetty Http client does not send proxy authentication when requesting
a Https-resource through a web-proxy.
+ 366774 removed XSS vulnerbility
+ 367099 Upgrade jetty-websocket for RFC 6455 - Addendum.
+ 367716 simplified maxIdleTime logic
+ 368035 WebSocketClientFactory does not invoke super.doStop().
+ 368060 do not encode sendRedirect URLs
+ 368114 Protect against non-Strings in System properties for Log
+ 368189 WebSocketClientFactory should not manage external thread pool.
+ 368215 Remove debug from jaspi
+ 368240 Improve AggregateLifeCycle handling of shared lifecycles
+ 368291 Change warning to info for NoSuchFieldException on
BeanELResolver.properties
jetty-7.6.0.RC3 - 05 January 2012
+ 367433 added tests to investigate
+ 367435 improved D00 test harness
@ -51,7 +94,7 @@ jetty-7.6.0.RC3 - 05 January 2012
stopped.
+ 367591 corrected configuration.xml version to 7.6
+ 367635 Added support for start.d directory
+ 637638 limit number of form parameters to avoid DOS
+ 367638 limit number of form parameters to avoid DOS
+ JETTY-1467 close half closed when idle
jetty-7.6.0.RC2 - 22 December 2011

View File

@ -163,10 +163,6 @@
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
</exclusion>
<exclusion>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
@ -237,11 +233,6 @@
<artifactId>mail</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.geronimo.specs</groupId>
<artifactId>geronimo-jaspic_1.0_spec</artifactId>

View File

@ -143,10 +143,6 @@
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
</exclusion>
<exclusion>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
@ -222,11 +218,6 @@
<artifactId>mail</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.geronimo.specs</groupId>
<artifactId>geronimo-jaspic_1.0_spec</artifactId>

View File

@ -96,10 +96,6 @@
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
</exclusion>
<exclusion>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
@ -118,10 +114,5 @@
<artifactId>mail</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<scope>compile</scope>
</dependency>
</dependencies>
</project>

View File

@ -1,6 +1,7 @@
package org.eclipse.jetty.client;
import java.io.BufferedReader;
import java.io.EOFException;
import java.io.File;
import java.io.IOException;
import java.io.InputStreamReader;
@ -9,6 +10,7 @@ import java.net.SocketTimeoutException;
import java.nio.channels.SocketChannel;
import java.util.Arrays;
import java.util.concurrent.Callable;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
@ -34,6 +36,7 @@ import org.eclipse.jetty.io.Connection;
import org.eclipse.jetty.io.EndPoint;
import org.eclipse.jetty.io.nio.AsyncConnection;
import org.eclipse.jetty.io.nio.SslConnection;
import org.eclipse.jetty.server.AsyncHttpConnection;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.AbstractHandler;
@ -45,6 +48,7 @@ import org.junit.After;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;
import static org.hamcrest.Matchers.greaterThan;
@ -59,8 +63,10 @@ public class SslBytesServerTest extends SslBytesTest
private final int idleTimeout = 2000;
private ExecutorService threadPool;
private Server server;
private int serverPort;
private SSLContext sslContext;
private SimpleProxy proxy;
private Runnable idleHook;
@Before
public void init() throws Exception
@ -96,13 +102,22 @@ public class SslBytesServerTest extends SslBytesTest
}
};
}
@Override
public void onIdleExpired(long idleForMs)
{
final Runnable idleHook = SslBytesServerTest.this.idleHook;
if (idleHook != null)
idleHook.run();
super.onIdleExpired(idleForMs);
}
};
}
@Override
protected AsyncConnection newPlainConnection(SocketChannel channel, AsyncEndPoint endPoint)
{
return new org.eclipse.jetty.server.AsyncHttpConnection(this, endPoint, getServer())
return new AsyncHttpConnection(this, endPoint, getServer())
{
@Override
protected HttpParser newHttpParser(Buffers requestBuffers, EndPoint endPoint, HttpParser.EventHandler requestHandler)
@ -135,25 +150,36 @@ public class SslBytesServerTest extends SslBytesTest
{
public void handle(String target, Request request, HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws IOException, ServletException
{
request.setHandled(true);
String contentLength = request.getHeader("Content-Length");
if (contentLength != null)
try
{
int length = Integer.parseInt(contentLength);
ServletInputStream input = httpRequest.getInputStream();
ServletOutputStream output = httpResponse.getOutputStream();
byte[] buffer = new byte[32 * 1024];
for (int i = 0; i < length; ++i)
request.setHandled(true);
String contentLength = request.getHeader("Content-Length");
if (contentLength != null)
{
int read = input.read(buffer);
if ("/echo".equals(target))
output.write(buffer, 0, read);
int length = Integer.parseInt(contentLength);
ServletInputStream input = httpRequest.getInputStream();
ServletOutputStream output = httpResponse.getOutputStream();
byte[] buffer = new byte[32 * 1024];
while (length > 0)
{
int read = input.read(buffer);
if (read < 0)
throw new EOFException();
length -= read;
if (target.startsWith("/echo"))
output.write(buffer, 0, read);
}
}
}
catch (IOException x)
{
if (!(target.endsWith("suppress_exception")))
throw x;
}
}
});
server.start();
int serverPort = connector.getLocalPort();
serverPort = connector.getLocalPort();
sslContext = cf.getSslContext();
@ -593,10 +619,10 @@ public class SslBytesServerTest extends SslBytesTest
}
// Check that we did not spin
TimeUnit.MILLISECONDS.sleep(500);
TimeUnit.MILLISECONDS.sleep(1000);
Assert.assertThat(sslHandles.get(), lessThan(750));
Assert.assertThat(sslFlushes.get(), lessThan(750));
Assert.assertThat(httpParses.get(), lessThan(150));
Assert.assertThat(httpParses.get(), lessThan(1000));
client.close();
@ -860,6 +886,59 @@ public class SslBytesServerTest extends SslBytesTest
// connection, and this will cause an exception in the
// server that is trying to write the data
TimeUnit.MILLISECONDS.sleep(500);
proxy.sendRSTToServer();
// Wait a while to detect spinning
TimeUnit.MILLISECONDS.sleep(500);
Assert.assertThat(sslHandles.get(), lessThan(20));
Assert.assertThat(sslFlushes.get(), lessThan(20));
Assert.assertThat(httpParses.get(), lessThan(50));
client.close();
}
@Test
public void testRequestWithBigContentReadBlockedThenReset() throws Exception
{
final SSLSocket client = newClient();
SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
client.startHandshake();
Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
byte[] data = new byte[128 * 1024];
Arrays.fill(data, (byte)'X');
final String content = new String(data, "UTF-8");
Future<Object> request = threadPool.submit(new Callable<Object>()
{
public Object call() throws Exception
{
OutputStream clientOutput = client.getOutputStream();
clientOutput.write(("" +
"GET /echo_suppress_exception HTTP/1.1\r\n" +
"Host: localhost\r\n" +
"Content-Length: " + content.length() + "\r\n" +
"\r\n" +
content).getBytes("UTF-8"));
clientOutput.flush();
return null;
}
});
// Nine TLSRecords will be generated for the request,
// but we write only 5 of them, so the server goes in read blocked state
for (int i = 0; i < 5; ++i)
{
// Application data
TLSRecord record = proxy.readFromClient();
Assert.assertEquals(TLSRecord.Type.APPLICATION, record.getType());
proxy.flushToServer(record, 0);
}
Assert.assertNull(request.get(5, TimeUnit.SECONDS));
// The server should be read blocked, and we send a RST
TimeUnit.MILLISECONDS.sleep(500);
proxy.sendRSTToServer();
// Wait a while to detect spinning
@ -1446,6 +1525,162 @@ public class SslBytesServerTest extends SslBytesTest
Assert.assertFalse(serverEndPoint.get().isOpen());
}
@Test
public void testPlainText() throws Exception
{
final SSLSocket client = newClient();
threadPool.submit(new Callable<Object>()
{
public Object call() throws Exception
{
client.startHandshake();
return null;
}
});
// Instead of passing the Client Hello, we simulate plain text was passed in
proxy.flushToServer(0, "GET / HTTP/1.1\r\n".getBytes("UTF-8"));
// We expect that the server closes the connection immediately
TLSRecord record = proxy.readFromServer();
Assert.assertNull(String.valueOf(record), record);
// Check that we did not spin
TimeUnit.MILLISECONDS.sleep(500);
Assert.assertThat(sslHandles.get(), lessThan(20));
Assert.assertThat(sslFlushes.get(), lessThan(20));
Assert.assertThat(httpParses.get(), lessThan(50));
client.close();
}
@Test
public void testRequestConcurrentWithIdleExpiration() throws Exception
{
final SSLSocket client = newClient();
final OutputStream clientOutput = client.getOutputStream();
final CountDownLatch latch = new CountDownLatch(1);
idleHook = new Runnable()
{
public void run()
{
try
{
// Send request
clientOutput.write(("" +
"GET / HTTP/1.1\r\n" +
"Host: localhost\r\n" +
"\r\n").getBytes("UTF-8"));
clientOutput.flush();
latch.countDown();
}
catch (Exception x)
{
// Latch won't trigger and test will
// fail, just print the stack trace
x.printStackTrace();
}
}
};
SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
client.startHandshake();
Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
Assert.assertTrue(latch.await(idleTimeout * 2, TimeUnit.MILLISECONDS));
// Be sure that the server sent a SSL close alert
TLSRecord record = proxy.readFromServer();
Assert.assertNotNull(record);
Assert.assertEquals(TLSRecord.Type.ALERT, record.getType());
// Write the request to the server, to simulate a request
// concurrent with the SSL close alert
record = proxy.readFromClient();
Assert.assertEquals(TLSRecord.Type.APPLICATION, record.getType());
proxy.flushToServer(record, 0);
// Check that we did not spin
TimeUnit.MILLISECONDS.sleep(500);
Assert.assertThat(sslHandles.get(), lessThan(20));
Assert.assertThat(sslFlushes.get(), lessThan(20));
Assert.assertThat(httpParses.get(), lessThan(50));
}
/*
@Test
public void testRequestWriteBlockedWithPipelinedRequest() throws Exception
{
final SSLSocket client = newClient();
final OutputStream clientOutput = client.getOutputStream();
SimpleProxy.AutomaticFlow automaticProxyFlow = proxy.startAutomaticFlow();
client.startHandshake();
Assert.assertTrue(automaticProxyFlow.stop(5, TimeUnit.SECONDS));
byte[] data = new byte[128 * 1024];
Arrays.fill(data, (byte)'X');
final String content = new String(data, "UTF-8");
Future<Object> request = threadPool.submit(new Callable<Object>()
{
public Object call() throws Exception
{
clientOutput.write(("" +
"POST /echo HTTP/1.1\r\n" +
"Host: localhost\r\n" +
"Content-Length: " + content.length() + "\r\n" +
"\r\n" +
content).getBytes("UTF-8"));
clientOutput.flush();
return null;
}
});
// Nine TLSRecords will be generated for the request
for (int i = 0; i < 9; ++i)
{
// Application data
TLSRecord record = proxy.readFromClient();
Assert.assertEquals(TLSRecord.Type.APPLICATION, record.getType());
proxy.flushToServer(record, 0);
}
Assert.assertNull(request.get(5, TimeUnit.SECONDS));
// We do not read the big request to cause a write blocked on the server
TimeUnit.MILLISECONDS.sleep(500);
// Now send the pipelined request
Future<Object> pipelined = threadPool.submit(new Callable<Object>()
{
public Object call() throws Exception
{
clientOutput.write(("" +
"GET /pipelined HTTP/1.1\r\n" +
"Host: localhost\r\n" +
"\r\n").getBytes("UTF-8"));
clientOutput.flush();
return null;
}
});
TLSRecord record = proxy.readFromClient();
Assert.assertEquals(TLSRecord.Type.APPLICATION, record.getType());
proxy.flushToServer(record, 0);
Assert.assertNull(pipelined.get(5, TimeUnit.SECONDS));
// Check that we did not spin
TimeUnit.MILLISECONDS.sleep(500);
Assert.assertThat(sslHandles.get(), lessThan(20));
Assert.assertThat(sslFlushes.get(), lessThan(20));
Assert.assertThat(httpParses.get(), lessThan(50));
Thread.sleep(5000);
// closeClient(client);
}
*/
private void assumeJavaVersionSupportsTLSRenegotiations()
{
// Due to a security bug, TLS renegotiations were disabled in JDK 1.6.0_19-21

View File

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd">
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Set name="contextPath">/foo</Set>
<Set name="war">

View File

@ -12,7 +12,6 @@
<jetty-orbit-url>http://download.eclipse.org/jetty/orbit</jetty-orbit-url>
<assembly-directory>target/distribution</assembly-directory>
<eclipse-ecj-version>3.6</eclipse-ecj-version>
<orbit-javax-activation-version>${javax-activation-version}.0.v201105071233</orbit-javax-activation-version>
<orbit-javax-annotation-version>1.1.0.v201105051105</orbit-javax-annotation-version>
<orbit-javax-el-version>2.2.0.v201105051105</orbit-javax-el-version>
<orbit-javax-mail-glassfish-version>${javax-mail-version}.v201005082020</orbit-javax-mail-glassfish-version>
@ -69,7 +68,6 @@
<mkdir dir="${orbit-cache}" />
<get dest="${orbit-cache}" verbose="true" skipexisting="true">
<url url="${jetty-orbit-url}/javax.servlet_${orbit-javax-servlet-version}.jar" />
<url url="${jetty-orbit-url}/javax.activation_${orbit-javax-activation-version}.jar" />
<url url="${jetty-orbit-url}/javax.annotation_${orbit-javax-annotation-version}.jar" />
<url url="${jetty-orbit-url}/javax.mail.glassfish_${orbit-javax-mail-glassfish-version}.jar" />
<url url="${jetty-orbit-url}/javax.el_${orbit-javax-el-version}.jar" />

View File

@ -63,8 +63,8 @@ public class HttpParser implements Parser
private Buffer _body; // Buffer for large content
private Buffer _buffer; // The current buffer in use (either _header or _content)
private CachedBuffer _cached;
private View.CaseInsensitive _tok0; // Saved token: header name, request method or response version
private View.CaseInsensitive _tok1; // Saved token: header value, request URI or response code
private final View.CaseInsensitive _tok0; // Saved token: header name, request method or response version
private final View.CaseInsensitive _tok1; // Saved token: header value, request URI or response code
private String _multiLineValue;
private int _responseStatus; // If >0 then we are parsing a response
private boolean _forceContentBuffer;
@ -93,13 +93,8 @@ public class HttpParser implements Parser
_buffer=buffer;
_handler=handler;
if (buffer != null)
{
_tok0=new View.CaseInsensitive(buffer);
_tok1=new View.CaseInsensitive(buffer);
_tok0.setPutIndex(_tok0.getIndex());
_tok1.setPutIndex(_tok1.getIndex());
}
_tok0=new View.CaseInsensitive(_header);
_tok1=new View.CaseInsensitive(_header);
}
/* ------------------------------------------------------------------------------- */
@ -114,6 +109,8 @@ public class HttpParser implements Parser
_buffers=buffers;
_endp=endp;
_handler=handler;
_tok0=new View.CaseInsensitive();
_tok1=new View.CaseInsensitive();
}
/* ------------------------------------------------------------------------------- */
@ -197,7 +194,7 @@ public class HttpParser implements Parser
public void setPersistent(boolean persistent)
{
_persistent = persistent;
if (_state==STATE_END)
if (!_persistent &&(_state==STATE_END || _state==STATE_START))
_state=STATE_SEEKING_EOF;
}
@ -256,17 +253,7 @@ public class HttpParser implements Parser
return 0;
if (_buffer==null)
{
if (_header == null)
{
_header=_buffers.getHeader();
}
_buffer=_header;
_tok0=new View.CaseInsensitive(_header);
_tok1=new View.CaseInsensitive(_header);
_tok0.setPutIndex(_tok0.getIndex());
_tok1.setPutIndex(_tok1.getIndex());
}
_buffer=getHeaderBuffer();
if (_state == STATE_CONTENT && _contentPosition == _contentLength)
@ -1013,11 +1000,7 @@ public class HttpParser implements Parser
{
// Do we have a buffer?
if (_buffer==null)
{
_buffer=_header=getHeaderBuffer();
_tok0=new View.CaseInsensitive(_buffer);
_tok1=new View.CaseInsensitive(_buffer);
}
_buffer=getHeaderBuffer();
// Is there unconsumed content in body buffer
if (_state>STATE_END && _buffer==_header && _header!=null && !_header.hasContent() && _body!=null && _body.hasContent())
@ -1086,9 +1069,7 @@ public class HttpParser implements Parser
// This is probably a pipelined header of the next request, so we need to
// copy it to the header buffer.
if (_header==null)
{
_header=_buffers.getHeader();
}
getHeaderBuffer();
else
{
_header.setMarkIndex(-1);
@ -1165,6 +1146,8 @@ public class HttpParser implements Parser
if (_header == null)
{
_header=_buffers.getHeader();
_tok0.update(_header);
_tok1.update(_header);
}
return _header;
}

View File

@ -24,6 +24,7 @@ import java.nio.channels.ServerSocketChannel;
import java.nio.channels.SocketChannel;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.concurrent.ConcurrentMap;
@ -303,7 +304,7 @@ public abstract class SelectorManager extends AbstractLifeCycle implements Dumpa
}
});
if (!selecting)
throw new IllegalStateException("!Selecting");
}
@ -372,7 +373,7 @@ public abstract class SelectorManager extends AbstractLifeCycle implements Dumpa
/* ------------------------------------------------------------ */
public void dump(Appendable out, String indent) throws IOException
{
out.append(String.valueOf(this)).append("\n");
AggregateLifeCycle.dumpObject(out,this);
AggregateLifeCycle.dump(out,indent,TypeUtil.asList(_selectSet));
}
@ -960,7 +961,7 @@ public abstract class SelectorManager extends AbstractLifeCycle implements Dumpa
{
LOG.ignore(e);
}
AggregateLifeCycle.dump(out,indent,dump);
}
}
@ -969,8 +970,9 @@ public abstract class SelectorManager extends AbstractLifeCycle implements Dumpa
public void dumpKeyState(List<Object> dumpto)
{
Selector selector=_selector;
dumpto.add(selector+" keys="+selector.keys().size());
for (SelectionKey key: selector.keys())
Set<SelectionKey> keys = selector.keys();
dumpto.add(selector + " keys=" + keys.size());
for (SelectionKey key: keys)
{
if (key.isValid())
dumpto.add(key.attachment()+" iOps="+key.interestOps()+" rOps="+key.readyOps());
@ -983,9 +985,8 @@ public abstract class SelectorManager extends AbstractLifeCycle implements Dumpa
public String toString()
{
Selector selector=_selector;
return String.format("%s %s keys=%d selected=%d",
return String.format("%s keys=%d selected=%d",
super.toString(),
SelectorManager.this.getState(),
selector != null && selector.isOpen() ? selector.keys().size() : -1,
selector != null && selector.isOpen() ? selector.selectedKeys().size() : -1);
}

View File

@ -182,22 +182,17 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
while (progress)
{
progress=false;
// If we are handshook let the delegate connection
if (_engine.getHandshakeStatus()!=HandshakeStatus.NOT_HANDSHAKING)
{
progress=process(null,null);
}
else
// handle the delegate connection
AsyncConnection next = (AsyncConnection)_connection.handle();
if (next!=_connection && next!=null)
{
// handle the delegate connection
AsyncConnection next = (AsyncConnection)_connection.handle();
if (next!=_connection && next!=null)
{
_connection=next;
progress=true;
}
// TODO: consider moving here hasProgressed() - it's only used in SSL
_connection=next;
progress=true;
}
LOG.debug("{} handle {} progress={}", _session, this, progress);
@ -274,40 +269,55 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
boolean some_progress=false;
try
{
// We need buffers to progress
allocateBuffers();
// if we don't have a buffer to put received data into
if (toFill==null)
{
// use the unwrapbuffer to hold received data.
_unwrapBuf.compact();
toFill=_unwrapBuf;
}
// Else if the fill buffer is too small for the SSL session
else if (toFill.capacity()<_session.getApplicationBufferSize())
{
// fill to the temporary unwrapBuffer
boolean progress=process(null,toFlush);
// if we received any data,
if (_unwrapBuf!=null && _unwrapBuf.hasContent())
{
// transfer from temp buffer to fill buffer
_unwrapBuf.skip(toFill.put(_unwrapBuf));
return true;
}
else
// return progress from recursive call
return progress;
}
// Else if there is some temporary data
else if (_unwrapBuf!=null && _unwrapBuf.hasContent())
{
// transfer from temp buffer to fill buffer
_unwrapBuf.skip(toFill.put(_unwrapBuf));
return true;
}
// If we are here, we have a buffer ready into which we can put some read data.
// If we have no data to flush, flush the empty buffer
if (toFlush==null)
toFlush=__ZERO_BUFFER;
// While we are making progress processing SSL engine
boolean progress=true;
while (progress)
{
progress=false;
// Do any real IO
int filled=0,flushed=0;
try
{
// Read any available data
@ -356,20 +366,6 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
task.run();
}
// Detect SUN JVM Bug!!!
/* TODO
if(initialStatus==HandshakeStatus.NOT_HANDSHAKING &&
_engine.getHandshakeStatus()==HandshakeStatus.NEED_UNWRAP && sent==0 )
{
// This should be NEED_WRAP
// The fix simply detects the signature of the bug and then close the connection (fail-fast) so that ff3 will delegate to using SSL instead of TLS.
// This is a jvm bug on java1.6 where the SSLEngine expects more data from the initial handshake when the client(ff3-tls) already had given it.
// See http://jira.codehaus.org/browse/JETTY-567 for more details
LOG.warn("{} JETTY-567",_session);
_endp.close();
return false;
}
*/
}
break;
@ -388,6 +384,11 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
// The SSL needs to receive some handshake data from the other side
if (_handshook && !_allowRenegotiate)
_endp.close();
else if (!_inbound.hasContent()&&filled==-1)
{
// No more input coming
_endp.shutdownInput();
}
else if (unwrap(toFill))
progress=true;
}
@ -401,10 +402,12 @@ public class SslConnection extends AbstractConnection implements AsyncConnection
if (_endp.isOpen() && _engine.isOutboundDone() && !_outbound.hasContent())
_endp.shutdownOutput();
// remember if any progress has been made
some_progress|=progress;
}
if (toFill.hasContent())
// If we are reading into the temp buffer and it has some content, then we should be dispatched.
if (toFill==_unwrapBuf && _unwrapBuf.hasContent())
_aEndp.asyncDispatch();
}
finally

View File

@ -337,7 +337,7 @@ public class MBeanContainer extends AbstractLifeCycle implements Container.Liste
public void dump(Appendable out, String indent) throws IOException
{
out.append(toString()).append("\n");
AggregateLifeCycle.dumpObject(out,this);
AggregateLifeCycle.dump(out, indent, _beans.entrySet());
}

View File

@ -14,7 +14,6 @@
<jetty-orbit-url>http://download.eclipse.org/jetty/orbit</jetty-orbit-url>
<assembly-directory>target/distribution</assembly-directory>
<eclipse-ecj-version>3.6</eclipse-ecj-version>
<orbit-javax-activation-version>${javax-activation-version}.0.v201105071233</orbit-javax-activation-version>
<orbit-javax-annotation-version>1.1.0.v201105051105</orbit-javax-annotation-version>
<orbit-javax-el-version>2.2.0.v201105051105</orbit-javax-el-version>
<orbit-javax-mail-glassfish-version>${javax-mail-version}.v201005082020</orbit-javax-mail-glassfish-version>
@ -199,7 +198,6 @@
<mkdir dir="${orbit-cache}" />
<get dest="${orbit-cache}" verbose="true" skipexisting="true">
<url url="${jetty-orbit-url}/javax.servlet_${orbit-javax-servlet-version}.jar" />
<url url="${jetty-orbit-url}/javax.activation_${orbit-javax-activation-version}.jar" />
<url url="${jetty-orbit-url}/javax.mail.glassfish_${orbit-javax-mail-glassfish-version}.jar" />
<url url="${jetty-orbit-url}/javax.el_${orbit-javax-el-version}.jar" />
<url url="${jetty-orbit-url}/javax.servlet.jsp_${orbit-javax-servlet-jsp-version}.jar" />

View File

@ -358,7 +358,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
{
if (connector.isIntegral(request))
return true;
if (connector.getConfidentialPort() > 0)
if (connector.getIntegralPort() > 0)
{
String url = connector.getIntegralScheme() + "://" + request.getServerName() + ":" + connector.getIntegralPort() + request.getRequestURI();
if (request.getQueryString() != null)
@ -440,6 +440,13 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
public void dump(Appendable out,String indent) throws IOException
{
dumpThis(out);
dump(out,indent,TypeUtil.asList(getHandlers()),getBeans(),Collections.singleton(_roles),_constraintMap.entrySet());
dump(out,indent,
Collections.singleton(getLoginService()),
Collections.singleton(getIdentityService()),
Collections.singleton(getAuthenticator()),
Collections.singleton(_roles),
_constraintMap.entrySet(),
getBeans(),
TypeUtil.asList(getHandlers()));
}
}

View File

@ -244,16 +244,19 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
return _initParameters.put(key,value);
}
/* ------------------------------------------------------------ */
protected LoginService findLoginService()
{
List<LoginService> list = getServer().getBeans(LoginService.class);
for (LoginService service : list)
if (service.getName()!=null && service.getName().equals(getRealmName()))
return service;
if (list.size()>0)
String realm=getRealmName();
if (realm!=null)
{
for (LoginService service : list)
if (service.getName()!=null && service.getName().equals(realm))
return service;
}
else if (list.size()==1)
return list.get(0);
return null;
}
@ -414,7 +417,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
final Authenticator authenticator = _authenticator;
if (authenticator!=null && checkSecurity(baseRequest))
if (checkSecurity(baseRequest))
{
Object constraintInfo = prepareConstraintInfo(pathInContext, baseRequest);
@ -433,13 +436,24 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
boolean isAuthMandatory =
isAuthMandatory(baseRequest, base_response, constraintInfo);
if (isAuthMandatory && authenticator==null)
{
LOG.warn("No authenticator for: "+constraintInfo);
if (!baseRequest.isHandled())
{
response.sendError(Response.SC_FORBIDDEN);
baseRequest.setHandled(true);
}
return;
}
// check authentication
Object previousIdentity = null;
try
{
Authentication authentication = baseRequest.getAuthentication();
if (authentication==null || authentication==Authentication.NOT_CHECKED)
authentication=authenticator.validateRequest(request, response, isAuthMandatory);
authentication=authenticator==null?Authentication.UNAUTHENTICATED:authenticator.validateRequest(request, response, isAuthMandatory);
if (authentication instanceof Authentication.Wrapped)
{
@ -500,9 +514,11 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
else
{
baseRequest.setAuthentication(authentication);
previousIdentity = _identityService.associate(null);
if (_identityService!=null)
previousIdentity = _identityService.associate(null);
handler.handle(pathInContext, baseRequest, request, response);
authenticator.secureResponse(request, response, isAuthMandatory, null);
if (authenticator!=null)
authenticator.secureResponse(request, response, isAuthMandatory, null);
}
}
catch (ServerAuthException e)
@ -513,7 +529,8 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
}
finally
{
_identityService.disassociate(previousIdentity);
if (_identityService!=null)
_identityService.disassociate(previousIdentity);
}
}
else

View File

@ -0,0 +1,178 @@
// ========================================================================
// Copyright (c) 2004-2009 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
package org.eclipse.jetty.security;
import static org.junit.Assert.assertThat;
import static org.junit.matchers.JUnitMatchers.containsString;
import java.io.IOException;
import java.util.Arrays;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.http.HttpSchemes;
import org.eclipse.jetty.io.EndPoint;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.LocalConnector;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.session.SessionHandler;
import org.eclipse.jetty.util.security.Constraint;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
/**
* @version $Revision: 1441 $ $Date: 2010-04-02 12:28:17 +0200 (Fri, 02 Apr 2010) $
*/
public class DataConstraintsTest
{
private Server _server;
private LocalConnector _connector;
private LocalConnector _connectorS;
private SessionHandler _session;
private ConstraintSecurityHandler _security;
@Before
public void startServer()
{
_server = new Server();
_connector = new LocalConnector();
_connector.setIntegralPort(9998);
_connector.setIntegralScheme("FTP");
_connector.setConfidentialPort(9999);
_connector.setConfidentialScheme("SPDY");
_connectorS = new LocalConnector()
{
@Override
public void customize(EndPoint endpoint, Request request) throws IOException
{
super.customize(endpoint,request);
request.setScheme(HttpSchemes.HTTPS);
}
@Override
public boolean isIntegral(Request request)
{
return true;
}
@Override
public boolean isConfidential(Request request)
{
return true;
}
};
_server.setConnectors(new Connector[]{_connector,_connectorS});
ContextHandler _context = new ContextHandler();
_session = new SessionHandler();
_context.setContextPath("/ctx");
_server.setHandler(_context);
_context.setHandler(_session);
_security = new ConstraintSecurityHandler();
_session.setHandler(_security);
_security.setHandler(new AbstractHandler()
{
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.sendError(404);
}
});
}
@After
public void stopServer() throws Exception
{
if (_server.isRunning())
{
_server.stop();
_server.join();
}
}
@Test
public void testIntegral() throws Exception
{
Constraint constraint0 = new Constraint();
constraint0.setAuthenticate(false);
constraint0.setName("integral");
constraint0.setDataConstraint(Constraint.DC_INTEGRAL);
ConstraintMapping mapping0 = new ConstraintMapping();
mapping0.setPathSpec("/integral/*");
mapping0.setConstraint(constraint0);
_security.setConstraintMappings(Arrays.asList(new ConstraintMapping[]
{
mapping0
}));
_server.start();
String response;
response = _connector.getResponses("GET /ctx/some/thing HTTP/1.0\r\n\r\n");
assertThat(response, containsString("HTTP/1.1 404 Not Found"));
response = _connector.getResponses("GET /ctx/integral/info HTTP/1.0\r\n\r\n");
assertThat(response, containsString("HTTP/1.1 302 Found"));
assertThat(response, containsString("Location: FTP://"));
assertThat(response, containsString(":9998"));
response = _connectorS.getResponses("GET /ctx/integral/info HTTP/1.0\r\n\r\n");
assertThat(response, containsString("HTTP/1.1 404 Not Found"));
}
@Test
public void testConfidential() throws Exception
{
Constraint constraint0 = new Constraint();
constraint0.setAuthenticate(false);
constraint0.setName("confid");
constraint0.setDataConstraint(Constraint.DC_CONFIDENTIAL);
ConstraintMapping mapping0 = new ConstraintMapping();
mapping0.setPathSpec("/confid/*");
mapping0.setConstraint(constraint0);
_security.setConstraintMappings(Arrays.asList(new ConstraintMapping[]
{
mapping0
}));
_server.start();
String response;
response = _connector.getResponses("GET /ctx/some/thing HTTP/1.0\r\n\r\n");
assertThat(response, containsString("HTTP/1.1 404 Not Found"));
response = _connector.getResponses("GET /ctx/confid/info HTTP/1.0\r\n\r\n");
assertThat(response, containsString("HTTP/1.1 302 Found"));
assertThat(response, containsString("Location: SPDY://"));
assertThat(response, containsString(":9999"));
response = _connectorS.getResponses("GET /ctx/confid/info HTTP/1.0\r\n\r\n");
assertThat(response, containsString("HTTP/1.1 404 Not Found"));
}
}

View File

@ -889,11 +889,10 @@ public abstract class AbstractConnector extends AggregateLifeCycle implements Ht
@Override
public String toString()
{
return String.format("%s@%s:%d %s",
return String.format("%s@%s:%d",
getClass().getSimpleName(),
getHost()==null?"0.0.0.0":getHost(),
getLocalPort()<=0?getPort():getLocalPort(),
AbstractLifeCycle.getState(this));
getLocalPort()<=0?getPort():getLocalPort());
}
/* ------------------------------------------------------------ */

View File

@ -103,14 +103,14 @@ public abstract class AbstractHttpConnection extends AbstractConnection
protected final Parser _parser;
protected final HttpFields _requestFields;
protected final Request _request;
protected ServletInputStream _in;
protected volatile ServletInputStream _in;
protected final Generator _generator;
protected final HttpFields _responseFields;
protected final Response _response;
protected Output _out;
protected OutputWriter _writer;
protected PrintWriter _printWriter;
protected volatile Output _out;
protected volatile OutputWriter _writer;
protected volatile PrintWriter _printWriter;
int _include;
@ -123,7 +123,7 @@ public abstract class AbstractHttpConnection extends AbstractConnection
private boolean _expect102Processing = false;
private boolean _head = false;
private boolean _host = false;
private boolean _delayedHandling=false;
private boolean _delayedHandling=false;
/* ------------------------------------------------------------ */
public static AbstractHttpConnection getCurrentConnection()

View File

@ -177,6 +177,10 @@ public class AsyncHttpConnection extends AbstractHttpConnection implements Async
// then no more can happen, so close.
_endp.close();
}
// Make idle parser seek EOF
if (_parser.isIdle())
_parser.setPersistent(false);
}
}

View File

@ -114,7 +114,7 @@ public class Dispatcher implements RequestDispatcher
public void include(ServletRequest request, ServletResponse response) throws ServletException, IOException
{
Request baseRequest=(request instanceof Request)?((Request)request):AbstractHttpConnection.getCurrentConnection().getRequest();
request.removeAttribute(__JSP_FILE); // TODO remove when glassfish 1044 is fixed
if (!(request instanceof HttpServletRequest))
request = new ServletRequestHttpWrapper(request);
@ -198,7 +198,7 @@ public class Dispatcher implements RequestDispatcher
Response base_response=baseRequest.getResponse();
response.resetBuffer();
base_response.fwdReset();
request.removeAttribute(__JSP_FILE); // TODO remove when glassfish 1044 is fixed
if (!(request instanceof HttpServletRequest))
request = new ServletRequestHttpWrapper(request);

View File

@ -82,7 +82,7 @@ public class Response implements HttpServletResponse
private String _characterEncoding;
private boolean _explicitEncoding;
private String _contentType;
private int _outputState;
private volatile int _outputState;
private PrintWriter _writer;
/* ------------------------------------------------------------ */
@ -109,8 +109,8 @@ public class Response implements HttpServletResponse
_characterEncoding=null;
_explicitEncoding=false;
_contentType=null;
_outputState=NONE;
_writer=null;
_outputState=NONE;
}
/* ------------------------------------------------------------ */
@ -656,8 +656,9 @@ public class Response implements HttpServletResponse
if (_outputState!=NONE && _outputState!=STREAM)
throw new IllegalStateException("WRITER");
ServletOutputStream out = _connection.getOutputStream();
_outputState=STREAM;
return _connection.getOutputStream();
return out;
}
/* ------------------------------------------------------------ */
@ -1075,8 +1076,8 @@ public class Response implements HttpServletResponse
{
resetBuffer();
_outputState=NONE;
_writer=null;
_outputState=NONE;
}
/* ------------------------------------------------------------ */

View File

@ -94,7 +94,7 @@ public abstract class AbstractHandler extends AggregateLifeCycle implements Hand
/* ------------------------------------------------------------ */
public void dumpThis(Appendable out) throws IOException
{
out.append(toString()).append(' ').append(getState()).append('\n');
out.append(toString()).append(" - ").append(getState()).append('\n');
}
}

View File

@ -113,6 +113,6 @@ public abstract class AbstractHandlerContainer extends AbstractHandler implement
public void dump(Appendable out,String indent) throws IOException
{
dumpThis(out);
dump(out,indent,TypeUtil.asList(getHandlers()),getBeans());
dump(out,indent,getBeans(),TypeUtil.asList(getHandlers()));
}
}

View File

@ -448,8 +448,8 @@ public class HttpConnectionTest
PrintWriter writer = response.getWriter();
writer.write("<html><h1>FOO</h1></html>");
writer.flush();
writer.close();
throw new RuntimeException("SHOULD NOT GET HERE");
if (!writer.checkError())
throw new RuntimeException("SHOULD NOT GET HERE");
}
catch(Exception e)
{

View File

@ -31,16 +31,21 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import junit.framework.Assert;
import org.eclipse.jetty.http.HttpParser;
import org.eclipse.jetty.io.EndPoint;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.eclipse.jetty.util.IO;
import org.eclipse.jetty.util.StringUtil;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.StdErrLog;
import org.junit.Test;
import static org.hamcrest.Matchers.greaterThanOrEqualTo;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotSame;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.assertThat;
/**
*
@ -492,7 +497,7 @@ public abstract class HttpServerTestBase extends HttpServerTestFixture
}
finally
{
System.err.println("Got "+total+" of "+(512*1024));
//System.err.println("Got "+total+" of "+(512*1024));
client.close();
}
}
@ -739,7 +744,7 @@ public abstract class HttpServerTestBase extends HttpServerTestFixture
IO.copy(is,bout);
byte[] b=bout.toByteArray();
System.err.println("OUTPUT: "+new String(b));
//System.err.println("OUTPUT: "+new String(b));
int i=0;
while (b[i]!='Z')
i++;
@ -1205,4 +1210,69 @@ public abstract class HttpServerTestBase extends HttpServerTestFixture
@Test
public void testUnreadInput () throws Exception
{
configureServer(new NoopHandler());
final int REQS=5;
String content="This is a loooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"oooooooooooonnnnnnnnnnnnnnnnggggggggg content"+
new String(new char[65*1024]);
final byte[] bytes = content.getBytes();
Socket client=newSocket(HOST,_connector.getLocalPort());
final OutputStream out=client.getOutputStream();
new Thread()
{
public void run()
{
try
{
for (int i=0; i<REQS; i++)
{
out.write("GET / HTTP/1.1\r\nHost: localhost\r\n".getBytes(StringUtil.__ISO_8859_1));
out.write(("Content-Length: "+bytes.length+"\r\n" + "\r\n").getBytes(StringUtil.__ISO_8859_1));
out.write(bytes,0,bytes.length);
}
out.write("GET / HTTP/1.1\r\nHost: localhost\r\nConnection: close\r\n\r\n".getBytes(StringUtil.__ISO_8859_1));
out.flush();
}
catch(Exception e)
{
e.printStackTrace();
}
}
}.start();
String resps = readResponse(client);
int offset=0;
for (int i=0;i<(REQS+1);i++)
{
int ok=resps.indexOf("HTTP/1.1 200 OK",offset);
assertThat("resp"+i,ok,greaterThanOrEqualTo(offset));
offset=ok+15;
}
}
public class NoopHandler extends AbstractHandler
{
public void handle(String target, Request baseRequest,
HttpServletRequest request, HttpServletResponse response) throws IOException,
ServletException
{
//don't read the input, just send something back
((Request)request).setHandled(true);
response.setStatus(200);
}
}
}

View File

@ -1,118 +0,0 @@
// ========================================================================
// Copyright (c) 2008-2009 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
package org.eclipse.jetty.server;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.server.bio.SocketConnector;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
public class UnreadInputTest
{
public static final String __OK_RESPONSE = "HTTP/1.1 200 OK\r\nContent-Length: 0\r\nServer: Jetty(7.0.x)\r\n\r\n";
protected Server _server = new Server();
protected SocketConnector _connector;
protected int _port;
protected Socket _socket;
protected OutputStream _outputStream;
protected InputStream _inputStream;
@Before
public void init() throws Exception
{
//server side
_connector = new SocketConnector();
_server.setConnectors(new Connector[]{ _connector });
_server.setHandler(new NoopHandler());
_server.start();
_port = _connector.getLocalPort();
//client side
_socket = new Socket((String)null, _port);
_outputStream = _socket.getOutputStream();
_inputStream = _socket.getInputStream();
}
@After
public void destroy() throws Exception
{
_socket.close();
_server.stop();
_server.join();
}
@Test
public void testUnreadInput () throws Exception
{
for (int i=0; i<2; i++)
{
String content = "This is a loooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooooooooooooooooooooooooo"+
"ooooooooooooooooooooooonnnnnnnnnnnnnnnnggggggggg content";
byte[] bytes = content.getBytes();
_outputStream.write("GET / HTTP/1.1\r\nHost: localhost\r\n".getBytes());
Thread.currentThread();
Thread.sleep(500L);
String str = "Content-Length: "+bytes.length+"\r\n" + "\r\n";
_outputStream.write(str.getBytes());
Thread.currentThread();
Thread.sleep(500L);
//write some bytes of the content
_outputStream.write(bytes, 0, (bytes.length/2));
Thread.currentThread();
Thread.sleep(1000L);
//write the rest
_outputStream.write(bytes, bytes.length/2, (bytes.length - bytes.length/2));
}
byte[] inbuf = new byte[__OK_RESPONSE.getBytes().length*2];
int x = _inputStream.read(inbuf);
System.err.println(new String(inbuf, 0, x));
}
public class NoopHandler extends AbstractHandler
{
public void handle(String target, Request baseRequest,
HttpServletRequest request, HttpServletResponse response) throws IOException,
ServletException
{
//don't read the input, just send something back
((Request)request).setHandled(true);
response.setStatus(200);
}
}
}

View File

@ -268,7 +268,8 @@ public class Holder<T> extends AbstractLifeCycle implements Dumpable
/* ------------------------------------------------------------ */
public void dump(Appendable out, String indent) throws IOException
{
out.append(_name).append("==").append(_className).append("\n");
out.append(_name).append("==").append(_className)
.append(" - ").append(AbstractLifeCycle.getState(this)).append("\n");
AggregateLifeCycle.dump(out,indent,_initParams.entrySet());
}

View File

@ -18,7 +18,8 @@ import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
@ -42,7 +43,14 @@ import org.eclipse.jetty.util.log.Logger;
* <ul>
* <li><b>allowedOrigins</b>, a comma separated list of origins that are
* allowed to access the resources. Default value is <b>*</b>, meaning all
* origins</li>
* origins.<br />
* If an allowed origin contains one or more * characters (for example
* http://*.domain.com), then "*" characters are converted to ".*", "."
* characters are escaped to "\." and the resulting allowed origin
* interpreted as a regular expression.<br />
* Allowed origins can therefore be more complex expressions such as
* https?://*.domain.[a-z]{3} that matches http or https, multiple subdomains
* and any 3 letter top-level domain (.com, .net, .org, etc.).</li>
* <li><b>allowedMethods</b>, a comma separated list of HTTP methods that
* are allowed to be used when accessing the resources. Default value is
* <b>GET,POST</b></li>
@ -229,19 +237,34 @@ public class CrossOriginFilter implements Filter
if (origin.trim().length() == 0)
continue;
boolean allowed = false;
for (String allowedOrigin : allowedOrigins)
{
if (allowedOrigin.equals(origin))
if (allowedOrigin.contains("*"))
{
allowed = true;
break;
Matcher matcher = createMatcher(origin,allowedOrigin);
if (matcher.matches())
return true;
}
else if (allowedOrigin.equals(origin))
{
return true;
}
}
if (!allowed)
return false;
}
return true;
return false;
}
private Matcher createMatcher(String origin, String allowedOrigin)
{
String regex = parseAllowedWildcardOriginToRegex(allowedOrigin);
Pattern pattern = Pattern.compile(regex);
return pattern.matcher(origin);
}
private String parseAllowedWildcardOriginToRegex(String allowedOrigin)
{
String regex = allowedOrigin.replace(".","\\.");
return regex.replace("*",".*"); // we want to be greedy here to match multiple subdomains, thus we use .*
}
private boolean isSimpleRequest(HttpServletRequest request)

View File

@ -79,6 +79,52 @@ public class CrossOriginFilterTest
Assert.assertTrue(latch.await(1, TimeUnit.SECONDS));
}
@Test
public void testSimpleRequestWithMatchingWildcardOrigin() throws Exception
{
FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter());
String origin = "http://subdomain.example.com";
filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "http://*.example.com");
tester.getContext().addFilter(filterHolder, "/*", EnumSet.of(DispatcherType.REQUEST));
CountDownLatch latch = new CountDownLatch(1);
tester.getContext().addServlet(new ServletHolder(new ResourceServlet(latch)), "/*");
String request = "" +
"GET / HTTP/1.1\r\n" +
"Host: localhost\r\n" +
"Origin: " + origin + "\r\n" +
"\r\n";
String response = tester.getResponses(request);
Assert.assertTrue(response.contains("HTTP/1.1 200"));
Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER));
Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER));
Assert.assertTrue(latch.await(1, TimeUnit.SECONDS));
}
@Test
public void testSimpleRequestWithMatchingWildcardOriginAndMultipleSubdomains() throws Exception
{
FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter());
String origin = "http://subdomain.subdomain.example.com";
filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "http://*.example.com");
tester.getContext().addFilter(filterHolder, "/*", EnumSet.of(DispatcherType.REQUEST));
CountDownLatch latch = new CountDownLatch(1);
tester.getContext().addServlet(new ServletHolder(new ResourceServlet(latch)), "/*");
String request = "" +
"GET / HTTP/1.1\r\n" +
"Host: localhost\r\n" +
"Origin: " + origin + "\r\n" +
"\r\n";
String response = tester.getResponses(request);
Assert.assertTrue(response.contains("HTTP/1.1 200"));
Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER));
Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER));
Assert.assertTrue(latch.await(1, TimeUnit.SECONDS));
}
@Test
public void testSimpleRequestWithMatchingOrigin() throws Exception
{
@ -330,6 +376,7 @@ public class CrossOriginFilterTest
public static class ResourceServlet extends HttpServlet
{
private static final long serialVersionUID = 1L;
private final CountDownLatch latch;
public ResourceServlet(CountDownLatch latch)

View File

@ -209,9 +209,4 @@ public abstract class AbstractLifeCycle implements LifeCycle
public void lifeCycleStopped(LifeCycle event) {}
public void lifeCycleStopping(LifeCycle event) {}
}
public String toString()
{
return super.toString()+"#"+getState();
}
}

View File

@ -339,7 +339,16 @@ public class AggregateLifeCycle extends AbstractLifeCycle implements Destroyable
/* ------------------------------------------------------------ */
protected void dumpThis(Appendable out) throws IOException
{
out.append(String.valueOf(this)).append("\n");
out.append(String.valueOf(this)).append(" - ").append(getState()).append("\n");
}
/* ------------------------------------------------------------ */
public static void dumpObject(Appendable out,Object o) throws IOException
{
if (o instanceof LifeCycle)
out.append(String.valueOf(o)).append(" - ").append((AbstractLifeCycle.getState((LifeCycle)o))).append("\n");
else
out.append(String.valueOf(o)).append("\n");
}
/* ------------------------------------------------------------ */
@ -359,15 +368,11 @@ public class AggregateLifeCycle extends AbstractLifeCycle implements Destroyable
out.append(indent).append(" +- ");
if (b._bean instanceof Dumpable)
((Dumpable)b._bean).dump(out,indent+(i==size?" ":" | "));
else
out.append(String.valueOf(b._bean)).append("\n");
else
dumpObject(out,b._bean);
}
else
{
out.append(indent).append(" +~ ");
out.append(String.valueOf(b._bean)).append("\n");
}
else
dumpObject(out,b._bean);
}
if (i!=size)
@ -395,16 +400,12 @@ public class AggregateLifeCycle extends AbstractLifeCycle implements Destroyable
if (o instanceof Dumpable)
((Dumpable)o).dump(out,indent+(i==size?" ":" | "));
else
out.append(String.valueOf(o)).append("\n");
else
dumpObject(out,o);
}
if (i!=size)
out.append(indent).append(" |\n");
out.append(indent).append(" |\n");
}
}
}

View File

@ -1524,11 +1524,10 @@ public class SslContextFactory extends AbstractLifeCycle
/* ------------------------------------------------------------ */
public String toString()
{
return String.format("%s@%x(%s,%s)#%s",
return String.format("%s@%x(%s,%s)",
getClass().getSimpleName(),
hashCode(),
_keyStorePath,
_trustStorePath,
getState());
_trustStorePath);
}
}

View File

@ -498,7 +498,7 @@ public class QueuedThreadPool extends AbstractLifeCycle implements SizedThreadPo
}
}
out.append(String.valueOf(this)).append("\n");
AggregateLifeCycle.dumpObject(out,this);
AggregateLifeCycle.dump(out,indent,dump);
}
@ -508,7 +508,7 @@ public class QueuedThreadPool extends AbstractLifeCycle implements SizedThreadPo
@Override
public String toString()
{
return _name+"{"+getMinThreads()+"<="+getIdleThreads()+"<="+getThreads()+"/"+getMaxThreads()+","+(_jobs==null?-1:_jobs.size())+"}#"+getState();
return _name+"{"+getMinThreads()+"<="+getIdleThreads()+"<="+getThreads()+"/"+getMaxThreads()+","+(_jobs==null?-1:_jobs.size())+"}";
}
/* ------------------------------------------------------------ */

View File

@ -354,7 +354,7 @@ public class WebSocketClientFactory extends AggregateLifeCycle
private final HttpParser _parser;
private String _accept;
private String _error;
private boolean _handshaken;
private ByteArrayBuffer _handshake;
public HandshakeConnection(AsyncEndPoint endpoint, WebSocketClient.WebSocketFuture future)
{
@ -404,72 +404,75 @@ public class WebSocketClientFactory extends AggregateLifeCycle
});
}
private void handshake()
private boolean handshake()
{
String path = _future.getURI().getPath();
if (path == null || path.length() == 0)
path = "/";
if (_future.getURI().getRawQuery() != null)
path += "?" + _future.getURI().getRawQuery();
String origin = _future.getOrigin();
StringBuilder request = new StringBuilder(512);
request.append("GET ").append(path).append(" HTTP/1.1\r\n")
.append("Host: ").append(_future.getURI().getHost()).append(":")
.append(_future.getURI().getPort()).append("\r\n")
.append("Upgrade: websocket\r\n")
.append("Connection: Upgrade\r\n")
.append("Sec-WebSocket-Key: ")
.append(_key).append("\r\n");
if (origin != null)
request.append("Origin: ").append(origin).append("\r\n");
request.append("Sec-WebSocket-Version: ").append(WebSocketConnectionRFC6455.VERSION).append("\r\n");
if (_future.getProtocol() != null)
request.append("Sec-WebSocket-Protocol: ").append(_future.getProtocol()).append("\r\n");
Map<String, String> cookies = _future.getCookies();
if (cookies != null && cookies.size() > 0)
if (_handshake==null)
{
for (String cookie : cookies.keySet())
request.append("Cookie: ")
.append(QuotedStringTokenizer.quoteIfNeeded(cookie, HttpFields.__COOKIE_DELIM))
.append("=")
.append(QuotedStringTokenizer.quoteIfNeeded(cookies.get(cookie), HttpFields.__COOKIE_DELIM))
.append("\r\n");
String path = _future.getURI().getPath();
if (path == null || path.length() == 0)
path = "/";
if (_future.getURI().getRawQuery() != null)
path += "?" + _future.getURI().getRawQuery();
String origin = _future.getOrigin();
StringBuilder request = new StringBuilder(512);
request.append("GET ").append(path).append(" HTTP/1.1\r\n")
.append("Host: ").append(_future.getURI().getHost()).append(":")
.append(_future.getURI().getPort()).append("\r\n")
.append("Upgrade: websocket\r\n")
.append("Connection: Upgrade\r\n")
.append("Sec-WebSocket-Key: ")
.append(_key).append("\r\n");
if (origin != null)
request.append("Origin: ").append(origin).append("\r\n");
request.append("Sec-WebSocket-Version: ").append(WebSocketConnectionRFC6455.VERSION).append("\r\n");
if (_future.getProtocol() != null)
request.append("Sec-WebSocket-Protocol: ").append(_future.getProtocol()).append("\r\n");
Map<String, String> cookies = _future.getCookies();
if (cookies != null && cookies.size() > 0)
{
for (String cookie : cookies.keySet())
request.append("Cookie: ")
.append(QuotedStringTokenizer.quoteIfNeeded(cookie, HttpFields.__COOKIE_DELIM))
.append("=")
.append(QuotedStringTokenizer.quoteIfNeeded(cookies.get(cookie), HttpFields.__COOKIE_DELIM))
.append("\r\n");
}
request.append("\r\n");
_handshake=new ByteArrayBuffer(request.toString(), false);
}
request.append("\r\n");
// TODO extensions
try
{
Buffer handshake = new ByteArrayBuffer(request.toString(), false);
int len = handshake.length();
if (len != _endp.flush(handshake))
throw new IOException("incomplete");
int len = _handshake.length();
int flushed = _endp.flush(_handshake);
if (flushed<0)
throw new IOException("incomplete handshake");
}
catch (IOException e)
{
_future.handshakeFailed(e);
}
finally
{
_handshaken = true;
}
return _handshake.length()==0;
}
public Connection handle() throws IOException
{
while (_endp.isOpen() && !_parser.isComplete())
{
if (!_handshaken)
handshake();
if (_handshake==null || _handshake.length()>0)
if (!handshake())
return this;
if (!_parser.parseAvailable())
{

View File

@ -15,6 +15,9 @@
*******************************************************************************/
package org.eclipse.jetty.websocket;
import static org.hamcrest.Matchers.*;
import static org.junit.Assert.*;
import java.io.EOFException;
import java.io.IOException;
import java.io.InputStream;
@ -28,9 +31,9 @@ import java.util.concurrent.atomic.AtomicLong;
import java.util.concurrent.atomic.AtomicReference;
import java.util.zip.Deflater;
import java.util.zip.Inflater;
import javax.servlet.http.HttpServletRequest;
import junit.framework.Assert;
import org.eclipse.jetty.io.Buffer;
import org.eclipse.jetty.io.ByteArrayEndPoint;
import org.eclipse.jetty.server.Connector;
@ -41,13 +44,10 @@ import org.eclipse.jetty.util.StringUtil;
import org.eclipse.jetty.util.TypeUtil;
import org.eclipse.jetty.util.Utf8StringBuilder;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
public class WebSocketMessageRFC6455Test
{
private static Server __server;
@ -606,7 +606,7 @@ public class WebSocketMessageRFC6455Test
Thread.sleep(100);
assertEquals(count*(mesg.length()+2),totalB.get()); // all messages
assertTrue(max>1000); // was blocked
Assert.assertThat("Was blocked (max time)", max, greaterThan(1000L)); // was blocked
}
@Test

View File

@ -111,21 +111,22 @@ public class XmlConfiguration
try
{
URL config60 = Loader.getResource(XmlConfiguration.class,"org/eclipse/jetty/xml/configure_6_0.dtd",true);
URL config71 = Loader.getResource(XmlConfiguration.class,"org/eclipse/jetty/xml/configure_7_1.dtd",true);
__parser.redirectEntity("configure.dtd",config71);
URL config76 = Loader.getResource(XmlConfiguration.class,"org/eclipse/jetty/xml/configure_7_6.dtd",true);
__parser.redirectEntity("configure.dtd",config76);
__parser.redirectEntity("configure_1_0.dtd",config60);
__parser.redirectEntity("configure_1_1.dtd",config60);
__parser.redirectEntity("configure_1_2.dtd",config60);
__parser.redirectEntity("configure_1_3.dtd",config60);
__parser.redirectEntity("configure_6_0.dtd",config60);
__parser.redirectEntity("configure_7_1.dtd",config71);
__parser.redirectEntity("configure_7_6.dtd",config76);
__parser.redirectEntity("http://jetty.mortbay.org/configure.dtd",config71);
__parser.redirectEntity("http://jetty.eclipse.org/configure.dtd",config71);
__parser.redirectEntity("http://www.eclipse.org/jetty/configure.dtd",config71);
__parser.redirectEntity("http://jetty.mortbay.org/configure.dtd",config76);
__parser.redirectEntity("http://jetty.eclipse.org/configure.dtd",config76);
__parser.redirectEntity("http://www.eclipse.org/jetty/configure.dtd",config76);
__parser.redirectEntity("-//Mort Bay Consulting//DTD Configure//EN",config71);
__parser.redirectEntity("-//Jetty//Configure//EN",config71);
__parser.redirectEntity("-//Mort Bay Consulting//DTD Configure//EN",config76);
__parser.redirectEntity("-//Jetty//Configure//EN",config76);
}
catch (ClassNotFoundException e)
{

View File

@ -25,6 +25,14 @@ import org.junit.Test;
public class XmlConfigurationTest
{
protected String _configure="org/eclipse/jetty/xml/configure.xml";
@Test
public void testMortBay() throws Exception
{
URL url = XmlConfigurationTest.class.getClassLoader().getResource("org/eclipse/jetty/xml/mortbay.xml");
XmlConfiguration configuration = new XmlConfiguration(url);
Object o=configuration.configure();
}
@Test
public void testPassedObject() throws Exception

View File

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure 1.2//EN" "http://www.eclipse.org/jetty/configure_1_2.dtd">
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<Configure class="org.eclipse.jetty.xml.TestConfiguration">

View File

@ -0,0 +1,4 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd">
<Configure class="java.lang.Object">
</Configure>

View File

@ -11,7 +11,6 @@
<url>${jetty.url}</url>
<packaging>pom</packaging>
<properties>
<javax-activation-version>1.1</javax-activation-version>
<javax-mail-version>1.4.1</javax-mail-version>
<javax-transaction-version>1.1.1</javax-transaction-version>
<jetty.url>http://www.eclipse.org/jetty</jetty.url>
@ -406,11 +405,6 @@
<artifactId>mail</artifactId>
<version>${javax-mail-version}</version>
</dependency>
<dependency>
<groupId>javax.activation</groupId>
<artifactId>activation</artifactId>
<version>${javax-activation-version}</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>

View File

@ -16,8 +16,8 @@
package org.eclipse.jetty.test.rfcs;
import static org.junit.Assert.assertThat;
import static org.junit.matchers.JUnitMatchers.containsString;
import static org.junit.Assert.*;
import static org.junit.matchers.JUnitMatchers.*;
import java.io.File;
import java.io.IOException;
@ -42,6 +42,7 @@ import org.eclipse.jetty.toolchain.test.StringAssert;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;
/**
@ -955,6 +956,7 @@ public abstract class RFC2616BaseTest
* @see <a href="http://tools.ietf.org/html/rfc2616#section-9.8">RFC 2616 (section 9.8)</a>
*/
@Test
@Ignore("Introduction of fix for realm-less security constraints has rendered this test invalid due to default configuration preventing use of TRACE in webdefault.xml")
public void test9_8() throws Exception
{

View File

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd">
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
<Set name="contextPath">/rfc2616-webapp</Set>
<Set name="war">