Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/jetty-12.0.x' into jetty-12.0.x-SymlinkAllowedResourceAliasChecker-fix

This commit is contained in:
Lachlan Roberts 2023-03-21 15:04:31 +11:00
parent a32d0fa125 33c8d9974b
commit 551fe7f1c4
25 changed files with 869 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -49,3 +49,6 @@ bin/
# test generated content
*/src/test/*/WEB-INF/lib/test*.jar
.flattened-pom.xml
# reports
reports/

2
Jenkinsfile-autobahn
View File

@ -17,7 +17,6 @@ pipeline {
node { label 'linux' }
}
steps {
container( 'jetty-build' ) {
timeout( time: 120, unit: 'MINUTES' ) {
mavenBuild( "jdk11", "-T3 clean install -Djacoco.skip=true -Pautobahn", "maven3", true ) //
junit testResults: '**/target/surefire-reports/*.xml,**/target/invoker-reports/TEST*.xml,**/target/autobahntestsuite-reports/*.xml'
@ -25,7 +24,6 @@ pipeline {
}
}
}
}
post {
failure {
slackNotif()

46
Jenkinsfile-dependency-report Normal file
View File

@ -0,0 +1,46 @@
#!groovy
pipeline {
agent any
triggers {
pollSCM('@weekly')
}
options {
skipDefaultCheckout()
buildDiscarder logRotator( numToKeepStr: '50' )
// save some io during the build
durabilityHint( 'PERFORMANCE_OPTIMIZED' )
}
parameters {
string( defaultValue: 'jetty-12.0.x', description: 'Jetty branch to build',
name: 'JETTY_BRANCH' )
}
stages {
stage( "Build / Dependency Report" ) {
agent {
node { label 'linux' }
}
steps {
timeout( time: 120, unit: 'MINUTES' ) {
withEnv(["JAVA_HOME=${ tool "jdk17" }",
"PATH+MAVEN=${ tool "jdk17" }/bin:${tool "maven3"}/bin",
"MAVEN_OPTS=-Xms2g -Xmx4g -Djava.awt.headless=true"]) {
checkout([$class: 'GitSCM',
branches: [[name: "$JETTY_BRANCH"]],
extensions: [[$class: 'CloneOption', depth: 1, noTags: true, shallow: true, reference: "/home/jenkins/jetty.project.git"]],
userRemoteConfigs: [[url: 'https://github.com/eclipse/jetty.project.git']]])
sh "mvn install -ntp -DskipTests -T5"
sh "bash ./build/scripts/dependency-update-reports.sh"
publishHTML([allowMissing: false, alwaysLinkToLastBuild: true, keepAll: true, reportDir: "reports/dependency-update-reports/", reportFiles: 'dependency-updates-report-*.html', reportName: 'Dependencies Report', reportTitles: ''])
}
}
}
}
}
}
// vim: et:ts=2:sw=2:ft=groovy

42
build/scripts/dependency-update-reports.sh Executable file
View File

@ -0,0 +1,42 @@
#!/usr/bin/env bash
echo "# This script is meant to be run from the root of the project"
echo "[jetty.project-12.0.0x]$ build/scripts/dependency-updates-report.sh"
PWD=$(pwd)
REPORT_OUTPUT_DIR=$PWD/reports/dependency-update-reports/
if [ -d $REPORT_OUTPUT_DIR ] ; then
rm -rf $REPORT_OUTPUT_DIR/*
fi
mkdir -p $REPORT_OUTPUT_DIR
echo "HTML Reports can be found in $REPORT_OUTPUT_DIR"
mvn -N -B -Pdependency-updates-reports validate
cp -Rv target/site/* $REPORT_OUTPUT_DIR
mv $REPORT_OUTPUT_DIR/dependency-updates-aggregate-report.html $REPORT_OUTPUT_DIR/dependency-updates-report-root.html
pushd jetty-core
mvn -B -Pdependency-updates-reports validate
cp target/site/dependency-updates-aggregate-report.html $REPORT_OUTPUT_DIR/dependency-updates-report-core.html
popd
pushd jetty-ee10
mvn -B -Pdependency-updates-reports validate
cp target/site/dependency-updates-aggregate-report.html $REPORT_OUTPUT_DIR/dependency-updates-report-ee10.html
popd
pushd jetty-ee9
mvn -B -Pdependency-updates-reports validate
cp target/site/dependency-updates-aggregate-report.html $REPORT_OUTPUT_DIR/dependency-updates-report-ee9.html
popd
pushd jetty-ee8
mvn -B -Pdependency-updates-reports validate
cp target/site/dependency-updates-aggregate-report.html $REPORT_OUTPUT_DIR/dependency-updates-report-ee8.html
popd
echo "HTML Reports can be found in $REPORT_OUTPUT_DIR"

21
documentation/jetty-documentation/src/main/asciidoc/programming-guide/client/http/client-http-configuration.adoc
View File

@ -30,7 +30,7 @@ The most common parameters are:
`HttpClient` supports HTTPS requests out-of-the-box like a browser does.
The support for HTTPS request is provided by a `SslContextFactory.Client`, typically configured in the `ClientConnector`.
The support for HTTPS request is provided by a `SslContextFactory.Client` instance, typically configured in the `ClientConnector`.
If not explicitly configured, the `ClientConnector` will allocate a default one when started.
[source,java,indent=0]
@ -38,29 +38,34 @@ If not explicitly configured, the `ClientConnector` will allocate a default one
include::../../{doc_code}/org/eclipse/jetty/docs/programming/client/http/HTTPClientDocs.java[tags=tlsExplicit]
----
The default `SslContextFactory.Client` verifies the certificate sent by the server by verifying the certificate chain.
This means that requests to public websites that have a valid certificate (such as ``https://google.com``) will work out-of-the-box.
The default `SslContextFactory.Client` verifies the certificate sent by the server by verifying the validity of the certificate with respect to the certificate chain, the expiration date, the server host name, etc.
This means that requests to public websites that have a valid certificate (such as `+https://google.com+`) will work out-of-the-box, without the need to specify a KeyStore or a TrustStore.
However, requests made to sites (typically ``localhost``) that have an invalid (for example, expired or with a wrong host) or self-signed certificate will fail (like they will in a browser).
However, requests made to sites that return an invalid or a self-signed certificate will fail (like they will in a browser).
An invalid certificate may be expired or have the wrong server host name; a self-signed certificate has a certificate chain that cannot be verified.
Certificate validation is performed at two levels: at the TLS implementation level (in the JDK) and, optionally, at the application level.
The validation of the server host name present in the certificate is important, to guarantee that the client is connected indeed with the intended server.
By default, certificate validation at the TLS level is enabled, while certificate validation at the application level is disabled.
The validation of the server host name is performed at two levels: at the TLS level (in the JDK) and, optionally, at the application level.
You can configure the `SslContextFactory.Client` to skip certificate validation at the TLS level:
By default, the validation of the server host name at the TLS level is enabled, while it is disabled at the application level.
You can configure the `SslContextFactory.Client` to skip the validation of the server host name at the TLS level:
[source,java,indent=0]
----
include::../../{doc_code}/org/eclipse/jetty/docs/programming/client/http/HTTPClientDocs.java[tags=tlsNoValidation]
----
You can enable certificate validation at the application level:
When you disable the validation of the server host name at the TLS level, you are strongly recommended to enable it at the application level, otherwise you may risk to connect to a server different from the one you intend to connect to:
[source,java,indent=0]
----
include::../../{doc_code}/org/eclipse/jetty/docs/programming/client/http/HTTPClientDocs.java[tags=tlsAppValidation]
----
You may have the validation of the server host name enabled at both the TLS level and application level, typically when you want to further restrict the client to connect only to a smaller set of server hosts than those allowed in the certificate sent by the server.
Please refer to the `SslContextFactory.Client` link:{javadoc-url}/org/eclipse/jetty/util/ssl/SslContextFactory.Client.html[javadocs] for the complete list of configurable parameters.
[[pg-client-http-configuration-tls-truststore]]

4
documentation/jetty-documentation/src/main/java/org/eclipse/jetty/docs/programming/client/http/HTTPClientDocs.java
View File

@ -127,7 +127,7 @@ public class HTTPClientDocs
{
// tag::tlsNoValidation[]
SslContextFactory.Client sslContextFactory = new SslContextFactory.Client();
// Disable certificate validation at the TLS level.
// Disable the validation of the server host name at the TLS level.
sslContextFactory.setEndpointIdentificationAlgorithm(null);
// end::tlsNoValidation[]
}
@ -136,7 +136,7 @@ public class HTTPClientDocs
{
// tag::tlsAppValidation[]
SslContextFactory.Client sslContextFactory = new SslContextFactory.Client();
// Only allow subdomains of domain.com.
// Only allow to connect to subdomains of domain.com.
sslContextFactory.setHostnameVerifier((hostName, session) -> hostName.endsWith(".domain.com"));
// end::tlsAppValidation[]
}

17
jetty-core/jetty-client/src/main/java/org/eclipse/jetty/client/transport/internal/HttpChannelOverHTTP.java
View File

@ -22,7 +22,6 @@ import org.eclipse.jetty.client.transport.HttpExchange;
import org.eclipse.jetty.http.HttpFields;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.HttpHeaderValue;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.http.MetaData;
@ -98,14 +97,16 @@ public class HttpChannelOverHTTP extends HttpChannel
String method = exchange.getRequest().getMethod();
Response response = result.getResponse();
int status = response.getStatus();
HttpFields responseHeaders = response.getHeaders();
boolean isTunnel = isTunnel(method, status);
String closeReason = null;
if (result.isFailed())
closeReason = "failure";
else if (receiver.isShutdown())
closeReason = "server close";
else if (sender.isShutdown() && response.getStatus() != HttpStatus.SWITCHING_PROTOCOLS_101)
else if (sender.isShutdown() && status != HttpStatus.SWITCHING_PROTOCOLS_101)
closeReason = "client close";
if (closeReason == null)
@ -113,16 +114,15 @@ public class HttpChannelOverHTTP extends HttpChannel
if (response.getVersion().compareTo(HttpVersion.HTTP_1_1) < 0)
{
// HTTP 1.0 must close the connection unless it has
// an explicit keep alive or it's a CONNECT method.
// an explicit keep alive or it is a CONNECT tunnel.
boolean keepAlive = responseHeaders.contains(HttpHeader.CONNECTION, HttpHeaderValue.KEEP_ALIVE.asString());
boolean connect = HttpMethod.CONNECT.is(method);
if (!keepAlive && !connect)
if (!keepAlive && !isTunnel)
closeReason = "http/1.0";
}
else
{
// HTTP 1.1 closes only if it has an explicit close.
if (responseHeaders.contains(HttpHeader.CONNECTION, HttpHeaderValue.CLOSE.asString()))
// HTTP 1.1 closes only if it has an explicit close, unless it is a CONNECT tunnel.
if (responseHeaders.contains(HttpHeader.CONNECTION, HttpHeaderValue.CLOSE.asString()) && !isTunnel)
closeReason = "http/1.1";
}
}
@ -138,8 +138,7 @@ public class HttpChannelOverHTTP extends HttpChannel
}
else
{
int status = response.getStatus();
if (status == HttpStatus.SWITCHING_PROTOCOLS_101 || isTunnel(method, status))
if (status == HttpStatus.SWITCHING_PROTOCOLS_101 || isTunnel)
connection.remove();
else
release();

39
jetty-core/jetty-http/src/main/java/org/eclipse/jetty/http/pathmap/PathMappings.java
View File

@ -44,7 +44,8 @@ import org.slf4j.LoggerFactory;
public class PathMappings<E> extends AbstractMap<PathSpec, E> implements Iterable<MappedResource<E>>, Dumpable
{
private static final Logger LOG = LoggerFactory.getLogger(PathMappings.class);
// In prefix matches, this is the length ("/*".length() + 1) - used for the best prefix match loop
private static final int PREFIX_TAIL_LEN = 3;
private final Set<MappedResource<E>> _mappings = new TreeSet<>(Map.Entry.comparingByKey());
/**
@ -220,11 +221,14 @@ public class PathMappings<E> extends AbstractMap<PathSpec, E> implements Iterabl
// Try a prefix match
MappedResource<E> prefix = _prefixMap.getBest(path);
if (prefix != null)
while (prefix != null)
{
MatchedPath matchedPath = prefix.getPathSpec().matched(path);
PathSpec pathSpec = prefix.getPathSpec();
MatchedPath matchedPath = pathSpec.matched(path);
if (matchedPath != null)
return new MatchedResource<>(prefix.getResource(), prefix.getPathSpec(), matchedPath);
return new MatchedResource<>(prefix.getResource(), pathSpec, matchedPath);
int specLength = pathSpec.getSpecLength();
prefix = specLength > PREFIX_TAIL_LEN ? _prefixMap.getBest(path, 0, specLength - PREFIX_TAIL_LEN) : null;
}
// Try a suffix match
@ -238,13 +242,13 @@ public class PathMappings<E> extends AbstractMap<PathSpec, E> implements Iterabl
// Loop 3: "foo"
while ((i = path.indexOf('.', i + 1)) > 0)
{
prefix = _suffixMap.get(path, i + 1, path.length() - i - 1);
if (prefix == null)
MappedResource<E> suffix = _suffixMap.get(path, i + 1, path.length() - i - 1);
if (suffix == null)
continue;
MatchedPath matchedPath = prefix.getPathSpec().matched(path);
MatchedPath matchedPath = suffix.getPathSpec().matched(path);
if (matchedPath != null)
return new MatchedResource<>(prefix.getResource(), prefix.getPathSpec(), matchedPath);
return new MatchedResource<>(suffix.getResource(), suffix.getPathSpec(), matchedPath);
}
}
@ -301,12 +305,15 @@ public class PathMappings<E> extends AbstractMap<PathSpec, E> implements Iterabl
{
if (_optimizedPrefix)
{
MappedResource<E> candidate = _prefixMap.getBest(path);
if (candidate != null)
MappedResource<E> prefix = _prefixMap.getBest(path);
while (prefix != null)
{
matchedPath = candidate.getPathSpec().matched(path);
PathSpec pathSpec = prefix.getPathSpec();
matchedPath = pathSpec.matched(path);
if (matchedPath != null)
return new MatchedResource<>(candidate.getResource(), candidate.getPathSpec(), matchedPath);
return new MatchedResource<>(prefix.getResource(), pathSpec, matchedPath);
int specLength = pathSpec.getSpecLength();
prefix = specLength > PREFIX_TAIL_LEN ? _prefixMap.getBest(path, 0, specLength - PREFIX_TAIL_LEN) : null;
}
// If we reached here, there's NO optimized PREFIX Match possible, skip simple match below
@ -327,13 +334,13 @@ public class PathMappings<E> extends AbstractMap<PathSpec, E> implements Iterabl
// Loop 3: "foo"
while ((i = path.indexOf('.', i + 1)) > 0)
{
MappedResource<E> candidate = _suffixMap.get(path, i + 1, path.length() - i - 1);
if (candidate == null)
MappedResource<E> suffix = _suffixMap.get(path, i + 1, path.length() - i - 1);
if (suffix == null)
continue;
matchedPath = candidate.getPathSpec().matched(path);
matchedPath = suffix.getPathSpec().matched(path);
if (matchedPath != null)
return new MatchedResource<>(candidate.getResource(), candidate.getPathSpec(), matchedPath);
return new MatchedResource<>(suffix.getResource(), suffix.getPathSpec(), matchedPath);
}
// If we reached here, there's NO optimized SUFFIX Match possible, skip simple match below
skipRestOfGroup = true;

49
jetty-core/jetty-http/src/test/java/org/eclipse/jetty/http/pathmap/PathMappingsTest.java
View File

@ -94,6 +94,55 @@ public class PathMappingsTest
assertMatch(p, "/", "any");
}
/**
* Test the match order rules imposed by the Servlet API (any vs specific sub-dir)
*/
@Test
public void testServletMatchPrefix()
{
PathMappings<String> p = new PathMappings<>();
p.put(new ServletPathSpec("/*"), "any");
p.put(new ServletPathSpec("/foo/*"), "foo");
p.put(new ServletPathSpec("/food/*"), "food");
p.put(new ServletPathSpec("/a/*"), "a");
p.put(new ServletPathSpec("/a/b/*"), "ab");
assertMatch(p, "/abs/path", "any");
assertMatch(p, "/abs/foo/bar", "any");
assertMatch(p, "/foo/bar", "foo");
assertMatch(p, "/", "any");
assertMatch(p, "/foo", "foo");
assertMatch(p, "/fo", "any");
assertMatch(p, "/foobar", "any");
assertMatch(p, "/foob", "any");
assertMatch(p, "/food", "food");
assertMatch(p, "/food/zed", "food");
assertMatch(p, "/foodie", "any");
assertMatch(p, "/a/bc", "a");
assertMatch(p, "/a/b/c", "ab");
assertMatch(p, "/a/", "a");
assertMatch(p, "/a", "a");
// Try now with order important
p.put(new RegexPathSpec("/other.*/"), "other");
assertMatch(p, "/abs/path", "any");
assertMatch(p, "/abs/foo/bar", "any");
assertMatch(p, "/foo/bar", "foo");
assertMatch(p, "/", "any");
assertMatch(p, "/foo", "foo");
assertMatch(p, "/fo", "any");
assertMatch(p, "/foobar", "any");
assertMatch(p, "/foob", "any");
assertMatch(p, "/food", "food");
assertMatch(p, "/food/zed", "food");
assertMatch(p, "/foodie", "any");
assertMatch(p, "/a/bc", "a");
assertMatch(p, "/a/b/c", "ab");
assertMatch(p, "/a/", "a");
assertMatch(p, "/a", "a");
}
/**
* Test the match order rules with a mixed Servlet and URI Template path specs
*

3
jetty-core/jetty-tests/jetty-test-client-transports/src/test/java/org/eclipse/jetty/test/client/transport/HttpClientStreamTest.java
View File

@ -528,7 +528,8 @@ public class HttpClientStreamTest extends AbstractTest
latch.countDown();
assertThrows(AsynchronousCloseException.class, input::read);
IOException ioException = assertThrows(IOException.class, input::read);
assertTrue(ioException instanceof AsynchronousCloseException || ioException.getCause() instanceof AsynchronousCloseException);
}
@ParameterizedTest

68
jetty-core/pom.xml
View File

@ -55,4 +55,72 @@
</dependencies>
</dependencyManagement>
<profiles>
<profile>
<!--
$ mvn -Pdependency-updates-reports validate
# once done, check the jetty-core/target/site/dependency-updates-aggregate-report.html
-->
<id>dependency-updates-reports</id>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>versions-maven-plugin</artifactId>
<executions>
<execution>
<id>core-report</id>
<phase>validate</phase>
<goals>
<goal>dependency-updates-aggregate-report</goal>
</goals>
<configuration>
<formats>
<format>html</format>
</formats>
<onlyProjectDependencies>true</onlyProjectDependencies>
<onlyUpgradable>true</onlyUpgradable>
<ruleSet>
<rules>
<rule>
<!-- ignore maven alpha/beta releases -->
<groupId>org.apache.maven</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+-(alpha|beta).?[0-9]+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore jetty core level version changes -->
<groupId>org.eclipse.jetty</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore jetty nested level version changes -->
<groupId>org.eclipse.jetty.*</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
</rules>
</ruleSet>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>

12
jetty-ee10/jetty-ee10-annotations/src/main/java/org/eclipse/jetty/ee10/annotations/AnnotationParser.java
View File

@ -19,6 +19,7 @@ import java.net.URI;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.Arrays;
import java.util.Collections;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
@ -655,7 +656,7 @@ public class AnnotationParser
ClassReader reader = new ClassReader(in);
reader.accept(new MyClassVisitor(handlers, containingResource, _asmVersion), ClassReader.SKIP_CODE | ClassReader.SKIP_DEBUG | ClassReader.SKIP_FRAMES);
String classname = reader.getClassName();
String classname = normalize(reader.getClassName());
URI existing = _parsedClassNames.putIfAbsent(classname, location);
if (existing != null)
LOG.warn("{} scanned from multiple locations: {}, {}", classname, existing, location);
@ -665,4 +666,13 @@ public class AnnotationParser
throw new IOException("Unable to parse class: " + classFile.toUri(), e);
}
}
/**
* Useful mostly for testing to expose the list of parsed classes.
* @return the map of classnames to their URIs
*/
Map<String, URI> getParsedClassNames()
{
return Collections.unmodifiableMap(_parsedClassNames);
}
}

24
jetty-ee10/jetty-ee10-annotations/src/test/java/org/eclipse/jetty/ee10/annotations/TestAnnotationParser.java
View File

@ -15,6 +15,7 @@ package org.eclipse.jetty.ee10.annotations;
import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.file.Files;
@ -41,6 +42,8 @@ import org.junit.jupiter.api.extension.ExtendWith;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.contains;
import static org.hamcrest.Matchers.containsInAnyOrder;
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.in;
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.notNullValue;
@ -217,12 +220,17 @@ public class TestAnnotationParser
{
Path badClassesJar = MavenTestingUtils.getTestResourcePathFile("jdk9/log4j-api-2.9.0.jar");
AnnotationParser parser = new AnnotationParser();
Set<AnnotationParser.Handler> emptySet = Collections.emptySet();
try (ResourceFactory.Closeable resourceFactory = ResourceFactory.closeable())
{
parser.parse(emptySet, resourceFactory.newResource(badClassesJar));
// Should throw no exceptions and work with the META-INF/versions without incident
parser.parse(Collections.emptySet(), resourceFactory.newResource(badClassesJar));
//check for a class that is only in versions 9
Map<String, URI> parsed = parser.getParsedClassNames();
URI processIdUtilURI = parsed.get("org.apache.logging.log4j.util.ProcessIdUtil");
assertNotNull(processIdUtilURI);
if (Runtime.version().feature() > 17)
assertThat(processIdUtilURI.toString(), containsString("META-INF/versions/9"));
}
}
@ -231,13 +239,17 @@ public class TestAnnotationParser
{
Path jdk10Jar = MavenTestingUtils.getTestResourcePathFile("jdk10/multirelease-10.jar");
AnnotationParser parser = new AnnotationParser();
DuplicateClassScanHandler handler = new DuplicateClassScanHandler();
Set<AnnotationParser.Handler> handlers = Collections.singleton(handler);
try (ResourceFactory.Closeable resourceFactory = ResourceFactory.closeable())
{
parser.parse(handlers, resourceFactory.newResource(jdk10Jar));
// Should throw no exceptions
parser.parse(Collections.emptySet(), resourceFactory.newResource(jdk10Jar));
Map<String, URI> parsed = parser.getParsedClassNames();
assertEquals(3, parsed.size());
assertThat(parsed.keySet(), containsInAnyOrder("hello.DetailedVer", "hello.Greetings", "hello.Hello"));
if (Runtime.version().feature() > 17)
assertThat(parsed.get("hello.Greetings").toString(), containsString("META-INF/versions/10"));
}
}

57
jetty-ee10/jetty-ee10-proxy/src/test/java/org/eclipse/jetty/ee10/proxy/ConnectHandlerSSLTest.java
View File

@ -19,19 +19,31 @@ import java.io.OutputStream;
import java.net.Socket;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.nio.file.Path;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import jakarta.servlet.ServletException;
import org.eclipse.jetty.client.ContentResponse;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.client.HttpClientTransport;
import org.eclipse.jetty.client.HttpProxy;
import org.eclipse.jetty.client.StringRequestContent;
import org.eclipse.jetty.client.transport.HttpClientTransportOverHTTP;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.HttpHeaderValue;
import org.eclipse.jetty.http.HttpScheme;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.http.HttpTester;
import org.eclipse.jetty.io.ClientConnector;
import org.eclipse.jetty.io.Content;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.handler.ConnectHandler;
import org.eclipse.jetty.toolchain.test.MavenTestingUtils;
import org.eclipse.jetty.util.Callback;
import org.eclipse.jetty.util.ssl.SslContextFactory;
@ -39,6 +51,7 @@ import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotNull;
public class ConnectHandlerSSLTest extends AbstractConnectHandlerTest
{
@ -48,11 +61,11 @@ public class ConnectHandlerSSLTest extends AbstractConnectHandlerTest
public void prepare() throws Exception
{
sslContextFactory = new SslContextFactory.Server();
String keyStorePath = MavenTestingUtils.getTestResourceFile("server_keystore.p12").getAbsolutePath();
sslContextFactory.setKeyStorePath(keyStorePath);
Path keyStorePath = MavenTestingUtils.getTestResourcePath("server_keystore.p12").toAbsolutePath();
sslContextFactory.setKeyStorePath(keyStorePath.toString());
sslContextFactory.setKeyStorePassword("storepwd");
server = new Server();
serverConnector = new ServerConnector(server, sslContextFactory);
serverConnector = new ServerConnector(server, 1, 1, sslContextFactory);
server.addConnector(serverConnector);
server.setHandler(new ServerHandler());
server.start();
@ -76,6 +89,7 @@ public class ConnectHandlerSSLTest extends AbstractConnectHandlerTest
// Expect 200 OK from the CONNECT request
HttpTester.Response response = HttpTester.parseResponse(HttpTester.from(socket.getInputStream()));
assertNotNull(response);
assertEquals(HttpStatus.OK_200, response.getStatus());
// Upgrade the socket to SSL
@ -91,6 +105,7 @@ public class ConnectHandlerSSLTest extends AbstractConnectHandlerTest
output.flush();
response = HttpTester.parseResponse(HttpTester.from(sslSocket.getInputStream()));
assertNotNull(response);
assertEquals(HttpStatus.OK_200, response.getStatus());
assertEquals("GET /echo", response.getContent());
}
@ -114,6 +129,7 @@ public class ConnectHandlerSSLTest extends AbstractConnectHandlerTest
// Expect 200 OK from the CONNECT request
HttpTester.Response response = HttpTester.parseResponse(HttpTester.from(socket.getInputStream()));
assertNotNull(response);
assertEquals(HttpStatus.OK_200, response.getStatus());
// Upgrade the socket to SSL
@ -133,6 +149,7 @@ public class ConnectHandlerSSLTest extends AbstractConnectHandlerTest
output.flush();
response = HttpTester.parseResponse(HttpTester.from(sslSocket.getInputStream()));
assertNotNull(response);
assertEquals(HttpStatus.OK_200, response.getStatus());
assertEquals("POST /echo?param=" + i + "\r\nHELLO", response.getContent());
}
@ -140,6 +157,40 @@ public class ConnectHandlerSSLTest extends AbstractConnectHandlerTest
}
}
@Test
public void testCONNECTWithConnectionClose() throws Exception
{
disposeProxy();
connectHandler = new ConnectHandler()
{
@Override
protected void onConnectSuccess(ConnectContext connectContext, UpstreamConnection upstreamConnection)
{
// Add Connection: close to the 200 response.
connectContext.getResponse().getHeaders().put(HttpHeader.CONNECTION, HttpHeaderValue.CLOSE);
super.onConnectSuccess(connectContext, upstreamConnection);
}
};
proxy.setHandler(connectHandler);
proxy.start();
ClientConnector connector = new ClientConnector();
connector.setSslContextFactory(new SslContextFactory.Client(true));
HttpClientTransport transport = new HttpClientTransportOverHTTP(connector);
HttpClient httpClient = new HttpClient(transport);
httpClient.getProxyConfiguration().addProxy(new HttpProxy("localhost", proxyConnector.getLocalPort()));
httpClient.start();
ContentResponse response = httpClient.newRequest("localhost", serverConnector.getLocalPort())
.scheme(HttpScheme.HTTPS.asString())
.path("/echo")
.body(new StringRequestContent("hello"))
.send();
assertEquals(HttpStatus.OK_200, response.getStatus());
assertEquals("GET /echo\r\nhello", response.getContentAsString());
}
private SSLSocket wrapSocket(Socket socket) throws Exception
{
SSLContext sslContext = sslContextFactory.getSslContext();

48
jetty-ee10/pom.xml
View File

@ -24,7 +24,7 @@
<jakarta.mail.api.version>2.1.1</jakarta.mail.api.version>
<jakarta.transaction-api.version>2.0.1</jakarta.transaction-api.version>
<jakarta.servlet.api.version>6.0.0</jakarta.servlet.api.version>
<jakarta.servlet.jsp.api.version>3.1.0</jakarta.servlet.jsp.api.version>
<jakarta.servlet.jsp.api.version>3.1.1</jakarta.servlet.jsp.api.version>
<jakarta.servlet.jsp.jstl.api.version>3.0.0</jakarta.servlet.jsp.jstl.api.version>
<jakarta.servlet.jsp.jstl.impl.version>3.0.1</jakarta.servlet.jsp.jstl.impl.version>
<jakarta.ws.rs.api.version>3.1.0</jakarta.ws.rs.api.version>
@ -414,6 +414,52 @@
<formats>
<format>html</format>
</formats>
<onlyProjectDependencies>true</onlyProjectDependencies>
<onlyUpgradable>true</onlyUpgradable>
<ruleSet>
<rules>
<rule>
<!-- ignore maven alpha/beta releases -->
<groupId>org.apache.maven</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+-(alpha|beta).?[0-9]+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore jetty core/root deps -->
<groupId>org.eclipse.jetty</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore all jetty nested deps -->
<groupId>org.eclipse.jetty.*</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore unstable mina releases -->
<groupId>org.apache.mina</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+-M[0-9]+$</version>
</ignoreVersion>
</ignoreVersions>
</rule>
</rules>
</ruleSet>
</configuration>
</execution>
</executions>

15
jetty-ee8/jetty-ee8-jaas/pom.xml
View File

@ -14,7 +14,8 @@
<ee9.module>jetty-ee9-jaas</ee9.module>
<bundle-symbolic-name>${project.groupId}.jaas</bundle-symbolic-name>
<apacheds.version>2.0.0.AM26</apacheds.version>
<apache.directory.api.version>2.1.0</apache.directory.api.version>
<apache.directory.api.version>2.1.2</apache.directory.api.version>
<apache.mina.version>2.2.1</apache.mina.version>
<spotbugs.onlyAnalyze>org.eclipse.jetty.jaas.*</spotbugs.onlyAnalyze>
</properties>
@ -57,6 +58,12 @@
<artifactId>jetty-test-helper</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.mina</groupId>
<artifactId>mina-core</artifactId>
<version>${apache.mina.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-test-framework</artifactId>
@ -125,6 +132,12 @@
<groupId>org.apache.directory.api</groupId>
<artifactId>api-ldap-model</artifactId>
<version>${apache.directory.api.version}</version>
<exclusions>
<exclusion>
<groupId>org.apache.mina</groupId>
<artifactId>mina-core</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.directory.api</groupId>

147
jetty-ee8/pom.xml
View File

@ -383,4 +383,151 @@
</dependency>
</dependencies>
</dependencyManagement>
<profiles>
<profile>
<!--
$ mvn -Pdependency-updates-reports validate
# once done, check the jetty-ee8/target/site/dependency-updates-aggregate-report.html
-->
<id>dependency-updates-reports</id>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>versions-maven-plugin</artifactId>
<executions>
<execution>
<id>ee8-report</id>
<phase>validate</phase>
<goals>
<goal>dependency-updates-aggregate-report</goal>
</goals>
<configuration>
<formats>
<format>html</format>
</formats>
<onlyProjectDependencies>true</onlyProjectDependencies>
<onlyUpgradable>true</onlyUpgradable>
<ruleSet>
<rules>
<rule>
<!-- ignore maven alpha/beta releases -->
<groupId>org.apache.maven</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+-(alpha|beta).?[0-9]+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore jetty core/root deps -->
<groupId>org.eclipse.jetty</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore all jetty nested deps -->
<groupId>org.eclipse.jetty.*</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee8, we need to stay on 1.x of annotation spec
ee9 starts with version 2.0.x -->
<groupId>jakarta.annotation</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!1.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee8, we need to stay on 2.x of jsp spec
ee9 starts with version 3.x -->
<groupId>jakarta.servlet.jsp</groupId>
<artifactId>jakarta.servlet.jsp-api</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!2.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee8, we need to stay on 1.x of jsp-jstl spec
ee9 starts with version 2.x -->
<groupId>jakarta.servlet.jsp.jstl</groupId>
<artifactId>jakarta.servlet.jsp.jstl-api</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!1.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee8, we need to stay on 1.x of transaction spec
ee9 starts with version 2.x -->
<groupId>jakarta.transaction</groupId>
<artifactId>jakarta.transaction-api</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!1.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee8, we need to stay on 2.1.x of apache directory api+impl (LDAP) -->
<groupId>org.apache.directory.api</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!2.1.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee8, we need to stay on 9.0.x of mortbay apache-jsp impl
ee10 starts with version 10.0.x -->
<groupId>org.mortbay.jasper</groupId>
<artifactId>apache-jsp</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!9.0.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore unstable mina releases -->
<groupId>org.apache.mina</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+-M[0-9]+$</version>
</ignoreVersion>
</ignoreVersions>
</rule>
</rules>
</ruleSet>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>

12
jetty-ee9/jetty-ee9-annotations/src/main/java/org/eclipse/jetty/ee9/annotations/AnnotationParser.java
View File

@ -19,6 +19,7 @@ import java.net.URI;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.Arrays;
import java.util.Collections;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
@ -652,7 +653,7 @@ public class AnnotationParser
ClassReader reader = new ClassReader(in);
reader.accept(new MyClassVisitor(handlers, containingResource, _asmVersion), ClassReader.SKIP_CODE | ClassReader.SKIP_DEBUG | ClassReader.SKIP_FRAMES);
String classname = reader.getClassName();
String classname = normalize(reader.getClassName());
URI existing = _parsedClassNames.putIfAbsent(classname, location);
if (existing != null)
LOG.warn("{} scanned from multiple locations: {}, {}", classname, existing, location);
@ -662,4 +663,13 @@ public class AnnotationParser
throw new IOException("Unable to parse class: " + classFile.toUri(), e);
}
}
/**
* Useful mostly for testing to expose the list of parsed classes.
* @return the map of classnames to their URIs
*/
Map<String, URI> getParsedClassNames()
{
return Collections.unmodifiableMap(_parsedClassNames);
}
}

26
jetty-ee9/jetty-ee9-annotations/src/test/java/org/eclipse/jetty/ee9/annotations/TestAnnotationParser.java
View File

@ -15,6 +15,7 @@ package org.eclipse.jetty.ee9.annotations;
import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.file.Files;
@ -41,6 +42,8 @@ import org.junit.jupiter.api.extension.ExtendWith;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.contains;
import static org.hamcrest.Matchers.containsInAnyOrder;
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.in;
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.notNullValue;
@ -215,13 +218,19 @@ public class TestAnnotationParser
public void testJep238MultiReleaseInJar() throws Exception
{
Path badClassesJar = MavenTestingUtils.getTargetPath("test-classes/jdk9/log4j-api-2.9.0.jar");
AnnotationParser parser = new AnnotationParser();
Set<AnnotationParser.Handler> emptySet = Collections.emptySet();
AnnotationParser parser = new AnnotationParser();
try (ResourceFactory.Closeable resourceFactory = ResourceFactory.closeable())
{
parser.parse(emptySet, resourceFactory.newResource(badClassesJar));
// Should throw no exceptions and work with the META-INF/versions without incident
parser.parse(Collections.emptySet(), resourceFactory.newResource(badClassesJar));
//check for a class that is only in versions 9
Map<String, URI> parsed = parser.getParsedClassNames();
URI processIdUtilURI = parsed.get("org.apache.logging.log4j.util.ProcessIdUtil");
assertNotNull(processIdUtilURI);
if (Runtime.version().feature() > 17)
assertThat(processIdUtilURI.toString(), containsString("META-INF/versions/9"));
}
}
@ -230,13 +239,16 @@ public class TestAnnotationParser
{
Path jdk10Jar = MavenTestingUtils.getTargetPath("test-classes/jdk10/multirelease-10.jar");
AnnotationParser parser = new AnnotationParser();
DuplicateClassScanHandler handler = new DuplicateClassScanHandler();
Set<AnnotationParser.Handler> handlers = Collections.singleton(handler);
try (ResourceFactory.Closeable resourceFactory = ResourceFactory.closeable())
{
parser.parse(handlers, resourceFactory.newResource(jdk10Jar));
// Should throw no exceptions
parser.parse(Collections.emptySet(), resourceFactory.newResource(jdk10Jar));
Map<String, URI> parsed = parser.getParsedClassNames();
assertEquals(3, parsed.size());
assertThat(parsed.keySet(), containsInAnyOrder("hello.DetailedVer", "hello.Greetings", "hello.Hello"));
if (Runtime.version().feature() > 17)
assertThat(parsed.get("hello.Greetings").toString(), containsString("META-INF/versions/10"));
}
}

9
jetty-ee9/jetty-ee9-maven-plugin/src/main/java/org/eclipse/jetty/ee9/maven/plugin/JettyEffectiveWebXml.java
View File

@ -60,13 +60,12 @@ public class JettyEffectiveWebXml extends AbstractUnassembledWebAppMojo
}
}
Path start = path.getName(0);
int count = path.getNameCount();
Path end = path.getName(count > 0 ? count - 1 : count);
//if the war is not assembled, we must configure it
if (start.startsWith("src") || !end.toString().endsWith(".war"))
if ((path == null) || (path.startsWith("src") || !path.endsWith(".war")))
{
super.configureUnassembledWebApp();
}
}
/**
* Override so we can call the parent's method in a different order.

2
jetty-ee9/jetty-ee9-proxy/src/test/java/org/eclipse/jetty/ee9/proxy/AbstractConnectHandlerTest.java
View File

@ -32,7 +32,7 @@ public abstract class AbstractConnectHandlerTest
protected void prepareProxy() throws Exception
{
proxy = new Server();
proxyConnector = new ServerConnector(proxy);
proxyConnector = new ServerConnector(proxy, 1, 1);
proxy.addConnector(proxyConnector);
connectHandler = new ConnectHandler();
proxy.setHandler(connectHandler);

2
jetty-ee9/jetty-ee9-proxy/src/test/java/org/eclipse/jetty/ee9/proxy/ConnectHandlerTest.java
View File

@ -58,7 +58,7 @@ public class ConnectHandlerTest extends AbstractConnectHandlerTest
public void prepare() throws Exception
{
server = new Server();
serverConnector = new ServerConnector(server);
serverConnector = new ServerConnector(server, 1, 1);
server.addConnector(serverConnector);
server.setHandler(new ServerHandler());
server.start();

5
jetty-ee9/jetty-ee9-tests/jetty-ee9-test-loginservice/pom.xml
View File

@ -46,6 +46,11 @@
<artifactId>mariadb</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>net.java.dev.jna</groupId>
<artifactId>jna</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.testcontainers</groupId>
<artifactId>junit-jupiter</artifactId>

198
jetty-ee9/pom.xml
View File

@ -455,6 +455,204 @@
<formats>
<format>html</format>
</formats>
<onlyProjectDependencies>true</onlyProjectDependencies>
<onlyUpgradable>true</onlyUpgradable>
<ruleSet>
<rules>
<rule>
<!-- ignore maven alpha/beta releases -->
<groupId>org.apache.maven</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+-(alpha|beta).?[0-9]+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore jetty core/root deps -->
<groupId>org.eclipse.jetty</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore all jetty nested deps -->
<groupId>org.eclipse.jetty.*</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 2.0.x of activation spec
ee10 starts with version 2.1.x -->
<groupId>jakarta.activation</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!2.0.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 2.0.x of annotation spec
ee10 starts with version 2.1.x -->
<groupId>jakarta.annotation</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!2.0.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 2.x of authentication spec
ee10 starts with version 3.x -->
<groupId>jakarta.authentication</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!2.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 4.x of el spec
ee10 starts with version 5.x -->
<groupId>jakarta.el</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!4.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 3.x of cdi spec
ee10 starts with version 4.x -->
<groupId>jakarta.enterprise</groupId>
<artifactId>jakarta.enterprise.cdi-api</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!3.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 2.0.x of interceptor spec
ee10 starts with version 2.1.x -->
<groupId>jakarta.interceptor</groupId>
<artifactId>jakarta.interceptor-api</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!2.0.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 2.0.x of mail spec
ee10 starts with version 2.1.x -->
<groupId>jakarta.mail</groupId>
<artifactId>jakarta.mail-api</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!2.0.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 5.x of servlet spec
ee10 starts with version 6.x -->
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!5.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 3.0.x of jsp spec
ee10 starts with version 3.1.x -->
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet.jsp-api</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!3.0.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 2.x of jsp-jstl spec
ee10 starts with version 3.x -->
<groupId>jakarta.servlet.jsp.jstl</groupId>
<artifactId>jakarta.servlet.jsp.jstl-api</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!2.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 2.x of jsp-jstl impl (glassfish)
ee10 starts with version 3.x -->
<groupId>org.glassfish.web</groupId>
<artifactId>jakarta.servlet.jsp.jstl</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!2.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 10.0.x of mortbay apache-jsp impl
ee10 starts with version 10.1.x -->
<groupId>org.mortbay.jasper</groupId>
<artifactId>apache-jsp</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!10.0.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- for ee9, we need to stay on 10.0.x of mortbay apache-el impl
ee10 starts with version 10.1.x -->
<groupId>org.mortbay.jasper</groupId>
<artifactId>apache-el</artifactId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>^(?!10.0.).+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore unstable mina releases -->
<groupId>org.apache.mina</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+-M[0-9]+$</version>
</ignoreVersion>
</ignoreVersions>
</rule>
</rules>
</ruleSet>
</configuration>
</execution>
</executions>

88
pom.xml
View File

@ -33,7 +33,7 @@
<mina.core.version>2.2.1</mina.core.version>
<asm.version>9.4</asm.version>
<awaitility.version>4.2.0</awaitility.version>
<bndlib.version>6.3.1</bndlib.version>
<bndlib.version>6.4.0</bndlib.version>
<build-support.version>1.5</build-support.version>
<checkstyle.version>10.6.0</checkstyle.version>
<commons-codec.version>1.15</commons-codec.version>
@ -45,12 +45,12 @@
<felix.version>7.0.5</felix.version>
<findbugs.jsr305.version>3.0.2</findbugs.jsr305.version>
<google.errorprone.version>2.18.0</google.errorprone.version>
<grpc.version>1.52.1</grpc.version>
<grpc.version>1.53.0</grpc.version>
<gson.version>2.10.1</gson.version>
<guava.version>31.1-jre</guava.version>
<guice.version>5.1.0</guice.version>
<hamcrest.version>2.2</hamcrest.version>
<hazelcast.version>5.2.1</hazelcast.version>
<hazelcast.version>5.2.2</hazelcast.version>
<infinispan.protostream.version>4.6.1.Final</infinispan.protostream.version>
<infinispan.version>11.0.17.Final</infinispan.version>
<jackson.version>2.14.2</jackson.version>
@ -80,7 +80,7 @@
<jboss.logging.annotations.version>2.2.1.Final</jboss.logging.annotations.version>
<jboss.logging.processor.version>2.2.1.Final</jboss.logging.processor.version>
<jboss.logging.version>3.5.0.Final</jboss.logging.version>
<jboss-logmanager.version>2.1.19.Final</jboss-logmanager.version>
<jboss-logmanager.version>2.3.0.Alpha1</jboss-logmanager.version>
<jboss-threads.version>3.5.0.Final</jboss-threads.version>
<jetty-assembly-descriptors.version>1.1</jetty-assembly-descriptors.version>
<jetty.perf-helper.version>1.0.7</jetty.perf-helper.version>
@ -91,12 +91,12 @@
<jmh.version>1.36</jmh.version>
<jna.version>5.13.0</jna.version>
<json-simple.version>1.1.1</json-simple.version>
<json-smart.version>2.4.8</json-smart.version>
<json-smart.version>2.4.9</json-smart.version>
<junit.version>5.9.2</junit.version>
<kerb-simplekdc.version>2.0.3</kerb-simplekdc.version>
<log4j2.version>2.20.0</log4j2.version>
<logback.version>1.4.5</logback.version>
<mariadb.version>3.0.10</mariadb.version>
<mariadb.version>3.1.2</mariadb.version>
<mariadb.docker.version>10.3.6</mariadb.docker.version>
<maven.deps.version>3.8.7</maven.deps.version>
<maven-artifact-transfer.version>0.13.1</maven-artifact-transfer.version>
@ -105,9 +105,9 @@
<mongodb.version>3.12.11</mongodb.version>
<openpojo.version>0.9.1</openpojo.version>
<org.osgi.annotation.version>8.1.0</org.osgi.annotation.version>
<org.osgi.core.version>6.0.0</org.osgi.core.version>
<org.osgi.core.version>8.0.0</org.osgi.core.version>
<org.osgi.util.function.version>1.2.0</org.osgi.util.function.version>
<org.osgi.util.promise.version>1.2.0</org.osgi.util.promise.version>
<org.osgi.util.promise.version>1.3.0</org.osgi.util.promise.version>
<osgi-version>3.18.200</osgi-version>
<!-- really used -->
@ -129,7 +129,7 @@
<injection.bundle.version>1.2</injection.bundle.version>
<plexus-component-annotations.version>2.1.1</plexus-component-annotations.version>
<plexus-utils.version>3.5.0</plexus-utils.version>
<plexus-utils.version>3.5.1</plexus-utils.version>
<slf4j.version>2.0.6</slf4j.version>
<spifly.version>1.3.6</spifly.version>
<springboot.version>2.1.1.RELEASE</springboot.version>
@ -1001,6 +1001,11 @@
<artifactId>jna-jpms</artifactId>
<version>${jna.version}</version>
</dependency>
<dependency>
<groupId>net.java.dev.jna</groupId>
<artifactId>jna</artifactId>
<version>${jna.version}</version>
</dependency>
<dependency>
<groupId>net.minidev</groupId>
<artifactId>json-smart</artifactId>
@ -2088,6 +2093,71 @@
</plugins>
</build>
</profile>
<profile>
<!--
$ mvn -Pdependency-updates-reports validate
# once done, check the /target/site/dependency-updates-aggregate-report.html
-->
<id>dependency-updates-reports</id>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>versions-maven-plugin</artifactId>
<executions>
<execution>
<id>root-report</id>
<phase>validate</phase>
<goals>
<goal>dependency-updates-aggregate-report</goal>
</goals>
<configuration>
<formats>
<format>html</format>
</formats>
<onlyProjectDependencies>false</onlyProjectDependencies>
<onlyUpgradable>true</onlyUpgradable>
<ruleSet>
<rules>
<rule>
<!-- ignore maven alpha/beta releases -->
<groupId>org.apache.maven</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+-(alpha|beta).?[0-9]+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore jetty core level version changes -->
<groupId>org.eclipse.jetty</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
<rule>
<!-- ignore jetty nested level version changes -->
<groupId>org.eclipse.jetty.*</groupId>
<ignoreVersions>
<ignoreVersion>
<type>regex</type>
<version>.+</version>
</ignoreVersion>
</ignoreVersions>
</rule>
</rules>
</ruleSet>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<profile>
<!-- This profile is used exclusively on Eclipse CBI.
Various plugins and artifacts declared here only