Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/jetty-9.4.x' into jetty-10.0.x 

Signed-off-by: Greg Wilkins <gregw@webtide.com>
This commit is contained in:
Greg Wilkins 2019-11-05 09:17:29 +11:00
parent 2e4bb568d4 e09444eeb5
commit dd53a8d70f
40 changed files with 558 additions and 304 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
jetty-alpn/jetty-alpn-java-server/src/test/java/org/eclipse/jetty/alpn/java/server/JDK9ALPNTest.java
View File

@ -19,6 +19,7 @@
package org.eclipse.jetty.alpn.java.server;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
@ -26,6 +27,7 @@ import java.nio.charset.StandardCharsets;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@ -85,10 +87,10 @@ public class JDK9ALPNTest
@Test
public void testClientNotSupportingALPNServerSpeaksDefaultProtocol() throws Exception
{
startServer(new AbstractHandler.ErrorDispatchHandler()
startServer(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
}
@ -127,10 +129,10 @@ public class JDK9ALPNTest
@Test
public void testClientSupportingALPNServerSpeaksNegotiatedProtocol() throws Exception
{
startServer(new AbstractHandler.ErrorDispatchHandler()
startServer(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
}

4
jetty-client/src/test/java/org/eclipse/jetty/client/EmptyServerHandler.java
View File

@ -26,10 +26,10 @@ import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.handler.AbstractHandler;
public class EmptyServerHandler extends AbstractHandler.ErrorDispatchHandler
public class EmptyServerHandler extends AbstractHandler
{
@Override
protected final void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public final void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
jettyRequest.setHandled(true);
service(target, jettyRequest, request, response);

4
jetty-client/src/test/java/org/eclipse/jetty/client/HttpClientTest.java
View File

@ -534,10 +534,10 @@ public class HttpClientTest extends AbstractHttpClientServerTest
@ArgumentsSource(ScenarioProvider.class)
public void test_ExchangeIsComplete_OnlyWhenBothRequestAndResponseAreComplete(Scenario scenario) throws Exception
{
start(scenario, new AbstractHandler.ErrorDispatchHandler()
start(scenario, new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, org.eclipse.jetty.server.Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, org.eclipse.jetty.server.Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
baseRequest.setHandled(true);
response.setContentLength(0);

18
jetty-http2/http2-common/src/main/java/org/eclipse/jetty/http2/parser/SettingsBodyParser.java
View File

@ -83,6 +83,11 @@ public class SettingsBodyParser extends BodyParser
@Override
public boolean parse(ByteBuffer buffer)
{
return parse(buffer, getStreamId(), getBodyLength());
}
private boolean parse(ByteBuffer buffer, int streamId, int bodyLength)
{
while (buffer.hasRemaining())
{
@ -91,9 +96,9 @@ public class SettingsBodyParser extends BodyParser
case PREPARE:
{
// SPEC: wrong streamId is treated as connection error.
if (getStreamId() != 0)
if (streamId != 0)
return connectionFailure(buffer, ErrorCode.PROTOCOL_ERROR.code, "invalid_settings_frame");
length = getBodyLength();
length = bodyLength;
settings = new HashMap<>();
state = State.SETTING_ID;
break;
@ -216,6 +221,13 @@ public class SettingsBodyParser extends BodyParser
return true;
}
/**
* <p>Parses the given buffer containing the whole body of a {@code SETTINGS} frame
* (without header bytes), typically from the {@code HTTP2-Settings} header.</p>
*
* @param buffer the buffer containing the body of {@code SETTINGS} frame
* @return the {@code SETTINGS} frame from the parsed body bytes
*/
public static SettingsFrame parseBody(final ByteBuffer buffer)
{
AtomicReference<SettingsFrame> frameRef = new AtomicReference<>();
@ -234,7 +246,7 @@ public class SettingsBodyParser extends BodyParser
}
});
if (buffer.hasRemaining())
parser.parse(buffer);
parser.parse(buffer, 0, buffer.remaining());
else
parser.emptyBody(buffer);
return frameRef.get();

4
jetty-http2/http2-http-client-transport/src/test/java/org/eclipse/jetty/http2/client/http/EmptyServerHandler.java
View File

@ -26,10 +26,10 @@ import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.handler.AbstractHandler;
public class EmptyServerHandler extends AbstractHandler.ErrorDispatchHandler
public class EmptyServerHandler extends AbstractHandler
{
@Override
protected final void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public final void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
jettyRequest.setHandled(true);
service(target, jettyRequest, request, response);

2
jetty-http2/http2-server/src/test/java/org/eclipse/jetty/http2/server/HTTP2CServerTest.java
View File

@ -125,7 +125,7 @@ public class HTTP2CServerTest extends AbstractServerTest
"Host: localhost\r\n" +
"Connection: something, else, upgrade, HTTP2-Settings\r\n" +
"Upgrade: h2c\r\n" +
"HTTP2-Settings: \r\n" +
"HTTP2-Settings: AAEAAEAAAAIAAAABAAMAAABkAAQBAAAAAAUAAEAA\r\n" +
"\r\n").getBytes(StandardCharsets.ISO_8859_1));
output.flush();

2
jetty-osgi/jetty-osgi-httpservice/src/main/java/org/eclipse/jetty/osgi/httpservice/HttpServiceErrorPageErrorHandler.java
View File

@ -49,7 +49,7 @@ public class HttpServiceErrorPageErrorHandler extends ErrorPageErrorHandler
@Override
public void handle(String target, Request baseRequest,
HttpServletRequest request, HttpServletResponse response)
throws IOException
throws IOException, ServletException
{
if (HttpServiceErrorHandlerHelper.getCustomErrorHandler() != null)
{

1
jetty-server/src/main/config/etc/jetty-ssl-context.xml
View File

@ -29,6 +29,7 @@
<Set name="sslSessionTimeout" property="jetty.sslContext.sslSessionTimeout"/>
<Set name="RenegotiationAllowed" property="jetty.sslContext.renegotiationAllowed"/>
<Set name="RenegotiationLimit" property="jetty.sslContext.renegotiationLimit"/>
<Set name="SniRequired" property="jetty.sslContext.sniRequired"/>
<!-- Example of how to configure a PKIX Certificate Path revocation Checker
<Call id="pkixPreferCrls" class="java.security.cert.PKIXRevocationChecker$Option" name="valueOf"><Arg>PREFER_CRLS</Arg></Call>

1
jetty-server/src/main/config/etc/jetty-ssl.xml
View File

@ -49,6 +49,7 @@
<Call name="addCustomizer">
<Arg>
<New class="org.eclipse.jetty.server.SecureRequestCustomizer">
<Arg name="sniRequired" type="boolean"><Property name="jetty.ssl.sniRequired" default="false"/></Arg>
<Arg name="sniHostCheck" type="boolean"><Property name="jetty.ssl.sniHostCheck" default="true"/></Arg>
<Arg name="stsMaxAgeSeconds" type="int"><Property name="jetty.ssl.stsMaxAgeSeconds" default="-1"/></Arg>
<Arg name="stsIncludeSubdomains" type="boolean"><Property name="jetty.ssl.stsIncludeSubdomains" default="false"/></Arg>

6
jetty-server/src/main/config/modules/ssl.mod
View File

@ -43,6 +43,12 @@ etc/jetty-ssl-context.xml
## Connect Timeout in milliseconds
# jetty.ssl.connectTimeout=15000
## Whether SNI is required for all secure connections. Rejections are in TLS handshakes.
# jetty.sslContext.sniRequired=false
## Whether SNI is required for all secure connections. Rejections are in HTTP 400 response.
# jetty.ssl.sniRequired=false
## Whether request host names are checked to match any SNI names
# jetty.ssl.sniHostCheck=true

23
jetty-server/src/main/java/org/eclipse/jetty/server/HttpChannel.java
View File

@ -50,7 +50,6 @@ import org.eclipse.jetty.io.QuietException;
import org.eclipse.jetty.server.HttpChannelState.Action;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.ErrorHandler;
import org.eclipse.jetty.server.handler.ErrorHandler.ErrorPageMapper;
import org.eclipse.jetty.util.BufferUtil;
import org.eclipse.jetty.util.Callback;
import org.eclipse.jetty.util.SharedBlockingCallback.Blocker;
@ -365,8 +364,6 @@ public class HttpChannel implements Runnable, HttpOutput.Interceptor
{
if (!_request.hasMetaData())
throw new IllegalStateException("state=" + _state);
_request.setHandled(false);
_response.reopen();
dispatch(DispatcherType.REQUEST, () ->
{
@ -384,9 +381,6 @@ public class HttpChannel implements Runnable, HttpOutput.Interceptor
case ASYNC_DISPATCH:
{
_request.setHandled(false);
_response.reopen();
dispatch(DispatcherType.ASYNC,() -> getServer().handleAsync(this));
break;
}
@ -400,9 +394,7 @@ public class HttpChannel implements Runnable, HttpOutput.Interceptor
try
{
// Get ready to send an error response
_request.setHandled(false);
_response.resetContent();
_response.reopen();
// the following is needed as you cannot trust the response code and reason
// as those could have been modified after calling sendError
@ -419,20 +411,11 @@ public class HttpChannel implements Runnable, HttpOutput.Interceptor
break;
}
// Look for an error page dispatcher
String errorPage = (errorHandler instanceof ErrorPageMapper) ? ((ErrorPageMapper)errorHandler).getErrorPage(_request) : null;
Dispatcher errorDispatcher = errorPage != null ? (Dispatcher)context.getRequestDispatcher(errorPage) : null;
if (errorDispatcher == null)
dispatch(DispatcherType.ERROR,() ->
{
// Allow ErrorHandler to generate response
errorHandler.handle(null, _request, _request, _response);
_request.setHandled(true);
}
else
{
// Do the error page dispatch
dispatch(DispatcherType.ERROR,() -> errorDispatcher.error(_request, _response));
}
});
}
catch (Throwable x)
{
@ -570,6 +553,8 @@ public class HttpChannel implements Runnable, HttpOutput.Interceptor
{
try
{
_request.setHandled(false);
_response.reopen();
_request.setDispatcherType(type);
_combinedListener.onBeforeDispatch(_request);
dispatchable.dispatch();

55
jetty-server/src/main/java/org/eclipse/jetty/server/SecureRequestCustomizer.java
View File

@ -57,6 +57,7 @@ public class SecureRequestCustomizer implements HttpConfiguration.Customizer
private String sslSessionAttribute = "org.eclipse.jetty.servlet.request.ssl_session";
private boolean _sniRequired;
private boolean _sniHostCheck;
private long _stsMaxAge = -1;
private boolean _stsIncludeSubDomains;
@ -82,6 +83,22 @@ public class SecureRequestCustomizer implements HttpConfiguration.Customizer
@Name("stsMaxAgeSeconds") long stsMaxAgeSeconds,
@Name("stsIncludeSubdomains") boolean stsIncludeSubdomains)
{
this(false, sniHostCheck, stsMaxAgeSeconds, stsIncludeSubdomains);
}
/**
* @param sniRequired True if a SNI certificate is required.
* @param sniHostCheck True if the SNI Host name must match.
* @param stsMaxAgeSeconds The max age in seconds for a Strict-Transport-Security response header. If set less than zero then no header is sent.
* @param stsIncludeSubdomains If true, a include subdomain property is sent with any Strict-Transport-Security header
*/
public SecureRequestCustomizer(
@Name("sniRequired") boolean sniRequired,
@Name("sniHostCheck") boolean sniHostCheck,
@Name("stsMaxAgeSeconds") long stsMaxAgeSeconds,
@Name("stsIncludeSubdomains") boolean stsIncludeSubdomains)
{
_sniRequired = sniRequired;
_sniHostCheck = sniHostCheck;
_stsMaxAge = stsMaxAgeSeconds;
_stsIncludeSubDomains = stsIncludeSubdomains;
@ -89,7 +106,7 @@ public class SecureRequestCustomizer implements HttpConfiguration.Customizer
}
/**
* @return True if the SNI Host name must match.
* @return True if the SNI Host name must match when there is an SNI certificate.
*/
public boolean isSniHostCheck()
{
@ -97,13 +114,31 @@ public class SecureRequestCustomizer implements HttpConfiguration.Customizer
}
/**
* @param sniHostCheck True if the SNI Host name must match.
* @param sniHostCheck True if the SNI Host name must match when there is an SNI certificate.
*/
public void setSniHostCheck(boolean sniHostCheck)
{
_sniHostCheck = sniHostCheck;
}
/**
* @return True if SNI is required, else requests will be rejected with 400 response.
* @see SslContextFactory.Server#isSniRequired()
*/
public boolean isSniRequired()
{
return _sniRequired;
}
/**
* @param sniRequired True if SNI is required, else requests will be rejected with 400 response.
* @see SslContextFactory.Server#setSniRequired(boolean)
*/
public void setSniRequired(boolean sniRequired)
{
_sniRequired = sniRequired;
}
/**
* @return The max age in seconds for a Strict-Transport-Security response header. If set less than zero then no header is sent.
*/
@ -208,19 +243,23 @@ public class SecureRequestCustomizer implements HttpConfiguration.Customizer
{
SSLSession sslSession = sslEngine.getSession();
if (_sniHostCheck)
if (_sniHostCheck || _sniRequired)
{
String name = request.getServerName();
X509 x509 = (X509)sslSession.getValue(SniX509ExtendedKeyManager.SNI_X509);
if (x509 != null && !x509.matches(name))
if (LOG.isDebugEnabled())
LOG.debug("Host {} with SNI {}", name, x509);
if (x509 == null)
{
if (_sniRequired)
throw new BadMessageException(400, "SNI required");
}
else if (_sniHostCheck && !x509.matches(name))
{
LOG.warn("Host {} does not match SNI {}", name, x509);
throw new BadMessageException(400, "Host does not match SNI");
}
if (LOG.isDebugEnabled())
LOG.debug("Host {} matched SNI {}", name, x509);
}
try

17
jetty-server/src/main/java/org/eclipse/jetty/server/handler/AbstractHandler.java
View File

@ -66,11 +66,7 @@ public abstract class AbstractHandler extends ContainerLifeCycle implements Hand
public abstract void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException;
/**
* Convenience method to generate error page.
* <p>This method can be called from {@link #handle(String, Request, HttpServletRequest, HttpServletResponse)} when an {@link DispatcherType#ERROR} dispatch
* is detected and an error page needs to be generated by calling {@link HttpServletResponse#sendError(int, String)} with the appropriate code and reason,
* which are taken from {@link HttpServletRequest#getAttribute(String)} for {@link RequestDispatcher#ERROR_STATUS_CODE} and {@link RequestDispatcher#ERROR_MESSAGE}
*
* Deprecated error page generation
* @param target The target of the request - either a URI or a name.
* @param baseRequest The original unwrapped request object.
* @param request The request either as the {@link Request} object or a wrapper of that request. The
@ -81,16 +77,14 @@ public abstract class AbstractHandler extends ContainerLifeCycle implements Hand
* method can be used access the Response object if required.
* @throws IOException if unable to handle the request or response processing
* @throws ServletException if unable to handle the request or response due to underlying servlet issue
* @see ErrorDispatchHandler for a convenience class that calls this method.
*/
@Deprecated
protected void doError(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
Object o = request.getAttribute(RequestDispatcher.ERROR_STATUS_CODE);
int code = (o instanceof Integer) ? ((Integer)o).intValue() : (o != null ? Integer.parseInt(o.toString()) : 500);
o = request.getAttribute(RequestDispatcher.ERROR_MESSAGE);
String reason = o != null ? o.toString() : null;
response.sendError(code, reason);
response.setStatus(code);
baseRequest.setHandled(true);
}
/*
@ -147,7 +141,9 @@ public abstract class AbstractHandler extends ContainerLifeCycle implements Hand
* {@link DispatcherType#ERROR} dispatches are handled by calling the {@link #doError(String, Request, HttpServletRequest, HttpServletResponse)}
* method. All other dispatches are passed to the abstract {@link #doNonErrorHandle(String, Request, HttpServletRequest, HttpServletResponse)}
* method, which should be implemented with specific handler behavior
* @deprecated This class is no longer required as ERROR dispatch is only done if there is an error page target.
*/
@Deprecated
public abstract static class ErrorDispatchHandler extends AbstractHandler
{
@Override
@ -174,6 +170,7 @@ public abstract class AbstractHandler extends ContainerLifeCycle implements Hand
* @throws IOException if unable to handle the request or response processing
* @throws ServletException if unable to handle the request or response due to underlying servlet issue
*/
@Deprecated
protected abstract void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException;
}
}

43
jetty-server/src/main/java/org/eclipse/jetty/server/handler/ErrorHandler.java
View File

@ -28,6 +28,7 @@ import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.List;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@ -82,26 +83,38 @@ public class ErrorHandler extends AbstractHandler
}
}
/*
* @see org.eclipse.jetty.server.server.Handler#handle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, int)
*/
@Override
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
doError(target, baseRequest, request, response);
}
@Override
public void doError(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
String cacheControl = getCacheControl();
if (cacheControl != null)
response.setHeader(HttpHeader.CACHE_CONTROL.asString(), cacheControl);
String message = (String)request.getAttribute(Dispatcher.ERROR_MESSAGE);
if (message == null)
message = baseRequest.getResponse().getReason();
generateAcceptableResponse(baseRequest, request, response, response.getStatus(), message);
// Look for an error page dispatcher
// This logic really should be in ErrorPageErrorHandler, but some implementations extend ErrorHandler
// and implement ErrorPageMapper directly, so we do this here in the base class.
String errorPage = (this instanceof ErrorPageMapper) ? ((ErrorPageMapper)this).getErrorPage(request) : null;
ContextHandler.Context context = baseRequest.getErrorContext();
Dispatcher errorDispatcher = (errorPage != null && context != null)
? (Dispatcher)context.getRequestDispatcher(errorPage) : null;
try
{
if (errorDispatcher != null)
{
errorDispatcher.error(request, response);
}
else
{
String message = (String)request.getAttribute(Dispatcher.ERROR_MESSAGE);
if (message == null)
message = baseRequest.getResponse().getReason();
generateAcceptableResponse(baseRequest, request, response, response.getStatus(), message);
}
}
finally
{
baseRequest.setHandled(true);
}
}
/**

4
jetty-server/src/test/java/org/eclipse/jetty/server/AbstractHttpTest.java
View File

@ -104,7 +104,7 @@ public abstract class AbstractHttpTest
}
}
protected class ThrowExceptionOnDemandHandler extends AbstractHandler.ErrorDispatchHandler
protected class ThrowExceptionOnDemandHandler extends AbstractHandler
{
private final boolean throwException;
private volatile Throwable failure;
@ -115,7 +115,7 @@ public abstract class AbstractHttpTest
}
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (throwException)
throw new TestCommitException();

4
jetty-server/src/test/java/org/eclipse/jetty/server/DumpHandler.java
View File

@ -42,7 +42,7 @@ import org.eclipse.jetty.util.log.Logger;
* Dumps GET and POST requests.
* Useful for testing and debugging.
*/
public class DumpHandler extends AbstractHandler.ErrorDispatchHandler
public class DumpHandler extends AbstractHandler
{
private static final Logger LOG = Log.getLogger(DumpHandler.class);
@ -58,7 +58,7 @@ public class DumpHandler extends AbstractHandler.ErrorDispatchHandler
}
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (!isStarted())
return;

4
jetty-server/src/test/java/org/eclipse/jetty/server/HttpChannelEventTest.java
View File

@ -271,10 +271,10 @@ public class HttpChannelEventTest
assertTrue(latch.await(5, TimeUnit.SECONDS));
}
private static class TestHandler extends AbstractHandler.ErrorDispatchHandler
private static class TestHandler extends AbstractHandler
{
@Override
protected final void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public final void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
jettyRequest.setHandled(true);
handle(request, response);

4
jetty-server/src/test/java/org/eclipse/jetty/server/HttpConnectionTest.java
View File

@ -1227,11 +1227,11 @@ public class HttpConnectionTest
final String longstr = str;
final CountDownLatch checkError = new CountDownLatch(1);
server.stop();
server.setHandler(new AbstractHandler.ErrorDispatchHandler()
server.setHandler(new AbstractHandler()
{
@SuppressWarnings("unused")
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.setHeader(HttpHeader.CONTENT_TYPE.toString(), MimeTypes.Type.TEXT_HTML.toString());

44
jetty-server/src/test/java/org/eclipse/jetty/server/HttpManyWaysToAsyncCommitTest.java
View File

@ -126,7 +126,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -140,7 +140,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
asyncContext.complete();
});
}
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -200,7 +200,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -215,7 +215,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
});
}
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -273,7 +273,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -296,7 +296,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
});
}
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -354,7 +354,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -379,7 +379,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
});
}
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -437,7 +437,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -460,7 +460,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
});
}
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -520,7 +520,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -546,7 +546,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
});
}
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -607,7 +607,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -632,7 +632,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
});
}
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -689,7 +689,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -714,7 +714,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
});
}
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -772,7 +772,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -797,7 +797,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
});
}
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -850,7 +850,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -875,7 +875,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
});
}
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -930,7 +930,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, final HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
if (request.getAttribute(contextAttribute) == null)
{
@ -955,7 +955,7 @@ public class HttpManyWaysToAsyncCommitTest extends AbstractHttpTest
});
}
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}

52
jetty-server/src/test/java/org/eclipse/jetty/server/HttpManyWaysToCommitTest.java
View File

@ -84,10 +84,10 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(false); // not needed, but lets be explicit about what the test does
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -125,10 +125,10 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -167,11 +167,11 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.getWriter().write("foobar");
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -214,12 +214,12 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.getWriter().write("foobar");
response.flushBuffer();
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -259,11 +259,11 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.flushBuffer();
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -305,13 +305,13 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.getWriter().write("foo");
response.flushBuffer();
response.getWriter().write("bar");
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -384,12 +384,12 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.setBufferSize(4);
response.getWriter().write("foobar");
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -401,13 +401,13 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.setBufferSize(8);
response.getWriter().write("fo");
response.getWriter().write("obarfoobar");
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -419,7 +419,7 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.setBufferSize(8);
@ -429,7 +429,7 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
response.getWriter().write("fo");
response.getWriter().write("ob");
response.getWriter().write("ar");
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -558,12 +558,12 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.setContentLength(3);
response.getWriter().write("foo");
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -603,13 +603,13 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.setContentLength(3);
// Only "foo" will get written and "bar" will be discarded
response.getWriter().write("foobar");
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -649,12 +649,12 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.getWriter().write("foo");
response.setContentLength(3);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
@ -694,12 +694,12 @@ public class HttpManyWaysToCommitTest extends AbstractHttpTest
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
response.getWriter().write("foobar");
response.setContentLength(3);
super.doNonErrorHandle(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
}
}

8
jetty-server/src/test/java/org/eclipse/jetty/server/HttpServerTestBase.java
View File

@ -283,10 +283,10 @@ public abstract class HttpServerTestBase extends HttpServerTestFixture
@Test
public void testExceptionThrownInHandler() throws Exception
{
configureServer(new AbstractHandler.ErrorDispatchHandler()
configureServer(new AbstractHandler()
{
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
throw new QuietServletException("TEST handler exception");
}
@ -314,10 +314,10 @@ public abstract class HttpServerTestBase extends HttpServerTestFixture
{
final AtomicBoolean fourBytesRead = new AtomicBoolean(false);
final AtomicBoolean earlyEOFException = new AtomicBoolean(false);
configureServer(new AbstractHandler.ErrorDispatchHandler()
configureServer(new AbstractHandler()
{
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
int contentLength = request.getContentLength();

15
jetty-server/src/test/java/org/eclipse/jetty/server/HttpServerTestFixture.java
View File

@ -26,7 +26,6 @@ import java.io.PrintWriter;
import java.net.Socket;
import java.net.URI;
import java.nio.charset.StandardCharsets;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@ -211,7 +210,7 @@ public class HttpServerTestFixture
}
}
protected static class ReadExactHandler extends AbstractHandler.ErrorDispatchHandler
protected static class ReadExactHandler extends AbstractHandler
{
private int expected;
@ -226,7 +225,7 @@ public class HttpServerTestFixture
}
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
int len = expected < 0 ? request.getContentLength() : expected;
@ -246,16 +245,6 @@ public class HttpServerTestFixture
response.setContentLength(reply.length());
response.getOutputStream().write(reply.getBytes(StandardCharsets.ISO_8859_1));
}
@Override
protected void doError(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
System.err.println("ERROR: " + request.getAttribute(RequestDispatcher.ERROR_MESSAGE));
Throwable th = (Throwable)request.getAttribute(RequestDispatcher.ERROR_EXCEPTION);
if (th != null)
th.printStackTrace();
super.doError(target, baseRequest, request, response);
}
}
protected static class ReadHandler extends AbstractHandler

4
jetty-server/src/test/java/org/eclipse/jetty/server/OptionalSslConnectionTest.java
View File

@ -204,10 +204,10 @@ public class OptionalSslConnectionTest
}
}
private static class EmptyServerHandler extends AbstractHandler.ErrorDispatchHandler
private static class EmptyServerHandler extends AbstractHandler
{
@Override
protected void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response)
public void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response)
{
jettyRequest.setHandled(true);
}

4
jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java
View File

@ -1793,14 +1793,14 @@ public class RequestTest
boolean check(HttpServletRequest request, HttpServletResponse response) throws IOException;
}
private class RequestHandler extends AbstractHandler.ErrorDispatchHandler
private class RequestHandler extends AbstractHandler
{
private RequestTester _checker;
@SuppressWarnings("unused")
private String _content;
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
((Request)request).setHandled(true);

4
jetty-server/src/test/java/org/eclipse/jetty/server/ServerConnectorTimeoutTest.java
View File

@ -152,10 +152,10 @@ public class ServerConnectorTimeoutTest extends ConnectorTimeoutTest
public void testHttpWriteIdleTimeout() throws Exception
{
_httpConfiguration.setIdleTimeout(500);
configureServer(new AbstractHandler.ErrorDispatchHandler()
configureServer(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
baseRequest.setHandled(true);
IO.copy(request.getInputStream(), response.getOutputStream());

4
jetty-server/src/test/java/org/eclipse/jetty/server/ServletWriterTest.java
View File

@ -72,9 +72,9 @@ public class ServletWriterTest
char[] chars = new char[128 * 1024 * 1024];
CountDownLatch latch = new CountDownLatch(1);
AtomicReference<Thread> serverThreadRef = new AtomicReference<>();
start(chars.length, new AbstractHandler.ErrorDispatchHandler() {
start(chars.length, new AbstractHandler() {
@Override
protected void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
serverThreadRef.set(Thread.currentThread());
jettyRequest.setHandled(true);

13
jetty-server/src/test/java/org/eclipse/jetty/server/handler/NcsaRequestLogTest.java
View File

@ -465,10 +465,10 @@ public class NcsaRequestLogTest
{
setup(logType);
_server.setRequestLog(_log);
AbstractHandler.ErrorDispatchHandler wrapper = new AbstractHandler.ErrorDispatchHandler()
AbstractHandler wrapper = new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException
{
testHandler.handle(target, baseRequest, request, response);
@ -481,10 +481,11 @@ public class NcsaRequestLogTest
ErrorHandler errorHandler = new ErrorHandler()
{
@Override
public void doError(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException
{
errors.add(baseRequest.getRequestURI());
super.doError(target, baseRequest, request, response);
super.handle(target, baseRequest, request, response);
}
};
_server.addBean(errorHandler);
@ -499,10 +500,10 @@ public class NcsaRequestLogTest
{
setup(logType);
_server.setRequestLog(_log);
AbstractHandler.ErrorDispatchHandler wrapper = new AbstractHandler.ErrorDispatchHandler()
AbstractHandler wrapper = new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException
{
testHandler.handle(target, baseRequest, request, response);

5
jetty-server/src/test/java/org/eclipse/jetty/server/ssl/SSLReadEOFAfterResponseTest.java
View File

@ -26,6 +26,7 @@ import java.io.OutputStream;
import java.net.Socket;
import java.nio.charset.StandardCharsets;
import javax.net.ssl.SSLContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@ -65,10 +66,10 @@ public class SSLReadEOFAfterResponseTest
String content = "the quick brown fox jumped over the lazy dog";
byte[] bytes = content.getBytes(StandardCharsets.UTF_8);
server.setHandler(new AbstractHandler.ErrorDispatchHandler()
server.setHandler(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
// First: read the whole content.
InputStream input = request.getInputStream();

188
jetty-server/src/test/java/org/eclipse/jetty/server/ssl/SniSslConnectionFactoryTest.java
View File

@ -31,9 +31,11 @@ import java.util.Collections;
import java.util.List;
import java.util.Queue;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.function.Consumer;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SNIServerName;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
@ -57,6 +59,7 @@ import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.eclipse.jetty.server.handler.ErrorHandler;
import org.eclipse.jetty.util.IO;
import org.eclipse.jetty.util.ssl.SniX509ExtendedKeyManager;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.hamcrest.Matchers;
import org.junit.jupiter.api.AfterEach;
@ -67,6 +70,8 @@ import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.is;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
public class SniSslConnectionFactoryTest
{
@ -76,7 +81,7 @@ public class SniSslConnectionFactoryTest
private int _port;
@BeforeEach
public void before() throws Exception
public void before()
{
_server = new Server();
@ -114,12 +119,18 @@ public class SniSslConnectionFactoryTest
protected void start(String keystorePath) throws Exception
{
File keystoreFile = new File(keystorePath);
start(ssl -> ssl.setKeyStorePath(keystorePath));
}
protected void start(Consumer<SslContextFactory.Server> sslConfig) throws Exception
{
SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
sslConfig.accept(sslContextFactory);
File keystoreFile = sslContextFactory.getKeyStoreResource().getFile();
if (!keystoreFile.exists())
throw new FileNotFoundException(keystoreFile.getAbsolutePath());
SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
@ -128,10 +139,10 @@ public class SniSslConnectionFactoryTest
new HttpConnectionFactory(_httpsConfiguration));
_server.addConnector(https);
_server.setHandler(new AbstractHandler.ErrorDispatchHandler()
_server.setHandler(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
{
baseRequest.setHandled(true);
response.setStatus(200);
@ -219,6 +230,79 @@ public class SniSslConnectionFactoryTest
assertThat(response, Matchers.containsString("Host does not match SNI"));
}
@Test
public void testWrongSNIRejectedConnection() throws Exception
{
start(ssl ->
{
ssl.setKeyStorePath("src/test/resources/keystore_sni.p12");
// Do not allow unmatched SNI.
ssl.setSniRequired(true);
});
// Wrong SNI host.
assertThrows(SSLHandshakeException.class, () -> getResponse("wrong.com", "wrong.com", null));
// No SNI host.
assertThrows(SSLHandshakeException.class, () -> getResponse(null, "wrong.com", null));
}
@Test
public void testWrongSNIRejectedBadRequest() throws Exception
{
start(ssl ->
{
ssl.setKeyStorePath("src/test/resources/keystore_sni.p12");
// Do not allow unmatched SNI.
ssl.setSniRequired(false);
_httpsConfiguration.getCustomizers().stream()
.filter(SecureRequestCustomizer.class::isInstance)
.map(SecureRequestCustomizer.class::cast)
.forEach(src -> src.setSniRequired(true));
});
// Wrong SNI host.
HttpTester.Response response = HttpTester.parseResponse(getResponse("wrong.com", "wrong.com", null));
assertNotNull(response);
assertThat(response.getStatus(), is(400));
// No SNI host.
response = HttpTester.parseResponse(getResponse(null, "wrong.com", null));
assertNotNull(response);
assertThat(response.getStatus(), is(400));
}
@Test
public void testWrongSNIRejectedFunction() throws Exception
{
start(ssl ->
{
ssl.setKeyStorePath("src/test/resources/keystore_sni.p12");
// Do not allow unmatched SNI.
ssl.setSniRequired(true);
ssl.setSNISelector((keyType, issuers, session, sniHost, certificates) ->
{
if (sniHost == null)
return SniX509ExtendedKeyManager.SniSelector.DELEGATE;
return ssl.sniSelect(keyType, issuers, session, sniHost, certificates);
});
_httpsConfiguration.getCustomizers().stream()
.filter(SecureRequestCustomizer.class::isInstance)
.map(SecureRequestCustomizer.class::cast)
.forEach(src -> src.setSniRequired(true));
});
// Wrong SNI host.
assertThrows(SSLHandshakeException.class, () -> getResponse("wrong.com", "wrong.com", null));
// No SNI host.
HttpTester.Response response = HttpTester.parseResponse(getResponse(null, "wrong.com", null));
assertNotNull(response);
assertThat(response.getStatus(), is(400));
}
@Test
public void testSameConnectionRequestsForManyDomains() throws Exception
{
@ -247,6 +331,7 @@ public class SniSslConnectionFactoryTest
InputStream input = sslSocket.getInputStream();
HttpTester.Response response = HttpTester.parseResponse(input);
assertNotNull(response);
assertThat(response.getStatus(), is(200));
// Same socket, send a request for a different domain but same alias.
@ -257,6 +342,7 @@ public class SniSslConnectionFactoryTest
output.write(request.getBytes(StandardCharsets.UTF_8));
output.flush();
response = HttpTester.parseResponse(input);
assertNotNull(response);
assertThat(response.getStatus(), is(200));
// Same socket, send a request for a different domain but different alias.
@ -268,6 +354,7 @@ public class SniSslConnectionFactoryTest
output.flush();
response = HttpTester.parseResponse(input);
assertNotNull(response);
assertThat(response.getStatus(), is(400));
assertThat(response.getContent(), containsString("Host does not match SNI"));
}
@ -303,6 +390,7 @@ public class SniSslConnectionFactoryTest
InputStream input = sslSocket.getInputStream();
HttpTester.Response response = HttpTester.parseResponse(input);
assertNotNull(response);
assertThat(response.getStatus(), is(200));
// Now, on the same socket, send a request for a different valid domain.
@ -314,6 +402,7 @@ public class SniSslConnectionFactoryTest
output.flush();
response = HttpTester.parseResponse(input);
assertNotNull(response);
assertThat(response.getStatus(), is(200));
// Now make a request for an invalid domain for this connection.
@ -325,6 +414,7 @@ public class SniSslConnectionFactoryTest
output.flush();
response = HttpTester.parseResponse(input);
assertNotNull(response);
assertThat(response.getStatus(), is(400));
assertThat(response.getContent(), containsString("Host does not match SNI"));
}
@ -334,49 +424,6 @@ public class SniSslConnectionFactoryTest
}
}
private String getResponse(String host, String cn) throws Exception
{
String response = getResponse(host, host, cn);
assertThat(response, Matchers.startsWith("HTTP/1.1 200 "));
assertThat(response, Matchers.containsString("X-URL: /ctx/path"));
return response;
}
private String getResponse(String sniHost, String reqHost, String cn) throws Exception
{
SslContextFactory clientContextFactory = new SslContextFactory.Client(true);
clientContextFactory.start();
SSLSocketFactory factory = clientContextFactory.getSslContext().getSocketFactory();
try (SSLSocket sslSocket = (SSLSocket)factory.createSocket("127.0.0.1", _port))
{
if (sniHost != null)
{
SNIHostName serverName = new SNIHostName(sniHost);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
SSLParameters params = sslSocket.getSSLParameters();
params.setServerNames(serverNames);
sslSocket.setSSLParameters(params);
}
sslSocket.startHandshake();
if (cn != null)
{
X509Certificate cert = ((X509Certificate)sslSocket.getSession().getPeerCertificates()[0]);
assertThat(cert.getSubjectX500Principal().getName("CANONICAL"), Matchers.startsWith("cn=" + cn));
}
String response = "GET /ctx/path HTTP/1.0\r\nHost: " + reqHost + ":" + _port + "\r\n\r\n";
sslSocket.getOutputStream().write(response.getBytes(StandardCharsets.ISO_8859_1));
return IO.toString(sslSocket.getInputStream());
}
finally
{
clientContextFactory.stop();
}
}
@Test
public void testSocketCustomization() throws Exception
{
@ -420,4 +467,47 @@ public class SniSslConnectionFactoryTest
assertEquals("customize http class org.eclipse.jetty.server.HttpConnection,true", history.poll());
assertEquals(0, history.size());
}
private String getResponse(String host, String cn) throws Exception
{
String response = getResponse(host, host, cn);
assertThat(response, Matchers.startsWith("HTTP/1.1 200 "));
assertThat(response, Matchers.containsString("X-URL: /ctx/path"));
return response;
}
private String getResponse(String sniHost, String reqHost, String cn) throws Exception
{
SslContextFactory clientContextFactory = new SslContextFactory.Client(true);
clientContextFactory.start();
SSLSocketFactory factory = clientContextFactory.getSslContext().getSocketFactory();
try (SSLSocket sslSocket = (SSLSocket)factory.createSocket("127.0.0.1", _port))
{
if (sniHost != null)
{
SNIHostName serverName = new SNIHostName(sniHost);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
SSLParameters params = sslSocket.getSSLParameters();
params.setServerNames(serverNames);
sslSocket.setSSLParameters(params);
}
sslSocket.startHandshake();
if (cn != null)
{
X509Certificate cert = ((X509Certificate)sslSocket.getSession().getPeerCertificates()[0]);
assertThat(cert.getSubjectX500Principal().getName("CANONICAL"), Matchers.startsWith("cn=" + cn));
}
String response = "GET /ctx/path HTTP/1.0\r\nHost: " + reqHost + ":" + _port + "\r\n\r\n";
sslSocket.getOutputStream().write(response.getBytes(StandardCharsets.ISO_8859_1));
return IO.toString(sslSocket.getInputStream());
}
finally
{
clientContextFactory.stop();
}
}
}

1
jetty-server/src/test/resources/jetty-logging.properties
View File

@ -1,5 +1,4 @@
org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StdErrLog
org.eclipse.jetty.LEVEL=INFO
#org.eclipse.jetty.LEVEL=DEBUG
#org.eclipse.jetty.server.LEVEL=DEBUG
#org.eclipse.jetty.server.ConnectionLimit.LEVEL=DEBUG

4
jetty-unixsocket/jetty-unixsocket-client/src/test/java/org/eclipse/jetty/unixsocket/UnixSocketTest.java
View File

@ -103,10 +103,10 @@ public class UnixSocketTest
connector.setUnixSocket(sockFile.toString());
server.addConnector(connector);
server.setHandler(new AbstractHandler.ErrorDispatchHandler()
server.setHandler(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
int l = 0;
if (request.getContentLength() != 0)

4
jetty-unixsocket/jetty-unixsocket-server/src/test/java/org/eclipse/jetty/unixsocket/UnixSocketProxyServer.java
View File

@ -49,10 +49,10 @@ public class UnixSocketProxyServer
if (Files.exists(socket))
Files.delete(socket);
server.setHandler(new AbstractHandler.ErrorDispatchHandler()
server.setHandler(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
int l = 0;
if (request.getContentLength() != 0)

4
jetty-unixsocket/jetty-unixsocket-server/src/test/java/org/eclipse/jetty/unixsocket/UnixSocketServer.java
View File

@ -47,10 +47,10 @@ public class UnixSocketServer
if (Files.exists(socket))
Files.delete(socket);
server.setHandler(new AbstractHandler.ErrorDispatchHandler()
server.setHandler(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
int l = 0;
if (request.getContentLength() != 0)

117
jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SniX509ExtendedKeyManager.java
View File

@ -24,8 +24,12 @@ import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.net.ssl.SNIMatcher;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509ExtendedKeyManager;
@ -41,14 +45,20 @@ import org.eclipse.jetty.util.log.Logger;
public class SniX509ExtendedKeyManager extends X509ExtendedKeyManager
{
public static final String SNI_X509 = "org.eclipse.jetty.util.ssl.snix509";
private static final String NO_MATCHERS = "no_matchers";
private static final Logger LOG = Log.getLogger(SniX509ExtendedKeyManager.class);
private final X509ExtendedKeyManager _delegate;
private final SslContextFactory.Server _sslContextFactory;
public SniX509ExtendedKeyManager(X509ExtendedKeyManager keyManager)
{
this(keyManager, null);
}
public SniX509ExtendedKeyManager(X509ExtendedKeyManager keyManager, SslContextFactory.Server sslContextFactory)
{
_delegate = keyManager;
_sslContextFactory = sslContextFactory;
}
@Override
@ -65,53 +75,69 @@ public class SniX509ExtendedKeyManager extends X509ExtendedKeyManager
protected String chooseServerAlias(String keyType, Principal[] issuers, Collection<SNIMatcher> matchers, SSLSession session)
{
// Look for the aliases that are suitable for the keytype and issuers
// Look for the aliases that are suitable for the keyType and issuers.
String[] aliases = _delegate.getServerAliases(keyType, issuers);
if (aliases == null || aliases.length == 0)
return null;
// Look for the SNI information.
String host = null;
X509 x509 = null;
if (matchers != null)
// Find our SNIMatcher. There should only be one and it always matches (always returns true
// from AliasSNIMatcher.matches), but it will capture the SNI Host if one was presented.
String host = matchers == null ? null : matchers.stream()
.filter(SslContextFactory.AliasSNIMatcher.class::isInstance)
.map(SslContextFactory.AliasSNIMatcher.class::cast)
.findFirst()
.map(SslContextFactory.AliasSNIMatcher::getHost)
.orElse(null);
try
{
for (SNIMatcher m : matchers)
// Filter the certificates by alias.
Collection<X509> certificates = Arrays.stream(aliases)
.map(_sslContextFactory::getX509)
.filter(Objects::nonNull)
.collect(Collectors.toList());
// delegate the decision to accept to the sniSelector
SniSelector sniSelector = _sslContextFactory.getSNISelector();
if (sniSelector == null)
sniSelector = _sslContextFactory;
String alias = sniSelector.sniSelect(keyType, issuers, session, host, certificates);
// Check selected alias
if (alias != null && alias != SniSelector.DELEGATE)
{
if (m instanceof SslContextFactory.AliasSNIMatcher)
// Make sure we got back an alias from the acceptable aliases.
X509 x509 = _sslContextFactory.getX509(alias);
if (!Arrays.asList(aliases).contains(alias) || x509 == null)
{
SslContextFactory.AliasSNIMatcher matcher = (SslContextFactory.AliasSNIMatcher)m;
host = matcher.getHost();
x509 = matcher.getX509();
break;
if (LOG.isDebugEnabled())
LOG.debug("Invalid X509 match for SNI {}: {}", host, alias);
return null;
}
}
}
if (LOG.isDebugEnabled())
LOG.debug("Matched {} with {} from {}", host, x509, Arrays.asList(aliases));
// Check if the SNI selected alias is allowable
if (x509 != null)
{
for (String a : aliases)
{
if (a.equals(x509.getAlias()))
{
if (LOG.isDebugEnabled())
LOG.debug("Matched SNI {} with X509 {} from {}", host, x509, Arrays.asList(aliases));
if (session != null)
session.putValue(SNI_X509, x509);
return a;
}
}
return alias;
}
catch (Throwable x)
{
if (LOG.isDebugEnabled())
LOG.debug("Failure matching X509 for SNI " + host, x);
return null;
}
return NO_MATCHERS;
}
@Override
public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
{
SSLSocket sslSocket = (SSLSocket)socket;
String alias = socket == null ? NO_MATCHERS : chooseServerAlias(keyType, issuers, sslSocket.getSSLParameters().getSNIMatchers(), sslSocket.getHandshakeSession());
if (alias == NO_MATCHERS)
String alias = (socket == null)
? chooseServerAlias(keyType, issuers, Collections.emptyList(), null)
: chooseServerAlias(keyType, issuers, sslSocket.getSSLParameters().getSNIMatchers(), sslSocket.getHandshakeSession());
if (alias == SniSelector.DELEGATE)
alias = _delegate.chooseServerAlias(keyType, issuers, socket);
if (LOG.isDebugEnabled())
LOG.debug("Chose alias {}/{} on {}", alias, keyType, socket);
@ -121,8 +147,10 @@ public class SniX509ExtendedKeyManager extends X509ExtendedKeyManager
@Override
public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
{
String alias = engine == null ? NO_MATCHERS : chooseServerAlias(keyType, issuers, engine.getSSLParameters().getSNIMatchers(), engine.getHandshakeSession());
if (alias == NO_MATCHERS)
String alias = (engine == null)
? chooseServerAlias(keyType, issuers, Collections.emptyList(), null)
: chooseServerAlias(keyType, issuers, engine.getSSLParameters().getSNIMatchers(), engine.getHandshakeSession());
if (alias == SniSelector.DELEGATE)
alias = _delegate.chooseEngineServerAlias(keyType, issuers, engine);
if (LOG.isDebugEnabled())
LOG.debug("Chose alias {}/{} on {}", alias, keyType, engine);
@ -152,4 +180,31 @@ public class SniX509ExtendedKeyManager extends X509ExtendedKeyManager
{
return _delegate.getServerAliases(keyType, issuers);
}
/**
* <p>Selects a certificate based on SNI information.</p>
*/
@FunctionalInterface
public interface SniSelector
{
String DELEGATE = "delegate_no_sni_match";
/**
* <p>Selects a certificate based on SNI information.</p>
* <p>This method may be invoked multiple times during the TLS handshake, with different parameters.
* For example, the {@code keyType} could be different, and subsequently the collection of certificates
* (because they need to match the {@code keyType}.</p>
*
* @param keyType the key algorithm type name
* @param issuers the list of acceptable CA issuer subject names or null if it does not matter which issuers are used
* @param session the TLS handshake session or null if not known.
* @param sniHost the server name indication sent by the client, or null if the client did not send the server name indication
* @param certificates the list of certificates matching {@code keyType} and {@code issuers} known to this SslContextFactory
* @return the alias of the certificate to return to the client, from the {@code certificates} list,
* or {@link SniSelector#DELEGATE} if the certificate choice should be delegated to the
* nested key manager or null for no match.
* @throws SSLHandshakeException if the TLS handshake should be aborted
*/
public String sniSelect(String keyType, Principal[] issuers, SSLSession session, String sniHost, Collection<X509> certificates) throws SSLHandshakeException;
}
}

129
jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java
View File

@ -65,6 +65,7 @@ import javax.net.ssl.SNIMatcher;
import javax.net.ssl.SNIServerName;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLServerSocket;
@ -1146,7 +1147,7 @@ public abstract class SslContextFactory extends AbstractLifeCycle implements Dum
for (int idx = 0; idx < managers.length; idx++)
{
if (managers[idx] instanceof X509ExtendedKeyManager)
managers[idx] = new SniX509ExtendedKeyManager((X509ExtendedKeyManager)managers[idx]);
managers[idx] = newSniX509ExtendedKeyManager((X509ExtendedKeyManager)managers[idx]);
}
}
}
@ -1158,6 +1159,11 @@ public abstract class SslContextFactory extends AbstractLifeCycle implements Dum
return managers;
}
protected X509ExtendedKeyManager newSniX509ExtendedKeyManager(X509ExtendedKeyManager keyManager)
{
return new SniX509ExtendedKeyManager(keyManager);
}
protected TrustManager[] getTrustManagers(KeyStore trustStore, Collection<? extends CRL> crls) throws Exception
{
TrustManager[] managers = null;
@ -2011,7 +2017,6 @@ public abstract class SslContextFactory extends AbstractLifeCycle implements Dum
class AliasSNIMatcher extends SNIMatcher
{
private String _host;
private X509 _x509;
AliasSNIMatcher()
{
@ -2026,36 +2031,14 @@ public abstract class SslContextFactory extends AbstractLifeCycle implements Dum
if (serverName instanceof SNIHostName)
{
String host = _host = ((SNIHostName)serverName).getAsciiName();
host = StringUtil.asciiToLowerCase(host);
// Try an exact match
_x509 = _certHosts.get(host);
// Else try an exact wild match
if (_x509 == null)
{
_x509 = _certWilds.get(host);
// Else try an 1 deep wild match
if (_x509 == null)
{
int dot = host.indexOf('.');
if (dot >= 0)
{
String domain = host.substring(dot + 1);
_x509 = _certWilds.get(domain);
}
}
}
_host = StringUtil.asciiToLowerCase(((SNIHostName)serverName).getAsciiName());
if (LOG.isDebugEnabled())
LOG.debug("SNI matched {}->{}", host, _x509);
LOG.debug("SNI host name {}", _host);
}
else
{
if (LOG.isDebugEnabled())
LOG.debug("SNI no match for {}", serverName);
LOG.debug("No SNI host name for {}", serverName);
}
// Return true and allow the KeyManager to accept or reject when choosing a certificate.
@ -2068,11 +2051,6 @@ public abstract class SslContextFactory extends AbstractLifeCycle implements Dum
{
return _host;
}
public X509 getX509()
{
return _x509;
}
}
public static class Client extends SslContextFactory
@ -2096,10 +2074,13 @@ public abstract class SslContextFactory extends AbstractLifeCycle implements Dum
}
}
public static class Server extends SslContextFactory
@ManagedObject
public static class Server extends SslContextFactory implements SniX509ExtendedKeyManager.SniSelector
{
private boolean _needClientAuth;
private boolean _wantClientAuth;
private boolean _sniRequired;
private SniX509ExtendedKeyManager.SniSelector _sniSelector;
public Server()
{
@ -2143,6 +2124,88 @@ public abstract class SslContextFactory extends AbstractLifeCycle implements Dum
{
_wantClientAuth = wantClientAuth;
}
/**
* Does the default {@link #sniSelect(String, Principal[], SSLSession, String, Collection)} implementation
* require an SNI match? Note that if a non SNI handshake is accepted, requests may still be rejected
* at the HTTP level for incorrect SNI (see SecureRequestCustomizer).
* @return true if no SNI match is handled as no certificate match, false if no SNI match is handled by
* delegation to the non SNI matching methods.
*/
@ManagedAttribute("Whether the TLS handshake is rejected if there is no SNI host match")
public boolean isSniRequired()
{
return _sniRequired;
}
/**
* Set if the default {@link #sniSelect(String, Principal[], SSLSession, String, Collection)} implementation
* require an SNI match? Note that if a non SNI handshake is accepted, requests may still be rejected
* at the HTTP level for incorrect SNI (see SecureRequestCustomizer).
* This setting may have no effect if {@link #sniSelect(String, Principal[], SSLSession, String, Collection)} is
* overridden or a non null function is passed to {@link #setSNISelector(SniX509ExtendedKeyManager.SniSelector)}.
* @param sniRequired true if no SNI match is handled as no certificate match, false if no SNI match is handled by
* delegation to the non SNI matching methods.
*/
public void setSniRequired(boolean sniRequired)
{
_sniRequired = sniRequired;
}
@Override
protected KeyManager[] getKeyManagers(KeyStore keyStore) throws Exception
{
KeyManager[] managers = super.getKeyManagers(keyStore);
if (isSniRequired())
{
if (managers == null || Arrays.stream(managers).noneMatch(SniX509ExtendedKeyManager.class::isInstance))
throw new IllegalStateException("No SNI Key managers when SNI is required");
}
return managers;
}
/**
* @return the custom function to select certificates based on SNI information
*/
public SniX509ExtendedKeyManager.SniSelector getSNISelector()
{
return _sniSelector;
}
/**
* <p>Sets a custom function to select certificates based on SNI information.</p>
*
* @param sniSelector the selection function
*/
public void setSNISelector(SniX509ExtendedKeyManager.SniSelector sniSelector)
{
_sniSelector = sniSelector;
}
@Override
public String sniSelect(String keyType, Principal[] issuers, SSLSession session, String sniHost, Collection<X509> certificates) throws SSLHandshakeException
{
if (sniHost == null)
{
// No SNI, so reject or delegate.
return _sniRequired ? null : SniX509ExtendedKeyManager.SniSelector.DELEGATE;
}
else
{
// Match the SNI host, or let the JDK decide unless unmatched SNIs are rejected.
return certificates.stream()
.filter(x509 -> x509.matches(sniHost))
.findFirst()
.map(X509::getAlias)
.orElse(_sniRequired ? null : SniX509ExtendedKeyManager.SniSelector.DELEGATE);
}
}
@Override
protected X509ExtendedKeyManager newSniX509ExtendedKeyManager(X509ExtendedKeyManager keyManager)
{
return new SniX509ExtendedKeyManager(keyManager, this);
}
}
/**

4
tests/test-http-client-transport/src/test/java/org/eclipse/jetty/http/client/EmptyServerHandler.java
View File

@ -26,10 +26,10 @@ import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.handler.AbstractHandler;
public class EmptyServerHandler extends AbstractHandler.ErrorDispatchHandler
public class EmptyServerHandler extends AbstractHandler
{
@Override
protected void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
public void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
jettyRequest.setHandled(true);
service(target, jettyRequest, request, response);

4
tests/test-http-client-transport/src/test/java/org/eclipse/jetty/http/client/HttpClientContinueTest.java
View File

@ -740,10 +740,10 @@ public class HttpClientContinueTest extends AbstractTest<TransportScenario>
public void test_NoExpect_Respond100Continue(Transport transport) throws Exception
{
init(transport);
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
jettyRequest.setHandled(true);
// Force a 100 Continue response.

4
tests/test-http-client-transport/src/test/java/org/eclipse/jetty/http/client/HttpClientStreamTest.java
View File

@ -497,10 +497,10 @@ public class HttpClientStreamTest extends AbstractTest<TransportScenario>
public void testInputStreamContentProviderThrowingWhileReading(Transport transport) throws Exception
{
init(transport);
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
public void doNonErrorHandle(String target, org.eclipse.jetty.server.Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, org.eclipse.jetty.server.Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
baseRequest.setHandled(true);
IO.copy(request.getInputStream(), response.getOutputStream());

20
tests/test-http-client-transport/src/test/java/org/eclipse/jetty/http/client/HttpTrailersTest.java
View File

@ -81,10 +81,10 @@ public class HttpTrailersTest extends AbstractTest<TransportScenario>
{
String trailerName = "Trailer";
String trailerValue = "value";
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
jettyRequest.setHandled(true);
@ -120,10 +120,10 @@ public class HttpTrailersTest extends AbstractTest<TransportScenario>
public void testEmptyRequestTrailers(Transport transport) throws Exception
{
init(transport);
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
jettyRequest.setHandled(true);
@ -169,10 +169,10 @@ public class HttpTrailersTest extends AbstractTest<TransportScenario>
{
String trailerName = "Trailer";
String trailerValue = "value";
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
jettyRequest.setHandled(true);
@ -216,10 +216,10 @@ public class HttpTrailersTest extends AbstractTest<TransportScenario>
public void testEmptyResponseTrailers(Transport transport) throws Exception
{
init(transport);
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response)
public void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response)
{
jettyRequest.setHandled(true);
@ -262,10 +262,10 @@ public class HttpTrailersTest extends AbstractTest<TransportScenario>
String trailerName = "Trailer";
String trailerValue = "value";
init(transport);
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request jettyRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
jettyRequest.setHandled(true);

24
tests/test-http-client-transport/src/test/java/org/eclipse/jetty/http/client/ServerTimeoutsTest.java
View File

@ -204,10 +204,10 @@ public class ServerTimeoutsTest extends AbstractTest<TransportScenario>
{
init(transport);
CountDownLatch handlerLatch = new CountDownLatch(1);
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
baseRequest.setHandled(true);
AsyncContext asyncContext = request.startAsync();
@ -270,10 +270,10 @@ public class ServerTimeoutsTest extends AbstractTest<TransportScenario>
Assumptions.assumeFalse(scenario.transport == UNIX_SOCKET);
CountDownLatch handlerLatch = new CountDownLatch(1);
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
baseRequest.setHandled(true);
AsyncContext asyncContext = request.startAsync();
@ -338,10 +338,10 @@ public class ServerTimeoutsTest extends AbstractTest<TransportScenario>
scenario.requestLog.clear();
scenario.httpConfig.setMinRequestDataRate(bytesPerSecond);
CountDownLatch handlerLatch = new CountDownLatch(1);
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
public void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
try
{
@ -402,10 +402,10 @@ public class ServerTimeoutsTest extends AbstractTest<TransportScenario>
int bytesPerSecond = 20;
scenario.httpConfig.setMinRequestDataRate(bytesPerSecond);
CountDownLatch handlerLatch = new CountDownLatch(1);
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
baseRequest.setHandled(true);
ServletInputStream input = request.getInputStream();
@ -481,10 +481,10 @@ public class ServerTimeoutsTest extends AbstractTest<TransportScenario>
long idleTimeout = 3 * httpIdleTimeout;
scenario.httpConfig.setIdleTimeout(httpIdleTimeout);
CountDownLatch handlerLatch = new CountDownLatch(1);
scenario.start(new AbstractHandler.ErrorDispatchHandler()
scenario.start(new AbstractHandler()
{
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
baseRequest.setHandled(true);
AsyncContext asyncContext = request.startAsync();
@ -665,7 +665,7 @@ public class ServerTimeoutsTest extends AbstractTest<TransportScenario>
assertTrue(clientLatch.await(15, TimeUnit.SECONDS));
}
private static class BlockingReadHandler extends AbstractHandler.ErrorDispatchHandler
private static class BlockingReadHandler extends AbstractHandler
{
private final CountDownLatch handlerLatch;
@ -675,7 +675,7 @@ public class ServerTimeoutsTest extends AbstractTest<TransportScenario>
}
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException
{
baseRequest.setHandled(true);
ServletInputStream input = request.getInputStream();