dependabot[bot]
00abb62fea
Bump maven-project-info-reports-plugin from 3.1.1 to 3.1.2 ( #6704 )
...
Bumps [maven-project-info-reports-plugin](https://github.com/apache/maven-project-info-reports-plugin ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/apache/maven-project-info-reports-plugin/releases )
- [Commits](https://github.com/apache/maven-project-info-reports-plugin/compare/maven-project-info-reports-plugin-3.1.1...maven-project-info-reports-plugin-3.1.2 )
---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-project-info-reports-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-08 13:54:05 +10:00
Lachlan
4fd1a4ea4b
Merge pull request #6691 from eclipse/jetty-9.4.x-6554-DefaultIdentityService
...
Issue #6554 - create the DefaultIdentityService even if no realmName is provided
2021-09-03 10:15:58 +10:00
Lachlan Roberts
7e91d34177
Issue #6554 - create the DefaultIdentityService even if no realmName is provided
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-09-02 12:12:51 +10:00
Simone Bordet
525fcb3119
Fixes #6603 - HTTP/2 max local stream count exceeded ( #6639 )
...
Made MAX_CONCURRENT_STREAMS setting work on a per-connection basis.
Updated Pool javadocs.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2021-08-30 16:00:15 +02:00
Jan Bartel
ef95c9b3ad
Issue #6671 Update to apache jsp 8.5.70 ( #6676 )
...
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-08-30 12:24:40 +10:00
Joakim Erdfelt
59b21557a7
Build on jdk17 now. ( #6675 )
...
* Build on jdk17 now.
* Bump spotbugs to 4.3.0
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-28 07:10:26 -05:00
Simone Bordet
05c08e1602
Backport from 10.0.x of the changes using Awaitility.
...
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-25 17:08:06 +02:00
Simone Bordet
1b79fcee94
Made `BlockedWritesWithSmallThreadPoolTest` more reliable.
...
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-25 12:39:06 +02:00
Simone Bordet
9897c1b06e
Fixes #6646 - SmallThreadPoolLoadTest on windows flaky.
...
Fixed occurrences of Callbacks that did not override getInvocationType() to properly declare whether they block or not.
Added test case for blocking writes for both client and server.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-25 10:45:16 +02:00
Lachlan
f9bb80aa96
Merge pull request #6659 from eclipse/jetty-9.4.x-6568-SecurityHandler-isAuthMandatory
...
Issue #6553 - give 401 response if UNAUTHENTICATED and auth is mandatory (9.4)
2021-08-25 13:53:55 +10:00
Simone Bordet
b2a023675c
Fixes #6652 - Improve ReservedThreadExecutor dump. ( #6653 )
...
Fixes #6652 - Improve ReservedThreadExecutor dump.
Filtering out non-reserved threads in dump() and doStop().
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2021-08-24 23:12:08 +02:00
Lachlan Roberts
a575607284
Issue #6553 - give 403 response if UNAUTHENTICATED and auth is mandatory
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-24 15:48:03 +10:00
Lachlan
3de9d3428e
Merge pull request #6643 from eclipse/jetty-9.4.x-6617-openidBasicAuth
...
Issue #6617 - add support for the client_secret_basic authentication method (jetty-9.4)
2021-08-19 16:18:55 +10:00
Lachlan Roberts
11c8ea0fa2
Issue #6617 - change jetty property name to jetty.openid.authMethod
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-19 09:59:59 +10:00
Lachlan Roberts
604f6b3f82
Use correct auth method string in OpenIdConfiguration default constructor
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-19 09:59:36 +10:00
Lachlan Roberts
84a122f524
Issue #6617 - add support for the client_secret_basic authentication method
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-19 09:57:57 +10:00
Lachlan
b848c87a40
Merge pull request #6636 from eclipse/jetty-9.4.x-6618-OpenID-audArray
...
Issue #6618 - azp claim should not be required for single value aud array (jetty-9.4)
2021-08-19 09:36:42 +10:00
Simone Bordet
693663a4ce
Fixes #6624 - Non-domain SNI on java17
...
Java 17 only allows letter|digit|hyphen characters for SNI names.
While we could bypass this restriction on the client, when the SNI bytes arrive to the server they will be verified and if not allowed the TLS handshake will fail.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-18 17:07:20 +02:00
Lachlan Roberts
c20be7da4d
Fix licence header.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-18 12:52:54 +10:00
Lachlan Roberts
3e6446ef4a
Issue #6618 - Use a new OpenIdCredentials constructor instead of static method.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-18 11:36:05 +10:00
Lachlan Roberts
61f7e57217
Issue #6618 - azp claim should not be required for single value aud array
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-18 11:35:48 +10:00
Greg Wilkins
ac73b3aa20
Disable ipv6 test for #6624 ( #6625 )
...
Temp disable of test that is breaking the build.
2021-08-17 14:07:33 +10:00
Greg Wilkins
a3f7747b35
Fix flaky test from #6562/#6563 ( #6628 )
...
Fix flaky test from #6562
Disable ipv6 test for #6624
2021-08-17 14:06:25 +10:00
Simone Bordet
569455c4a4
Fixes #6372 - Review socket options configuration.
...
Made HTTP2Client.tcpNoDelay configurable.
Fixed copying of configuration in HttpClientTransportOverHTTP2.
Added test case for bindAddress.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-13 15:08:24 +02:00
Ludovic Orban
cbc814e763
#6605 rename test
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-08-13 14:59:19 +02:00
Ludovic Orban
4857372245
#6605 testEmptyBufferKnown: make sure the assertion does not happen before the committed flag is read
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-08-13 14:59:19 +02:00
Joakim Erdfelt
2032a43943
Merge pull request #6596 from eclipse/jetty-9.4.x-dep-upgrade-ant
...
Upgrade ant to 1.10.11
2021-08-11 06:32:53 -05:00
Joakim Erdfelt
014011b37f
Upgrade ant to 1.10.11
...
Addresses CVE-2021-36373 and CVE-2021-36374
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-10 07:55:45 -05:00
Simone Bordet
784293aa6d
Fixes #6369 - Increment default jetty.http2.rateControl.maxEventsPerSecond
...
Incremented rateControl.maxEventsPerSecond to 50.
Fixed mistakes in the http2c module.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-06 19:07:58 +02:00
Greg Wilkins
fc0a4dc141
Fixed racy test ( #6584 )
...
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-08-04 14:25:07 +10:00
Simone Bordet
342396c7ee
Issue #6558 - improved json array converter ( #6571 )
...
Fixes #6558 - Allow configuring return type in JSON array parsing.
Introduced `arrayConverter` in both JSON and AsyncJSON.Factory.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-03 17:09:28 +02:00
Joakim Erdfelt
51e6335c7a
Merge pull request #6572 from eclipse/jetty-9.4.x-windows-test-overhaul
...
Issue #5684 - windows test overhaul
2021-08-03 07:45:27 -05:00
Greg Wilkins
5c013a5a0b
Fix #6562 last written bytebuffer ( #6563 )
...
Fixes #6562 the last written bytebuffer calculation.
Also fixed an associated issue with unnecessary flush of an empty when last calculation already signalled last.
2021-08-03 12:30:09 +10:00
Joakim Erdfelt
242f6621ae
Issue #5684 - Fixing DeploymentTempDirTest
...
Using unique workdir per testcase.
Don't expect to delete between tests (not supported on windows due to file locking anyway)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 09:15:09 -07:00
Joakim Erdfelt
1c16aa8993
Issue #5684 - Disable ConcurrentStreamCreationTest
...
+ Not possible to create all of these streams.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 07:31:09 -07:00
Joakim Erdfelt
60bfc75ce4
Issue #5684 - Disabled TLSv1.3 tests on windows
...
If we restrict to TLSv1.2 this passes.
But on TLSv1.3 is a behavior differences between Linux and Windows.
On Linux TLSv.13 on client side will always return a
javax.net.ssl.SSLHandshakeException in those test cases that expect it.
However, on Windows, Only the TLSv1.2 implementation will return a javax.net.ssl.SSLHandshakeException,
All other TLS versions will result in a
javax.net.ssl.SSLException: Software caused connection abort: recv failed
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 06:54:49 -07:00
Joakim Erdfelt
18f32da373
Issue #5684 - make test less strict due to system speed issues
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 05:06:37 -07:00
Joakim Erdfelt
93e47a6a66
Issue #5684 - increase timeout
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 05:06:06 -07:00
Joakim Erdfelt
75c7ce200c
Issue #5684 - if unable to start, the stop shouldn't fail
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 05:05:50 -07:00
Joakim Erdfelt
500e6f2762
Issue #5684 - scan interval is variable on windows
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 05:05:32 -07:00
Joakim Erdfelt
fb1c85496c
Issue #5684 - Restrict behaviors to TLSv1.2
...
+ Windows TLS behaviors between
OpenJDK 8 and OpendJDK 11
and even between TLS versions
make the test unreliable.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-07-30 15:03:03 -07:00
Joakim Erdfelt
87912d8852
Issue #5684 - Window's test overhaul
...
+ Cleanup FileBufferedResponseHandlerTest expectations on Windows.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-07-30 11:04:13 -07:00
Lachlan
9705e05bb5
Merge pull request #6560 from eclipse/jetty-9.4.x-CVE-2021-34429
...
Update VERSION.txt with CVE-2021-34429 (Jetty-9.4)
2021-07-30 17:47:34 +10:00
Lachlan Roberts
25dafa6d7a
Update VERSION.txt with CVE-2021-34429.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-07-29 15:04:20 +10:00
Greg Wilkins
735e97d5c7
Non blocking ReservedThreadExecutor ( #6535 )
...
A call to offer must never block, nor even yield, since to do so give an opportunity for the allocated CPU core to change, defeating the whole purpose of the class.
There is also some reasonable level of diagnostic warnings if a reserved thread misses too many offers consecutively, based on tracking the state of the reserved thread.
Remove the stack data structure entirely. ReservedThreads all poll the same SynchronousQueue and tryExecute does a non blocking offer.
Added test for busy shrinking
Remember last time we hit zero reserved threads
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2021-07-29 09:46:48 +10:00
Ludovic Orban
ea5c8ed994
#6491 do not depend on awaitility
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-07-28 09:24:47 +02:00
Ludovic Orban
020770f82d
#6541 improve testConcurrentAccess perf
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-07-28 09:24:47 +02:00
Ludovic Orban
9726a0987f
#6541 improve testTake perf
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-07-28 09:24:47 +02:00
Joakim Erdfelt
7741ecc1e5
Issue #5684 - Window's test overhaul
...
+ Migrate from @DisabledOnOs(WINDOWS) to assumptions on capabilities instead.
+ Fix other outstanding windows testing issues.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-07-27 15:02:45 -07:00
Joakim Erdfelt
cbb3a550cc
Merge pull request #6549 from eclipse/jetty-9.4.x-remove-dead-useragents-file
...
Remove unused (and currently empty) useragents file
2021-07-27 12:53:23 -05:00