* Fixes#5379 - Better handling for wrong SNI.
Reworked the SNI logic.
Added support for IP addresses in the SAN extension of certificates in the X509 class.
Fixed keystores to have CN=localhost and SAN with ip=127.0.0.1 and ip=[::1].
Fixed tests that were not using the correct Host header.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #5022 Filter Cache cleanup
Issue #5022 Filter Cache cleanup:
+ Fixed many compiler warnings
+ removed old LazyList leftovers
+ Don't create holder string for source unless required
+ Only have a single type of chain, so it can be wrapped regardless of cache
+ Reverse mappings lists to make filter chain creation easier
+ build chain directly rather than build a list then a chain
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* added comment to explain ordering
Signed-off-by: gregw <gregw@webtide.com>
* More cleanups
* fixed toString format
turn off debug in OSGI test
If SessionHandler.newHttpSession(Request) fails to create a session
it returns null. Request.getSession(true) cannot throw a checked
exception, nor can it return null, so we should throw ISE.
Signed-off-by: Jan Bartel <janb@webtide.com>
* Issue #5357 - Updating to https://eclipse.org/
- Removing redundant <url> refs in pom.xml
- Correcting bad indenting from merge
- Correcting mailing list references
- Correcting bugs.eclipse.org references
- Correcting text file references
- Correcting html references
- Correcting further references
- Correcting download.eclipse.org reference
- Adding test for demo-base /proxy/current/
- Ensuring jetty-client is included in javadoc-proxy.war/WEB-INF/lib
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #5304 HTTP2 HostHeader
Updated HostHeaderCustomizer to actually add the Host header, either from values passed in the custructor or from the getServerName and getServerPort methods.
The HttpURI is no longer updated.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ Found and fixed bug in HttpFields
+ Added port normalization support to HttpScheme
+ added test
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* blank line
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ refixed bug in HttpFields
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ still fixing HttpFields bug
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 Host Header
updates from review
Reworked the start documentation.
Started skeleton of the operations guide.
Removed old_docs/deploying/hot-deployment.adoc and
old_docs/gettingstarted/getting-started/jetty-deployment.adoc,
since its content has been moved to the refactored documentation.
Restructured the skeleton of the operations guide.
Removed old_docs/deploying/anatomy-of-a-webapp.adoc,
since its content has been moved to the refactored documentation.
Removed old_docs/deploying/automatic-webapp-deployment.adoc,
since its content has been moved to the refactored documentation.
Removed old_docs/deploying/configuring-virtual-hosts.adoc,
since its content has been moved to the refactored documentation.
Removed old_docs/contexts/serving-webapps-from-particular-port.adoc
and example-jetty-embedded/src/main/resource/jetty-otherserver.xml,
since its content has been moved to the refactored documentation.
Simplified POMs.
Simplified index.adoc files, refactoring common things into config.adoc.
Expanded the deploy configuration documentation.
Expanded the protocols configuration documentation.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
+ Merge ProxyPass tests from CheckReverseProxyHeadersTest into
ForwardedRequestCustomizerTest
+ Deleted CheckReverseProxyHeadersTest.java
+ Add more tests for ForcedHost configuration
+ Updated ForwardedRequestCustomizer to conform to expectations
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
The CRC32 checksum may need to convert the ByteBuffer to an array anyway so
we are better off not setting the deflater input with ByteBuffer directly.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
+ In the case of HEAD, the servlet-api response is a wrapper
of javax.servlet.http.HttpServlet$NoBodyResponse
We know the content_length, use it.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
If the request is async dispatched, the check state.isSuspended() is not
correct to determine if the request was async or not. The check
state.isAsyncStarted() should be used instead.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
+ Reverting name ResourceFactory.newResource(String)
to .getResource(String)
+ Reintroducing Resource.getResource(String)
+ ResourceHandler.getResource(String) cleaned up
in light of Exception handling requirement
+ Resource.addPath(String) implementations can
never return null now
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ Now parsed by WebAppContext into List<Resource>
+ Reintroduced Resource.fromList
+ Refactored ResourceFactory to never return null
and always throw an exception if unable to
get/create/resolve the Resource
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
On the client:
* Origin.Address.host is passed through HostPort.normalizeHost(),
so that if it is IPv6 is bracketed.
Now the ipv6 address passed to an `HttClient` request is bracketed.
* HttpRequest was de-bracketing the host, but now it does not anymore.
On the server:
* Request.getLocalAddr(), getLocalName(), getRemoteAddr(),
getRemoteHost(), getServerName(), when dealing with an IPv6 address,
return it bracketed.
The reason to return bracketed IPv6 also from *Addr() methods is that
if it is used with InetAddress/InetSocketAddress it still works, but
often it is interpreted as a URI host so brackets are necessary.
* DoSFilter was blindly bracketing - now it does not.
Added a number of test cases, and fixed those that expected
non-bracketed IPv6.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #5088 Review ContextHandler locking
The locking was primarily as a memory guard for the availability status, which was already volatile.
Have instead using an AtomicReference with a simple state machine layered on top of start/stop lifecycle.
There was also protection for AttributesMap, which is no longer needed as AttributesMap is now concurrent.
* Issue #5088
updates from review
* Issue #5088
updates from review (better this time)
* Replaced relevant usages of synchronized with AutoLock.
* Made AutoLock serializable since classes that use it may be stored in the HttpSession.
* Added convenience methods to AutoLock to execute lambdas with the lock held.
* Introduced AutoLock.WithCondition to use a Lock and a Condition together.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#5057 Included root context path
Root context path in include should be empty string.
* Issue #5057
merged context path methods as result of review.
ServletContent.getContextPath now returns the encoded contextPath (if anybody is silly enough to have one).
Fixes#4971 - Simplify Connection.upgradeFrom()/upgradeTo().
Now the upgrade-from connection produces a "floating" buffer
(not belonging to a pool), so that it can release the original buffer.
The upgrade-to connection is free to copy or store this "floating" buffer.
Strengthened ByteBufferPool behavior when releasing non-pooled
ByteBuffers: the buffer is now discarded.
Updated javadocs and all implementations.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
The proper ServletPathMapping is not set on the baseRequest when these are constructed
so we can't save fields from this in the constructor. The ServletPathMapping is
later set in the ServletHandler.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Fixes#4967 - Possible buffer corruption in HTTP/2 session failures
Partially reverted the changes introduced in #4855, because they
were working only when sends were synchronous.
Introduced ByteBufferPool.remove(ByteBuffer) to fix the issue.
Now when a concurrent failure happens while frames are being
generated or sent, the buffer is discarded instead of being
recycled, therefore resolving the buffer corruption.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#4855 - Occasional h2spec failures on CI
In case of bad usage of the HTTP/2 API, we don't want to close()
the stream but just fail the callback, because the stream
may be performing actions triggered by a legit API usage.
In case of a call to `AsyncListener.onError()`, applications may decide to call
AsyncContext.complete() and that would be a correct usage of the Servlet API.
This case was not well handled and was wrongly producing a WARN log with an
`IllegalStateException`.
Completely rewritten `HttpTransportOverHTTP2.TransportCallback`.
The rewrite handles correctly asynchronous failures that now are executed
sequentially (and not concurrently) with writes.
If a write is in progress, the failure will just change the state and at the
end of the write a check on the state will determine what actions to take.
A session failure is now handled in HTTP2Session by first failing all the
streams - which notifies the Stream.Listeners - and then failing the session
- which notifies the Session.Listener.
The stream failures are executed concurrently by dispatching each one to a
different thread; this means that the stream failure callbacks are executed
concurrently (likely sending RST_STREAM frames).
The session failure callback is completed only when all the stream failure
callbacks have completed, to ensure that a GOAWAY frame is processed after
all the RST_STREAM frames.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #4936 - Adding LargeHeaderTest to replicate issue
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4936 - Updating LargeHeaderTest to use ServerConnector
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4936 - Fail LargeHeaderTest if client detects issues.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4936 large response header buffer corruption
If the response buffer is too large, the header buffer was released
but not nulled, then an exception thrown, which again released the
not nulled buffer. The buffer thus ends up in the buffer pool twice!
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4936 large response header buffer corruption
removed old comment
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #4741 HttpServletMapping
This completes the refactoring started in #4851, using
the HttpServletMapping field to avoid having the servletPath field
in the Request and instead have a pathInContext field.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 HttpServletMapping
reverted ResourceService changes
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 HttpServletMapping
fixed gzip handler
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 HttpServletMapping
Fixed several TODOs left in the code
removed _contextPath field and used an attributes lookup for include
replaced setContextPaths with setContext
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 HttpServletMapping
Used the same pattern from the contextPath changes for servletPath and pathInfo. Now the servletPathMapping is always set on the request and only if the dispatch is an include do the effected methods look deeper for the source values.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 HttpServletMapping
Improved javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Optimisation for single context
It is a frequent deployment mode to have only a single context.
In that case, the ContextHandlerCollection can bypass a bit of
looping/matching/selecting and just call the single context,
which it works out itself anyway if the request applies to it.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Optimisation for single context
updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 - fixes to jetty implementation of HttpServletMapping
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* Issue #4741 - don't lazily generate HttpServletMapping to preserve servletName
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* Issue #4741 - tests should expect no leading / for matchValue
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* resolving TODOs from review
- removed pathSpec from Request
- getServletMapping moved to ServletHandler
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* Issue #4741 - only create HttpServletMapping for exact matches once
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* use wrapped attributes for async dispatch
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* Issue #4741 - Changes from review, revert async attribute wrapping
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* Issue #4741 - Changes from review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* Issue #4741 Async ServletMapping
Greatly increased the scope of this PR by combining the servletPath and
pathInfo into the ServletPathMapping class that implements the
HttpServletPathMapping interface. This allows us to greatly simplify
the matching of servlets and reduce the number of times we need to
actually to the match per request.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 Async ServletMapping
Fixed problems with previous commit
more cleanup of attributes in dispatcher.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 Async ServletMapping
More code cleanups
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 Async ServletMapping
Named dispatch cleanup
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 Async ServletMapping
misc cleanup
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 Async HttpServletMapping
Added tests for named dispatchers
Do not use ServletPathMapping for named dispatch
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 Async HttpServletMapping
renamed confusing isDefault method on ServletMapping
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 Async HttpServletMapping
simplified setAttribute
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 Async HttpServletMapping
added javadoc about AsyncAttributes
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4741 Async HttpServletMapping
Fixed javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>