Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
19,010 Commits 67 Branches 465 Tags 359 MiB
Commit Graph

19010 Commits

Author SHA1 Message Date
dependabot[bot] 822193cd6c
Bump openpojo from 0.8.13 to 0.9.1 (#6708) 
Bumps [openpojo](https://github.com/OpenPojo/openpojo) from 0.8.13 to 0.9.1.
- [Release notes](https://github.com/OpenPojo/openpojo/releases)
- [Changelog](https://github.com/OpenPojo/openpojo/blob/master/doc/release_steps.txt)
- [Commits](https://github.com/OpenPojo/openpojo/compare/openpojo-0.8.13...openpojo-0.9.1)

---
updated-dependencies:
- dependency-name: com.openpojo:openpojo
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-09-09 09:34:14 -05:00
dependabot[bot] 36a5e49f48
Bump hazelcast.version from 3.12.10 to 3.12.12 (#6746) 
* Bump hazelcast.version from 3.12.10 to 3.12.12

Bumps `hazelcast.version` from 3.12.10 to 3.12.12.

Updates `hazelcast` from 3.12.10 to 3.12.12
- [Release notes](https://github.com/hazelcast/hazelcast/releases)
- [Commits](https://github.com/hazelcast/hazelcast/compare/v3.12.10...v3.12.12)

Updates `hazelcast-client` from 3.12.10 to 3.12.12

---
updated-dependencies:
- dependency-name: com.hazelcast:hazelcast
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: com.hazelcast:hazelcast-client
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* update mod files as well

Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Olivier Lamy <oliver.lamy@gmail.com>
 2021-09-09 17:16:54 +10:00
dependabot[bot] 07e1780ec6
Bump jmh.version from 1.26 to 1.33 (#6739) 
Bumps `jmh.version` from 1.26 to 1.33.

Updates `jmh-core` from 1.26 to 1.33

Updates `jmh-generator-annprocess` from 1.26 to 1.33

---
updated-dependencies:
- dependency-name: org.openjdk.jmh:jmh-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.openjdk.jmh:jmh-generator-annprocess
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-09-09 14:04:45 +10:00
dependabot[bot] 43d71941f8
Bump flatten-maven-plugin from 1.2.5 to 1.2.7 (#6713) 
Bumps [flatten-maven-plugin](https://github.com/mojohaus/flatten-maven-plugin) from 1.2.5 to 1.2.7.
- [Release notes](https://github.com/mojohaus/flatten-maven-plugin/releases)
- [Commits](https://github.com/mojohaus/flatten-maven-plugin/compare/flatten-maven-plugin-1.2.5...flatten-maven-plugin-1.2.7)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:flatten-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-09-08 12:41:11 -05:00
dependabot[bot] 43aab56ebb
Bump maven-gpg-plugin from 1.6 to 3.0.1 (#6716) 
Bumps [maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) from 1.6 to 3.0.1.
- [Release notes](https://github.com/apache/maven-gpg-plugin/releases)
- [Commits](https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-1.6...maven-gpg-plugin-3.0.1)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-gpg-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-09-08 14:29:06 +10:00
dependabot[bot] b4dcfdb223
Bump h2spec-maven-plugin from 1.0.5 to 1.0.7 (#6709) 
Bumps [h2spec-maven-plugin](https://github.com/jetty-project/h2spec-maven-plugin) from 1.0.5 to 1.0.7.
- [Release notes](https://github.com/jetty-project/h2spec-maven-plugin/releases)
- [Commits](https://github.com/jetty-project/h2spec-maven-plugin/compare/h2spec-maven-plugin-1.0.5...h2spec-maven-plugin-1.0.7)

---
updated-dependencies:
- dependency-name: org.mortbay.jetty:h2spec-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-09-08 14:19:22 +10:00
dependabot[bot] 00abb62fea
Bump maven-project-info-reports-plugin from 3.1.1 to 3.1.2 (#6704) 
Bumps [maven-project-info-reports-plugin](https://github.com/apache/maven-project-info-reports-plugin) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/apache/maven-project-info-reports-plugin/releases)
- [Commits](https://github.com/apache/maven-project-info-reports-plugin/compare/maven-project-info-reports-plugin-3.1.1...maven-project-info-reports-plugin-3.1.2)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-project-info-reports-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-09-08 13:54:05 +10:00
Lachlan 4fd1a4ea4b
Merge pull request #6691 from eclipse/jetty-9.4.x-6554-DefaultIdentityService 
Issue #6554 - create the DefaultIdentityService even if no realmName is provided
 2021-09-03 10:15:58 +10:00
Lachlan Roberts 7e91d34177 Issue #6554 - create the DefaultIdentityService even if no realmName is provided 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-09-02 12:12:51 +10:00
Simone Bordet 525fcb3119
Fixes #6603 - HTTP/2 max local stream count exceeded (#6639) 
Made MAX_CONCURRENT_STREAMS setting work on a per-connection basis.
Updated Pool javadocs.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
 2021-08-30 16:00:15 +02:00
Jan Bartel ef95c9b3ad
Issue #6671 Update to apache jsp 8.5.70 (#6676) 
Signed-off-by: Jan Bartel <janb@webtide.com>
 2021-08-30 12:24:40 +10:00
Joakim Erdfelt 59b21557a7
Build on jdk17 now. (#6675) 
* Build on jdk17 now.
* Bump spotbugs to 4.3.0

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-08-28 07:10:26 -05:00
Simone Bordet 05c08e1602 Backport from 10.0.x of the changes using Awaitility. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2021-08-25 17:08:06 +02:00
Simone Bordet 1b79fcee94
Made `BlockedWritesWithSmallThreadPoolTest` more reliable. 
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2021-08-25 12:39:06 +02:00
Simone Bordet 9897c1b06e Fixes #6646 - SmallThreadPoolLoadTest on windows flaky. 
Fixed occurrences of Callbacks that did not override getInvocationType() to properly declare whether they block or not.

Added test case for blocking writes for both client and server.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2021-08-25 10:45:16 +02:00
Lachlan f9bb80aa96
Merge pull request #6659 from eclipse/jetty-9.4.x-6568-SecurityHandler-isAuthMandatory 
Issue #6553 - give 401 response if UNAUTHENTICATED and auth is mandatory (9.4)
 2021-08-25 13:53:55 +10:00
Simone Bordet b2a023675c
Fixes #6652 - Improve ReservedThreadExecutor dump. (#6653) 
Fixes #6652 - Improve ReservedThreadExecutor dump.

Filtering out non-reserved threads in dump() and doStop().

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
 2021-08-24 23:12:08 +02:00
Lachlan Roberts a575607284 Issue #6553 - give 403 response if UNAUTHENTICATED and auth is mandatory 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-08-24 15:48:03 +10:00
Lachlan 3de9d3428e
Merge pull request #6643 from eclipse/jetty-9.4.x-6617-openidBasicAuth 
Issue #6617 - add support for the client_secret_basic authentication method (jetty-9.4)
 2021-08-19 16:18:55 +10:00
Lachlan Roberts 11c8ea0fa2 Issue #6617 - change jetty property name to jetty.openid.authMethod 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-08-19 09:59:59 +10:00
Lachlan Roberts 604f6b3f82 Use correct auth method string in OpenIdConfiguration default constructor 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-08-19 09:59:36 +10:00
Lachlan Roberts 84a122f524 Issue #6617 - add support for the client_secret_basic authentication method 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-08-19 09:57:57 +10:00
Lachlan b848c87a40
Merge pull request #6636 from eclipse/jetty-9.4.x-6618-OpenID-audArray 
Issue #6618 - azp claim should not be required for single value aud array (jetty-9.4)
 2021-08-19 09:36:42 +10:00
Simone Bordet 693663a4ce Fixes #6624 - Non-domain SNI on java17 
Java 17 only allows letter|digit|hyphen characters for SNI names.

While we could bypass this restriction on the client, when the SNI bytes arrive to the server they will be verified and if not allowed the TLS handshake will fail.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2021-08-18 17:07:20 +02:00
Lachlan Roberts c20be7da4d Fix licence header. 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-08-18 12:52:54 +10:00
Lachlan Roberts 3e6446ef4a Issue #6618 - Use a new OpenIdCredentials constructor instead of static method. 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-08-18 11:36:05 +10:00
Lachlan Roberts 61f7e57217 Issue #6618 - azp claim should not be required for single value aud array 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-08-18 11:35:48 +10:00
Greg Wilkins ac73b3aa20
Disable ipv6 test for #6624 (#6625) 
Temp disable of test that is breaking the build.
 2021-08-17 14:07:33 +10:00
Greg Wilkins a3f7747b35
Fix flaky test from #6562/#6563 (#6628) 
Fix flaky test from #6562
Disable ipv6 test for #6624
 2021-08-17 14:06:25 +10:00
Simone Bordet 569455c4a4 Fixes #6372 - Review socket options configuration. 
Made HTTP2Client.tcpNoDelay configurable.
Fixed copying of configuration in HttpClientTransportOverHTTP2.
Added test case for bindAddress.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2021-08-13 15:08:24 +02:00
Ludovic Orban cbc814e763 #6605 rename test 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2021-08-13 14:59:19 +02:00
Ludovic Orban 4857372245 #6605 testEmptyBufferKnown: make sure the assertion does not happen before the committed flag is read 
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
 2021-08-13 14:59:19 +02:00
Joakim Erdfelt 2032a43943
Merge pull request #6596 from eclipse/jetty-9.4.x-dep-upgrade-ant 
Upgrade ant to 1.10.11
 2021-08-11 06:32:53 -05:00
Joakim Erdfelt 014011b37f
Upgrade ant to 1.10.11 
Addresses CVE-2021-36373 and CVE-2021-36374

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-08-10 07:55:45 -05:00
Simone Bordet 784293aa6d Fixes #6369 - Increment default jetty.http2.rateControl.maxEventsPerSecond 
Incremented rateControl.maxEventsPerSecond to 50.
Fixed mistakes in the http2c module.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2021-08-06 19:07:58 +02:00
Greg Wilkins fc0a4dc141
Fixed racy test (#6584) 
Signed-off-by: Greg Wilkins <gregw@webtide.com>
 2021-08-04 14:25:07 +10:00
Simone Bordet 342396c7ee
Issue #6558 - improved json array converter (#6571) 
Fixes #6558 - Allow configuring return type in JSON array parsing.

Introduced `arrayConverter` in both JSON and AsyncJSON.Factory.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
 2021-08-03 17:09:28 +02:00
Joakim Erdfelt 51e6335c7a
Merge pull request #6572 from eclipse/jetty-9.4.x-windows-test-overhaul 
Issue #5684 - windows test overhaul
 2021-08-03 07:45:27 -05:00
Greg Wilkins 5c013a5a0b
Fix #6562 last written bytebuffer (#6563) 
Fixes #6562 the last written bytebuffer calculation.
Also fixed an associated issue with unnecessary flush of an empty when last calculation already signalled last.
 2021-08-03 12:30:09 +10:00
Joakim Erdfelt 242f6621ae Issue #5684 - Fixing DeploymentTempDirTest 
Using unique workdir per testcase.
Don't expect to delete between tests (not supported on windows due to file locking anyway)

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-08-02 09:15:09 -07:00
Joakim Erdfelt 1c16aa8993 Issue #5684 - Disable ConcurrentStreamCreationTest 
+ Not possible to create all of these streams.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-08-02 07:31:09 -07:00
Joakim Erdfelt 60bfc75ce4 Issue #5684 - Disabled TLSv1.3 tests on windows 
If we restrict to TLSv1.2 this passes.

But on TLSv1.3 is a behavior differences between Linux and Windows.

On Linux TLSv.13 on client side will always return a
javax.net.ssl.SSLHandshakeException in those test cases that expect it.

However, on Windows, Only the TLSv1.2 implementation will return a javax.net.ssl.SSLHandshakeException,

All other TLS versions will result in a
javax.net.ssl.SSLException: Software caused connection abort: recv failed

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-08-02 06:54:49 -07:00
Joakim Erdfelt 18f32da373 Issue #5684 - make test less strict due to system speed issues 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-08-02 05:06:37 -07:00
Joakim Erdfelt 93e47a6a66 Issue #5684 - increase timeout 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-08-02 05:06:06 -07:00
Joakim Erdfelt 75c7ce200c Issue #5684 - if unable to start, the stop shouldn't fail 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-08-02 05:05:50 -07:00
Joakim Erdfelt 500e6f2762 Issue #5684 - scan interval is variable on windows 
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-08-02 05:05:32 -07:00
Joakim Erdfelt fb1c85496c Issue #5684 - Restrict behaviors to TLSv1.2 
+ Windows TLS behaviors between
  OpenJDK 8 and OpendJDK 11
  and even between TLS versions
  make the test unreliable.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-07-30 15:03:03 -07:00
Joakim Erdfelt 87912d8852 Issue #5684 - Window's test overhaul 
+ Cleanup FileBufferedResponseHandlerTest expectations on Windows.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
 2021-07-30 11:04:13 -07:00
Lachlan 9705e05bb5
Merge pull request #6560 from eclipse/jetty-9.4.x-CVE-2021-34429 
Update VERSION.txt with CVE-2021-34429 (Jetty-9.4)
 2021-07-30 17:47:34 +10:00
Lachlan Roberts 25dafa6d7a Update VERSION.txt with CVE-2021-34429. 
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
 2021-07-29 15:04:20 +10:00