Commit Graph

15145 Commits

Author SHA1 Message Date
Greg Wilkins 71b775724f work in progress of fine grained compliance
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2017-12-16 17:15:37 +01:00
Simone Bordet ce4fad3deb Fixes #2065 - Backport #347 to Jetty 9.2.x. 2017-12-15 17:48:47 +01:00
Greg Wilkins c6c5a3b890 Merge branch 'issue-2022' of https://github.com/Baqend/jetty.project into jetty-9.4.x-2022-FineGrainedComplianceModes 2017-12-15 16:19:14 +01:00
fb 7ee8bb82c6 Same code style fixes and remove unnecessary code reformatting
Signed-off-by: fb <fb@baqend.com>
2017-12-15 15:23:17 +01:00
fb a324a5ad77 Implement weak http header parsing and make the compliance mode configurable in the client
Signed-off-by: fb <fb@baqend.com>
2017-12-15 15:13:48 +01:00
fb b76240e678 Fixes #2022 - Ignore invalid chars in http header names, when the compliance mode is not RFC7230
Signed-off-by: fb <fb@baqend.com>
2017-12-15 15:12:34 +01:00
WalkerWatch 48a4db637f Issue #2039 - Added link to related documentation 2017-12-14 13:38:02 -05:00
Simone Bordet d3db89d7e3 Fixes #2019 - Expose HttpClientTransport in JMX.
Added missing @ManagedObject annotation to AbstractConnectorHttpClientTransport.

Also exported to JMX the "multiplexed" attribute for the FCGI transport
and the "useALPN" attribute for the HTTP/2 transport.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-14 12:28:46 +01:00
Simone Bordet ba5ed4c6ce Issue #2050 - Clarify ObjectMBean getObject[Name|Context]Basis() methods.
Clarified the role of the HttpClient name with respect to JMX.
Improved test case.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-14 11:24:43 +01:00
Simone Bordet f2bf3d63bc Fixes #2020 - Introduce a name for `HttpClient` instances.
Added HttpClientMBean, and overridden getObjectContextBasis() so that
the HttpClient name is inherited by children components such as the
HttpClientTransport, the ThreadPool, etc.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-14 11:24:43 +01:00
Jan Bartel 18cd1fb8df
Issue #2057 Add conscrypt test in osgi (#2058)
Signed-off-by: Jan Bartel <janb@webtide.com>
2017-12-14 09:48:12 +01:00
Jan Bartel eebe139494
Jetty 9.4.x 2043 concurrentmodification annotation parsing (#2052)
* Issue #2043 Fix ConcurrentModificationException listing duplicate class scanning

Signed-off-by: Jan Bartel <janb@webtide.com>
2017-12-14 09:45:29 +01:00
Greg Wilkins 8660055574
Issue #2010 Support FIPs Key Managers (#2044)
Issue #2010 Support FIPs Key Managers, by only wrapping the default Key Manager if we have wildcard CN's or more than 1 non wild CN.  FIPs users will need to install a
keystore than has no multiple certificates than can only be resolved by SNI. They will also need to have no certificate aliases.

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2017-12-14 00:15:58 +01:00
WalkerWatch ce819b5430 Issue #2039 - Updated documentation examples. 2017-12-13 11:37:00 -05:00
Jan Bartel 8665348258
Issue #2015 add osgi headers for alpn conscrypt (#2027)
* Issue #2015 add osgi headers for alpn conscrypt

Signed-off-by: Jan Bartel <janb@webtide.com>
2017-12-13 14:55:34 +01:00
Jan Bartel f21fb5d6d9
Issue #2030 fix NPE in AnnotationConfiguration with debug enabled (#2031)
* Issue #2030 fix NPE in AnnotationConfiguration with debug enabled

Signed-off-by: Jan Bartel <janb@webtide.com>
2017-12-13 11:04:55 +01:00
Jan Bartel 2df07f29e9
Jetty 9.4.x 2016 openjdk8 osgi headers (#2026)
* Issue #2016 Add osgi headers for openjdk8 alpn and add tests for http2 in osgi

Signed-off-by: Jan Bartel <janb@webtide.com>
2017-12-13 10:38:13 +01:00
Simone Bordet bb4115abf2 Fixes #2050 - Clarify ObjectMBean getObject[Name|Context]Basis() methods.
Updated the class with better formatting, added javadocs, updated old
javadocs, removed warnings, etc.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-12 19:31:28 +01:00
Simone Bordet 1466aa1f75 Fixes #2017 - Documentation on ALPN needs updating. (#2045)
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-12 12:17:51 -05:00
WalkerWatch 6b93a8ec9d Issue #2039 - Additional documentation. Resolves #2039. 2017-12-12 10:39:33 -05:00
Jan Bartel c5ffca0c75 Issue #2028 Adding osgi headers for service to alpn-java client and server
Signed-off-by: Jan Bartel <janb@webtide.com>
2017-12-12 06:18:44 -08:00
Zachary Duquette 65fdec0bd7 Configure jetty start timeout using JETTY_START_TIMEOUT
Signed-off-by: Zachary Duquette <zachary.duquette@eidosmontreal.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2017-12-11 12:49:50 +01:00
mhow2 a5db14d0d9 Update jetty.sh (#1890)
Real for loop. Easy to modify in case it's needed to wait longer for jetty to start (from mhow2)
2017-12-11 12:44:35 +01:00
Simone Bordet f30c02fa45 Issue #2037 - HTTP/2 stream reset leaves stream frames in the flusher.
Simplified stream staleness checks.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-11 11:50:18 +01:00
Simone Bordet d88e2b767f Fixes #2037 - HTTP/2 stream reset leaves stream frames in the flusher.
Now waking up the flusher via iterate() after a reset has been received.
This ensures that frames that may have stalled are removed from the
flusher queue.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-11 10:57:13 +01:00
Simone Bordet 6b7f906f9d Fixes #2034 - Improve HTTP2Session dump.
Now the session also dumps the flusher and all the streams.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-07 22:40:57 +01:00
Simone Bordet 22308e3c1d Fixes #2035 - FlowControlStrategy keeps around reset streams.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-07 22:40:57 +01:00
WalkerWatch 3abbcbde65 Documentation - added note about DIGEST and MD5 2017-12-07 14:47:11 -05:00
Simone Bordet 158f90bc9e Fixes #2033 - Improve HTTP/2 session and stream stall times report.
Now including both the past and the current stall times.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-07 19:21:47 +01:00
Greg Wilkins 6ca975a1aa ignore bad timestamp 2017-12-07 12:25:02 +01:00
WalkerWatch e82649bf9d Issue #1993 - Updated maven doc. Resolves #1993. 2017-12-06 08:56:07 -05:00
Greg Wilkins 5ce07dddd6
#2006 Use a NOOP to allow unhandle to cope with stolen read (#2009)
#2006 Use a NOOP to allow unhandle to cope with stolen read

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2017-12-02 12:14:43 +01:00
Greg Wilkins 15c0f79593
Issue #1614 made authentication extensible in request log (#2004)
Issue #1614 made authentication extensible in request log (#2004)
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2017-12-02 10:00:39 +01:00
Simone Bordet 2067eac701 Issue #2003 - Do not submit blocking tasks as managed selector actions.
CreateEndPoint and DestroyEndPoint are now submitted directly to
the Executor, rather than being submitted as selector actions.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-12-02 00:28:20 +01:00
Jan Bartel b1c80ba231
Issue #1986 ServletContextHandler.Context addListener() methods support session listeners (#2000)
* Issue #1986 Support session listeners in ServletContextHandler.addEventListener method.

Signed-off-by: Jan Bartel <janb@webtide.com>
2017-11-30 15:03:37 +01:00
Greg Wilkins d4061fcfeb
Issue #1966 Case Sensitive method (PR #1967)
Issue #1966 Case Sensitive method (PR #1967)

* Modified the compliance violations to warn if case insensitivety is applied to a header
* removed duplicated if
* Fixed string comparison
* Improved compliance messages and comments
* updated expected violation messages
* Require a header colon only when in 7230 compliance mode
2017-11-29 18:56:54 +01:00
Joakim Erdfelt 70fe268bde Merge branch 'release-9.4.8' into jetty-9.4.x 2017-11-29 10:52:02 -07:00
Joakim Erdfelt aeb1a1d6cd Merge tag 'jetty-9.4.8.v20171121' into jetty-9.4.x
Tag for release: jetty-9.4.8-SNAPSHOT

 + 212 HttpClient should support pluggable AuthenticationStore
 + 215 Add Conscrypt for native ALPN/TLS/SSL
 + 272 WebSocket hangs in blockingWrite
 + 487 JDK 9 build compatibility
 + 901 Overriding SSL context KeyStoreType requires explicit override of
   TrustStoreType
 + 922 Implements methods Connection.getBytes[In|Out]()
 + 1209 IllegalStateException when HTTP/2 push is disabled
 + 1213 Upgrade to ASM Version 6.0 for JDK9
 + 1509 Improve GZIPContentDecoder buffer pooling sizing
 + 1550 Resolve inconsistent Shutdown configuration with Jetty Runner
 + 1640 Introduce :run-distro goal for local jetty distribution deployment
 + 1692 Annotation scanning should ignore `module-info.class` files
 + 1696 Missing stacktraces on debug of WriteFlusher onFail
 + 1705 Rejected executions in QueuedThreadPool can lead to memory leaks
 + 1760 Update to apache jasper 8.5.20
 + 1768 Allow jetty properties to be set for the jetty:run-forked goal
 + 1782 Using assembly.tarLongFileMode=posix for jetty-home and
   jetty-distribution assembly
 + 1797 JEP 238 - Multi-Release JAR files break bytecode scanning
 + 1806 Improved ReservedThreads idle timeout
 + 1807 Add new HttpChannel listener and events for metrics libraries
 + 1814 Move JavaVersion to jetty-util for future Java 9 support requirements
 + 1818 Improve Infinispan support on JDK 9
 + 1819 Race condition during annotation parsing
 + 1823 ResourceHandler with ranged requests does not return Content-Type
   response header
 + 1829 OSGi webbundle classes scanned twice
 + 1833 Request.startAsync requires context path
 + 1835 Locker is not reentrant on ServerConnector#setConnectionFactories
 + 1836 Migrate Locker implementation to JVM ReentrantLock implementation
 + 1841 Reduce contention on ServletHolder
 + 1845 Allow null User-Agent in HttpClient
 + 1849 Refactoring of SelectorManager.defaultSchedulers()
 + 1851 Improve insufficient thread warnings/errors
 + 1854 Consistent IOException and timeout handling when extracting form
   parameters
 + 1856 ResourceHandler without ServletContext throws NPE for welcome files if
   used directly
 + 1857 GZIPContentTransformer fails to send entire message if used with
   BufferedContentTransformer
 + 1865 Improve Exception on invalid redirect usage
 + 1867 Improve Exception thrown during Expect 100 Continue
 + 1868 Need a way to randomly select ports for tests
 + 1871 JMXify SslContextFactory
 + 1878 Handle 100 Continue response without Expect header
 + 1879 'Bad tld url' seen during :jetty-run when running integration tests
 + 1881 Improve support of WebSocket over Unix Domain Socket
 + 1885 SessionHandler get/set maxInactiveInterval is not symmetric with
   negative values
 + 1888 Implement cookie matching on Path attribute per RFC 6265
 + 1891 Make HTTP/2 async error notifications configurable
 + 1892 NPE resulting from bad JEP 238 MultiReleaseJarFile structure
 + 1893 Add ability to set HttpClient Connection TTL
 + 1897 Introduce a round-robin connection pool for HttpClient
 + 1900 Update to CDI 2.0 for cdi module
 + 1901 Reimplement PathWatcher as scanner
 + 1909 Update to Apache Jasper 8.5.23
 + 1910 Remove unused jetty-jsp module
 + 1912 AbstractConnector EndPoint leak for failed SSL connections
 + 1914 HttpClient fails to parse Content-Type response header with RFC 2045
   charset="utf-8" syntax
 + 1919 Review LowResourceMonitor
 + 1920 Connect Timeouts with NonBlocking CreateEndPoint
 + 1924 ManagedSelector can livelock under high load
 + 1931 Expose RolloverOutputStream for pluggable behaviour
 + 1933 Use CLASSPATH for scanning java9 system classes
 + 1956 Store and report build information of Jetty
 + 1958 Blocking Timeout has different behavior in HttpInput vs HttpOutput
 + 1970 ManagedSelector can lose selector thread under high concurrent load
 + 1980 PushCacheFilter does not push TLS offloaded HTTP/2 requests
 + 1981 Loading resource content failed
 + 1984 Remove jetty-client dependency in jetty-rewrite
2017-11-29 10:51:22 -07:00
Greg Wilkins 6541848f28
PR #1987 AsyncICB need not execute
PR #1987  AsyncICB need not execute

The HttpOutput AsyncICB is a blocking callback, thus it is always executed and
never runs in the selector thread. It thus does not need to execute its call
the Channel.handle

* HTTP/2 must execute async callbacks
* AsyncICBr need not execute
* Invert the sense of the fix.  AsyncICB now executes, but is flagged as a non-blocking callback.
* removed import

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2017-11-29 18:48:55 +01:00
Simone Bordet 4ca0a63e58 Issue 1830 - Document Conscrypt SSL. (#2001)
Updated references to Conscrypt 1.0.0.RC11.
Used "default" rather than "native" for the JSSE docs.
Changed "two-way authentication" to "client certificate authentication".

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-11-28 17:23:18 -05:00
Simone Bordet 31e5531966 Small optimization when starting reserved threads.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2017-11-28 22:09:45 +01:00
WalkerWatch 00d977d5d5 Merge branch 'jetty-9.3.x' into jetty-9.4.x 2017-11-28 14:08:50 -05:00
WalkerWatch aecf4b389b Remove NPN documentation. Resolves #1999 2017-11-28 14:08:21 -05:00
Greg Wilkins 54bf9b56bf Issue #1770 NPE protection in SniX509EKM chooseServerAlias
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2017-11-24 08:18:24 +01:00
Jan Bartel 375d7aa8da
Merge pull request #1985 from adamretter/hotfix/FormAuthenticator-session
Remove unnecessary session creation in FormAuthenticator
2017-11-23 12:58:07 +01:00
WalkerWatch 9e891a4ceb Cleaned up examples for #1830. 2017-11-22 13:39:23 -05:00
Simone Bordet d285c718b9 Issue #1901 - Reimplement PathWatcher as scanner.
Ignored PathWatcherTest because it is unstable and often fails in Jenkins.
2017-11-22 18:58:22 +01:00
Jan Bartel 7a795c9e31 Merge remote-tracking branch 'origin/jetty-9.3.x' into jetty-9.4.x 2017-11-22 13:58:52 +01:00
Jan Bartel 7f6e2e8dd0 Issue #1933
Cherry-pick of 29373c6 and 44d170e
2017-11-22 13:53:38 +01:00
Jan Bartel 8e6605a681 Issue #1817 2017-11-22 13:01:31 +01:00