bb24f0ff5c
Issue #5684 - Improve warning about DNS Hijacking during testing.
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-06-18 16:26:47 -05:00
704abc6271
Issue #5684 - more disabled test cleanup
...
+ Assumption based on existence of
possible DNS Hijacking
+ Alternate logic for client side
protocol and cipher suite mismatch
behavior on server side based
on client side protocol existence
of TLSv1.3
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-06-18 16:23:03 -05:00
738d3a9f80
Merge pull request #6420 from eclipse/jetty-9.4.x-minidev-version-bump
...
Bump (test scoped) net.minidev:json-smart version from 2.3 to 2.4.7
2021-06-17 07:44:45 -05:00
265886543f
QueuedThreadPool always interrupts threads in doStop
...
Fix #6400 QueuedThreadPool always interrupts threads in stop
Even if there is no timeout, always interrupt pool threads to attempt to stop them.
+ Refactored exit condition for Runner main loop to make it clearer that it always checks running status
+ More comments to explain counts
+ Fixed inner loop of ReservedThread to ensure it always checks running status
+ Adjusted timing of the test to make it less flakey. Still a worry!
2021-06-17 07:54:21 +10:00
b30fee93d5
Bump (test scoped) net.minidev:json-smart version from 2.3 to 2.4.7 due to security alert.
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-06-16 16:23:14 -05:00
ee2028ae62
Issue #6366 - document how set IdentityService for OpenID support
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-06-16 16:45:50 +10:00
f19b6fa5a3
#6379 : requeue at the tail to reduce contention + use a simpler concurrent queue implementation
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-06-10 12:54:58 +02:00
6ccf9b98de
Merge pull request #6378 from eclipse/jetty-9.4.x-CVE-2021-28169
...
Update VERSION.txt with CVE number. (Jetty-9.4)
2021-06-10 11:36:59 +10:00
0530c73877
Update VERSION.txt with CVE number.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-06-09 16:05:14 +10:00
5c130e400a
Updating to version 9.4.43-SNAPSHOT
2021-06-04 12:49:12 -05:00
5cd5e6d237
Updating to version 9.4.42.v20210604
2021-06-04 12:24:37 -05:00
9b6b95601d
Fixes #6330 - CustomRequestLog is missing HTTP version format option. ( #6361 )
...
Improved javadocs for %H.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-06-04 16:12:10 +02:00
40a9fa7995
Explain EatWhatYouKill naming ( #6342 )
...
Explained EatWhatYouKill naming.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-06-04 15:13:21 +02:00
2e7d17400f
Fixes #6323 - HttpClient requests with redirects gets stuck/never cal… ( #6334 )
...
Fixes #6323 - HttpClient requests with redirects gets stuck/never calls onComplete()
* Reworked the total timeout handling.
* Now a CyclicTimeouts handles the exchanges in each HttpDestination,
and a CyclicTimeouts handles the exchanges in each HttpConnection
(rather than in HttpChannel).
* Now adjusting the total timeout for copied requests generated by
redirects and authentication.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-06-03 15:20:42 +02:00
f902d12fe8
Fixes #5931 - SslConnection should implement getBytesIn()/getBytesOut(). ( #6335 )
...
* Fixes #5931 - SslConnection should implement getBytesIn()/getBytesOut().
Updated ConnectionStatistics to report both the stats of all connections,
and the stats grouped by connection class.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-06-03 11:57:10 +02:00
121d8c27ef
Merge pull request #6325 from eclipse/jetty-9.4.x-6287-WebSocketClientClassLoading
...
Issue #6287 - fix classloading for WebSocketClient in webapp
2021-06-03 15:22:05 +10:00
76f516263e
Issue #6118 Warn if hazelcast cfg file is missing SessionDataSerializer ( #6321 ) ( #6345 )
...
* Issue #6118 Warn if hazelcast cfg file is missing SessionDataSerializer
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-06-03 11:34:23 +10:00
8f0bb8149c
align names with jetty-10
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
01c35feb49
do not trim surefire stack trace
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
44bc0e80c0
add null check
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
20b618d3ac
add more add-opens to fix java 16 tests
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
59441bde87
add-opens for jdk16
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
b5833acf0f
add-opens for jdk16
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
29c534daca
add-opens to fix infinispan with java16
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-29 11:36:40 +10:00
fc2b666ad0
Updated CI builds to use Java 16.
...
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-29 11:36:40 +10:00
b90ac0ccae
Merge pull request #6308 from eclipse/jetty-9.4.x-MessageInputStreamBuffers
...
Ensure buffers are returned to pool by MessageInputStream
2021-05-28 11:28:50 +10:00
c2c5ec406f
Issue #5684 Re-enable ValidUrlRuleTest.test(In)ValidShamrock ( #6316 ) ( #6320 )
...
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-27 13:06:03 +10:00
cabb49a349
Release MessageInputStream buffer directly after it is fully consumed.
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-05-26 15:57:30 +10:00
816b326373
Issue #6287 - fix classloading for WebSocketClient in webapp
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-05-26 14:31:33 +10:00
5a5c0114a4
Issue #6287 - test classloader for WebSocketClient within webapp
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-05-26 10:47:31 +10:00
a5bd1ced8d
Issue #6138 Fix flakey DuplicateCookieTest ( #6307 ) ( #6315 )
...
* Issue #6138 Fix flakey DuplicateCookieTest
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-25 11:12:57 +10:00
6f148bb057
Issue #6268 Log max form size exceeded msg. ( #6301 )
...
* Issue #6268 Log max form size exceeded msg.
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-25 10:00:34 +10:00
487e4e4f36
Issue #6309 remove duplicate commented out session test ( #6310 ) ( #6318 )
...
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-25 09:57:59 +10:00
04df6d4ec2
Fixes #6276 - Support non-standard domains in SNI and X509. ( #6296 )
...
* Fixes #6276 - Support non-standard domains in SNI and X509.
Backported support for IP addresses in X509 (from #5379 ).
Introduced SslContextFactory.Client.SniProvider to allow applications to specify the SNI names to send to the server.
Improved logging of SNI processing.
Skip X509 matching over IP addresses when the host does
not look like an IP address, to avoid reverse DNS lookup.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-21 19:02:43 +02:00
90d90cb8f5
add jetty-9.4.41.v20210516 infos in VERSION.TXT ( #6300 )
...
* add jetty-9.4.41.v20210516 infos in VERSION.TXT
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* add missing issue #6280
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-21 12:12:15 +10:00
ea51ba43c9
Ensure buffers are returned to pool by MessageInputStream
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-05-21 10:59:12 +10:00
fabfa3832e
Issue #6291 Fix FileSessionDataStoreTest.testCleanOrphans ( #6292 ) ( #6299 )
...
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-20 10:31:00 +10:00
e69dff237d
fix maven warning with duplicate plugin declaration ( #6298 )
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-19 20:28:39 +10:00
b7b16a880b
review comment: improve readability
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-05-19 09:38:18 +02:00
593f4225f8
only release connection when channel got released to avoid double connection release race condition
...
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-05-19 09:38:18 +02:00
97a2a9993f
bump to next version 9.4.42-SNAPSHOT
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-18 13:06:42 +02:00
087f486b44
Issue #6277 Better handling of exceptions thrown in sessionDestroyed ( #6278 ) ( #6279 )
...
* Issue #6277 Better handling of exceptions thrown in sessionDestroyed
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-05-16 17:32:49 +10:00
edcaf70d9a
Copy ServletHolder class/instance properly during startWebapp ( #6214 )
...
ServletHolder.copyClassServlet() method added to correctly copy held class.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-05-16 11:28:22 +10:00
1c05b0bcb1
Fixes #6263 - Review URI encoding in ConcatServlet & WelcomeFilter.
...
Review URI encoding in ConcatServlet & WelcomeFilter and improve testing.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-12 17:13:30 +02:00
9cb93432b3
Issue #6205 - Fix serialization issues in OpenIdAuthenticator
...
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-05-12 17:06:38 +02:00
2e7f5ebd2b
Issue #6205 - Fix issues with OpenID redirecting to wrong URI ( #6211 )
...
Use the OpenID state param to map to the redirect URI.
2021-05-12 16:50:42 +02:00
88ac10439a
Issue #6254 - Total timeout not enforced for queued requests.
...
Updates after review.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-12 01:30:07 +02:00
da50e06b64
Fixes #6254 - Total timeout not enforced for queued requests.
...
Fixed logic in HttpDestination.RequestTimeouts, where now a timeout
is scheduled only when the expiration time is less than the existing one.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-12 01:30:07 +02:00
5f23689aa7
Issue #6254 - Total timeout not enforced for queued requests.
...
Various code cleanups.
Renamed HttpDestination.TimeoutTask to RequestTimeouts for clarity.
Improved javadocs, code comments and logging.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-05-12 01:30:07 +02:00
003c3134ca
upgrade h2spec-maven-plugin 1.0.5 ( #6247 )
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-05-11 09:31:32 +10:00
Joakim Erdfelt
Greg Wilkins
Lachlan Roberts
Ludovic Orban
Simone Bordet
Jan Bartel
olivier lamy