Commit Graph

3639 Commits

Author SHA1 Message Date
Joakim Erdfelt ca3c1756ad
Updating to version 10.0.16-SNAPSHOT 2023-04-11 13:23:25 -05:00
Joakim Erdfelt 68017dbd00
Updating to version 10.0.15 2023-04-11 12:24:32 -05:00
Simone Bordet 2c61011de1
Fixes #6184 - JEP-411 will deprecate/remove the SecurityManager from … (#9616)
* Fixes #6184 - JEP-411 will deprecate/remove the SecurityManager from the JVM.

Removed usages of `SecurityManager` and `AccessControlller.doPrivileged()`.
In places where they are still necessary, now using reflection via newly introduced `SecurityUtils` class.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2023-04-06 10:59:02 +02:00
Joakim Erdfelt 3e42cbfd7b
Fixes #9556 - Better prompt for input on Password (#9557)
* Fixes #9556 - Better prompt for input on Password
* Allow blank username (results in no CRYPT output)
* Error on blank password during input
* Fixing PasswordTest.testCommandLineUsage
* Changes from review

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-04-05 16:02:01 -05:00
Ludovic Orban 9ff24ea443 #9622 replace wait loops with awaitility and ensure the tested values are stable for a certain duration
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2023-04-05 18:52:05 +02:00
dependabot[bot] 3d38990db8
Bump maven-scm-provider-jgit from 1.13.0 to 2.0.0
Bumps maven-scm-provider-jgit from 1.13.0 to 2.0.0.

---
updated-dependencies:
- dependency-name: org.apache.maven.scm:maven-scm-provider-jgit
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-01 01:00:07 +00:00
Simone Bordet 278ec1be69
Fixes #9237 - Decouple QTP idleTimeout from pool shrink rate. (#9498)
Introduced `QueuedThreadPool.maxEvictCount` to be the number of idle threads that are evicted in one idle timeout.

When set to 1 (the default), the old behavior is reproduced: expiring 1 thread every idle timeout.
When set to larger values, allows to keep around the threads for the idle timeout (in case of further load spikes), but allows to quickly recover OS memory when they are truly idle.

For example, with 2000 threads, 30 seconds idle timeout and idleTimeoutMaxShrinkCount=1, it will take 995 minutes (about 16.5 hrs) to shrink the pool back to 10 threads.
By setting idleTimeoutMaxShrinkCount=100, the thread pool can be shrunk to 10 threads in about 10 minutes.

Note also that the new algorithm is more aggressive at shrinking the thread pool.
Previously, a small load might have been sufficient to never evict any thread, because all threads could take turns at executing jobs so that threads were mostly idle but would never really idle time out.
The new algorithm is more aggressive even in presence of a small load, so that if `minThreads` are sufficient to cope with the small load, then the other threads are evicted.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: gregw <gregw@webtide.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
2023-03-31 15:36:34 +02:00
Olivier Lamy e62cc0344a Updating to version 10.0.15-SNAPSHOT 2023-03-01 18:55:10 +10:00
gregw 7a7d69a69f Happy no year
Remove modification date from copyright notice and instead just have the
project inception year.

Signed-off-by: gregw <gregw@webtide.com>
2023-02-15 15:22:32 +11:00
Dominik Zöchbauer 40f7fc8510
Issue #7650 - Fix race condition when stopping QueuedThreadPool (#9325)
* Issue #7650 - Fix race condition when stopping QueuedThreadPool

Signed-off-by: Dominik Zöchbauer <dominik@zoechbauer.info>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2023-02-08 10:27:14 +01:00
Joakim Erdfelt 016de2faeb
Jetty 10 - Configurable Unsafe Host Header (#9283)
* Adding HttpCompliance.DUPLICATE_HOST_HEADERS
  + Optional compliance that allowance duplicate host headers.
* Adding HttpCompliance.UNSAFE_HOST_HEADER
  + Optional compliance that allows unsafe host headers.
* Adding warning logging for bad Host / authority situations

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-02-03 08:30:07 -06:00
dependabot[bot] ca19b143a9
Bump maven.surefire.plugin.version from 3.0.0-M5 to 3.0.0-M8 (#9255) 2023-02-02 04:15:39 +00:00
Joakim Erdfelt b01bcdc4bd
Improve `IncludeExcludeSet` testing (#9071)
* Improve IncludeExcludeSet testing

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-12-20 11:43:07 -06:00
Greg Wilkins d24a521930
Serialize onCompleteFailure for #9059 (#9062)
Serialize onCompleteFailure for #9059

* Fixed case where process() throws an exception.
   Before, exiting the processing loop would always skip to invoke onCompleteFailure(), causing the callback to not be completed.
   Now we fall through and possibly invoke onCompleteFailure() if it was not already invoked.

* Updated javadocs.

* Code cleanups.

Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2022-12-17 09:43:07 +11:00
Joakim Erdfelt 54c4c03244
Updating to version 10.0.14-SNAPSHOT 2022-12-07 14:33:17 -06:00
Joakim Erdfelt 1c2636ea05
Updating to version 10.0.13 2022-12-07 14:12:50 -06:00
Joakim Erdfelt 7e1de8b1e2
Issue #8973 - Rework KeyStoreScanner handling for symlink related changes (#9014)
* Issue #8973 - Rework KeyStoreScanner handling for symlink related changes

+ Removed changes from #8786 and #8787
+ More test cases
+ revert jetty.sslContext.reload.followLinks boolean
+ Scanner should follow its own linkOptions setting
+ remove bad documentation in module-ssl-reload.adoc

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
2022-12-07 09:24:19 -06:00
Simone Bordet 83154b4ffe
Fixes #8863 - Provide a possibility to name virtual threads (#8903)
* Fixes #8863 - Provide a possibility to name virtual threads

Reworked the VirtualThreads APIs to be based on `Executor` rather than just `boolean`.
Introduced Jetty module `threadpool-virtual-preview`.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-11-21 15:39:54 +01:00
Simone Bordet 051588d45b
Fixed javadoc typo.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-11-10 16:21:24 +01:00
Lachlan 690220fc40
Merge pull request #8787 from eclipse/jetty-10.0.x-8786-KeyStoreScanner-Symlink
Issue #8786 - add configuration for KeyStoreScanner to not resolve aliases
2022-11-10 17:17:59 +11:00
Joakim Erdfelt 793bee9e14
Issue #8716 - Handle bad host/authority headers better (#8717)
* Issue #8716 - Handle bad host/authority headers better
* Remove extra `Host` header in testcase that doesn't deal with bad Host headers
* Create URIUtil.isRegName
* Correcting HostPortTest.testValidAuthority
* Correcting RequestTest.testInvalidHostHeader
* Remove clonable, set to final

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-11-08 18:08:20 -06:00
Lachlan Roberts 0a14cca307 changes from review - rename resolveAlias to followLinks
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-11-03 20:37:55 +11:00
Lachlan Roberts 8607e3ef15 changes to ssl-reload module & documentation from review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-11-03 18:54:53 +11:00
Lachlan Roberts 4d15593d63 Issue #8786 - add configuration for KeyStoreScanner to not resolve aliases
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-10-31 14:39:32 +11:00
Olivier Lamy dbd07146ec
merge back release branch to bump version to 10.0.13-SNAPSHOT (#8593)
* Updating to version 10.0.12

* Updating to version 10.0.13-SNAPSHOT

* VERSION.TXT =+ content of jetty-9.4.49.v20220914 release

* remove strange line and reorder
2022-09-16 19:50:12 +10:00
Simone Bordet 77ad0189ba
Fixes #8532 - Review System.nanoTime() usages. (#8535)
* Fixes #8532 - Review System.nanoTime() usages.

Introduced o.e.j.util.NanoTime class to deal with nanoTimes.

Now NanoTime.now() should be used instead of System.nanoTime(),
and various <unit>[elapsed|since|until]() methods to calculate nanoTimes.

Furthermore, comparing 2 nanoTimes should be done via isBefore(),
rather than using the < operator, which is wrong as specified in
the System.nanoTime() javadocs.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-09-06 09:30:02 +02:00
Ludovic Orban de13ceff36 Fixes #8493: RemoveIdleDestinations's race condition and improve logging.
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2022-09-01 14:45:41 +02:00
Simone Bordet 6f0623f48d
Fixes #8007 - Support Loom. (#8465)
Now using Executors.newVirtualThreadPerTaskExecutor() to execute
tasks, so the executor is tracked by the runtime for thread dumps, etc.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-08-15 17:17:35 +02:00
Simone Bordet be3d16bdbb
Fixes #8007 - Support Loom. (#8360)
Implemented support for virtual threads for HTTP/1.1, HTTP/2 and HTTP/3.

The virtual thread support is in AdaptiveExecutionStrategy.
When virtual threads are supported and enabled, reserved threads are disabled and
blocking tasks are run in a virtual thread instead that being executed by the Executor.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-08-10 14:31:04 +02:00
Ludovic Orban 110896b4d1 #8414: fix drainTo when head == tail but the queue isn't empty
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2022-08-08 10:28:31 +02:00
Lachlan 998bc8c7e8
Merge pull request #8315 from eclipse/jetty-10.0.x-8296-AliasChecking
Issue #8296 and #8259 -  AllowedResourceAliasChecker improvements
2022-08-08 13:23:02 +10:00
Lachlan Roberts 7d7dd41dee add javadoc for Resource.resolveAlias
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-07-28 18:00:56 +10:00
Lachlan Roberts 99cb930d78 changes from review PR #8315
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-07-27 10:21:35 +10:00
Joakim Erdfelt cbed42491a
Excluding Stress/Slow tests from normal CI builds. (#8314)
Nightly CI builds still run them.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-07-21 02:40:26 -05:00
Greg Wilkins 2b817f06c6
Combined ByteBufferPool (#8171)
All `ByteBufferPool` can now be accessed as `RetainableByteBufferPools`.

Users now need to configure only a single buffer pool and there is just the additional retained parameter that needs consideration.
Default buffer pool has been changed to logarithmic, but we may wish to review that before next release.
Default factor size has been increased to 4096.
2022-07-04 10:38:30 +10:00
Greg Wilkins cb918212f2
Fixed #8206 interrupted QTP.stop (#8220)
Made QTP stop resilient to spurious and self interrupts

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-06-30 16:34:21 +10:00
Joakim Erdfelt 64d12e2a5a
Merge Release 10.0.11 back into `jetty-10.0.x` branch (#8194)
* Updating to version 10.0.11

* Updating to version 10.0.12-SNAPSHOT
2022-06-22 16:24:48 -05:00
Joakim Erdfelt c2bc103cb9
Merge Release 10.0.10 back into `jetty-10.0.x` (#8180)
* Updating to version 10.0.11-SNAPSHOT
2022-06-21 14:41:41 +02:00
Lachlan 0699bc5326
Use static exceptions for closing websocket flushers and in ContentProducer (#8155)
* Use StaticException class in jetty-util for websocket flushers.
* Use StaticException class for ContentProducer recycle and consumeAll

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
2022-06-13 14:11:31 +02:00
Lachlan Roberts 5a24f90064 Improve cleanup of deflater/inflater pools for PerMessageDeflateExtension
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-06-07 18:52:48 +10:00
dependabot[bot] 17a72a001d
Bump maven-scm-provider-jgit from 1.12.2 to 1.13.0
Bumps maven-scm-provider-jgit from 1.12.2 to 1.13.0.

---
updated-dependencies:
- dependency-name: org.apache.maven.scm:maven-scm-provider-jgit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-30 09:28:04 +00:00
Lachlan Roberts 1c24238352 mark deprecated ReadLineInputStream for removal
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-25 16:56:34 +10:00
Lachlan Roberts f2e59a01b1 Add compliance mode for LEGACY multipart parser in Jetty 10+
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-05-17 10:58:12 +10:00
Joakim Erdfelt 16420f0181
Set version to `10.0.10-SNAPSHOT` (#7823)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-04-03 20:33:44 +10:00
Joakim Erdfelt f079949a35
Merge Release 10.0.9 (#7821)
* Updating to version 10.0.9

* Updating to version 10.0.10
2022-04-02 08:43:44 -05:00
dependabot[bot] 6b25c271b1
Bump jolokia-war from 1.3.3 to 1.7.1 (#6907)
* Bump jolokia-war from 1.3.3 to 1.7.1

Bumps jolokia-war from 1.3.3 to 1.7.1.

---
updated-dependencies:
- dependency-name: org.jolokia:jolokia-war
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

* Adding HashLoginService to jolokia.xml
* Fixing typo in FQCN for Jetty Password utility
* Using logger to print warning, not ServletContext.log() as it causes an NPE.

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-03-29 21:04:35 -05:00
Simone Bordet 7b648f6d5c
Fixes #7548 - Interrupt flag is not always cleared in between requests. (#7563)
Now clearing the interrupt flag.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-03-23 19:06:39 +01:00
Joakim Erdfelt f2e9680431
Honor parameters order when parsing query and form parameters (#7599) (#7605)
* Honor parameters order when parsing query and form parameters

When parsing the query or form parameters in Request, the values are stored in a MultiMap. This class extends HashMap which does not preserve the order of insertion so a request with parameters "first=1&second=2" might end up in a map where "second" will come first when iterating on the entry set. 

The order is necessary in some case where the request is signed off the body and/or the query parameters. When the order is not preserved, it is impossible to reconstruct the original request sent, unless using the Request::getInputStream which consumes the stream and makes subsequent calls to Request::getParameters to don't return the form parameters which can be misleading. The same behavior applied to query parameters, by using Request::getQueryString, you get the correct order but Request::getParameters will not.

Moreoever, if the application is behind a reverse proxy using Jetty that is proxying using Request::getParameters which consume the request InputStream, it will be completely impossible to reconstruct the original request.

* Added a test with parameter merging

Co-authored-by: Jacques-Etienne Beaudet <jebeaudet@gmail.com>
2022-02-16 11:34:30 -06:00
Greg Wilkins bdc60ee711
Jetty 10.0.x #7517 #7518 trie fixes (#7533)
* Fix #7518 Trie.getBest with empty Key (#7527)

Fix #7518 Trie.getBest with empty Key

 * Only increment current row if not recursing.
 * Fixed match ending with big char

Signed-off-by: Greg Wilkins <gregw@webtide.com>

* Jetty 9.4.x 7517 trie stack overflow (#7528)

Fix #7518 Trie stack overflows

* Avoid recursion where possible

Signed-off-by: Greg Wilkins <gregw@webtide.com>

* Added extra tests

Signed-off-by: Greg Wilkins <gregw@webtide.com>

* removed empty file

Signed-off-by: Greg Wilkins <gregw@webtide.com>
2022-02-08 06:20:50 +11:00
Simone Bordet a4fda96f49
Updating to version 10.0.9-SNAPSHOT 2022-02-07 12:02:02 +01:00