+ All plugins and dependencies are alphabetized now
+ All plugins and dependency versions have properties now
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Fixes#6603 - HTTP/2 max local stream count exceeded (#6639)
Made MAX_CONCURRENT_STREAMS setting work on a per-connection basis.
Updated Pool javadocs.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
(cherry picked from commit 525fcb3119)
Issue #5684 - Window's test overhaul
+ Migrate from @DisabledOnOs(WINDOWS) to assumptions on capabilities instead.
+ Fix other outstanding windows testing issues.
+ Cleanup FileBufferedResponseHandlerTest expectations on Windows.
+ PathWatcher scan interval is variable on windows
+ If unable to start testcase based on assumption,
the stop shouldn't fail testcase
+ Increase various wait timeouts
+ Make tests less strict due to system speed issues
+ Disable Sni tests due to TLS behaviors differences in Windows
+ Windows TLSv1.3 seems to introduce this difference
+ If we restrict to TLSv1.2 this passes.
+ On Linux TLSv.13 on client side will always return a
+ javax.net.ssl.SSLHandshakeException in those test cases that expect it.
+ However, on Windows, Only the TLSv1.2 implementation will return a javax.net.ssl.SSLHandshakeException,
+ All other TLS versions on Windows will result in a
+ javax.net.ssl.SSLException: Software caused connection abort: recv failed
+ Disable ConcurrentStreamCreationTest
+ Not possible to create all of these streams.
+ Fixing DeploymentTempDirTest
+ Using unique workdir per testcase.
+ Don't expect to delete files / directories between tests
(not supported on windows due to file locking anyway)
+ Fixing line ending difference on windows
+ InvalidPathException is a 404 Not Found
+ Cannot reuse test directory between runs due to memory mapped files that are still in use from previous run.
+ java.nio.file.FileSystemException: C:\code\jetty.project\jetty-webapp\target\tests\welcome#\index.html: The requested operation cannot be performed on a file with a user-mapped section open.
at java.base/sun.nio.fs.WindowsException.translateToIOException(WindowsException.java:92)
at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:103)
at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:108)
at java.base/sun.nio.fs.WindowsFileSystemProvider.newByteChannel(WindowsFileSystemProvider.java:235)
at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478)
at java.base/java.nio.file.Files.newOutputStream(Files.java:220)
at org.eclipse.jetty.webapp/org.eclipse.jetty.webapp.WebAppDefaultServletTest.prepareServer(WebAppDefaultServletTest.java:84)
+ As is typical on windows, we are often unable to delete a file due to file locking issues.
+ Use a unique resource base between tests.
This is to avoid file locking behaviors that prevent the
resource base from being reused too quickly on windows.
+ Prevent test run if symlinks not supported
+ Allowing for Windows slosh char as well in asserts
+ SelectorUtils is File.separator dependent
+ Regex is now FS.separator independent
+ Using SelectorUtils from plexus correctly for include/exclude
+ Turning off mapped files for testing reasons.
+ Fix and re-enable RFC2616NIOHttpsTest
+ Issue #6552 - Fix test failures due to slf4j dep
+ Issue #6552 - upgrade testcontainers
+ Issue #6552 - move to assumption based docker existence
+ Issue #6552 - Fix enforcer rule violation on jna.
Addresses the following side effect of upgrading testcontainers.
[WARNING] Rule 3: org.apache.maven.plugins.enforcer.RequireUpperBoundDeps failed with message:
Failed while enforcing RequireUpperBoundDeps. The error(s) are [
Require upper bound dependencies error for net.java.dev.jna:jna:5.6.0 paths to dependency are:
+-org.eclipse.jetty:infinispan-remote-query:10.0.7-SNAPSHOT
+-org.testcontainers:testcontainers:1.16.0
+-com.github.docker-java:docker-java-transport-zerodep:3.2.11
+-net.java.dev.jna:jna:5.6.0 (managed) <-- net.java.dev.jna:jna:5.8.0
+ use annotation to disable test when docker not available and needed
+ Disabling FileSessionDistributionTests.stopRestartWebappTestSessionContentSaved on Windows
+ Using TLS basic
+ Programmatic removal of memory mapped behavior during testing
+ Fixing slf4j warning
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Olivier Lamy <oliver.lamy@gmail.com>
Java 17 only allows letter|digit|hyphen characters for SNI names.
While we could bypass this restriction on the client, when the SNI bytes arrive to the server they will be verified and if not allowed the TLS handshake will fail.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 693663a4ce)
Fixes#6043 - Reimplement UnixSocket support based on Java 16.
* Introduced new module "jetty-server-unixdomain".
It uses reflection to access the Java 16 Unix-Domain classes to keep compatibility with the other modules and the build.
* Added Jetty module with only HTTP/1.1 support for now (requires review of the modules to reuse them with various connectors).
* Updated documentation to mention UnixDomainServerConnector.
* Updated client libraries to support Unix-Domain.
* Updated PROXY protocol implementation to support Unix-Domain.
* Replaced unix.socket.tmp with better named jetty.unixdomain.dir property.
Defaulted jetty.unixdomain.dir property to system property user.home under Windows.
Simplified code that runs Unix-Domain tests.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now using consistently HttpConversation.getTimeout() to report the accurate value.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 734d3b672c)
* Fixes#6410 - Use SocketAddress instead of InetSocketAddress.
Removed usages of InetSocketAddress in method signatures where possible.
Deprecated old methods, and added new methods with SocketAddress.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Reworked the total timeout handling.
* Now a CyclicTimeouts handles the exchanges in each HttpDestination,
and a CyclicTimeouts handles the exchanges in each HttpConnection
(rather than in HttpChannel).
* Now adjusting the total timeout for copied requests generated by
redirects and authentication.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 2e7d17400f)
Updated ConnectionStatistics to report both the stats of all connections,
and the stats grouped by connection class.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit f902d12fe8)
* Fixes#6276 - Support non-standard domains in SNI and X509. (#6296)
Improved support for IP addresses in X509 (after #5379).
Introduced SslContextFactory.Client.SniProvider to allow applications to specify the SNI names to send to the server.
Improved logging of SNI processing.
Skip X509 matching over IP addresses when the host does
not look like an IP address, to avoid reverse DNS lookup.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 04df6d4ec2)
Avoid to allocate ContentListeners for every response.
Avoid using Java streams to reduce allocation.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#6251 - Use CyclicTimeout for HTTP2Streams.
Introduced CyclicTimeouts to manage many entities that may timeout.
Rewritten HttpDestination request timeouts using CyclicTimeouts.
HTTP2Stream does not inherit from IdleTimeout anymore; now a
CyclicTimeouts in HTTP2Session manages the stream timeouts.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixed logic in HttpDestination.RequestTimeouts, where now a timeout
is scheduled only when the expiration time is less than the existing one.
Various code cleanups.
Renamed HttpDestination.TimeoutTask to RequestTimeouts for clarity.
Improved javadocs, code comments and logging.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 5f23689aa7)
(cherry picked from commit da50e06b64)
(cherry picked from commit 88ac10439a)
* Fixes#5845 - Use UTF-8 encoding for client basic auth if requested.
* Introduced get/setCharset in BasicAuthenticator on server-side.
* Looking for the "charset" parameter on the client-side, and if there, use it.
* Added test case.
* Code cleanups.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Changed the AbstractConnectionPool.acquire() logic to call tryCreate() even
when create=false.
This is necessary when e.g. a sender thread T2 with create=true steals a
connection whose creation was triggered by another sender thread T1.
In the old code, T2 did not trigger the creation of a connection, possibly
leaving a request queued.
In the new code, T2 would call tryCreate(), possibly triggering
the creation of a connection.
This change re-introduces the fact that when sending e.g. 20 requests
concurrently, 20+ connections may be created.
However, it is better to err on creating more than creating less and leaving
requests queued.
Further refactoring moved field pending from Pool to AbstractConnectionPool.
As a consequence, AbstractConnectionPool.tryCreate() now performs a
demand/supply calculation to decide whether to create a new connection.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
* enable spotbugs in CI
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
record issues
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
use warning new generation
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
activate errorprone
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
fix Jenkinsfile
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
do not run spotbugs for jetty-runner as we do not want to fix all dependencies bugs :)
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
junit should allow empty results
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
maven console can be use only once...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
one liner
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
recordissues only once
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
force id
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
aggregate results
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
configure a name for aggregated reports
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
mo more -T3 no need anymore of remote session test profile
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
I want to see what failing tests look like with new report.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
skip spotbugs for jetty-jmh
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
get rid of findbugs as we now have spotbugs
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
Revert "I want to see what failing tests look like with new report."
This reverts commit df0d13e4c53d7461872e1f925ec06bd36e4a66c9.
activate errorProne parser
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
make pmd quiet for CI
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
remove -fae flag and do not display transfer progress
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
try junitParser() to see what it does
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
junit parser is a bad idea...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
increase timeout
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
no -T2 for javadoc
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
fix skip spotbugs and pmd verbose
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* remove -T options
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
The upgrade could happen in the context of a HttpParser.parseNext()
call, which eventually upgrades the EndPoint, passing what remains in
the NetworkBuffer to the new Connection and releasing the NetworkBuffer.
The messageComplete() parser callback was still returning false even
if the response was 101, causing the HTTP/1.1 parser to continue, but
now the NetworkBuffer was null, producing the NullPointerException.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Introduced HttpDestination.send(Request, Response.CompleteListener) to send a request using the given destination.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Make EOF and errors be special content.
Transition to a much simplified FSM by using the needContent() / produceContent() model.
Implement blocking on top of async, this way there is only one FSM.
(Milestone 6)
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
The problem was a race condition during content decoding.
Since decoding needs to be done in a loop, the condition to loop is to
check whether there is demand for the next chunk of decoded content.
Checking for demand also sets the stalled flag, and this must be done
only after the response state has been set back to CONTENT.
Unfortunately this was not done in the decoding loop.
The fix is to always update the response state in the decoding loop.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#5379 - Better handling for wrong SNI.
Reworked the SNI logic.
Added support for IP addresses in the SAN extension of certificates in the X509 class.
Fixed keystores to have CN=localhost and SAN with ip=127.0.0.1 and ip=[::1].
Fixed tests that were not using the correct Host header.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #5357 - Updating to https://eclipse.org/
- Removing redundant <url> refs in pom.xml
- Correcting bad indenting from merge
- Correcting mailing list references
- Correcting bugs.eclipse.org references
- Correcting text file references
- Correcting html references
- Correcting further references
- Correcting download.eclipse.org reference
- Adding test for demo-base /proxy/current/
- Ensuring jetty-client is included in javadoc-proxy.war/WEB-INF/lib
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #5304 HTTP2 HostHeader
Updated HostHeaderCustomizer to actually add the Host header, either from values passed in the custructor or from the getServerName and getServerPort methods.
The HttpURI is no longer updated.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ Found and fixed bug in HttpFields
+ Added port normalization support to HttpScheme
+ added test
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* blank line
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ refixed bug in HttpFields
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ still fixing HttpFields bug
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 Host Header
updates from review
* Speculative idea to make a pluggable Pool strategy
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Speculative idea to make a pluggable Pool strategy
+ javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Speculative idea to make a pluggable Pool strategy
+ Added a ThreadLocalStrategy for a single cached item
+ Tell strategies about newly reserved entries
+ Fixed multiplexing test that was dependent on the impl of the cache
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Speculative idea to make a pluggable Pool strategy
+ added tests
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Feedback from review
+ Don't have a fallback iteration, instead make a SearchStrategy and DualStrategy
* Feedback from review
+ split strategies into Cache and Strategies
* Feedback from review
+ Added reserve and release
* Improved Pool Strategies:
+ reverted to post notifications for removed, reserved and released.
+ Added a few more strategies that need to be benchmarked, that use the list iterator.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Testing all the different strategies
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* More simplifications and made LRU work (ish)
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* javadoc
* More javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* JMH Test
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* one strategy
Signed-off-by: gregw <gregw@webtide.com>
* test
Signed-off-by: gregw <gregw@webtide.com>
* Split implementations:
+ pluggable strategies
+ hard coded
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* More benchmarks
* Built in strategy
* removed strategies version and simplified to single configurable solution.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* better javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Updated ConnectionPool classes to use Pool strategies
* Small javadocs fixes.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Updates from review
* javadoc
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#3766 - Introduce HTTP/2 API to batch frames.
Introduced Stream.FrameList to hold HEADERS+DATA+HEADERS frames.
These are often used by the client and by the server when the
request/response content is known and FrameList will allow to
send them in a single TCP write, rather than multiple ones.
Rewritten HttpSenderOverHTTP2.sendHeaders() and
HttpTransportOverHTTP2.sendHeaders() to take advantage of
FrameList.
Now using ConcurrentHashMap as a client context, because
with DEBUG logging enabled it may be access concurrently.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Reworked HTTP/2 release after an exchange is terminated.
Previously, the release was bound to 2 events: onStreamClosed(),
introduced for #2796, and exchangeTerminated().
Unfortunately, if the former happens before the latter and
closes the connection, the latter will see the exchange as
aborted, while in fact it was successful, causing what
reported in #5147, an AsynchronousCloseException.
Now, the release is always performed by the exchangeTerminated()
event. With respect to #2796, the stream is always already
closed by the time the exchangeTerminated() event fires (it
was not before).
Reworked the implementation of RoundRobinConnectionPool using
a lock and aggressively trying to open new connections.
A second fix is related to HttpDestination.release(Connection).
If the connection is closed for e.g. overuse, we need to trigger
the processing of queued requests via send(create: true).
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now closing the connection if an unsolicited response is detected,
no matter what response status code, or whether it has a
Connection: close header, or whether it's just random bytes from
the server, and also no matter whether the client read -1.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Implemented as part of #4975.
Added a test case that proves that the connection is closed
when the max usage count is reached.
Improved logging.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Some updates to the new Pool class:
+ fixed a race with pending reservations
+ use a pending counter
+ Reservation API to simplify Entry API
+ removed public methods on Entry API
* Some updates to the new Pool class:
+ fixed a race with pending reservations
+ use a pending counter
+ Reservation API to simplify Entry API
+ removed public methods on Entry API
* Updates from review
* Updates from review
Tests for cache size and acquire with creator
* Method no longer required with Reservation
* update from the feedback on the feedback of the feedback from the review.
Moved enable to Entry, removed Reservation class and clarified usage in javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
fixed javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
fixed javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
fixed javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
updates from review
On the client:
* Origin.Address.host is passed through HostPort.normalizeHost(),
so that if it is IPv6 is bracketed.
Now the ipv6 address passed to an `HttClient` request is bracketed.
* HttpRequest was de-bracketing the host, but now it does not anymore.
On the server:
* Request.getLocalAddr(), getLocalName(), getRemoteAddr(),
getRemoteHost(), getServerName(), when dealing with an IPv6 address,
return it bracketed.
The reason to return bracketed IPv6 also from *Addr() methods is that
if it is used with InetAddress/InetSocketAddress it still works, but
often it is interpreted as a URI host so brackets are necessary.
* DoSFilter was blindly bracketing - now it does not.
Added a number of test cases, and fixed those that expected
non-bracketed IPv6.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Replaced relevant usages of synchronized with AutoLock.
* Made AutoLock serializable since classes that use it may be stored in the HttpSession.
* Added convenience methods to AutoLock to execute lambdas with the lock held.
* Introduced AutoLock.WithCondition to use a Lock and a Condition together.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Replace uses of Random with SecureRandom.
We do not believe any of these uses of Random represent any security vulnerability, but we are making this
change for an abundance of caution and to avoid warnings from 3rd party scanning tools.
For some reason, Request.getHeaders() returned HttpFields,
but HttpRequest.getHeaders() returned HttpFields.Mutable,
and it was obviously wrong.
Fixed WebSocket code that was relying on this API error.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixed MaxConcurrentStreamsTest - it was always broken.
The problem was that the call to super.onSettings(...) was done
_after_ sending the request, so the connection pool was still
configured with the default maxMultiplex=1024.
Also fixed AbstractConnectionPool to avoid a second call to
activate() if we are not trying to create a new connection.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>