Commit Graph

15718 Commits

Author SHA1 Message Date
Lachlan Roberts 5a1325949e Changes to allow for other formats specified in RFC7235
- Multiple challanges in the same header can now be parsed successfully.
    - Will now allow a base64 value after the auth-scheme instead of parameters. Which can be used for the Negotiate auth-scheme.
    - Added more in depth testing for tricky cases.

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2018-04-18 16:02:33 +10:00
Jan Bartel 0e88849a68
Issue #2164 Make osgi.serviceloader mostly optional (#2408)
Signed-off-by: Jan Bartel <janb@webtide.com>
2018-04-18 14:48:53 +10:00
Simone Bordet fac93fa7f8 Fixes #2451 - Review ReservedThreadExecutor.getAvailable().
Fixed by having getAvailable() returning _stack.size().

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2018-04-17 16:30:06 +02:00
Olivier Lamy f36eba4577
class.newInstance is deprecated #2435 (#2437)
* Class.newInstance() is deprecated in Java 9+ #2435

Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2018-04-17 19:07:20 +10:00
Simone Bordet 882deb00b4
Merge pull request #2426 from lachlan-roberts/jetty-9.4.x-1555-AuthenticationProtocolHandler
Issue #1555 WWW-Authenticate realm header ordering
2018-04-17 10:26:53 +02:00
Lachlan Roberts 497b87eb2e Fixed bug with regex and style cleanup.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2018-04-17 17:34:16 +10:00
Lachlan Roberts ee09904809 Reworked the way authentication parameters are parsed.
Removed the regex to separate out the realm parameter and instead parse it with the other parameters into HeaderInfo.

Changed HeaderInfo to store the parsed parameters as a Map instead of the un-parsed parameters in a string.

The parsing of the parameters is now done in AuthenticationProtocolHandler.newHeaderInfo(String) and then passed into the HeaderInfo instead of Parsing it in DigestAuthentication.

Replaced the usage of splitParams(String) with QuotedCSV used to parse the parameters.

Added test to check the ordering of parameters doesn't matter.

Allow not to have a realm parameter, changed DigestAuthentication.matches() to not match if realm is null, so that Digest Authentication requires realm parameter but any Basic Authentication can be done without it. There is currently no tests for this.

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2018-04-17 17:04:44 +10:00
Jan Bartel 516f6d21c5
Issue #110 Avoid classloading for checking roles in jaas (#2381)
* Issue #110 Avoid classloading for checking roles in jaas

Signed-off-by: Jan Bartel <janb@webtide.com>
2018-04-17 16:20:13 +10:00
Olivier Lamy ce1317f204
add it test for #2430 which works... (#2442)
* add it test for 2430 which works...

Signed-off-by: olivier lamy <oliver.lamy@gmail.com>

* fix missing header

Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2018-04-16 10:22:56 +10:00
olivier lamy 5f2306c9cd add a profile to run all tests even those disable with some jdks
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2018-04-14 13:03:50 +10:00
Olivier Lamy 977fb521a0
add jdk11 in the jdk list (#2438)
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2018-04-13 22:25:41 +10:00
olivier lamy ffa270b6c8 disable failing tests for jdk11
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2018-04-13 21:49:02 +10:00
Simone Bordet 6224e75862
Issue #2366 - Review HTTP/2 interleaving. (#2379)
* Fixes #2366 - Review HTTP/2 interleaving.

Now using a fairer algorithm that performs multiple generation passes
but without generating all frames for the current entries - it stops
after N passes over all the entries when the number of bytes to
write is large enough.

Using HttpConfiguration.outputBufferSize as the writeThreshold on
the server and a default 32 KiB on the client to stop the generation
after a pass over all the entries.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2018-04-13 11:50:17 +02:00
olivier lamy cffc2b0c12 use last maven version
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2018-04-13 12:48:12 +10:00
Simone Bordet 7629a8f98f
Fixes #2425 - Review BufferUtil.isMappedBuffer(). (#2432)
Now explicitly using a _mappedBuffer field in
CachedContentFactory.CachedHttpContent.
Deprecated BufferUtil.isMappedBuffer().

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2018-04-12 10:36:57 +02:00
Lachlan Roberts 29dccf668c Changes after review 1
Regex will now look for comma and spaces before realm. Preventing issues accepting params with realm as a suffix like blahrealm.
Stops adding double commas when extracting realm param.

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2018-04-12 10:33:47 +10:00
Simone Bordet b09760ca9a Code cleanups.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2018-04-11 15:05:58 +02:00
Simone Bordet c14f7efc95 Fixes spurious failures of FlowControlStrategyTest.testServerFlowControlOneBigWrite().
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2018-04-10 19:01:15 +02:00
Simone Bordet b26817767b Fixed test that was not working with JDK 11.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2018-04-10 11:11:31 +02:00
Lachlan Roberts bc4ad7c61a Changed regex for AUTHENTICATE_PATTERN so that the realm doesn't need to appear as first parameter. #1555
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2018-04-10 14:47:00 +10:00
Joakim Erdfelt e5b84856d2
Merge pull request #2418 from olamy/feature/jdk10_profile_jenkinsfile
add jdk10 in jenkinsfile and jdk10 maven profiles
2018-04-09 11:39:11 -05:00
Steve Bolton 6abf026440 Issue #1785 If only connector in vhost and not connector in request then fail to match
Signed-off-by: Steve Bolton <steve@boltn.com>
2018-04-07 17:25:40 -04:00
Steve Bolton c79b0f4e2a Issue #1785 Update Javadoc
Signed-off-by: Steve Bolton <steve@boltn.com>
2018-04-07 14:51:28 -04:00
Steve Bolton a30ed56ac1 Issue #1785 Added vhost@connectorname format for AND behaviour
Signed-off-by: Steve Bolton <steve@boltn.com>
2018-04-07 13:56:45 -04:00
Simone Bordet 06454f6409 Fixes #2420 - Simplify HttpTransportOverHTTP2.
Removed usage of ternary expressions in favor of if/else statements
to improve readability of the logic for the send() method.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2018-04-07 12:25:39 +02:00
Jan Bartel ea6d18f919
Jetty 9.4.x issue 2397asm jdk10 support (#2417)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Jan Bartel <janb@webtide.com>
2018-04-06 12:00:09 +10:00
olivier lamy f6268ec919 add jdk10 profile to disable some tests
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2018-04-06 11:04:27 +10:00
olivier lamy e6f02b578a add jdk10 in jenkinsfile
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2018-04-06 10:38:49 +10:00
Jan Bartel 09bfb77e5f
Issue #2409 Ensure no duplicate config classes in osgi (#2416)
Signed-off-by: Jan Bartel <janb@webtide.com>
2018-04-06 09:18:47 +10:00
Joakim Erdfelt be3c5a08d0 Reducing noise on test output 2018-04-05 16:33:40 -05:00
Joakim Erdfelt ab9c3f5f1d
Merge pull request #2395 from eclipse/jetty-9.4.x-issue-2391-json-slashuencoding
Issue #2391 - JSON string encoding fix
2018-04-05 10:40:39 -05:00
Joakim Erdfelt 46c5824e7a Issue #2391 - JSON Solidus is optional for escaping
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2018-04-05 09:13:37 -05:00
Joakim Erdfelt 4d7ac53d7f
Merge pull request #2414 from eclipse/jetty-9.4.x-issue-2413-server-timestamp
Issue #2413 - Using Instant.toString() to be consistent with timestamp
2018-04-05 05:39:07 -05:00
Jan Bartel 72404d15d6 Make mavenRepoPath system property optional for osgi tests 2018-04-05 14:02:38 +10:00
Joakim Erdfelt ceded0bbae Issue #2413 - Using Instant.toString() to be consistent with timestamp
Example output:

JDK 8:

2018-04-04 22:30:25.578:INFO:oejs.Server:main: jetty-9.4.10-SNAPSHOT; built: 2018-04-04T22:22:03.202Z; git: 2b32f82aeb64acc6105c08d8a7a141279f8b91d0; jvm 1.8.0_131-b11

JDK 9:

2018-04-04 22:29:39.035:INFO:oejs.Server:main: jetty-9.4.10-SNAPSHOT; built: 2018-04-04T22:22:03.202Z; git: 2b32f82aeb64acc6105c08d8a7a141279f8b91d0; jvm 9+181

JDK 10:

2018-04-04 17:29:07.568:INFO:oejs.Server:main: jetty-9.4.10-SNAPSHOT; built: 2018-04-04T22:22:03.202Z; git: 2b32f82aeb64acc6105c08d8a7a141279f8b91d0; jvm 10+46

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2018-04-04 17:32:20 -05:00
Joakim Erdfelt 5cab0ccd5f Issue #2391 - JSON string escaping fix + override
+ all string escaping now done in JSON.escapeString()
+ special override JSON.escapeUnicode() available for
  those that want to use optional Unicode escaping.
  javadoc indicates one way to accomplish this.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2018-04-04 12:40:07 -05:00
Joakim Erdfelt 2b32f82aeb
Merge pull request #2393 from eclipse/jetty-9.4.x-issue-2337-ws-subprotocols
Issue #2337 - slightly more efficient getSubProtocols() behavior
2018-04-04 06:22:17 -05:00
Joakim Erdfelt 9147e408c8
Merge pull request #2392 from eclipse/jetty-9.4.x-issue-2387-uriutils-jarfile
Issue #2387 - fixing URIUtil.equalsIgnoreEncoding() with jar:file:// uris
2018-04-04 06:16:35 -05:00
Greg Wilkins c41b6b7aab
Merge pull request #2332 from eclipse/jetty-9.4.x-1027-Multipart
## SearchPattern
New class which does a fast search for patterns within strings and arrays of bytes using an implementation of the Boyer–Moore–Horspool algorithm. This was written to be used in the new MultiPartParser class to search for delimeter boundaries.

## MultiPartParser
New class which uses the SearchPattern to parse a MultiPart Mime given a ByteBuffer. Written in a non-blocking style so can be used asynchronously (although not currently be being used this way).

## MultiPartFormInputStream
New class which uses the MultiPartParser to parse a MultiPart Mime input stream into a Collection of Parts. This class is in org/eclipse/jetty/http and is designed to replace org/eclipse/jetty/util/MultiPartInputStreamParser.

## MultiPartInputStreamParser and Non Compliances
This class has been deprecated and replaced by org.eclipse.jetty.http.MultiPartFormInputStream. It accepts formats non compliant with the RFC that the new MultiPartFormInputStream does not accept. When this occurs violations are recorded by the method getNonComplianceWarnings().

## MultiParts
New interface to allow switching between the different implementations. This allows MultiParts to function in two different modes. The LEGACY implementation using the UTIL parser which may parse forms containing non compliances with the RFC, and the RFC7578 implementation using the new and faster HTTP parser. This file contains the implementations of MultiParts for HTTP and UTIL parsers as nested classes which are used by Request.

## Request
Changed to use the new MultiParts interface instead of the MultiPartInputStreamParser class. with a method called newMultiParts which will construct a MultiPart using one of the HTTP or UTIL implementations depending on what compliance mode is set.

## Jetty Test Webapp Dump Servlet
Code added to display parts while running the dump test webapp if MuliPart form is submitted.

## MultiPartBenchMark
JMH Benchmark of the HTTP multipart parser vs the UTIL multipart parser.

testLargeGenerated parses a 10MB file of random binary data.
testParser parses a series of small multipart forms captured by a browser.
```
# Run complete. Total time: 00:02:09

Benchmark                              (parserType)  Mode  Cnt  Score   Error  Units
MultiPartBenchmark.testLargeGenerated          UTIL  avgt   10  0.252 ± 0.025   s/op
MultiPartBenchmark.testLargeGenerated          HTTP  avgt   10  0.035 ± 0.004   s/op
MultiPartBenchmark.testParser                  UTIL  avgt   10  0.028 ± 0.005   s/op
MultiPartBenchmark.testParser                  HTTP  avgt   10  0.015 ± 0.006   s/op
```
2018-04-04 17:30:36 +10:00
Jan Bartel 16e625adde
Issue #2109 remove warnings for unused imports and exports (#2390)
Signed-off-by: Jan Bartel <janb@webtide.com>
2018-04-04 12:06:43 +10:00
Lachlan Roberts 92f44389b9 fixed value of public static String __MULTIPARTS
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2018-04-04 12:00:11 +10:00
Lachlan Roberts 4a0e4294b9 fixed path of MultiPartFormDataCompliance in jetty.xml
added some debug info
changes to jetty test webapp to display parts from multi-part forms

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2018-04-04 11:18:57 +10:00
Lachlan Roberts 379a8d6928 Merge remote-tracking branch 'eclipse/jetty-9.4.x-1027-Multipart' into jetty-9.4.x-1027-Multipart 2018-04-04 09:48:01 +10:00
Lachlan Roberts 1c35324f5b Fixed some javadoc errors and warnings
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2018-04-04 09:46:50 +10:00
Greg Wilkins 9397ae2d77 revert ResourceHandlerTest changes
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2018-04-04 09:10:57 +10:00
Greg Wilkins 85f300d264 fixed javadoc warning
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2018-04-04 08:50:03 +10:00
Greg Wilkins 6528b79fbd Merge branch 'jetty-9.4.x-1027-Multipart' of github.com:eclipse/jetty.project into jetty-9.4.x-1027-Multipart 2018-04-04 08:08:59 +10:00
Joakim Erdfelt 3b32e1c984 Issue #1027 - MultiPartCaptureTest cleanup
+ Regenerated many of the captures
  - Better SJIS Encoding Test Samples
+ Added more
  - file consisting of only random whitespace
  - file with 1 very long line
  - Jetty Http Client captures

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2018-04-03 14:55:38 -05:00
Lachlan Roberts 81ff77108c Moved the MultiParts interface and implementations from Request into new file MultiParts.java
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2018-04-03 23:55:08 +10:00
Lachlan Roberts 1eec234336 Minor changes after review by gregw.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2018-04-03 21:22:16 +10:00