The problem was a race condition during content decoding.
Since decoding needs to be done in a loop, the condition to loop is to
check whether there is demand for the next chunk of decoded content.
Checking for demand also sets the stalled flag, and this must be done
only after the response state has been set back to CONTENT.
Unfortunately this was not done in the decoding loop.
The fix is to always update the response state in the decoding loop.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#5379 - Better handling for wrong SNI.
Reworked the SNI logic.
Added support for IP addresses in the SAN extension of certificates in the X509 class.
Fixed keystores to have CN=localhost and SAN with ip=127.0.0.1 and ip=[::1].
Fixed tests that were not using the correct Host header.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #5357 - Updating to https://eclipse.org/
- Removing redundant <url> refs in pom.xml
- Correcting bad indenting from merge
- Correcting mailing list references
- Correcting bugs.eclipse.org references
- Correcting text file references
- Correcting html references
- Correcting further references
- Correcting download.eclipse.org reference
- Adding test for demo-base /proxy/current/
- Ensuring jetty-client is included in javadoc-proxy.war/WEB-INF/lib
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #5304 HTTP2 HostHeader
Updated HostHeaderCustomizer to actually add the Host header, either from values passed in the custructor or from the getServerName and getServerPort methods.
The HttpURI is no longer updated.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ Found and fixed bug in HttpFields
+ Added port normalization support to HttpScheme
+ added test
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* blank line
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ refixed bug in HttpFields
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ still fixing HttpFields bug
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 Host Header
updates from review
* Speculative idea to make a pluggable Pool strategy
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Speculative idea to make a pluggable Pool strategy
+ javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Speculative idea to make a pluggable Pool strategy
+ Added a ThreadLocalStrategy for a single cached item
+ Tell strategies about newly reserved entries
+ Fixed multiplexing test that was dependent on the impl of the cache
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Speculative idea to make a pluggable Pool strategy
+ added tests
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Feedback from review
+ Don't have a fallback iteration, instead make a SearchStrategy and DualStrategy
* Feedback from review
+ split strategies into Cache and Strategies
* Feedback from review
+ Added reserve and release
* Improved Pool Strategies:
+ reverted to post notifications for removed, reserved and released.
+ Added a few more strategies that need to be benchmarked, that use the list iterator.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Testing all the different strategies
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* More simplifications and made LRU work (ish)
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* javadoc
* More javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* JMH Test
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* one strategy
Signed-off-by: gregw <gregw@webtide.com>
* test
Signed-off-by: gregw <gregw@webtide.com>
* Split implementations:
+ pluggable strategies
+ hard coded
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* More benchmarks
* Built in strategy
* removed strategies version and simplified to single configurable solution.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* better javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Updated ConnectionPool classes to use Pool strategies
* Small javadocs fixes.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Updates from review
* javadoc
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#3766 - Introduce HTTP/2 API to batch frames.
Introduced Stream.FrameList to hold HEADERS+DATA+HEADERS frames.
These are often used by the client and by the server when the
request/response content is known and FrameList will allow to
send them in a single TCP write, rather than multiple ones.
Rewritten HttpSenderOverHTTP2.sendHeaders() and
HttpTransportOverHTTP2.sendHeaders() to take advantage of
FrameList.
Now using ConcurrentHashMap as a client context, because
with DEBUG logging enabled it may be access concurrently.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Reworked HTTP/2 release after an exchange is terminated.
Previously, the release was bound to 2 events: onStreamClosed(),
introduced for #2796, and exchangeTerminated().
Unfortunately, if the former happens before the latter and
closes the connection, the latter will see the exchange as
aborted, while in fact it was successful, causing what
reported in #5147, an AsynchronousCloseException.
Now, the release is always performed by the exchangeTerminated()
event. With respect to #2796, the stream is always already
closed by the time the exchangeTerminated() event fires (it
was not before).
Reworked the implementation of RoundRobinConnectionPool using
a lock and aggressively trying to open new connections.
A second fix is related to HttpDestination.release(Connection).
If the connection is closed for e.g. overuse, we need to trigger
the processing of queued requests via send(create: true).
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now closing the connection if an unsolicited response is detected,
no matter what response status code, or whether it has a
Connection: close header, or whether it's just random bytes from
the server, and also no matter whether the client read -1.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Implemented as part of #4975.
Added a test case that proves that the connection is closed
when the max usage count is reached.
Improved logging.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Some updates to the new Pool class:
+ fixed a race with pending reservations
+ use a pending counter
+ Reservation API to simplify Entry API
+ removed public methods on Entry API
* Some updates to the new Pool class:
+ fixed a race with pending reservations
+ use a pending counter
+ Reservation API to simplify Entry API
+ removed public methods on Entry API
* Updates from review
* Updates from review
Tests for cache size and acquire with creator
* Method no longer required with Reservation
* update from the feedback on the feedback of the feedback from the review.
Moved enable to Entry, removed Reservation class and clarified usage in javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
fixed javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
fixed javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
fixed javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
updates from review
On the client:
* Origin.Address.host is passed through HostPort.normalizeHost(),
so that if it is IPv6 is bracketed.
Now the ipv6 address passed to an `HttClient` request is bracketed.
* HttpRequest was de-bracketing the host, but now it does not anymore.
On the server:
* Request.getLocalAddr(), getLocalName(), getRemoteAddr(),
getRemoteHost(), getServerName(), when dealing with an IPv6 address,
return it bracketed.
The reason to return bracketed IPv6 also from *Addr() methods is that
if it is used with InetAddress/InetSocketAddress it still works, but
often it is interpreted as a URI host so brackets are necessary.
* DoSFilter was blindly bracketing - now it does not.
Added a number of test cases, and fixed those that expected
non-bracketed IPv6.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Replaced relevant usages of synchronized with AutoLock.
* Made AutoLock serializable since classes that use it may be stored in the HttpSession.
* Added convenience methods to AutoLock to execute lambdas with the lock held.
* Introduced AutoLock.WithCondition to use a Lock and a Condition together.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Replace uses of Random with SecureRandom.
We do not believe any of these uses of Random represent any security vulnerability, but we are making this
change for an abundance of caution and to avoid warnings from 3rd party scanning tools.
For some reason, Request.getHeaders() returned HttpFields,
but HttpRequest.getHeaders() returned HttpFields.Mutable,
and it was obviously wrong.
Fixed WebSocket code that was relying on this API error.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixed MaxConcurrentStreamsTest - it was always broken.
The problem was that the call to super.onSettings(...) was done
_after_ sending the request, so the connection pool was still
configured with the default maxMultiplex=1024.
Also fixed AbstractConnectionPool to avoid a second call to
activate() if we are not trying to create a new connection.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixed MultiplexConnectionPool.acquire() to use the new boolean
parameter to decide whether or not create a new connection.
This fixes ConnectionPoolTest instability.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixes#4976 HttpClient async content throws NPE in DEBUG log.
Reworked handling of asynchronous content by immediately exiting
HttpReceiverOverHTTP.process(), so that there is no race with
other threads that have been scheduled to resume the processing.
The call to HttpReceiver.dispose() that could be triggered by
an asynchronous failure is now performed either by the failing
thread (if the HttpReceiver is not processing) or by an I/O
thread (if the HttpReceiver is processing) similarly to what
happens when terminating the response.
The content decoding has been reworked to perform the required
state changes similarly to what non-decoded content is doing,
as this was completely lacking before (it was actually a side
bug that is now fixed).
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
* Fixes#4904 - WebsocketClient creates more connections than needed.
Fixed connection pool's `acquire()` methods to correctly take into account the number of queued requests.
Now the connection creation is conditional, triggered by
explicit send() or failures.
The connection creation is not triggered _after_ a send(),
where we aggressively send more queued requests - or
in release(), where we send queued request after a previous
one was completed.
Now the connection close/removal aggressively sends more
requests triggering the connection creation.
Also fixed a collateral bug in `BufferingResponseListener` - wrong calculation of the max content length.
Restored `ConnectionPoolTest` that was disabled in #2540, cleaned it up, and let it run for hours without failures.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Added test to replicate the traffic seen in the issue.
The test shows that we do close the server EndPoint.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Introduced:
* Request Request.headers(Consumer<HttpFields.Mutable>).
This allows applications to modify the headers, and chain calls.
It also delegates the precise semantic of put/add/remove/clear to HttpFields, so there is no API duplication.
* HttpRequest.header(HttpField) to efficiently add fields while normalizing the request (only used in implementation).
* HttpResponse.header(HttpField) to efficiently add fields while parsing the response (only used in implementation).
This pairs with HttpResponse.trailer(HttpField).
* HttpResponse.headers(Consumer<HttpFields.Mutable>) to modify the fields after they have been populated (only used in tests).
Removed:
* Request.[set,add,put,remove], replaced by headers(Consumer<HttpFields.Mutable>).
Deprecated:
* Request.header(String, String)
* Request.header(HttpHeader, String)
Both replaced by headers(Consumer<HttpFields.Mutable>) with clearer semantic for add/put/remove.
All the rest is code cleanup to remove the usage of the deprecated header() methods.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Simone Bordet
Joakim Erdfelt
dependabot[bot]
Greg Wilkins
Lachlan Roberts
Jan Bartel
Oleg Mozzhechkov
olivier lamy
Ludovic Orban