* Fixes#5845 - Use UTF-8 encoding for client basic auth if requested.
* Introduced get/setCharset in BasicAuthenticator on server-side.
* Looking for the "charset" parameter on the client-side, and if there, use it.
* Added test case.
* Code cleanups.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Changed the AbstractConnectionPool.acquire() logic to call tryCreate() even
when create=false.
This is necessary when e.g. a sender thread T2 with create=true steals a
connection whose creation was triggered by another sender thread T1.
In the old code, T2 did not trigger the creation of a connection, possibly
leaving a request queued.
In the new code, T2 would call tryCreate(), possibly triggering
the creation of a connection.
This change re-introduces the fact that when sending e.g. 20 requests
concurrently, 20+ connections may be created.
However, it is better to err on creating more than creating less and leaving
requests queued.
Further refactoring moved field pending from Pool to AbstractConnectionPool.
As a consequence, AbstractConnectionPool.tryCreate() now performs a
demand/supply calculation to decide whether to create a new connection.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
* enable spotbugs in CI
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
record issues
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
use warning new generation
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
activate errorprone
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
fix Jenkinsfile
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
do not run spotbugs for jetty-runner as we do not want to fix all dependencies bugs :)
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
junit should allow empty results
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
maven console can be use only once...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
one liner
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
recordissues only once
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
force id
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
aggregate results
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
configure a name for aggregated reports
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
mo more -T3 no need anymore of remote session test profile
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
I want to see what failing tests look like with new report.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
skip spotbugs for jetty-jmh
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
get rid of findbugs as we now have spotbugs
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
Revert "I want to see what failing tests look like with new report."
This reverts commit df0d13e4c53d7461872e1f925ec06bd36e4a66c9.
activate errorProne parser
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
make pmd quiet for CI
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
remove -fae flag and do not display transfer progress
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
try junitParser() to see what it does
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
junit parser is a bad idea...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
increase timeout
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
no -T2 for javadoc
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
fix skip spotbugs and pmd verbose
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
* remove -T options
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
The upgrade could happen in the context of a HttpParser.parseNext()
call, which eventually upgrades the EndPoint, passing what remains in
the NetworkBuffer to the new Connection and releasing the NetworkBuffer.
The messageComplete() parser callback was still returning false even
if the response was 101, causing the HTTP/1.1 parser to continue, but
now the NetworkBuffer was null, producing the NullPointerException.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Introduced HttpDestination.send(Request, Response.CompleteListener) to send a request using the given destination.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Make EOF and errors be special content.
Transition to a much simplified FSM by using the needContent() / produceContent() model.
Implement blocking on top of async, this way there is only one FSM.
(Milestone 6)
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
The problem was a race condition during content decoding.
Since decoding needs to be done in a loop, the condition to loop is to
check whether there is demand for the next chunk of decoded content.
Checking for demand also sets the stalled flag, and this must be done
only after the response state has been set back to CONTENT.
Unfortunately this was not done in the decoding loop.
The fix is to always update the response state in the decoding loop.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#5379 - Better handling for wrong SNI.
Reworked the SNI logic.
Added support for IP addresses in the SAN extension of certificates in the X509 class.
Fixed keystores to have CN=localhost and SAN with ip=127.0.0.1 and ip=[::1].
Fixed tests that were not using the correct Host header.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #5357 - Updating to https://eclipse.org/
- Removing redundant <url> refs in pom.xml
- Correcting bad indenting from merge
- Correcting mailing list references
- Correcting bugs.eclipse.org references
- Correcting text file references
- Correcting html references
- Correcting further references
- Correcting download.eclipse.org reference
- Adding test for demo-base /proxy/current/
- Ensuring jetty-client is included in javadoc-proxy.war/WEB-INF/lib
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #5304 HTTP2 HostHeader
Updated HostHeaderCustomizer to actually add the Host header, either from values passed in the custructor or from the getServerName and getServerPort methods.
The HttpURI is no longer updated.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ Found and fixed bug in HttpFields
+ Added port normalization support to HttpScheme
+ added test
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* blank line
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ refixed bug in HttpFields
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 HostHeader
+ still fixing HttpFields bug
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #5304 HTTP2 Host Header
updates from review
* Speculative idea to make a pluggable Pool strategy
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Speculative idea to make a pluggable Pool strategy
+ javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Speculative idea to make a pluggable Pool strategy
+ Added a ThreadLocalStrategy for a single cached item
+ Tell strategies about newly reserved entries
+ Fixed multiplexing test that was dependent on the impl of the cache
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Speculative idea to make a pluggable Pool strategy
+ added tests
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Feedback from review
+ Don't have a fallback iteration, instead make a SearchStrategy and DualStrategy
* Feedback from review
+ split strategies into Cache and Strategies
* Feedback from review
+ Added reserve and release
* Improved Pool Strategies:
+ reverted to post notifications for removed, reserved and released.
+ Added a few more strategies that need to be benchmarked, that use the list iterator.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Testing all the different strategies
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* More simplifications and made LRU work (ish)
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* javadoc
* More javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* JMH Test
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* one strategy
Signed-off-by: gregw <gregw@webtide.com>
* test
Signed-off-by: gregw <gregw@webtide.com>
* Split implementations:
+ pluggable strategies
+ hard coded
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* More benchmarks
* Built in strategy
* removed strategies version and simplified to single configurable solution.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* better javadoc
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Updated ConnectionPool classes to use Pool strategies
* Small javadocs fixes.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Updates from review
* javadoc
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#3766 - Introduce HTTP/2 API to batch frames.
Introduced Stream.FrameList to hold HEADERS+DATA+HEADERS frames.
These are often used by the client and by the server when the
request/response content is known and FrameList will allow to
send them in a single TCP write, rather than multiple ones.
Rewritten HttpSenderOverHTTP2.sendHeaders() and
HttpTransportOverHTTP2.sendHeaders() to take advantage of
FrameList.
Now using ConcurrentHashMap as a client context, because
with DEBUG logging enabled it may be access concurrently.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Reworked HTTP/2 release after an exchange is terminated.
Previously, the release was bound to 2 events: onStreamClosed(),
introduced for #2796, and exchangeTerminated().
Unfortunately, if the former happens before the latter and
closes the connection, the latter will see the exchange as
aborted, while in fact it was successful, causing what
reported in #5147, an AsynchronousCloseException.
Now, the release is always performed by the exchangeTerminated()
event. With respect to #2796, the stream is always already
closed by the time the exchangeTerminated() event fires (it
was not before).
Reworked the implementation of RoundRobinConnectionPool using
a lock and aggressively trying to open new connections.
A second fix is related to HttpDestination.release(Connection).
If the connection is closed for e.g. overuse, we need to trigger
the processing of queued requests via send(create: true).
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now closing the connection if an unsolicited response is detected,
no matter what response status code, or whether it has a
Connection: close header, or whether it's just random bytes from
the server, and also no matter whether the client read -1.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Implemented as part of #4975.
Added a test case that proves that the connection is closed
when the max usage count is reached.
Improved logging.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Some updates to the new Pool class:
+ fixed a race with pending reservations
+ use a pending counter
+ Reservation API to simplify Entry API
+ removed public methods on Entry API
* Some updates to the new Pool class:
+ fixed a race with pending reservations
+ use a pending counter
+ Reservation API to simplify Entry API
+ removed public methods on Entry API
* Updates from review
* Updates from review
Tests for cache size and acquire with creator
* Method no longer required with Reservation
* update from the feedback on the feedback of the feedback from the review.
Moved enable to Entry, removed Reservation class and clarified usage in javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
fixed javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
fixed javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
fixed javadoc
* Issue #5095 XmlConfiguration locking Use pool instead of static shared instance
updates from review
On the client:
* Origin.Address.host is passed through HostPort.normalizeHost(),
so that if it is IPv6 is bracketed.
Now the ipv6 address passed to an `HttClient` request is bracketed.
* HttpRequest was de-bracketing the host, but now it does not anymore.
On the server:
* Request.getLocalAddr(), getLocalName(), getRemoteAddr(),
getRemoteHost(), getServerName(), when dealing with an IPv6 address,
return it bracketed.
The reason to return bracketed IPv6 also from *Addr() methods is that
if it is used with InetAddress/InetSocketAddress it still works, but
often it is interpreted as a URI host so brackets are necessary.
* DoSFilter was blindly bracketing - now it does not.
Added a number of test cases, and fixed those that expected
non-bracketed IPv6.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Replaced relevant usages of synchronized with AutoLock.
* Made AutoLock serializable since classes that use it may be stored in the HttpSession.
* Added convenience methods to AutoLock to execute lambdas with the lock held.
* Introduced AutoLock.WithCondition to use a Lock and a Condition together.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Replace uses of Random with SecureRandom.
We do not believe any of these uses of Random represent any security vulnerability, but we are making this
change for an abundance of caution and to avoid warnings from 3rd party scanning tools.
For some reason, Request.getHeaders() returned HttpFields,
but HttpRequest.getHeaders() returned HttpFields.Mutable,
and it was obviously wrong.
Fixed WebSocket code that was relying on this API error.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixed MaxConcurrentStreamsTest - it was always broken.
The problem was that the call to super.onSettings(...) was done
_after_ sending the request, so the connection pool was still
configured with the default maxMultiplex=1024.
Also fixed AbstractConnectionPool to avoid a second call to
activate() if we are not trying to create a new connection.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Joakim Erdfelt
Simone Bordet
Ludovic Orban
olivier lamy
dependabot[bot]
Greg Wilkins
Lachlan Roberts
Jan Bartel
Oleg Mozzhechkov