Fix#6860 IPv6 format by adding an extensible HttpChannel method
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
* Fixes#6603 - HTTP/2 max local stream count exceeded (#6639)
Made MAX_CONCURRENT_STREAMS setting work on a per-connection basis.
Updated Pool javadocs.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
(cherry picked from commit 525fcb3119)
Issue #5684 - Window's test overhaul
+ Migrate from @DisabledOnOs(WINDOWS) to assumptions on capabilities instead.
+ Fix other outstanding windows testing issues.
+ Cleanup FileBufferedResponseHandlerTest expectations on Windows.
+ PathWatcher scan interval is variable on windows
+ If unable to start testcase based on assumption,
the stop shouldn't fail testcase
+ Increase various wait timeouts
+ Make tests less strict due to system speed issues
+ Disable Sni tests due to TLS behaviors differences in Windows
+ Windows TLSv1.3 seems to introduce this difference
+ If we restrict to TLSv1.2 this passes.
+ On Linux TLSv.13 on client side will always return a
+ javax.net.ssl.SSLHandshakeException in those test cases that expect it.
+ However, on Windows, Only the TLSv1.2 implementation will return a javax.net.ssl.SSLHandshakeException,
+ All other TLS versions on Windows will result in a
+ javax.net.ssl.SSLException: Software caused connection abort: recv failed
+ Disable ConcurrentStreamCreationTest
+ Not possible to create all of these streams.
+ Fixing DeploymentTempDirTest
+ Using unique workdir per testcase.
+ Don't expect to delete files / directories between tests
(not supported on windows due to file locking anyway)
+ Fixing line ending difference on windows
+ InvalidPathException is a 404 Not Found
+ Cannot reuse test directory between runs due to memory mapped files that are still in use from previous run.
+ java.nio.file.FileSystemException: C:\code\jetty.project\jetty-webapp\target\tests\welcome#\index.html: The requested operation cannot be performed on a file with a user-mapped section open.
at java.base/sun.nio.fs.WindowsException.translateToIOException(WindowsException.java:92)
at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:103)
at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:108)
at java.base/sun.nio.fs.WindowsFileSystemProvider.newByteChannel(WindowsFileSystemProvider.java:235)
at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478)
at java.base/java.nio.file.Files.newOutputStream(Files.java:220)
at org.eclipse.jetty.webapp/org.eclipse.jetty.webapp.WebAppDefaultServletTest.prepareServer(WebAppDefaultServletTest.java:84)
+ As is typical on windows, we are often unable to delete a file due to file locking issues.
+ Use a unique resource base between tests.
This is to avoid file locking behaviors that prevent the
resource base from being reused too quickly on windows.
+ Prevent test run if symlinks not supported
+ Allowing for Windows slosh char as well in asserts
+ SelectorUtils is File.separator dependent
+ Regex is now FS.separator independent
+ Using SelectorUtils from plexus correctly for include/exclude
+ Turning off mapped files for testing reasons.
+ Fix and re-enable RFC2616NIOHttpsTest
+ Issue #6552 - Fix test failures due to slf4j dep
+ Issue #6552 - upgrade testcontainers
+ Issue #6552 - move to assumption based docker existence
+ Issue #6552 - Fix enforcer rule violation on jna.
Addresses the following side effect of upgrading testcontainers.
[WARNING] Rule 3: org.apache.maven.plugins.enforcer.RequireUpperBoundDeps failed with message:
Failed while enforcing RequireUpperBoundDeps. The error(s) are [
Require upper bound dependencies error for net.java.dev.jna:jna:5.6.0 paths to dependency are:
+-org.eclipse.jetty:infinispan-remote-query:10.0.7-SNAPSHOT
+-org.testcontainers:testcontainers:1.16.0
+-com.github.docker-java:docker-java-transport-zerodep:3.2.11
+-net.java.dev.jna:jna:5.6.0 (managed) <-- net.java.dev.jna:jna:5.8.0
+ use annotation to disable test when docker not available and needed
+ Disabling FileSessionDistributionTests.stopRestartWebappTestSessionContentSaved on Windows
+ Using TLS basic
+ Programmatic removal of memory mapped behavior during testing
+ Fixing slf4j warning
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Olivier Lamy <oliver.lamy@gmail.com>
Fixed occurrences of Callbacks that did not override getInvocationType() to properly declare whether they block or not.
Added test case for blocking writes for both client and server.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 9897c1b06e)
Java 17 only allows letter|digit|hyphen characters for SNI names.
While we could bypass this restriction on the client, when the SNI bytes arrive to the server they will be verified and if not allowed the TLS handshake will fail.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 693663a4ce)
A call to offer must never block, nor even yield, since to do so give an opportunity for the allocated CPU core to change, defeating the whole purpose of the class.
There is also some reasonable level of diagnostic warnings if a reserved thread misses too many offers consecutively, based on tracking the state of the reserved thread.
Remove the stack data structure entirely. ReservedThreads all poll the same SynchronousQueue and tryExecute does a non blocking offer.
Added test for busy shrinking
Remember last time we hit zero reserved threads
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
Issue #6473 - canonicalPath refactor & fix alias check in PathResource
* Reverted %-escape handling for URI query parts.
* Performing canonicalization in ServletContext.getResource(),
and improving alias checking in ContextHandler.getResource().
* Performing canonicalization checks in Resource.addPath() to avoid
navigation above of the root.
* Test added and fixed.
* Various cleanups.
* Improved javadoc and comments
* Compliance mode HttpURI uses UriCompliance.Violation
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
* Fixes#6410 - Use SocketAddress instead of InetSocketAddress.
Removed usages of InetSocketAddress in method signatures where possible.
Deprecated old methods, and added new methods with SocketAddress.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Rename EWYK to AdaptiveExecutionStrategy, which better represents the nature of the strategy.
Updated the documentation
Refactored substrategy selection for code clarity.
Added notes about chaining strategies and thread starvation
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
* Fix#6114 Deploy symlink webapps
Use Path.toRealPath rather than getCanonicalPath in the Scanner
Make following symlinks configurable
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Fixes#6276 - Support non-standard domains in SNI and X509. (#6296)
Improved support for IP addresses in X509 (after #5379).
Introduced SslContextFactory.Client.SniProvider to allow applications to specify the SNI names to send to the server.
Improved logging of SNI processing.
Skip X509 matching over IP addresses when the host does
not look like an IP address, to avoid reverse DNS lookup.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 04df6d4ec2)
Updated the logic in SslContextFactory.Server.sniSelect(...) to check if there is
any certificate that matches, and if so return a null alias in the hope to be called
again and pick the right alias for the SNI.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit 68296911b7)
Added null guard for `ExtendedSSLSession.getRequestedServerNames()`
which should never return null, but it does when using Conscrypt.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
FileBufferedResponseHandler adds an HttpOutput.Interceptor to buffer all responses into a file until the output is closed. This allows the commit to be delayed until the response is complete and thus headers and response status can be changed while writing the body.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Use Files.isSameFile to check Resource equality
Avoid using canonical and instead use Files.isSameFile
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
Greg Wilkins
Simone Bordet
Lachlan Roberts
Joakim Erdfelt
Ludovic Orban
Jan Bartel
Olivier Lamy
Jesse McConnell