Commit Graph

19004 Commits

Author SHA1 Message Date
dependabot[bot] 00abb62fea
Bump maven-project-info-reports-plugin from 3.1.1 to 3.1.2 (#6704)
Bumps [maven-project-info-reports-plugin](https://github.com/apache/maven-project-info-reports-plugin) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/apache/maven-project-info-reports-plugin/releases)
- [Commits](https://github.com/apache/maven-project-info-reports-plugin/compare/maven-project-info-reports-plugin-3.1.1...maven-project-info-reports-plugin-3.1.2)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-project-info-reports-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-08 13:54:05 +10:00
Lachlan 4fd1a4ea4b
Merge pull request #6691 from eclipse/jetty-9.4.x-6554-DefaultIdentityService
Issue #6554 - create the DefaultIdentityService even if no realmName is provided
2021-09-03 10:15:58 +10:00
Lachlan Roberts 7e91d34177 Issue #6554 - create the DefaultIdentityService even if no realmName is provided
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-09-02 12:12:51 +10:00
Simone Bordet 525fcb3119
Fixes #6603 - HTTP/2 max local stream count exceeded (#6639)
Made MAX_CONCURRENT_STREAMS setting work on a per-connection basis.
Updated Pool javadocs.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2021-08-30 16:00:15 +02:00
Jan Bartel ef95c9b3ad
Issue #6671 Update to apache jsp 8.5.70 (#6676)
Signed-off-by: Jan Bartel <janb@webtide.com>
2021-08-30 12:24:40 +10:00
Joakim Erdfelt 59b21557a7
Build on jdk17 now. (#6675)
* Build on jdk17 now.
* Bump spotbugs to 4.3.0

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-28 07:10:26 -05:00
Simone Bordet 05c08e1602 Backport from 10.0.x of the changes using Awaitility.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-25 17:08:06 +02:00
Simone Bordet 1b79fcee94
Made `BlockedWritesWithSmallThreadPoolTest` more reliable.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-25 12:39:06 +02:00
Simone Bordet 9897c1b06e Fixes #6646 - SmallThreadPoolLoadTest on windows flaky.
Fixed occurrences of Callbacks that did not override getInvocationType() to properly declare whether they block or not.

Added test case for blocking writes for both client and server.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-25 10:45:16 +02:00
Lachlan f9bb80aa96
Merge pull request #6659 from eclipse/jetty-9.4.x-6568-SecurityHandler-isAuthMandatory
Issue #6553 - give 401 response if UNAUTHENTICATED and auth is mandatory (9.4)
2021-08-25 13:53:55 +10:00
Simone Bordet b2a023675c
Fixes #6652 - Improve ReservedThreadExecutor dump. (#6653)
Fixes #6652 - Improve ReservedThreadExecutor dump.

Filtering out non-reserved threads in dump() and doStop().

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2021-08-24 23:12:08 +02:00
Lachlan Roberts a575607284 Issue #6553 - give 403 response if UNAUTHENTICATED and auth is mandatory
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-24 15:48:03 +10:00
Lachlan 3de9d3428e
Merge pull request #6643 from eclipse/jetty-9.4.x-6617-openidBasicAuth
Issue #6617 - add support for the client_secret_basic authentication method (jetty-9.4)
2021-08-19 16:18:55 +10:00
Lachlan Roberts 11c8ea0fa2 Issue #6617 - change jetty property name to jetty.openid.authMethod
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-19 09:59:59 +10:00
Lachlan Roberts 604f6b3f82 Use correct auth method string in OpenIdConfiguration default constructor
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-19 09:59:36 +10:00
Lachlan Roberts 84a122f524 Issue #6617 - add support for the client_secret_basic authentication method
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-19 09:57:57 +10:00
Lachlan b848c87a40
Merge pull request #6636 from eclipse/jetty-9.4.x-6618-OpenID-audArray
Issue #6618 - azp claim should not be required for single value aud array (jetty-9.4)
2021-08-19 09:36:42 +10:00
Simone Bordet 693663a4ce Fixes #6624 - Non-domain SNI on java17
Java 17 only allows letter|digit|hyphen characters for SNI names.

While we could bypass this restriction on the client, when the SNI bytes arrive to the server they will be verified and if not allowed the TLS handshake will fail.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-18 17:07:20 +02:00
Lachlan Roberts c20be7da4d Fix licence header.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-18 12:52:54 +10:00
Lachlan Roberts 3e6446ef4a Issue #6618 - Use a new OpenIdCredentials constructor instead of static method.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-18 11:36:05 +10:00
Lachlan Roberts 61f7e57217 Issue #6618 - azp claim should not be required for single value aud array
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-08-18 11:35:48 +10:00
Greg Wilkins ac73b3aa20
Disable ipv6 test for #6624 (#6625)
Temp disable of test that is breaking the build.
2021-08-17 14:07:33 +10:00
Greg Wilkins a3f7747b35
Fix flaky test from #6562/#6563 (#6628)
Fix flaky test from #6562
Disable ipv6 test for #6624
2021-08-17 14:06:25 +10:00
Simone Bordet 569455c4a4 Fixes #6372 - Review socket options configuration.
Made HTTP2Client.tcpNoDelay configurable.
Fixed copying of configuration in HttpClientTransportOverHTTP2.
Added test case for bindAddress.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-13 15:08:24 +02:00
Ludovic Orban cbc814e763 #6605 rename test
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-08-13 14:59:19 +02:00
Ludovic Orban 4857372245 #6605 testEmptyBufferKnown: make sure the assertion does not happen before the committed flag is read
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-08-13 14:59:19 +02:00
Joakim Erdfelt 2032a43943
Merge pull request #6596 from eclipse/jetty-9.4.x-dep-upgrade-ant
Upgrade ant to 1.10.11
2021-08-11 06:32:53 -05:00
Joakim Erdfelt 014011b37f
Upgrade ant to 1.10.11
Addresses CVE-2021-36373 and CVE-2021-36374

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-10 07:55:45 -05:00
Simone Bordet 784293aa6d Fixes #6369 - Increment default jetty.http2.rateControl.maxEventsPerSecond
Incremented rateControl.maxEventsPerSecond to 50.
Fixed mistakes in the http2c module.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-06 19:07:58 +02:00
Greg Wilkins fc0a4dc141
Fixed racy test (#6584)
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-08-04 14:25:07 +10:00
Simone Bordet 342396c7ee
Issue #6558 - improved json array converter (#6571)
Fixes #6558 - Allow configuring return type in JSON array parsing.

Introduced `arrayConverter` in both JSON and AsyncJSON.Factory.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-08-03 17:09:28 +02:00
Joakim Erdfelt 51e6335c7a
Merge pull request #6572 from eclipse/jetty-9.4.x-windows-test-overhaul
Issue #5684 - windows test overhaul
2021-08-03 07:45:27 -05:00
Greg Wilkins 5c013a5a0b
Fix #6562 last written bytebuffer (#6563)
Fixes #6562 the last written bytebuffer calculation.
Also fixed an associated issue with unnecessary flush of an empty when last calculation already signalled last.
2021-08-03 12:30:09 +10:00
Joakim Erdfelt 242f6621ae Issue #5684 - Fixing DeploymentTempDirTest
Using unique workdir per testcase.
Don't expect to delete between tests (not supported on windows due to file locking anyway)

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 09:15:09 -07:00
Joakim Erdfelt 1c16aa8993 Issue #5684 - Disable ConcurrentStreamCreationTest
+ Not possible to create all of these streams.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 07:31:09 -07:00
Joakim Erdfelt 60bfc75ce4 Issue #5684 - Disabled TLSv1.3 tests on windows
If we restrict to TLSv1.2 this passes.

But on TLSv1.3 is a behavior differences between Linux and Windows.

On Linux TLSv.13 on client side will always return a
javax.net.ssl.SSLHandshakeException in those test cases that expect it.

However, on Windows, Only the TLSv1.2 implementation will return a javax.net.ssl.SSLHandshakeException,

All other TLS versions will result in a
javax.net.ssl.SSLException: Software caused connection abort: recv failed

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 06:54:49 -07:00
Joakim Erdfelt 18f32da373 Issue #5684 - make test less strict due to system speed issues
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 05:06:37 -07:00
Joakim Erdfelt 93e47a6a66 Issue #5684 - increase timeout
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 05:06:06 -07:00
Joakim Erdfelt 75c7ce200c Issue #5684 - if unable to start, the stop shouldn't fail
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 05:05:50 -07:00
Joakim Erdfelt 500e6f2762 Issue #5684 - scan interval is variable on windows
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-08-02 05:05:32 -07:00
Joakim Erdfelt fb1c85496c Issue #5684 - Restrict behaviors to TLSv1.2
+ Windows TLS behaviors between
  OpenJDK 8 and OpendJDK 11
  and even between TLS versions
  make the test unreliable.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-07-30 15:03:03 -07:00
Joakim Erdfelt 87912d8852 Issue #5684 - Window's test overhaul
+ Cleanup FileBufferedResponseHandlerTest expectations on Windows.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-07-30 11:04:13 -07:00
Lachlan 9705e05bb5
Merge pull request #6560 from eclipse/jetty-9.4.x-CVE-2021-34429
Update VERSION.txt with CVE-2021-34429 (Jetty-9.4)
2021-07-30 17:47:34 +10:00
Lachlan Roberts 25dafa6d7a Update VERSION.txt with CVE-2021-34429.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2021-07-29 15:04:20 +10:00
Greg Wilkins 735e97d5c7
Non blocking ReservedThreadExecutor (#6535)
A call to offer must never block, nor even yield, since to do so give an opportunity for the allocated CPU core to change, defeating the whole purpose of the class.
There is also some reasonable level of diagnostic warnings if a reserved thread misses too many offers consecutively, based on tracking the state of the reserved thread.

Remove the stack data structure entirely.  ReservedThreads all poll the same SynchronousQueue and tryExecute does a non blocking offer.

Added test for busy shrinking

Remember last time we hit zero reserved threads

Co-authored-by: Simone Bordet <simone.bordet@gmail.com>
2021-07-29 09:46:48 +10:00
Ludovic Orban ea5c8ed994 #6491 do not depend on awaitility
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-07-28 09:24:47 +02:00
Ludovic Orban 020770f82d #6541 improve testConcurrentAccess perf
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-07-28 09:24:47 +02:00
Ludovic Orban 9726a0987f #6541 improve testTake perf
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
2021-07-28 09:24:47 +02:00
Joakim Erdfelt 7741ecc1e5 Issue #5684 - Window's test overhaul
+ Migrate from @DisabledOnOs(WINDOWS) to assumptions on capabilities instead.
+ Fix other outstanding windows testing issues.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-07-27 15:02:45 -07:00
Joakim Erdfelt cbb3a550cc
Merge pull request #6549 from eclipse/jetty-9.4.x-remove-dead-useragents-file
Remove unused (and currently empty) useragents file
2021-07-27 12:53:23 -05:00