Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,832 Commits 70 Branches 462 Tags 370 MiB
Commit Graph

12832 Commits

Author SHA1 Message Date
Simone Bordet 9427aa95e8 Merged branch 'jetty-9.2.x' into 'jetty-9.3.x'. 2017-05-18 21:09:54 +02:00
Simone Bordet 2baa1abe4b Issue #1556 - A timing channel in Password.java. 
Improved logic to avoid timing attacks:
now the password length cannot be inferred.
 2017-05-18 21:09:16 +02:00
Simone Bordet b2481d472b Issue #523 - TLS close behaviour breaking session resumption. 
Removed old test, duplicated by newer and better tests.
 2017-05-17 15:32:18 +02:00
Simone Bordet d53af5d737 Fixes #523 - TLS close behaviour breaking session resumption. 
Since requests cannot be connection delimited, don't call
sslEngine.closeInbound() on the server.

On the client, added a configuration parameter to allow missing
TLS Close Message, since many servers do that.

Introduced SslConnection.allowMissingCloseMessage so that it
throws in case of truncation attacks.
 2017-05-17 13:07:21 +02:00
Simone Bordet da05582b9a Marking the parser at EOF in case of exceptions. 2017-05-17 10:11:10 +02:00
Simone Bordet 1e2093c14a Merged branch 'jetty-9.2.x' into 'jetty-9.3.x'. 2017-05-16 16:34:39 +02:00
Simone Bordet f3751d7078 Issue #1556 - A timing channel in Password.java. 
Fixed comparison logic, doh.
 2017-05-16 16:34:04 +02:00
Simone Bordet 1ef845556b Merged branch 'jetty-9.2.x' into 'jetty-9.3.x'. 2017-05-16 10:44:46 +02:00
Simone Bordet 042f325f1c Fixes #1556 - A timing channel in Password.java. 2017-05-16 10:41:08 +02:00
Simone Bordet b1b94d870e Code cleanups. 2017-05-16 10:25:34 +02:00
Joakim Erdfelt fc2ec54c51 Fixing compact3 build on JDK8u121+ 2017-05-12 16:49:00 -07:00
Joakim Erdfelt 98d36ff0b1 Upgrading maven-source-plugin for build stability 2017-05-12 13:41:53 -07:00
Joakim Erdfelt 69c88e1e51 Merge mistake 2017-05-12 12:22:24 -07:00
Joakim Erdfelt be5bb05f12 Disabling javadoc, deploy, findbugs in /tests/ 
(cherry picked from commit ad1512d)
 2017-05-12 12:09:39 -07:00
Joakim Erdfelt 521cc6520f Some javadoc plugin configuration updates 
(cherry picked from commit 240c217)
 2017-05-12 12:09:10 -07:00
Joakim Erdfelt 712b5bbcf9 Making javadoc build stage be offline instead 
(cherry picked from commit c794af8)
 2017-05-12 12:08:11 -07:00
Joakim Erdfelt 21194df6df Merge remote-tracking branch 'origin/jetty-9.2.x' into jetty-9.3.x 2017-05-12 10:14:52 -07:00
Joakim Erdfelt 3521c76d53 Missing license header 2017-05-12 10:14:16 -07:00
Joakim Erdfelt 9e8fa7c29f Merge remote-tracking branch 'origin/jetty-9.2.x' into jetty-9.3.x 2017-05-12 09:31:34 -07:00
Joakim Erdfelt 5e0d11cfc3 Issue #1108 - adding SslContextFactory.dump() selection details 
+ Protocol selection details
+ Cipher Suites selection details

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>

Conflicts:
	jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java
 2017-05-12 09:29:27 -07:00
olivier lamy 6d92c4c931 fix for #1527 9.3.x branch 
Signed-off-by: olivier lamy <olamy@webtide.com>
 2017-05-11 13:46:57 +10:00
Joakim Erdfelt cf56168f7d Updating to version 9.3.20-SNAPSHOT 2017-05-02 15:26:56 -07:00
Joakim Erdfelt d36d57d5c7 Updating to version 9.3.19.v20170502 2017-05-02 14:31:51 -07:00
Simone Bordet c955fb609e Merged branch 'jetty-9.2.x' into 'jetty-9.3.x'. 2017-05-02 22:12:29 +02:00
Simone Bordet 9ba7b713d2 Fixes #1523 - Update ALPN support for Java 8u131. 2017-05-02 22:01:00 +02:00
Greg Wilkins f2721d3407 Issues #1513 #1515 
Fixed and tested backup file
 2017-05-02 12:40:00 +02:00
Greg Wilkins 1f8b48cb83 Issues #1513 #1515 
Fixed removed of old files.
Added test to check file handling
 2017-05-02 11:47:32 +02:00
Jan Bartel 5f65f2916f Issue #1390 
Remove this.web_url.path
 2017-05-01 17:37:05 +02:00
Greg Wilkins a4cfd8a7a5 Fixed #1513 paranoid cleanup 2017-04-28 11:38:48 +02:00
Greg Wilkins c87903f39d Fixed #1513 back ported some 9.4 changes 2017-04-28 11:01:42 +02:00
Greg Wilkins 860d8658ca Fixed #1513 sync shared timer 2017-04-28 10:25:29 +02:00
Greg Wilkins 118652e985 Issue #1507 2017-04-27 10:57:55 +02:00
Simone Bordet 8af0d153e0 Updated version to correct value. 2017-04-24 18:42:19 +02:00
Joakim Erdfelt 803542c485 Merge pull request #1430 from olamy/feature/bom-artifact 
#1348 add BOM artifact
 2017-04-20 06:19:08 -07:00
Greg Wilkins 2f04b0f869 Fix #1487 2017-04-20 11:38:28 +10:00
Greg Wilkins f5631a9f1b Fix #1486 2017-04-20 09:38:50 +10:00
WalkerWatch 64fc778f30 Updating documentation pom.xml for Javadoc 
Signed-off-by: WalkerWatch <ctwalker@gmail.com>
 2017-04-19 15:40:31 -04:00
Joakim Erdfelt 399ff337c8 Issue #1469 - conforming to java.util.Timer quirks 2017-04-13 09:07:26 -07:00
Greg Wilkins 6a10b4272b Issue #1463 2017-04-12 16:55:31 +10:00
Greg Wilkins 23a9c6c1be Issue #1463 2017-04-12 14:54:18 +10:00
Jan Bartel daafc8fed1 Issue #877 
Add test case
 2017-04-12 11:08:07 +10:00
Joakim Erdfelt 9e2aeda052 Updating to version 9.3.19-SNAPSHOT 2017-04-06 07:47:53 -07:00
Joakim Erdfelt 63273aa40b Updating to version 9.3.18.v20170406 2017-04-06 06:31:02 -07:00
olivier lamy a9fbfc0868 fix issues from pr review #1348 
Signed-off-by: olivier lamy <olamy@webtide.com>
 2017-04-01 19:43:48 +11:00
Joakim Erdfelt d1c946d192 Merge branch 'fvanderveen-jetty-9.3.x' into jetty-9.3.x 2017-03-31 11:20:20 -07:00
Joakim Erdfelt e8f8e6a279 Issue #1439 - Cleanup of PR #1438 to enable UNC support 
+ Uses Path.toRealPath() to satisfy requirements on both
  Windows and Linux respectively
 2017-03-31 11:18:30 -07:00
Fabian van der Veen 9a00c038ff Make PathResource UNC compatible again 
The newly added checkAliasPath used the File constructor on a uri
resulting from Path's toUri, which caused an IllegalArgumentException due to
the uri having an authority component. (File's toURI and Path's toUri
differ slightly wrt. UNC paths; file:////unc vs file://unc.)

Signed-off-by: Fabian van der Veen <djyhnzo@gmail.com>
 2017-03-30 16:03:11 +02:00
Denis Nedelyaev daf61cd294 Fix memory leak in GzipHandler (#1429) 
Looks like this leak shows itself only with asynchronous responses.

Some relevant info: http://www.devguli.com/blog/eng/java-deflater-and-outofmemoryerror/

Signed-off-by: Denis Nedelyaev <denvned@gmail.com>
 2017-03-30 17:26:56 +11:00
Greg Wilkins 02d4e5d1f6 More time to run tests 2017-03-30 17:11:28 +11:00
Joakim Erdfelt dff8fb6b90 Issue parameter decoding (#1330) 
* Issue #1327 - Removing non-standard (Microsoft only) %uXXXX support

* Issue #1322 - Removing attempts at "solving" bad behavior in UrlEncoded

+ No longer captures NumberFormatException and Utf8Exception and
  NotUtf8Exception for purposes of "recovering" from a bad encoding.
+ Introduces UrlEncode.decodeHexChar() and .decodeHexByte() to make
  reporting of bad encoding more clear.

* Issue #1316 - throw a BadMessageException on bad parameter parsing

+ If BadMessageException is uncaught by the webapp, this will result
  in an error 400 response message.
+ If an application decides to catch the BadMessageException, they can
  choose to ignore the exception and do their own error reporting.
+ This piggybacks on Issue #1327 and Issue #1322
 2017-03-30 14:00:39 +11:00