Introduced method Request.getConnection() to expose the Connection after at the request begin event.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Moved the call to destroy the CyclicTimeouts to a close() call that is always called.
Fixed NPE in ManagedSelector.getTotalKeys().
Fixed exception handling to avoid infinite recursion in SslConnection.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Backport of #10790 to Jetty 10.
+ Making sure /etc/default/jetty is populated correctly in the user_change mode
+ Removing warnings from jetty startup about --start-log-file=... being unrecognized
+ Adding unique jetty10 identifier to docker image names (helps to keep different jetty versions apart when manually testing)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #10696 - Addressing start-stop-daemon behaviors in jetty.sh
* disable internal pid-file management of start-stop-daemon
* IssueDo not test for file system permissions if user is root, or process will switch to JETTY_USER
* Fixing bad UID / JETTY_USER condition
* Avoid FS test with setuid use as well
* Fixing stop behavior
* Adding jetty.sh docker testing
---------
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Olivier Lamy <olamy@apache.org>
Co-authored-by: Olivier Lamy <olamy@apache.org>
* Revert pgrep usage in jetty.sh
* Adding test for jetty.conf
* Correcting renamed xml file
* Improved started check
+ Improved `started` function code
- adding comment explaining steps
- adding named parameters
+ Improved ARGS check for "jetty.state="
option, to know when to check the
state file.
* Make sure state.mod is before any deploy steps to ensure jetty-state file is created early.
* Early cleanup / creation of State file
* Improved `started` function
+ Don't attempt to read from State File
if it doesn't exist
+ Don't attempt to read from PID File
if it doesn't exist
+ DEBUG in state file logic
+ DEBUG in pid file logic
+ proper startsWith logic for state detection
* Better state debugging and pid kill
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* improve the formatting for precise ms in DateCache
* return original format string with DateCache.getFormatString
* calculate index in tick constructor because format strings can be different size
* use two ticks so that switching between seconds is less likely going to have cache miss
* use boolean instead of index to denote if sub second is needed
* remove formatWithoutCache and replace with doFormat as it doesn't work with sub second time
* allow the option of not having sub second precision
* use two separate formatters for the prefix/suffix around the SSS format code
* use a simple class to store both ticks in DateCache
* rename DateCache.Tick.getString(long) to format()
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* Introduced module `threadpool-virtual` for Java 21.
* Updated virtual threads documentation to refer to Java 21.
* Updated requirements that the releases should use Java 21, so that the documentation can properly render the virtual threads documentation.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now Content-Length and Content-Encoding are removed/modified by the decoder.
In this way, applications have a correct sets of headers to decide whether to decode the content themselves.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now TunnelRequest.getURI() does not return null, so normalizeRequest() can properly apply the authentication headers.
Moved copy of a request to HttpRequest, so also the sub-type can be copied.
Fixed restore of destination in HttpProxy.HttpProxyClientConnectionFactory.newProxyConnection(): now doing it in the promise rather than in finally block.
Using the proxy destination (not the server's) to send subsequent CONNECT requests in case the first is not replied with 200.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Fixes#8405 - onAllDataRead() is called twice under h2 if the stream times out
Per Servlet semantic, HTTP/2 stream timeout should be ignored.
The code was trying to fail the read via `_contentDemander.onTimeout()`, but
then it was still calling `onContentProducible()`, which was returning `true`
because the state of the read was IDLE (all the request content was read) and
the request was suspended.
Now the code checks if the read was really failed; if it is not, then
`onContentProducible()` is not called and so the idle timeout is ignored.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Method HTTP2StreamEndPoint.flush() has a "no pending operation" semantic, but the previous implementation was calling stream.data(), which may become a pending operation if the stream is congested.
Changed the implementation of flush() to return false in the IDLE and PENDING cases.
Now every flush() is converted to a write(), which has the same semantic as stream.data().
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* jetty-slf4j-impl is non-optional on some modules
* Using appropriate slf4j impl depending on module.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* #9655 introduce new Stream.Client.Listener.onNewStream() method to allow setting the channel's stream before sending any data to the network
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
* improvements to logout from the OpenIdLoginService validate
* respect idToken expiry for lifetime of login
* fix checkstyle error
* Add respectIdTokenExpiry configuration
* changes from review
* rename respectIdTokenExpiry to logoutWhenIdTokenIsExpired
* changes from review
---------
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Introduced `QueuedThreadPool.maxEvictCount` to be the number of idle threads that are evicted in one idle timeout.
When set to 1 (the default), the old behavior is reproduced: expiring 1 thread every idle timeout.
When set to larger values, allows to keep around the threads for the idle timeout (in case of further load spikes), but allows to quickly recover OS memory when they are truly idle.
For example, with 2000 threads, 30 seconds idle timeout and idleTimeoutMaxShrinkCount=1, it will take 995 minutes (about 16.5 hrs) to shrink the pool back to 10 threads.
By setting idleTimeoutMaxShrinkCount=100, the thread pool can be shrunk to 10 threads in about 10 minutes.
Note also that the new algorithm is more aggressive at shrinking the thread pool.
Previously, a small load might have been sufficient to never evict any thread, because all threads could take turns at executing jobs so that threads were mostly idle but would never really idle time out.
The new algorithm is more aggressive even in presence of a small load, so that if `minThreads` are sufficient to cope with the small load, then the other threads are evicted.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>
Signed-off-by: Ludovic Orban <lorban@bitronix.be>
Co-authored-by: gregw <gregw@webtide.com>
Co-authored-by: Ludovic Orban <lorban@bitronix.be>
* Introduce HttpCompliance.MISMATCHED_AUTHORITY
* Update HttpCompliance.RFC2616
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Update NcsaRequestLogTest.testAbsolute
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Use RFC2616 mode in RFC2616 tests
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Alternative fix for mismatched host headers
This PR fixes the miss-matched host header issue in the Request.setMetaData method. This requires no change to the HttpParser.
A more comprehensive fix can be considered for jetty-12.
Signed-off-by: gregw <gregw@webtide.com>
* Alternative fix for mismatched host headers
Updates from review
Signed-off-by: gregw <gregw@webtide.com>
---------
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #8973 - Rework KeyStoreScanner handling for symlink related changes
+ Removed changes from #8786 and #8787
+ More test cases
+ revert jetty.sslContext.reload.followLinks boolean
+ Scanner should follow its own linkOptions setting
+ remove bad documentation in module-ssl-reload.adoc
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>