Commit Graph

990 Commits

Author SHA1 Message Date
Joakim Erdfelt c91e3fbc48
Updating to version 10.0.20-SNAPSHOT 2023-12-15 14:49:33 -06:00
Joakim Erdfelt 8492d1c78f
Updating to version 10.0.19 2023-12-15 14:38:06 -06:00
Gary Gregory 0efee0bf95 Use String#isEmpty() 2023-11-28 17:46:42 -05:00
Joakim Erdfelt c50aa2f61b
Updating to version 10.0.19-SNAPSHOT 2023-10-26 21:10:08 -05:00
Joakim Erdfelt 8545fd9bf4
Updating to version 10.0.18 2023-10-26 20:59:27 -05:00
Joakim Erdfelt 722b97ad6a
Updating to version 10.0.18-SNAPSHOT 2023-10-09 13:32:28 -05:00
Joakim Erdfelt af15f12297
Updating to version 10.0.17 2023-10-09 13:21:53 -05:00
Joakim Erdfelt 896dee2466
Updating to version 10.0.17-SNAPSHOT 2023-08-25 14:27:38 -05:00
Joakim Erdfelt a2735a9ae9
Updating to version 10.0.16 2023-08-25 14:10:55 -05:00
Joakim Erdfelt ca3c1756ad
Updating to version 10.0.16-SNAPSHOT 2023-04-11 13:23:25 -05:00
Joakim Erdfelt 68017dbd00
Updating to version 10.0.15 2023-04-11 12:24:32 -05:00
Olivier Lamy e62cc0344a Updating to version 10.0.15-SNAPSHOT 2023-03-01 18:55:10 +10:00
gregw 7a7d69a69f Happy no year
Remove modification date from copyright notice and instead just have the
project inception year.

Signed-off-by: gregw <gregw@webtide.com>
2023-02-15 15:22:32 +11:00
Greg Wilkins 5f25f5b389
Fix/jetty 10.0.x/uri host mismatch alt (#9343)
* Introduce HttpCompliance.MISMATCHED_AUTHORITY

* Update HttpCompliance.RFC2616

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>

* Update NcsaRequestLogTest.testAbsolute

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>

* Use RFC2616 mode in RFC2616 tests

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>

* Alternative fix for mismatched host headers

This PR fixes the miss-matched host header issue in the Request.setMetaData method. This requires no change to the HttpParser.
A more comprehensive fix can be considered for jetty-12.

Signed-off-by: gregw <gregw@webtide.com>

* Alternative fix for mismatched host headers

Updates from review

Signed-off-by: gregw <gregw@webtide.com>

---------

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: gregw <gregw@webtide.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2023-02-14 07:43:19 +11:00
Joakim Erdfelt 54c4c03244
Updating to version 10.0.14-SNAPSHOT 2022-12-07 14:33:17 -06:00
Joakim Erdfelt 1c2636ea05
Updating to version 10.0.13 2022-12-07 14:12:50 -06:00
Joakim Erdfelt 7e1de8b1e2
Issue #8973 - Rework KeyStoreScanner handling for symlink related changes (#9014)
* Issue #8973 - Rework KeyStoreScanner handling for symlink related changes

+ Removed changes from #8786 and #8787
+ More test cases
+ revert jetty.sslContext.reload.followLinks boolean
+ Scanner should follow its own linkOptions setting
+ remove bad documentation in module-ssl-reload.adoc

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
2022-12-07 09:24:19 -06:00
Lachlan 690220fc40
Merge pull request #8787 from eclipse/jetty-10.0.x-8786-KeyStoreScanner-Symlink
Issue #8786 - add configuration for KeyStoreScanner to not resolve aliases
2022-11-10 17:17:59 +11:00
Joakim Erdfelt f99da578af
More reliable `AllowedResourceAliasCheckerTest` (#8872)
* More reliable AllowedResourceAliasCheckerTest

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-11-08 16:16:37 -06:00
Lachlan Roberts 0a14cca307 changes from review - rename resolveAlias to followLinks
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-11-03 20:37:55 +11:00
Lachlan Roberts 8607e3ef15 changes to ssl-reload module & documentation from review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-11-03 18:54:53 +11:00
Lachlan Roberts 4d15593d63 Issue #8786 - add configuration for KeyStoreScanner to not resolve aliases
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-10-31 14:39:32 +11:00
Olivier Lamy dbd07146ec
merge back release branch to bump version to 10.0.13-SNAPSHOT (#8593)
* Updating to version 10.0.12

* Updating to version 10.0.13-SNAPSHOT

* VERSION.TXT =+ content of jetty-9.4.49.v20220914 release

* remove strange line and reorder
2022-09-16 19:50:12 +10:00
Simone Bordet 77ad0189ba
Fixes #8532 - Review System.nanoTime() usages. (#8535)
* Fixes #8532 - Review System.nanoTime() usages.

Introduced o.e.j.util.NanoTime class to deal with nanoTimes.

Now NanoTime.now() should be used instead of System.nanoTime(),
and various <unit>[elapsed|since|until]() methods to calculate nanoTimes.

Furthermore, comparing 2 nanoTimes should be done via isBefore(),
rather than using the < operator, which is wrong as specified in
the System.nanoTime() javadocs.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2022-09-06 09:30:02 +02:00
Lachlan 998bc8c7e8
Merge pull request #8315 from eclipse/jetty-10.0.x-8296-AliasChecking
Issue #8296 and #8259 -  AllowedResourceAliasChecker improvements
2022-08-08 13:23:02 +10:00
Lachlan Roberts 99cb930d78 changes from review PR #8315
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-07-27 10:21:35 +10:00
Lachlan Roberts cff4ff6c98 Issue #8296 - attempt to resolve symlinks for baseResource in ContextHandler.doStart()
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-07-21 18:59:51 +10:00
Joakim Erdfelt cbed42491a
Excluding Stress/Slow tests from normal CI builds. (#8314)
Nightly CI builds still run them.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-07-21 02:40:26 -05:00
Lachlan Roberts 6c35fc6f65 Issue #8259 - AliasCheckers for different resource bases on same Context
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-07-18 17:22:38 +10:00
Lachlan Roberts 5f246ae5d7 Issue #8296 - add test for issue 8296
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
2022-07-18 15:20:44 +10:00
Joakim Erdfelt 64d12e2a5a
Merge Release 10.0.11 back into `jetty-10.0.x` branch (#8194)
* Updating to version 10.0.11

* Updating to version 10.0.12-SNAPSHOT
2022-06-22 16:24:48 -05:00
Joakim Erdfelt c2bc103cb9
Merge Release 10.0.10 back into `jetty-10.0.x` (#8180)
* Updating to version 10.0.11-SNAPSHOT
2022-06-21 14:41:41 +02:00
Joakim Erdfelt 16420f0181
Set version to `10.0.10-SNAPSHOT` (#7823)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-04-03 20:33:44 +10:00
Joakim Erdfelt f079949a35
Merge Release 10.0.9 (#7821)
* Updating to version 10.0.9

* Updating to version 10.0.10
2022-04-02 08:43:44 -05:00
dependabot[bot] 6b25c271b1
Bump jolokia-war from 1.3.3 to 1.7.1 (#6907)
* Bump jolokia-war from 1.3.3 to 1.7.1

Bumps jolokia-war from 1.3.3 to 1.7.1.

---
updated-dependencies:
- dependency-name: org.jolokia:jolokia-war
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

* Adding HashLoginService to jolokia.xml
* Fixing typo in FQCN for Jetty Password utility
* Using logger to print warning, not ServletContext.log() as it causes an NPE.

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-03-29 21:04:35 -05:00
Simone Bordet a4fda96f49
Updating to version 10.0.9-SNAPSHOT 2022-02-07 12:02:02 +01:00
Simone Bordet 716c7afd8e
Updating to version 10.0.8 2022-02-07 11:34:12 +01:00
Joakim Erdfelt cb127793e5
Happy New Year 2022 (#7459)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-01-27 10:42:30 -06:00
Lachlan e345ee28a5
Issue #7059 - prevent an internal NPE in AllowedResourceAliasChecker doStart (#7076)
- prevent an internal NPE in AllowedResourceAliasChecker doStart
- Fix LifeCycle issues with AllowedResourceAliasChecker
- add null check for protected targets in toString.
- improve warning message for AllowedResourceAliasChecker
- add AllowedResourceAliasCheckerTest
2021-12-07 09:37:11 +11:00
Joakim Erdfelt cfc67f86d2 Updating to version 10.0.8-SNAPSHOT 2021-10-06 14:51:32 -05:00
Joakim Erdfelt da8a4553af Updating to version 10.0.7 2021-10-06 14:32:37 -05:00
Olivier Lamy 51d44a3401
use dependencyManagement for internal dependencies (#6940)
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2021-09-30 16:57:19 +10:00
Greg Wilkins aa793eeafe
Jetty 10.0.x 6497 alias checkers alt (#6681)
* Issue #6497 - Replace the Alias checkers with new implementation.

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Co-authored-by: Lachlan Roberts <lachlan@webtide.com>
2021-09-21 18:35:51 +10:00
Joakim Erdfelt c5a33e27d2
Issue #5684 - Windows test overhaul (#6581)
Issue #5684 - Window's test overhaul

+ Migrate from @DisabledOnOs(WINDOWS) to assumptions on capabilities instead.
+ Fix other outstanding windows testing issues.
+ Cleanup FileBufferedResponseHandlerTest expectations on Windows.
+ PathWatcher scan interval is variable on windows
+ If unable to start testcase based on assumption,
  the stop shouldn't fail testcase
+ Increase various wait timeouts
+ Make tests less strict due to system speed issues
+ Disable Sni tests due to TLS behaviors differences in Windows
  + Windows TLSv1.3 seems to introduce this difference
  + If we restrict to TLSv1.2 this passes.
  + On Linux TLSv.13 on client side will always return a
  + javax.net.ssl.SSLHandshakeException in those test cases that expect it.
  + However, on Windows, Only the TLSv1.2 implementation will return a javax.net.ssl.SSLHandshakeException,
  + All other TLS versions on Windows will result in a
  + javax.net.ssl.SSLException: Software caused connection abort: recv failed
+ Disable ConcurrentStreamCreationTest
  + Not possible to create all of these streams.
+ Fixing DeploymentTempDirTest
  + Using unique workdir per testcase.
  + Don't expect to delete files / directories between tests
    (not supported on windows due to file locking anyway)
 + Fixing line ending difference on windows
 + InvalidPathException is a 404 Not Found
 + Cannot reuse test directory between runs due to memory mapped files that are still in use from previous run.
 + java.nio.file.FileSystemException: C:\code\jetty.project\jetty-webapp\target\tests\welcome#\index.html: The requested operation cannot be performed on a file with a user-mapped section open.

	at java.base/sun.nio.fs.WindowsException.translateToIOException(WindowsException.java:92)
	at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:103)
	at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(WindowsException.java:108)
	at java.base/sun.nio.fs.WindowsFileSystemProvider.newByteChannel(WindowsFileSystemProvider.java:235)
	at java.base/java.nio.file.spi.FileSystemProvider.newOutputStream(FileSystemProvider.java:478)
	at java.base/java.nio.file.Files.newOutputStream(Files.java:220)
	at org.eclipse.jetty.webapp/org.eclipse.jetty.webapp.WebAppDefaultServletTest.prepareServer(WebAppDefaultServletTest.java:84)

 + As is typical on windows, we are often unable to delete a file due to file locking issues.
 + Use a unique resource base between tests.
   This is to avoid file locking behaviors that prevent the
   resource base from being reused too quickly on windows.
 + Prevent test run if symlinks not supported
 + Allowing for Windows slosh char as well in asserts
 + SelectorUtils is File.separator dependent
 + Regex is now FS.separator independent
 + Using SelectorUtils from plexus correctly for include/exclude
 + Turning off mapped files for testing reasons.
 + Fix and re-enable RFC2616NIOHttpsTest
 + Issue #6552 - Fix test failures due to slf4j dep
 + Issue #6552 - upgrade testcontainers
 + Issue #6552 - move to assumption based docker existence
 + Issue #6552 - Fix enforcer rule violation on jna.
  Addresses the following side effect of upgrading testcontainers.

[WARNING] Rule 3: org.apache.maven.plugins.enforcer.RequireUpperBoundDeps failed with message:
Failed while enforcing RequireUpperBoundDeps. The error(s) are [
Require upper bound dependencies error for net.java.dev.jna:jna:5.6.0 paths to dependency are:
+-org.eclipse.jetty:infinispan-remote-query:10.0.7-SNAPSHOT
  +-org.testcontainers:testcontainers:1.16.0
    +-com.github.docker-java:docker-java-transport-zerodep:3.2.11
      +-net.java.dev.jna:jna:5.6.0 (managed) <-- net.java.dev.jna:jna:5.8.0

 + use annotation to disable test when docker not available and needed
 + Disabling FileSessionDistributionTests.stopRestartWebappTestSessionContentSaved on Windows
 + Using TLS basic
 + Programmatic removal of memory mapped behavior during testing
 + Fixing slf4j warning

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Co-authored-by: Olivier Lamy <oliver.lamy@gmail.com>
2021-08-26 11:26:46 -05:00
Joakim Erdfelt fdc210f382
Remove unused imports
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-07-27 08:03:00 -05:00
Joakim Erdfelt c245a70893 Updating to version 10.0.7-SNAPSHOT 2021-06-29 10:51:22 -05:00
Joakim Erdfelt 37e7731b4b Updating to version 10.0.6 2021-06-29 10:27:56 -05:00
Lachlan 3c32afa05c
Issue #6473 - canonicalPath refactor & fix alias check in PathResource (Jetty-10) (#6478)
Issue #6473 - canonicalPath refactor & fix alias check in PathResource

* Reverted %-escape handling for URI query parts.
* Performing canonicalization in ServletContext.getResource(),
  and improving alias checking in ContextHandler.getResource().
* Performing canonicalization checks in Resource.addPath() to avoid
  navigation above of the root.
* Test added and fixed.
* Various cleanups.
* Improved javadoc and comments
* Compliance mode HttpURI uses UriCompliance.Violation

Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Co-authored-by: Greg Wilkins <gregw@webtide.com>
2021-06-29 15:42:39 +02:00
Joakim Erdfelt 9d2d1e29b7 Updating to version 10.0.6-SNAPSHOT 2021-06-11 09:42:42 -05:00
Joakim Erdfelt dc21b2d73c Updating to version 10.0.5 2021-06-11 09:18:00 -05:00