* Issue #4265 Remove doError
The doError method and the ErrorDispatchHandler class were
hang overs from when we needed to dispatch into a context to get sendError called, which would then generate the error page.
Now sendError doesn't do any generation, rather it changes state that arranges either for a minimal error page to be generated or an ERROR dispatch to a real handler/servlet to generate the error page.
Thus the ErrorDispatchHandler and doError methods can now be removed.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4265 Remove doError
Moved the error page dispatching logic back to the ErrorHandler class to assist with backwards compatibility
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4265 Remove doError
Moved the error page dispatching logic back to the ErrorHandler class to assist with backwards compatibility
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4265 doError
Updates from review.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Releasing the decrypted input buffer so that it can be re-acquired
with an expanded capacity.
Looping around only if the buffer size has changed.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Added workarounds for the Java 11 behavior.
In fill(), call closeInbound() if we filled -1 and the handshake
did not start yet. This avoids to send a ClientHello to the peer
even if we are closing.
In flush(), if the handshake status is NEED_UNWRAP but we are
closing, force a wrap().
Added test cases.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now rethrowing other exceptions as SSLHandshakeException
if they happen during the TLS handshake.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
It is now possible to pass a `SslContextFactory.Client` to HttpProxy
so that it is possible to use a keystore for the proxy communication
and another keystore for the server communication.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Fixed setting of host/port in AbstractConnectorHttpClientTransport
and HttpProxy so that the creation of SSLEngine can use the proper
host/port pair, and can be subsequently used in TLS components.
Introduced SslContextFactory X509ExtendedKeyManagerWrapper and
X509ExtendedTrustManagerWrapper as utility classes used internally
and in tests.
The test case for this issue required 3 keystores, so other test
classes have been refactored to use the new keystores.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Made jetty-alpn-client required by jetty-client.
Fixed groupId for test-proxy-webapp.
Added test case for the failing configuration.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Now exceptions thrown by fill() or flush() are stored in a field.
Further fill() operations will rethrow the original exception rather
than returning -1.
Returning -1 to application was causing them to close() with a generic
failure that was triggering the EOFException reported in this issue.
Now applications see the original exception and can close() with the
proper cause.
Re-enabled HostnameVerificationTest that was reproducing this issue
reliably but was @Disabled a while back and never re-enabled.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
1. Now forwarding the fillable event rather than assuming that is due
to garbage bytes or by a server close. This ensures that a HTTP read
consumes the TLS bytes and the `NewSessionTicket` message.
2. Avoid to set the `SslConnection` onto the `EndPoint` in
`SslClientConnectionFactory` - this allows upgrades to work properly,
for example when tunnelling through a secure proxy.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Introduced a Response.DemandedContentListener to explicitly separate
the will to request more content from the notification that the content
has been consumed.
Updated all transports to follow the new semantic: rather than waiting
for the callback to complete before delivering more content, now they
wait for the demand to be positive to deliver more content.
Since now the content may be unconsumed but there can be more demand,
all transport implementation had to be changed to use RetainableByteBuffer
to retain content buffers that were not consumed.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Greg Wilkins
Joakim Erdfelt
Simone Bordet
Marc-Olivier Fleury
Chris Walker
康智冬