* Issue #3863 - Enforce use of SNI.
Introduced SslContextFactory.rejectUnmatchedSNIHost (default false)
so that if no SNI is sent, or SNI does not match a certificate,
then the TLS handshake is aborted.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #3863 - Enforce use of SNI.
Updates after review.
Introduced SslContextFactory.SNISelector to allow application to write
their custom logic to select a certificate based on SNI information.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Issue #3863 Enforce SNI
Added two sniRequired fields - one at SslContextLevel and the other at the SecureRequestCustomizer. This allows rejection either at TLS handshake or by 400 response.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3863 Enforce SNI
cleanups from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3863 Enforce SNI
improved comments
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3863 Enforce SNI
syntax sugar
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3863 SNI
Updates from review. Extra test for sniSelector function
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Made method reportDifferences(...) private since it was exposing
package private class TimeNSize and no code outside of jetty-util
could have used it.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* issue exclude/include con name InetAccesHandler - add better unit test
this logic:
String name =
baseRequest.getHttpChannel().getConnector().getName();
return _names.test(name) && _addrs.test(addr);
Is not correct. it's treating the connector name exactly like the
filter. But that's not what it's intended to do. It's supposed to tell
what connectors are applicable to this filter. And what connectors are
not affected.
For example in the unit test there exists 2 connectors:
http
tls
We want to restrict the http connector, but we want to leave tls
connector alone.
So we would specify:
include = 192.168.1.1-192.168.1.254
includeConnector = http
The way the logic is above, it is treating the connector name as if it's
the filter itself. Which is not what I intended.
What i need in psuedo-code is this:
if (there are no "include connectors" OR if this connector is
included) AND (if this connector is not in the excluded list)
---> Then apply the IP filter.
Signed-off-by: Nicholas DiPiazza <nicholas.dipiazza@lucidworks.com>
* exclude should take precedence over include
Signed-off-by: Nicholas DiPiazza <nicholas.dipiazza@lucidworks.com>
* Issue #4193 InetAccessHandler
reverted changes to IncludeExcludeSet
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4193 InetAccessHandler
updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4188 Spin in close of GzipHandler
Cleanup and simplify code
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4188 Spin in close of GzipHandler
Fix slice code. Added unit test for it.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4188 Spin in close of GzipHandler
Fixed last slice.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* cleanup from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
There is a race between the doStop clearing the key map and the watching thread
checking isRunning before iterating over the key map.
While more sophisticated approaches could be used, I think that is best to defer
until this class is reworked entirely. For now just using a ConcurrentHashMap will
avoid the exception and the closing of the pathwatcher will prevent watching forever.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Fixed setting of host/port in AbstractConnectorHttpClientTransport
and HttpProxy so that the creation of SSLEngine can use the proper
host/port pair, and can be subsequently used in TLS components.
Introduced SslContextFactory X509ExtendedKeyManagerWrapper and
X509ExtendedTrustManagerWrapper as utility classes used internally
and in tests.
The test case for this issue required 3 keystores, so other test
classes have been refactored to use the new keystores.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Several QTP fixes:
* #4105 Threads without jobs now check if they should idle die before waiting rather than before, this allows idling under steady load. 3ad6780
* #4121 ThreadFactory behaviour supported by doing thread config within newThread call. 7b306d7
* #4122 Always clear the interrupted status. c37a4ff
task = queue.poll(timeout);
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #4105 - starting a thread in QTP now increments idle count
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* Issue #4105 - improve comments in test
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Added test to reproduce issue
Fixed bug from #2772 where output was shutdown on DONE without checking for END.
Fixed aggregation logic to aggregate last write if aggregation already started
Improved comments and clarify conditions
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Now using the _size AtomicInteger to resolve the race between stopping
and adding to the stack.
A _size of -1 now means no more threads can be added to the stack, and
the loop in doStop() will now only exit if it can set the size to -1.
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Introduced a Response.DemandedContentListener to explicitly separate
the will to request more content from the notification that the content
has been consumed.
Updated all transports to follow the new semantic: rather than waiting
for the callback to complete before delivering more content, now they
wait for the demand to be positive to deliver more content.
Since now the content may be unconsumed but there can be more demand,
all transport implementation had to be changed to use RetainableByteBuffer
to retain content buffers that were not consumed.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Code cleanups and reformatting.
Fixed logic for SETTINGS frame replies: they are not subject to rate control.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Issue #3964
* Avoid creating listener list for rarely used requestAttributeListener
* AbstractConnector keeps a specific list of HttpChannel.Listeners
to avoid Connection.Listeners and MBean listeners being added to
the HttpChannel listener list.
* Simplified listener handling by avoiding null connector, previously
only needed for testing.
* Fixed test that assumed HttpChannel listeners were not cleared by a recycle
* Separated out durable vs cyclic HttpChannel.Listeners, so as to
simplify handling.
* Deprecated cyclic HttpChannel.Listeners, as I'm not sure the channel is
the right place for them.
* Added improved method to combine multiple HttpChannel Listeners
into a single Listener.
* Fixed MockConnector
* Added benchmark
* Improved benchmark
* Updates from review
* Removed benchmark and alternate implementations.
* Updated javadoc
* Updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3806 async sendError
Avoid using isHandled as a test withing sendError as this can be
called asynchronously and is in a race with the normal dispatch of the
request, which could also be setting handled status.
The ErrorHandler was dispatching directly to a context from within
sendError. This meant that an async thread can call sendError and be
dispatched to within the servlet container at the same time that the
original thread was still dispatched to the container.
This commit fixes that problem by using an async dispatch for error
pages within the ErrorHandler. However, this introduces a new problem
that a well behaved async app will call complete after calling
sendError. Thus we have ignore complete ISEs for the remainder of
the current async cycle.
Fixed the closing of the output after calling sendError. Do not
close if the request was async (and thus might be dispatched to an
async error) or if it is now async because the error page itself is
async.
* updates from review
* better tests
* revert ignore complete
* added some TODOs
* more TODOs
* fixed rename
* cleanup ISE and more TODOs
* refactored to call sendError for uncaught exceptions rather than onError
* more of the refactor
* extra tests for sendError from completing state
Reworked HttpChannelState and sendError so that sendError is now
just a change of state. All the work is done in the ErrorDispatch
action, including calling the ErrorHandler. Async not yet working.
Additional tests
Converted ERRORED state to a separate boolean so it can be used for
both Sync and Async dispatches.
Removed ASYNC_IO state as it was just the same as DISPATCHED
The async onError listener handling is now most likely broken.
WIP making sendError simpler and more tests pass
WIP handling async and thrown exceptions
WIP passing tests
Improved thread handling
removed bad test
Implemented error dispatch on complete properly
more fixed tests
sendError state looks committed
- Added resetContent method to leave more non-content headers during sendError
- Fixed security tests
- simplified the non dispatch error page writing. Moved towards being able to write async
* fixed gzipHandlerTest
* Updated handling of timeout errors. According to servlet spec,
exceptions thrown from onTimeout should not be passed to onError, but
just logged and ignored:
If an exception is thrown while invoking methods in an AsyncListener,
it is logged and will not affect the invocation of any other AsyncListeners.
* This changes several tests.
* Dispatcher/ContextHandler changes for new ERROR dispatch handling. Feels a bit fragile!
* Fixed tests in jetty-servlets
* Fixed tests in jetty-proxy
* more test fixes
* Fixed head handling
reverted unnecessary changes
Improved reason handling
WIP on fully async error handling.
Simplified HttpChannelState state machines to allow for async actions
during completing
more WIP on fully async error handling.
sendError and completion are not both non-blocking, without using
a startAsync operation. However we are lacking unit tests that actually
exercise those code paths.
* Simplified name of states
Added test for async completion
* Cleanups and javadoc
* Cleanups and javadoc
* remove snake case
* feedback from review
* Write error page into fixed pooled buffer
Use the response to get/release a pooled buffer into which the error
page can be written. Make it a fixed sized buffer and if it overflows
then no error page is generated (first overflow turns off showstacks
to save space).
The ErrorHandler badly needs to be refactored, but we cannot change
API in jetty-9
* More test fixes for different error page format
* minor cleanups
* Cleanup from Review
* Fixed javadoc
* cleanups and simplifications
* Cleanup from Review
* renaming and some TODOs
* Cleanup from Review
* Checkstyle fixes
* Cleanup from Review
* Code cleanups and simplifications
* fixed debug
* Cleanup from Review
* Ensure response sent before server shutdown
* removed unnecessary optimisation
* fixed duplicate from merge
* Updates from review
Signed-off-by: Greg Wilkins <gregw@webtide.com>
+ Adding SameFileAliasChecker to help with environments
where the Alias and the Path point to the same file,
by relying on the FileSystem and Path implementation
to make the determination if the two Path references
truly point to the same file.
+ Minor cleanup of FileSystemResourceTest
+ Additional DefaultServletTest for this UTF-8 differences
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ OSX File is `swedish-å.txt`
+ OSX has NFD form UTF-8 characters. `swedish-a%CC%8A.txt`
+ HTTP uses normal form UTF-8. `swedish-%C3%A5.txt`
+ A HTTP GET request should work against the resource
being requested, regardless of UTF-8 style used.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Updated code after review.
Now a managed failed bean is restarted if its container is restarted.
Added more test cases.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Removed usage of StringUtil.
Moved fields together at top of the class to avoid
class initialization ordering issues.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Previously beans were started if they were not running, which
included them being in a STOPPING state.
Now beans are only started if they are in STOPPED state.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Updated code to reflect reviews.
Now lookup of system properties and server attributes is done in
ContextHandler.doStart(), so that the getter always return the
actual value (and this is good for JMX too).
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
+ Construction of PathResource now tests if path belongs
to the Default FileSystem or not. This important info
for later actions against the PathResource that would
need to know the File object for the Path object.
Non-Default FileSystem == null
Default FileSystem == Path.toFile()
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ SPARSE hint only applies to real os file systems or
default file systems, not for all file systems.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ Reverting toFile().getInputStream() on PathResource
+ Adding RangeWriter concept for managing open resource
across multiple range writes
+ RangeWriter implementation delegates to HttpContent behaviors
Lookup is :
- Direct Buffer
- Indirect Buffer
- ReadableByteChannel (as SeekableByteChannel)
- InputStream
+ Adding unit tests for all RangeWriter implementation to ensure
that they behave the same way everywhere.
+ Making ResourceService use new RangeWriter implementation
+ Existing DefaultServletRangeTest still works as-is
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Made TRUST_ALL_CERTS implement X509ExtendedTrustManager,
so that it does not get wrapped in sun.security.ssl.AbstractTrustManagerWrapper,
which performs additional trust checks.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
+ Allowing CachedHttpContent._contentLengthValue actually hold
the `long` resource size (for the 4G variant on test)
+ Allowing BufferUtil to not throw Exception if resource length
is a positive value, but exceeds Integer.MAX_VALUE, opting instead
to return a null to prevent excessive memory usage. (fixes the 10G
variant of test)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Issue #3700 if a location is null then consider if there are inclusions and/or exclusions when matching a class.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Removing Legacy Method Separators
* Restyling branch `jetty-9.4.x`
* Applying changes highlighted by checkstyle
* Applying XML restyling
* Fixing XML codestyle for IntelliJ
* Fixing XML style mistakes
* Revert "Applying XML restyling"
* Updating checkstyle for XML codestyle
* Reformatting pom.xml files
* Fixed empty string from line wraps
* Update intellij style to not do expression relative formatting. Reformatted code based on that.
* Increasing line split on Eclipse IDE Formatter to 512
* Restoring setting on internal default value.
+ IntelliJ will not export settings on things that set to their
internal default values.
We want to keep those values as a hedge against future default
value changes in future releases of IntelliJ.
* Fixing intellij codestyle
* do not allow single line simple methods
* misc checkstyle fixes
* re-exported with correct name and all values
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
+ Reverting commit against IncludeExcludeSet
+ TypeUtil.getLocationOfClass is now MethodHandle based
+ new ModuleLocation class provides Module behaviors for Java 9+
Runtimes, and is used by new MethodHandle based getLocationOfClass
+ Jetty 10 doesn't need reflect complexity of ModuleLocation class
and can be inlined as real code in TypeUtil
+ TypeUtil.getLocationOfClass is only guaranteed to return the
URI to the container holding the location of the class, or null.
- The JAR file - most common
- The Directory - 2nd most common - a classpath dir entry
- The jrt:// module reference - if a module reference
+ URLResource support for results of getLocationOfClass is deprecated
(nothing was using it anyway)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ TypeUtil.getLocationOfClass() respects Class.getClassLoader() of null
which means a class belonging to Boot ClassLoader, a Primitive, Void,
or a dynamic in-memory class. Using system classloader is incorrect
and invalid in Java 9+
+ Fixing IncludeExcludeSet.test() to always return TRUE or FALSE
never null.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #3755 Annotation example cleanup
+ Created JettyDistribution class as common utility to locate a jetty distribution for examples.
+ Fixed ServerWithAnnotations to correctly use the test-spec-webapp
+ Added AttributeContainerMap as a better way to treat attribute values as beans. This avoids them appearing twice in a dump and always associates them with their key.
+ Added NamingDump and use it in EnvConfiguration and jetty-plus.xml so that a server dump will contain dumps of the server local tree and each contexts java:comp/env tree
+ Improved the dump format of NamingContext and WebAppContext
+ Improved the toString format of several associated classes
Signed-off-by: Greg Wilkins <gregw@webtide.com>
+ StringUtil.replace()
+ StringUtil.replaceFirst()
+ StringUtil.sanitizeFileSystemPath()
Change existing usages of String.replace() to either
use new StringUtil.replace() or other methods elsewhere
that better suit that specific need.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* upgrade log4j2 version and fix log4j2.xml provided sample, add disruptor if users wants to use async logging
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
+ Removed regex usage
+ More unit tests
+ Adding jmh test for improvements (see PR #3716 for published results
of old vs new implementation)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Added warnings for invocation of deprecated constructors and methods.
Moved methods exclusively used by XmlConfiguration from TypeUtil.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
+ Deprecated B64Code
+ All code that isn't B64CodeTest is now using java.util.Base64
+ B64CodeTest is updated to confirm change to java.util.Base64
is possible without change in behavior. Just have to make
sure you use the appropriate Encoder / Decoder for the task
at hand (default vs mime vs url)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Added support for the X-Forwarded-Port header.
Reimplemented header scanning using more efficient Trie and MethodHandles
Signed-off-by: Greg Wilkins <gregw@webtide.com>
previously if there were no idle threads, QueuedThreadPool.execute()
would just queue the job and not start a new thread to run it
Signed-off-by: lachan-roberts <lachlan@webtide.com>
previously if there were no idle threads, QueuedThreadPool.execute()
would just queue the job and not start a new thread to run it
Signed-off-by: lachan-roberts <lachlan@webtide.com>
+ Even though this was reported against Windows, the solution
implemented should be sane for all OS or FileSystem combinations.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ Even though this was reported against Windows, the solution
implemented should be sane for all OS or FileSystem combinations.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
+ If optional Security Provider is configured, then use it consistently
for all security objects that take a Provider argument.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
- Fixes deflater/inflater pool validation
- Removes validation tests of Flators for pool
- Eroding pool usage; fixes cleanup of Deflaters
Signed-off-by: bkmz <ilya.cherkasov@gmail.com>
as the QueuedThreadPool was being stopped, jobs could be taken out of
the QueuedThreadPool job queue but then not run
also cleaned up QueuedThreadPool _runnable code to simplify it
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Introduced SslContextFactory subclasses Client and Server.
Replaced all usages of SslContextFactory with either Client or Server
as required.
Refactored configuration checking so that warnings are not emitted
when non necessary.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* add jdk12 build stage
* test last release of infinispan for jdk12 build
* fix upperBound dependency for jboss logging
* upgrade juniper to 5.4.0 and disable infinispan test if JRE.JAVA_12
* Fixed annotations to exclude any JDK > 11 for 3 tests.
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Added a SslHandshakeListener to SslConnection that performs
the host name verification (only on the client) if the
HostnameVerifier has been configured in SslContextFactory.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Made default endpointIdentificationAlgorithm=HTTPS to avoid warnings
when SslContextFactory is used on a server.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
+ Do not rely on Object.toString() for representing self (aka:this)
in the dump output. Using Object.toString() can result in lots
of duplicated information in the dump (and super long lines)
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Fixes Issue #3103 - HttpClient buffer leak found by dump improvements
The leak problem was an additional, unnecessary, call retain() in ResponseNotifier.notifyContent() that was leaking `ByteBuffer`s.
* Issue #3049 Warn on common SslContext vulnerable configurations
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Adding documentation notes for weak cipher warnings
Signed-off-by: WalkerWatch <ctwalker@gmail.com>
* Issue #3049 - SslContextFactory warnings on known bad config
+ Changes warnings from being a boolean on SslContextFactory
to being a logger named
"org.eclipse.jetty.util.ssl.SslContextFactory.config"
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #3049 - SslContextFactory warnings on known bad config
+ Cleanup based on review
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #3049 - SslContextFactory warnings on known bad config
+ Cleanup based on review
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Fixed dump() in QueuedThreadPool.
When the dump was not detailed, it was printing jobs=0 even if there
were jobs in the queue.
Given that it was adding no information (actually misleading information)
and that the queue size is already reported by QueuedThreadPool.toString()
the jobs are not dumped if the dump is not detailed.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
* Cleanup the dump implementation
* improved the clarity of utility methods for dump and updated most dump methods
* fixed upgrade filter dump
* Improved dump after review
* Moved dumpObjects to Dumpable
* implemented dumpBeans with dumpObjects
* less verbose dump
* Dump streams
* fixed dump test
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Jan Bartel
Joakim Erdfelt
Simone Bordet
Greg Wilkins
contextshuffling
Lachlan
康智冬
Olivier Lamy
Michael Hausegger
bkmz
Olivier Lamy