Introduced PlainOrSslConnectionFactory, to "sniff" the first bytes
on a connection and upgrade to SSL (if the bytes are TLS bytes), or
upgrade to a specific, configured, protocol.
Added also the ability to fail the upgrade in case of a `http`
request to a `https` port and write a minimal response to the client.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Made default endpointIdentificationAlgorithm=HTTPS to avoid warnings
when SslContextFactory is used on a server.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
This interface is currently package-private while it's in the
signature of several public methods (e.g. addLowResourceCheck, getLowResourceChecks)
Signed-off-by: Bjørn Christian Seime <bjorncs@yahoo-inc.com>
Deletes the deprecated NcsaRequestLog classes
Updates modules to use CustomRequestLog by default
Move jetty-customrequestlog.xml from home to base
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Updated module-info.java to reference the "jetty.servlet.api" module.
* Updated POMs to reference the o.e.j.toolchain:jetty-servlet-api artifact.
* Removed references to jetty-schemas.jar.
* Updated attribute "org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern"
to match the new Jetty Servlet API jar.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
%t now takes in locale and timezone in the format string argument
instead of getting it from the setters on the CustomRequestLog class
fixed issue with multiline format strings
requestLog writers are now managed objects
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
removed tests for %B and %b which have been removed in favor of %O
adjusted the NcsaRequestLogTest to only test ExtendedNCSA format
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
replaced terminology for addresses and ports to use
client and server referring to the logical connection and
local and remote referring to the physical connection to the first hop
finished implementing tests in CustomRequestLogTest otherwise
disabled tests which will be verified manually instead
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Fixes#2978 - Add module-info to relevant Jetty modules.
Added module-info.java for Jetty modules that are not test modules.
Moved jetty-http test utility classes to new module "jetty-http-tools".
Removed generation of test-jar from websocket-core.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
added missing copyright header in some new files
added CustomRequestLogTest in jetty-servlet to test things like
logFilename and logRequestHandler
the log strings produced do no longer contain a trailing newline
implemented more tests in CustomRequestLogTest
and finished implementing some of the logging in CustomRequestLog
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Issue #3038 - SSL connection leak.
Fixed SSL spin caused when fill had NEED_WRAP, but a flush/wrap
produced 0 bytes and stayed in NEED_WRAP
Removed check of isInputShutdown prior to filling that allowed EOF to
overtake data already read.
Fix for leak by shutting down output in HttpConnection if
filled -1 and the HttpChannelState was no longer processing
current request.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Introduced the RequestLog.Writer where a RequestLog takes a writer
which manages what to do with the log strings produced by the RequestLog
deprecated the NCSA and SLF4J RequestLogs in favor of CustomRequestLog
Implemented more format codes in CustomRequestLog
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
fixed parsing issues for the format string by parsing left to right
and reversing the list of parsed tokens
reduced to parsing to single regex expression
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
* Adding more todos
* More websocket test updates
* Adding more information to exception about mismatched hash
* AcceptHash improved testing
* Prevent duplicate request headers
* Removing ability to use LocalFuzzer entirely (until its fixed)
* JSR356 HandshakeResponse header modifications are now allowed during Configurator
* Correcting MessageSink creation
* Using proper sub-protocol
* Metadata remembers OnMessage.maxMessageSize now
* Minor test updates
* Issue #2172 - Fixing JSR-356 Decoder discovery and OnMessage wiring
* More websocket test updates
* Update for null/empty payload
* Partial String Message Sink fix
* More websocket fixes around InputStream handling
* Moving proposed Abstract FrameHandler hierarchy into core main
* More testing fixes, along with a change to use the new core Abstract*FrameHandler
* Adding WebSocket URI validation
* Updating copy found in other API with improvements made in first API.
* More websocket test updates
* Fixing compilation
* WebSocket test fixes
* Fixing ContinuationTest assertions
* fixed package
* Added some better examples of QuotedCSV
I think this test is trying to use QuotedCSV in the wrong way, as it often is offering values when it should be testing parameters.
I have added some examples to show that QuotedCSV is capable of handling the quotes, spaces and embedded commas of the tests, but only
for parameters and not for values. The question is, is this sufficient for websocket?
* Improve close handling
The handling of a Close Frame may close the endpoint, so parsing should not continue
* moved old AbstractFrameHandler to test
* implement ingoing and outgoing frame sequence checking
* More work on javax.websocket parameterized server
* Bumping up pom plugin versions to jetty-9.4.x standards
* Merging up Jenkinsfile to attempt to fix CI build issues
* JSR356 @PathParam testing
* More WebSocket testing updates
* More WebSocket testing updates
* WebSocket Idle Timeout from FrameHandler specific policy
* WebSocket/JSR Pong support
* WebSocket/JSR Correcting MessageHandler.Whole<PongMessage> handling
* URL Decode UriTemplatePathSpec values
* Fixing test expectations
* Fixing AbstractWholeMessageHandler buffer flip
* More websocket test fixes
* Updated ALPN version for JDK 8u181.
* Removing QuotedUtil from WebSocket-core
+ Moved to QuotedCSV for most usages
+ Introduced HeaderUtil to satisfy remaining use cases
* Review of HttpClient names and Thread names.
+ Javax WebSocket Server = "Javax-WebSocketServer@####"
+ Javax WebSocket Client = "Javax-WebSocketClient@####"
* added OpCodeTest.java
* Minor Frame cleanup
* MessageOS cleanup
* Made the OpCode of WebSocket Frame immutable.
Frames can no longer be set as a continuation and should now be copied using the ContinuationFrame constructor
DataFrames can no longer be created without one of the subclasses as the public constructor was removed in favour of newDataFrame method
* Chat test
* Work on Chat Test
Moved implementation of assertValid to WebSocketFrame
Removed getFinRsvOp
* removed constructors for DataFrame using a basedOn Frame
instead use constructors with opCode, payload and fin bit
* refactor of WebSocket Frames WIP
* WIP: resolved failing tests
* CloseStatus rework, now use CloseStatus.toFrame to create Close Frames
new DelegateFrame class which ReadOnlyFrame extends
trim utf8 byte array in CloseStatus to utf8 character boundaries only
* working on test to test socket io erros in websocket-core
* renaming for clarity
Gave up on maintaining old names, as this is a different package anyway so some adaption will be needed regardless.
* Moved AbstractFrameHandlers to common
Only have a AbstractTestFrameHandler in core
* Close uses CloseStatus
Reduced the parsing and generation of CloseStatus when closing
* merge
* work on WebSocketTest
* cleanup log
* wip
* files missing comment header
jetty-jmh was using 9.4.12-SNAPSHOT now using 10.0.0-SNAPSHOT
* thread names
* remove sequence check from parser
* minor cleanups
* Call frameHandler externally to parser
* OpCode.check now throws ProtocolException instead of returning boolean
changed ProtocolException messages in OpCode.check
* removed Frame.Type and use OpCode instead
separated out FrameValidation for parser into method in WebSocketChannel
* moved remaining frame validation checks into WebSocketChannel
* referenced counted buffer
* cleanups
* wip on demand side
* First attempt at demandable
* demand control
* clean up reference counting
* clean ups
* WebSocketServerTest
* wip
* fixed auto fragmentation
* simple demand test
* test demand and retain
* Added validation back into the Parser
split up validation in WSChannel into methods for incoming and outgoing
fixed various tests in websocket-core
* more tests
* fixed remaining tests failing due to the changes to frame validation
* cleanups
* more autobahn refixes
* adjust mask for auto fragments
* clear mask
* fully close on unrecoverable error and not wait for close response
* Removed the CoreFuzzer and ContinuationTest
These tests are now covered elsewhere.
* remove declared exception onClosed
* Test delay close
* Test handler close
* fixed test dependency
* moved the frame sequence check from OutgoingState from after the ExtensionStack to channel.sendFrame
changed error handling to fail the callback of invalid/outOfSequence frames
added WebSocket Close tests revealing some problems with demand in state ICLOSE
* cleanup
* timing issues with WebSocketCloseTest
* test cleanups
* Cancel demand on close
* removed frame validation from generator
* finished close testing
* Issue #2901 - Moving Http Upgrader to Http Conversation
+ Solves for Authentication and Redirect
* changes from #2902 to jetty-10.0.x
* Validation Extension
introduced a ValidationExtension to do frame validation in the ExtensionStack
added the WebSocketChannel to ExtensionStack.connect to set it on the Extensions
* added parameters for ValidationExtension to choose what to validate
* ValidationExtension Cleanup
ValidationExtension now uses the Validation methods from its WebSocketChannel
simplified the parameter passing to the ValidationExtension
* core cleanup
* Fixed intermittent test failures
* clean up duplicates and imports
* simplified package structure
* many cleanups, simplifications and duplication removal
* cleanup
* added utf8 validation for text frames into ValidationExtension
added tests for utf8 validation
* create ValidationExtensionTest
* cleanup
* merge with jetty-10
update websocket to junit5
* fix to autobahn client report directory
* Fixes and cleanup
Fixed initial buffer too large for websocket buffer
less verbose debug
better debug
* Removed behavior from policy
* cleanup after merge from hell
* bug fixes and cleanups
* refactor packages with JPMS in mind
* unit test for TextMessageHandler
* cleanups
* more cleanups
* provided client/server dependencies
* fixed bad refactor
* use lambdas for TextMessageHandler
* cleanup
* cleanup
* cleanups
* cleanup of websocket-common framehandlers
* reverting to jetty websocket api from 9.4
* better chat
* renamed websocket common to util
* save wip on jetty-websocket-tests
* giving up on jetty-websocket-tests as mostly duplicated tests
* renamed websocket-util back to websocket-common
* moved InvalidWebSocketException to javax common
* reworked TextMessageHandler to MessageHandler
now handles binary messages as well
* implemented getByteBufferPool in remaining DummyChannel classes
* Moved the abstract Frame and Message handlers out of websocket-common
* replaced usages of AbstractWholeMessageHandler with CoreMessageHandler
renamed MessageHandler to CoreMessageHandler
* removed AbstractFrameTypeHandler
* cleanup
* jetty-websocket-common passing tests without websocket-common dependency
* fixed compile errors
* renamed MessageHandler
* Removing reference to websocket-server (no longer exists)
* Removing, Extensions now exist in websocket-core
* Do not append an empty ByteBuffer
* NPE Fix for empty/unused UTF-8 String Builder
* NPE Fix for SendPartialBinaryFrameHandler test
* Punching holes in WebAppContext needed for JSR356 use
* Updating "9.x.x" to "10.x.x"
* Removing Bad URI test case that is ignored
* Fixing test expectation now that we moved to QuotedCSV
* Adding TODO about onOpen failure requiring onError + onClose.
* Throwing JSR356 DeploymentException on addEndpoint() failure
* Test cleanup (for better error messages)
* Adding some comments to explain wrapNonVoidReturnType()
* cleanup methodHandle return type filtering
* test fixes
* Fix change return type to Void
* Fixed test by wiring up MessageHandler
* test cleanups
removed changeReturnType for MethodHandle as filterReturnValue already changes to return type of the filter
* fixed MessageReceivingTest.testPartialBinaryFrameHandler
* Core BatchMode replaced by boolean
* fixed LargeContainerTest.testEcho by allowing the policy to be set on the WSServer as an attribute
* acquire batchBuffer before calculating batchSpace in FrameFlusher
* Deprecated WebSocketPolicy
* Fixing MessageReceivingTest
* Refactoring out websocket-servlet
+ WebSocketPolicy removed from websocket-servlet
+ websocket-common is removed
+ Migrating back up to APIs
* WIP removing core policy
* added missing copyright headers
* customize client session
* customize cleanup
* wip
* wip
* Removing WebSocketPolicy usage within websocket-core
* Allowing DummyCoreSession to have a Behavior
* Removing core WebSocketPolicy.clonePolicy() - no longer used
* Jetty Native WebSocket now compiles / tests
* Remember WebSocketServletFactoryImpl as Context Attribute
* JSR356 codebase now compiles
* updated websocket servlets
* fix handling for no max message size
* Fixed LargeContainerTest.testEcho
Changed WebSocketServletFactoryImpl.defaultAutFragment to true
only check the incoming frame size if autoFragment is false
* Added WebSocketConstants to avoid duplicate default locations
* applications extensions discovered via headers
* fixed ConfiguratorTest.testNoExtensionsConfigurator
* cleaned up extension negotiation
* cleaned up extension negotiation
* cleanups
* Convert exceptions to API versions
* cleanup imports
* convert requestURI to a WebsocketURI in Negotiated
* fixed SessionTrackingTest
* moved session tracking management to be done by the JavaxWebSocketFrameHandler
* Cleanup dump for jdk11 classloaders
* fix to ConfiguratorTest
added the EchoSocket endpoint on the ServerContainer instead of using server.registerWebSocket
* Simplify websocket-servlet
fixed jetty websocket chat example
fixes for javax websocket chat example
fixed Upgrade response header issues
Set default configurations
improved dump
depends on javax server impl
do not expose core classes
fix javadoc
removed FrameHandlerFactory self reference
* Removed -impl from javax client and server
* Fixed common tests for onClosed event
* Improve creation of JavaxWebSocketServerContainer
Better handling of executor and httpClient as managed beans
* Fixed MessageOutputStream using empty buffers and looping forever
no longer enforce maxTextMessageBufferSize on partial messages
* Updates after review
reintroduced WebSocketServletFactory
reverted other API changes
* Ignored TextStreamTest tests incorrectly assuming no frame fragmentation
When message fragmentation is implemented in PartialStringMessageSink
then update these tests to check on the server side for no buffers
larger than the maxTextMessageBufferSize.
* fixed check for previous WebsocketUpgrade filter
Disable the AltFilterTest until problems of the WebSocketUpgradeFilter
attributes on the ServletContext are fixed.
* fixed flaky SessionTrackingTest by waiting for Sessions to open
* remove payload length check for outgoing frames
fix bug sending frames after they have failed validation checks
* reverted maven coords for javax client and server
* updated to latest jetty-10 dump changes
* Fix to WebSocketUpgradeFilter Attributes on the ServletContext
Removed deprecated method
WebSocketUpgradeFilter.configureContext(ServletContext)
Changed return type of
WebSocketUpgradeFilter.configureContext(ServletContext) to void.
WebSocketUpgradeFilter.configureContext was checking the ServletContext
for a WebSocketUpgradeFilter set as an attribute before creating a new
one. The FilterHolder from web.xml is being set as an attribute in init
which is called which happens after configureContext.
So instead of checking the attribute in
WebSocketUpgradeFilter.configureContext, we are now searching through
the filters on the ServletHandler to see if a WebSocketUpgradeFilter
has been registered with the CONTEXT_ATTRIBUTE_KEY.
* cleanup and identifying problems with FrameHandlerMetadata
* properly cache Metadata and copy MessageMetadata
properly cache Metadata in the FrameHandlerFactory using the metadataMap
copy the MessageMetadata from Metadata to prevent mutating the MethodHandle
* added new WebSocketServerContainerExecutorTest
removed DelayedStartClientOnServerTest which doesnt seem to be a valid
test when executors are shared
removed last check for executor==null in JavaxWebSocketServerContainerInitializer
as the threadPool is always created in the server
* reformatted websocket code
* reformat code
* Rervert unnecessary changes from 10.0.x
* Rervert unnecessary changes from 10.0.x
* fix build issues testing Hazelcast sessions
* QuotesDecoderTest sessions not being closed
* Fixed CookiesTest
CookiesTest.testCookiesAreSentToClient was failing due to the
Assertion being caught and logged by the upgrade request
the response is now captured by a FuturePromise and the assertions are
done in the main test
the reason the assertion was failing was due to lowercase "set-cookie"
instead of "Set-Cookie"
* fixed maven coords
* javadoc fixes
* fixed javadoc
* revert maven artifact names
* cleanup after review
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Issue #3049 Warn on common SslContext vulnerable configurations
Signed-off-by: Greg Wilkins <gregw@webtide.com>
* Adding documentation notes for weak cipher warnings
Signed-off-by: WalkerWatch <ctwalker@gmail.com>
* Issue #3049 - SslContextFactory warnings on known bad config
+ Changes warnings from being a boolean on SslContextFactory
to being a logger named
"org.eclipse.jetty.util.ssl.SslContextFactory.config"
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #3049 - SslContextFactory warnings on known bad config
+ Cleanup based on review
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
* Issue #3049 - SslContextFactory warnings on known bad config
+ Cleanup based on review
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Issue #3018 improve logging and handling of slow data rates.
* Slow data rates now result in aborted channels, but exception is still thrown. Test for 408 in requestLog
* Updated many RequestLog usages to use Server.setRequestLog rather than a RequestLogHandler
* Fixed javadoc
* removed BadRequestLogHandlerTest (tested in RequestLogTest)
* added JMH to show the future of request logging for #113
* copyright header.
* Updates from review
* Revert to throwing BadMessageException
* BME ensures a 408 is logged rather than a 500
Signed-off-by: Greg Wilkins <gregw@webtide.com>
Originally moved to an internal package, it is still used by other
modules such as jetty-server and jetty-servlets, so it needs to
be in an exported package.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
+ Can get HttpCompliance from HttpConfiguration now
+ Signature change to HttpConnection to avoid duplicate arguments
on constructor.
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
Simone Bordet
Joakim Erdfelt
alexey.barsov
Jan Bartel
Lachlan Roberts
olivier lamy
Olivier Lamy
Greg Wilkins
Bjørn Christian Seime