From 8c2ca263212509f67bfb6769f1eaf1daa62f240d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Christian=20Seime?= Date: Thu, 27 Oct 2022 17:58:36 +0200 Subject: [PATCH 1/4] Revert "Use new constant" This reverts commit eb9bec9da0ccc3330a8b6739ad66e518cde4cb78. --- .../com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java | 2 +- .../java/com/yahoo/jdisc/http/server/jetty/RequestUtils.java | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java index d45a8789e4cb..b3c4b165270e 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java @@ -94,6 +94,6 @@ public static void copyHeaders(HttpServletRequest from, HttpRequest to) { } private static X509Certificate[] getCertChain(HttpServletRequest servletRequest) { - return (X509Certificate[]) servletRequest.getAttribute(RequestUtils.SERVLET_REQUEST_X509CERT); + return (X509Certificate[]) servletRequest.getAttribute("javax.servlet.request.X509Certificate"); } } diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/RequestUtils.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/RequestUtils.java index da4de9577391..7dd715a23bf7 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/RequestUtils.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/RequestUtils.java @@ -6,7 +6,6 @@ import org.eclipse.jetty.io.Connection; import org.eclipse.jetty.server.HttpConnection; import org.eclipse.jetty.server.Request; -import org.eclipse.jetty.server.SecureRequestCustomizer; /** * @author bjorncs @@ -15,7 +14,7 @@ public class RequestUtils { public static final String JDISC_REQUEST_X509CERT = "jdisc.request.X509Certificate"; public static final String JDISC_REQUEST_CHAIN = "jdisc.request.chain"; public static final String JDISC_RESPONSE_CHAIN = "jdisc.response.chain"; - public static final String SERVLET_REQUEST_X509CERT = SecureRequestCustomizer.JAKARTA_SERVLET_REQUEST_X_509_CERTIFICATE; + public static final String SERVLET_REQUEST_X509CERT = "javax.servlet.request.X509Certificate"; // The local port as reported by servlet spec. This will be influenced by Host header and similar mechanisms. // The request URI uses the local listen port as the URI is used for handler routing/bindings. From dc3e88a049341082dcd774af0204e8d70add3c22 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Christian=20Seime?= Date: Thu, 27 Oct 2022 17:59:03 +0200 Subject: [PATCH 2/4] Revert "Don't require that SNI hostname must match server certificate" This reverts commit 439b1242e595f0cd60ed8f6e1fab48c6bb40fdfa. --- .../com/yahoo/jdisc/http/server/jetty/ConnectorFactory.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactory.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactory.java index 4e984d578086..caeaf0bcf0af 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactory.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactory.java @@ -143,8 +143,7 @@ private HttpConfiguration newHttpConfiguration() { // TODO Vespa 9 Use default URI compliance (LEGACY == old Jetty 9.4 compliance) httpConfig.setUriCompliance(UriCompliance.LEGACY); if (isSslEffectivelyEnabled(connectorConfig)) { - // Explicitly disable SNI checking as Jetty's SNI checking trust manager is not part of our SSLContext trust manager chain - httpConfig.addCustomizer(new SecureRequestCustomizer(false, false, -1, false)); + httpConfig.addCustomizer(new SecureRequestCustomizer()); } String serverNameFallback = connectorConfig.serverName().fallback(); if (!serverNameFallback.isBlank()) httpConfig.setServerAuthority(new HostPort(serverNameFallback)); From 5259f39f086f4ff8b71a29064830424b45ef3d0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Christian=20Seime?= Date: Thu, 27 Oct 2022 17:59:33 +0200 Subject: [PATCH 3/4] Revert "Use Jetty 9.4.x for vespa-hadoop unit tests" This reverts commit b625822c3a6d24c459debbe3c2e5e11372a9ab10. --- vespa-hadoop/pom.xml | 65 ++------------------------------------------ 1 file changed, 2 insertions(+), 63 deletions(-) diff --git a/vespa-hadoop/pom.xml b/vespa-hadoop/pom.xml index ca5360a482e8..c10ad590a53d 100644 --- a/vespa-hadoop/pom.xml +++ b/vespa-hadoop/pom.xml @@ -19,76 +19,15 @@ UTF-8 3.3.4 0.16.0 - 9.4.49.v20220914 - - - org.eclipse.jetty - jetty-alpn-client - ${jetty9.version} - - - org.eclipse.jetty - jetty-client - ${jetty9.version} - - - org.eclipse.jetty - jetty-http - ${jetty9.version} - - - org.eclipse.jetty - jetty-io - ${jetty9.version} - - - org.eclipse.jetty - jetty-security - ${jetty9.version} - - - org.eclipse.jetty - jetty-server - ${jetty9.version} - - - org.eclipse.jetty - jetty-servlet - ${jetty9.version} - + org.eclipse.jetty jetty-util - ${jetty9.version} - - - org.eclipse.jetty - jetty-webapp - ${jetty9.version} - - - org.eclipse.jetty - jetty-xml - ${jetty9.version} - - - org.eclipse.jetty.websocket - jetty-websocket-api - ${jetty9.version} - - - org.eclipse.jetty.websocket - jetty-websocket-client - ${jetty9.version} - - - org.eclipse.jetty.websocket - jetty-websocket-common - ${jetty9.version} + ${jetty.version} From c93aa5e16d65fc6185cfb4519d211eb627da2b21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Christian=20Seime?= Date: Thu, 27 Oct 2022 17:59:34 +0200 Subject: [PATCH 4/4] Revert "Upgrade Jetty from 9.4.49 to 11.0.12" This reverts commit c095cbbf433760100e6d1bf04d88b2f6b1b710e8. --- application/pom.xml | 30 +++--- .../pom.xml | 9 +- container-core/pom.xml | 93 ++----------------- .../jdisc/utils/MultiPartFormParser.java | 4 +- .../java/com/yahoo/jdisc/http/Cookie.java | 4 +- .../com/yahoo/jdisc/http/HttpRequest.java | 16 +++- .../server/jetty/AccessLogRequestLog.java | 2 +- .../http/server/jetty/ConnectorFactory.java | 7 +- .../server/jetty/HealthCheckProxyHandler.java | 29 +++--- .../server/jetty/HttpRequestDispatch.java | 10 +- .../http/server/jetty/HttpRequestFactory.java | 2 +- .../HttpResponseStatisticsCollector.java | 58 ++++++++---- .../http/server/jetty/JDiscHttpServlet.java | 10 +- .../server/jetty/JDiscServerConnector.java | 23 ++++- .../server/jetty/JettyConnectionLogger.java | 13 ++- .../http/server/jetty/JettyHttpServer.java | 31 +++++-- .../jdisc/http/server/jetty/RequestUtils.java | 3 +- .../jetty/ServletOutputStreamWriter.java | 4 +- .../server/jetty/ServletRequestReader.java | 6 +- .../jetty/ServletResponseController.java | 4 +- .../TlsClientAuthenticationEnforcer.java | 8 +- .../jdisc.http.jdisc.http.connector.def | 3 +- .../jdisc.http.jdisc.http.server.def | 3 +- .../server/jetty/ConnectorFactoryTest.java | 4 +- .../ErrorResponseContentCreatorTest.java | 2 +- .../server/jetty/HttpRequestFactoryTest.java | 6 +- .../HttpResponseStatisticsCollectorTest.java | 18 ++-- .../jetty/HttpServerConformanceTest.java | 1 - .../http/server/jetty/HttpServerTest.java | 19 ++-- .../http/server/jetty/ProxyProtocolTest.java | 19 ++-- container-dev/pom.xml | 20 +--- container-test/pom.xml | 20 +--- parent/pom.xml | 30 ++---- 33 files changed, 223 insertions(+), 288 deletions(-) diff --git a/application/pom.xml b/application/pom.xml index 2f0586145b26..8f9dc7999a0f 100644 --- a/application/pom.xml +++ b/application/pom.xml @@ -139,8 +139,8 @@ - org.eclipse.jetty.http2 - http2-common + org.eclipse.jetty.alpn + alpn-api org.eclipse.jetty.http2 @@ -150,44 +150,36 @@ org.eclipse.jetty jetty-alpn-java-server - - org.eclipse.jetty - jetty-alpn-server - org.eclipse.jetty jetty-client + test org.eclipse.jetty - jetty-http - - - org.eclipse.jetty - jetty-io + jetty-continuation + test org.eclipse.jetty jetty-jmx + test org.eclipse.jetty jetty-server + test org.eclipse.jetty jetty-servlet + test org.eclipse.jetty - jetty-util + jetty-servlets + test - - org.eclipse.jetty.toolchain - jetty-jakarta-servlet-api - - - org.junit.jupiter junit-jupiter-api @@ -198,6 +190,8 @@ junit-jupiter-engine test + + diff --git a/cloud-tenant-base-dependencies-enforcer/pom.xml b/cloud-tenant-base-dependencies-enforcer/pom.xml index 8ba9794d75cc..03f14d7d65ff 100644 --- a/cloud-tenant-base-dependencies-enforcer/pom.xml +++ b/cloud-tenant-base-dependencies-enforcer/pom.xml @@ -43,7 +43,8 @@ 3.1.0 2.0.1 2.3.0 - 11.0.12 + 9.4.49.v20220914 + 1.1.3.v20160715 1.8.0 20220320 1.7.32 @@ -199,20 +200,22 @@ org.bouncycastle:bcpkix-jdk18on:[${bouncycastle.version}]:jar:test org.bouncycastle:bcprov-jdk18on:[${bouncycastle.version}]:jar:test org.bouncycastle:bcutil-jdk18on:[${bouncycastle.version}]:jar:test + org.eclipse.jetty.alpn:alpn-api:[${jetty-alpn.version}]:jar:test org.eclipse.jetty.http2:http2-common:[${jetty.version}]:jar:test org.eclipse.jetty.http2:http2-hpack:[${jetty.version}]:jar:test org.eclipse.jetty.http2:http2-server:[${jetty.version}]:jar:test - org.eclipse.jetty.toolchain:jetty-jakarta-servlet-api:5.0.2:jar:test - org.eclipse.jetty:jetty-alpn-client:[${jetty.version}]:jar:test org.eclipse.jetty:jetty-alpn-java-server:[${jetty.version}]:jar:test org.eclipse.jetty:jetty-alpn-server:[${jetty.version}]:jar:test org.eclipse.jetty:jetty-client:[${jetty.version}]:jar:test + org.eclipse.jetty:jetty-continuation:[${jetty.version}]:jar:test org.eclipse.jetty:jetty-http:[${jetty.version}]:jar:test org.eclipse.jetty:jetty-io:[${jetty.version}]:jar:test org.eclipse.jetty:jetty-jmx:[${jetty.version}]:jar:test org.eclipse.jetty:jetty-security:[${jetty.version}]:jar:test org.eclipse.jetty:jetty-server:[${jetty.version}]:jar:test org.eclipse.jetty:jetty-servlet:[${jetty.version}]:jar:test + org.eclipse.jetty:jetty-servlets:[${jetty.version}]:jar:test + org.eclipse.jetty:jetty-util-ajax:[${jetty.version}]:jar:test org.eclipse.jetty:jetty-util:[${jetty.version}]:jar:test org.hamcrest:hamcrest-core:1.3:jar:test org.hdrhistogram:HdrHistogram:2.1.8:jar:test diff --git a/container-core/pom.xml b/container-core/pom.xml index 52d7f3372f0f..ed4b05495e3d 100644 --- a/container-core/pom.xml +++ b/container-core/pom.xml @@ -14,7 +14,6 @@ container-core 8-SNAPSHOT container-plugin - @@ -115,119 +114,40 @@ - org.eclipse.jetty.http2 - http2-common - - - org.slf4j - slf4j-api - - + org.eclipse.jetty.alpn + alpn-api org.eclipse.jetty.http2 http2-server - - - org.slf4j - slf4j-api - - - org.eclipse.jetty jetty-alpn-java-server - - - org.slf4j - slf4j-api - - - - - org.eclipse.jetty - jetty-alpn-server - - - org.slf4j - slf4j-api - - org.eclipse.jetty jetty-client - - - org.slf4j - slf4j-api - - org.eclipse.jetty - jetty-http - - - org.slf4j - slf4j-api - - - - - org.eclipse.jetty - jetty-io - - - org.slf4j - slf4j-api - - + jetty-continuation org.eclipse.jetty jetty-jmx - - - org.slf4j - slf4j-api - - org.eclipse.jetty jetty-server - - - org.slf4j - slf4j-api - - org.eclipse.jetty jetty-servlet - - - org.slf4j - slf4j-api - - org.eclipse.jetty - jetty-util - - - org.slf4j - slf4j-api - - - - - org.eclipse.jetty.toolchain - jetty-jakarta-servlet-api + jetty-servlets @@ -335,6 +255,11 @@ ${project.version} provided + + javax.servlet + javax.servlet-api + provided + javax.xml.bind jaxb-api diff --git a/container-core/src/main/java/com/yahoo/container/jdisc/utils/MultiPartFormParser.java b/container-core/src/main/java/com/yahoo/container/jdisc/utils/MultiPartFormParser.java index f974eb5f26c4..104d2f8ae4ab 100644 --- a/container-core/src/main/java/com/yahoo/container/jdisc/utils/MultiPartFormParser.java +++ b/container-core/src/main/java/com/yahoo/container/jdisc/utils/MultiPartFormParser.java @@ -2,9 +2,9 @@ package com.yahoo.container.jdisc.utils; import com.yahoo.container.jdisc.HttpRequest; -import jakarta.servlet.http.Part; -import org.eclipse.jetty.server.MultiPartFormInputStream; +import org.eclipse.jetty.http.MultiPartFormInputStream; +import javax.servlet.http.Part; import java.io.IOException; import java.io.InputStream; import java.util.Map; diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/Cookie.java b/container-core/src/main/java/com/yahoo/jdisc/http/Cookie.java index c2faa1cd10aa..b194124294cf 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/Cookie.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/Cookie.java @@ -2,7 +2,7 @@ package com.yahoo.jdisc.http; import org.eclipse.jetty.http.HttpCookie; -import org.eclipse.jetty.server.Cookies; +import org.eclipse.jetty.server.CookieCutter; import java.util.Arrays; import java.util.HashSet; @@ -180,7 +180,7 @@ public static String toCookieHeader(Iterable cookies) { } public static List fromCookieHeader(String headerVal) { - Cookies cookieCutter = new Cookies(); + CookieCutter cookieCutter = new CookieCutter(); cookieCutter.addCookieField(headerVal); return Arrays.stream(cookieCutter.getCookies()) .map(servletCookie -> { diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/HttpRequest.java b/container-core/src/main/java/com/yahoo/jdisc/http/HttpRequest.java index 4ad38a9f9652..598a924b327f 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/HttpRequest.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/HttpRequest.java @@ -8,14 +8,15 @@ import com.yahoo.jdisc.handler.RequestHandler; import com.yahoo.jdisc.handler.ResponseHandler; import com.yahoo.jdisc.service.CurrentContainer; +import org.eclipse.jetty.http.HttpURI; import org.eclipse.jetty.util.MultiMap; -import org.eclipse.jetty.util.UrlEncoded; import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.SocketAddress; import java.net.URI; import java.security.Principal; +import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; import java.util.LinkedList; @@ -115,10 +116,15 @@ private HttpRequest(Request parent, URI uri, Method method, Version version) { } private static Map> getUriQueryParameters(URI uri) { - if (uri.getRawQuery() == null) return Map.of(); - MultiMap params = new MultiMap<>(); - UrlEncoded.decodeUtf8To(uri.getRawQuery(), params); - return Map.copyOf(params); + MultiMap queryParameters = new MultiMap<>(); + new HttpURI(uri).decodeQueryTo(queryParameters); + + // Do a deep copy so we do not leak Jetty classes outside + Map> deepCopiedQueryParameters = new HashMap<>(); + for (Map.Entry> entry : queryParameters.entrySet()) { + deepCopiedQueryParameters.put(entry.getKey(), new ArrayList<>(entry.getValue())); + } + return deepCopiedQueryParameters; } public Method getMethod() { diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java index 5b51eeee7d69..13a63efeaa9d 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/AccessLogRequestLog.java @@ -8,7 +8,6 @@ import com.yahoo.container.logging.RequestLogEntry; import com.yahoo.jdisc.http.HttpRequest; import com.yahoo.jdisc.http.ServerConfig; -import jakarta.servlet.http.HttpServletRequest; import org.eclipse.jetty.http2.HTTP2Stream; import org.eclipse.jetty.http2.server.HttpTransportOverHTTP2; import org.eclipse.jetty.server.HttpChannel; @@ -17,6 +16,7 @@ import org.eclipse.jetty.server.Response; import org.eclipse.jetty.util.component.AbstractLifeCycle; +import javax.servlet.http.HttpServletRequest; import java.security.cert.X509Certificate; import java.time.Duration; import java.time.Instant; diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactory.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactory.java index caeaf0bcf0af..6282e3344092 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactory.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactory.java @@ -9,8 +9,6 @@ import com.yahoo.security.tls.MixedMode; import com.yahoo.security.tls.TransportSecurityUtils; import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory; -import org.eclipse.jetty.http.HttpCompliance; -import org.eclipse.jetty.http.UriCompliance; import org.eclipse.jetty.http2.server.AbstractHTTP2ServerConnectionFactory; import org.eclipse.jetty.http2.server.HTTP2CServerConnectionFactory; import org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory; @@ -139,9 +137,6 @@ private HttpConfiguration newHttpConfiguration() { httpConfig.setOutputBufferSize(connectorConfig.outputBufferSize()); httpConfig.setRequestHeaderSize(connectorConfig.requestHeaderSize()); httpConfig.setResponseHeaderSize(connectorConfig.responseHeaderSize()); - httpConfig.setHttpCompliance(HttpCompliance.RFC7230); - // TODO Vespa 9 Use default URI compliance (LEGACY == old Jetty 9.4 compliance) - httpConfig.setUriCompliance(UriCompliance.LEGACY); if (isSslEffectivelyEnabled(connectorConfig)) { httpConfig.addCustomizer(new SecureRequestCustomizer()); } @@ -179,7 +174,7 @@ private SslConnectionFactory newSslConnectionFactory(Metric metric, ConnectionFa return connectionFactory; } - private SslContextFactory.Server createSslContextFactory() { + private SslContextFactory createSslContextFactory() { DefaultConnectorSsl ssl = new DefaultConnectorSsl(); sslProvider.configureSsl(ssl, connectorConfig.name(), connectorConfig.listenPort()); return ssl.createSslContextFactory(); diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java index 342d7ab9c4a8..ac50cbbb518f 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java @@ -4,24 +4,14 @@ import com.yahoo.concurrent.DaemonThreadFactory; import com.yahoo.jdisc.http.ConnectorConfig; import com.yahoo.security.SslContextBuilder; -import com.yahoo.security.TrustAllX509TrustManager; import com.yahoo.security.tls.TransportSecurityOptions; import com.yahoo.security.tls.TransportSecurityUtils; -import jakarta.servlet.AsyncContext; -import jakarta.servlet.AsyncEvent; -import jakarta.servlet.AsyncListener; -import jakarta.servlet.ServletException; -import jakarta.servlet.ServletOutputStream; -import jakarta.servlet.WriteListener; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; +import com.yahoo.security.TrustAllX509TrustManager; import org.eclipse.jetty.client.HttpClient; import org.eclipse.jetty.client.ProxyProtocolClientConnectionFactory; import org.eclipse.jetty.client.api.ContentResponse; -import org.eclipse.jetty.client.http.HttpClientTransportOverHTTP; import org.eclipse.jetty.http.HttpField; import org.eclipse.jetty.http.HttpHeader; -import org.eclipse.jetty.io.ClientConnector; import org.eclipse.jetty.server.DetectorConnectionFactory; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.SslConnectionFactory; @@ -29,6 +19,14 @@ import org.eclipse.jetty.util.ssl.SslContextFactory; import javax.net.ssl.SSLContext; +import javax.servlet.AsyncContext; +import javax.servlet.AsyncEvent; +import javax.servlet.AsyncListener; +import javax.servlet.ServletException; +import javax.servlet.ServletOutputStream; +import javax.servlet.WriteListener; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.time.Duration; import java.util.HashMap; @@ -91,7 +89,7 @@ private static ProxyTarget createProxyTarget(int targetPort, Duration clientTime Optional.ofNullable(targetConnector.getConnectionFactory(SslConnectionFactory.class)) .or(() -> Optional.ofNullable(targetConnector.getConnectionFactory(DetectorConnectionFactory.class)) .map(detectorConnFactory -> detectorConnFactory.getBean(SslConnectionFactory.class))) - .map(SslConnectionFactory::getSslContextFactory) + .map(connFactory -> (SslContextFactory.Server) connFactory.getSslContextFactory()) .orElseThrow(() -> new IllegalArgumentException("Health check proxy can only target https port")); boolean proxyProtocol = targetConnector.connectorConfig().proxyProtocol().enabled(); return new ProxyTarget(targetPort, clientTimeout,handlerTimeout, cacheExpiry, sslContextFactory, proxyProtocol); @@ -271,14 +269,13 @@ private HttpClient client() throws Exception { synchronized (this) { if (client == null) { int timeoutMillis = (int) clientTimeout.toMillis(); - var clientSsl = new SslContextFactory.Client(); + SslContextFactory.Client clientSsl = new SslContextFactory.Client(); clientSsl.setHostnameVerifier((__, ___) -> true); clientSsl.setSslContext(getSslContext(serverSsl)); - var connector = new ClientConnector(); - connector.setSslContextFactory(clientSsl); - HttpClient client = new HttpClient(new HttpClientTransportOverHTTP(connector)); + HttpClient client = new HttpClient(clientSsl); client.setMaxConnectionsPerDestination(4); client.setConnectTimeout(timeoutMillis); + client.setStopTimeout(timeoutMillis); client.setIdleTimeout(timeoutMillis); client.setUserAgentField(new HttpField(HttpHeader.USER_AGENT, "health-check-proxy-client")); client.start(); diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestDispatch.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestDispatch.java index b4c933c11680..9292e2024df7 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestDispatch.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestDispatch.java @@ -12,11 +12,6 @@ import com.yahoo.jdisc.http.ConnectorConfig; import com.yahoo.jdisc.http.HttpHeaders; import com.yahoo.jdisc.http.HttpRequest; -import jakarta.servlet.AsyncContext; -import jakarta.servlet.AsyncEvent; -import jakarta.servlet.AsyncListener; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; import org.eclipse.jetty.http2.ErrorCode; import org.eclipse.jetty.http2.server.HTTP2ServerConnection; import org.eclipse.jetty.io.Connection; @@ -25,6 +20,11 @@ import org.eclipse.jetty.server.Request; import org.eclipse.jetty.util.Callback; +import javax.servlet.AsyncContext; +import javax.servlet.AsyncEvent; +import javax.servlet.AsyncListener; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.nio.charset.StandardCharsets; import java.time.Instant; diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java index b3c4b165270e..8a298fb32689 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java @@ -3,10 +3,10 @@ import com.yahoo.jdisc.http.HttpRequest; import com.yahoo.jdisc.service.CurrentContainer; -import jakarta.servlet.http.HttpServletRequest; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.util.Utf8Appendable; +import javax.servlet.http.HttpServletRequest; import java.net.InetSocketAddress; import java.net.URI; import java.security.cert.X509Certificate; diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpResponseStatisticsCollector.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpResponseStatisticsCollector.java index 81789881b685..3fb81cb53525 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpResponseStatisticsCollector.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpResponseStatisticsCollector.java @@ -4,11 +4,6 @@ import com.yahoo.jdisc.Metric; import com.yahoo.jdisc.http.HttpRequest; import com.yahoo.jdisc.http.ServerConfig; -import jakarta.servlet.AsyncEvent; -import jakarta.servlet.AsyncListener; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; import org.eclipse.jetty.http.HttpHeader; import org.eclipse.jetty.http.HttpStatus; import org.eclipse.jetty.server.AsyncContextEvent; @@ -16,8 +11,14 @@ import org.eclipse.jetty.server.HttpChannelState; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.handler.HandlerWrapper; +import org.eclipse.jetty.util.FutureCallback; import org.eclipse.jetty.util.component.Graceful; +import javax.servlet.AsyncEvent; +import javax.servlet.AsyncListener; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.ArrayList; import java.util.Collection; @@ -26,10 +27,12 @@ import java.util.Map; import java.util.Objects; import java.util.Set; -import java.util.concurrent.CompletableFuture; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentMap; +import java.util.concurrent.Future; +import java.util.concurrent.TimeoutException; import java.util.concurrent.atomic.AtomicLong; +import java.util.concurrent.atomic.AtomicReference; import java.util.concurrent.atomic.LongAdder; import java.util.function.ObjLongConsumer; import java.util.stream.Collectors; @@ -46,7 +49,7 @@ class HttpResponseStatisticsCollector extends HandlerWrapper implements Graceful static final String requestTypeAttribute = "requestType"; - private final Shutdown shutdown; + private final AtomicReference shutdown = new AtomicReference<>(); private final List monitoringHandlerPaths; private final List searchHandlerPaths; private final Set ignoredUserAgents; @@ -63,10 +66,6 @@ class HttpResponseStatisticsCollector extends HandlerWrapper implements Graceful this.monitoringHandlerPaths = monitoringHandlerPaths; this.searchHandlerPaths = searchHandlerPaths; this.ignoredUserAgents = Set.copyOf(ignoredUserAgents); - this.shutdown = new Shutdown(this) { - @Override public boolean isShutdownDone() { return inFlight.get() == 0; } - }; - } private final AsyncListener completionWatcher = new AsyncListener() { @@ -98,7 +97,7 @@ public void handle(String path, Request baseRequest, HttpServletRequest request, try { Handler handler = getHandler(); - if (handler != null && !shutdown.isShutdown() && isStarted()) { + if (handler != null && shutdown.get() == null && isStarted()) { handler.handle(path, baseRequest, request, response); } else if ( ! baseRequest.isHandled()) { baseRequest.setHandled(true); @@ -130,9 +129,14 @@ private void observeEndOfRequest(Request request, HttpServletResponse flushableR .increment()); } long live = inFlight.decrementAndGet(); - if (shutdown.isShutdown()) { - if (flushableResponse != null) flushableResponse.flushBuffer(); - if (live == 0) shutdown.check(); + FutureCallback shutdownCb = shutdown.get(); + if (shutdownCb != null) { + if (flushableResponse != null) { + flushableResponse.flushBuffer(); + } + if (live == 0) { + shutdownCb.succeeded(); + } } } @@ -158,19 +162,35 @@ private void consume(ObjLongConsumer consumer) { @Override protected void doStart() throws Exception { - shutdown.cancel(); + shutdown.set(null); super.doStart(); } @Override protected void doStop() throws Exception { - shutdown.cancel(); super.doStop(); + FutureCallback shutdownCb = shutdown.get(); + if ( ! shutdownCb.isDone()) { + shutdownCb.failed(new TimeoutException()); + } } - @Override public CompletableFuture shutdown() { return shutdown.shutdown(); } - @Override public boolean isShutdown() { return shutdown.isShutdown(); } + @Override + public Future shutdown() { + FutureCallback shutdownCb = new FutureCallback(false); + shutdown.compareAndSet(null, shutdownCb); + shutdownCb = shutdown.get(); + if (inFlight.get() == 0) { + shutdownCb.succeeded(); + } + return shutdownCb; + } + @Override + public boolean isShutdown() { + FutureCallback futureCallback = shutdown.get(); + return futureCallback != null && futureCallback.isDone(); + } static class Dimensions { final String protocol; diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JDiscHttpServlet.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JDiscHttpServlet.java index bd052f14867c..4b4aff0a9bdb 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JDiscHttpServlet.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JDiscHttpServlet.java @@ -5,13 +5,13 @@ import com.yahoo.jdisc.Metric; import com.yahoo.jdisc.handler.OverloadException; import com.yahoo.jdisc.http.HttpRequest.Method; -import jakarta.servlet.ServletException; -import jakarta.servlet.annotation.WebServlet; -import jakarta.servlet.http.HttpServlet; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; import org.eclipse.jetty.server.Request; +import javax.servlet.ServletException; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Enumeration; import java.util.Map; diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JDiscServerConnector.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JDiscServerConnector.java index b17877cee84e..b3069a648218 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JDiscServerConnector.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JDiscServerConnector.java @@ -3,13 +3,16 @@ import com.yahoo.jdisc.Metric; import com.yahoo.jdisc.http.ConnectorConfig; -import jakarta.servlet.ServletRequest; -import jakarta.servlet.http.HttpServletRequest; +import org.eclipse.jetty.http.HttpCompliance; import org.eclipse.jetty.io.ConnectionStatistics; import org.eclipse.jetty.server.ConnectionFactory; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; +import javax.servlet.ServletRequest; +import javax.servlet.http.HttpServletRequest; +import java.net.Socket; +import java.net.SocketException; import java.util.HashMap; import java.util.Map; import java.util.Optional; @@ -23,6 +26,8 @@ class JDiscServerConnector extends ServerConnector { private final Metric.Context metricCtx; private final ConnectionStatistics statistics; private final ConnectorConfig config; + private final boolean tcpKeepAlive; + private final boolean tcpNoDelay; private final Metric metric; private final String connectorName; private final int listenPort; @@ -31,13 +36,14 @@ class JDiscServerConnector extends ServerConnector { ConnectionMetricAggregator connectionMetricAggregator, ConnectionFactory... factories) { super(server, factories); this.config = config; + this.tcpKeepAlive = config.tcpKeepAliveEnabled(); + this.tcpNoDelay = config.tcpNoDelay(); this.metric = metric; this.connectorName = config.name(); this.listenPort = config.listenPort(); this.metricCtx = metric.createContext(createConnectorDimensions(listenPort, connectorName, 0)); this.statistics = new ConnectionStatistics(); - setAcceptedTcpNoDelay(config.tcpNoDelay()); addBean(statistics); ConnectorConfig.Throttling throttlingConfig = config.throttling(); if (throttlingConfig.enabled()) { @@ -50,6 +56,17 @@ class JDiscServerConnector extends ServerConnector { setAcceptQueueSize(config.acceptQueueSize()); setReuseAddress(config.reuseAddress()); setIdleTimeout((long) (config.idleTimeout() * 1000)); + addBean(HttpCompliance.RFC7230); + } + + @Override + protected void configure(final Socket socket) { + super.configure(socket); + try { + socket.setKeepAlive(tcpKeepAlive); + socket.setTcpNoDelay(tcpNoDelay); + } catch (SocketException ignored) { + } } public ConnectionStatistics getStatistics() { diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyConnectionLogger.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyConnectionLogger.java index d9a97d621aea..2e2eb257b6a4 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyConnectionLogger.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyConnectionLogger.java @@ -30,7 +30,6 @@ import javax.net.ssl.SSLSession; import javax.net.ssl.StandardConstants; import java.net.InetSocketAddress; -import java.net.SocketAddress; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateEncodingException; @@ -114,7 +113,7 @@ public void onOpened(Connection connection) { info.setProxyProtocolVersion("v2"); } if (connection.getEndPoint() instanceof ProxyConnectionFactory.ProxyEndPoint) { - var remoteAddress = connection.getEndPoint().getRemoteSocketAddress(); + InetSocketAddress remoteAddress = connection.getEndPoint().getRemoteAddress(); info.setRemoteAddress(remoteAddress); } }); @@ -244,7 +243,7 @@ private static class ConnectionInfo { private long httpBytesSent = 0; private long requests = 0; private long responses = 0; - private SocketAddress remoteAddress; + private InetSocketAddress remoteAddress; private byte[] sslSessionId; private String sslProtocol; private String sslCipherSuite; @@ -291,7 +290,7 @@ synchronized ConnectionInfo setHttpBytes(long received, long sent) { synchronized ConnectionInfo incrementResponses() { ++this.responses; return this; } - synchronized ConnectionInfo setRemoteAddress(SocketAddress remoteAddress) { + synchronized ConnectionInfo setRemoteAddress(InetSocketAddress remoteAddress) { this.remoteAddress = remoteAddress; return this; } @@ -355,9 +354,9 @@ synchronized ConnectionLogEntry toLogEntry() { builder.withLocalAddress(localAddress.getHostString()) .withLocalPort(localAddress.getPort()); } - if (remoteAddress instanceof InetSocketAddress isa) { - builder.withRemoteAddress(isa.getHostString()) - .withRemotePort(isa.getPort()); + if (remoteAddress != null) { + builder.withRemoteAddress(remoteAddress.getHostString()) + .withRemotePort(remoteAddress.getPort()); } if (sslProtocol != null && sslCipherSuite != null && sslSessionId != null) { builder.withSslProtocol(sslProtocol) diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java index 7b723b3a48ea..775c903f5f8b 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/JettyHttpServer.java @@ -27,6 +27,8 @@ import org.eclipse.jetty.server.handler.gzip.GzipHttpOutputInterceptor; import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.servlet.ServletHolder; +import org.eclipse.jetty.util.log.JavaUtilLog; +import org.eclipse.jetty.util.log.Log; import org.eclipse.jetty.util.thread.QueuedThreadPool; import javax.management.remote.JMXServiceURL; @@ -68,6 +70,8 @@ public JettyHttpServer(CurrentContainer container, if (connectorFactories.allComponents().isEmpty()) throw new IllegalArgumentException("No connectors configured."); + initializeJettyLogging(); + server = new Server(); server.setStopTimeout((long)(serverConfig.stopTimeout() * 1000.0)); server.setRequestLog(new AccessLogRequestLog(requestLog, serverConfig.accessLog())); @@ -92,6 +96,15 @@ public JettyHttpServer(CurrentContainer container, this.metricsReporter = new ServerMetricReporter(metric, server); } + private static void initializeJettyLogging() { + // Note: Jetty is logging stderr if no logger is explicitly configured + try { + Log.setLog(new JavaUtilLog()); + } catch (Exception e) { + throw new RuntimeException("Unable to initialize logging framework for Jetty"); + } + } + private static void setupJmx(Server server, ServerConfig serverConfig) { if (serverConfig.jmx().enabled()) { System.setProperty("java.rmi.server.hostname", "localhost"); @@ -139,7 +152,7 @@ private Handler createRootHandler( } StatisticsHandler root = newGenericStatisticsHandler(); addChainToRoot(root, List.of( - newResponseStatisticsHandler(serverCfg), newGzipHandler(), perConnectorHandlers)); + newResponseStatisticsHandler(serverCfg), newGzipHandler(serverCfg), perConnectorHandlers)); return root; } @@ -240,18 +253,22 @@ private static StatisticsHandler newGenericStatisticsHandler() { return statisticsHandler; } - private static GzipHandler newGzipHandler() { return new GzipHandlerWithVaryHeaderFixed(); } + private static GzipHandler newGzipHandler(ServerConfig serverConfig) { + GzipHandler gzipHandler = new GzipHandlerWithVaryHeaderFixed(); + gzipHandler.setCompressionLevel(serverConfig.responseCompressionLevel()); + gzipHandler.setInflateBufferSize(8 * 1024); + gzipHandler.setIncludedMethods("GET", "POST", "PUT", "PATCH"); + return gzipHandler; + } /** A subclass which overrides Jetty's default behavior of including user-agent in the vary field */ private static class GzipHandlerWithVaryHeaderFixed extends GzipHandler { - GzipHandlerWithVaryHeaderFixed() { - setInflateBufferSize(8 * 1024); - setIncludedMethods("GET", "POST", "PUT", "PATCH"); + @Override + public HttpField getVaryField() { + return GzipHttpOutputInterceptor.VARY_ACCEPT_ENCODING; } - @Override public HttpField getVaryField() { return GzipHttpOutputInterceptor.VARY_ACCEPT_ENCODING; } - } } diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/RequestUtils.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/RequestUtils.java index 7dd715a23bf7..1bc862bc7871 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/RequestUtils.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/RequestUtils.java @@ -1,12 +1,13 @@ // Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.jdisc.http.server.jetty; -import jakarta.servlet.http.HttpServletRequest; import org.eclipse.jetty.http2.server.HTTP2ServerConnection; import org.eclipse.jetty.io.Connection; import org.eclipse.jetty.server.HttpConnection; import org.eclipse.jetty.server.Request; +import javax.servlet.http.HttpServletRequest; + /** * @author bjorncs */ diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletOutputStreamWriter.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletOutputStreamWriter.java index d853282a5f5c..4b66715fcf74 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletOutputStreamWriter.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletOutputStreamWriter.java @@ -2,9 +2,9 @@ package com.yahoo.jdisc.http.server.jetty; import com.yahoo.jdisc.handler.CompletionHandler; -import jakarta.servlet.ServletOutputStream; -import jakarta.servlet.WriteListener; +import javax.servlet.ServletOutputStream; +import javax.servlet.WriteListener; import java.io.IOException; import java.nio.ByteBuffer; import java.util.ArrayDeque; diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletRequestReader.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletRequestReader.java index 2f2c48e0b48e..3703878f5957 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletRequestReader.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletRequestReader.java @@ -3,10 +3,10 @@ import com.yahoo.jdisc.handler.CompletionHandler; import com.yahoo.jdisc.handler.ContentChannel; -import jakarta.servlet.ReadListener; -import jakarta.servlet.ServletInputStream; -import jakarta.servlet.http.HttpServletRequest; +import javax.servlet.ReadListener; +import javax.servlet.ServletInputStream; +import javax.servlet.http.HttpServletRequest; import java.io.IOException; import java.nio.ByteBuffer; import java.util.Objects; diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletResponseController.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletResponseController.java index 6afb55f5b133..e90dde0e4eb8 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletResponseController.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/ServletResponseController.java @@ -9,10 +9,10 @@ import com.yahoo.jdisc.http.HttpHeaders; import com.yahoo.jdisc.http.HttpResponse; import com.yahoo.jdisc.service.BindingSetNotFoundException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; import org.eclipse.jetty.http.MimeTypes; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; import java.io.StringWriter; diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java index 96f0cdebd627..b420aabc5983 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/TlsClientAuthenticationEnforcer.java @@ -3,13 +3,13 @@ import com.yahoo.jdisc.Response; import com.yahoo.jdisc.http.ConnectorConfig; -import jakarta.servlet.DispatcherType; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.handler.HandlerWrapper; +import javax.servlet.DispatcherType; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** diff --git a/container-core/src/main/resources/configdefinitions/jdisc.http.jdisc.http.connector.def b/container-core/src/main/resources/configdefinitions/jdisc.http.jdisc.http.connector.def index bdcc3f9e40a0..ecbc451ead1c 100644 --- a/container-core/src/main/resources/configdefinitions/jdisc.http.jdisc.http.connector.def +++ b/container-core/src/main/resources/configdefinitions/jdisc.http.jdisc.http.connector.def @@ -28,8 +28,7 @@ reuseAddress bool default=true # The maximum idle time for a connection, which roughly translates to the Socket.setSoTimeout(int). idleTimeout double default=180.0 -# TODO Vespa 9 Remove -# Has no effect since Jetty 11 upgrade +# Whether or not to have socket keep alive turned on. tcpKeepAliveEnabled bool default=false # Enable/disable TCP_NODELAY (disable/enable Nagle's algorithm). diff --git a/container-core/src/main/resources/configdefinitions/jdisc.http.jdisc.http.server.def b/container-core/src/main/resources/configdefinitions/jdisc.http.jdisc.http.server.def index c15cb6b2cc41..f34fd5232072 100644 --- a/container-core/src/main/resources/configdefinitions/jdisc.http.jdisc.http.server.def +++ b/container-core/src/main/resources/configdefinitions/jdisc.http.jdisc.http.server.def @@ -4,8 +4,7 @@ namespace=jdisc.http # Whether to enable developer mode, where stack traces etc are visible in response bodies. developerMode bool default=false -# TODO Vespa 9 Remove -# Has no effect since Jetty 11 upgrade +# The gzip compression level to use, if compression is enabled in a request. responseCompressionLevel int default=6 # Whether the request body of POSTed forms should be removed (form parameters are available as request parameters). diff --git a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java index ce205b1a893c..1ff2783cc535 100644 --- a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java +++ b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ConnectorFactoryTest.java @@ -5,8 +5,6 @@ import com.yahoo.jdisc.http.ConnectorConfig; import com.yahoo.jdisc.http.ServerConfig; import com.yahoo.jdisc.http.ssl.impl.ConfiguredSslContextFactoryProvider; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.handler.AbstractHandler; @@ -14,6 +12,8 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Map; diff --git a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ErrorResponseContentCreatorTest.java b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ErrorResponseContentCreatorTest.java index fdb9f2226de0..8b18c8cf09dd 100644 --- a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ErrorResponseContentCreatorTest.java +++ b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ErrorResponseContentCreatorTest.java @@ -2,9 +2,9 @@ package com.yahoo.jdisc.http.server.jetty; -import jakarta.servlet.http.HttpServletResponse; import org.junit.jupiter.api.Test; +import javax.servlet.http.HttpServletResponse; import java.nio.charset.StandardCharsets; import static org.junit.jupiter.api.Assertions.assertEquals; diff --git a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactoryTest.java b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactoryTest.java index e4b82db5b9fe..a23a3505bcb3 100644 --- a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactoryTest.java +++ b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactoryTest.java @@ -8,17 +8,15 @@ import com.yahoo.jdisc.handler.RequestHandler; import com.yahoo.jdisc.http.HttpRequest; import com.yahoo.jdisc.service.CurrentContainer; -import jakarta.servlet.http.HttpServletRequest; import org.junit.jupiter.api.Test; +import javax.servlet.http.HttpServletRequest; import java.net.URI; import static org.hamcrest.CoreMatchers.equalTo; import static org.hamcrest.CoreMatchers.is; import static org.hamcrest.MatcherAssert.assertThat; -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNull; -import static org.junit.jupiter.api.Assertions.fail; +import static org.junit.jupiter.api.Assertions.*; /** * @author Steinar Knutsen diff --git a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpResponseStatisticsCollectorTest.java b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpResponseStatisticsCollectorTest.java index 502702ccf355..165659389ec3 100644 --- a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpResponseStatisticsCollectorTest.java +++ b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpResponseStatisticsCollectorTest.java @@ -2,9 +2,6 @@ package com.yahoo.jdisc.http.server.jetty; import com.yahoo.jdisc.http.server.jetty.HttpResponseStatisticsCollector.StatisticsEntry; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; import org.eclipse.jetty.http.HttpFields; import org.eclipse.jetty.http.HttpURI; import org.eclipse.jetty.http.HttpVersion; @@ -13,7 +10,6 @@ import org.eclipse.jetty.server.AbstractConnector; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.HttpChannel; -import org.eclipse.jetty.server.HttpChannelOverHttp; import org.eclipse.jetty.server.HttpConfiguration; import org.eclipse.jetty.server.HttpTransport; import org.eclipse.jetty.server.Request; @@ -23,6 +19,9 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.nio.ByteBuffer; import java.util.List; @@ -165,8 +164,8 @@ private Request testRequest(String scheme, int responseCode, String httpMethod, } private Request testRequest(String scheme, int responseCode, String httpMethod, String path, com.yahoo.jdisc.Request.RequestType explicitRequestType) { - HttpChannel channel = new HttpChannelOverHttp(null, connector, new HttpConfiguration(), null, new DummyTransport()); - MetaData.Request metaData = new MetaData.Request(httpMethod, HttpURI.build(scheme + "://" + path), HttpVersion.HTTP_1_1, HttpFields.build()); + HttpChannel channel = new HttpChannel(connector, new HttpConfiguration(), null, new DummyTransport()); + MetaData.Request metaData = new MetaData.Request(httpMethod, new HttpURI(scheme + "://" + path), HttpVersion.HTTP_1_1, new HttpFields()); Request req = channel.getRequest(); if (explicitRequestType != null) req.setAttribute("requestType", explicitRequestType); @@ -193,7 +192,7 @@ private static void assertStatisticsEntry(List result, String s private final class DummyTransport implements HttpTransport { @Override - public void send(MetaData.Request request, Response response, ByteBuffer byteBuffer, boolean b, Callback callback) { + public void send(Response info, boolean head, ByteBuffer content, boolean lastContent, Callback callback) { callback.succeeded(); } @@ -202,6 +201,11 @@ public boolean isPushSupported() { return false; } + @Override + public boolean isOptimizedForDirectBuffers() { + return false; + } + @Override public void push(MetaData.Request request) { } diff --git a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerConformanceTest.java b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerConformanceTest.java index ae1a6494acd1..7cce9f2a9ff8 100644 --- a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerConformanceTest.java +++ b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerConformanceTest.java @@ -807,7 +807,6 @@ public Future executeRequest( post.setProtocolVersion(HttpVersion.HTTP_1_1); request = post; } - request.addHeader("Connection", "close"); return executorService.submit(() -> httpClient.execute(request)); } diff --git a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerTest.java b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerTest.java index 39b6dcdc6d58..318067ac634c 100644 --- a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerTest.java +++ b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/HttpServerTest.java @@ -186,10 +186,9 @@ void requireThatServerCanEcho() throws Exception { @Test void requireThatServerCanEchoCompressed() throws Exception { final JettyTestDriver driver = JettyTestDriver.newInstance(new EchoRequestHandler()); - try (SimpleHttpClient client = driver.newClient(true)) { - client.get("/status.html") - .expectStatusCode(is(OK)); - } + SimpleHttpClient client = driver.newClient(true); + client.get("/status.html") + .expectStatusCode(is(OK)); assertTrue(driver.close()); } @@ -533,9 +532,9 @@ void requireThatTlsClientAuthenticationEnforcerRejectsRequestsForNonWhitelistedP .withTrustStore(certificateFile) .build(); - try (var c = new SimpleHttpClient(trustStoreOnlyCtx, driver.server().getListenPort(), false)) { - c.get("/dummy.html").expectStatusCode(is(UNAUTHORIZED)); - } + new SimpleHttpClient(trustStoreOnlyCtx, driver.server().getListenPort(), false) + .get("/dummy.html") + .expectStatusCode(is(UNAUTHORIZED)); assertTrue(driver.close()); } @@ -551,9 +550,9 @@ void requireThatTlsClientAuthenticationEnforcerAllowsRequestForWhitelistedPaths( .withTrustStore(certificateFile) .build(); - try (var c = new SimpleHttpClient(trustStoreOnlyCtx, driver.server().getListenPort(), false)) { - c.get("/status.html").expectStatusCode(is(OK)); - } + new SimpleHttpClient(trustStoreOnlyCtx, driver.server().getListenPort(), false) + .get("/status.html") + .expectStatusCode(is(OK)); assertTrue(driver.close()); } diff --git a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ProxyProtocolTest.java b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ProxyProtocolTest.java index 6cd6f05933a7..d4d6dcee957e 100644 --- a/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ProxyProtocolTest.java +++ b/container-core/src/test/java/com/yahoo/jdisc/http/server/jetty/ProxyProtocolTest.java @@ -12,8 +12,6 @@ import org.assertj.core.api.Assertions; import org.eclipse.jetty.client.HttpClient; import org.eclipse.jetty.client.api.ContentResponse; -import org.eclipse.jetty.client.http.HttpClientTransportOverHTTP; -import org.eclipse.jetty.io.ClientConnector; import org.eclipse.jetty.util.ssl.SslContextFactory; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.BeforeEach; @@ -187,15 +185,14 @@ private ContentResponse sendJettyClientRequest(JettyTestDriver testDriver, Path // Using Jetty's http client as Apache httpclient does not support the proxy-protocol v1/v2. private static HttpClient createJettyHttpClient(Path certificateFile) throws Exception { - var ssl = new SslContextFactory.Client(); - ssl.setHostnameVerifier(NoopHostnameVerifier.INSTANCE); - ssl.setSslContext(new SslContextBuilder().withTrustStore(certificateFile).build()); - var connector = new ClientConnector(); - connector.setSslContextFactory(ssl); - HttpClient client = new HttpClient(new HttpClientTransportOverHTTP(connector)); - int timeout = 60 * 1000; - client.setConnectTimeout(timeout); - client.setIdleTimeout(timeout); + SslContextFactory.Client clientSslCtxFactory = new SslContextFactory.Client(); + clientSslCtxFactory.setHostnameVerifier(NoopHostnameVerifier.INSTANCE); + clientSslCtxFactory.setSslContext(new SslContextBuilder().withTrustStore(certificateFile).build()); + + HttpClient client = new HttpClient(clientSslCtxFactory); + client.setConnectTimeout(60*1000); + client.setStopTimeout(60*1000); + client.setIdleTimeout(60*1000); client.start(); return client; } diff --git a/container-dev/pom.xml b/container-dev/pom.xml index 9bbb5591fbfb..0c88531a2481 100644 --- a/container-dev/pom.xml +++ b/container-dev/pom.xml @@ -98,8 +98,8 @@ - org.eclipse.jetty.http2 - http2-common + org.eclipse.jetty.alpn + alpn-api org.eclipse.jetty.http2 @@ -109,21 +109,13 @@ org.eclipse.jetty jetty-alpn-java-server - - org.eclipse.jetty - jetty-alpn-server - org.eclipse.jetty jetty-client org.eclipse.jetty - jetty-http - - - org.eclipse.jetty - jetty-io + jetty-continuation org.eclipse.jetty @@ -139,11 +131,7 @@ org.eclipse.jetty - jetty-util - - - org.eclipse.jetty.toolchain - jetty-jakarta-servlet-api + jetty-servlets diff --git a/container-test/pom.xml b/container-test/pom.xml index e0ff7f62e933..32a64a98b9e1 100644 --- a/container-test/pom.xml +++ b/container-test/pom.xml @@ -113,8 +113,8 @@ - org.eclipse.jetty.http2 - http2-common + org.eclipse.jetty.alpn + alpn-api org.eclipse.jetty.http2 @@ -124,21 +124,13 @@ org.eclipse.jetty jetty-alpn-java-server - - org.eclipse.jetty - jetty-alpn-server - org.eclipse.jetty jetty-client org.eclipse.jetty - jetty-http - - - org.eclipse.jetty - jetty-io + jetty-continuation org.eclipse.jetty @@ -154,11 +146,7 @@ org.eclipse.jetty - jetty-util - - - org.eclipse.jetty.toolchain - jetty-jakarta-servlet-api + jetty-servlets diff --git a/parent/pom.xml b/parent/pom.xml index 068dc5579b22..62d57660bcf9 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -821,9 +821,9 @@ ${eclipse-collections.version} - org.eclipse.jetty.http2 - http2-common - ${jetty.version} + org.eclipse.jetty.alpn + alpn-api + ${jetty-alpn.version} org.eclipse.jetty.http2 @@ -835,11 +835,6 @@ jetty-alpn-java-server ${jetty.version} - - org.eclipse.jetty - jetty-alpn-server - ${jetty.version} - org.eclipse.jetty jetty-client @@ -847,27 +842,27 @@ org.eclipse.jetty - jetty-http + jetty-continuation ${jetty.version} org.eclipse.jetty - jetty-io + jetty-server ${jetty.version} org.eclipse.jetty - jetty-jmx + jetty-servlet ${jetty.version} org.eclipse.jetty - jetty-server + jetty-servlets ${jetty.version} org.eclipse.jetty - jetty-servlet + jetty-jmx ${jetty.version} @@ -875,11 +870,6 @@ jetty-util ${jetty.version} - - org.eclipse.jetty.toolchain - jetty-jakarta-servlet-api - ${jetty-servlet-api.version} - org.glassfish.jaxb jaxb-runtime @@ -1043,8 +1033,8 @@ 1.0.1 3.0.2 2.1.12 - 11.0.12 - 5.0.2 + 9.4.49.v20220914 + 1.1.3.v20160715 5.11.0 5.8.1 3.5.2