Commit Graph

874 Commits

Author SHA1 Message Date
Norman Maurer
f03f572da7 Upgrade logback dependency due CVE (#11271)
Motivation:

Older version of logback are affected by [CVE-2017-5929]. While its an optional dependency we should upgrade

Modifications:

Upgrade to 1.2.3

Result:

No more reports about using affected logback version
2021-05-18 11:41:12 +02:00
Norman Maurer
5bdcc89ea3 Add profile for generating javadocs and xref files (#11259)
Motivation:

When changing the netty-all artifact to not include any sources we also removed the ability to generate the javadocs / xref files for our website

Modifications:

- Add new profile which will generate the files
- Add script which generates all the files and copy these over to the netty-website

Result:

Easier to generate files for website
2021-05-17 20:12:06 +02:00
Norman Maurer
5d0458a346 Use MAVEN_OPTS to setup timeouts for dependency downloads (#11250)
Motivation:

Just use MAVEN_OPTS to setup all the timeouts etc for dependency downloads. This way we at least can be sure these are applied.

Modifications:

- Use MAVEN_OPTS
- Remove ci profile
- Remove unused settings.xml file
- Always use ./mvnw

Result:

Build stability improvements
2021-05-12 18:04:33 +02:00
Norman Maurer
f33acf2009 Fix java version for java16 (#11243)
Motivation:

When trying to compile with java16 we should use adopt@1.16*

Modifications:

- Use adopt@1.16.0-1-
- Upgrade to blockhoud 1.0.6 to be able to support java16

Result:

Use correct java version / flavor
2021-05-12 14:04:16 +02:00
Norman Maurer
e54aeea1da Update conscrypt and add workaround for test failure (#11238)
Motivation:

Conscrypt not correctly filters out non support TLS versions which may lead to test failures.

Related to https://github.com/google/conscrypt/issues/1013

Modifications:

- Bump up to latest patch release
- Add workaround

Result:

No more test failures caused by conscrypt
2021-05-11 10:41:17 +02:00
Stephane Landelle
92ff402f0f Introduce BrotliDecoder (#10960)
Motivation:

Netty lacks client side support for decompressing Brotli compressed response bodies.

Modification:

* Introduce optional dependency to brotli4j by @hyperxpro. It will be up to the user to provide the brotli4j libraries for the target platform in the classpath. brotli4j is currently available for Linux, OSX and Windows, all for x86 only.
* Introduce BrotliDecoder in codec module
* Plug it onto `HttpContentDecompressor` for HTTP/1 and `DelegatingDecompressorFrameListener` for HTTP/2
* Add test in `HttpContentDecoderTest`
* Add `BrotliDecoderTest` that doesn't extend `AbstractDecoderTest` that looks flaky

Result:

Netty now support decompressing Brotli compressed response bodies.
2021-05-10 15:39:01 +02:00
Norman Maurer
414de53226 Use profile for overriding properties when building on the CI (#11232)
Motivation:

0f25213918 introduced some properties that were used to make builds more stable on the ci. All of these properties were duplicated everywhere, this made it hard to maintain

Modifications:

- Add profile which sets the properties.
- Just use the profile when build on the ci

Result:

Easier to maintain custom properties for the ci build
2021-05-07 18:25:51 +02:00
Norman Maurer
c919b385e2 Re-enable running openssl (shared) tests on CI (#11197)
Motivation:

It turned out we didnt run the openssl tests on the CI when we used the non-static version of netty-tcnative.

Modifications:

- Upgrade netty-tcnative to fix segfault when using shared openssl
- Adjust tests to only run session cache tests when openssl supports it
- Fix some more tests to only depend on KeyManager if the underlying openssl version supports it

Result:

Run all openssl test on the CI even when shared library is used
2021-04-27 13:49:06 +02:00
Norman Maurer
b41891b602 Skip deployment of testsuite jars (#11127)
Motivation:

We should skip the deployment of jars that are not meant to be consumed by the user as there is no public API.

Modifications:

Let's skip deployment for modules that are not useful for users

Result:

Build cleanup
2021-03-30 19:06:34 +02:00
Norman Maurer
3e43d1c62a Update to netty-tcnative 2.0.38.Final (#11126) 2021-03-29 21:00:08 +02:00
Norman Maurer
8d483b58b3 Use netty-jni-util 0.0.3.Final
netty-jni-util 0.0.2.Final is incompatible with static linking. Before
the netty-jni-util dependency was introduced netty-tcnative supported
static linking via NETTY_BUILD_STATIC. netty-jni-util 0.0.3.Final adds
static linking compatibility.

Modifications:

Bump netty-jni-util to version 0.0.3.Final and update to its new API
which requires the caller to manage packagePrefix.

Result:

Using latest version of netty-jni-util and restored static linking
compatibility.
2021-03-25 11:40:40 +01:00
Norman Maurer
a25103f5a8 Fix netty-build dependency
Motivation:

netty-build is now called netty-build-common

Modifications:

Rename netty-build to netty-build-common

Result:

Be able to compile branch again
2021-03-21 14:48:54 +01:00
Norman Maurer
22088cd4cd Update netty-build version (#11103)
Motivation:

We released a new version of netty-build

Modifications:

Update to latest version

Result:

Use latest netty-build version
2021-03-20 12:46:32 +01:00
Chris Vest
e1830ccf47
Add support for direct ByteBufs in JdkZlibEncoder and JdkZlibDecoder (#11057)
Motivation:
The JDK deflate implementation added support for operating on ByteBuffers in Java 11 or so.
This means that we don't need to restrict that implementation to ByteBufs that are heap based and can expose arrays.

Modification:
Add clauses to JdkZlibEncoder and JdkZlibDecoder for handling ByteBufs that don't have arrays, but do have one nioByteBuffer.
Expand the test coverage in JdkZlibTest to include all relevant combinations of buffer types and data types.

Result:
The JdkZlibEncoder and JdkZlibDecoder should now work on basically all non-composite ByteBufs, and likely also composite ByteBufs that have exactly one component.
2021-03-05 13:29:20 +01:00
skyguard1
899e5a6850 Upgrade graalvm version to the latest version (#11012)
Motivation:
The current netty's graalvm dependency version is too low, so you need to upgrade the plugin

Modification:
Upgrade Graalvm version to the latest version, please review this pr, thank you

Result:

Use up-to-date version.

Co-authored-by: xingrufei <xingrufei@sogou-inc.com>
2021-02-11 13:30:00 +01:00
Chris Vest
4177e2c445 Revert test debugging flags and update surefire/failsafe (#11016)
* Revert "Add a profile for debugging tests that run from Maven (#11011)"

This reverts commit 83895f0f

The same functionality is already natively available in surefire, by adding the `-Dmaven.surefire.debug` flag to Maven.

* Update surefire/failsafe version

These new versions copes better when our tests prints to STDOUT, and disturbs the progress processing that these plugins do.
2021-02-10 15:37:06 +01:00
Norman Maurer
4d3bd06212 Update to latest os-maven-plugin (#11003)
Motivation:

A new version of the os-maven-plugin was released

Modifications:

Update to latest version

Result:

Use latest version
2021-02-08 08:43:44 +01:00
Norman Maurer
78646b3d7e Verify we can load native modules and add job that verifies on aarch64 as well (#10933)
Motivation:

As shown in the past we need to verify we actually can load the native as otherwise we may introduce regressions.

Modifications:

- Add new maven module which tests loading of native modules
- Add job that will also test loading on aarch64

Result:

Less likely to introduce regressions related to loading native code in the future
2021-01-14 17:15:29 +01:00
Aayush Atharva
c1095a0ac2 Update BouncyCastle Libraries (#10906)
Motivation:
New versions of `Bouncy Castle` libraries are out and we should upgrade to them.

Modification:
Upgraded all `Bouncy Castle` libraries to the latest version.

Result:
The latest versions of `Bouncy Castle` libraries.

Fixes #10905.
2021-01-01 19:33:03 +01:00
Norman Maurer
c4a07aee40 Use netty-jni-util via maven central (#10877)
Motivation:

netty-jni-util is now also hosted on maven central. Let's use it

Modifications:

Adjust plugins to just unpack netty-jni-util and use it

Result:

Be able to use what is in the maven cache for netty-jni-util
2020-12-19 10:38:39 +01:00
Norman Maurer
64fbf5695a Update to netty-tcnative 2.0.35.Final (#10850)
Motivation:

There was a new netty-tcnative release

Modifications:

Update to 2.0.35.Final

Result:

Use latest release
2020-12-08 14:55:38 +01:00
Roman Puchkovskiy
a7bc535e12 Fix native image build for the cases when io.netty.util.NetUtil is initialized at run-time (#10799)
Motivation:

In #10630, field substitutions were introduced for NetUtil.LOCALHOST4, NetUtil.LOCALHOST6 and NetUtil.LOCALHOST fields. They were required to allow a native image be built with most of Netty (including NetUtil) initialized at build time.

The substitutions created in #10630 only define getters, so the 3 fields can only be read in a native image.

But when NetUtil is initialized at run-time (this is what happens in #10797), its static initialization block is executed, and this block writes to all 3 fields. As the substitutions do not provide any setters, field stores are not valid, and such builds fail.

Modifications:

- Add netty-testsuite-native-image-client-runtime-init Maven module that builds a native image deferring NetUtil class initialization till run-time; this module is used to demonstrate the problem and verify the problem is gone with the fix
- Add no-op setters to substitutions for NetUtil.LOCALHOST4, NetUtil.LOCALHOST6 and NetUtil.LOCALHOST

Result:

A native image initializing NetUtil at run-time builds successfully.

Fixes #10797
2020-12-07 18:22:03 +01:00
Norman Maurer
eeece4cfa5 Use http in xmlns URIs to make maven release plugin happy again (#10788)
Motivation:

https in xmlns URIs does not work and will let the maven release plugin fail:

```
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  1.779 s
[INFO] Finished at: 2020-11-10T07:45:21Z
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on project netty-parent: Execution default-cli of goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare failed: The namespace xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" could not be added as a namespace to "project": The namespace prefix "xsi" collides with an additional namespace declared by the element -> [Help 1]
[ERROR]
```

See also https://issues.apache.org/jira/browse/HBASE-24014.

Modifications:

Use http for xmlns

Result:

Be able to use maven release plugin
2020-11-10 10:51:05 +01:00
Chris Vest
a6b749843f Use JUnit 5 for running all tests (#10764)
Motivation:
JUnit 5 is the new hotness. It's more expressive, extensible, and composable in many ways, and it's better able to run tests in parallel. But most importantly, it's able to directly run JUnit 4 tests.
This means we can update and start using JUnit 5 without touching any of our existing tests.
I'm also introducing a dependency on assertj-core, which is like hamcrest, but arguably has a nicer and more discoverable API.

Modification:
Add the JUnit 5 and assertj-core dependencies, without converting any tests at time time.

Result:
All our tests are now executed through the JUnit 5 Vintage Engine.
Also, the JUnit 5 test APIs are available, and any JUnit 5 tests that are added from now on will also be executed.
2020-11-04 10:21:03 +01:00
Aayush Atharva
3b89206153 Upgrade Conscrypt to 2.5.1 (#10732)
Motivation:
Conscrypt 2.5.1 is available and it's a good idea to upgrade to the latest version.

Modification:
Upgraded Conscrypt 2.4.0 to 2.5.1

Result:
Newer Conscrypt version.
2020-10-26 19:41:15 +01:00
Aayush Atharva
56c47e4361 Upgrade Slf4j to 1.7.30 (#10712)
Motivation:
SLF4J 1.7.30 is the latest version in 1.7.x and we should upgrade to it from 1.7.21.

Modification:
Changed 1.7.21 to 1.7.30

Result:
Newer version of SLF4J
2020-10-26 13:03:40 +01:00
Roman Puchkovskiy
dba46aa3da Fix native image build on modern GraalVM versions for the cases when the program uses netty-dns (#10630)
Motivation:

Since GraalVM version 19.3.0, instances of java.net.InetAddress (and its subclasses Inet4Address and Inet6Address) are not allowed in native image heap (that is, they cannot be stored in static fields of classes initialized at build time or be reachable through static fields of such classes). When building a native image, it makes sense to initialize at build time as many classes as possible.
But some fields of some classes in Netty (for example, NetUtil.LOCALHOST4) contain InetAddress instances. If a program is using code path that makes it possible to reach such fields at build time initialization, it becomes impossible to build a native image initializing core Netty classes initialized at runtime. An example of such a program is a client that uses netty-dns.

Modifications:

- Add netty-testsuite-native-image-client Maven module to test that such an example program can be built after the corresponding fixes
- Add native-image.properties to resolver-dns module to move initialization of some classes to runtime (some of them are parsing configuration during initialization, so it makes no sense to initialize them at build time; for others, it's needed to avoid InetAddress reachability at build time)
- Add substitutions for NetUtil.LOCALHOST4, NetUtil.LOCALHOST6 and NetUtil.LOCALHOST to overcome the InetAddress-related prohibition
- Extract some initialization code from NetUtil to NetUtilInitializations to allow it to be used by the substitutions

Result:

A client program using netty-dns with --initialize-at-build-time=io.netty builds successfully
2020-10-26 08:49:31 +01:00
Artem Smotrakov
b8ae2a2af4 Enable nohttp check during the build (#10708)
Motivation:

HTTP is a plaintext protocol which means that someone may be able
to eavesdrop the data. To prevent this, HTTPS should be used whenever
possible. However, maintaining using https:// in all URLs may be
difficult. The nohttp tool can help here. The tool scans all the files
in a repository and reports where http:// is used.

Modifications:

- Added nohttp (via checkstyle) into the build process.
- Suppressed findings for the websites
  that don't support HTTPS or that are not reachable

Result:

- Prevent using HTTP in the future.
- Encourage users to use HTTPS when they follow the links they found in
  the code.
2020-10-23 15:26:25 +02:00
Norman Maurer
ef1f24fb7f Fix compiler settings when building on JDK15
Motivation:

26f3cd89ef did introduce a profile for compiling on JDK15 but did miss to set the compiler settings correctly for the requirements of this branch

Modifications:

Correct compiler settings.

Result:

Be able to build with JDK15
2020-10-22 09:04:09 +02:00
dependabot[bot]
f39d2162f5 Bump junit from 4.12 to 4.13.1 (#10681)
Bumps [junit](https://github.com/junit-team/junit4) from 4.12 to 4.13.1.
- [Release notes](https://github.com/junit-team/junit4/releases)
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.12.md)
- [Commits](https://github.com/junit-team/junit4/compare/r4.12...r4.13.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-14 12:13:01 +02:00
Chris Vest
6201c6d80f
Add a build profile for JDK 16 (#10675)
Motivation:
Java 16 will come around eventually anyway, and this makes it easier for people to experiment with Early Access builds.

Modification:
- Added Maven profiles for JDK 16 to relevant pom files.
- Removed the `--add-exports java.base/sun.security.x509=ALL-UNNAMED` argument when running tests; we've not needed it since the Java11-as-baseline PR landed.

Result:
Netty now builds on JDK 16 pre-releases (provided they've not broken compatibility in some way).
2020-10-12 16:42:40 +02:00
Chris Vest
a179db8066
Raise the Netty 5 minimum required Java version to Java 11. (#10650)
Raise the Netty 5 minimum required Java version to Java 11.

Motivation:
Java 11 has been out for some time, and Netty 5 is still some ways out.
There are also many good features in Java 11 that we wish to use, such as VarHandles, var-keyword, and the module system.
There is no reason for Netty 5 to not require Java 11, since Netty 4.x will still be supported for the time being.

Modification:
Remove everything in the pom files related to Java versions older than Java 11.
Remove the animal-sniffer plug-in and rely on the `--release` compiler flag instead.
Remove docker files related to Java versions older than Java 11.
Remove the copied SCTP APIs -- we should test this commit independently on Windows.
Remove the OpenJdkSelfSignedCertGenerator.java file and just always use Bouncy Castle for generating self-signed certificates for testing.
Make netty-testsuite tests pass by including Bouncy Castle as a test dependency, so we're able to generate our self-signed certificate.

Result:
Java 11 is now the minimum required Java version.
2020-10-12 14:13:01 +02:00
dependabot[bot]
cc3a686357 Bump ant from 1.9.7 to 1.9.15 (#10573)
Bumps ant from 1.9.7 to 1.9.15.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-15 15:31:15 +02:00
Chris Vest
56f32f1f8c
Remove javassist dependency (#10514)
Motivation:
 Avoid keeping unused dependencies around.

Modification:
 Remove all references to javassist dependency, since it does not appear to be used by anything.

Result:
 One less dependency to worry about.
2020-08-31 09:02:28 +02:00
Norman Maurer
9ab75505f8 Update netty-tcnative to 2.0.34.Final (#10494)
Motivation:

A new netty-tcative was released

Modifications:

Update to latest version

Result:

Use latest version
2020-08-21 14:22:33 +02:00
Norman Maurer
514d349e1f Enable SSL_MODE_ENABLE_FALSE_START if jdkCompatibilityMode is false (#10407)
Motivation:

To reduce latency and RTTs we should use TLS False Start when jdkCompatibilityMode is not required and its supported

Modifications:

Use SSL_MODE_ENABLE_FALSE_START when jdkCompatibilityMode is false

Result:

Less RTTs and so lower latency when TLS False Start is supported
2020-08-18 19:01:09 +02:00
Norman Maurer
a2ebd65322 Fix compilation error on JDK 15 (#10462)
Motivation:

AlgorithmId.sha256WithRSAEncryption_oid was removed in JDK15 and later so we should not depend on it as otherwise we will see compilation errors

Modifications:

Replace AlgorithmId.sha256WithRSAEncryption_oid usage with specify the OID directly

Result:

Compiles on JDK15+
2020-08-10 14:03:43 +02:00
Stephane Landelle
6240a4b03f Upgrade jctools from 3.0.0 to 3.1.0 (#10456)
Motivation:

JCTools 3.1.0 is out and includes several fixes, see https://github.com/JCTools/JCTools/releases/tag/v3.1.0

Modification:

Upgrade jctools-core version in pom.xml

Result:

Netty ships latest version of jctools.
2020-08-10 11:16:01 +02:00
Norman Maurer
0c79863db5 Update to netty-tcnative 2.0.31.Final and make SslErrorTest more robust (#10392)
Motivation:

There was a new netty-tcnative release which we should use. Beside this the SSLErrorTest was quite fragile and so should be adjusted.

Modifications:

Update netty-tcnative and adjust test

Result:

Use latest netty-tcnative release
2020-07-07 10:56:42 +02:00
Norman Maurer
ae95e9c3d6 Update to latest Conscrypt release and add workarounds for bugs (#10211)
Motivation:

We are far behind with the version of Conscrypt we are using during testing. We should ensure we use the latest.

Modifications:

- Update conscrypt dependency
- Ensure we use conscrypt provider in tests
- Add workarounds for conscrypt bugs in testsuite

Result:

Use latest Conscrypt release
2020-04-28 09:50:22 +02:00
Norman Maurer
411ad9d5b6 Update testsuite / pom.xml to be able to build with Java15 (#10210)
Motivation:

We need to make some slightly changes to be able to build on Java15 as some previous deprecated methods now throw UnsupportedOperationException

Modifications:

- Add code to handle UnsupportedOperationException
- Revert previous applied workaround for bug that was fixed in Java15
- Add maven profile

Result:

Be able to build with latest Java15 EA release
2020-04-27 06:33:54 +02:00
Norman Maurer
2f4fa3444e Ensure we support ALPN when using java 8u251 (#10196)
Motivation:

ALPN support was backported to java 8 lately. Ensure we support it if the user uses the latest java 8 release

Modifications:

- Update logic to be able to detect if ALPN is supported out of the box when using Java8
- Update jetty alpn version

Result:

Be able to use ALPN out of the box when using java 8u251
2020-04-21 15:23:28 +02:00
Norman Maurer
0905180ccd Update Bouncycastle dependency (#10185)
Motivation:

We should update our optional bouncycastle dependency to ensure we use the latest which has all the security fixes

Modifications:

Update bouncycastle version

Result:

Fixes https://github.com/netty/netty/issues/10184
2020-04-14 14:24:14 +02:00
Norman Maurer
ff9667b1f9 Add profile to build on JDK 14 (#10148)
Motivation:

JDK 14 was released and need some special settings to be able to build with. Also there seems to be one regression that we need to workaround for now.

Modifications:

- Add maven profile for JDK 14
- Update blockhound version to be able to work on JDK 14
- Add workaround for possible JDK 14 regression

Result:

Be able to build on JDK 14
2020-03-31 16:03:10 +02:00
Norman Maurer
fd0d06ee39
Replace reflection usage with MethodHandles when performance matters (#10097)
Motivation:

As we have java8 as a minimum target we can use MethodHandles. We should do so when we expect to have a method called multiple times.

Modifications:

- Replace usage of reflection with MethodHandles where it makes sense
- Remove some code which was there to support java < 8

Result:

Faster code
2020-03-11 21:04:40 +01:00
Norman Maurer
e33c5f3a89 Update to netty-tcnative 2.0.29.Final (#10044)
Motivation:

A new release of netty-tcnative is out

Modifications:

Update to latest version

Result:

Use latest netty-tcnative
2020-02-24 09:25:58 +01:00
Norman Maurer
2c3833472a Update to Blockhound 1.0.2 (#10007)
Motivation:

A new version of blockhound was released today

Modifications:

Upgrade to latest blockhound version

Result:

Use latest blockhound release
2020-02-08 17:04:51 +01:00
Norman Maurer
8304069a30 Add SslClientHelloHandler which allows to do something based on the S… (#9827)
Motivation:

Sometimes it is useful to do something depending on the Ssl ClientHello (like for example select a SslContext to use). At the moment we only allow to hook into the SNI extension but this is not enough.

Modifications:

Add SslClientHelloHandler which allows to hook into ClientHello messages. This class is now also the super class of AbstractSniHandler

Result:

More flexible processing of SSL handshakes
2020-02-05 14:57:05 +01:00
Norman Maurer
1e5ea69ecd Update checkstyle to 8.29 and netty-build to 26
Motivation:

A new checkstyle version was released which fixes a security vulnerability.

Modifications:

- Update to latest checkstyle version
- Update netty-build to latest version to be compatible with latest checkstyle version

Result:

No more security vulnerability caused by checkstyle during build
2020-02-03 18:25:05 +01:00
Nitsan Wakart
788f245ea6 Use JCTools 3.0 + do not break on shaded jars API changes (should not be used by downstream) (#9920)
Motivation:

Use latest JCTools, bug fixes etc.

Modification:

Change pom to depend on 3.0.0 version, and ignore shaded jar API changes

Result:

Using newer JCTools
2020-01-15 14:26:50 +01:00