Commit Graph

9899 Commits

Author SHA1 Message Date
Josef Grieb
311feaa20d Update GraalVM with JDK 8 and add GraalVM with JDK 11 (#10333)
Motivation:

A new GraalVM with JDK 11 was released and GraalVM adds Java 11 support

Modification:

- Update GraalVM JDK 8 version
- Add GraalVM JDK 11 support

Result:

Build with GraalVM JDK 11 and use latest GraalVM JDK 8 version
2020-06-02 11:53:18 +02:00
Norman Maurer
4dfe541167 Include more details if we throw an IllegalArgumentException because of overflow (#10330)
Motivation:

We should include as much details as possible when throwing an IllegalArgumentException because of overflow in CompositeByteBuf

Modifications:

Add more details and factor out check into a static method to share code

Result:

Make it more clear why an operations failed
2020-06-02 10:08:06 +02:00
Scott Mitchell
32a77394a3 SslHandler#wrap to preserve exception if SSLEngine is closed (#10327)
Motivation:
SslHandler currently throws a general SSLException if a wrap attempt
fails due to the SSLEngine being closed. If writes are queued the
failure rational typically requires more investigation to track down the
original failure from a previous event. We may have more informative
rational for the failure and so we should use it.

Modifications:
- SslHandler#wrap to use failure information from the handshake or prior
transport closure if available

Result:
More informative exceptions from SslHandler#wrap if the SSLEngine has
been previously closed.
2020-06-02 09:51:43 +02:00
louxiu
689414ff0f Fix very tiny comment error in Recycler (#10309)
Motivation:

Fix very tiny comment error in Recycler

Modifications:

Fix very tiny comment error in Recycler

Result:

Correctly comment about drop in WeakOrderQueue#add
2020-05-25 07:40:11 +02:00
Norman Maurer
3f7dbd8790 We should fail fast when a CNAME loop is detected (#10305)
Motivation:

Once a CNAME loop was detected we can just fail fast and so reduce the number of queries.

Modifications:

Fail fast once a CNAME loop is detected

Result:

Fail fast
2020-05-20 07:10:47 +02:00
feijermu
9fe5f6f958 Dequeue all cached messages and destroy the queue instance after removing the FlowControlHandler from channel pipeline. (#10304)
Motivation:

The `FlowControlHandler` may cache the received messages in a queue in order to do the flow control. However, if this handler is manually removed from pipeline during runtime, those cached messages might not be passed to the next channel handler forever.

Modification:

Dequeue all these cached messages and call `ChannelHandlerContext.fireChannelRead(...)` in `handlerRemoved(...)` method.

Result:
Avoid losing the received messages.
2020-05-19 10:05:54 +02:00
Norman Maurer
bdb5e20d99 Use allocation free algorithm to detect CNAME cache loops (#10291)
Motivation:

We did use a HashSet to detect CNAME cache loops which needs allocations. We can use an algorithm that doesnt need any allocations

Modifications:

Use algorithm that doesnt need allocations

Result:

Less allocations on the slow path
2020-05-18 14:30:24 +02:00
Idel Pivnitskiy
1fe92e3077 Do not require BoringSSL for testSessionTicketsWithTLSv12AndNoKey (#10301)
Motivation:

`SslHandlerTest.testSessionTicketsWithTLSv12AndNoKey` does not require
BoringSSL and works with OpenSSL as well.

Modifications:

- Remove assume statement that expected BoringSSL;

Result:

Test works for any implementation of `OPENSSL` provider.
2020-05-18 14:25:40 +02:00
Norman Maurer
51805e3248 Check if SSL pointer was freed before using it in RefereceCountedOpenSslEngine in all cases (#10299)
Motivation:

To ensure we not crash in all cases we should better check that the SSL pointer was not freed before using it.

Modifications:

Add missing `isDestroyed()` checks

Result:

Ensure we not crash due usage of freed pointer.
2020-05-18 09:41:10 +02:00
Robert Varga
dc6ea0881c Include aarch64 packages in netty-bom (#10292)
Motivation:

The linux-aarch64 packages are not declared in netty-bom. There are no consistency checks for netty bom, hence it can easily miss updates when artifacts are added.

Modifications:

- Add declarations.
- Modify netty-all to depend on netty-bom for version declarations,
thus requiring netty-bom to be uptodate.

Result:

Be able to reference aarch64 packages without an explicit version. The content of netty-all is guaranteed to be declared in netty-bom, adding a safety net.

Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
2020-05-15 10:34:35 +02:00
sanjaypujare
f29b187159 Make ReferenceCountedOpenSslContext.setUseTasks public (#10289)
Motivation:
make the existing setter `ReferenceCountedOpenSslContext.setUseTasks` public

Modification:

Added the `public` qualified and removed the comment "for tests only"

Result:

Fixes #10288
2020-05-15 10:04:26 +02:00
Norman Maurer
fc84c9cc47 Respect jdk.tls.client.enableSessionTicketExtension and jdk.tls.server.enableSessionTicketExtension when using native SSL impl (#10296)
Motivation:

We should respect jdk.tls.client.enableSessionTicketExtension and jdk.tls.server.enableSessionTicketExtension when using the native SSL implementation as well to make the usage of it easier and more consistent. These properties were introduced by JDK13:

https://seanjmullan.org/blog/2019/08/05/jdk13

Modifications:

Check if the properties are set to true and if so enable tickets

Result:

Easier to enable tickets and be more consistent
2020-05-15 10:03:30 +02:00
Norman Maurer
67622a8141 Guard against re-entrancy issues while draining AbstractCoalescingBufferQueue (#10294)
Motivation:

AbstractCoalescingBufferQueue had a bug which could lead to an empty queue while still report bytes left. This was due the fact that we decremented the pending bytes before draining the queue one-by-one. The problem here is that while the queue is drained we may notify the promise which may add again buffers to the queue for which we never decrement the bytes while we drain these

Modifications:

- Decrement the pending bytes every time we drain a buffer from the queue
- Add unit tests

Result:

Fixes https://github.com/netty/netty/issues/10286
2020-05-15 10:00:40 +02:00
feijermu
6ff2089ee4 Add DNS client examples for run-example.sh (#10283)
Motivation:

There exists no DNS client examples in run-example.sh for the moment.

Modification:

Add DNS client examples for run-example.sh.

Result:

Help run the examples.
2020-05-14 12:10:48 +02:00
Norman Maurer
6b0655aecb Allow to have the session tickets automatically managed by the native library
Motivation:

BoringSSL supports to automatically manage the session tickets to be used and so also rotate them etc. This is often prefered by users as it removed some complexity. We should support to make use of this.

Modifications:

- Allow to have setSessionTickets() called without an argument or an empty array
- Add tests

Result:

Easier usage of session tickets
2020-05-14 12:09:49 +02:00
prgitpr
e7c5773162 Fix a potential fd leak in AbstractDiskHttpData.getChunk (#10270)
Motivation:

`FileChannel.read()` may throw an IOException. We must deal with this in case of the occurrence of `I/O` error.

Modification:

Place the `FileChannel.read()` method call in the `try-finally` block.

Result:

Advoid fd leak.


Co-authored-by: Norman Maurer <norman_maurer@apple.com>
2020-05-14 10:16:33 +02:00
Norman Maurer
32f2b9c805 Fix classifier for aarch64 (#10279)
Motivation:

The defined classifier for aarch64 was not correct

Modifications:

Fix classifier

Result:

Be able to correctly include the aarch64 native libs
2020-05-14 09:32:15 +02:00
wangxiyuan
187bdc2562 Add epoll aarch64 maven config and Dockerfile (#9804)
Motivation:

`transport-native-epoll` doesn't have ARM release package. 

Modification:

This PR added cross compile profile for epoll. Then we can easily build aarch64 package on X86 machine. 

Result:
Fixes #8279
2020-05-14 09:32:11 +02:00
Fabien Renaud
3e8cbb3136 Fix regression in HttpPostStandardRequestDecoder to always decode + to whitespace (#10285)
Motivations
-----------
HttpPostStandardRequestDecoder was changed in 4.1.50 to provide its own
ByteBuf UrlDecoder. Prior to this change, it was using the decodeComponent
method from QueryStringDecoder which decoded + characters to
whitespaces. This behavior needs to be preserved to maintain backward
compatibility.

Modifications
-------------
Changed HttpPostStandardRequestDecoder to detect + bytes and decode them
toe whitespaces. Added a test.

Results
-------
Addresses issues#10284
2020-05-14 09:29:13 +02:00
Norman Maurer
470fe0d3c1 Use correct JDK 13 version (#10276)
Motivation:

We had a typo in the JDK 13 version to use.

Modifications:

Use the correct version string

Result:

Be able to run CI with JDK13 again
2020-05-13 07:18:43 +02:00
Norman Maurer
11b63f8744 OpenSslSession.getLocalCertificates() and getLocalPrincipal() must r… (#10275)
Motivation:

OpenSslSession.getLocalCertificates() and  getLocalPrincipal() must return null on client side if mTLS is not used as stated in the API documentation. At the moment this is not always the case

Modifications:

- Ensure we only return non-null if mTLS is used
- Add unit tests

Result:

Follow SSLSession API contract
2020-05-13 07:16:56 +02:00
Norman Maurer
6279065e06 Update Java versions (#10273)
Motivation:

We should use the latest patch release of each java version

Modifications:

Update versions

Result:

Use latest versions on CI
2020-05-12 08:49:09 +02:00
Norman Maurer
b40ae95044 Select correct nameserver for CNAME (#10272)
Motivation:

The nameserver that should / must be used to resolve a CNAME may be different then the nameserver that was selected for the hostname to resolve. Failing to select the correct nameserver may result in problems during resolution.

Modifications:

Use the correct DnsServerAddressStream for CNAMEs

Result:

Always use the correct DnsServerAddressStream for CNAMEs and so fix resolution failures which could accour when CNAMEs are in the mix that use a different domain then the original hostname that we try to resolve
2020-05-12 08:47:11 +02:00
feijermu
f3a97f4f7b Remove a unused private method with empty body in HttpConversionUtil.java (#10266)
Motivation:

After searching the whole netty project, I found that the private method `translateHeader(...)` with empty body is never used actually. So I think it could be safely removed.

Modification:

Just remove this unused method.

Result:

Clean up the code.
2020-05-11 15:32:10 +02:00
feijermu
803a2cc911 Remove unused imports in DefaultHttp2LocalFlowController.java and HpackStaticTable.java (#10265)
Motivation:

`io.netty.handler.codec.http2.Http2Stream.State` is never used in DefaultHttp2LocalFlowController.java, and `io.netty.handler.codec.http2.HpackUtil.equalsConstantTime` is never used in HpackStaticTable.java.

Modification:

Just remove these unused imports.

Result:

Make imports cleaner.
2020-05-11 15:10:37 +02:00
Richard Nguyen
31272ab431 Fix date format in headers to use 2-digit day of month (#10259)
Motivation:

`Date`, `Expires`, and `Set-Cookie` headers are being generated with a 1-digit day of month,
e.g. `Sun, 6 Nov 1994 08:49:37 GMT`. RFC 2616 specifies that `Date` and `Expires` headers should
use "a fixed-length subset of that defined by RFC 1123" which includes a 2-digit day of month.
RFC6265 is lax in it's specification of the `Set-Cookie` header and permits a 2-digit day of month.

See: https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html
See: https://tools.ietf.org/html/rfc1123#page-55
See: https://tools.ietf.org/html/rfc6265#section-5.1.1

Modifications:

- Update `DateFormatter` to correctly implement RFC 2616 headers

Result:

```
Date: Sun, 06 Nov 1994 08:49:37 GMT
Expires: Sun, 06 Nov 1994 08:49:37 GMT
Set-Cookie: id=a3fWa; Expires=Sun, 06 Nov 1994 08:49:37 GMT
```
2020-05-11 08:57:37 +02:00
Aayush Atharva
ff9b2ac668 Add DoT and TCP DNS Client Example (#10256)
Motivation:

[DNS-over-TLS (DoT)](https://tools.ietf.org/html/rfc7858.html) encrypts DNS queries and sends it over TLS connection to make sure queries are secure in transit.

[TCP DNS](https://tools.ietf.org/html/rfc7766) sends DNS queries over TCP connection (unencrypted).

Modification:

Add DNS-over-TLS (DoT) Client Example which uses TLSv1.2 and TLSv1.3.
Add TCP DNS Client Example

Result:

DNS-over-TLS (DoT) Client Example
TCP DNS Client Example
2020-05-07 16:13:28 +02:00
louxiu
73b4179b8d Add option to configure recycler delayed queue drop ratio (#10251) (#10255)
Motivation

- Recycler stack and delayed queue drop ratio can only be configured with
the same value. The overall drop ratio is ratio^2.

- #10251 shows that enable drop in `WeakOrderQueue` may introduce
performance degradation. Though the final reason is not clear now,
it would be better to add option to configure delayed queue drop ratio separately.

Modification

- "io.netty.recycler.delayedQueue.ratio" as the drop ratio of delayed queue
- default "delayedQueue.ratio" is same as "ratio"

Results

Able to configure recycler delayed queue drop ratio separately
2020-05-07 15:21:06 +02:00
feijermu
b019ea7c54 Add a DNS client example. (#10237)
Motivation:

It seems that there is no DNS client example in Netty project so far.

Modification:

Add a Netty DNS client example.

Result:

More examples
2020-05-07 10:52:42 +02:00
louxiu
447d6b3924 Use io.netty.recycler.ratio directly (#10253)
Motivation

1. It's inable to collect all object because RATIO is always >=1 after
`safeFindNextPositivePowerOfTwo`

2. Enable drop object in `WeakOrderQueue`(commit:
71860e5b94) enlarge the drop ratio. We
can subtly control the overall drop ratio by using `io.netty.recycler.ratio` directly,

Modification

- Remove `safeFindNextPositivePowerOfTwo` before set the ratio

Results

Able to disable drop when recycle object
2020-05-07 10:29:30 +02:00
Norman Maurer
7f54c6d90d Don't reuse ChannelPromise in WebSocketProtocolHandler (#10248)
Motivation:

We cant reuse the ChannelPromise as it will cause an error when trying to ful-fill it multiple times.

Modifications:

- Use a new promise and chain it with the old one
- Add unit test

Result:

Fixes https://github.com/netty/netty/issues/10240
2020-05-07 09:14:02 +02:00
Dmitriy Dumanskiy
a81858c520 …in order to minimize pipeline
Motivation:

Handling of `WebSocketCloseFrame` is part of websocket protocol, so it's logical to put it within the `WebSocketProtocolHandler`. Also, removal of `WebSocketCloseFrameHandler` will decrease the channel pipeline.

Modification:

- `WebSocketCloseFrameHandler` code merged into `WebSocketProtocolHandler`. `WebSocketCloseFrameHandler` not added to the pipeline anymore
- Added additional constructor to `WebSocketProtocolHandler`
- `WebSocketProtocolHandler` now implements `ChannelOutboundHandler` and implements basic methods from it

Result:

`WebSocketCloseFrameHandler` is no longer used.

Fixes https://github.com/netty/netty/issues/9944
2020-05-07 09:13:50 +02:00
feijermu
f0ed11ef72 Remove a unused import in DefaultHttp2ConnectionEncoder.java (#10249)
Motivation:

`io.netty.handler.codec.http2.Http2CodecUtil.DEFAULT_PRIORITY_WEIGHT` is never used in DefaultHttp2ConnectionEncoder.java.

Modification:

Just remove this unused import.

Result:

Make the DefaultHttp2ConnectionEncoder.java's imports clean.
2020-05-07 08:10:52 +02:00
Nick Hill
c8f701d48c Correctly handle WrappedCompositeByteBufs in addFlattenedComponents() (#10247)
Motivation

An NPE was reported in #10245, caused by a regression introduced in
#8939. This in particular affects ByteToMessageDecoders that use the
COMPOSITE_CUMULATOR.

Modification

- Unwrap WrappedCompositeByteBufs passed to
CompositeByteBuf#addFlattenedComponents(...) method before accessing
internal components field
- Extend unit test to cover this case and ensure more of the
CompositeByteBuf tests are also run on the wrapped variant

Results

Fixes #10245
2020-05-05 13:57:22 +02:00
Norman Maurer
f23c33822c Rename testmethods to make these more clear (#10231)
Motivation:

The currently used method names don't make a lot of sense.

Modifications:

Rename to cleanup

Result:

Cleanup
2020-04-29 17:57:59 +02:00
Aayush Atharva
f22993a530 Specify algorithm for key pair in self signed certificate to generate EC or RSA based certificate. (#10223)
Motivation:

EC is better than RSA because of the small key size, efficient and secure which makes it perfect for testing purposes.

Modification:

Added support to specify an algorithm (EC or RSA) in constructors for key pair generation. The default key size is 256-bits as promulgated by NSA Suite B.

Result:
Able to generate a self-signed certificate of EC or RSA.
2020-04-29 16:53:31 +02:00
Norman Maurer
a62fcd9d50 Reuse the same allocator as used by the ByteBuf that is used during… (#10226)
Motivation:

We should not use Unpooled to allocate buffers if possible to ensure we can make use of pooling etc.

Modifications:

- Only allocate a buffer if really needed
- Use the ByteBufAllocator of the offered ByteBuf
- Ensure we not use buffer.copy() but explicitly allocate a buffer and then copy into it to not hit the limit of maxCapacity()

Result:

Improve allocations
2020-04-29 15:37:51 +02:00
Norman Maurer
23e0b878af Remove some debugging cruft (#10229)
Motivation:

RtspDecoderTest did include a println(...) call which was a left over from debugging.

Modifications:

Remove println(...)

Result:

Cleanup
2020-04-29 11:35:53 +02:00
Norman Maurer
65a967c772 Fix memory leak in HttpPostMultipartRequestDecoder (#10227)
Motivation:

We need to release all ByteBufs that we allocate to prevent leaks. We missed to release the ByteBufs that are used to aggregate in two cases

Modifications:

Add release() calls

Result:

No more memory leak in HttpPostMultipartRequestDecoder
2020-04-29 08:23:55 +02:00
Norman Maurer
7b56aabec6 Don't log with warn level in the DnsNameResolver in most cases (#10225)
Motivation:

We should only log with warn level if something really critical happens as otherwise we may spam logs and confuse the user.

Modifications:

- Change log level to debug for most cases

Result:

Less noisy logging
2020-04-29 08:08:39 +02:00
Norman Maurer
fe20550a22 Detect CNAME loops in the CNAME cache while trying to resolve (#10221)
Motivation:

We need to detect CNAME loops during lookup the DnsCnameCache as otherwise we may try to follow cnames forever.

Modifications:

- Correctly detect CNAME loops in the cache
- Add unit test

Result:

Fixes https://github.com/netty/netty/issues/10220
2020-04-28 11:06:46 +02:00
Norman Maurer
ae95e9c3d6 Update to latest Conscrypt release and add workarounds for bugs (#10211)
Motivation:

We are far behind with the version of Conscrypt we are using during testing. We should ensure we use the latest.

Modifications:

- Update conscrypt dependency
- Ensure we use conscrypt provider in tests
- Add workarounds for conscrypt bugs in testsuite

Result:

Use latest Conscrypt release
2020-04-28 09:50:22 +02:00
Fabien Renaud
8fe9c013dd HttpPostRequestDecoder: retain instead of copy when first buf is last (#10209)
Motivations
-----------
There is no need to copy the "offered" ByteBuf in HttpPostRequestDecoder
when the first HttpContent ByteBuf is also the last (LastHttpContent) as
the full content can immediately be decoded. No extra bookeeping needed.

Modifications
-------------
HttpPostMultipartRequestDecoder
 - Retain the first ByteBuf when it is both the first HttpContent offered
to the decoder and is also LastHttpContent.
 - Retain slices of the final buffers values

Results
-------
ByteBufs of FullHttpMessage decoded by HttpPostRequestDecoder are no longer
unnecessarily copied. Attributes are extracted as retained slices when
the content is multi-part. Non-multi-part content continues to return
Unpooled buffers.

Partially addresses issue #10200
2020-04-28 09:43:19 +02:00
feijermu
076f388d72 Move up the size check in AbstractDiskHttpData.setContent. (#10222)
Motivation:

`AbstractHttpData.checkSize` may throw an IOException if we set the max size limit via `AbstractHttpData.setMaxSize`. However, if this exception happens, the `AbstractDiskHttpData.file` and the `AbstractHttpData.size` are still be modified. In other words, it may break the failure atomicity here.

Modification:

Just move up the size check.

Result:

Keep the failure atomicity even if `AbstractHttpData.checkSize` fails.
2020-04-28 09:42:30 +02:00
Fabien Renaud
0c7a01503a Dns resolver: honor resolv.conf timeout, rotate and attempts options (#10207)
Motivations
-----------
DnsNameResolverBuilder and DnsNameResolver do not auto-configure
themselves uing default options define in /etc/resolv.conf.
In particular, rotate, timeout and attempts options are ignored.

Modifications
-------------
 - Modified UnixResolverDnsServerAddressStreamProvider to parse ndots,
attempts and timeout options all at once and use these defaults to
configure DnsNameResolver when values are not provided by the
DnsNameResolverBuilder.
 - When rotate option is specified, the DnsServerAddresses returned by
UnixResolverDnsServerAddressStreamProvider is rotational.
 - Amend resolv.conf options with the RES_OPTIONS environment variable
when present.

Result:

Fixes https://github.com/netty/netty/issues/10202
2020-04-28 09:33:11 +02:00
Saranya Krishnakumar
391cdcdd77 Add check for DefaultFileRegion to calculate size of msg in AbstractTrafficShapingHandler (#10215)
Motivation:

Currently calculateSize method in AbstractTrafficShapingHandler calculates size for object of type ByteBuf or ByteBufHolder. Adding a check for FileRegion, makes it possible to do traffic shaping for FileRegion objects as well

Modification:

Check if object to be sent is of type FileRegion, if yes calculate the size using its count() method.

Co-authored-by: Dinesh Joshi <dinesh.joshi@apple.com>
2020-04-27 14:50:09 +02:00
feijermu
a1f23dbdd3 Fix a potential fd leak in AbstractDiskHttpData.delete (#10212)
Motivation:

An unexpected IOException may be thrown from `FileChannel.force`. If it happens, the `FileChannel.close` may not be invoked.

Modification:

Place the `FileChannel.close` in a finally block.

Result:

Avoid fd leak.
2020-04-27 07:04:10 +02:00
Norman Maurer
411ad9d5b6 Update testsuite / pom.xml to be able to build with Java15 (#10210)
Motivation:

We need to make some slightly changes to be able to build on Java15 as some previous deprecated methods now throw UnsupportedOperationException

Modifications:

- Add code to handle UnsupportedOperationException
- Revert previous applied workaround for bug that was fixed in Java15
- Add maven profile

Result:

Be able to build with latest Java15 EA release
2020-04-27 06:33:54 +02:00
Norman Maurer
0c2c7c8f82 Add fastpath implementation for Unpooled.copiedBuffer(CharSequence, Charset) when UTF-8 or US-ASCII is used (#10206)
Motivation:

We can make use of our optimized implementations for UTF-8 and US-ASCII if the user request a copy of a sequence for these charsets

Modifications:

- Add fastpath implementation
- Add unit tests

Result:

Fixes https://github.com/netty/netty/issues/10205
2020-04-23 18:02:05 +02:00
Norman Maurer
a091d9df4e HTTP2: Guard against multiple ctx.close(...) calls with the same ChannelPromise (#10201)
Motivation:

Http2ConnectionHandler may call ctx.close(...) with the same promise instance multiple times if the timeout for gracefulShutdown elapse and the listener itself is notified. This can cause problems as other handlers in the pipeline may queue these promises and try to notify these later via setSuccess() or setFailure(...) which will then throw an IllegalStateException if the promise was notified already

Modification:

- Add boolean flag to ensure doClose() will only try to call ctx.close(...) one time

Result:

Don't call ctx.close(...) with the same promise multiple times when gradefulShutdown timeout elapses.
2020-04-23 11:27:17 +02:00