Commit Graph

9852 Commits

Author SHA1 Message Date
Norman Maurer
71467892bf
OpenSslSession.getLocalCertificates() and getLocalPrincipal() must r… (#10275)
Motivation:

OpenSslSession.getLocalCertificates() and  getLocalPrincipal() must return null on client side if mTLS is not used as stated in the API documentation. At the moment this is not always the case

Modifications:

- Ensure we only return non-null if mTLS is used
- Add unit tests

Result:

Follow SSLSession API contract
2020-05-13 07:16:27 +02:00
Norman Maurer
1c21733fb9
Update Java versions (#10273)
Motivation:

We should use the latest patch release of each java version

Modifications:

Update versions

Result:

Use latest versions on CI
2020-05-12 08:48:54 +02:00
Norman Maurer
68105b257d
Select correct nameserver for CNAME (#10272)
Motivation:

The nameserver that should / must be used to resolve a CNAME may be different then the nameserver that was selected for the hostname to resolve. Failing to select the correct nameserver may result in problems during resolution.

Modifications:

Use the correct DnsServerAddressStream for CNAMEs

Result:

Always use the correct DnsServerAddressStream for CNAMEs and so fix resolution failures which could accour when CNAMEs are in the mix that use a different domain then the original hostname that we try to resolve
2020-05-12 08:46:45 +02:00
feijermu
d10c946e1b
Remove a unused private method with empty body in HttpConversionUtil.java (#10266)
Motivation:

After searching the whole netty project, I found that the private method `translateHeader(...)` with empty body is never used actually. So I think it could be safely removed.

Modification:

Just remove this unused method.

Result:

Clean up the code.
2020-05-11 15:31:56 +02:00
feijermu
4c758a214d
Remove unused imports in DefaultHttp2LocalFlowController.java and HpackStaticTable.java (#10265)
Motivation:

`io.netty.handler.codec.http2.Http2Stream.State` is never used in DefaultHttp2LocalFlowController.java, and `io.netty.handler.codec.http2.HpackUtil.equalsConstantTime` is never used in HpackStaticTable.java.

Modification:

Just remove these unused imports.

Result:

Make imports cleaner.
2020-05-11 15:10:20 +02:00
Richard Nguyen
322d96ef92
Fix date format in headers to use 2-digit day of month (#10259)
Motivation:

`Date`, `Expires`, and `Set-Cookie` headers are being generated with a 1-digit day of month,
e.g. `Sun, 6 Nov 1994 08:49:37 GMT`. RFC 2616 specifies that `Date` and `Expires` headers should
use "a fixed-length subset of that defined by RFC 1123" which includes a 2-digit day of month.
RFC6265 is lax in it's specification of the `Set-Cookie` header and permits a 2-digit day of month.

See: https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html
See: https://tools.ietf.org/html/rfc1123#page-55
See: https://tools.ietf.org/html/rfc6265#section-5.1.1

Modifications:

- Update `DateFormatter` to correctly implement RFC 2616 headers

Result:

```
Date: Sun, 06 Nov 1994 08:49:37 GMT
Expires: Sun, 06 Nov 1994 08:49:37 GMT
Set-Cookie: id=a3fWa; Expires=Sun, 06 Nov 1994 08:49:37 GMT
```
2020-05-11 08:57:17 +02:00
Piotr Betkier
09d38c87df
Add GlobalEventExecutor#addTask to BlockHound exceptions. (#10262)
Motivation:

GlobalEventExecutor#addTask may be called during SingleThreadEventExecutor shutdown.
May result in a blocking call, because GlobalEventExecutor#taskQueue is a BlockingQueue.

Modifications:

Add allowBlockingCallsInside configuration for GlobalEventExecutor#addTask.

Result:

Fixes #10257.
When BlockHound is installed, GlobalEventExecutor#addTask is not reported as a blocking call.
2020-05-11 08:51:38 +02:00
Piyush Goyal
79915347c6
Cleanup test case (#10232)
* Motivation:

JsonObjectDecoderTest did include 3 println(...) call which was leftover from debugging.

Modifications:

Removed println(...)

Result:

Cleanup

Co-authored-by: Norman Maurer <norman_maurer@apple.com>
2020-05-07 16:10:25 +02:00
Aayush Atharva
cf589a8f31
Add DoT and TCP DNS Client Example (#10256)
Motivation:

[DNS-over-TLS (DoT)](https://tools.ietf.org/html/rfc7858.html) encrypts DNS queries and sends it over TLS connection to make sure queries are secure in transit.

[TCP DNS](https://tools.ietf.org/html/rfc7766) sends DNS queries over TCP connection (unencrypted).

Modification:

Add DNS-over-TLS (DoT) Client Example which uses TLSv1.2 and TLSv1.3.
Add TCP DNS Client Example

Result:

DNS-over-TLS (DoT) Client Example
TCP DNS Client Example
2020-05-07 15:26:14 +02:00
louxiu
909e7c9c29
Add option to configure recycler delayed queue drop ratio (#10251) (#10255)
Motivation

- Recycler stack and delayed queue drop ratio can only be configured with
the same value. The overall drop ratio is ratio^2.

- #10251 shows that enable drop in `WeakOrderQueue` may introduce
performance degradation. Though the final reason is not clear now,
it would be better to add option to configure delayed queue drop ratio separately.

Modification

- "io.netty.recycler.delayedQueue.ratio" as the drop ratio of delayed queue
- default "delayedQueue.ratio" is same as "ratio"

Results

Able to configure recycler delayed queue drop ratio separately
2020-05-07 15:08:35 +02:00
feijermu
731d33070f
Add a DNS client example. (#10237)
Motivation:

It seems that there is no DNS client example in Netty project so far.

Modification:

Add a Netty DNS client example.

Result:

More examples
2020-05-07 10:46:41 +02:00
louxiu
4c9a30d5f9
Use io.netty.recycler.ratio directly (#10253)
Motivation

1. It's inable to collect all object because RATIO is always >=1 after
`safeFindNextPositivePowerOfTwo`

2. Enable drop object in `WeakOrderQueue`(commit:
71860e5b94) enlarge the drop ratio. We
can subtly control the overall drop ratio by using `io.netty.recycler.ratio` directly,

Modification

- Remove `safeFindNextPositivePowerOfTwo` before set the ratio

Results

Able to disable drop when recycle object
2020-05-07 10:29:05 +02:00
Norman Maurer
f00160bca3
Don't reuse ChannelPromise in WebSocketProtocolHandler (#10248)
Motivation:

We cant reuse the ChannelPromise as it will cause an error when trying to ful-fill it multiple times.

Modifications:

- Use a new promise and chain it with the old one
- Add unit test

Result:

Fixes https://github.com/netty/netty/issues/10240
2020-05-07 08:11:33 +02:00
feijermu
40448db5bb
Remove a unused import in DefaultHttp2ConnectionEncoder.java (#10249)
Motivation:

`io.netty.handler.codec.http2.Http2CodecUtil.DEFAULT_PRIORITY_WEIGHT` is never used in DefaultHttp2ConnectionEncoder.java.

Modification:

Just remove this unused import.

Result:

Make the DefaultHttp2ConnectionEncoder.java's imports clean.
2020-05-07 08:10:36 +02:00
Nick Hill
c3db0391af
Correctly handle WrappedCompositeByteBufs in addFlattenedComponents() (#10247)
Motivation

An NPE was reported in #10245, caused by a regression introduced in
#8939. This in particular affects ByteToMessageDecoders that use the
COMPOSITE_CUMULATOR.

Modification

- Unwrap WrappedCompositeByteBufs passed to
CompositeByteBuf#addFlattenedComponents(...) method before accessing
internal components field
- Extend unit test to cover this case and ensure more of the
CompositeByteBuf tests are also run on the wrapped variant

Results

Fixes #10245
2020-05-05 13:56:40 +02:00
Norman Maurer
cfcd7a4fde
Rename testmethods to make these more clear (#10231)
Motivation:

The currently used method names don't make a lot of sense.

Modifications:

Rename to cleanup

Result:

Cleanup
2020-04-29 17:52:43 +02:00
Aayush Atharva
9427255ffb
Specify algorithm for key pair in self signed certificate to generate EC or RSA based certificate. (#10223)
Motivation:

EC is better than RSA because of the small key size, efficient and secure which makes it perfect for testing purposes.

Modification:

Added support to specify an algorithm (EC or RSA) in constructors for key pair generation. The default key size is 256-bits as promulgated by NSA Suite B.

Result:
Able to generate a self-signed certificate of EC or RSA.
2020-04-29 16:52:07 +02:00
Norman Maurer
8f7ca2b4ef
Reuse the same allocator as used by the ByteBuf that is used during… (#10226)
Motivation:

We should not use Unpooled to allocate buffers if possible to ensure we can make use of pooling etc.

Modifications:

- Only allocate a buffer if really needed
- Use the ByteBufAllocator of the offered ByteBuf
- Ensure we not use buffer.copy() but explicitly allocate a buffer and then copy into it to not hit the limit of maxCapacity()

Result:

Improve allocations
2020-04-29 14:39:14 +02:00
Norman Maurer
ff36f2826c
Remove some debugging cruft (#10229)
Motivation:

RtspDecoderTest did include a println(...) call which was a left over from debugging.

Modifications:

Remove println(...)

Result:

Cleanup
2020-04-29 11:35:22 +02:00
Norman Maurer
987a68eb02
Fix memory leak in HttpPostMultipartRequestDecoder (#10227)
Motivation:

We need to release all ByteBufs that we allocate to prevent leaks. We missed to release the ByteBufs that are used to aggregate in two cases

Modifications:

Add release() calls

Result:

No more memory leak in HttpPostMultipartRequestDecoder
2020-04-29 08:23:41 +02:00
Norman Maurer
6cd193e83f
Don't log with warn level in the DnsNameResolver in most cases (#10225)
Motivation:

We should only log with warn level if something really critical happens as otherwise we may spam logs and confuse the user.

Modifications:

- Change log level to debug for most cases

Result:

Less noisy logging
2020-04-29 08:00:14 +02:00
Norman Maurer
387e451c82
Detect CNAME loops in the CNAME cache while trying to resolve (#10221)
Motivation:

We need to detect CNAME loops during lookup the DnsCnameCache as otherwise we may try to follow cnames forever.

Modifications:

- Correctly detect CNAME loops in the cache
- Add unit test

Result:

Fixes https://github.com/netty/netty/issues/10220
2020-04-28 10:47:10 +02:00
Norman Maurer
83012a038b
Update to latest Conscrypt release and add workarounds for bugs (#10211)
Motivation:

We are far behind with the version of Conscrypt we are using during testing. We should ensure we use the latest.

Modifications:

- Update conscrypt dependency
- Ensure we use conscrypt provider in tests
- Add workarounds for conscrypt bugs in testsuite

Result:

Use latest Conscrypt release
2020-04-28 09:50:05 +02:00
Fabien Renaud
c354fa48e1
HttpPostRequestDecoder: retain instead of copy when first buf is last (#10209)
Motivations
-----------
There is no need to copy the "offered" ByteBuf in HttpPostRequestDecoder
when the first HttpContent ByteBuf is also the last (LastHttpContent) as
the full content can immediately be decoded. No extra bookeeping needed.

Modifications
-------------
HttpPostMultipartRequestDecoder
 - Retain the first ByteBuf when it is both the first HttpContent offered
to the decoder and is also LastHttpContent.
 - Retain slices of the final buffers values

Results
-------
ByteBufs of FullHttpMessage decoded by HttpPostRequestDecoder are no longer
unnecessarily copied. Attributes are extracted as retained slices when
the content is multi-part. Non-multi-part content continues to return
Unpooled buffers.

Partially addresses issue #10200
2020-04-28 09:43:05 +02:00
feijermu
9751bb3ebc
Move up the size check in AbstractDiskHttpData.setContent. (#10222)
Motivation:

`AbstractHttpData.checkSize` may throw an IOException if we set the max size limit via `AbstractHttpData.setMaxSize`. However, if this exception happens, the `AbstractDiskHttpData.file` and the `AbstractHttpData.size` are still be modified. In other words, it may break the failure atomicity here.

Modification:

Just move up the size check.

Result:

Keep the failure atomicity even if `AbstractHttpData.checkSize` fails.
2020-04-28 09:34:33 +02:00
Fabien Renaud
4f72cdf233
Dns resolver: honor resolv.conf timeout, rotate and attempts options (#10207)
Motivations
-----------
DnsNameResolverBuilder and DnsNameResolver do not auto-configure
themselves uing default options define in /etc/resolv.conf.
In particular, rotate, timeout and attempts options are ignored.

Modifications
-------------
 - Modified UnixResolverDnsServerAddressStreamProvider to parse ndots,
attempts and timeout options all at once and use these defaults to
configure DnsNameResolver when values are not provided by the
DnsNameResolverBuilder.
 - When rotate option is specified, the DnsServerAddresses returned by
UnixResolverDnsServerAddressStreamProvider is rotational.
 - Amend resolv.conf options with the RES_OPTIONS environment variable
when present.

Result: 

Fixes https://github.com/netty/netty/issues/10202
2020-04-28 09:28:05 +02:00
Saranya Krishnakumar
5fa5ce34e1
Add check for DefaultFileRegion to calculate size of msg in AbstractTrafficShapingHandler (#10215)
Motivation:

Currently calculateSize method in AbstractTrafficShapingHandler calculates size for object of type ByteBuf or ByteBufHolder. Adding a check for FileRegion, makes it possible to do traffic shaping for FileRegion objects as well

Modification:

Check if object to be sent is of type FileRegion, if yes calculate the size using its count() method.


Co-authored-by: Dinesh Joshi <dinesh.joshi@apple.com>
2020-04-27 13:59:01 +02:00
feijermu
be28b266d5
Remove unused import in JsonObjectDecoder.java (#10213)
Motivation:

`io.netty.channel.ChannelHandler` is never used in JsonObjectDecoder.java.

Modification:

Just remove this unused import.

Result:

Make the JsonObjectDecoder.java's imports simple and clean.
2020-04-27 13:58:02 +02:00
feijermu
eb3721b971
Fix a potential fd leak in AbstractDiskHttpData.delete (#10212)
Motivation:

An unexpected IOException may be thrown from `FileChannel.force`. If it happens, the `FileChannel.close` may not be invoked.

Modification:

Place the `FileChannel.close` in a finally block.

Result:

Avoid fd leak.
2020-04-27 07:03:45 +02:00
Norman Maurer
9778f05e14
Update testsuite / pom.xml to be able to build with Java15 (#10210)
Motivation:

We need to make some slightly changes to be able to build on Java15 as some previous deprecated methods now throw UnsupportedOperationException

Modifications:

- Add code to handle UnsupportedOperationException
- Revert previous applied workaround for bug that was fixed in Java15
- Add maven profile

Result:

Be able to build with latest Java15 EA release
2020-04-27 06:27:54 +02:00
Norman Maurer
5a08dc0d9a
Add fastpath implementation for Unpooled.copiedBuffer(CharSequence, Charset) when UTF-8 or US-ASCII is used (#10206)
Motivation:

We can make use of our optimized implementations for UTF-8 and US-ASCII if the user request a copy of a sequence for these charsets

Modifications:

- Add fastpath implementation
- Add unit tests

Result:

Fixes https://github.com/netty/netty/issues/10205
2020-04-23 17:47:16 +02:00
wangxiyuan
660611c450
Add epoll aarch64 maven config and Dockerfile (#9804)
Motivation:

`transport-native-epoll` doesn't have ARM release package. 

Modification:

This PR added cross compile profile for epoll. Then we can easily build aarch64 package on X86 machine. 

Result:
Fixes #8279
2020-04-23 13:58:08 +02:00
Norman Maurer
0cf919c389
HTTP2: Guard against multiple ctx.close(...) calls with the same ChannelPromise (#10201)
Motivation:

Http2ConnectionHandler may call ctx.close(...) with the same promise instance multiple times if the timeout for gracefulShutdown elapse and the listener itself is notified. This can cause problems as other handlers in the pipeline may queue these promises and try to notify these later via setSuccess() or setFailure(...) which will then throw an IllegalStateException if the promise was notified already

Modification:

- Add boolean flag to ensure doClose() will only try to call ctx.close(...) one time

Result:

Don't call ctx.close(...) with the same promise multiple times when gradefulShutdown timeout elapses.
2020-04-23 11:25:39 +02:00
root
9c5008b109 [maven-release-plugin] prepare for next development iteration 2020-04-22 09:57:54 +00:00
root
d0ec961cce [maven-release-plugin] prepare release netty-4.1.49.Final 2020-04-22 09:57:26 +00:00
Norman Maurer
d0c2f6e8b3
Clarify exception message when ALPN is not supported (#10155)
Motivation:

We should provide more informations when ALPN is not supported and a user tries to use it.

Modifications:

- Use UnsupportedOperationException

Result:

Easier to debug ALPN problems
2020-04-22 08:07:27 +02:00
Norman Maurer
5cd00d22d9
Ensure we support ALPN when using java 8u251 (#10196)
Motivation:

ALPN support was backported to java 8 lately. Ensure we support it if the user uses the latest java 8 release

Modifications:

- Update logic to be able to detect if ALPN is supported out of the box when using Java8
- Update jetty alpn version

Result:

Be able to use ALPN out of the box when using java 8u251
2020-04-21 15:01:59 +02:00
Norman Maurer
232c669fa4
Guard against overflow when calling CompositeByteBuf.addComponent(...) (#10197)
Motivation:

We need to ensure we not overflow when adding buffers to a CompositeByteBuf

Modifications:

- Correctly validate overflow before adding to the internal storage
- Add testcase

Result:

Fixes https://github.com/netty/netty/issues/10194
2020-04-21 12:04:25 +02:00
feijermu
32e32fe98f
Fix a potential fd leak in AbstractDiskHttpData.setContent (#10198)
Motivation:

`RandomAccessFile.setLength` may throw an IOException. We must deal with this in case of the occurrence of `I/O` error.

Modification:

Place the `RandomAccessFile.setLength` method call in the `try-finally` block.

Result:

Avoid fd leak.
2020-04-21 10:54:09 +02:00
jrhee17
37948bc9de
Add support for HAProxyMessageEncoder (#10175)
Motivation:

Add support for HAProxyMessageEncoder.
This should help java based HAProxy server implementations propagate proxy information.

Modification:

Add public constructors for `HAProxyMessage`, `HAProxyTLV`, `HAProxySSLTLV`.
Add additional argument checks for `HAProxyMessage` and modify exceptions thrown when creating via public constructors directly.
Introduce a `@Sharable` `HAProxyMessageEncoder` which encodes a `HAProxyMessage` into a byte array.
Add an example `HAProxyServer` and `HAProxyClient` to `io.netty.example`


Result:

Fixes #10164
2020-04-16 09:35:06 +02:00
Norman Maurer
2c78b4c84f
Correctly propagate exceptions from inbound operations in all cases (#10176)
Motivation:

In AbstractChannelHandlerContext we had some code where we tried to guard against endless loops caused by exceptions thrown by exceptionCaught(...) that would trigger exceptionCaught again. This code was proplematic for two reasons:
 - It is quite expensive as we need to compare all the stacks
 - We may end up not notify another handlers exceptionCaught(...) if in our exeuction stack we triggered actions that will cause an exceptionCaught somewhere else in the pipeline

Modifications:

- Just remove the detection code as we already handle everything correctly when we invoke exceptionCaught(...)
- Add unit tests

Result:

Ensure we always notify correctly and also fixes performance issue reported as https://github.com/netty/netty/issues/10165
2020-04-16 08:56:45 +02:00
Norman Maurer
6dad12defa
Add workaround for possible classloader deadlock when trying to load JNI code (#10190)
Motivation:

netty_epoll_linuxsocket_JNI_OnLoad(...) may produce a deadlock with another thread that will load IOUtil in a static block. This seems to be a JDK bug which is not yet fixed. To workaround this we force IOUtil to be loaded from without java code before init the JNI code

Modifications:

Use Selector.open() as a workaround to load IOUtil

Result:

Fixes https://github.com/netty/netty/issues/10187
2020-04-16 08:40:59 +02:00
Linas Medžiūnas
fb5e2cd3aa
Efficient BytBuf search algorithms (#9914) (#9955)
Motivation:

We have found out that ByteBufUtil.indexOf can be inefficient for substring search on
ByteBuf, both in terms of algorithm complexity (worst case O(needle.readableBytes *
haystack.readableBytes)), and in constant factor (esp. on Composite buffers).
With implementation of more performant search algorithms we have seen improvements on
the order of magnitude.

Modifications:

This change introduces three search algorithms:
1. Knuth Morris Pratt - classical textbook algorithm, a good default choice.
2. Bit mask based algorithm - stable performance on any input, but limited to maximum
search substring (the needle) length of 64 bytes.
3. Aho–Corasick - worse performance and higher memory consumption than [1] and [2], but
it supports multiple substring (the needles) search simultaneously, by inspecting every
byte of the haystack only once.

Each algorithm processes every byte of underlying buffer only once, they are implemented
as ByteProcessor.

Result:

Efficient search algorithms with linear time complexity available in Netty (I will share
benchmark results in a comment on a PR).
2020-04-15 10:21:24 +02:00
时无两丶
ff6d2e4949
Remove duplicate code in PoolArena. (#10174)
Motivation:

Remove duplicate code in PoolArena.

Modification:

Replace duplicate code with `tinyIdx` and `smallIdx`.

Result:

Clean code.
2020-04-15 09:29:23 +02:00
feijermu
17f205fab3
Close the FileChannel in case of an IOException in AbstractDiskHttpData.addContent. (#10188)
Motivation:

`FileChannel.force` may throw an IOException. A fd leak may happen here.

Modification:

Close the fileChannel in a finally block.

Result:

Avoid fd leak.
2020-04-15 09:24:26 +02:00
Norman Maurer
4c9d7492fb
CodecOutputList should be recycled in a finally block (#10186)
Motivation:

To ensure we always recycle the CodecOutputList we should better do it in a finally block

Modifications:

Call CodecOutputList.recycle() in finally

Result:

Less chances of non-recycled lists. Related to https://github.com/netty/netty/issues/10183
2020-04-15 09:08:19 +02:00
feijermu
1b3e1985b4
Release the channel attribute--REOPEN_TASK after removing the TrafficShapingHandler from channel pipeline. (#10177)
Motivation:

The `AbstractTrafficShapingHandler` caches the `ReopenReadTimerTask` instance in the channel attribute. However, if this handler is removed from the channel pipeline, this `ReopenReadTimerTask` instance may not be released.

Modification:

Release the channel attribute `REOPEN_TASK` in `handlerRemoved` method.

Result:

Avoid a channel attribute leak.
2020-04-15 08:52:08 +02:00
Cenjie Ho
2d4d64dc42
Add the unit test of ChannelOutboundBuffer (#10180)
Motivation:

Parameter maxCount needs the unit test.

Modifications:

1. Change the conditional statement to avoid the ineffective maxCount (enhance the robustness of the code merely).
2. Add the unit test for maxCount.

Result:

Enable this parameter to be tested.
2020-04-15 08:22:51 +02:00
Norman Maurer
b996bf2151
Update Bouncycastle dependency (#10185)
Motivation:

We should update our optional bouncycastle dependency to ensure we use the latest which has all the security fixes

Modifications:

Update bouncycastle version

Result:

Fixes https://github.com/netty/netty/issues/10184
2020-04-14 14:23:45 +02:00
Stephane Landelle
d5e42f8553
Log protocol version during handshake (#10178)
Motivation:

Only cipher suite is logged during handshake. Picked protocol is interesting too.

Modification:

Log protocol as well.

Result:

More interesting information when debugging TLS handshakes.
2020-04-14 10:48:43 +02:00