10354 Commits

Author SHA1 Message Date
Stephan H. Wissel
7c955a19dc
Redirect Log4J 1.x to Log 2.x (#11264)
Removes flag by Whitesource vulnerability scanner

Motivation:

WhiteSource vulnerability scan flags the Log4J 1.x stream as vulnerable.

Modification:

Replaced reference to `log4j` with `log4j-1.2-api`
Ran `mvn test` (on a Mac) successfully

Result:

Fixes #11263
2021-05-18 12:42:48 +02:00
Norman Maurer
72db32a801
Don't include netty-examples as dependency for netty-all (#11273)
Motivation:

We shouldn't include netty-examples as dependency for netty-all as this will try to pull in all sorts of dependencies which are optional.

Modifications:

Remove dependency on netty-examples

Result:

Related to https://github.com/netty/netty/issues/11272
2021-05-18 11:44:30 +02:00
Trustin Lee
3972bacd60
Provide a way to pass through a certain HTTP upgrade request (#11267)
Motivation:

A user might want to handle a certain HTTP upgrade request differently
than what `HttpServerUpgradeHandler` does by default. For example, a
user could let `HttpServerUpgradeHandler` handle HTTP/2 upgrades but
not WebSocket upgrades.

Modifications:

- Added `HttpServerUpgradeHandler.isUpgrade(HttpRequest)` so a user can
  tell `HttpServerUpgradeHandler` to pass the request as it is to the
  next handler.

Result:

- A user can handle a certain upgrade request specially.
2021-05-18 11:42:38 +02:00
Norman Maurer
6f193193ea
Upgrade logback dependency due CVE (#11271)
Motivation:

Older version of logback are affected by [CVE-2017-5929]. While its an optional dependency we should upgrade

Modifications:

Upgrade to 1.2.3

Result:

No more reports about using affected logback version
2021-05-18 11:40:57 +02:00
Norman Maurer
cc28ec2b92
Remove usage of non-existing ci profile (#11270)
Motivation:

c443bc40fa997262b9057c8c50e205e73099c7e3 removed the CI profile but we missed to adjust the docker-compose.yaml file

Modifications:

Remove -Pci as the profile doesn't exist anymore

Result:

No more warning during build
2021-05-18 11:40:27 +02:00
Norman Maurer
6e866317d2
Ensure we can load the native library or fail the build (#11262)
Motivation:

We used assumeTrue(...) in some places before to detect if we could load the native library but this could lead to the sitation that we not notice if we break native loading.

Modifications:

Always fail if we cant load the native library

Result:

Ensure we not cause any regression in the native loading code in the future
2021-05-18 08:14:32 +02:00
Norman Maurer
8a03a1db7d
Ensure we fail if native lib can not be loaded on macos (#11261)
Motivation:

ccca3959fd64b133edca855925fb68d077c3a8a2 fixed a regression which caused the native resolver code to not be loaded but this was not reported by the tests.

Modifications:

Adjust tests to actually fail the build if we cant load the native lib

Result:

Ensure we don't introduce another regression in the future
2021-05-18 08:13:39 +02:00
Violeta Georgieva
ccca3959fd
Fix loading of the native library for DNS resolutions on MacOS (#11260)
Motivation:

Cannot load the native library for DNS resolutions on MacOS.
The exception below is observed:

18:02:43.453 [Test worker] ERROR i.n.r.d.DnsServerAddressStreamProviders - Unable to load io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider, fallback to system defaults. This may result in incorrect DNS resolutions on MacOS.
java.lang.reflect.InvocationTargetException: null
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
	at io.netty.resolver.dns.DnsServerAddressStreamProviders.<clinit>(DnsServerAddressStreamProviders.java:64)
	at io.netty.resolver.dns.DnsNameResolverBuilder.<init>(DnsNameResolverBuilder.java:60)
	at reactor.netty.transport.NameResolverProvider.newNameResolverGroup(NameResolverProvider.java:432)
...
Caused by: java.lang.UnsatisfiedLinkError: io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider.resolvers()[Lio/netty/resolver/dns/macos/DnsResolver;
	at io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider.resolvers(Native Method)
	at io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider.retrieveCurrentMappings(MacOSDnsServerAddressStreamProvider.java:127)
	at io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider.<init>(MacOSDnsServerAddressStreamProvider.java:123)

This is a regression made with #11239

Modification:

When checking for OS, an exception must be thrown when the OS is not MacOS

Result:

The native library for DNS resolutions on MacOS can be loaded
2021-05-17 20:16:25 +02:00
Norman Maurer
a273c231fd
Add profile for generating javadocs and xref files (#11259)
Motivation:

When changing the netty-all artifact to not include any sources we also removed the ability to generate the javadocs / xref files for our website

Modifications:

- Add new profile which will generate the files
- Add script which generates all the files and copy these over to the netty-website

Result:

Easier to generate files for website
2021-05-17 20:11:22 +02:00
old driver
5178b2c7a5
make Slf4JLoggerFactory be singleton (#11253)
Motivation:

The current initialization of Slf4JLoggerFactory is not singleton.

Modification:

Use Slf4JLoggerFactory.INSTANCE to initialize Slf4JLoggerFactory.

Result:

The instance of Slf4JLoggerFactory became a singleton.
2021-05-17 09:10:15 +02:00
Netty Project Bot
d5c81d9a3e [maven-release-plugin] prepare for next development iteration 2021-05-17 07:04:14 +00:00
Netty Project Bot
67bedf0efe [maven-release-plugin] prepare release netty-4.1.64.Final netty-4.1.64.Final 2021-05-17 07:04:08 +00:00
Norman Maurer
c22642629d Add script to copy apidocs and xref to netty-website
Motivation:

After the release was done we need to also copy the apidocs and xref to the netty-website

Modifications:

Add script that does the copy etc

Result:

Less manual steps to remember
2021-05-17 09:01:17 +02:00
Norman Maurer
060889da5d Fix another typo in the release workflow 2021-05-17 08:44:36 +02:00
Norman Maurer
9ca4e21ea0 Fix typo in release workflow 2021-05-14 15:34:33 +02:00
Norman Maurer
78050c59ab
Don't create a new ParserImpl on each parser() call (#11255)
Motivation:

ParserImpl is stateless and so we can use the same instance multiple times

Modifications:

- Make constructor private
- Return the same instance all the time

Result:

Less object creation
2021-05-14 15:19:04 +02:00
Wu Zhiguo
265b2ea9bc
Fix typo in DnsCodecUtil class (#11252)
Motivation:

There is a typo in the javadocs

Modification:

correct grammar mistakes

Result:

cleanup
2021-05-14 10:02:17 +02:00
Violeta Georgieva
fa8f7a3510
Add DefaultHostsFileEntriesResolver#addresses to provide all hosts file's entries for a hostname (#11246)
Motivation:
DefaultHostsFileEntriesResolver should provide all hosts file's entries for a hostname when
DnsNameResolver#resolveAll as opposed to the current implementation where only the first
entry is taken into consideration

Modification:
- Add DefaultHostsFileEntriesResolver#addresses to provide all hosts file's entries for a hostname
- Add HostsFileEntriesProvider to provide all hosts file's entries for a hostname and to keep
backwards compatibility for HostsFileEntries and HostsFileParser
- DnsNameResolver#resolveAll uses the new DefaultHostsFileEntriesResolver#addresses
- BlockHound configuration: replace HostsFileParser#parse with HostsFileEntriesProvider$ParserImpl#parse
as the latter does the parsing
- Add junit tests

Result:
Fixes #10834

* Address feedback
2021-05-14 09:50:42 +02:00
Aayush Atharva
11e6a77fba
Change asterisk to 'x' in FQDN of SelfSignedCertificate (#11245)
Motivation:

`SelfSignedCertificate` creates a certificate and private key files and store them in a temporary directory. However, if the certificate uses a wildcard hostname that uses asterisk *, e.g. `*.shieldblaze.com`, it'll throw an error because * is not a valid character in the file system.

Modification:
Replace the asterisk with 'x'

Result:
Fixes #11240
2021-05-12 19:32:31 +02:00
Norman Maurer
c443bc40fa
Use MAVEN_OPTS to setup timeouts for dependency downloads (#11250)
Motivation:

Just use MAVEN_OPTS to setup all the timeouts etc for dependency downloads. This way we at least can be sure these are applied.

Modifications:

- Use MAVEN_OPTS
- Remove ci profile
- Remove unused settings.xml file
- Always use ./mvnw

Result:

Build stability improvements
2021-05-12 18:02:35 +02:00
Norman Maurer
d0b7f76b9b
Use tasks by default when using openssl based SSL provider (#11242)
Motivation:

We introduced the ability to offload certain operations to an executor that may take some time to complete. At the moment this is not enabled by default when using the openssl based SSL provider. Let's enable it by default as we have this support for some while now and didnt see any issues yet. This will also make things less confusing and more consistent with the JDK based provider.

Modifications:

Use true as default value for io.netty.handler.ssl.openssl.useTasks.

Result:

Offloading works with openssl based SSL provider as well by default
2021-05-12 15:01:02 +02:00
Norman Maurer
da2f7a414e Cleanup test classes
Motivation:

We had some println left in the test-classes.

Modifications:

Remove println usage

Result:

Cleanup
2021-05-12 14:39:50 +02:00
Norman Maurer
52dfe6c2c0
Fix java version for java16 (#11243)
Motivation:

When trying to compile with java16 we should use adopt@1.16*

Modifications:

- Use adopt@1.16.0-1-
- Upgrade to blockhoud 1.0.6 to be able to support java16

Result:

Use correct java version / flavor
2021-05-12 14:03:59 +02:00
Norman Maurer
c83601167f
Correctly setup cache to be able to make use of different restore keys (#11248)
Motivation:

We should setup the caching so it will be able to use different restore keys and so almost never need to start from scratch

Modifications:

Adjust caching config to make use of different restore keys for maven caching but also docker caching

Result:

Better cache usage
2021-05-12 11:41:03 +02:00
Norman Maurer
d984d4422c
Use the same maven cache for all (#11241)
Motivation:

We should use the same maven cache for all builds so we can re-use as much of the downloaded maven dependencies as possible

Modifications:

- Just use the same cache for all

Result:

Hopefully be able to re-use most of the dependencies
2021-05-11 14:07:15 +02:00
Norman Maurer
00fd4ea264
Disable TLSv1 and TLSv1.1 by default (#11237)
Motivation:

TLSv1 and TLSv1.1 is considered insecure. Let's follow the JDK and disable these by default

Modifications:

- Disable TLSv1 and TLSv1.1 by default when using OpenSSL.
- Add unit tests

Result:

Use only strong TLS versions by default when using OpenSSL
2021-05-11 10:43:40 +02:00
Norman Maurer
57a70c5d83
Update conscrypt and add workaround for test failure (#11238)
Motivation:

Conscrypt not correctly filters out non support TLS versions which may lead to test failures.

Related to https://github.com/google/conscrypt/issues/1013

Modifications:

- Bump up to latest patch release
- Add workaround

Result:

No more test failures caused by conscrypt
2021-05-11 10:40:54 +02:00
Idel Pivnitskiy
3ecb32357c
Use PlatformDependent#normalizedOs() instead of reading os.name prop (#11239)
Motivation:

`PlatformDependent#normalizedOs()` already caches normalized variant of
the value of `os.name` system property. Instead of inconsistently
normalizing it in every case, use the utility method.

Modifications:

- `PlatformDependent`: `isWindows0()` and `isOsx0()` use `NORMALIZED_OS`;
- `PlatformDependent#normalizeOs(String)` define `darwin` as `osx`;
- `OpenSsl#loadTcNative()` does not require `equalsIgnoreCase` bcz `os`
is already normalized;
- Epoll and KQueue: `Native#loadNativeLibrary()` use `normalizedOs()`;
- Use consistent `Locale.US` for lower case conversion of `os.name`;
- `MacOSDnsServerAddressStreamProvider#loadNativeLibrary()` uses
`PlatformDependent.isOsx()`;

Result:

Consistent approach for `os.name` parsing.
2021-05-11 08:52:29 +02:00
Ivan
0d009033eb
Re-order list of resolvers according to their searchOrder (#11236)
Motivation:
Mac OS specific DNS resolver fails to take into account search order
of resolvers causing wrong resolver being used is some circumstances

Modifications:
Re-order array of resolvers using their sort order as an ordering key.
Final order is opposite of the search order to make sure that resolver
with the lower sort order goes last (so it overrides previous one
in the `resolverMap`).

Result:
Fixes issue https://github.com/netty/netty/issues/11225
2021-05-11 08:48:29 +02:00
Stephane Landelle
400858cd5e
Introduce BrotliDecoder (#10960)
Motivation:

Netty lacks client side support for decompressing Brotli compressed response bodies.

Modification:

* Introduce optional dependency to brotli4j by @hyperxpro. It will be up to the user to provide the brotli4j libraries for the target platform in the classpath. brotli4j is currently available for Linux, OSX and Windows, all for x86 only.
* Introduce BrotliDecoder in codec module
* Plug it onto `HttpContentDecompressor` for HTTP/1 and `DelegatingDecompressorFrameListener` for HTTP/2
* Add test in `HttpContentDecoderTest`
* Add `BrotliDecoderTest` that doesn't extend `AbstractDecoderTest` that looks flaky

Result:

Netty now support decompressing Brotli compressed response bodies.
2021-05-10 15:25:24 +02:00
Norman Maurer
86762030cf
Use profile for overriding properties when building on the CI (#11232)
Motivation:

0f252139189c3d528bea280172f7f57e2abe9b52 introduced some properties that were used to make builds more stable on the ci. All of these properties were duplicated everywhere, this made it hard to maintain

Modifications:

- Add profile which sets the properties.
- Just use the profile when build on the ci

Result:

Easier to maintain custom properties for the ci build
2021-05-07 18:24:54 +02:00
Norman Maurer
0f25213918
Workaround frequent connection reset / timeout on CI (#11231)
Motivation:

It seems like it is a known issue that maven frequently sees connection reset / connection timeout during CI builds. We should workaround these issues like others did:

- https://github.com/kiegroup/kie-wb-common/pull/3416

Modifications:

Add extra maven options during build to reduce the likelyness of timeouts / resets

Result:

More stable builds
2021-05-07 13:40:31 +02:00
chenqwwq
b8a5148569
Simplify ByteToMessageDecoder#callDecode (#11224)
Motivation:
After the if case, outSize is always 0, so we can simplify the code.

Modification:
Simplify code by not updating and using `isEmpty()`.

Result:
Clearer than before
2021-05-07 11:37:30 +02:00
skyguard1
bb7b05be01
Add explicit null checks in OpenSslX509KeyManagerFactory (#11230)
Motivation:

We should add explicit null checks so its easier for people to understand why it throws.

Modification:

Add explicit checkNotNull(...)

Result:

Easier to understand for users why it fails.

Signed-off-by: xingrufei <xingrufei@sogou-inc.com>

Co-authored-by: xingrufei <xingrufei@sogou-inc.com>
2021-05-07 11:22:27 +02:00
terrarier2111
2bcd03f788
Improved exception messages in MqttVersion (#11228)
Motivation:
When checking the latest commit i saw some bad exception messages in MqttVersion hence i improved them.

Modification:

Improved exception messages in MqttVersion.

Result:

Better exception messages in MqttVersion.
2021-05-06 11:28:00 +02:00
skyguard1
84356bbeb0
Add default block in MqttVersion (#11226)
Motivation:

Fix switch case fall through, add default block in MqttVersion

Modification:

Fix switch case fall through, add default block in MqttVersion

Result:

Code cleanup


Signed-off-by: xingrufei <xingrufei@sogou-inc.com>

Co-authored-by: xingrufei <xingrufei@sogou-inc.com>
2021-05-06 08:09:27 +02:00
Norman Maurer
574e079381
Update to use maven 3.8.1 (#11223)
Motivation:

We use an old version of maven atm.

Modifications:

Update to maven 3.8.1

Result:

Use latest maven release when compiling
2021-05-05 18:37:59 +02:00
Chris Vest
03c2644c19
Bump initial timeouts in SSLEngineTest (#11221)
Motivation:
We've seen (very rare) flaky test failures due to timeouts.
They are too rare to analyse properly, but a theory is that on overloaded, small cloud CI instances, it can sometimes take a surprising amount of time to start a thread.
It could be that the event loop thread is getting an unlucky schedule, and takes seconds to start, causing the timeouts to elapse.

Modification:
Increase the initial timeouts in the SSLEngineTest, that could end up waiting for the event loop thread to start.
Also fix a few simple warnings from Intellij.

Result:
Hopefully we will not see these tests be flaky again.
2021-05-05 15:14:23 +02:00
Ben Evans
7b9a97a81f Only fall back to CNAME on A/AAAA queries (#11216)
Motivation:

DNS resolver falls back to trying CNAME if no records found, but should
only try this for A/AAAA queries. Does not make sense for other query
types, results in a redundant CNAME query that is just going to fail.

Modification:

Check query type before deciding to try CNAME. Only proceed if type is A
or AAAA.

Added unit test to verify CNAME is only tried after A/AAAA queries.

Result:

Fixes #11214.
2021-05-04 07:45:30 +02:00
Idel Pivnitskiy
4010769051
Decrease visibility of Http2FrameCodecBuilder default ctor to protected (#11220)
Motivation:

`Http2FrameCodecBuilder` defines static factory methods `forClient()`
and `forServer()` that should be used to create a new instance.
The default ctor is useful only when users need to override behavior
of the existing builder. Those users should define another way to create
an instance.

Modifications:

- Decrease visibility of `Http2FrameCodecBuilder` default ctor from
`public` to `protected`;
- Add javadoc to clarity responsibilities;

Result:

Users of `Http2FrameCodecBuilder` are not confused why
`new Http2FrameCodecBuilder().build()` works for the server-side, but
does not work for the client-side.
2021-05-03 22:32:16 -07:00
Norman Maurer
dccdecc7f4
Update from JDK15 to JDK16 (#11218)
Motivation:

The last non-LTS release is JDK16 now.

Modifications:

Update from JDK15 to JDK16 for building as this is the last non-LTS release atm

Result:

Build with latest non-LTS release as well
2021-05-03 18:15:37 +02:00
Craig Andrews
612ab58448
Don't bundle all netty dependencies into netty-all (#11202)
Motivation:

netty-all already depends on the other netty-* packages so there's no need to also bundle them.

The duplicated classes cause classpath issues, particularly with Java > 8, which reports errors like this:
The package io.netty.buffer is accessible from more than one module: io.netty.all, io.netty.buffer

Modifications:

- Removed bundling tasks from netty-all's maven pom.xml

Result:

- netty-all no longer bundles all classes. Instead, classes are provided by expressed dependencies.

Fixes #4671
2021-05-03 15:53:03 +02:00
Norman Maurer
6b3ec62e6e
Preload classes before calling native OnLoad function to prevent clas… (#11215)
Motivation:

It turns out it is quite easy to cause a classloader deadlock in more recent java updates if you cause classloading while you are in native code. Because of this we should just workaround this issue by pre-load all the classes that needs to be accessed in the OnLoad function.

Modifications:

- Preload all classes that would otherwise be loaded by native OnLoad functions.

Result:

Workaround for https://github.com/netty/netty/issues/11209 and https://bugs.openjdk.java.net/browse/JDK-8266310
2021-05-03 10:22:22 +02:00
Norman Maurer
617c26d344
Update java versions (#11217) 2021-05-01 12:35:47 +02:00
Norman Maurer
0bd9d43b18
Move HttpPostMultiPartRequestDecoder specific tests to HttpPostMultiPartRequestDecoderTest (#11211)
Motivation:

Some of the HttpPostMultiPartRequestDecoder specific tests were included in HttpPostRequestDecoderTest. We should better move these in the correct test class.

Modifications:

Move specific tests

Result:

Cleanup
2021-04-29 16:00:39 +02:00
Frédéric Brégier
e7330490e3
Fix Memory release not correctly in Multipart Decoder (#11188)
Motivation:
2 years ago a change remove the default clearing of all HttpData, whatever
they are disk based or memory based.

A lot of users were probably releasing HttpData directly, so there was no issue.
But now, it seems, and as the Javadoc said, that `decoder.destroy()` shall clean up
also Memory based HttpData, and not only Disk based HttpData as currently.

Change:
- Add in `destroy()` method the necessary code to release if necessary
the underlying Memory based HttpDatas.

- Change one Junit Test (using Mixed, Memory and Disk based factories)
in order to check the correctness of this behavior and to really act
as a handler (releasing buffers or requests).

- Modify one Junit core to check validity when a delimiter is present in the Chunk
but not CRLF/LF (false delimiter), to ensure correctness.

Result:
No more issue on memory leak

Note that still the List and the Map are not cleaned, since they were not
before. No change is done on this, since it could produce backward issue compatibility.

Fix issues #11175 and #11184
2021-04-29 12:13:45 +02:00
Violeta Georgieva
c0708fc464
Verify SslHandler#unwrap send fireChannelRead event after a notification for a handshake success (#11203)
Motivation:

#11210 fixed a regression caused by #11156. This change adds a unit test for it.

Modifications:

- Add test

Result:

Verify fix in #11210 

Co-authored-by: Norman Maurer <norman_maurer@apple.com>
2021-04-29 12:12:43 +02:00
Nitesh Kant
63352b135a
Improve Http2FrameCodecBuilder usability (#11195)
__Motivation__

 `Http2FrameCodecBuilder` constructor calls `server()` internally which disallows using certain methods on the builder later. Additionally, the constructor is package private which limits extension of the `Builder` as well as usage outside the available `forClient()` and `forServer()` static methods.

 __Modification__

 - Introduce a `public` no-arg constructor to `Http2FrameCodecBuilder`.

 __Result__

 `Http2FrameCodecBuilder` can now be used to create the codec with `Http2Connection` or `Http2ConnectionDecoder` and `Http2ConnectionEncoder` which was earlier not possible due to implicit call to `server()` by the `Http2FrameCodecBuilder` constructor.
2021-04-29 10:26:44 +02:00
Scott Mitchell
d0fea48604
ReferenceCountedOpenSslEngine unwrap handshake complete status fix (#11210)
Motivation:
ReferenceCountedOpenSslEngine may unwrap data and complete the handshake
in a single unwrap() call. However it may return HanshakeStatus of
HandshakeStatus of NEED_UNWRAP instead of FINISHED. This may result in
the SslHandler sending the unwrapped data up the pipeline before
notifying that the handshake has completed, and result in out-of-order
events.

Modifications:
- if ReferenceCountedOpenSslEngine handshake status is NEED_UNWRAP and
  produced data, or NEED_WRAP and consumed some data, we should call
  handshake() to get the current state.

Result:
ReferenceCountedOpenSslEngine correctly indicates when the handshake has
finished if at the same time data was produced or consumed.
2021-04-29 09:56:01 +02:00
skyguard1
c32c520edd
Before throwing TooLongFrameException,should skip the bytes to be read in MqttDecoder (#11204)
Motivation:

Before throwing TooLongFrameException, should call the skipBytes method to skip the bytes to be read

Modification:
- skip bytes before throw

Result:
Actually skip the bytes when we detect too much data

Signed-off-by: xingrufei <xingrufei@sogou-inc.com>

Co-authored-by: xingrufei <xingrufei@sogou-inc.com>
2021-04-29 08:13:11 +02:00