Commit Graph

9743 Commits

Author SHA1 Message Date
Norman Maurer
ae0fbb45e4
Ensure the DefaultChannelHandlerContext is unlinked once removed (#9970)
Motivation:

At the moment the next / prev references are not set to "null" in the DefaultChannelHandlerContext once the ChannelHandler is removed. This is bad as it basically let users still use the ChannelHandlerContext of a ChannelHandler after it is removed and may produce very suprising behaviour.

Modifications:

- Fail if someone tries to use the ChannelHandlerContext once the ChannelHandler was removed (for outbound operations fail the promise, for inbound fire the error through the ChannelPipeline)
- Fix some handlers to ensure we not use the ChannelHandlerContext after the handler was removed
- Adjust DefaultChannelPipeline / DefaultChannelHandlerContext to fixes races with removal / replacement of handlers

Result:

Cleanup behaviour and make it more predictable for pipeline modifications
2020-03-01 08:13:33 +01:00
Ning Xie
302cb737f3 fix snappy crc32c checksum (#10048)
Motivation:

The Snappy crc32c checksum produced by SnappyFrameEncoder maybe failed to be validated on other languages snappy decoder, such as golang/snappy.

Modification: 

- make the 4-byte cast later after the mask operation. Because whether retaining the higher 4-7 bytes in a long java type will make difference in (checksum >> 15 | checksum << 17) + 0xa282ead8 result.

Result:

Checksum correctly calculated
2020-02-27 09:04:00 +01:00
Norman Maurer
a1c5eb938c Add SslHandshakeTimeoutException and use it for handshake timeouts (#10062)
Motivation:

Often it is useful to be able to detect different sorts of SSL errors that cause the handshake to fail. To make this easier we should throw and explicit exception type for handshake timeouts.

Modifications:

- Add SslHandshakeTimeoutException (which extends SSLHandshakeException) and use it for handshake timeouts
- Adjust testcases

Result:

Easier to detect that handshake failed because of a timeout
2020-02-27 09:01:06 +01:00
Norman Maurer
1c28cf3a14 Correctly calculate the produced bytes in all cases when calling Refe… (#10063)
Motivation:

We did not correctly account for produced bytes when SSL_write(...) returns -1 in all cases. This could lead to lost data and so a corrupt SSL connection.

Modifications:

- Always ensure we calculate the produced bytes correctly
- Add unit tests

Result:

Fixes https://github.com/netty/netty/issues/10041
2020-02-27 08:55:25 +01:00
feijermu
32970dc3d7 Add test cases for ImmediateExecutor. (#10060)
Motivation:

ImmediateExecutor needs more test cases.

Modification:

Add several test cases for ImmediateExecutor.

Result:

Improve test coverage slightly.
2020-02-26 11:08:28 +01:00
Norman Maurer
4a07f1cd10 More strict parsing of initial line / http headers (#10058)
Motivation:

Our parsing of the initial line / http headers did treat some characters as separators which should better trigger an exception during parsing.

Modifications:

- Tighten up parsing of the inital line by follow recommentation of RFC7230
- Restrict separators to OWS for http headers
- Add unit test

Result:

Stricter parsing of HTTP1
2020-02-26 10:01:41 +01:00
feijermu
447a3f2d83 Add a null check to method TestUtils.compressHeapDumps (#10053)
Motivation:

java.io.File.listFiles() may return null and cause a unexpected NPE.

Modification:

Add a null check for variable files. And if variable files is null, the compressHeapDumps method will just return after logging a error message.

Result:

Fix the potential NPE.
2020-02-25 09:44:22 +01:00
Norman Maurer
639f5c9d48 NetworkInterface.getByInetAddress() may return null on Android platform (#10056)
Motivation:

NetworkInterface.getByInetAddress() may return null on Android. This is incorrect by the API but still happens. To help our users we should provide a workaround

Modifications:

Just return an empty Enumeration when null is returned.

Result:

Fixes https://github.com/netty/netty/issues/10045
2020-02-25 09:37:54 +01:00
feijermu
9be003eb19 Replace the type of fragments field with IntObjectMap in SctpMessageCompletionHandler (#10057)
Motivation:

The type IntObjectMap with the key of primitive int can help lower the cost of boxing and unboxing,  and improve performance. I think it's more suitable for fragments field in SctpMessageCompletionHandler.java.

Modification:

Just replace the type of fragments field with IntObjectMap.

Result:
Improve performance slightly while decoding sctp message.
2020-02-24 20:02:35 +01:00
Norman Maurer
7542f1f13c Correctly calculate the initial size of the LinkedHashMap during DefaultChannelGroup.write* (#10055)
Motivation:

We should not include the number of ServerChannel that are part of the DefaultChannelGroup when specify the initial size of the LinkedHashMap

Modifications:

Only use the number of the non ServerChannel

Result:

Reduce memory-footprint
2020-02-24 19:31:23 +01:00
Norman Maurer
e33c5f3a89 Update to netty-tcnative 2.0.29.Final (#10044)
Motivation:

A new release of netty-tcnative is out

Modifications:

Update to latest version

Result:

Use latest netty-tcnative
2020-02-24 09:25:58 +01:00
Norman Maurer
59414bfa8c Workaround Android bug that cause AbstractDnsRecord to throw when the name is only a ROOT label (#10039)
Motivation:

Having only the ROOT label (".") as the name is valid, but Android 9 and prior does not correctly handle the case. We should add a workaround for it.

Modifications:

Detect if we are on Android and if so check if the name is the ROOT label and if so just return the name without trying to convert it

Result:

Fixes https://github.com/netty/netty/issues/10034
2020-02-18 15:11:06 +01:00
Norman Maurer
b2dbd4cedf Don't depend on implementation details of SSLEngine in SniHandlerTest (#10037)
Motivation:

In SniHandlerTest we depended on implementation details of the SSLEngine. We should better not doing this

Modifications:

Just release all outbound data

Result:

Dont depend on implementation details
2020-02-18 15:05:23 +01:00
feijermu
2d714c247a Add a null check to method HttpStaticFileServerHandler.sendListing (#10040)
Motivation:

java.io.File.listFiles() may return null and cause a unexpected NPE.

Modification:

Extract a local variable from the return value of File.listFiles() and do a null check.

Result:

Fix the potential NPE.
2020-02-18 15:04:43 +01:00
Norman Maurer
8a343a24e9 Correctly handle lifecycle of clientHello ByteBuf in SslClientHelloHandler (#10030)
Motivation:

Due incorrectly handling of reference count of the clientHello ByteBuf we may overrelease the buffer. This did show up in the log of a test:

11:55:16.595 [main] DEBUG i.n.h.ssl.SslClientHelloHandler - Unexpected client hello packet: 16030100bd010000b90303a74225676d1814ba57faff3b3663656ed05ee9dbb2a4dbb1bb1c32d2ea5fc39e0000000100008c0000001700150000164348415434e380824c45414e434c4f5544e38082434e000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f0010001100230000000d0020001e060106020603050105020503040104020403030103020303020102020203000f00010133740000
io.netty.util.IllegalReferenceCountException: refCnt: 0, decrement: 1
	at io.netty.util.internal.ReferenceCountUpdater.toLiveRealRefCnt(ReferenceCountUpdater.java:74)
	at io.netty.util.internal.ReferenceCountUpdater.release(ReferenceCountUpdater.java:138)
	at io.netty.buffer.AbstractReferenceCountedByteBuf.release(AbstractReferenceCountedByteBuf.java:100)
	at io.netty.handler.ssl.SslClientHelloHandler.releaseIfNotNull(SslClientHelloHandler.java:181)
	at io.netty.handler.ssl.SslClientHelloHandler.select(SslClientHelloHandler.java:225)
	at io.netty.handler.ssl.SslClientHelloHandler.decode(SslClientHelloHandler.java:149)
	at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:498)
	at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:437)
	at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
	at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355)
	at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377)
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
	at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
	at io.netty.channel.embedded.EmbeddedChannel.writeInbound(EmbeddedChannel.java:343)
	at io.netty.handler.ssl.SniHandlerTest.testNonAsciiServerNameParsing(SniHandlerTest.java:297)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
	at org.junit.internal.runners.statements.ExpectException.evaluate(ExpectException.java:19)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
	at org.junit.runners.Suite.runChild(Suite.java:128)
	at org.junit.runners.Suite.runChild(Suite.java:27)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
	at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
	at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68)
	at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47)
	at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242)
	at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70)

Modifications:

Correctly transfer lifetime of buffer and so not over-release it.

Result:

Correctly handle buffer lifecycle and so not swallow the original exception
2020-02-15 18:28:01 +01:00
Subba Rao Pasupuleti
f3916f784e Adding pipeline rename handler tests (#10028)
Motivation:

Current pipeline handler replace tests are replacing handler with same name.
we need test that test handler can renamed, old handlers are removed from pipeline.

Modification:

There is coverage missing related to renaming of handlers

Result:

Adds missing tests

Co-authored-by: phani254 <phani254@yahoo.com>
2020-02-14 17:02:40 +01:00
feijermu
9cbfcf39da Add a null check to NetUtil. sysctlGetInt(...) (#10027)
Motivation:

BufferedReader.readLine() may return null and cause a NPE.

Modification:

Simply add a null check.

Result:

If BufferedReader.readLine() returns null, the sysctlGetInt will just return null rather than cause NPE.
2020-02-14 09:12:14 +01:00
Norman Maurer
0cd4109f64 java.security.AccessControlException: access denied ("java.io.FilePermission" "/etc/os-release" "read") (#10018)
Motivation:

Modifications:

- Wrap the code and execute with an AccessController
- Ignore SecurityException (by just logging it)
- Add some more debug logging

Result:

Fixes https://github.com/netty/netty/issues/10017
2020-02-13 12:02:02 +01:00
Hyunjin Choi
6980e0de65 Change String comparison to equals() from == (#10022)
Motivation:

Even if it was stored in the string constant pool, I thought it was safe to compare it through the Equals() method.

Modification:

So, I changed "==" comparison to equals() comparison

Result:

It has become safer to compare String values with different references and with the same values.
2020-02-13 09:57:30 +01:00
Norman Maurer
064ab7afa8 Remove System.out.println(...) in test (#10024)
Motivation:

We did had some System.out.println(...) call in a test which seems to be some left-over from debugging.

Modifications:

Remove System.out.println(...)

Result:

Code cleanup
2020-02-13 08:43:09 +01:00
Norman Maurer
2eb49866d2 HTTP/2 child channel may discard flush when done from an arbitrary thread (#10019)
Motivation:

We need to carefully manage flushes to ensure we not discard these by mistake due wrongly implemented consolidation of flushes.

Modifications:

- Ensure we reset flag before we actually call flush0(...)
- Add unit test

Result:

Fixes https://github.com/netty/netty/issues/10015
2020-02-11 16:04:00 +01:00
Vitaly Buka
df4fd115df Fix of undefined behavior of null referencing (#10016)
Motivation:

Current code depends on some "undefined behaviour".

Modification:

Fix of undefined behavior of null referencing

Result:

Correct c code.
2020-02-11 09:57:25 +01:00
Norman Maurer
7e156b1e62 Reduce scope of synchronized block introduced in 5114588cba (#10013)
Motivation:

We should keep the scope of the synchronized block as small as possible.

Modifications:

Reduce scope by copy to an array first before iterate through it

Result:

Smaller scope of synchronized
2020-02-10 19:31:17 +01:00
Bennett Lynch
f4d1df9c57 Remove "Content-Length" when decoding HTTP/1.1 message with both "Tra… (#10003)
Motivation

As part of a recent commit for issue
https://github.com/netty/netty/issues/9861 the HttpObjectDecoder was
changed to throw an IllegalArgumentException (and produce a failed
decoder result) when decoding a message with both "Transfer-Encoding:
chunked" and "Content-Length".

While it seems correct for Netty to try to sanitize these types of
messages, the spec explicitly mentions that the Content-Length header
should be *removed* in this scenario.

Both Nginx 1.15.9 and Tomcat 9.0.31 also opt to remove the header:
b693d7c198/java/org/apache/coyote/http11/Http11Processor.java (L747-L755)
0ad4393e30/src/http/ngx_http_request.c (L1946-L1953)

Modifications

* Change the default behavior from throwing an IllegalArgumentException
to removing the "Content-Length" header
* Extract the behavior to a new protected method,
handleChunkedEncodingWithContentLength(), that can be overridden to
change this behavior (or capture metrics)

Result

Messages of this nature will now be successfully decoded and have their
"Content-Length" header removed, rather than creating invalid messages
(decoder result failures). Users will be allowed to override and
configure this behavior.
2020-02-10 10:43:38 +01:00
Bryce Anderson
00bf0a854c DefaultHttp2ConnectionDecoder notifies frame listener before connection of GOAWAYS (#10009)
Motivation:

Users of the DefaultHttp2ConnectionDecodcer are notified of inbound GoAwayFrames
after the connection has already closed any ignored streams, potentially
losing the signal that some streams may have been ignored by the peer and
are thus retryable.

Modifications:

Reorder the notifications of the frame and connection listeners to
propagate the frame first, giving the frame listeners the opportunity to
clean up ignored streams in their own way.

Result:
Fixes #9986
2020-02-10 10:40:10 +01:00
Jon Chambers
48f56ff6af Clear listeners when AddressResolverGroups close. (#10011) (#10012)
Motivation:

When an `AddressResolverGroup` closes, it can leave unwanted listeners attached to its `EventExecutor`'s termination future.

Modifications:

- Keep track of listeners attached to termination futures
- Clear listeners if the `AddressResolverGroup` closes before its associated executor(s)

Result:

Unwanted listeners no longer remain in memory after an `AddressResolverGroup` closes before its associated executor(s).
2020-02-10 07:48:11 +01:00
Norman Maurer
8ab4adcc56 FixedCompositeByteBuf.isDirect() may return wrong value when constructed with empty array (#10005)
Motivation:

FixedCompositeByteBuf.isDirect() should return the same value as EMPTY_BUFFER.isDirect() when constructed via an empty array

Modifications:

- Return correct value when constructed via empty array.
- Add unit test

Result:

FixedCompositeByteBuf.isDirect() returns correct value
2020-02-08 17:05:44 +01:00
Norman Maurer
2c3833472a Update to Blockhound 1.0.2 (#10007)
Motivation:

A new version of blockhound was released today

Modifications:

Upgrade to latest blockhound version

Result:

Use latest blockhound release
2020-02-08 17:04:51 +01:00
Norman Maurer
f39e741206 ClearTextHttp2ServerUpgradeHandler can be merged with inner PriorKnowledgeHandler (#10008)
Motivation:

ClearTextHttp2ServerUpgradeHandler is currently more complex then needed. We can simplify it by directly implement the prior-knowledge logic as part of the handler.

Modifications:

Merge inner PriorKnowledgeHandler logic into ClearTextHttp2ServerUpgradeHandler by extending ByteToMessageDecoder directly

Result:

Cleaner code and less pipeline operations
2020-02-08 09:26:14 +01:00
Ruwei
6cd9617311 add AUTH & EMPTY to SmtpCommand (#9999)
Motivation:
AUTH command is used to login to a SMTP server.
EMPTY command is for request with only parameter.

Modifications:
Add AUTH & EMPTY to SmtpCommand & SmtpRequests
Update SmtpRequestEncoder#writeParameters, handle SP according to
command
Add unit test

Result:
fix #9995
2020-02-07 14:30:16 +01:00
Norman Maurer
98cf4cf565 Ensure ChannelOptions are applied in the same order as configured in Http2StreamChannelBootstrap (#9998) (#10001)
Motivation:

https://github.com/netty/netty/pull/9848 changed how we handled ChannelOptions internally to use a ConcurrentHashMap. This unfortunally had the side-effect that the ordering may be affected and not stable anymore. Here the problem is that sometimes we do validation based on two different ChannelOptions (for example we validate high and low watermarks against each other). Thus even if the user specified the options in the same order we may fail to configure them.

Modifications:

- Use again a LinkedHashMap to preserve order

Result:

Apply ChannelOptions in correct and expected order
2020-02-07 09:19:10 +01:00
Norman Maurer
e7e999373f Ensure ChannelOptions are applied in the same order as configured in *Bootstrap (#9998)
Motivation:

https://github.com/netty/netty/pull/9458 changed how we handled ChannelOptions internally to use a ConcurrentHashMap. This unfortunally had the side-effect that the ordering may be affected and not stable anymore. Here the problem is that sometimes we do validation based on two different ChannelOptions (for example we validate high and low watermarks against each other). Thus even if the user specified the options in the same order we may fail to configure them.

Modifications:

- Use again a LinkedHashMap to preserve order
- Add unit test

Result:

Apply ChannelOptions in correct and expected order
2020-02-06 09:18:52 +01:00
Konrad Beckmann
4db1bdacb9 Copy IPV6-mapped-IPV4 addresses correctly in native code (#9996)
Motivation:

8dc6ad5 introduced IPV6-mapped-IPV4 address support but
copied the addresses incorrectly. It copied the first
4 bytes of the ipv6 address to the address byte array
at offset 12, instead of the other way around.

7a547aa implemented this correctly in netty_unix_socket.c
but it seems the change should've been applied to
netty_epoll_native.c as well.

The current behaviour will always set the address to
`0.0.0.0`.

Modifications:

Copy the correct bytes from the ipv6 mapped ipv4 address.
I.e. copy 4 bytes at offset 12 from the native address
to the byte array `addr` at offset 0.

Result:

When using recvmmsg with IPV6-mapped-IPV4 addresses,
the address will be correctly copied to the byte array
`addr` in the NativeDatagramPacket instance.
2020-02-05 15:41:16 +01:00
Norman Maurer
8304069a30 Add SslClientHelloHandler which allows to do something based on the S… (#9827)
Motivation:

Sometimes it is useful to do something depending on the Ssl ClientHello (like for example select a SslContext to use). At the moment we only allow to hook into the SNI extension but this is not enough.

Modifications:

Add SslClientHelloHandler which allows to hook into ClientHello messages. This class is now also the super class of AbstractSniHandler

Result:

More flexible processing of SSL handshakes
2020-02-05 14:57:05 +01:00
Norman Maurer
0d4af6d9da Fix incorrect property name in PooledByteBufAllocator
Motivation:

We hat a typo in the property name that is used in PooledByteBufAllocator.

Modifications:

Change from "...allocation.." to "...allocator.."

Result:

More consistent property naming
2020-02-05 14:40:08 +01:00
Artem Smotrakov
f760b6af84 Added tests for Transfer-Encoding header with whitespace (#9997)
Motivation:

Need tests to ensure that CVE-2020-7238 is fixed.

Modifications:

Added two test cases into HttpRequestDecoderTest which check that
no whitespace is allowed before the Transfer-Encoding header.

Result:

Improved test coverage for #9861
2020-02-05 14:34:14 +01:00
Norman Maurer
f2c335b770 Use latest checkstyle version for all artifact as well.
Motivation:

42aa7f0c58 did update the checkstyle version but missed that we declared it explicitly in the all artifact as well.

Modifications:

Remove explicit definition in the all artifact.

Result:

Use latest checkstyle version everywhere.
2020-02-05 10:10:23 +01:00
Norman Maurer
1e5ea69ecd Update checkstyle to 8.29 and netty-build to 26
Motivation:

A new checkstyle version was released which fixes a security vulnerability.

Modifications:

- Update to latest checkstyle version
- Update netty-build to latest version to be compatible with latest checkstyle version

Result:

No more security vulnerability caused by checkstyle during build
2020-02-03 18:25:05 +01:00
Norman Maurer
e6e21578fe
DefaultChannelPipeline.removeLast() / removeFirst() does not call handlerRemoved(...) (#9982)
Motivation:

Due a bug in DefaultChannelPipeline we did not call handlerRemoved(...) if the handlers was removed via removeLast() or removeFirst()

Modifications:

- Correctly implement removeLast() / removeFirst()
- Add unit tests

Result:

handlerRemoved(...) always called on removal
2020-02-03 10:37:30 +01:00
Rich DiCroce
fa7e69bf30 Allow a limit to be set on the decompressed buffer size for ZlibDecoders (#9924)
Motivation:
It is impossible to know in advance how much memory will be needed to
decompress a stream of bytes that was compressed using the DEFLATE
algorithm. In theory, up to 1032 times the compressed size could be
needed. For untrusted input, an attacker could exploit this to exhaust
the memory pool.

Modifications:
ZlibDecoder and its subclasses now support an optional limit on the size
of the decompressed buffer. By default, if the limit is reached,
decompression stops and a DecompressionException is thrown. Behavior
upon reaching the limit is modifiable by subclasses in case they desire
something else.

Result:
The decompressed buffer can now be limited to a configurable size, thus
mitigating the possibility of memory pool exhaustion.
2020-01-31 12:17:45 +01:00
Ruwei
a6393c3d01 fix bug: scheduled tasks may not be executed (#9980)
Motivation:

If there was always a task in the taskQueue of GlobalEvenExecutor, scheduled tasks in the
scheduledTaskQueue will never be executed.

Related to  #1614

Modifications:

fix bug in GlobalEventExecutor#takeTask

Result:

fix bug
2020-01-31 11:10:21 +01:00
Johno Crawford
7413372c01 SSL / BlockHound works out of the box with the default SSL provider (#9969)
Motivation:

JDK is the default SSL provider and internally uses blocking IO operations.

Modifications:

Add allowBlockingCallsInside configuration for SslHandler runAllDelegate function.

Result:

When BlockHound is installed, SSL works out of the box with the default SSL provider.

Co-authored-by: violetagg <milesg78@gmail.com>
2020-01-30 11:50:15 +01:00
Norman Maurer
6a43807843
Use lambdas whenever possible (#9979)
Motivation:

We should update our code to use lamdas whenever possible

Modifications:

Use lambdas when possible

Result:

Cleanup code for Java8
2020-01-30 09:28:24 +01:00
Dmitriy Dumanskiy
6b6782ea01 Use compile time constants instead of status field in WebSocketServer/ClientProtocolConfig (#9976)
Motivation:

Avoid allocation of default static `WebSocketServerProtocolConfig` and `WebSocketClientProtocolConfig` configs. Prefer compile time constants instead.

Modification:

Static field with config object replaced with constructor with default fields.

Result:

No more default config allocation and static field for it. Compile time variables used instead.
2020-01-29 15:29:50 +01:00
Norman Maurer
e59c86cf7b Update to java8-242 (#9978)
Motivation:

A new java 8 version was released, lets use it

Modifications:

Update to java8-242

Result:

Use latest java8 version
2020-01-29 14:56:34 +01:00
Norman Maurer
a2bf0bfd7a SslHandler.wrap(...) must ensure it not loose the original exception when finishWrap(...) fails (#9974)
Motivation:

When SslHandler.finishWrap throws an exception, ensure that the promise and buf is not reused to avoid throwing IllegalArgumentException or IllegalReferenceCountException which causes the original exception to be lost.

Modification:

The change ensures that the values for the promise and bytebuf are nulled before calling finishWrap so that it will not be called again with the same arguments.

Result:

Fixes #9971 .

Co-authored-by: Norman Maurer <norman_maurer@apple.com>

Co-authored-by: Antony T Curtis <atcurtis@gmail.com>
2020-01-29 08:47:04 +01:00
Norman Maurer
b19958eda9 Remove usage of forbiddenHttpRequestResponder (#9941)
Motivation:

At the moment we add a handler which will respond with 403 forbidden if a websocket handshake is in progress (and after). This makes not much sense as it is unexpected to have a remote peer to send another http request when the handshake was started. In this case it is much better to let the websocket decoder bail out.

Modifications:

Remove usage of forbiddenHttpRequestResponder

Result:

Fixes https://github.com/netty/netty/issues/9913
2020-01-28 06:11:28 +01:00
Norman Maurer
a0ce45ac2f Use latest java 11 version when building via docker (#9968)
Motivation:

We should update the used java11 version when building via docker to the latest release

Modifications:

Update to 1.11.0-6

Result:

Use latest java11 version
2020-01-28 05:33:37 +01:00
Norman Maurer
699d3fcd54
Remove assert check that is not valid anymore now that an Channel is tied to an EventLoop from the beginning. (#9966)
Motivation:

Because we now tie and EventLoop to a Channel from the beginning its possible that we schedule something on it before the registration with the Selector is done. This can lead to AssertionErrors in the current form of the code like:

java.lang.AssertionError
	at io.netty.channel.nio.AbstractNioChannel.selectionKey(AbstractNioChannel.java:109)
	at io.netty.channel.nio.AbstractNioChannel$AbstractNioUnsafe.isFlushPending(AbstractNioChannel.java:344)
	at io.netty.channel.nio.AbstractNioChannel$AbstractNioUnsafe.flush0(AbstractNioChannel.java:332)
	at io.netty.channel.AbstractChannel$AbstractUnsafe.flush(AbstractChannel.java:855)
	at io.netty.channel.DefaultChannelPipeline$HeadHandler.flush(DefaultChannelPipeline.java:1253)
	at io.netty.channel.DefaultChannelHandlerContext.invokeFlush(DefaultChannelHandlerContext.java:747)
	at io.netty.channel.DefaultChannelHandlerContext.access$1300(DefaultChannelHandlerContext.java:38)
	at io.netty.channel.DefaultChannelHandlerContext$WriteAndFlushTask.write(DefaultChannelHandlerContext.java:1144)
	at io.netty.channel.DefaultChannelHandlerContext$AbstractWriteTask.run(DefaultChannelHandlerContext.java:1055)
	at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:360)
	at io.netty.channel.SingleThreadEventLoop.run(SingleThreadEventLoop.java:200)
	at io.netty.util.concurrent.SingleThreadEventExecutor.lambda$doStartThread$4(SingleThreadEventExecutor.java:855)
	at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:75)
	at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
	at java.lang.Thread.run(Thread.java:748)

Modifications:

Remove assert and add a few null checks.

Result:

No more java.lang.AssertionError.
2020-01-24 14:10:14 -08:00
Iván López
3117a43547 Initialize some classes at runtime to improve GraalVM support (#9963)
Motivation:

Deploying a Micronaut application as GraalVM native image to AWS Lambda with custom runtime fails when using Micronaut Http Client.

This PR initializes at runtime some classes needed to fix the issue. There is more information in our original issue in Micronaut https://github.com/micronaut-projects/micronaut-core/issues/2335#issuecomment-570151944

At this moment I've added those classes into Micronaut (b383d3ab14) as a workaround but this should be included in Netty so it's available for everyone.

Modification:

Mark 3 classes to be initialized at runtime for GraalVM.

Result:

Mark 3 classes to be initialized at runtime for GraalVM.
2020-01-24 06:41:05 -08:00