6635 Commits

Author SHA1 Message Date
Scott Mitchell
f6bfecc822 Revert JDK GCM direct buffer crash workaround
Motivation:
Commit 108dc23cab13eea074397f0ade80859da4744323 introduced a workaround due to a JDK crash when GCM cipher was used during an unwrap operation. Attempting to reproduce this issue with the latest JDK (1.8.0_72-b15) demonstrate that this issue no longer exists while it can be reliably reproduced on earlier JDKs (1.8.0_25-b17 and earlier)

Modifications:
- Remove the copy-to-heap-buffer workaround for JDK engine

Result:
Fixes https://github.com/netty/netty/issues/3256
2016-02-17 19:53:30 -08:00
Norman Maurer
c64fe509dd Ensure read components can be discarded when COMPOSITE_CUMULATOR is used.
Motivation:

ByteToMessageDecoder must ensure that read components of the CompositeByteBuf can be discard by default when discardSomeReadBytes() is called. This may not be the case before as because of the default maxNumComponents that will cause consolidation.

Modifications:

Ensure we not do any consolidation to actually be abel to discard read components

Result:

Less memory usage and allocations.
2016-02-17 19:51:29 -08:00
Norman Maurer
4f460a1680 Upgrade to netty-tcnative-1.1.33.Fork13
Motivation:

netty-tcnative-1.1.33.Fork was released, we should upgrade. Also we should skip renegotiate tests if boringssl is used because boringssl does not support renegotiation.

Modifications:

- Upgrade to netty-tcnative-1.1.33.Fork13
- Skip renegotiate tests if boringssl is used.

Result:

Use newest version of netty-tcnative and be able to build if boringssl is used.
2016-02-17 08:17:13 -08:00
Scott Mitchell
9f5b2c51b7 ByteToMessageDecoder ChannelInputShutdownEvent support
Motivation:
b714297a44ced34643fa60ca854f1880d02ba649 introduced ChannelInputShutdownEvent support for HttpObjectDecoder. However this should have been added to the super class ByteToMessageDecoder, and ByteToMessageDecoder should not propegate a channelInactive event through the pipeline in this case.

Modifications:
- Move the ChannelInputShutdownEvent handling from HttpObjectDecoder to ByteToMessageDecoder
- ByteToMessageDecoder doesn't call ctx.fireChannelInactive() on ChannelInputShutdownEvent

Result:
Half closed events are treated more generically, and don't get translated into a channelInactive pipeline event.
2016-02-12 16:29:00 -08:00
Norman Maurer
b6882a5d52 Ensure handlerAdded(...) and handlerRemoved(...) is always called from the right thread
Motiviation:

We should ensure that handlerAdded(...) and handlerRemoved(...) is always called from the EventExecutor that also invokes the other methods of the ChannelHandler. Also we need to ensure we always call handlerAdded(...) before any other method can be calld to ensure correct ordering.

Motifications:

- Ensure that the right thread is used to call the methods
- Ensure correct ordering
- Add tests

Result:

Respect the thread-model for handlerAdded(...) and handlerRemoved(...) and preserve correct ordering in all cases.
2016-02-12 14:30:33 -08:00
Scott Mitchell
eb0724d7f5 Leak Detector disclosing when records dropped
Motivation:
ResourceLeakDetector enforces a limit as to how large the queue is allowed to grow for stack traces in order to keep memory from growing too large. However it is not always clear when records are dropped, or how many have been dropped. This can make interpreting leak reports more difficult if you assume all information is present when it may not be. Also we should increase the limit (currently 4) when running tests on the CI servers.

Modifications:
- Increase leak detector record limit on CI servers from 4 to 32.
- Track how many records have been discarded and disclose this in the leak report.

Result:
Leak reports clarify how many records were dropped, and how to increase the limit.
2016-02-12 09:58:10 -08:00
Scott Mitchell
8ddba82fce ByteBufUtil.writeUtf8 not consistent with String.getBytes(Charset)
Motivation:
f750d6e36c80e88fb302c99b5b7413e5649e6738 added support for surrogates in the writeUtf8 conversion. However exceptions are thrown if invalid input is detected, but the JDK (and slow path of writeUtf8) uses a replacement character and does not throw. We should behave the same way.

Modificiations:
- Don't throw in ByteBufUtil.writeUtf8, and instead use a replacement character consistent with the JDK

Result:
ByteBufUtil.writeUtf8 behavior is consistent with the JDK UTF_8 conversion.
2016-02-11 08:27:22 -08:00
Norman Maurer
f4798edc07 Remove invalid return
Motivation:

JNI_OnUnload(...) does not return anything (has void in its signature) so we should not try to return something.

Modifications:

Remove return.

Result:

Fix incorrect but harmless code.
2016-02-10 16:48:17 -08:00
Xiaoyan Lin
85d0c9b573 Add unescapeCsv to StringUtil
Motivation:

See #3435

Modifications:

Add unescapeCsv to StringUtil

Result:

StringUtil has the counter part of escapeCsv: unescapeCsv
2016-02-08 14:35:44 -08:00
Scott Mitchell
1bd4b702be HttpObjectDecoder configurable initial buffer size
Motivation:
The initial buffer size used to decode HTTP objects is currently fixed at 128. This may be too small for some use cases and create a high amount of overhead associated with resizing/copying. The user should be able to configure the initial size as they please.

Modifications:
- Make HttpObjectDecoder's AppendableCharSequence initial size configurable

Result:
Users can more finely tune initial buffer size for increased performance or to save memory.
Fixes https://github.com/netty/netty/issues/4807
2016-02-07 21:27:40 -08:00
Scott Mitchell
2b3b36b818 EPOLL dladdr unexpected return value
Motivation:
netty_epoll_native.c uses dladdr in attempt to get the name of the library that the code is running in. However the address passed to this funciton (JNI_OnLoad) may not be unique in the context of the application which loaded it. For example if another JNI library is loaded this address may first resolve to the other JNI library and cause the path name parsing to fail, which will cause the library to fail.

Modifications:
- Pass an addresses which is local to the current library to dladdr

Result:
EPOLL JNI library can be loaded in an environment where multiple JNI libraries are loaded.
Fixes https://github.com/netty/netty/issues/4840
2016-02-06 19:42:30 +01:00
Norman Maurer
5e96112811 Epoll.isAvailable() must return false if sun.misc.Unsafe is not present.
Motivation:

Currently our epoll native transport requires sun.misc.Unsafe and so we need to take this into account for Epoll.isAvailable().

Modifications:

Take into account if sun.misc.Unsafe is present.

Result:

Only return true for Epoll.isAvailable() if sun.misc.Unsafe is present.
2016-02-06 09:59:28 +01:00
Norman Maurer
9df2540da7 Add maven profile to run tests with -Dio.netty.noUnsafe=true
Motivation:

We had reports of failures before when sun.misc.Unsafe was not present. We should run our tests also with it disable to ensure everything works even if sun.misc.Unsafe is not present on the system.

Modifications:

Add a new profile which allows to run tests without Unsafe (using -PnoUnsafe)

Result:

Better testing of netty for systems where sun.misc.Unsafe is not present.
2016-02-06 09:57:52 +01:00
Norman Maurer
f0149080e3 [#4793] Correctly add newlines when encode base64
Motivation:

We not correctly added newlines if the src data needed to be padded. This regression was introduced by '63426fc3ed083513c07a58b45381f5c10dd47061'

Modifications:

- Correctly handling newlines
- Add unit test that proves the fix.

Result:

No more invalid base64 encoded data.
2016-02-06 09:56:32 +01:00
Scott Mitchell
711303d9d8 Update jetty-alpn-agent version
Motivation:
Builds fail with java 1.8.0_72 because jetty-alpn-boot has absorbed new code from openjdk and older version are now incompatible.

Modifications:
- Updated jetty-alpn-agent version

Result:
We can now build/develop using java 1.8.0_72
2016-02-06 09:54:53 +01:00
Jon Chambers
1d854cd967 Allow InputStreams for key/trust managers in SslContextBuilder
Motivation:

Sometimes it's easier to get keys/certificates as `InputStream`s than it is to
get an actual `File`. This is especially true when operating in a container
environment and `getResourceAsInputStream` is the best way to load resources
packaged with an application.

Modifications:

- Add read-from-`InputStream` methods to `PemReader`
- Allow `SslContext` to get keys/certificates from `InputStreams`
- Add `InputStream`-based setters for key/trust managers to `SslContextBuilder`

Result:

Callers may pass an `InputStream` instead of a `File` to `SslContextBuilder`.
2016-02-05 14:40:16 -08:00
Norman Maurer
121f963b2f Fix possible testfailure due not waiting on Channel.close() (introduced by e220c568232fe9b479e3ac7a5b66f5a97dcc2c39) 2016-02-05 12:29:16 +01:00
Norman Maurer
701832bec3 [#4828] OpenSslContext throws UnsupportedOperationException when Unsafe not available
Motivation:

OpenSslContext constructor fails with a UnsupportedOperationException if Unsafe is not present on the system.

Modifications:

Make OpenSslContext work also when Unsafe is not present by fallback to using JNI to get the memory address.

Result:

Using OpenSslContext also works on systems without Unsafe.
2016-02-05 09:25:47 +01:00
Norman Maurer
c161e526b9 [#4841] Fix segfault if UnpooledUnsafeHeapByteBuf.getShort(..) is used and UNALGINED access is not possible.
Motivation:

We missed to take the byte[] into account when try to access the bytes and so produce a segfault.

Modifications:

Correctly pass the byte[] in.

Result:

No more segfault.
2016-02-05 09:24:01 +01:00
Norman Maurer
027e8224e4 [#4805] Respect isAutoRead() once re-register Channel
Motivation:

When a channel was registered before and is re-registered we need to respect ChannelConfig.isAutoRead() and so start reading one the registration task completes. This was done "by luck" before 15162202fb82e2293624a86bfc27a9c5c35960be.

Modifications:

Explicit start reading once a Channel was re-registered if isAutoRead() is true.

Result:

Correctly receive data after re-registration completes.
2016-02-04 15:34:06 +01:00
Norman Maurer
64d1eea608 Correctly pass ChannelPromise on to the next ChannelOutboundHandler when use CombinedChannelDuplexHandler.
Motivation:

Due a regression introduced by e969b6917c848c83f02617386f0f73d8f0e130a2 we missed to pass the original ChannelPromise to the next ChannelOutboundHandler and so
may never notify the origin ChannelPromise. This is related to #4805.

Modifications:

- Correctly pass the ChannelPromise
- Add unit test.

Result:

Correctly pass the ChannelPromise on deregister(...)
2016-02-04 15:32:38 +01:00
Norman Maurer
d5a8b65700 [#4754] Correctly detect websocket upgrade
Motivation:

If the Connection header contains multiple values (which is valid) we fail to detect a websocket upgrade

Modification:

- Add new method which allows to check if a header field contains a specific value (and also respect multiple header values)
- Use this method to detect handshake

Result:

Correct detect handshake if Connection header contains multiple values (seperated by ',').
2016-02-04 14:22:02 +01:00
Norman Maurer
d0b0e028d0 [#4533] Ensure replacement of decoder is delayed after finishHandshake() is called
Motivation:

If the user calls handshake.finishHandshake() we need to ensure that the user has the chance to setup the pipeline before any WebSocketFrames are read. Because of this we need
to delay the removal of the HttpRequestDecoder.

Modifications:

- Remove the HttpRequestDecoder via the EventLoop and so delay it which gives the user a chance to setup the pipeline after finishHandshake() completes
- Add unit test for this.

Result:

Less surpising and correct behaviour even if the http response and websocket frame are received in one read operation.
2016-02-04 14:00:25 +01:00
Scott Mitchell
7e057de98b Native EPOLL Library Allows Shading
Motivation:
If Netty's class files are renamed and the type references are updated (shaded) the native libraries will not function. The native epoll module uses implicit JNI bindings which requires the fully qualified java type names to match the method signatures of the native methods. This means EPOLL cannot be used with a shaded Netty.

Modifications:
- Make the JNI method registration dynamic
- support a system property io.netty.packagePrefix which must be prepended to the name of the native library (to ensure the correct library is loaded) and all class names (to allow classes to be correctly referenced)
- remove system property io.netty.native.epoll.nettyPackagePrefix which was recently added and the code to support it was incomplete

Result:
transport-native-epoll can be used when Netty has been shaded.
Fixes https://github.com/netty/netty/issues/4800
2016-02-03 14:40:52 -08:00
Norman Maurer
4f42079627 Enable SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER when using OpenSslContext
Motivation:

We need to enable SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER when using OpenSslContext as the memory address of the buffer that is passed to OpenSslEngine.wrap(...) may change during calls and retries. This is the case as
if the buffer is a heap-buffer we will need to copy it to a direct buffer to hand it over to the JNI layer. When not enable this mode we may see errors like: 'error:1409F07F:SSL routines:SSL3_WRITE_PENDING: bad write retry'.
Related to https://github.com/netty/netty-tcnative/issues/100.

Modifications:

Explitict set mode to SSL.SSL_MODE_RELEASE_BUFFERS | SSL.SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER . (SSL.SSL_MODE_RELEASE_BUFFERS was used before implicitly).

Result:

No more 'error:1409F07F:SSL routines:SSL3_WRITE_PENDING: bad write retry' possible when writing heap buffers.
2016-02-03 11:29:47 +01:00
Norman Maurer
0b9ff2af3a [#4746] Support SNI when using OpenSSL
Motivation:

When using SslProvider.OPENSSL we currently not handle SNI on the client side.

Modifications:

Correctly enable SNI when using clientMode and peerHost != null.

Result:

SNI works even with SslProvider.OPENSSL.
2016-02-03 10:50:45 +01:00
fu.jian
dd2f9f9acb fix the issue netty#2944 in 4.0 #4809
Motivation:

fix the issue netty#2944

Modifications:

(1) use - instead of =>, use ! instead of :> due to the connection is bidirectional. What's more, toString() method don't know the direction or there is no need to know the direction when only log channel information.
(2) add L: before local address and R: before remote address.

Result:

after the fix, toString() won't confuse the user.
2016-02-02 21:42:45 +01:00
Scott Mitchell
998b8a8cb9 CompositeByteBuf.addComponent always assume reference count ownership
Motivation:
The current interface for CompositeByteBuf.addComponent is not clear under what conditions ownership is transferred when addComponent is called. There should be a well defined behavior so that users can ensure that no leaks occur.

Modifications:
- CompositeByteBuf.addComponent should always assume reference count ownership

Result:
Users that call CompositeByteBuf.addComponent do not have to independently check if the buffer's ownership has been transferred and if not independently release the buffer.
Fixes https://github.com/netty/netty/issues/4760
2016-02-02 11:38:55 -08:00
liuzhengyang
8d04c43cb6 Fix spelling in javadocs and field name.
Motivation:

Fix a spell mistake.

Modifications:

Change 'treshold' to 'threshold'

Result:

The spellchecker warnings of the IDE disappeared.
2016-02-01 12:05:21 +01:00
Norman Maurer
7522cade65 Allow to specify tcnative artifactId and verion to allow run tests easily with different tcnative flavors
Motivation:

As we now can easily build static linked versions of tcnative it makes sense to run our netty build against all of them.
This helps to ensure our code works with libressl, openssl and boringssl.

Modifications:

Allow to specify -Dtcnative.artifactId= and -Dtcnative.version=

Result:

Easy to run netty build against different tcnative flavors.
2016-01-29 22:25:03 +01:00
Norman Maurer
b647513b6b [maven-release-plugin] prepare for next development iteration 2016-01-29 09:57:10 +01:00
Norman Maurer
cf1777b619 [maven-release-plugin] prepare release netty-4.0.34.Final netty-4.0.34.Final 2016-01-29 09:23:46 +01:00
Trustin Lee
84b9516ac5 Do not throw IndexOutOfBoundsException on an invalid SSL record
Motivation:

When an SSL record contains an invalid extension data, SniHandler
currently throws an IndexOutOfBoundsException, which is not optimal.

Modifications:

- Do strict index range checks

Result:

No more unnecessary instantiation of exceptions and their stack traces
2016-01-29 08:07:19 +01:00
Norman Maurer
ba381f1a27 Ensure ChannelHandler.handlerAdded(...) is always called as first method of the handler
Motivation:

If a user adds a ChannelHandler from outside the EventLoop it is possible to get into the situation that handlerAdded(...) is scheduled on the EventLoop and so called after another methods of the ChannelHandler as the EventLoop may already be executing on this point in time.

Modification:

- Ensure we always check if the handlerAdded(...) method was called already and if not add the currently needed call to the EventLoop so it will be picked up after handlerAdded(...) was called. This works as if the handler is added to the ChannelPipeline from outside the EventLoop the actual handlerAdded(...) operation is scheduled on the EventLoop.
- Some cleanup in the DefaultChannelPipeline

Result:

Correctly order of method executions of ChannelHandler.
2016-01-28 14:40:51 +01:00
Norman Maurer
52ba4f4ec7 Correctly handle wildcard address when bind to socket and using native transport
Motivation:

When a wildcard address is used to bind a socket and ipv4 and ipv6 are usable we should accept both (just like JDK IO/NIO does).

Modifications:

Detect wildcard address and if so use in6addr_any

Result:

Correctly accept ipv4 and ipv6
2016-01-28 14:07:45 +01:00
Scott Mitchell
cf2e829a0e SslHandler should call beginHanshake once for the initial handshake
Motivation:
Not all SSLEngine implementations permit beginHandshake being called while a handshake is in progress during the initial handshake. We should ensure we only go through the initial handshake code once to prevent unexpected exceptions from being thrown.

Modifications:
- Only call beginHandshake if there is not currently a handshake in progress

Result:
SslHandler's handshake method is compatible with OpenSSLEngineImpl in Android 5.0+ and 6.0+.
Fixes https://github.com/netty/netty/issues/4718
2016-01-28 13:27:45 +01:00
Norman Maurer
3c254a7210 [#4722] Ensure the whole certificate chain is used when creating SslContext for client mode and SslProvider.OPENSSL is used
Motivation:

We incorrectly added the trustCertChain as certificate chain when OpenSslClientContext was created. We need to correctly add the keyCertChain.

Modifications:

Correctly add whole keyCertChain.

Result:

SSL client auth is working when usin OpenSslClientContext and more then one cert is contained in the certificate chain.
2016-01-28 08:54:58 +01:00
Norman Maurer
fd7df34d47 Fix SSLEngineTest handshake method.
Motivation:

We used && in the handshake method of SSLEngineTest but it must be ||.

Modifications:

Changed && to ||

Result:

Correctly check condition
2016-01-27 08:58:36 +01:00
houdejun214
aa43c10403 Set default CONTENT_TYPE when it is absent in multipart request body
Motivation:

I am use netty as a http server, it fail to decode some POST request when the request absent Content-Type in the multipart/form-data body.

Modifications:

Set content_type with default application/octet-stream to parse the uploaded file data when the Content-Type is absent in multipart request body

Result:

Can decode the http request as normal.
2016-01-26 10:17:07 +01:00
Xiaoyan Lin
7bf3792e6f Fix ChannelOutboundHandlerAdapter javadoc
Motivation:

ChannelOutboundHandlerAdapter's javadoc has some minor issues.

Modifications:

Fix the minor javadoc issues and resolves #4752.

Result:

ChannelOutboundHandlerAdapter's javadoc issues are fixed.
2016-01-26 10:13:43 +01:00
Brendt Lucas
357720ea77 Clear disabled SSL protocols before enabling provided SSL protocols
Motivation:

Attempts to enable SSL protocols which are currently disabled fail when using the OpenSslEngine. Related to https://github.com/netty/netty/issues/4736

Modifications:

Clear out all options that have disabled SSL protocols before attempting to enable any SSL protocol.

Result:

setEnabledProtocols works as expected.
2016-01-22 17:33:14 +01:00
Xiaoyan Lin
5466f68f78 Change 64 to 63 in Snappy.decodeLiteral
Motivation:

According to https://github.com/google/snappy/blob/master/format_description.txt#L55 , Snappy.decodeLiteral should handle the cases of 60, 61, 62 and 63. However right now it processes 64 instead of 63. I believe it's a typo since `tag >> 2 & 0x3F` must be less than 64.

Modifications:

Use the correct value 63.

Result:

Snappy.decodeLiteral handles the correct case.
2016-01-21 09:59:44 +01:00
Norman Maurer
ae6c74d51a Ensure we flush out all pending data on SslException. Related to [#3900]
Motivation:

We need to ensure we flush out all pending data when an SslException accours so the remote peer receives all alerts.

Modifications:

Ensure we call ctx.flush() when needed.

Result:

Correctly receive alerts in all cases on the remote peer.
2016-01-20 19:56:05 +01:00
Scott Mitchell
92896bd7bd PlatformDependent static initialization ExceptionInInitializerError
Motivation:
PlatformDependent allows some exceptions to escape during static initialization. If an exception escapes it will be translated into a java.lang.ExceptionInInitializerError and render the application unable to run.

Modifications:
- Make sure to catch Throwable during static initialization.

Result:
PlatformDependent static initialization doesn't result in java.lang.ExceptionInInitializerError.
2016-01-20 06:04:32 -08:00
Norman Maurer
ef2cf4625d [#4725] Ensure correct cause of handshake error is included in the SSLHandshakeException when using OpenSslEngine.
Motivation:

We need to ensure we add the correct handshake error to the SSLHandshakeException before throwing it when failing the
handshake.

Modifications:

Use the correct error string when creating the SSLHandshakeException.

Result:

Correct SSLHandshakeException message included.
2016-01-20 13:35:28 +01:00
Norman Maurer
18765a3bf7 [#4017] Implement proper resource leak detection for CompositeByteBuf
Motivation:

CompositeByteBuf only implemented simple resource leak detection and how it was implemented was completly different to the way it was for ByteBuf. The other problem was that slice(), duplicate() and others would not return a resource leak enabled buffer.

Modifications:

- Proper implementation for all level of resource leak detection for CompositeByteBuf

Result:

Proper resource leak detection for CompositeByteBuf.
2016-01-18 10:50:12 +01:00
Norman Maurer
d7d64137e0 Let CombinedChannelDuplexHandler correctly handle exceptionCaught. Related to [#4528]
Motivation:

ChannelInboundHandler and ChannelOutboundHandler both can implement exceptionCaught(...) method and so we need to dispatch to both of them.

Modifications:

- Correctly first dispatch exceptionCaught to the ChannelInboundHandler but also make sure the next handler it will be dispatched to will be the ChannelOutboundHandler
- Add removeInboundHandler() and removeOutboundHandler() which allows to remove one of the combined handlers

Result:

Correctly handle events
2016-01-18 10:09:07 +01:00
Norman Maurer
8bfbb35979 Ensure connectPromise is not notified before fireChannelActive() is called.
Motivation:

Our contract in Channels is that the promise should always be notified before the actual callbacks of the ChannelInboundHandler are called. This was not done in the LocalChannel and so the behavior was different to other Channel implementations.

Modifications:

- First complete the ChannelPromise then call fireChannelActive()
- Guard against NPE when doClose() was called before the task was executed.

Result:

Consistent behavior between LocalChannel and other Channel implementations.
2016-01-18 09:28:56 +01:00
Scott Mitchell
53323530c1 Native Transport Netty Class Package Prefix
Motivation:
transport-native-epoll finds java classes from JNI using fully qualified class names. If a shaded version of Netty is used then these lookups will fail.

Modifications:
- Allow a prefix to be appended to Netty class names in JNI code.

Result:
JNI code can be used with shaded version of Netty.
2016-01-15 12:56:27 -08:00
Norman Maurer
95b1705711 [#4694] Ensure native transport can also be compiled on 32bit systems.
Motivation:

We should also be able to compile the native transport on 32bit systems.

Modifications:

Add cast to intptr_t for pointers

Result:

It's possible now to also compile on 32bit.
2016-01-15 10:55:08 +01:00