Author: cziegeler
Date: Tue Jul 11 08:26:08 2017
New Revision: 1801567
URL: http://svn.apache.org/viewvc?rev=1801567&view=rev
Log:
FELIX-5664 : Update Jetty to 9.3.20.v20170531 or 9.4.6.v20170531 to fix
CVE-2017-9735Adjust ittest to R6 implementation
Modified:
felix/trunk/http/itest/src/test/java/org/apache/felix/http/itest/EventListenerTest.java
felix/trunk/http/itest/src/test/java/org/apache/felix/http/itest/HttpServiceRuntimeTest.java
felix/trunk/http/jetty/pom.xml
felix/trunk/http/jetty/src/main/java/org/apache/felix/http/jetty/internal/JettyActivator.java
felix/trunk/http/jetty/src/main/java/org/apache/felix/http/jetty/internal/JettyService.java
Modified:
felix/trunk/http/itest/src/test/java/org/apache/felix/http/itest/EventListenerTest.java
URL:
http://svn.apache.org/viewvc/felix/trunk/http/itest/src/test/java/org/apache/felix/http/itest/EventListenerTest.java?rev=1801567&r1=1801566&r2=1801567&view=diff
==============================================================================
---
felix/trunk/http/itest/src/test/java/org/apache/felix/http/itest/EventListenerTest.java
(original)
+++
felix/trunk/http/itest/src/test/java/org/apache/felix/http/itest/EventListenerTest.java
Tue Jul 11 08:26:08 2017
@@ -65,7 +65,7 @@ public class EventListenerTest extends B
{
private Dictionary<String, Object> getListenerProps()
{
- final Dictionary<String, Object> props = new Hashtable<String,
Object>();
+ final Dictionary<String, Object> props = new Hashtable<>();
props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_LISTENER, "true");
return props;
@@ -73,7 +73,7 @@ public class EventListenerTest extends B
private Dictionary<String, Object> getServletProps(final String pattern)
{
- final Dictionary<String, Object> props = new Hashtable<String,
Object>();
+ final Dictionary<String, Object> props = new Hashtable<>();
props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_SERVLET_PATTERN,
pattern);
return props;
@@ -480,7 +480,7 @@ public class EventListenerTest extends B
};
// register with all contexts
- final Dictionary<String, Object> props = new Hashtable<String,
Object>();
+ final Dictionary<String, Object> props = new Hashtable<>();
props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_LISTENER, "true");
props.put(HttpWhiteboardConstants.HTTP_WHITEBOARD_CONTEXT_SELECT, "("
+ HttpWhiteboardConstants.HTTP_WHITEBOARD_CONTEXT_NAME + "=*)");
final ServiceRegistration<ServletRequestListener> reg =
m_context.registerService(ServletRequestListener.class, listener, props);
Modified:
felix/trunk/http/itest/src/test/java/org/apache/felix/http/itest/HttpServiceRuntimeTest.java
URL:
http://svn.apache.org/viewvc/felix/trunk/http/itest/src/test/java/org/apache/felix/http/itest/HttpServiceRuntimeTest.java?rev=1801567&r1=1801566&r2=1801567&view=diff
==============================================================================
---
felix/trunk/http/itest/src/test/java/org/apache/felix/http/itest/HttpServiceRuntimeTest.java
(original)
+++
felix/trunk/http/itest/src/test/java/org/apache/felix/http/itest/HttpServiceRuntimeTest.java
Tue Jul 11 08:26:08 2017
@@ -614,10 +614,9 @@ public class HttpServiceRuntimeTest exte
ServletContextDTO defaultContextDTO = runtimeDTO.servletContextDTOs[2];
long contextServiceId = defaultContextDTO.serviceId;
- assertEquals(Arrays.toString(defaultContextDTO.servletDTOs), 2,
defaultContextDTO.servletDTOs.length);
- assertServlet(defaultContextDTO.servletDTOs, "default servlet",
contextServiceId);
- assertServlet(defaultContextDTO.servletDTOs, "default error page",
contextServiceId);
-
+ assertEquals(1, defaultContextDTO.servletDTOs.length);
+ assertEquals("default servlet", defaultContextDTO.servletDTOs[0].name);
+ assertEquals(contextServiceId,
defaultContextDTO.servletDTOs[0].servletContextId);
assertEquals(1, defaultContextDTO.filterDTOs.length);
assertEquals("default filter", defaultContextDTO.filterDTOs[0].name);
assertEquals(contextServiceId,
defaultContextDTO.filterDTOs[0].servletContextId);
@@ -631,10 +630,9 @@ public class HttpServiceRuntimeTest exte
ServletContextDTO testContextDTO = runtimeDTO.servletContextDTOs[1];
contextServiceId = testContextDTO.serviceId;
- assertEquals(2, testContextDTO.servletDTOs.length);
- assertServlet(testContextDTO.servletDTOs, "context servlet",
contextServiceId);
- assertServlet(testContextDTO.servletDTOs, "context error page",
contextServiceId);
-
+ assertEquals(1, testContextDTO.servletDTOs.length);
+ assertEquals("context servlet", testContextDTO.servletDTOs[0].name);
+ assertEquals(contextServiceId,
testContextDTO.servletDTOs[0].servletContextId);
assertEquals(1, testContextDTO.filterDTOs.length);
assertEquals("context filter", testContextDTO.filterDTOs[0].name);
assertEquals(contextServiceId,
testContextDTO.filterDTOs[0].servletContextId);
@@ -1285,8 +1283,9 @@ public class HttpServiceRuntimeTest exte
assertTrue(0 >
runtimeDTO.servletContextDTOs[0].servletDTOs[0].serviceId);
}
+ // As specified in OSGi Compendium Release 6, Chapter 140.9
@Test
- public void namedServletIsNotIgnored() throws InterruptedException
+ public void serviceWithoutRequiredPropertiesIsIgnored() throws
InterruptedException
{
// Neither pattern nor error page specified
Dictionary<String, ?> properties =
createDictionary(HTTP_WHITEBOARD_SERVLET_NAME, "servlet");
@@ -1301,9 +1300,7 @@ public class HttpServiceRuntimeTest exte
assertEquals(0, runtimeDTO.failedServletContextDTOs.length);
ServletContextDTO defaultContext = assertDefaultContext(runtimeDTO);
- assertEquals(1, defaultContext.servletDTOs.length);
- assertEquals(0, defaultContext.servletDTOs[0].patterns.length);
- assertEquals("servlet", defaultContext.servletDTOs[0].name);
+ assertEquals(0, defaultContext.servletDTOs.length);
}
@Test
Modified: felix/trunk/http/jetty/pom.xml
URL:
http://svn.apache.org/viewvc/felix/trunk/http/jetty/pom.xml?rev=1801567&r1=1801566&r2=1801567&view=diff
==============================================================================
--- felix/trunk/http/jetty/pom.xml (original)
+++ felix/trunk/http/jetty/pom.xml Tue Jul 11 08:26:08 2017
@@ -39,7 +39,7 @@
<properties>
<felix.java.version>8</felix.java.version>
- <jetty.version>9.3.15.v20161220</jetty.version>
+ <jetty.version>9.3.20.v20170531</jetty.version>
</properties>
<build>
@@ -47,7 +47,7 @@
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
- <version>3.2.0</version>
+ <version>3.3.0</version>
<configuration>
<instructions>
<X-Jetty-Version>
@@ -89,7 +89,7 @@
org.osgi.service.http;version="[1.2.1,1.3)",
org.osgi.service.http.context;version="[1.0,1.1)",
org.osgi.service.http.runtime;version="[1.0,1.1)",
-
org.osgi.service.http.runtime.dto;version="[1.1,1.2)",
+
org.osgi.service.http.runtime.dto;version="[1.0,1.1)",
*
</Import-Package>
<DynamicImport-Package>
@@ -188,12 +188,12 @@
<dependency>
<groupId>org.apache.felix</groupId>
<artifactId>org.apache.felix.http.api</artifactId>
- <version>3.0.1-SNAPSHOT</version>
+ <version>3.0.0</version>
</dependency>
<dependency>
<groupId>org.apache.felix</groupId>
<artifactId>org.apache.felix.http.base</artifactId>
- <version>3.0.19-SNAPSHOT</version>
+ <version>3.0.18</version>
</dependency>
<dependency>
<groupId>commons-fileupload</groupId>
Modified:
felix/trunk/http/jetty/src/main/java/org/apache/felix/http/jetty/internal/JettyActivator.java
URL:
http://svn.apache.org/viewvc/felix/trunk/http/jetty/src/main/java/org/apache/felix/http/jetty/internal/JettyActivator.java?rev=1801567&r1=1801566&r2=1801567&view=diff
==============================================================================
---
felix/trunk/http/jetty/src/main/java/org/apache/felix/http/jetty/internal/JettyActivator.java
(original)
+++
felix/trunk/http/jetty/src/main/java/org/apache/felix/http/jetty/internal/JettyActivator.java
Tue Jul 11 08:26:08 2017
@@ -25,7 +25,6 @@ import org.osgi.framework.Bundle;
import org.osgi.framework.Constants;
import org.osgi.framework.ServiceFactory;
import org.osgi.framework.ServiceRegistration;
-import org.osgi.service.cm.ManagedServiceFactory;
public final class JettyActivator extends AbstractHttpActivator
{
@@ -39,7 +38,7 @@ public final class JettyActivator extend
protected void doStart() throws Exception
{
super.doStart();
- final Dictionary<String, Object> properties = new Hashtable<String,
Object>();
+ final Dictionary<String, Object> properties = new Hashtable<>();
properties.put(Constants.SERVICE_DESCRIPTION, "Metatype provider for
Jetty Http Service");
properties.put(Constants.SERVICE_VENDOR, "The Apache Software
Foundation");
properties.put("metatype.pid", JettyService.PID);
@@ -63,7 +62,7 @@ public final class JettyActivator extend
this.jetty = new JettyService(getBundleContext(),
getHttpServiceController());
this.jetty.start();
- final Dictionary<String, Object> propertiesCustomizer = new
Hashtable<String, Object>();
+ final Dictionary<String, Object> propertiesCustomizer = new
Hashtable<>();
propertiesCustomizer.put(Constants.SERVICE_DESCRIPTION, "Load Balancer
Customizer Factory for Jetty Http Service");
propertiesCustomizer.put(Constants.SERVICE_VENDOR, "The Apache
Software Foundation");
loadBalancerCustomizerFactoryReg =
this.getBundleContext().registerService(LoadBalancerCustomizerFactory.class,
Modified:
felix/trunk/http/jetty/src/main/java/org/apache/felix/http/jetty/internal/JettyService.java
URL:
http://svn.apache.org/viewvc/felix/trunk/http/jetty/src/main/java/org/apache/felix/http/jetty/internal/JettyService.java?rev=1801567&r1=1801566&r2=1801567&view=diff
==============================================================================
---
felix/trunk/http/jetty/src/main/java/org/apache/felix/http/jetty/internal/JettyService.java
(original)
+++
felix/trunk/http/jetty/src/main/java/org/apache/felix/http/jetty/internal/JettyService.java
Tue Jul 11 08:26:08 2017
@@ -42,9 +42,9 @@ import javax.servlet.SessionTrackingMode
import org.apache.felix.http.base.internal.HttpServiceController;
import org.apache.felix.http.base.internal.logger.SystemLogger;
import org.eclipse.jetty.http.HttpVersion;
+import org.eclipse.jetty.io.ConnectionStatistics;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.server.Connector;
-import org.eclipse.jetty.server.ConnectorStatistics;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
@@ -54,6 +54,7 @@ import org.eclipse.jetty.server.SessionM
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.StatisticsHandler;
+import org.eclipse.jetty.server.session.SessionHandler;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.component.AbstractLifeCycle;
@@ -111,7 +112,7 @@ public final class JettyService extends
this.context = context;
this.config = new JettyConfig(this.context);
this.controller = controller;
- this.deployments = new LinkedHashMap<String, Deployment>();
+ this.deployments = new LinkedHashMap<>();
this.executor = Executors.newSingleThreadExecutor(new ThreadFactory()
{
@Override
@@ -139,13 +140,13 @@ public final class JettyService extends
startJetty();
if (this.registerManagedService) {
- final Dictionary<String, Object> props = new
Hashtable<String, Object>();
+ final Dictionary<String, Object> props = new
Hashtable<>();
props.put(Constants.SERVICE_PID, PID);
this.configServiceReg =
this.context.registerService("org.osgi.service.cm.ManagedService",
new JettyManagedService(this), props);
}
- this.eventAdmintTracker = new ServiceTracker<EventAdmin,
EventAdmin>(this.context, EventAdmin.class,
+ this.eventAdmintTracker = new ServiceTracker<>(this.context,
EventAdmin.class,
new ServiceTrackerCustomizer<EventAdmin, EventAdmin>()
{
@Override
@@ -171,7 +172,7 @@ public final class JettyService extends
});
this.eventAdmintTracker.open();
- this.bundleTracker = new BundleTracker<Deployment>(this.context,
Bundle.ACTIVE | Bundle.STARTING,
+ this.bundleTracker = new BundleTracker<>(this.context, Bundle.ACTIVE |
Bundle.STARTING,
new BundleTrackerCustomizer<Deployment>() {
@Override
@@ -253,7 +254,7 @@ public final class JettyService extends
private Hashtable<String, Object> getServiceProperties()
{
- Hashtable<String, Object> props = new Hashtable<String, Object>();
+ Hashtable<String, Object> props = new Hashtable<>();
// Add some important configuration properties...
this.config.setServiceProperties(props);
addEndpointProperties(props, null);
@@ -340,7 +341,9 @@ public final class JettyService extends
this.parent = new ContextHandlerCollection();
- ServletContextHandler context = new
ServletContextHandler(this.parent, this.config.getContextPath(),
ServletContextHandler.SESSIONS);
+ ServletContextHandler context = new
ServletContextHandler(this.parent,
+ this.config.getContextPath(),
+ ServletContextHandler.SESSIONS);
configureSessionManager(context);
this.controller.getEventDispatcher().setActive(true);
@@ -559,7 +562,7 @@ public final class JettyService extends
if (this.config.isRegisterMBeans())
{
- connector.addBean(new ConnectorStatistics());
+ connector.addBean(new ConnectionStatistics());
}
}
@@ -580,19 +583,18 @@ public final class JettyService extends
//Changed from 8.x to 9.x
//maxIdleTime -> ServerConnector.setIdleTimeout
//requestBufferSize -> HttpConnectionFactory.setInputBufferSize
- //statsOn -> ServerConnector.addBean(new ConnectorStatistics());
+ //statsOn -> ServerConnector.addBean(new ConnectionStatistics());
}
private void configureSessionManager(final ServletContextHandler context)
{
- final SessionManager manager =
context.getSessionHandler().getSessionManager();
+ final SessionHandler sessionHandler = context.getSessionHandler();
+
sessionHandler.getSessionManager().setMaxInactiveInterval(this.config.getSessionTimeout()
* 60);
+
sessionHandler.getSessionManager().setSessionIdPathParameterName(this.config.getProperty(JettyConfig.FELIX_JETTY_SERVLET_SESSION_ID_PATH_PARAMETER_NAME,
SessionManager.__DefaultSessionIdPathParameterName));
+
sessionHandler.getSessionManager().setCheckingRemoteSessionIdEncoding(this.config.getBooleanProperty(JettyConfig.FELIX_JETTY_SERVLET_CHECK_REMOTE_SESSION_ENCODING,
true));
+
sessionHandler.getSessionManager().setSessionTrackingModes(Collections.singleton(SessionTrackingMode.COOKIE));
- manager.setMaxInactiveInterval(this.config.getSessionTimeout() * 60);
-
manager.setSessionIdPathParameterName(this.config.getProperty(JettyConfig.FELIX_JETTY_SERVLET_SESSION_ID_PATH_PARAMETER_NAME,
SessionManager.__DefaultSessionIdPathParameterName));
-
manager.setCheckingRemoteSessionIdEncoding(this.config.getBooleanProperty(JettyConfig.FELIX_JETTY_SERVLET_CHECK_REMOTE_SESSION_ENCODING,
true));
-
manager.setSessionTrackingModes(Collections.singleton(SessionTrackingMode.COOKIE));
-
- SessionCookieConfig cookieConfig = manager.getSessionCookieConfig();
+ final SessionCookieConfig cookieConfig =
sessionHandler.getSessionManager().getSessionCookieConfig();
cookieConfig.setName(this.config.getProperty(JettyConfig.FELIX_JETTY_SERVLET_SESSION_COOKIE_NAME,
SessionManager.__DefaultSessionCookie));
cookieConfig.setDomain(this.config.getProperty(JettyConfig.FELIX_JETTY_SERVLET_SESSION_DOMAIN,
SessionManager.__DefaultSessionDomain));
cookieConfig.setPath(this.config.getProperty(JettyConfig.FELIX_JETTY_SERVLET_SESSION_PATH,
context.getContextPath()));
@@ -677,7 +679,7 @@ public final class JettyService extends
private List<String> getEndpoints(final Connector connector, final
List<NetworkInterface> interfaces)
{
- final List<String> endpoints = new ArrayList<String>();
+ final List<String> endpoints = new ArrayList<>();
for (final NetworkInterface ni : interfaces)
{
final Enumeration<InetAddress> ias = ni.getInetAddresses();
@@ -696,7 +698,7 @@ public final class JettyService extends
private void addEndpointProperties(final Hashtable<String, Object> props,
Object container)
{
- final List<String> endpoints = new ArrayList<String>();
+ final List<String> endpoints = new ArrayList<>();
final Connector[] connectors = this.server.getConnectors();
if (connectors != null)
@@ -709,8 +711,8 @@ public final class JettyService extends
{
try
{
- final List<NetworkInterface> interfaces = new
ArrayList<NetworkInterface>();
- final List<NetworkInterface> loopBackInterfaces = new
ArrayList<NetworkInterface>();
+ final List<NetworkInterface> interfaces = new
ArrayList<>();
+ final List<NetworkInterface> loopBackInterfaces = new
ArrayList<>();
final Enumeration<NetworkInterface> nis =
NetworkInterface.getNetworkInterfaces();
while (nis.hasMoreElements())
{
@@ -817,7 +819,7 @@ public final class JettyService extends
JettyService.this.parent.addHandler(context);
context.start();
- Dictionary<String, Object> props = new Hashtable<String,
Object>();
+ Dictionary<String, Object> props = new Hashtable<>();
props.put(WEB_SYMBOLIC_NAME,
webAppBundle.getSymbolicName());
props.put(WEB_VERSION, webAppBundle.getVersion());
props.put(WEB_CONTEXT_PATH, deployment.getContextPath());
