Update Jetty to 10.0.6

- this is the same version eclipse platform currently uses - update servlet-api to 4.0 - configure keystore used by AppServer with Subject Alternative Names for host name and ip address to satisfy more strict SNI checking in Jetty 10. See https://github.com/eclipse/jetty.project/issues/5379 - add jetty bundles to JGit-dependency-bundles in the jgit p2 repository Bug: 571932 Bug: 576100 Change-Id: Ibd0240cf7ad4dc201947fd69707f517c3c1fc1c8
author: Matthias Sohn <matthias.sohn@sap.com> 2021-11-19 09:23:12 +0100
committer: Matthias Sohn <matthias.sohn@sap.com> 2021-11-22 20:50:28 +0100
commit: f91e47f5b67e1db73cd8af59362a3d6749f15c4a (patch)
tree: 86b994a3acaa75eaa31639b00c0eb9fc7e71d820 /org.eclipse.jgit.junit.http
parent: 2e2a3642c3775d0cd3c7184fd9b45a53dcb47629 (diff)
download: jgit-f91e47f5b67e1db73cd8af59362a3d6749f15c4a.tar.gz
jgit-f91e47f5b67e1db73cd8af59362a3d6749f15c4a.zip
2 files changed, 38 insertions, 31 deletions
diff --git a/org.eclipse.jgit.junit.http/META-INF/MANIFEST.MF b/org.eclipse.jgit.junit.http/META-INF/MANIFEST.MF
index e3e3222620..6be5cdd09e 100644
--- a/org.eclipse.jgit.junit.http/META-INF/MANIFEST.MF
+++ b/org.eclipse.jgit.junit.http/META-INF/MANIFEST.MF
@@ -8,20 +8,19 @@ Bundle-Localization: plugin
 Bundle-Vendor: %Bundle-Vendor
 Bundle-ActivationPolicy: lazy
 Bundle-RequiredExecutionEnvironment: JavaSE-11
-Import-Package: javax.servlet;version="[2.5.0,3.2.0)",
- javax.servlet.http;version="[2.5.0,3.2.0)",
+Import-Package: javax.servlet;version="[2.5.0,5.0.0)",
+ javax.servlet.http;version="[2.5.0,5.0.0)",
  org.apache.commons.logging;version="[1.1.1,2.0.0)",
- org.eclipse.jetty.http;version="[9.4.5,10.0.0)",
- org.eclipse.jetty.security;version="[9.4.5,10.0.0)",
- org.eclipse.jetty.security.authentication;version="[9.4.5,10.0.0)",
- org.eclipse.jetty.server;version="[9.4.5,10.0.0)",
- org.eclipse.jetty.server.handler;version="[9.4.5,10.0.0)",
- org.eclipse.jetty.server.nio;version="[9.4.5,10.0.0)",
- org.eclipse.jetty.servlet;version="[9.4.5,10.0.0)",
- org.eclipse.jetty.util.component;version="[9.4.5,10.0.0)",
- org.eclipse.jetty.util.log;version="[9.4.5,10.0.0)",
- org.eclipse.jetty.util.security;version="[9.4.5,10.0.0)",
- org.eclipse.jetty.util.ssl;version="[9.4.5,10.0.0)",
+ org.eclipse.jetty.http;version="[10.0.0,11.0.0)",
+ org.eclipse.jetty.security;version="[10.0.0,11.0.0)",
+ org.eclipse.jetty.security.authentication;version="[10.0.0,11.0.0)",
+ org.eclipse.jetty.server;version="[10.0.0,11.0.0)",
+ org.eclipse.jetty.server.handler;version="[10.0.0,11.0.0)",
+ org.eclipse.jetty.servlet;version="[10.0.0,11.0.0)",
+ org.eclipse.jetty.util.component;version="[10.0.0,11.0.0)",
+ org.eclipse.jetty.util.log;version="[10.0.0,11.0.0)",
+ org.eclipse.jetty.util.security;version="[10.0.0,11.0.0)",
+ org.eclipse.jetty.util.ssl;version="[10.0.0,11.0.0)",
  org.eclipse.jgit.errors;version="[6.0.0,6.1.0)",
  org.eclipse.jgit.http.server;version="[6.0.0,6.1.0)",
  org.eclipse.jgit.internal.storage.file;version="[6.0.0,6.1.0)",
diff --git a/org.eclipse.jgit.junit.http/src/org/eclipse/jgit/junit/http/AppServer.java b/org.eclipse.jgit.junit.http/src/org/eclipse/jgit/junit/http/AppServer.java
index 0f052987e3..58646914c1 100644
--- a/org.eclipse.jgit.junit.http/src/org/eclipse/jgit/junit/http/AppServer.java
+++ b/org.eclipse.jgit.junit.http/src/org/eclipse/jgit/junit/http/AppServer.java
@@ -21,20 +21,23 @@ import java.net.URISyntaxException;
 import java.net.UnknownHostException;
 import java.nio.file.Files;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 
-import org.eclipse.jetty.http.HttpVersion;
 import org.eclipse.jetty.security.AbstractLoginService;
 import org.eclipse.jetty.security.Authenticator;
 import org.eclipse.jetty.security.ConstraintMapping;
 import org.eclipse.jetty.security.ConstraintSecurityHandler;
+import org.eclipse.jetty.security.RolePrincipal;
+import org.eclipse.jetty.security.UserPrincipal;
 import org.eclipse.jetty.security.authentication.BasicAuthenticator;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.HttpConfiguration;
 import org.eclipse.jetty.server.HttpConnectionFactory;
+import org.eclipse.jetty.server.SecureRequestCustomizer;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.ServerConnector;
 import org.eclipse.jetty.server.SslConnectionFactory;
@@ -143,13 +146,15 @@ public class AppServer {
 		}
 
 		if (sslPort >= 0) {
-			SslContextFactory sslContextFactory = createTestSslContextFactory(
-					hostName);
+			SslContextFactory.Server sslContextFactory = createTestSslContextFactory(
+					hostName, ip);
 			secureConfig = new HttpConfiguration(config);
-			secureConnector = new ServerConnector(server,
-					new SslConnectionFactory(sslContextFactory,
-							HttpVersion.HTTP_1_1.asString()),
-					new HttpConnectionFactory(secureConfig));
+			secureConfig.addCustomizer(new SecureRequestCustomizer());
+			HttpConnectionFactory http11 = new HttpConnectionFactory(
+					secureConfig);
+			SslConnectionFactory tls = new SslConnectionFactory(
+					sslContextFactory, http11.getProtocol());
+			secureConnector = new ServerConnector(server, tls, http11);
 			secureConnector.setPort(sslPort);
 			secureConnector.setHost(ip);
 		} else {
@@ -171,8 +176,9 @@ public class AppServer {
 		server.setHandler(log);
 	}
 
-	private SslContextFactory createTestSslContextFactory(String hostName) {
-		SslContextFactory.Client factory = new SslContextFactory.Client(true);
+	private SslContextFactory.Server createTestSslContextFactory(
+			String hostName, String ip) {
+		SslContextFactory.Server factory = new SslContextFactory.Server();
 
 		String dName = "CN=,OU=,O=,ST=,L=,C=";
 
@@ -190,6 +196,8 @@ public class AppServer {
 							"-keystore", keyStore.getAbsolutePath(), //
 							"-storepass", keyPassword,
 							"-alias", hostName, //
+							"-ext",
+							String.format("san=IP:%s,DNS:%s", ip, hostName), //
 							"-genkeypair", //
 							"-keyalg", "RSA", //
 							"-keypass", keyPassword, //
@@ -260,12 +268,12 @@ public class AppServer {
 	}
 
 	static class TestMappedLoginService extends AbstractLoginService {
-		private String role;
+		private RolePrincipal role;
 
 		protected final Map<String, UserPrincipal> users = new ConcurrentHashMap<>();
 
 		TestMappedLoginService(String role) {
-			this.role = role;
+			this.role = new RolePrincipal(role);
 		}
 
 		@Override
@@ -277,16 +285,16 @@ public class AppServer {
 		}
 
 		@Override
-		protected String[] loadRoleInfo(UserPrincipal user) {
-			if (users.get(user.getName()) == null) {
-				return null;
-			}
-			return new String[] { role };
+		protected UserPrincipal loadUserInfo(String user) {
+			return users.get(user);
 		}
 
 		@Override
-		protected UserPrincipal loadUserInfo(String user) {
-			return users.get(user);
+		protected List<RolePrincipal> loadRoleInfo(UserPrincipal user) {
+			if (users.get(user.getName()) == null) {
+				return null;
+			}
+			return Collections.singletonList(role);
 		}
 	}
author	Matthias Sohn <matthias.sohn@sap.com>	2021-11-19 09:23:12 +0100
committer	Matthias Sohn <matthias.sohn@sap.com>	2021-11-22 20:50:28 +0100
commit	f91e47f5b67e1db73cd8af59362a3d6749f15c4a (patch)
tree	86b994a3acaa75eaa31639b00c0eb9fc7e71d820 /org.eclipse.jgit.junit.http
parent	2e2a3642c3775d0cd3c7184fd9b45a53dcb47629 (diff)
download	jgit-f91e47f5b67e1db73cd8af59362a3d6749f15c4a.tar.gz jgit-f91e47f5b67e1db73cd8af59362a3d6749f15c4a.zip