From f91e47f5b67e1db73cd8af59362a3d6749f15c4a Mon Sep 17 00:00:00 2001 From: Matthias Sohn Date: Fri, 19 Nov 2021 09:23:12 +0100 Subject: Update Jetty to 10.0.6 - this is the same version eclipse platform currently uses - update servlet-api to 4.0 - configure keystore used by AppServer with Subject Alternative Names for host name and ip address to satisfy more strict SNI checking in Jetty 10. See https://github.com/eclipse/jetty.project/issues/5379 - add jetty bundles to JGit-dependency-bundles in the jgit p2 repository Bug: 571932 Bug: 576100 Change-Id: Ibd0240cf7ad4dc201947fd69707f517c3c1fc1c8 --- org.eclipse.jgit.junit.http/META-INF/MANIFEST.MF | 25 ++++++------ .../src/org/eclipse/jgit/junit/http/AppServer.java | 44 +++++++++++++--------- 2 files changed, 38 insertions(+), 31 deletions(-) (limited to 'org.eclipse.jgit.junit.http') diff --git a/org.eclipse.jgit.junit.http/META-INF/MANIFEST.MF b/org.eclipse.jgit.junit.http/META-INF/MANIFEST.MF index e3e3222620..6be5cdd09e 100644 --- a/org.eclipse.jgit.junit.http/META-INF/MANIFEST.MF +++ b/org.eclipse.jgit.junit.http/META-INF/MANIFEST.MF @@ -8,20 +8,19 @@ Bundle-Localization: plugin Bundle-Vendor: %Bundle-Vendor Bundle-ActivationPolicy: lazy Bundle-RequiredExecutionEnvironment: JavaSE-11 -Import-Package: javax.servlet;version="[2.5.0,3.2.0)", - javax.servlet.http;version="[2.5.0,3.2.0)", +Import-Package: javax.servlet;version="[2.5.0,5.0.0)", + javax.servlet.http;version="[2.5.0,5.0.0)", org.apache.commons.logging;version="[1.1.1,2.0.0)", - org.eclipse.jetty.http;version="[9.4.5,10.0.0)", - org.eclipse.jetty.security;version="[9.4.5,10.0.0)", - org.eclipse.jetty.security.authentication;version="[9.4.5,10.0.0)", - org.eclipse.jetty.server;version="[9.4.5,10.0.0)", - org.eclipse.jetty.server.handler;version="[9.4.5,10.0.0)", - org.eclipse.jetty.server.nio;version="[9.4.5,10.0.0)", - org.eclipse.jetty.servlet;version="[9.4.5,10.0.0)", - org.eclipse.jetty.util.component;version="[9.4.5,10.0.0)", - org.eclipse.jetty.util.log;version="[9.4.5,10.0.0)", - org.eclipse.jetty.util.security;version="[9.4.5,10.0.0)", - org.eclipse.jetty.util.ssl;version="[9.4.5,10.0.0)", + org.eclipse.jetty.http;version="[10.0.0,11.0.0)", + org.eclipse.jetty.security;version="[10.0.0,11.0.0)", + org.eclipse.jetty.security.authentication;version="[10.0.0,11.0.0)", + org.eclipse.jetty.server;version="[10.0.0,11.0.0)", + org.eclipse.jetty.server.handler;version="[10.0.0,11.0.0)", + org.eclipse.jetty.servlet;version="[10.0.0,11.0.0)", + org.eclipse.jetty.util.component;version="[10.0.0,11.0.0)", + org.eclipse.jetty.util.log;version="[10.0.0,11.0.0)", + org.eclipse.jetty.util.security;version="[10.0.0,11.0.0)", + org.eclipse.jetty.util.ssl;version="[10.0.0,11.0.0)", org.eclipse.jgit.errors;version="[6.0.0,6.1.0)", org.eclipse.jgit.http.server;version="[6.0.0,6.1.0)", org.eclipse.jgit.internal.storage.file;version="[6.0.0,6.1.0)", diff --git a/org.eclipse.jgit.junit.http/src/org/eclipse/jgit/junit/http/AppServer.java b/org.eclipse.jgit.junit.http/src/org/eclipse/jgit/junit/http/AppServer.java index 0f052987e3..58646914c1 100644 --- a/org.eclipse.jgit.junit.http/src/org/eclipse/jgit/junit/http/AppServer.java +++ b/org.eclipse.jgit.junit.http/src/org/eclipse/jgit/junit/http/AppServer.java @@ -21,20 +21,23 @@ import java.net.URISyntaxException; import java.net.UnknownHostException; import java.nio.file.Files; import java.util.ArrayList; +import java.util.Collections; import java.util.List; import java.util.Locale; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; -import org.eclipse.jetty.http.HttpVersion; import org.eclipse.jetty.security.AbstractLoginService; import org.eclipse.jetty.security.Authenticator; import org.eclipse.jetty.security.ConstraintMapping; import org.eclipse.jetty.security.ConstraintSecurityHandler; +import org.eclipse.jetty.security.RolePrincipal; +import org.eclipse.jetty.security.UserPrincipal; import org.eclipse.jetty.security.authentication.BasicAuthenticator; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.HttpConfiguration; import org.eclipse.jetty.server.HttpConnectionFactory; +import org.eclipse.jetty.server.SecureRequestCustomizer; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.ServerConnector; import org.eclipse.jetty.server.SslConnectionFactory; @@ -143,13 +146,15 @@ public class AppServer { } if (sslPort >= 0) { - SslContextFactory sslContextFactory = createTestSslContextFactory( - hostName); + SslContextFactory.Server sslContextFactory = createTestSslContextFactory( + hostName, ip); secureConfig = new HttpConfiguration(config); - secureConnector = new ServerConnector(server, - new SslConnectionFactory(sslContextFactory, - HttpVersion.HTTP_1_1.asString()), - new HttpConnectionFactory(secureConfig)); + secureConfig.addCustomizer(new SecureRequestCustomizer()); + HttpConnectionFactory http11 = new HttpConnectionFactory( + secureConfig); + SslConnectionFactory tls = new SslConnectionFactory( + sslContextFactory, http11.getProtocol()); + secureConnector = new ServerConnector(server, tls, http11); secureConnector.setPort(sslPort); secureConnector.setHost(ip); } else { @@ -171,8 +176,9 @@ public class AppServer { server.setHandler(log); } - private SslContextFactory createTestSslContextFactory(String hostName) { - SslContextFactory.Client factory = new SslContextFactory.Client(true); + private SslContextFactory.Server createTestSslContextFactory( + String hostName, String ip) { + SslContextFactory.Server factory = new SslContextFactory.Server(); String dName = "CN=,OU=,O=,ST=,L=,C="; @@ -190,6 +196,8 @@ public class AppServer { "-keystore", keyStore.getAbsolutePath(), // "-storepass", keyPassword, "-alias", hostName, // + "-ext", + String.format("san=IP:%s,DNS:%s", ip, hostName), // "-genkeypair", // "-keyalg", "RSA", // "-keypass", keyPassword, // @@ -260,12 +268,12 @@ public class AppServer { } static class TestMappedLoginService extends AbstractLoginService { - private String role; + private RolePrincipal role; protected final Map users = new ConcurrentHashMap<>(); TestMappedLoginService(String role) { - this.role = role; + this.role = new RolePrincipal(role); } @Override @@ -277,16 +285,16 @@ public class AppServer { } @Override - protected String[] loadRoleInfo(UserPrincipal user) { - if (users.get(user.getName()) == null) { - return null; - } - return new String[] { role }; + protected UserPrincipal loadUserInfo(String user) { + return users.get(user); } @Override - protected UserPrincipal loadUserInfo(String user) { - return users.get(user); + protected List loadRoleInfo(UserPrincipal user) { + if (users.get(user.getName()) == null) { + return null; + } + return Collections.singletonList(role); } } -- cgit v1.2.3