Skip to content

O
Openfire
Commit 5564cd1d authored by Florian Schmaus's avatar Florian Schmaus
Browse files
Options

OF-709: Update Jetty from 7.4 to 9.1.5

parent c6c29b1e
Hide whitespace changes
Inline Side-by-side
Showing with 136 additions and 65 deletions
build/lib/versions.txt
View file @ 5564cd1d
......@@ -16,16 +16,25 @@ dom4j.jar | 1.6.1
concurrentlinkedhashmap-lru | concurrentlinkedhashmap-lru-1.0_jdk5 | Apache 2.0
dbutil.jar | Jive Code, no release version. | GPL
hsqldb.jar | 1.8.0.5 | BSD (http://hsqldb.org/web/hsqlLicense.html)
jetty-continuation.jar | Jetty 7.5.4.v20111024 | Apache 2.0, Eclipse 1.0
jetty-http.jar | Jetty 7.5.4.v20111024 | Apache 2.0, Eclipse 1.0
jetty-io.jar | Jetty 7.5.4.v20111024 | Apache 2.0, Eclipse 1.0
jetty-security.jar | Jetty 7.5.4.v20111024 | Apache 2.0, Eclipse 1.0
jetty-server.jar | Jetty 7.5.4.v20111024 | Apache 2.0, Eclipse 1.0
jetty-servlet.jar | Jetty 7.5.4.v20111024 | Apache 2.0, Eclipse 1.0
jetty-util.jar | Jetty 7.5.4.v20111024 | Apache 2.0, Eclipse 1.0
jetty-webapp.jar | Jetty 7.5.4.v20111024 | Apache 2.0, Eclipse 1.0
jetty-websocket.jar | Jetty 7.5.4.v20111024 | Apache 2.0, Eclipse 1.0
jetty-xml.jar | Jetty 7.5.4.v20111024 | Apache 2.0, Eclipse 1.0
jetty-continuation.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-http.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-io.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-security.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-server.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-servlet.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-util.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-webapp.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-websocket.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jetty-xml.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
spdy-client.jar | Jetty 9.1.5.v20140505 (see #3) | Apache 2.0, Eclipse 1.0
spdy-core.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
spdy-http.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
spdy-http-common.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
spdy-server.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
websocket-api.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
websocket-common.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
websocket-server.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
websocket-servlet.jar | Jetty 9.1.5.v20140505 | Apache 2.0, Eclipse 1.0
jasper-compiler.jar | Jetty 6.1.0 (5.5.15) |
jasper-runtime.jar | Jetty 6.1.0 (5.5.15) |
jaxen.jar | 1.1 beta 4 (from DOM4J 1.6.1) | Apache 1.1
......@@ -64,7 +73,9 @@ xmltask.jar | 1.11
xpp3.jar | XPP_3 1.1.4c | BSD (http://www.extreme.indiana.edu/viewcvs/~checkout~/XPP3/java/LICENSE.txt)
Notes
-----
1) proxool - patched ProxyConnection to send log message in #registerClosedStatement to debug instead of warn
2) mina-filter-ssl - applied patch to resize buffers OF-496 DIRMINA-914. Source code used: https://git-wip-us.apache.org/repos/asf?p=mina.git;a=commit;h=dd6395befe672d7bdb210b28b1b81592a3dc5e64
3) npn-boot-1.1.7.v20140316.jar added to dist folder
src/conf/openfire.xml
View file @ 5564cd1d
......@@ -33,4 +33,14 @@
<interface></interface>
</network>
-->
<!-- SPDY Protocol is npn.
(note: npn does not work with Java 8)
add -Xbootclasspath/p:/OPENFIRE_HOME/lib/npn-boot.jar to .vmoptions file -->
<!--
<spdy>
<protocol>npn</protocol>
</spdy>
-->
</jive>
src/java/org/jivesoftware/openfire/JMXManager.java
View file @ 5564cd1d
......@@ -104,10 +104,8 @@ public class JMXManager {
}
private void start() {
setContainer(new MBeanContainer(ManagementFactory.getPlatformMBeanServer()));
getContainer().addBean(org.eclipse.jetty.util.log.Log.getLog());
int jmxPort = JMXManager.getPort();
String jmxUrl = "/jndi/rmi://localhost:" + jmxPort + "/jmxrmi";
Map<String, Object> env = new HashMap<String, Object>();
......
src/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java
View file @ 5564cd1d
......@@ -33,20 +33,24 @@ import javax.management.remote.JMXPrincipal;
import javax.management.remote.JMXServiceURL;
import javax.security.auth.Subject;
import org.eclipse.jetty.http.ssl.SslContextFactory;
import org.eclipse.jetty.jmx.ConnectorServer;
import org.eclipse.jetty.jmx.MBeanContainer;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.DefaultHandler;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.server.nio.SelectChannelConnector;
import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.util.thread.QueuedThreadPool;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;
import org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector;
import org.jivesoftware.openfire.JMXManager;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.admin.AdminManager;
......@@ -108,27 +112,32 @@ public class AdminConsolePlugin implements Plugin {
adminPort = JiveGlobals.getXMLProperty("adminConsole.port", 9090);
adminSecurePort = JiveGlobals.getXMLProperty("adminConsole.securePort", 9091);
adminServer = new Server();
final QueuedThreadPool tp = new QueuedThreadPool(254);
tp.setName("Jetty-QTP-AdminConsole");
adminServer = new Server(tp);
if (JMXManager.isEnabled()) {
JMXManager jmx = JMXManager.getInstance();
adminServer.getContainer().addEventListener(jmx.getContainer());
adminServer.addBean(jmx.getContainer());
}
final QueuedThreadPool tp = new QueuedThreadPool(254);
tp.setName("Jetty-QTP-AdminConsole");
adminServer.setThreadPool(tp);
// Do not send Jetty info in HTTP headers
adminServer.setSendServerVersion(false);
ServerConnector httpConnector = null;
ServerConnector httpsConnector = null;
HttpConfiguration httpConfig = null;
// Create connector for http traffic if it's enabled.
if (adminPort > 0) {
Connector httpConnector = new SelectChannelConnector();
httpConfig = new HttpConfiguration();
// Do not send Jetty info in HTTP headers
httpConfig.setSendServerVersion( false );
httpConnector = new ServerConnector(adminServer, new HttpConnectionFactory(httpConfig));
// Listen on a specific network interface if it has been set.
String bindInterface = getBindInterface();
httpConnector.setHost(bindInterface);
httpConnector.setPort(adminPort);
httpConnector.setStatsOn(JMXManager.isEnabled());
adminServer.addConnector(httpConnector);
}
......@@ -141,21 +150,35 @@ public class AdminConsolePlugin implements Plugin {
XMPPServer.getInstance().getServerInfo().getXMPPDomain())) {
Log.warn("Admin console: Using RSA certificates but they are not valid for the hosted domain");
}
final SslContextFactory sslContextFactory = new SslContextFactory(SSLConfig.getKeystoreLocation());
final SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setTrustStorePassword(SSLConfig.gets2sTrustPassword());
sslContextFactory.setTrustStoreType(SSLConfig.getStoreType());
sslContextFactory.setTrustStore(SSLConfig.gets2sTruststoreLocation());
sslContextFactory.setKeyStorePath(SSLConfig.getKeystoreLocation());
sslContextFactory.setNeedClientAuth(false);
sslContextFactory.setWantClientAuth(false);
sslContextFactory.setKeyStorePassword(SSLConfig.getKeyPassword());
sslContextFactory.setKeyStoreType(SSLConfig.getStoreType());
final SslSelectChannelConnector httpsConnector = new SslSelectChannelConnector(sslContextFactory);
if ("npn".equals(JiveGlobals.getXMLProperty("spdy.protocol", "")))
{
httpsConnector = new HTTPSPDYServerConnector(adminServer, sslContextFactory);
} else {
HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
httpsConfig.setSecureScheme("https");
httpsConfig.setSecurePort(adminSecurePort);
httpsConfig.addCustomizer(new SecureRequestCustomizer());
HttpConnectionFactory httpConnectionFactory = new HttpConnectionFactory(httpsConfig);
SslConnectionFactory sslConnectionFactory = new SslConnectionFactory(sslContextFactory, org.eclipse.jetty.http.HttpVersion.HTTP_1_1.toString());
httpsConnector = new ServerConnector(adminServer, sslConnectionFactory, httpConnectionFactory);
}
String bindInterface = getBindInterface();
httpsConnector.setHost(bindInterface);
httpsConnector.setPort(adminSecurePort);
httpsConnector.setStatsOn(JMXManager.isEnabled());
adminServer.addConnector(httpsConnector);
sslEnabled = true;
......@@ -330,13 +353,19 @@ public class AdminConsolePlugin implements Plugin {
getBindInterface();
boolean isPlainStarted = false;
boolean isSecureStarted = false;
boolean isSPDY = false;
for (Connector connector : adminServer.getConnectors()) {
if (connector.getPort() == adminPort) {
if (((ServerConnector) connector).getPort() == adminPort) {
isPlainStarted = true;
}
else if (connector.getPort() == adminSecurePort) {
else if (((ServerConnector) connector).getPort() == adminSecurePort) {
isSecureStarted = true;
}
if (connector instanceof HTTPSPDYServerConnector) {
isSPDY = true;
}
}
if (isPlainStarted && isSecureStarted) {
......@@ -344,10 +373,10 @@ public class AdminConsolePlugin implements Plugin {
" http://" + hostname + ":" +
adminPort + System.getProperty("line.separator") +
" https://" + hostname + ":" +
adminSecurePort);
adminSecurePort + (isSPDY ? " (SPDY)" : ""));
}
else if (isSecureStarted) {
log(listening + " https://" + hostname + ":" + adminSecurePort);
log(listening + " https://" + hostname + ":" + adminSecurePort + (isSPDY ? " (SPDY)" : ""));
}
else if (isPlainStarted) {
log(listening + " http://" + hostname + ":" + adminPort);
......
src/java/org/jivesoftware/openfire/http/HttpBindManager.java
View file @ 5564cd1d
......@@ -27,19 +27,24 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.eclipse.jetty.http.ssl.SslContextFactory;
import org.eclipse.jetty.server.AbstractConnector;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.ForwardedRequestCustomizer;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.DefaultHandler;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.server.nio.SelectChannelConnector;
import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
import org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.thread.QueuedThreadPool;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;
import org.jivesoftware.openfire.JMXManager;
import org.jivesoftware.openfire.XMPPServer;
......@@ -194,11 +199,13 @@ public final class HttpBindManager {
private void createConnector(int port) {
httpConnector = null;
if (port > 0) {
SelectChannelConnector connector = new SelectChannelConnector();
HttpConfiguration httpConfig = new HttpConfiguration();
configureProxiedConnector(httpConfig);
ServerConnector connector = new ServerConnector(httpBindServer, new HttpConnectionFactory(httpConfig));
// Listen on a specific network interface if it has been set.
connector.setHost(getBindInterface());
connector.setPort(port);
configureProxiedConnector(connector);
httpConnector = connector;
}
}
......@@ -213,10 +220,10 @@ public final class HttpBindManager {
"the hosted domain");
}
final SslContextFactory sslContextFactory = new SslContextFactory(SSLConfig.getKeystoreLocation());
final SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setTrustStorePassword(SSLConfig.getc2sTrustPassword());
sslContextFactory.setTrustStoreType(SSLConfig.getStoreType());
sslContextFactory.setTrustStore(SSLConfig.getc2sTruststoreLocation());
sslContextFactory.setKeyStorePath(SSLConfig.getKeystoreLocation());
sslContextFactory.setKeyStorePassword(SSLConfig.getKeyPassword());
sslContextFactory.setKeyStoreType(SSLConfig.getStoreType());
......@@ -232,11 +239,25 @@ public final class HttpBindManager {
sslContextFactory.setNeedClientAuth(false);
sslContextFactory.setWantClientAuth(false);
}
final SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslContextFactory);
HttpConfiguration httpsConfig = new HttpConfiguration();
httpsConfig.setSecureScheme("https");
httpsConfig.setSecurePort(securePort);
configureProxiedConnector(httpsConfig);
httpsConfig.addCustomizer(new SecureRequestCustomizer());
ServerConnector sslConnector = null;
if ("npn".equals(JiveGlobals.getXMLProperty("spdy.protocol", "")))
{
sslConnector = new HTTPSPDYServerConnector(httpBindServer, sslContextFactory);
} else {
sslConnector = new ServerConnector(httpBindServer, new SslConnectionFactory(sslContextFactory, "http/1.1"),
new HttpConnectionFactory(httpsConfig));
}
sslConnector.setHost(getBindInterface());
sslConnector.setPort(securePort);
configureProxiedConnector(sslConnector);
httpsConnector = sslConnector;
}
}
......@@ -244,34 +265,35 @@ public final class HttpBindManager {
Log.error("Error creating SSL connector for Http bind", e);
}
}
private void configureProxiedConnector(AbstractConnector connector) {
private void configureProxiedConnector(HttpConfiguration httpConfig) {
// Check to see if we are deployed behind a proxy
// Refer to http://docs.codehaus.org/display/JETTY/Configuring+Connectors
if (isXFFEnabled()) {
connector.setForwarded(true);
ForwardedRequestCustomizer customizer = new ForwardedRequestCustomizer();
// default: "X-Forwarded-For"
String forwardedForHeader = getXFFHeader();
if (forwardedForHeader != null) {
connector.setForwardedForHeader(forwardedForHeader);
customizer.setForwardedForHeader(forwardedForHeader);
}
// default: "X-Forwarded-Server"
String forwardedServerHeader = getXFFServerHeader();
if (forwardedServerHeader != null) {
connector.setForwardedServerHeader(forwardedServerHeader);
customizer.setForwardedServerHeader(forwardedServerHeader);
}
// default: "X-Forwarded-Host"
String forwardedHostHeader = getXFFHostHeader();
if (forwardedHostHeader != null) {
connector.setForwardedHostHeader(forwardedHostHeader);
customizer.setForwardedHostHeader(forwardedHostHeader);
}
// default: none
String hostName = getXFFHostName();
if (hostName != null) {
connector.setHostHeader(hostName);
customizer.setHostHeader(hostName);
}
httpConfig.addCustomizer(customizer);
}
connector.setStatsOn(JMXManager.isEnabled());
}
private String getBindInterface() {
......@@ -491,17 +513,15 @@ public final class HttpBindManager {
* @param securePort the port to start the TLS (secure) HTTP Bind service on.
*/
private synchronized void configureHttpBindServer(int port, int securePort) {
httpBindServer = new Server();
final QueuedThreadPool tp = new QueuedThreadPool(JiveGlobals.getIntProperty(HTTP_BIND_THREADS, HTTP_BIND_THREADS_DEFAULT));
tp.setName("Jetty-QTP-BOSH");
httpBindServer = new Server(tp);
if (JMXManager.isEnabled()) {
JMXManager jmx = JMXManager.getInstance();
httpBindServer.getContainer().addEventListener(jmx.getContainer());
httpBindServer.addBean(jmx.getContainer());
}
final QueuedThreadPool tp = new QueuedThreadPool(
JiveGlobals.getIntProperty(HTTP_BIND_THREADS, HTTP_BIND_THREADS_DEFAULT));
tp.setName("Jetty-QTP-BOSH");
httpBindServer.setThreadPool(tp);
createConnector(port);
createSSLConnector(securePort);
if (httpConnector == null && httpsConnector == null) {
......
src/java/org/jivesoftware/openfire/http/HttpConnection.java
View file @ 5564cd1d
......@@ -22,7 +22,9 @@ package org.jivesoftware.openfire.http;
import org.jivesoftware.util.JiveConstants;
import org.eclipse.jetty.continuation.Continuation;
import org.eclipse.jetty.util.log.Log;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.security.cert.X509Certificate;
......@@ -34,7 +36,8 @@ import java.security.cert.X509Certificate;
* @author Alexander Wenckus
*/
public class HttpConnection {
private static final Logger Log = LoggerFactory.getLogger(HttpConnection.class);
private static final String RESPONSE_BODY = "response-body";
private static final String CONNECTION_CLOSED = "connection closed";
......
src/plugins/jitsivideobridge/src/apps/index.html
View file @ 5564cd1d
......@@ -3,7 +3,7 @@
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Jappix - Forbidden</title>
<title>Jitsi Videobridge - Forbidden</title>
</head>
<body>
......
src/plugins/jitsivideobridge/src/java/org/jitsi/videobridge/openfire/PluginImpl.java
View file @ 5564cd1d
......@@ -51,7 +51,7 @@ import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.webapp.WebAppContext;
import org.eclipse.jetty.http.security.*;
import org.eclipse.jetty.util.security.*;
import org.eclipse.jetty.security.*;
import org.eclipse.jetty.security.authentication.*;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023