Merge pull request #28 from Flowdalic/jettyupdate

OF-709: Update Jetty from 7.4 to 9.1.5

build/lib/versions.txt

@@ -16,16 +16,25 @@ dom4j.jar                           | 1.6.1
 concurrentlinkedhashmap-lru         | concurrentlinkedhashmap-lru-1.0_jdk5                         | Apache 2.0
 dbutil.jar                          | Jive Code, no release version.                               | GPL
 hsqldb.jar                          | 1.8.0.5                                                      | BSD (http://hsqldb.org/web/hsqlLicense.html)
-jetty-continuation.jar              | Jetty 7.5.4.v20111024                                        | Apache 2.0, Eclipse 1.0
-jetty-http.jar                      | Jetty 7.5.4.v20111024                                        | Apache 2.0, Eclipse 1.0
-jetty-io.jar                        | Jetty 7.5.4.v20111024                                        | Apache 2.0, Eclipse 1.0
-jetty-security.jar                  | Jetty 7.5.4.v20111024                                        | Apache 2.0, Eclipse 1.0
-jetty-server.jar                    | Jetty 7.5.4.v20111024                                        | Apache 2.0, Eclipse 1.0
-jetty-servlet.jar                   | Jetty 7.5.4.v20111024                                        | Apache 2.0, Eclipse 1.0
-jetty-util.jar                      | Jetty 7.5.4.v20111024                                        | Apache 2.0, Eclipse 1.0
-jetty-webapp.jar                    | Jetty 7.5.4.v20111024                                        | Apache 2.0, Eclipse 1.0
-jetty-websocket.jar                 | Jetty 7.5.4.v20111024                                        | Apache 2.0, Eclipse 1.0
-jetty-xml.jar                       | Jetty 7.5.4.v20111024                                        | Apache 2.0, Eclipse 1.0
+jetty-continuation.jar              | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+jetty-http.jar                      | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+jetty-io.jar                        | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+jetty-security.jar                  | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+jetty-server.jar                    | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+jetty-servlet.jar                   | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+jetty-util.jar                      | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+jetty-webapp.jar                    | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+jetty-websocket.jar                 | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+jetty-xml.jar                       | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+spdy-client.jar                     | Jetty 9.1.5.v20140505 (see #3)                               | Apache 2.0, Eclipse 1.0
+spdy-core.jar                       | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+spdy-http.jar               	    | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+spdy-http-common.jar                | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+spdy-server.jar                     | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+websocket-api.jar                   | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+websocket-common.jar                | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+websocket-server.jar                | Jetty 9.1.5.v20140505                                        | Apache 2.0, Eclipse 1.0
+websocket-servlet.jar               | Jetty 9.1.5.v20140505 					   | Apache 2.0, Eclipse 1.0
 jasper-compiler.jar                 | Jetty 6.1.0 (5.5.15)                                         |
 jasper-runtime.jar                  | Jetty 6.1.0 (5.5.15)                                         |
 jaxen.jar                           | 1.1 beta 4 (from DOM4J 1.6.1)                                | Apache 1.1
@@ -64,7 +73,9 @@ xmltask.jar                         | 1.11
 xpp3.jar                            | XPP_3 1.1.4c                                                 | BSD (http://www.extreme.indiana.edu/viewcvs/~checkout~/XPP3/java/LICENSE.txt)
 
 
+
 Notes
 -----
 1) proxool - patched ProxyConnection to send log message in #registerClosedStatement to debug instead of warn
 2) mina-filter-ssl - applied patch to resize buffers OF-496 DIRMINA-914. Source code used: https://git-wip-us.apache.org/repos/asf?p=mina.git;a=commit;h=dd6395befe672d7bdb210b28b1b81592a3dc5e64
+3) npn-boot-1.1.7.v20140316.jar added to dist folder

src/conf/openfire.xml

@@ -33,4 +33,14 @@
         <interface></interface>
     </network>
     -->
+
+    <!-- SPDY  Protocol is npn. 
+    	(note: npn does not work with Java 8) 
+    	add -Xbootclasspath/p:/OPENFIRE_HOME/lib/npn-boot.jar to .vmoptions file    -->
+
+    <!--     
+    <spdy> 
+    	<protocol>npn</protocol> 
+    </spdy> 
+    -->
 </jive>

src/java/org/jivesoftware/openfire/JMXManager.java

@@ -104,10 +104,8 @@ public class JMXManager {
 	}
 
 	private void start() {
-		
+
 		setContainer(new MBeanContainer(ManagementFactory.getPlatformMBeanServer()));
-		getContainer().addBean(org.eclipse.jetty.util.log.Log.getLog());
-		
 		int jmxPort = JMXManager.getPort();
 		String jmxUrl = "/jndi/rmi://localhost:" + jmxPort + "/jmxrmi";
 		Map<String, Object> env = new HashMap<String, Object>();

src/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java

@@ -33,20 +33,24 @@ import javax.management.remote.JMXPrincipal;
 import javax.management.remote.JMXServiceURL;
 import javax.security.auth.Subject;
 
-import org.eclipse.jetty.http.ssl.SslContextFactory;
 import org.eclipse.jetty.jmx.ConnectorServer;
 import org.eclipse.jetty.jmx.MBeanContainer;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.server.HttpConfiguration;
+import org.eclipse.jetty.server.HttpConnectionFactory;
+import org.eclipse.jetty.server.SecureRequestCustomizer;
+import org.eclipse.jetty.server.ServerConnector;
+import org.eclipse.jetty.server.SslConnectionFactory;
 import org.eclipse.jetty.server.handler.ContextHandlerCollection;
 import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerCollection;
-import org.eclipse.jetty.server.nio.SelectChannelConnector;
-import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.thread.QueuedThreadPool;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.eclipse.jetty.webapp.WebAppContext;
+import org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector;
 import org.jivesoftware.openfire.JMXManager;
 import org.jivesoftware.openfire.XMPPServer;
 import org.jivesoftware.openfire.admin.AdminManager;
@@ -108,27 +112,32 @@ public class AdminConsolePlugin implements Plugin {
 
         adminPort = JiveGlobals.getXMLProperty("adminConsole.port", 9090);
         adminSecurePort = JiveGlobals.getXMLProperty("adminConsole.securePort", 9091);
-        adminServer = new Server();
+
+        final QueuedThreadPool tp = new QueuedThreadPool(254);
+        tp.setName("Jetty-QTP-AdminConsole");
+
+        adminServer = new Server(tp);
+
         if (JMXManager.isEnabled()) {
         	JMXManager jmx = JMXManager.getInstance();
-        	adminServer.getContainer().addEventListener(jmx.getContainer());
         	adminServer.addBean(jmx.getContainer());
         }
-        final QueuedThreadPool tp = new QueuedThreadPool(254);
-        tp.setName("Jetty-QTP-AdminConsole");
-        adminServer.setThreadPool(tp);
-        
-        // Do not send Jetty info in HTTP headers
-        adminServer.setSendServerVersion(false);
+
+        ServerConnector httpConnector = null;
+		ServerConnector httpsConnector = null;
+		HttpConfiguration httpConfig = null;
 
         // Create connector for http traffic if it's enabled.
         if (adminPort > 0) {
-            Connector httpConnector = new SelectChannelConnector();
+			httpConfig = new HttpConfiguration();
+
+        	// Do not send Jetty info in HTTP headers
+			httpConfig.setSendServerVersion( false );
+            httpConnector = new ServerConnector(adminServer, new HttpConnectionFactory(httpConfig));
             // Listen on a specific network interface if it has been set.
             String bindInterface = getBindInterface();
             httpConnector.setHost(bindInterface);
             httpConnector.setPort(adminPort);
-            httpConnector.setStatsOn(JMXManager.isEnabled());
             adminServer.addConnector(httpConnector);
         }
 
@@ -141,21 +150,35 @@ public class AdminConsolePlugin implements Plugin {
                         XMPPServer.getInstance().getServerInfo().getXMPPDomain())) {
                     Log.warn("Admin console: Using RSA certificates but they are not valid for the hosted domain");
                 }
-             
-                final SslContextFactory sslContextFactory = new SslContextFactory(SSLConfig.getKeystoreLocation());
+
+                final SslContextFactory sslContextFactory = new SslContextFactory();
                 sslContextFactory.setTrustStorePassword(SSLConfig.gets2sTrustPassword());
                 sslContextFactory.setTrustStoreType(SSLConfig.getStoreType());
-                sslContextFactory.setTrustStore(SSLConfig.gets2sTruststoreLocation());
+                sslContextFactory.setKeyStorePath(SSLConfig.getKeystoreLocation());
                 sslContextFactory.setNeedClientAuth(false);
                 sslContextFactory.setWantClientAuth(false);
                 sslContextFactory.setKeyStorePassword(SSLConfig.getKeyPassword());
                 sslContextFactory.setKeyStoreType(SSLConfig.getStoreType());
-                
-                final SslSelectChannelConnector httpsConnector = new SslSelectChannelConnector(sslContextFactory);
+
+				if ("npn".equals(JiveGlobals.getXMLProperty("spdy.protocol", "")))
+				{
+					httpsConnector = new HTTPSPDYServerConnector(adminServer, sslContextFactory);
+
+				} else {
+					HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
+					httpsConfig.setSecureScheme("https");
+					httpsConfig.setSecurePort(adminSecurePort);
+					httpsConfig.addCustomizer(new SecureRequestCustomizer());
+
+					HttpConnectionFactory httpConnectionFactory = new HttpConnectionFactory(httpsConfig);
+					SslConnectionFactory sslConnectionFactory = new SslConnectionFactory(sslContextFactory, org.eclipse.jetty.http.HttpVersion.HTTP_1_1.toString());
+
+                	httpsConnector = new ServerConnector(adminServer, sslConnectionFactory, httpConnectionFactory);
+				}
+
                 String bindInterface = getBindInterface();
                 httpsConnector.setHost(bindInterface);
                 httpsConnector.setPort(adminSecurePort);
-                httpsConnector.setStatsOn(JMXManager.isEnabled());
                 adminServer.addConnector(httpsConnector);
 
                 sslEnabled = true;
@@ -330,13 +353,19 @@ public class AdminConsolePlugin implements Plugin {
                 getBindInterface();
         boolean isPlainStarted = false;
         boolean isSecureStarted = false;
+        boolean isSPDY = false;
+
         for (Connector connector : adminServer.getConnectors()) {
-            if (connector.getPort() == adminPort) {
+            if (((ServerConnector) connector).getPort() == adminPort) {
                 isPlainStarted = true;
             }
-            else if (connector.getPort() == adminSecurePort) {
+            else if (((ServerConnector) connector).getPort() == adminSecurePort) {
                 isSecureStarted = true;
             }
+
+           	if (connector instanceof HTTPSPDYServerConnector) {
+				isSPDY = true;
+			}
         }
 
         if (isPlainStarted && isSecureStarted) {
@@ -344,10 +373,10 @@ public class AdminConsolePlugin implements Plugin {
                     "  http://" + hostname + ":" +
                     adminPort + System.getProperty("line.separator") +
                     "  https://" + hostname + ":" +
-                    adminSecurePort);
+                    adminSecurePort + (isSPDY ? " (SPDY)" : ""));
         }
         else if (isSecureStarted) {
-            log(listening + " https://" + hostname + ":" + adminSecurePort);
+            log(listening + " https://" + hostname + ":" + adminSecurePort + (isSPDY ? " (SPDY)" : ""));
         }
         else if (isPlainStarted) {
             log(listening + " http://" + hostname + ":" + adminPort);

src/java/org/jivesoftware/openfire/http/HttpBindManager.java

@@ -27,19 +27,24 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
-import org.eclipse.jetty.http.ssl.SslContextFactory;
 import org.eclipse.jetty.server.AbstractConnector;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.server.HttpConfiguration;
+import org.eclipse.jetty.server.HttpConnectionFactory;
+import org.eclipse.jetty.server.SecureRequestCustomizer;
+import org.eclipse.jetty.server.ServerConnector;
+import org.eclipse.jetty.server.SslConnectionFactory;
+import org.eclipse.jetty.server.ForwardedRequestCustomizer;
 import org.eclipse.jetty.server.handler.ContextHandlerCollection;
 import org.eclipse.jetty.server.handler.DefaultHandler;
 import org.eclipse.jetty.server.handler.HandlerCollection;
-import org.eclipse.jetty.server.nio.SelectChannelConnector;
-import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
+import org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.servlet.ServletHolder;
 import org.eclipse.jetty.util.thread.QueuedThreadPool;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.eclipse.jetty.webapp.WebAppContext;
 import org.jivesoftware.openfire.JMXManager;
 import org.jivesoftware.openfire.XMPPServer;
@@ -194,11 +199,13 @@ public final class HttpBindManager {
     private void createConnector(int port) {
         httpConnector = null;
         if (port > 0) {
-            SelectChannelConnector connector = new SelectChannelConnector();
+			HttpConfiguration httpConfig = new HttpConfiguration();
+			configureProxiedConnector(httpConfig);
+            ServerConnector connector = new ServerConnector(httpBindServer, new HttpConnectionFactory(httpConfig));
+
             // Listen on a specific network interface if it has been set.
             connector.setHost(getBindInterface());
             connector.setPort(port);
-            configureProxiedConnector(connector);
             httpConnector = connector;
         }
     }
@@ -213,10 +220,10 @@ public final class HttpBindManager {
                             "the hosted domain");
                 }
 
-                final SslContextFactory sslContextFactory = new SslContextFactory(SSLConfig.getKeystoreLocation());
+                final SslContextFactory sslContextFactory = new SslContextFactory();
                 sslContextFactory.setTrustStorePassword(SSLConfig.getc2sTrustPassword());
                 sslContextFactory.setTrustStoreType(SSLConfig.getStoreType());
-                sslContextFactory.setTrustStore(SSLConfig.getc2sTruststoreLocation());
+                sslContextFactory.setKeyStorePath(SSLConfig.getKeystoreLocation());
                 sslContextFactory.setKeyStorePassword(SSLConfig.getKeyPassword());
                 sslContextFactory.setKeyStoreType(SSLConfig.getStoreType());
 
@@ -232,11 +239,25 @@ public final class HttpBindManager {
                 	sslContextFactory.setNeedClientAuth(false);
                 	sslContextFactory.setWantClientAuth(false);
                 }
-                
-                final SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslContextFactory);
+
+ 				HttpConfiguration httpsConfig = new HttpConfiguration();
+				httpsConfig.setSecureScheme("https");
+				httpsConfig.setSecurePort(securePort);
+ 				configureProxiedConnector(httpsConfig);
+ 				httpsConfig.addCustomizer(new SecureRequestCustomizer());
+
+ 				ServerConnector sslConnector = null;
+
+				if ("npn".equals(JiveGlobals.getXMLProperty("spdy.protocol", "")))
+				{
+					sslConnector = new HTTPSPDYServerConnector(httpBindServer, sslContextFactory);
+				} else {
+
+					sslConnector = new ServerConnector(httpBindServer, new SslConnectionFactory(sslContextFactory, "http/1.1"),
+																	   new HttpConnectionFactory(httpsConfig));
+				}
                 sslConnector.setHost(getBindInterface());
                 sslConnector.setPort(securePort);
-                configureProxiedConnector(sslConnector);
                 httpsConnector = sslConnector;
             }
         }
@@ -244,34 +265,35 @@ public final class HttpBindManager {
             Log.error("Error creating SSL connector for Http bind", e);
         }
     }
-    
-    private void configureProxiedConnector(AbstractConnector connector) {
+
+    private void configureProxiedConnector(HttpConfiguration httpConfig) {
         // Check to see if we are deployed behind a proxy
         // Refer to http://docs.codehaus.org/display/JETTY/Configuring+Connectors
         if (isXFFEnabled()) {
-        	connector.setForwarded(true);
+        	ForwardedRequestCustomizer customizer = new ForwardedRequestCustomizer();
         	// default: "X-Forwarded-For"
         	String forwardedForHeader = getXFFHeader();
         	if (forwardedForHeader != null) {
-        		connector.setForwardedForHeader(forwardedForHeader);
+        		customizer.setForwardedForHeader(forwardedForHeader);
         	}
         	// default: "X-Forwarded-Server"
         	String forwardedServerHeader = getXFFServerHeader();
         	if (forwardedServerHeader != null) {
-        		connector.setForwardedServerHeader(forwardedServerHeader);
+        		customizer.setForwardedServerHeader(forwardedServerHeader);
         	}
         	// default: "X-Forwarded-Host"
         	String forwardedHostHeader = getXFFHostHeader();
         	if (forwardedHostHeader != null) {
-        		connector.setForwardedHostHeader(forwardedHostHeader);
+        		customizer.setForwardedHostHeader(forwardedHostHeader);
         	}
         	// default: none
         	String hostName = getXFFHostName();
         	if (hostName != null) {
-        		connector.setHostHeader(hostName);
+        		customizer.setHostHeader(hostName);
         	}
+
+        	httpConfig.addCustomizer(customizer);
         }
-        connector.setStatsOn(JMXManager.isEnabled());
    }
 
     private String getBindInterface() {
@@ -491,17 +513,15 @@ public final class HttpBindManager {
      * @param securePort the port to start the TLS (secure) HTTP Bind service on.
      */
     private synchronized void configureHttpBindServer(int port, int securePort) {
-        httpBindServer = new Server();
+        final QueuedThreadPool tp = new QueuedThreadPool(JiveGlobals.getIntProperty(HTTP_BIND_THREADS, HTTP_BIND_THREADS_DEFAULT));
+        tp.setName("Jetty-QTP-BOSH");
+
+        httpBindServer = new Server(tp);
         if (JMXManager.isEnabled()) {
         	JMXManager jmx = JMXManager.getInstance();
-        	httpBindServer.getContainer().addEventListener(jmx.getContainer());
         	httpBindServer.addBean(jmx.getContainer());
         }
-        final QueuedThreadPool tp = new QueuedThreadPool(
-        		JiveGlobals.getIntProperty(HTTP_BIND_THREADS, HTTP_BIND_THREADS_DEFAULT));
-        tp.setName("Jetty-QTP-BOSH");
-        httpBindServer.setThreadPool(tp);
-        
+
         createConnector(port);
         createSSLConnector(securePort);
         if (httpConnector == null && httpsConnector == null) {

src/java/org/jivesoftware/openfire/http/HttpConnection.java

@@ -22,7 +22,9 @@ package org.jivesoftware.openfire.http;
 
 import org.jivesoftware.util.JiveConstants;
 import org.eclipse.jetty.continuation.Continuation;
-import org.eclipse.jetty.util.log.Log;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.security.cert.X509Certificate;
 
@@ -34,7 +36,8 @@ import java.security.cert.X509Certificate;
  * @author Alexander Wenckus
  */
 public class HttpConnection {
-	
+
+    private static final Logger Log = LoggerFactory.getLogger(HttpConnection.class);
     private static final String RESPONSE_BODY = "response-body";
     private static final String CONNECTION_CLOSED = "connection closed";
 

src/plugins/jitsivideobridge/src/apps/index.html

@@ -3,7 +3,7 @@
 
 <head>
 	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-	<title>Jappix - Forbidden</title>
+	<title>Jitsi Videobridge - Forbidden</title>
 </head>
 
 <body>

src/plugins/jitsivideobridge/src/java/org/jitsi/videobridge/openfire/PluginImpl.java

@@ -51,7 +51,7 @@ import org.eclipse.jetty.server.handler.ContextHandlerCollection;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.servlet.ServletHolder;
 import org.eclipse.jetty.webapp.WebAppContext;
-import org.eclipse.jetty.http.security.*;
+import org.eclipse.jetty.util.security.*;
 import org.eclipse.jetty.security.*;
 import org.eclipse.jetty.security.authentication.*;