Dse netty 4.1.34.final #18

… version. (netty#8289) Motivation: 6ed7c6c added a test which blindly assumed we can use a KeyManagerFactory all the time. This is only true if have OpenSSL 1.0.2 or later, which may not be the case. Modifications: Only use KeyManagerFactory in test if the OpenSSL version does support it. Result: More robust tests.

…ows an UnsupportedOperationException. (netty#8290) Motivation: 6ed7c6c added support for ExtendedOpenSslSession but we did not override getStatusResponses(). This lead to test failures on java9. Modifications: Implement ExtendedOpenSslSession.getStatusResponses() so it just returns an empty list. Result: Test pass again on Java9.

…tty#8286) Motivation: Get charset from Content-Type header even it contains multiple parameters. Modification: Extract charset value from the charset parameter if it is not last. Result: Fixes netty#8273

Motivation: Conscrypt 1.3.0 was just released and adds support for TLSv1.3 Modifications: Update to 1.3.0 Result: Use latest conscrypt during build / test.

Motivation: If you encode a SOCKS5 message like new DefaultSocks5CommandResponse(FAILURE, DOMAIN, "", 0) you correctly get a result of 05010003000000. But if the bndAddr is null, for example like new DefaultSocks5CommandResponse(FAILURE, DOMAIN) the encoded result is 0501000301000000 which means the domain name has a length of one and consists of a 0-byte. Modification: With this commit it is also correctly encoded as a string of 0 length. Result: Correctly encode empty SOCKS5 address

…enceCountedOpenSslEngine (netty#8297) Motivation: Java9 added getStatusResponses() to ExtendedSSLSession which we should correctly support when possible. Modifications: Implement the method correctly. Result: More complete and correct implementation.

Motivation: I noticed that we had some errors showing up in a test (which did not fail it tho) because we tried to full-fill the promise multiples times. Modifications: Use trySuccess(...) as we may produce multiple exceptions. Result: Less errors during test-run.

Motivation: In theory our estimation of the needed buffer could be off and so we need to ensure we grow it if there is no space left. Modifications: Ensure we grow the buffer if there is no space left in there but we still have data to deflate. Result: Correctly deflate data in all cases.

Motivation: We should use final Java11 release during builds. Modifications: Update to final Java11 release Result: Use latest release.

Motivation: We need to release the ReferenceCountedSslContext to eliminate resource leaks. Reported in https://garage.netty.io/teamcity/viewLog.html?buildId=33353&buildTypeId=netty_build_oraclejdk8&tab=buildLog#_focus=157264. Modifications: Call release on the SslContext instances. Result: No more leaks in tests.

Motivation: First EA releases of Java12 are out we should be able to compile with these and run tests. Modifications: Add maven profile for java12. Result: Be able to use Java12

netty#8318) (netty#8319) Motivation Applications should not depend on internal packages with Java 9 and later. This cause a warning now, but will break in future versions of Java. Modification This change adds methods to UnixResolverDnsServerAddressStreamProvider (following after netty#6844) that parse /etc/resolv.conf for domain and search entries. Then DnsNameResolver does not need to rely on sun.net.dns.ResolverConfiguration to do this. Result Fixes netty#8318. Furthermore, at least in my testing with Java 11, this also makes multiple search entries work properly (previously I was only getting the first entry).

…in buffer. (netty#8325) Motivation: We need to ensure the Cumulator always releases the input buffer if it can not take over the ownership of it as otherwise it may leak. Modifications: - Correctly ensure the buffer is always released. - Add unit tests. Result: Ensure buffer is always released.

Motivation: We should add some command to be able to run all tests with leak detection enabled. This will then be used on the CI during PR builds. Modifications: Add new docker-compose config to run with leak-detection enabled. Result: Easy way to enable leak detection while running tests via docker.

Motivation: 4d14586 did fix some leaks in SniClientTest but missed the ones in SniClientJava8TestUtil. Modifications: Correctly release SslContext. Result: No more leaks in SNI tests.

Motivation: The first EA builds for Java12 are released so we should allow to run with these in our docker-compose setup. Modifications: Add docker-compose configs for Java12. Result: Be able to run easily with Java12 as well.

…etty#8314) * Add cache for CNAME mappings resolved during lookup of DNS entries. Motivation: If the CNAMEd hostname is backed by load balancing component, typically the final A or AAAA DNS records have small TTL. However, the CNAME record itself is setup with longer TTL. For example: * x.netty.io could be CNAMEd to y.netty.io with TTL of 5 min * A / AAAA records for y.netty.io has a TTL of 0.5 min In current Netty implementation, original hostname is saved in resolved cached with the TTL of final A / AAAA records. When that cache entry expires, Netty recursive resolver sends at least two queries — 1st one to be resolved as CNAME record and the 2nd one to resolve the hostname in CNAME record. If CNAME record was cached, only the 2nd query would be needed most of the time. 1st query would be needed less frequently. Modifications: Add a new CnameCache that will be used to cache CNAMEs and so may reduce queries. Result: Less queries needed when CNAME is used.

…netty#8316) * Use AuthoritativeDnsServerCache for creating the new redirect stream. Motivation: At the moment if a user wants to provide custom sorting of the nameservers used for redirects it needs to be implemented in two places. This is more complicated as it needs to be. Modifications: - Just delegate to the AuthoritativeDnsServerCache always as we fill it before we call newRedirectDnsServerStream anyway. Result: Easier way for the user to implement custom sorting.

…d with the OpenSSL provider. (netty#8307) Motivation: When a X509TrustManager is used while configure the SslContext the JDK automatically does some extra checks during validation of provided certs by the remote peer. We should do the same when our native implementation is used. Modification: - Automatically wrap a X509TrustManager and so do the same validations as the JDK does. - Add unit tests. Result: More consistent behaviour. Fixes netty#6664.

…t. (netty#8333) Motivation: a208f6d added a testcase which uses hostname validation which may not be supported by OpenSSL depending on the version that is used. We should check first before we try to use it. Modifications: Add assumeTrue(...) check to ensure hostname validation is supported before trying to run the test. Result: No more test-failures on OpenSSL versions < 1.0.2.

…ng server-side and support more methods of ExtendedSSLSession. (netty#8283) Motivation: Before when on server-side we just called the X509KeyManager methods when handshake() was called the first time which is not quite correct as we may not have received the full SSL hello / handshake and so could not extra for example the SNI hostname that was requested. OpenSSL exposes the SSL_CTX_set_cert_cb function which allows to set a callback which is executed at the correct moment, so we should use it. This also allows us to support more methods of ExtendedSSLSession easily. Modifications: - Make use of new methods exposed by netty-tcnative since netty/netty-tcnative#388 to ensure we select the key material at the correct time. - Implement more methods of ExtendedOpenSslSession - Add unit tests to ensure we are able to retrieve various things on server-side in the X509KeyManager and so verify it is called at the correct time. - Simplify code by using new netty-tcnative methods. Result: More correct implementation for server-side usage and more complete implemented of ExtendedSSLSession.

Motivation The EpollChannelConfig (same for KQueues) and its subclasses repeatetly declare their own channel field which leads to a 3x repetition for each config instance. Given the fields are protected or package-private it's exposing the code code to "field hiding" bugs. Modifications Use the the existing protected channel field from the DefaultChannelConfig class and simply cast it when needed. Result Fixes netty#8331

…ailure (netty#8332) Motivation: When writing an HTTP/2 HEADERS with END_STREAM=1, the application expects the stream to be closed afterward. However, the write can fail locally due to HPACK encoder and similar. When that happens we need to make sure to issue a RST_STREAM otherwise the stream can be closed locally but orphaned remotely. The RST_STREAM is typically handled by Http2ConnectionHandler.onStreamError, which will only send a RST_STREAM if that stream still exists locally. There are two possible flows for trailers, one handled immediately and one going through the flow controller. Previously they behaved differently, with the immedate code calling the error handler after closing the stream. The immediate code also used a listener for calling closeStreamLocal while the flow controlled code did so immediately after the write. The two code paths also differed in their VoidChannelPromise handling, but both were broken. The immediate code path called unvoid() only if END_STREAM=1, however it could always potentially add a listener via notifyLifecycleManagerOnError(). And the flow controlled code path unvoided incorrectly, changing the promise completion behavior. It also passed the wrong promise to closeStreamLocal() in FlowControlledBase. Modifications: Move closeStreamLocal handling after calls to onError. This is the primary change. Now call closeStreamLocal immediately instead of when the future completes. This is the more likely correct behavior as it matches that of DATA frames. Fix all the VoidChannelPromise handling. Result: Http2ConnectionHandler.onStreamError sees the same state as the remote and issues a RST_STREAM, properly cleaning up the stream.

Motivation: Add an option (through a SelectStrategy return code) to have the Netty event loop thread to do busy-wait on the epoll. The reason for this change is to avoid the context switch cost that comes when the event loop thread is blocked on the epoll_wait() call. On average, the context switch has a penalty of ~13usec. This benefits both: The latency when reading from a socket Scheduling tasks to be executed on the event loop thread. The tradeoff, when enabling this feature, is that the event loop thread will be using 100% cpu, even when inactive. Modification: Added SelectStrategy option to return BUSY_WAIT Epoll loop will do a epoll_wait() with no timeout Use pause instruction to hint to processor that we're in a busy loop Result: When enabled, minimizes impact of context switch in the critical path

) Motivation: No need in varargs, the method always accepts array. Modification: ... replaced with []

Motivation: Unless the 'io.netty.noKeySetOptimization' system property is set, registering a SelectableChannel instance to a NioEventLoop results in a ClassCastException: io.netty.channel.nio.SelectedSelectionKeySetSelector cannot be cast to java.nio.channels.spi.AbstractSelector Modifications: Instead of 'selector', pass 'unwrappedSelector' to SelectableChannel. Result: It is possible to register a SelectableChannel instance without setting the 'io.netty.noKeySetOptimization' system property.

…ty#8347) Motivation: Avoid creating any StringBuilder instance if ByteBufInputStream::readLine isn't used Modifications: The StringBuilder instance is lazy allocated on demand and are added new test case branches to address the increased complexity of ByteBufInputStream::readLine Result: Reduced GC activity if ByteBufInputStream::readLine isn't used

Motivation: Seems like IntegerHolder counterHashCode field is the very old legacy field that is no longer used. Should be marked as deprecated and removed in the future versions. Modification: IntegerHolder class, InternalThreadLocalMap.counterHashCode() and InternalThreadLocalMap.setCounterHashCode(IntegerHolder counterHashCode) are now deprecated.

…ails. (netty#8349) Motivation: Currently we may end up in the situation that we incremented the pending bytes before submitting the AbstractWriteTask but never decrement these again if the submitting of the task fails. This may result in incorrect watermark handling. Modifications: - Correctly decrement pending bytes if subimitting of task fails and also ensure we recycle it correctly. - Add unit test. Result: Fixes netty#8343.

…archdomain. (netty#8351) Motivation: ba594bc added a utility to parse searchdomains defined in /etc/resolv.conf but did not correctly handle the case when multiple are defined that are seperated by either whitespace or tab. Modifications: - Correctly parse multiple entries - Add unit test. Result: Correctly parse multiple searchdomain entries.

Motivation: epoll_wait should work in 4.1.30 like it did in 4.1.29. Modifications: Revert Integer.MAX_VALUE back to MAX_SCHEDULED_TIMERFD_NS (999,999,999). Add unit test. Result: epoll_wait will no longer throw EINVAL.

…etty#8378) Motivation: It is possible that a client is unable to locate a certificate alias given the list of issuers and key types. In this case the X509KeyManager will return a null which when past to the OpenSslKeyMaterialProvider implementation may produce a NPE. If no matching alias could be found we should not call OpenSslKeyMaterialProvider at all which is also consistent what OpenJDK does. Modifications: - Add null check before calling OpenSslKeyMaterialProvider - Add unit test. Result: No more NPE caused by passing null as client alias.

…cOS (netty#8379) Motivation: MACOSX_DEPLOYMENT_TARGET=10.6 needs to be used as everything before is not supported in 10.14 anymore. 10.6 was released 2009 so this should be a safe thing to do. Modifications: Use MACOSX_DEPLOYMENT_TARGET=10.6 Result: Be able to compile on MacOS 10.14

Motivation: While looking at the nice optimization done in netty#8347 I couldn't help noticing the logic could be simplified further. Apologies if this is just my OCD and inappropriate! Modifications: Reduce amount of code used for ByteBufInputStream.readLine() Result: Slightly smaller and simpler code

Motivation: It has shown that the used test timeout may be too low when the CI is busy. Modifications: Increase timeout to 3 seconds. Result: Less false-positives.

@deprecated

Motivation: Java since version 6 has the wrapper for the ConcurrentHashMap that could be created via Collections.newSetFromMap(map). So no need to create own ConcurrentSet class. Also, since netty plans to switch to Java 8 soon there is another method for that - ConcurrentHashMap.newKeySet(). For now, marking this class @deprecated would be enough, just to warn users who use netty's ConcurrentSet. After switching to Java 8 ConcurrentSet should be removed and replaced with ConcurrentHashMap.newKeySet(). Modification: ConcurrentSet deprecated.

Motivation: - Version 0.3 would sometimes fail to report failing tests - New version contains upgraded version of h2spec Modifications: - Bump h2spec-maven-plugin to 0.6 - Remove excluded specs that are no passing - Add failing spec "half closed (remote): Sends a HEADERS frame" to exclude list Result: Build will fail when non excluded specs fails.

Motivation: JdkSslContext provides public constructors to wrap an existing `javax.net.ssl.SSLContext`. Sadly, some options combinations are not possible with the existing constructors, eg: * protocols is not exposed and always forced to null, so default protocols are always enforced * startTls is not exposed and always forced to false Modification: Add full constructor that take protocols and startTls parameters. Result: It's possible to create a JdkSslContext from an existing SSLContext and still have control over protocols and startTls

Motivation: TLSv1.3 support is included in java11 and is also supported by OpenSSL 1.1.1, so we should support when possible. Modifications: - Add support for TLSv1.3 using either the JDK implementation or the native implementation provided by netty-tcnative when compiled against openssl 1.1.1 - Adjust unit tests for semantics provided by TLSv1.3 - Correctly handle custom Provider implementations that not support TLSv1.3 Result: Be able to use TLSv1.3 with netty.

…ould use an empty classifier. (netty#8396) Motivation: We publish an "uber-jar" for netty-tcnative-boringssl-static so we should use it when testing against boringssl. Modifications: Ensure we use empty classifier. Result: Use uber-jar when testing

…n when constructor throws. (netty#8399) Motivation: When the constructor of OpenSslEngine threw we could end up to self call SSL_free by ourself and then have the finalizer do the same which may lead to double free-ing and so SIGSEV. Modifications: Just call shutdown() when the constructor throws and so ensure SSL_free is guarded correctly in the finalizer. Result: No more SIGSEV possible.

…ty#8402) Motivation: We need to update jetty-alpn-agent to be able to run tests with OpenJDK 8u191 Modifications: Update to 2.0.8 Result: Be able to run tests with latest JDK 8 release.

…java version changes. (netty#8397) Motivation: We should explicit specify the java version to use to ensure docker will rebuild the image once a new java version was released and we specify it. Also we should use openjdk for testing when possible. Modifications: - Explicit specify the java versions to use - Use openjdk when possible. Result: Ensure latest java versions are used during testing

… 11. (netty#8394) Motivation: At the moment it's only possible to use TLSv1.3 with netty-tcnative if Java 11 is used. It should be possible to do so even with Java 8, 9 and 10. Modification: Add a workaround to be able to use TLSv1.3 also when using Java version prior to Java 11 and the default X509ExtendedTrustManager is used. Result: Be able to use TLSv1.3 also with past versions of Java.

Motivation: As mentioned in RFC 7692 : The "server_no_context_takeover" Extension Parameter should be used on server side for compression and on client side for decompression. The "client_no_context_takeover" Extension Parameter should be used on client side for compression and on server side for decompression. Right now, in PerMessageDeflateClientExtensionHandshaker, the decoder uses clientNoContext instead of serverNoContext and the encoder uses serverNoContext instead of clientNoContext. The same inversion is present in PerMessageDeflateServerExtensionHandshaker: the decoder uses serverNoContext instead of clientNoContext, while the encoder uses serverNoContext instead of clientNoContext. Besides the context inversion, the sliding window sizes seem to be inversed as well. Modification: Inverse clientNoContext with serverNoContext and clientWindowSize with serverWindowSize for both the Decoder and Encoder in PerMessageDeflateServerExtensionHandshaker and PerMessageDeflateClientExtensionHandshaker. Result: This fixes the decompression fail in the case that one of the contexts is set and the other one is not.

…-static (netty#8404) Motivation: 2109f14 corrected how we run the testsuite with boringssl-static but missed to also adjust the testsuite-shading configuration which lead to test failures. Modifications: Correctly compose the native lib name when no classifier is used. Result: Testsuite passes again.

…tty#8403) Motivation: CompositeByteBuf.decompose(...) did not correctly slice the content and so produced an incorrect representation of the data. Modifications: - Rewrote implementation to fix bug and also improved it to reduce GC - Add unit tests. Result: Fixes netty#8400.

…stractByteBuf.toString(...)` and `AbstractByteBuf.getCharSequence(...)` (netty#8388) Motivation: Our current implementation that is used for toString(Charset) operations on AbstractByteBuf implementation is quite slow as it does a lot of uncessary memory copies. We should just use new String(...) as it has a lot of optimizations to handle these cases. Modifications: Rewrite ByteBufUtil.decodeString(...) to use new String(...) Result: Less overhead for toString(Charset) operations. Benchmark (charsetName) (direct) (size) Mode Cnt Score Error Units ByteBufUtilDecodeStringBenchmark.decodeString US-ASCII false 8 thrpt 20 22401645.093 ? 4671452.479 ops/s ByteBufUtilDecodeStringBenchmark.decodeString US-ASCII false 64 thrpt 20 23678483.384 ? 3749164.446 ops/s ByteBufUtilDecodeStringBenchmark.decodeString US-ASCII true 8 thrpt 20 15731142.651 ? 3782931.591 ops/s ByteBufUtilDecodeStringBenchmark.decodeString US-ASCII true 64 thrpt 20 16244232.229 ? 1886259.658 ops/s ByteBufUtilDecodeStringBenchmark.decodeString UTF-8 false 8 thrpt 20 25983680.959 ? 5045782.289 ops/s ByteBufUtilDecodeStringBenchmark.decodeString UTF-8 false 64 thrpt 20 26235589.339 ? 2867004.950 ops/s ByteBufUtilDecodeStringBenchmark.decodeString UTF-8 true 8 thrpt 20 18499027.808 ? 4784684.268 ops/s ByteBufUtilDecodeStringBenchmark.decodeString UTF-8 true 64 thrpt 20 16825286.141 ? 1008712.342 ops/s ByteBufUtilDecodeStringBenchmark.decodeString UTF-16 false 8 thrpt 20 5789879.092 ? 1201786.359 ops/s ByteBufUtilDecodeStringBenchmark.decodeString UTF-16 false 64 thrpt 20 2173243.225 ? 417809.341 ops/s ByteBufUtilDecodeStringBenchmark.decodeString UTF-16 true 8 thrpt 20 5035583.011 ? 1001978.854 ops/s ByteBufUtilDecodeStringBenchmark.decodeString UTF-16 true 64 thrpt 20 2162345.301 ? 402410.408 ops/s ByteBufUtilDecodeStringBenchmark.decodeString ISO-8859-1 false 8 thrpt 20 30039052.376 ? 6539111.622 ops/s ByteBufUtilDecodeStringBenchmark.decodeString ISO-8859-1 false 64 thrpt 20 31414163.515 ? 2096710.526 ops/s ByteBufUtilDecodeStringBenchmark.decodeString ISO-8859-1 true 8 thrpt 20 19538587.855 ? 4639115.572 ops/s ByteBufUtilDecodeStringBenchmark.decodeString ISO-8859-1 true 64 thrpt 20 19467839.722 ? 1672687.213 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld US-ASCII false 8 thrpt 20 10787326.745 ? 1034197.864 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld US-ASCII false 64 thrpt 20 7129801.930 ? 1363019.209 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld US-ASCII true 8 thrpt 20 9002529.605 ? 2017642.445 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld US-ASCII true 64 thrpt 20 3860192.352 ? 826218.738 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld UTF-8 false 8 thrpt 20 10532838.027 ? 2151743.968 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld UTF-8 false 64 thrpt 20 7185554.597 ? 1387685.785 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld UTF-8 true 8 thrpt 20 7352253.316 ? 1333823.850 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld UTF-8 true 64 thrpt 20 2825578.707 ? 349701.156 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld UTF-16 false 8 thrpt 20 7277446.665 ? 1447034.346 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld UTF-16 false 64 thrpt 20 2445929.579 ? 562816.641 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld UTF-16 true 8 thrpt 20 6201174.401 ? 1236137.786 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld UTF-16 true 64 thrpt 20 2310674.973 ? 525587.959 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld ISO-8859-1 false 8 thrpt 20 11142625.392 ? 1680556.468 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld ISO-8859-1 false 64 thrpt 20 8127116.405 ? 1128513.860 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld ISO-8859-1 true 8 thrpt 20 9405751.952 ? 2193324.806 ops/s ByteBufUtilDecodeStringBenchmark.decodeStringOld ISO-8859-1 true 64 thrpt 20 3943282.076 ? 737798.070 ops/s Benchmark result is saved to /home/norman/mainframer/netty/microbench/target/reports/performance/ByteBufUtilDecodeStringBenchmark.json Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 1,030.173 sec - in io.netty.buffer.ByteBufUtilDecodeStringBenchmark [1030.460s][info ][gc,heap,exit ] Heap [1030.460s][info ][gc,heap,exit ] garbage-first heap total 516096K, used 257918K [0x0000000609a00000, 0x0000000800000000) [1030.460s][info ][gc,heap,exit ] region size 2048K, 127 young (260096K), 2 survivors (4096K) [1030.460s][info ][gc,heap,exit ] Metaspace used 17123K, capacity 17438K, committed 17792K, reserved 1064960K [1030.460s][info ][gc,heap,exit ] class space used 1709K, capacity 1827K, committed 1920K, reserved 1048576K

…in 11.0.1 (netty#8409) Motivation: We had put some workaround in our tests due a bug in the Java11 implementation of TLSv1.3. This was now fixes as part of 11.0.1. See https://bugs.openjdk.java.net/browse/JDK-8211067. Modifications: Remove workaround in SSL tests. Result: Run all tests with supported TLS version.

Motivation: Commons-compress < 2.0.18 has a security flaw so we should upgrade (even if we only use it in tests anyway). Modifications: Update to 2.0.18 Result: Use latest version.

…8413) Motivation: DefaultResourceLeak.toString() did include the wrong value for duplicated records. Modifications: Include the correct value. Result: Correct toString() implementation.

…en sun.security.x509.* can not be accessed and bouncycastle is not on the classpath. (netty#8415) Motivation: OpenSsl used SelfSignedCertificate in its static init block to detect if KeyManagerFactory is supported. Unfortunally this only works when either sun.security.x509.* can be accessed or bouncycastle is on the classpath. We should not depend on either of it. This came up in netty/netty-tcnative#404 (comment). Modifications: Just directly use the bytes to generate the X509Certificate and so not depend on sun.security.x509.* / bouncycastle. Result: Correctly be able to detect if KeyManagerFactory can be supported in all cases.

Motivation: A new EA release was done, we should always run against the latest. Modifications: Update to EA 16. Result: CI runs with latest EA release for JDK12.

…8410) Motivation: trackedObject != null gives no guarantee that trackedObject remains reachable. This may cause problems related to premature finalization: false leak detector warnings. Modifications: Add private method reachabilityFence0 that works on JDK 8 and can be factored out into PlatformDependent. Later, it can be swapped for the real Reference.reachabilityFence. Result: No false leak detector warnings in future versions of JDK.

Motivation: 0ddc62c added support for TLSv1.3 when using openssl 1.1.1. Now that BoringSSL chromium-stable branch supports it as well we can also support it with netty-tcnative-boringssl-static. During this some unit tests failed with BoringSSL which was caused by not correctly handling flush() while the handshake is still in progress. Modification: - Upgrade netty-tcnative version which also supports TLSv1.3 when using BoringSSL - Correctly handle flush() when done while the handshake is still in progress in all cases. Result: Easier for people to enable TLSv1.3 when using native SSL impl. Ensure flush() while handshake is in progress will always be honored.

@Scottmitch

* Optimize AbstractByteBuf.getCharSequence() in US_ASCII case Motivation: Inspired by netty#8388, I noticed this simple optimization to avoid char[] allocation (also suggested in a TODO here). Modifications: Return an AsciiString from AbstractByteBuf.getCharSequence() if requested charset is US_ASCII or ISO_8859_1 (latter thanks to @Scottmitch's suggestion). Also tweak unit tests not to require Strings and include a new benchmark to demonstrate the speedup. Result: Speed-up of AbstractByteBuf.getCharSequence() in ascii and iso 8859/1 cases

…netty#8393) Motivation: There are currently many more places where this could be used which were possibly not considered when the method was added. If netty#8388 is included in its current form, a number of these places could additionally make use of the same BYTE_ARRAYS threadlocal. There's also a couple of adjacent places where an optimistically-pooled heap buffer is used for temp byte storage which could use the threadlocal too in preference to allocating a temp heap bytebuf wrapper. For example https://github.com/netty/netty/blob/4.1/buffer/src/main/java/io/netty/buffer/ByteBufUtil.java#L1417. Modifications: Replace new byte[] with PlatformDependent.allocateUninitializedArray() where appropriate; make use of ByteBufUtil.getBytes() in some places which currently perform the equivalent logic, including avoiding copy of backing array if possible (although would be rare). Result: Further potential speed-up with java9+ and appropriate compile flags. Many of these places could be on latency-sensitive code paths.

…static (netty#8436) Motivation: We should provide an easy way to run our testsuite against netty-tcnative-boringssl-static Modifications: - Add boringssl profile which can be used to enable usage of netty-tcnative-boringssl-static - Make use of the profile in docker-compose Result: Cleaner and easier way of running testsuite against netty-tcnative-boringssl-static

Motivation: I came across two bugs: - Components removed due to capacity reduction aren't released - Offsets aren't set correctly on empty components that are added between existing components Modifications: Add unit tests which expose these bugs, fix them. Result: Bugs are fixed

…the KeyManager due of TLSv1.3 (netty#8435) Motivation: 201e984 added support to use native TLSv1.3 support even with Java versions prior to 11. For this we try to detect if we need to wrap the used KeyManager or not. This testing code did create an X509Certificate[1] but does not correctly also set the certficiate on index 0. While this should be harmless we should better do the right thing and set it. Modifications: Correctly init the array. Result: Cleaner and more correct code.

…ge (netty#8441) Motivation: There are log messages emitted from Http2ConnectionDecoder of the form ``` INF i.n.h.c.h.DefaultHttp2ConnectionDecoder ignoring HEADERS frame for stream RST_STREAM sent. {} ``` Modifications: Remove the trailing `{}` in the log message that doesn't have a value. Result: Log messages no longer have a trailing `{}`.

…dressTypes (netty#8445) Motivation: It should be possible to build a DnsNameResolver with a null resolvedAddressTypes, defaulting then to DEFAULT_RESOLVE_ADDRESS_TYPES (see line 309). Sadly, `preferredAddressType` is then called on line 377 with the original parameter instead of the instance attribute, causing an NPE when it's null. Modification: Call preferredAddressType with instance attribuet instead of constructor parameter. Result: No more NPE

Motivation: latest version of the plugin Modification: Bump up version in pom.xml Result: Use latest plugin

…implementations correctly. (netty#8443) Motivation: netty#8442 reported that we fail to build a SslContext when an invalid cipher is used with netty-tcnative-boringssl-static, while it worked before. This test verifies that this is now consistent with all other SSLEngine implementations. Modifications: Add test-case to verify consistent behaviour Result: More tests to assert consistent behaviour across SSLEngine implementations

…uf (netty#8420) Motivation: Unpooled.wrap(byte[]...) and Unpooled.wrap(ByteBuffer...) currently allocate/copy an intermediate ByteBuf ArrayList and array, which can be avoided. Modifications: - Define new internal ByteWrapper interface and add a CompositeByteBuf constructor which takes a ByteWrapper with an array of the type that it wraps, and modify the appropriate Unpooled.wrap(...) methods to take advantage of it - Tidy up other constructors in CompositeByteBuf to remove duplication and misleading len arg (which is really an end offset into provided array) Result: Less allocation/copying when wrapping byte[] and ByteBuffer arrays, tidier code.

…8447) Motivation: netty#8444 reports that there is some issue with negative values passed to timerfd_settime. This test verifies that everything is working as expected. Modifications: Add testcase. Result: Test to verify expected behaviour.

…mory (netty#8452) Motivation: In netty we use our own max direct memory limit that can be adjusted by io.netty.maxDirectMemory but we do not take this in acount when maxDirectMemory() is used. That will lead to non optimal configuration of PooledByteBufAllocator in some cases. This came up on stackoverflow: https://stackoverflow.com/questions/53097133/why-is-default-num-direct-arena-derived-from-platformdependent-maxdirectmemory Modifications: Correctly respect io.netty.maxDirectMemory and so configure PooledByteBufAllocator correctly by default. Result: Correct value for max direct memory.

…etty#8450) Motivation: SHA1 is a broken hash function and shouldn't be used anymore (see: https://shattered.io/). Security scanning tools will raise this as an issue and it will reflect badly on netty and I, therefore, recommend to use a SHA2 hash function which is secure and won't be flagged by such tools. Modifications: Replaced insecure SHA1 based signing scheme with SHA2. Result: Modern and thus secure cryptographic primitives will be in use and won't be flagged by security scanning tools.

Motivation: latest version of plugin should be used. See https://blogs.apache.org/maven/entry/apache-maven-surefire-plugin-version1 Modification: Update plugin version in pom.xml Result: n/a

Motivation: HWT does not support anything smaller then 1ms so we should make it clear that this is the case. Modifications: Log a warning if < 1ms is used. Result: Less suprising behaviour.

Motivation: After netty#7527 fix there is no need to manually release chunks (HttpData) during file upload as they will be released on HttpPostRequestDecoder.destroy(). Modification: HttpUploadServer example doesn't release chunks manually (doesn't call data.release()). Result: Fixes netty#7695 and netty#7689

netty#8457) Motivation: Due a bug in our implementation we tried to release the same ByteBuf two times when we failed to parse the X509Certificate as closing the ByteBufInputStream already closed it. Modifications: - Don't close the ByteBuf when closing the ByteBufInputStream - Explicit release all ByteBufs after we are done parsing in a finally block. - Add testcase. Result: Do not produce an IllegalReferenceCountException and throw the correct CertificateException.

Motivation: We should always test against the latest EA release. Modifications: Update to openjdk 12 ea17 Result: Test against latest release

…etty#8454) Motivation: If the encoder needs to flush more than one outbound message it will create a new ChannelPromise for all but the last write which will swallow failures. Modification: Use a PromiseCombiner in the case of multiple messages and the parent promise isn't the `VoidPromise`. Result: Intermediate failures are propagated to the original ChannelPromise.

Motivation: CompositeByteBuf is a powerful and versatile abstraction, allowing for manipulation of large data without copying bytes. There is still a non-negligible cost to reading/writing however relative to "singular" ByteBufs, and this can be mostly eliminated with some rework of the internals. My use case is message modification/transformation while zero-copy proxying. For example replacing a string within a large message with one of a different length Modifications: - No longer slice added buffers and unwrap added slices - Components store target buf offset relative to position in composite buf - Less allocations, object footprint, pointer indirection, offset arithmetic - Use Component[] rather than ArrayList<Component> - Avoid pointer indirection and duplicate bounds check, more efficient backing array growth - Facilitates optimization when doing bulk-inserts - inserting n ByteBufs behind m is now O(m + n) instead of O(mn) - Avoid unnecessary casting and method call indirection via superclass - Eliminate some duplicate range/ref checks via non-checking versions of toComponentIndex and findComponent - Add simple fast-path for toComponentIndex(0); add racy cache of last-accessed Component to findComponent(int) - Override forEachByte0(...) and forEachByteDesc0(...) methods - Make use of RecyclableArrayList in nioBuffers(int, int) (in line with FasterCompositeByteBuf impl) - Modify addComponents0(boolean,int,Iterable) to use the Iterable directly rather than copy to an array first (and possibly to an ArrayList before that) - Optimize addComponents0(boolean,int,ByteBuf[],int) to not perform repeated array insertions and avoid second loop for offset updates - Simplify other logic in various places, in particular the general pattern used where a sub-range is iterated over - Add benchmarks to demonstrate some improvements While refactoring I also came across a couple of clear bugs. They are fixed in these changes but I will open another PR with unit tests and fixes to the current version. Result: Much faster creation, manipulation, and access; many fewer allocations and smaller footprint. Benchmark results to follow.

…es (netty#8464) Motivation: netty#8388 introduced a reusable ThreadLocal<byte[]> for use in decodeString(...). It can be used in more places in the buffer package to avoid temporary allocations of small arrays. Modifications: Encapsulate use of the ThreadLocal in a static package-private ByteBufUtil.threadLocalTempArray(int) method, and make use of it from a handful of new places including ByteBufUtil.readBytes(...). Result: Fewer short-lived small byte array allocations.

…8467) Motivation: allLeaks is to store the DefaultResourceLeak. When we actually use it, the key is DefaultResourceLeak, and the value is actually a meaningless value. We only care about the keys of allLeaks and don't care about the values. So Set is more in line with this scenario. Using Set as a container is more consistent with the definition of a container than Map. Modification: Replace allLeaks with set. Create a thread-safe set using 'Collections.newSetFromMap(new ConcurrentHashMap<DefaultResourceLeak<?>, Boolean>()).'

…#8472) Motivation: We did not override all methods in OpenSslX509Certificate and delegate to the internal 509Certificate. Modifications: Add missing overrides. Result: More correct implementation

Motivation: We should call wrapEngine(...) in our SSLEngineTest to correctly detect all errors in case of the OpenSSLEngine. Modifications: Add missing wrapEngine(...) calls. Result: More correct tests

Motivation: We should test against latest EA releases. Modifications: Update to openkdk 12ea19 Result: Use latest openjdk 12 EA build on the CI.

Motivation: The `Http2StreamFrameToHttpObjectCodec` is marked `@Sharable` but mutates an internal `HttpScheme` field every time it is added to a pipeline. Modifications: Instead of storing the `HttpScheme` in the handler we store it as an attribute on the parent channel. Result: Fixes netty#8480.

…y#8484) Motivation: Two similar bugs were introduced by myself in separate recent PRs netty#8393 and netty#8464, while optimizing the assignment/handling of temporary arrays in ByteBufUtil and UnsafeByteBufUtil. The temp arrays allocated for buffering data written to an OutputStream are incorrectly sized to the full length of the data to copy rather than being capped at WRITE_CHUNK_SIZE. Unfortunately one of these is in the 4.1.31.Final release, I'm really sorry and will be more careful in future. This kind of thing is tricky to cover in unit tests. Modifications: Revert the temp array allocations back to their original sizes. Avoid making duplicate calls to ByteBuf.capacity() in a couple of places in ByteBufUtil (unrelated thing I noticed, can remove it from this PR if desired!) Result: Temporary byte arrays will be reverted to their originally intended sizes.

@ignore

Motivation: We disabled the test at some point but it should work now without any problems. Modifications: Remove @ignore from test. Result: Verify shading of netty-tcnative on CI.

netty#8486) Motivation: If you attempt to write to a channel with an SslHandler prior to channelActive being called you can hit an assertion. In particular - if you write to a channel it forces some handshaking (through flush calls) to occur. The AssertionError only happens on Java11+. Modifications: - Replace assert by an "early return" in case of the handshake be done already. - Add unit test that verifies we do not hit the AssertionError anymore and that the future is correctly failed. Result: Fixes netty#8479.

…#8491) Motivation: We missed to include a profile for windows which means that we did not have the correct dependencies setup. Modifications: - Add missing profile - Add assumeFalse(...) to ensure we do only test the native transpot shading on non windows platforms. - Explicit specify dependency on netty-common Result: Fixes netty#8489.

…ush or starttls is used. (netty#8494) Motivation: We did not correctly schedule the handshake timeout if the handshake was either started by a flush(...) or if starttls was used. Modifications: - Correctly setup timeout in all cases - Add unit tests. Result: Fixes netty#8493.

@rkapsi

…etty#8497) Motivation: ByteBuf.retainedSlice() and similar methods produce sliced buffers with an independent refcount to the buffer that they wrap. One of the optimizations in 10539f4 was to use the ref to the unwrapped buffer object for added slices, but this did not take into account the above special case when later releasing. Thanks to @rkapsi for discovering this via netty#8495. Modifications: Since a reference to the slice is still kept in the Component class, just changed Component.freeIfNecessary() to release the slice in preference to the unwrapped buf. Also added a unit test which reproduces the bug. Result: Fixes netty#8495

…re written (netty#8471) Motivation: When the DefaultHttp2ConnectionEncoder writes the initial headers for a new locally created stream we create the stream in the half-closed state if the end-stream flag is set which signals to the life cycle manager that the headers have been sent. However, if we synchronously fail to write the headers the life cycle manager then sends a RST_STREAM on our behalf which is a connection level PROTOCOL_ERROR because the peer sees the stream in an IDLE state. Modification: Don't open the stream in the half-closed state if the end-stream flag is set and let the life cycle manager take care of it. Result: Cleaner state management in the DefaultHttp2ConnectionEncoder. Fixes netty#8434.

Motivation: The code for initiating a TLS handshake or renegotiation process is currently difficult to reason about. Modifications: This commit introduces to clear paths for starting a handshake. The first path is a normal handshake. The handshake is started and a timeout is scheduled. The second path is renegotiation. If the first handshake is incomplete, the renegotiation promise is added as a listener to the handshake promise. Otherwise, the renegotiation promise replaces the original promsie. At that point the handshake is started again and a timeout is scheduled. Result: Cleaner and easier to understand code.

…hen using TLSv1.3 (netty#8485) Motivation: We did not correctly convert between openssl / boringssl and java ciphers when using TLV1.3 which had different effects when either using openssl or boringssl. - When using openssl and TLSv1.3 we always returned SSL_NULL_WITH_NULL_NULL as cipher name - When using boringssl with TLSv1.3 we always returned an incorrect constructed cipher name which does not match what is defined by Java. Modifications: - Add correct mappings in CipherSuiteConverter for both openssl and boringssl - Add unit tests for CipherSuiteConvert - Add unit in SSLEngine which checks that we do not return SSL_NULL_WITH_NULL_NULL ever and that server and client returns the same cipher name. Result: Fixes netty#8477.

…netty#8481) * Correctly convert supported signature algorithms when using BoringSSL Motivation: BoringSSL uses different naming schemes for the signature algorithms so we need to adjust the regex to also handle these. Modifications: - Adjust SignatureAlgorithmConverter to handle BoringSSL naming scheme - Ensure we do not include duplicates - Add unit tests. Result: Correctly convert boringssl signature algorithm names.

…tionException on shutdown. (netty#8476) Motivation: There is a racy UnsupportedOperationException instead because the task removal is delegated to MpscChunkedArrayQueue that does not support removal. This happens with SingleThreadEventExecutor that overrides the newTaskQueue to return an MPSC queue instead of the LinkedBlockingQueue returned by the base class such as NioEventLoop, EpollEventLoop and KQueueEventLoop. Modifications: - Catch the UnsupportedOperationException - Add unit test. Result: Fix netty#8475

Motivation: Update to netty-tcnative 2.0.20.Final which fixed a bug related to retrieving the remote signature algorithms when using BoringSSL. Modifications: Update netty-tcnative Result: Be able to correctly detect the remote signature algorithms when using BoringSSL.

…t() and sslCtxPointer() (netty#8562) Motivation: We did not return the pointer to SSL_CTX put to the internal datastructure of tcnative. Modifications: Return the correct pointer. Result: Methods work as documented in the javadocs.

…LocalPrincipial() did not work when KeyManagerFactory was used. (netty#8560) Motivation: The SSLSession.getLocalCertificates() / getLocalPrincipial() methods did not correctly return the local configured certificate / principal if a KeyManagerFactory was used when configure the SslContext. Modifications: - Correctly update the local certificates / principial when the key material is selected. - Add test case that verifies the SSLSession after the handshake to ensure we correctly return all values. Result: SSLSession returns correct values also when KeyManagerFactory is used with the OpenSSL provider.

Swallow SSL Exception "closing inbound before receiving peer's close_notify" when running on Java 11 (netty#8463) Motivation: When closing a inbound SSL connection before the remote peer has send a close notify, the Java JDK is trigger happy to throw an exception. This exception can be ignored since the connection is about to be closed. The exception wasn't printed in Java 8, based on filtering on the exception message. In Java 11 the exception message has been changed. Modifications: Update the if statement to also filter/swallow the message on Java 11. Result: On Java 11 the exception isn't printed with log levels set to debug. The old behaviour is maintained.

Motivation: We should refresh the DNS configuration each 5 minutes to be able to detect changes done by the user. This is inline with what OpenJDK is doing Modifications: Refresh config every 5 minutes. Result: Be able to consume changes made by the user.

Motivation: Besides an error caused by closing socket in Windows a bunch of other errors may happen at this place which won't be somehow logged. For instance any VirtualMachineError as OutOfMemoryError will be simply ignored. The library should at least log the problem. Modification: Added logging of the throwable object. Result: Fixes netty#8499.

Motivation: We should allow adjustment of the leak detecting sampling interval when in SAMPLE mode. Modifications: Added new int property io.netty.leakDetection.samplingInterval Result: Be able to consume changes made by the user.

Motivation: When the Selector throws an IOException during our EventLoop processing we should rebuild it and transfer the registered Channels. At the moment we will continue trying to use it which will never work. Modifications: - Rebuild Selector when an IOException is thrown during any select*(...) methods. - Add unit test. Result: Fixes netty#8566.

…ed in BoringSSL. (netty#8573) Motivation: 0d2e38d added supported for detection of peer supported algorithms but we missed to fix the testcase. Modifications: Fix test-case. Result: No more failing tests with BoringSSL.

…...) works. (netty#8577) Motivation: We had an error in the javadoc which was most likely caused by copy and paste. Modifications: Fix javadoc. Result: Correct javadoc.

Motivation: We currently depend on slf4j in an transitive way in one of our classes in the examples. We should not do this. Modifications: Remove logging in example. Result: Remove not needed dependency.

…ce syscall costs (netty#8470) Motivation: Some of transports support gathering writes when using datagrams. For example this is the case for EpollDatagramChannel. We should minimize the calls to flush() to allow making efficient usage of sendmmsg in this case. Modifications: - minimize flush() operations when we query for multiple address types. - reduce GC by always directly schedule doResolveAll0(...) on the EventLoop. Result: Be able to use sendmmsg internally in the DnsNameResolver.

… Netty 5. (netty#8579) Motivation: We plan to remove the OIO based transports in Netty 5 so we should mark these as deprecated already. Modifications: Mark all OIO based transports as deprecated. Result: Give the user a heads-up for removal.

@deprecated

Motivation: 31fd66b added @deprecated to some classes but also to the package-info.java files. IntelliJ does not like to have these annotations on package-info.java Modifications: Remove annotation from package-info.java Result: Be able to compile against via IntelliJ

Motivation: Our HeadContext in DefaultChannelPipeline does handle inbound and outbound but we only marked it as outbound. While this does not have any effect in the current code-base it can lead to problems when we change our internals (this is also how I found the bug). Modifications: Construct HeadContext so it is also marked as handling inbound. Result: More correct code.

…etty#8590) Motivation: During benchmarks two methods showed up as "hot method too big". We can easily make these smaller by factor out some less common code-path to an extra method and so allow inlining. Modifications: Factor out less common code path to an extra method. Result: Hot methods can be inlined.

…ing the direct memory usage. (netty#8596) Motivation: We can change from using compareAndSet to addAndGet, which emits a different CPU instruction on x86 (CMPXCHG to XADD) when count direct memory usage. This instruction is cheaper in general and so produce less overhead on the "happy path". If we detect too much memory usage we just rollback the change before throwing the Error. Modifications: Replace compareAndSet(...) with addAndGet(...) Result: Less overhead when tracking direct memory.

…y#8595) Motivation: We did miss to use MessageFormatter inside LocationAwareSlf4jLogger and so {} was not correctly replaced in log messages when using slf4j. This regression was introduced by afe0767. Modifications: - Make use of MessageFormatter - Add unit test. Result: Fixes netty#8483.

Motivation: When we create new chunk with memory aligned, the offset of direct memory should be 'alignment - address & (alignment - 1)', not just 'address & (alignment - 1)'. Modification: Change offset calculating formula to offset = alignment - address & (alignment - 1) in PoolArena.DirectArena#offsetCacheLine and add a unit test to assert that. Result: Correctly calculate offset.

… to reduce GC. (netty#8593) Motivation: Often a temporary ByteBuffer is used which can be cached to reduce the GC pressure. Modifications: Add a Deque per PoolChunk which will be used for caching. Result: Less GC.

…teBuffer to reduce GC. (netty#8593)" This reverts commit 8cd005b as it seems to produce some failures in some cases. This needs more research.

…Utf8. (netty#8600) Motivation: ByteBuf is used everywhere so we should try hard to be able to make things inlinable. During benchmarks it showed that writeCharSequence(...) fails to inline writeUtf8 because it is too big even if its hots. Modifications: Move less common code-path to extra method to allow inlining. Result: Be able to inline writeUtf8 in most cases.

Motivation netty#8563 highlighted race conditions introduced by the prior optimistic update optimization in 83a19d5. These were known at the time but considered acceptable given the perf benefit in high contention scenarios. This PR proposes a modified approach which provides roughly half the gains but stronger concurrency semantics. Race conditions still exist but their scope is narrowed to much less likely cases (releases coinciding with retain overflow), and even in those cases certain guarantees are still assured. Once release() returns true, all subsequent release/retains are guaranteed to throw, and in particular deallocate will be called at most once. Modifications - Use even numbers internally (including -ve) for live refcounts - "Final" release changes to odd number (equivalent to refcount 0) - Retain still uses faster getAndAdd, release uses CAS loop - First CAS attempt uses non-volatile read - Thread.yield() after a failed CAS provides a net gain Result More (though not completely) robust concurrency semantics for ref counting; increased latency under high contention, but still roughly twice as fast as the original logic. Bench results to follow

Motivation DefaultHttp2FrameReader currently does a fair amount of "intermediate" slicing which can be avoided. Modifications Avoid slicing the input buffer in DefaultHttp2FrameReader until necessary. In one instance this also means retainedSlice can be used instead (which may also avoid allocating). Results Less allocations when using http2.

Motivation: According to the HTTP spec set-cookie headers should not be combined because they are not using the list syntax. Modifications: Do not combine set-cookie headers. Result: Set-Cookie headers won't be combined anymore

Motivation: We should use the latest OpenJDK 12 release when running tests against Java12. Modifications: - Update to OpenJDK 12 ea22. - Update pax exam version - skip OSGI testsuite on Java12 as it does not work ea22 yet. Result: Use latest OpenJDK 12 version when running on the CI.

netty#8603) Motivation: Often a temporary ByteBuffer is used which can be cached to reduce the GC pressure. Modifications: Cache the ByteBuffer in the PoolThreadCache as well. Result: Less GC.

Motivation: Netty executors doesn't have yet any means to compare with each others nor to compare with the j.u.c. executors Modifications: A new benchmark measuring execute burst cost is being added Result: It's now possible to compare some of Netty executors with each others and with the j.u.c. executors

Motivation: In versions of Netty prior to 4.1.31.Final, a CompositeByteBuf could be created with any size (including potentially nonsensical negative values). This behavior changed in e7737b9, which introduced a bounds check to only allow for a component size greater than one. This broke some existing use cases that attempted to create a byte buf with a single component. Modifications: Lower the bounds check on numComponents to include the single component case, but still throw an exception for anything less than one. Add unit tests for the case of numComponents being less than, equal to, and greater than this lower bound. Result: Return to the behavior of 4.1.30.Final, allowing one component, but still include an explicit check against a lower bound. Note that while creating a CompositeByteBuf with a single component is in some ways a contradiction of the term "composite", this patch caters for existing uses while excluding the clearly nonsensical case of asking for a CompositeByteBuf with zero or fewer components. Fixes netty#8613.

…s when using the Http2MultiplexCodec. (netty#8617) Motivation: We did not correct respect ctx.read() calls while processing a read for a child Channel. This could lead to read stales when auto read is disabled and no other read was requested. Modifications: - Keep track of extra read() calls while processing reads - Add unit tests that verify that read() is respected when triggered either in channelRead(...) or channelReadComplete(...) Result: Fixes netty#8209.

netty#8612) Motivation: java.nio.channels.spi.AbstractSelectableChannel.register(...) need to obtain multiple locks during execution which may produce a long wait time if we currently select. This lead to multiple CI failures in the past. Modifications: Ensure the register call takes place on the EventLoop. Result: No more flacky CI test timeouts.

…m EventExecutor. (netty#8620) Motivation: The ChannelInitializer may be invoked multipled times when used with a custom EventExecutor as removal operation may be done asynchronously. We need to guard against this. Modifications: - Change Map to Set which is more correct in terms of how we use it. - Ensure we only modify the internal Set when the handler was removed yet - Add unit test. Result: Fixes netty#8616.

Motivation: Most of the maven modules do not explicitly declare their dependencies and rely on transitivity, which is not always correct. Modifications: For all maven modules, add all of their dependencies to pom.xml Result: All of the (essentially non-transitive) depepdencies of the modules are explicitly declared in pom.xml

…x / Unix / BSD / MacOS (netty#8629) Motivation: In the test we assume some semantics on how RST is done that are not true for Windows so we should skip it. Modifications: Skip test when on windows. Result: Be able to run testsuite on windows. Fixes netty#8571.

motivation: automate snapshot publishing from docker based ci changes: * add local settings.xml with env variables for publishing to sonatype-nexus-snapshots * pipe UID/PWD env variable in docker compose

Motivation: If two requests from the same IP are reached at the same time, `connected.contains(remoteIp)` may return false in both threads. Modifications: Check if there is already a connection with the same IP using return values. Result: Become thread safe.

…or. (netty#8633) Motivation: 8331248 did make some changes to fix a race in ChannelInitializer when using with a custom EventExecutor. Unfortunally these where a bit racy and so the testcase failed sometimes. Modifications: - More correct fix when using a custom EventExecutor - Adjust the testcase to be more correct. Result: Proper fix for netty#8616.

Motivation: We had some typo (most likely caused by copy-and-paste) in the api docs which should be fixed. Modifications: Replace encoder by decoder word. Result: Correct apidocs.

…#8639) Motivation: 9f9aa1a did some changes related to fixing how we handle ctx.read() in child channel but did incorrectly change some assert. Modifications: Fix assert to be correct. Result: Code does not throw an AssertionError due incorrect assert check.

Motivation: improve docs Modification: ReadTimeoutHandler - missing ) within JavaDoc example No logic/unit tests affected

…thread-safe. (netty#8648) Motivation: SSLSession.putValue / getValue / removeValue / getValueNames must be thread-safe as it may be called from multiple threads. This is also the case in the OpenJDK implementation. Modifications: Guard with synchronized (this) blocks to keep the memory overhead low as we do not expect to have these called frequently. Result: SSLSession implementation is thread-safe.

Motivation: In windows if the project is in a path that contains whitespace, resources cannot be accessed and tests fail. Modifications: Adds ResourcesUtil.java in netty-common. Tests use ResourcesUtil.java to access a resource. Result: Being able to build netty in a path containing whitespace

…used. (netty#8647) Motivation: We should always call ctx.read() even when AUTO_READ is false as flow-control is enforced by the HTTP/2 protocol. See also https://tools.ietf.org/html/rfc7540#section-5.2.2. We already did this before but not explicit and only did so because of some implementation details of ByteToMessageDecoder. It's better to be explicit here to not risk of breakage later on. Modifications: - Ensure we always call ctx.read() when AUTO_READ is false - Add unit test. Result: No risk of staling the connection when HTTP/2 is used.

Motivation: RFC 6455 doesn't define status codes 1012, 1013 and 1014. Yet, since then, IANA has defined them, web browsers support them, applications in the wild do use them but it's currently not possible to buid a Netty based client for those services. From https://www.iana.org/assignments/websocket/websocket.xhtml: * 1012: Service Restart * 1013: Try Again Later * 1014: The server was acting as a gateway or proxy and received an invalid response from the upstream server. This is similar to 502 HTTP Status Code. Modification: Make status codes 1012, 1013 and 1014 legit. Result: WebSocket status codes as defined by IANA are supported.

This reverts commit db6d94f.

…rverAddressStreamProvider. (netty#8656) Motivation: Andoid does not contain javax.naming.* so we should not try to use it to prevent a NoClassDefFoundError on init. Modifications: Only try to use javax.naming.* to retrieve nameservers when not using Android. Result: Fixes netty#8654.

…sion / flavor (netty#8662) Motivation: We missed to skip a few tests that depend on the KeyManagerFactory if the used OpenSSL version / flavor not support it. Modifications: Add missing overrides. Result: Testsuite also passes for example when using LibreSSL.

Motivation: Using the latest jython release fixes some noise that is produced by an exception that is thrown when jython is terminated. Exception in thread "Jython-Netty-Client-4" Exception in thread "Jython-Netty-Client-7" Exception in thread "Jython-Netty-Client-5" java.lang.NoClassDefFoundError: org/python/netty/util/concurrent/DefaultPromise$2 at org.python.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:589) at org.python.netty.util.concurrent.DefaultPromise.setSuccess(DefaultPromise.java:397) at org.python.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:151) at java.lang.Thread.run(Thread.java:748) Exception in thread "Jython-Netty-Client-8" java.lang.NoClassDefFoundError: org/python/netty/util/concurrent/DefaultPromise$2 at org.python.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:589) at org.python.netty.util.concurrent.DefaultPromise.setSuccess(DefaultPromise.java:397) at org.python.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:151) at java.lang.Thread.run(Thread.java:748) Exception in thread "Jython-Netty-Client-3" java.lang.NoClassDefFoundError: org/python/netty/util/concurrent/DefaultPromise$2 at org.python.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:589) at org.python.netty.util.concurrent.DefaultPromise.setSuccess(DefaultPromise.java:397)% Modification: Update to latest stable release. Result: Less noise during build.

Motivation: A new version was released that fixes a few test-cases to allow more close codes. Modifications: Upgrade to 0.1.5 Result: More compliant testing of websockets.

Motivation: RFC 6455 doesn't define close status codes 1012, 1013 and 1014. Yet, since then, IANA has defined them and web browsers support them. From https://www.iana.org/assignments/websocket/websocket.xhtml: * 1012: Service Restart * 1013: Try Again Later * 1014: The server was acting as a gateway or proxy and received an invalid response from the upstream server. This is similar to 502 HTTP Status Code. Modification: Make status codes 1012, 1013 and 1014 legit. Result: WebSocket status codes as defined by IANA are supported.

Motivation: A new EA build was released for Java 12. Modifications: Update to OpenJDK 12 EA24 Result: Use latest OpenJDK 12 build when building with Java 12

…etty#8665) Motivation: How we did the mapping from native code to AbstractKQueueChannel was not safe and could lead to heap corruption. This then sometimes produced ClassCastExceptions or could also lead to crashes. This happened sometimes when running the testsuite. Modifications: Use a Map for the mapping (just as we do in the native epoll transport). Result: No more heap corruption / crashes.

… th… (netty#8649) Motivation: During some other work I noticed we do not have any tests to ensure we correctly use SSLSessionBindingEvent. We should add some testing. Modifications: - Added unit test to verify we correctly implement it. - Ignore the test when using Conscrypt as it not correctly implements it. Result: More tests for custom SSL impl.

…meDecoder that they are only compatible with UTF-8 encoded streams. (netty#8651) Motivation: LineBasedFrameDecoder, JsonObjectDecoder and XmlFrameDecoder upon investigation of the sourcecode appeared to only support ASCII or UTF-8 input. It is an important characteristic and ont reflected in any documentation. This could lead to improper usage and bugs. Modifications: Javadoc comment is addedd to all three classes to state that implementation is only compatible with UTF-8 or ASCII input streams and brifly touches on implementaion details. Result: The end user of the netty library would not have to study sorcecode to deterime character encoding limitations for given classes.

netty#8666) Motivation: We should try removing all FastThreadLocals for the Thread before we notify the termination. future. The user may block on the future and once it unblocks the JVM may terminate and start unloading classes. Modifications: Remove all FastThreadLocals for the Thread before notify termination future. Result: Fixes netty#6596.

Motivation: Users who want to construct a `FlushConsolidationHandler` with a default `explicitFlushAfterFlushes` but non-default `consolidateWhenNoReadInProgress` may benefit from having an easy way to get the default "flush after flushes" count. Modifications: - Moved default `explicitFlushAfterFlushes` value to a public constant. - Adjusted Javadoc accordingly. Result: Default `explicitFlushAfterFlushes` is accessible to callers.

…ty#8646) Motiviation: Http2FrameCodecTest and Http2MultiplexCodecTest were quite fragile and often not went through the whole pipeline which made testing sometimes hard and error-prone. Modification: - Refactor tests to have data flow through the whole pipeline and so made the test more robust (by testing the while implementation). Result: Easier to write tests for the codecs in the future and more robust testing in general. Beside this it also fixes netty#6036.

Motivation: Java uses camel-case by convention. Modification: Consistently use camel-case. Result: More consistent code styling.

Motivation: Javadocs contained some spelling errors, we should fix these. Modification: Fix spelling Result: Javadoc cleanup.

Motivation: We do not correctly detect loops when follow CNAMEs and so may try to follow it without any success. Modifications: - Correctly detect CNAME loops - Do not cache CNAME entries which point to itself - Add unit test. Result: Fixes netty#8687.

…adding the handler to the pipeline. (netty#8684) Motivation: Due a race in DefaultChannelPipeline / AbstractChannelHandlerContext it was possible to have only handlerRemoved(...) called during tearing down the pipeline, even when handlerAdded(...) was never called. We need to ensure we either call both of none to guarantee a proper lifecycle of the handler. Modifications: - Enforce handlerAdded(...) / handlerRemoved(...) semantics / ordering - Add unit test. Result: Fixes netty#8676 / netty#6536 .

Motivation: In Http2FrameCodec we made the incorrect assumption that we can only have 1 buffered outboundstream as maximum. This is not correct and we need to account for multiple buffered streams. Modifications: - Use a map to allow buffer multiple streams - Add unit test. Result: Fixes netty#8692.

Motivation: A new EA release was done for OpenJDK12. Modifications: Use OpenJDK12 EA 27 when running CI jobs for JDK 12. Result: Test against latest OpenJDK 12 EA build.

Motivation: The javadocs stating `IndexOutOfBoundsException` is thrown were different from what `ByteBuf` actually did. We want to ensure the Javadocs represent reality. Modifications: Updated javadocs on `write*`, `ensureWriteable`, `capacity`, and `maxCapacity` methods. Results: Javadocs more closely match actual behaviour.

Motivation: Incrementing two variables in sync is not necessary when only one will do. Modifications: - Remove `j` from `for` loop and replace with `i`. - Add more unit testing scenarios to cover changed code. Results: Unnecessary variable removed.

…eChannelFactory. (netty#8718) Motivation: We should access the Constructor of the passed in class in the Constructor of ReflectiveChannelFactory only to reduce the overhead but also fail-fast. Modifications: Access the Constructor early. Result: Fails fast and less performance overhead.

Motivation: Clean up code to increase readability. Modification: Extract duplicate code blocks into method. Result: Less code duplication

Motivation: Avoid unnecessary iteration and `ArrayList` allocation. Modification: ``` for (AbstractEpollChannel channel: channels.values()) { array.add(channel); } ``` replaced with `array.addAll(channels.values())` and ``` Collection<AbstractEpollChannel> array = new ArrayList<AbstractEpollChannel>(channels.size()); array.addAll(channels.values()) ``` replaced with: `AbstractEpollChannel[] localChannels = channels.values().toArray(new AbstractEpollChannel[0]);` Result: Simpler code in `EpollEventLoop.closeAll();`

Motivation: ChunkedWriteHandler should report write operation as failed in case *any* chunked was not written. Right now this is not true for the last chunk. Modifications: * Check if the appropriate write operation was succesfull when reporting the last chunk * Skip writing chunks if the write operation was already marked as "done" * Test cases to cover write failures when dealing with chunked input Result: Fix netty#8700

Motivation: There are the first EA bulds for OpenJDK 13. We should support to build with it and run builds on the CI. Modifications: - Add profile for JDK 13 - Add docker config to run with JDK 13. Result: Building and testing with OpenJDK 13 is possible.

Motivation: The CorruptedFrameException from the finish() method of the Utf8Validator gets propagated to other handlers while the connection is still open. Modification: Override exceptionCaught method of the Utf8FrameValidator and close the connection if it is a CorruptedFrameException. Result: The CorruptedFrameException gets propagated to other handlers only after properly closing the connection.

Motivation: We should always build with the latest JDK releases. Modifications: Update JDK8 and JDK11 versions to the latest. Result: Run CI jobs on the latest JDK release.

Motivation: Clean up code to increase readability. Modification: Extract duplicate code and remove unnecessary throws Result: Share more code.

Motivation: Since the updating to OpenJDK 11.0.2 the OSGI testsuite fails. We should dissable it until there is a version of the used plugins that works with this OpenJDK version. Modifications: Skip osgi testsuite when using JDK11. Result: Build pass again with JDK11.

…other nameservers are left. (netty#8731) Motivation: When using multiple nameservers and a nameserver respond with NXDOMAIN we should only fail the query if the nameserver in question is authoritive or no nameservers are left to try. Modifications: - Try next nameserver if NXDOMAIN was returned but the nameserver is not authoritive - Adjust testcase to respect correct behaviour. Result: Fixes netty#8261

netty#8726) Motivation: When a write error happens during writing of flowcontrolled data frames we miss to correctly detect this in the write loop which may result in an infinite loop as we will never detect that the frame should be removed from the queue. Modifications: - When we fail a flowcontrolled data frame we ensure that the next frame.write(...) call will signal back that the whole frame was handled and so can be removed. - Add unit test. Result: Fixes netty#8707.

Motivation: testWriteTaskRejected was racy as we did not ensure we dispatched all events to the executor before shutting it down. Modifications: Add a latch to ensure we dispatched everything. Result: Fix racy test that failed sometimes before.

Motivation: Clean up to make the code style unified. Modification: Fix indent Result: Indents are unified

Motivation: While using Load Balancers or HA support is needed there are cases when UDP channel need to bind to IP Address which is not available on network interfaces locally. Modification: Modified EpollDatagramChannelConfig to allow IP_FREEBIND option Result: Fixes #netty#8727.

Motivation: I want to fix bug in vert.x project (eclipse-vertx/vert.x#2562) caused by ComposedLastHttpContent result being null. I don't know if it is intentional that this last decoded chuck in the issue returns null, but if not - I am providing fix for that. Modification: * Added new constructor in ComposedLastHttpContent allowing to pass DecoderResult * set DecoderResult.SUCCESS for created ComposedLastHttpContent in HttpContentEncoder * set DecoderResult.SUCCESS for created ComposedLastHttpContent in HttpContentDecoder Result: Fixes eclipse-vertx/vert.x#2562

netty#8738) Motivation: testChannelInitializerEventExecutor() did sometimes fail as we sometimes miss to count down the latch. This can happen when we remove the handler from the pipeline before channelUnregistered(...) was called for it. Modifications: Countdown the latch in handlerRemoved(...). Result: Fix flaky test.

Motivation: Current implementation extract header value as String. We have an idiomatic way for checking presence of a header value. Modification: Use HttpHeaders#contains for checking if if contains Expect: 100-continue. Result: Use idiomatic way + simplify boolean logic.

Motivation: Correct typo Modification: Correct typo Result: JavaDoc and method name are more readable

…n calling write(...) / writeAndFlush(...) (netty#8769) Motivation: We need to release the message when we throw an IllegalArgumentException because of a validation failure of the promise to eliminate the risk of a memory leak. Modifications: - Consistently release the message before rethrow - Add testcase. Result: Fixes netty#8765.

@doom369

Motivation In netty#8758, @doom369 reported an infinite loop bug in CompositeByteBuf which was introduced in netty#8437. This is the same small fix for that, along with fixes for two other bugs found while re-inspecting the changes and adding unit tests. Modification - Replace recursive call to toComponentIndex with toComponentIndex0 as intended - Add missed "lastAccessed" racy cache invalidation in capacity(int) method - Fix incorrect determination of initial offset in non-zero cIndex case of updateComponentOffsets method - New unit tests for previously uncovered methods Results Fewer bugs.

Motivation: We need to update to a new checkstyle plugin to allow the usage of lambdas. Modifications: - Update to new plugin version. - Fix checkstyle problems. Result: Be able to use checkstyle plugin which supports new Java syntax.

…ers that execute in the EventExecutor. (netty#8786) Motivation: We cache the Runnable for some tasks to reduce GC pressure in 4 different fields. This gives overhead in terms of memory usage in all cases, even if we always execute in the EventExecutor (which is the case most of the times). Modifications: Move the 4 fields to another class and only have one reference to this in AbstractChannelHandlerContext. This gives a small overhead in the case of execution that is done outside of the EventExecutor but reduce memory footprint in the more likily execution case. Result: Less memory used per AbstractChannelHandlerContext in most cases.

…y#8798) Motivation: To conform to the CharSequence interface we need to return an empty CharSequence when start == end index and a subSequence is requested. Modifications: - Correctly handle the case where start == end - Add unit test Result: Fix netty#8796.

Motivation: In most cases, HttpMethod instance is built from the factory method and the same instance is taken for known Http Methods. So we can implement fast path for equals(). Modification: Replace == checks with HttpMethod.equals; Use this == o within HttpMethod.equals; Replaced known new HttpMethod with HttpMethod.valueOf; Result: Comparisons should be a bit faster in some cases.

… promise. (netty#8797) Motivation: If there are no listeners attached to the promise when full-filling it we do not need to schedule a task to notify. Modifications: - Don't schedule a task if there is nothing to notify. - Add unit tests. Result: Fixes netty#8795.

Motivation: We have a utility method to check for > 0 and >0 arguments. We should use it. Modification: use checkPositive/checkPositiveOrZero instead of if statement. Result: Re-use utility method.

netty#8799) * HttpObjectDecoder ignores HTTP trailer header when empty line is received in seperate ByteBuf Motivation: When the empty line that termines the trailers was sent in a seperate ByteBuf we did ignore the previous parsed trailers and just returned none. Modifications: - Correct respect previous parsed trailers. - Add unit test. Result: Fixes netty#8736

@deprecated

…y#8826) Motivation: 41e03ad marked ChannelHandler.exceptionCaught(...) as @deprecated but missed to also mark ChannelHandlerAdapter.exceptionCaught(...) as @deprecated. We should do so as most people extend the base classes and not implement the interfaces directly. Modifications: Mark ChannelHandlerAdapter.exceptionCaught(...) as @deprecated as well. Result: Mark method as @deprecated to warn users about its removal.

…connected mode. (netty#8806) Motivation: In the native code EpollDatagramChannel / KQueueDatagramChannel creates a DatagramSocketAddress object for each received UDP datagram even when in connected mode as it uses the recvfrom(...) / recvmsg(...) method. Creating these is quite heavy in terms of allocations as internally, char[], String, Inet4Address, InetAddressHolder, InetSocketAddressHolder, InetAddress[], byte[] objects are getting generated when constructing the object. When in connected mode we can just use regular read(...) calls which do not need to allocate all of these. Modifications: - When in connected mode use read(...) and NOT recvfrom(..) / readmsg(...) to reduce allocations when possible. - Adjust tests to ensure read works as expected when in connected mode. Result: Less allocations and GC when using native datagram channels in connected mode. Fixes netty#8770.

Motivation There's some miscellaneous cleanup/simplification of CompositeByteBuf which would help make the code a bit clearer. Modifications - Simplify web of constructors and addComponents methods, reducing duplication of logic - Rename `Component.freeIfNecessary()` method to just `free()`, which is less confusing (see netty#8641) - Make loop in addComponents0(...) method more verbose/readable (see netty#8437 (comment)) - Simplify addition/subtraction in setBytes(...) methods Result Smaller/clearer code

@91he

Motivation As pointed out by @91he in netty#8595 (comment), there is a remaining bug in LocationAwareSlf4JLogger following the updates done in netty#8595. The logging methods which take a varargs message parameter array should format using MessageFormatter.arrayFormat rather than MessageFormatter.format. Modifications Change varargs param methods in LocationAwareSlf4JLogger to use MessageFormatter.arrayFormat and extend unit test to cover these cases. Results Correct log output when logging messages with > 2 parameters when using LocationAwareSlf4JLogger.

…gramChannel (netty#8825) Motivation: When using a linux distribution that supports sendmmsg(...) we allocated enough direct memory per EpollEventLoop to be able to write IOV_MAX number of iovecs per message that can be written per sendmmsg. The number of messages that can be written per sendmmsg(...) call is limited by UIO_MAX_IOV. In practice this resulted in an allocation of 16MB direct memory per EpollEventLoop instance that stayed allocated until the EpollEventLoop was shutdown which happens as part of the shutdown of the enclosing EpollEVentLoopGroup. This resulted in quite some heavy direct memory usage in practice even when in practice we have very slim changes to ever need all of the memory. Modification: Adjust NativeDatagramPacketArray to share one IovArray instance across all NativeDatagramPacket instances it holds. This limits the max number of iovecs we can write across all messages to IOV_MAX per sendmmsg(...) call. This in practice will still be enough to allow us to write multiple messages with one syscall while keep the memory overhead to a minimum. Result: Smaller direct memory footprint per EpollEventLoop when using EpollDatagramChannel on distributions that support sendmmsg(...). Fixes netty#8814

Motivation: When a proxy fails to connect, it includes useful error detail in the headers. Modification: - Add an HTTP Specific ProxyConnectException - Attach headers (if any) in the event of a non-200 response Result: Able to surface more useful error info to applications

Motivation Implementations of MessageAggregator (HttpObjectAggregator in particular) may wish to selectively aggrerage requests and responses on a case-by-case basis such as for example only POST requests or only responses of a certain content-type. Modifications Adding a flag to MessageAggregator that toggles between true/false depending on if aggregation is desired for the current message or not. Result Fixes netty#8772

Motivation: Just was looking through code and found 1 interesting place DateFormatter.tryParseMonth that was not very effective, so I decided to optimize it a bit. Modification: Changed DateFormatter.tryParseMonth method. Instead of invocation regionMatch() for every month - compare chars one by one. Result: DateFormatter.parseHttpDate method performance improved from ~3% to ~15%. Benchmark (DATE_STRING) Mode Cnt Score Error Units DateFormatter2Benchmark.parseHttpHeaderDateFormatter Sun, 27 Jan 2016 19:18:46 GMT thrpt 6 4142781.221 ± 82155.002 ops/s DateFormatter2Benchmark.parseHttpHeaderDateFormatter Sun, 27 Dec 2016 19:18:46 GMT thrpt 6 3781810.558 ± 38679.061 ops/s DateFormatter2Benchmark.parseHttpHeaderDateFormatterNew Sun, 27 Jan 2016 19:18:46 GMT thrpt 6 4372569.705 ± 30257.537 ops/s DateFormatter2Benchmark.parseHttpHeaderDateFormatterNew Sun, 27 Dec 2016 19:18:46 GMT thrpt 6 4339785.100 ± 57542.660 ops/s

Motivation: We can replace some "hand-rolled" integer checks with our own static utility method to simplify the code. Modifications: Use methods provided by `ObjectUtil`. Result: Cleaner code and less duplication

…tty#8843) Motivation: When we fail a call to PromiseCombiner.finish(...) because of a null argument we must not update the internal state before throwing. Modifications: - First do the null check and only after we validated that the argument is not null update the internal state - Add test case. Modifications: Do not mess up internal state of PromiseCombiner when finish(...) is called with a null argument. Result: After your change, what will change.

Motivation: We missed to extend a few tests from the testsuite and so also run these with our native KQueue and Epoll transport. Modifications: Extend tests and so run these for our native transports as well. Result: More tests.

@deprecated

netty#8847) Motivation: The SSLEngine does provide a way to signal to the caller that it may need to execute a blocking / long-running task which then can be offloaded to an Executor to ensure the I/O thread is not blocked. Currently how we handle this in SslHandler is not really optimal as while we offload to the Executor we still block the I/O Thread. Modifications: - Correctly support offloading the task to the Executor while suspending processing of SSL in the I/O Thread - Add new methods to SslContext to specify the Executor when creating a SslHandler - Remove @deprecated annotations from SslHandler constructor that takes an Executor - Adjust tests to also run with the Executor to ensure all works as expected. Result: Be able to offload long running tasks to an Executor when using SslHandler. Partly fixes netty#7862 and netty#7020.

…in upgrade request (netty#8848) Motivation: When more than one connection header is present in h2c upgrade request, upgrade fails. This is to fix that. Modification: In HttpServerUpgradeHandler's upgrade() method, check whether any of the connection header value is upgrade, not just the first header value which might return a different value other than upgrade. Result: Fixes netty#8846. With this PR, now when multiple connection headers are sent with the upgrade request, upgrade will not fail.

… request. (netty#8864) Motivation: Gracefully respond on bad client request. We have a set of errors produced by Android 7.1.1/7.1.2 clients where both headers `HttpHeaderNames.SEC_WEBSOCKET_VERSION` and `HttpHeaderNames.ORIGIN` are not present. Absence of the first headers leads to WebSocketServerHandshaker00 be applied as a handshaker. However, null 2nd header causes ``` java.lang.NullPointerException: value io.netty.util.internal.ObjectUtil.checkNotNull(ObjectUtil.java:33) io.netty.handler.codec.DefaultHeaders.addObject(DefaultHeaders.java:327) io.netty.handler.codec.http.DefaultHttpHeaders.add(DefaultHttpHeaders.java:123) io.netty.handler.codec.http.websocketx.WebSocketServerHandshaker00.newHandshakeResponse(WebSocketServerHandshaker00.java:162) ``` Which causes connection close with unclear reason. Modification: Added null-check, and in case of null an appropriate WebSocketHandshakeException is thrown. Result: In case of null `HttpHeaderNames.ORIGIN` header a WebSocketHandshakeException is caught by WebSocketServerProtocolHandler which sends a graceful `BAD_REQUEST`.

Motivation: When users' /tmp is noexec, NativeLibraryLoader logs a message informing them how to fix the problem by setting a system property. However, if Netty has been shaded that message will tell them to set the un-shaded system property name, which won't work. Modifications: Change the code to let shading tools rename the native.workdir property name reference within user-visible log messages. Notably, debug logs were _not_ changed, as there's many debug statements including a variety of property names. Fixing them would be a much more invasive change and have limited benefit. Result: The users will see the correctly-named system property to set if they are using a noexec /tmp.

…en accessing backing array. (netty#8865) Motivation: We should not depend on the implementation detail of Unpooled.buffer(int) to allocate the exact size of backing byte[] as depending on the implementation it may return a buffer with a bigger backing array. Modifications: Explicit allocate the byte[] and wrap it in the ByteBuf. This way we are sure that ByteBuf.array() returns an byte[] which has the exact length and content we expect. Result: More correct and safe usage of ByteBuf.array()

…n the ClosedChannelException (netty#8863) Motivation: To make it easier to understand why a Channel was closed previously and so why the operation failed with a ClosedChannelException we should include the original Exception. Modifications: - Store the original exception that lead to the closed Channel and include it in the ClosedChannelException that is used to fail the operation. - Add unit test Result: Fixes netty#8862.

…ue transport (netty#8881) Motivation: In netty#8665 we changed how we handle the registration of Channels to KQueue but missed to removed some code which would deregister the Channel before it actual closed the underlying socket. This could lead to have events triggered still while not have a mapping to the Channel anymore. Modifications: Remove deregister call during socket closure. Result: Fixes netty#8849.

Motivation: Avoid unnecessary (char) casts by changing variables types. Modifications: Use chars directly. Result: Less casts.

…etty#8885) Motivation: `DefaultFileRegion.transferTo` will return 0 all the time when we request more data then the actual file size. This may result in a busy spin while processing the fileregion during writes. Modifications: - If we wrote 0 bytes check if the underlying file size is smaller then the requested count and if so throw an IOException - Add DefaultFileRegionTest - Add a test to the testsuite Result: Fixes netty#8868.

Motivation: As ActiveMQ project using netty, we want to make use of this class, unfortunately the iterator on values(), seems to not support remove method, even so the delegated iterator does. Currently we have to clone and modify this class locally albeit a one line change is needed, it would be ideal if netty could allow remove, then removing the need to maintain a clone. Modifications: * remove throws UnsupportedOperationException, and instead call remove method on delegated iterator Result: Be able to call Iterator.remove() for the values.

…etty#8891) Motivation: netty#8866 added support for calling Iterator.remove() but did not add a testcase. Modifications: Add testcase to ensure removal works. Result: Better test-coverage.

Motivation: We use outdated EA releases when building and testing with JDK 12 and 13. Modifications: - Update versions. - Add workaround for possible JDK12+ bug. Result: Use latest releases

…y#8899) Motivation: fa6a8cb introduced correct dispatching of delegated tasks for SSLEngine but did not correctly handle some cases for resuming wrap / unwrap after the task was executed. This could lead to stales, which showed up during tests when running with Java11 and BoringSSL. Modifications: - Correctly resume wrap / unwrap in all cases. - Fix timeout value which was changed in previous commit by mistake. Result: No more stales after task execution.

netty#8886) Motivation: PromiseCombiner is not thread-safe and even assumes all added Futures are using the same EventExecutor. This is kind of fragile as we do not enforce this. We need to enforce this contract to ensure it's safe to use and easy to spot concurrency problems. Modifications: - Add new contructor to PromiseCombiner that takes an EventExecutor and deprecate the old non-arg constructor. - Check if methods are called from within the EventExecutor thread and if not fail - Correctly dispatch on the right EventExecutor if the Future uses a different EventExecutor to eliminate concurrency issues. Result: More safe use of PromiseCombiner + enforce correct usage / contract.

Motivation: This PR fixes some non-negligible overhead discovered in the ByteBuf accessibility (non-zero refcount) checking. The cause turned out to be mostly twofold: - Unnecessary operations used to calculate the refcount from the "raw" encoded int field value - Call stack depths exceeding the default limit for inlining, in some places (CompositeByteBuf in particular) It's a follow-on from netty#8882 which uses the maxCapacity field for a simpler non-negative check. The performance gap between these two variants appears to be _mostly_ closed, but there's one exception which may warrant further analysis. Modifications: - Replace ABB.internalRefCount() with ByteBuf.isAccessible(), the default still checks for non-zero refCnt() - Just test for parity of raw refCnt instead of converting to "real", with fast-path for specific small values - Make sure isAccessible() is delegated by derived/wrapper ByteBufs - Use existing freed flag in CompositeByteBuf for faster isAccessible() - Manually inline some calls in methods like CompositeByteBuf.setLong() and AbstractReferenceCountedByteBuf.isAccessible() to reduce stack depths (to ensure default inlining limit isn't hit) - Add ByteBufAccessBenchmark which is an extension of UnsafeByteBufBenchmark (maybe latter could now be removed) Results: Before: Benchmark (bufferType) (checkAccessible) (checkBounds) Mode Cnt Score Error Units readBatch UNSAFE true true thrpt 30 84524972.863 ± 518338.811 ops/s readBatch UNSAFE_SLICE true true thrpt 30 38608795.037 ± 298176.974 ops/s readBatch HEAP true true thrpt 30 80003697.649 ± 974674.119 ops/s readBatch COMPOSITE true true thrpt 30 18495554.788 ± 108075.023 ops/s setGetLong UNSAFE true true thrpt 30 247069881.578 ± 10839162.593 ops/s setGetLong UNSAFE_SLICE true true thrpt 30 196355905.206 ± 1802420.990 ops/s setGetLong HEAP true true thrpt 30 245686644.713 ± 11769311.527 ops/s setGetLong COMPOSITE true true thrpt 30 83170940.687 ± 657524.123 ops/s setLong UNSAFE true true thrpt 30 278940253.918 ± 1807265.259 ops/s setLong UNSAFE_SLICE true true thrpt 30 202556738.764 ± 11887973.563 ops/s setLong HEAP true true thrpt 30 280045958.053 ± 2719583.400 ops/s setLong COMPOSITE true true thrpt 30 121299806.002 ± 2155084.707 ops/s After: Benchmark (bufferType) (checkAccessible) (checkBounds) Mode Cnt Score Error Units readBatch UNSAFE true true thrpt 30 101641801.035 ± 3950050.059 ops/s readBatch UNSAFE_SLICE true true thrpt 30 84395902.846 ± 4339579.057 ops/s readBatch HEAP true true thrpt 30 100179060.207 ± 3222487.287 ops/s readBatch COMPOSITE true true thrpt 30 42288494.472 ± 294919.633 ops/s setGetLong UNSAFE true true thrpt 30 304530755.027 ± 6574163.899 ops/s setGetLong UNSAFE_SLICE true true thrpt 30 212028547.645 ± 14277828.768 ops/s setGetLong HEAP true true thrpt 30 309335422.609 ± 2272150.415 ops/s setGetLong COMPOSITE true true thrpt 30 160383609.236 ± 966484.033 ops/s setLong UNSAFE true true thrpt 30 298055969.747 ± 7437449.627 ops/s setLong UNSAFE_SLICE true true thrpt 30 223784178.650 ± 9869750.095 ops/s setLong HEAP true true thrpt 30 302543263.328 ± 8140104.706 ops/s setLong COMPOSITE true true thrpt 30 157083673.285 ± 3528779.522 ops/s There's also a similar knock-on improvement to other benchmarks (e.g. HPACK encoding/decoding) as shown in netty#8882. For sanity I did a final comparison of the "fast path" tweak using one of the HPACK benchmarks: (rawCnt & 1) == 0: Benchmark (limitToAscii) (sensitive) (size) Mode Cnt Score Error Units HpackDecoderBenchmark.decode true true MEDIUM thrpt 30 50914.479 ± 940.114 ops/s rawCnt == 2 || rawCnt == 4 || rawCnt == 6 || rawCnt == 8 || (rawCnt & 1) == 0: Benchmark (limitToAscii) (sensitive) (size) Mode Cnt Score Error Units HpackDecoderBenchmark.decode true true MEDIUM thrpt 30 60036.425 ± 1478.196 ops/s

Motivation: ChunkedWriteHandler needs to close both successful and failed ChunkInputs. It used to never close successful ones. Modifications: * ChunkedWriteHandler always closes ChunkInput before completing the write promise. * Ensure only ChunkInput#close() is invoked on a failed input. * Ensure no methods are invoked on a closed input. Result: Fixes netty#8875.

…etty#8900) Motivation: We should run a CI job using J9 to ensure netty also works when using different JVMs. Modifications: - Adjust PooledByteBufAllocatorTest to be able to complete faster when using a JVM which takes longer when joining Threads (this seems to be the case with J9). - Skip UDT tests on J9 as UDT is not supported there. Result: Be able to run CI against J9.

Motivation: To ensure Netty works on different JVMs we should also run tests on the CI with these. Modifications: Add docker-compose config to run build with OpenJ9 JVM Result: Ensure Netty works with different JVMs

…engine is destroyed (netty#8905) Motivation: We must only remove ReferenceCountedOpenSslEngine from OpenSslEngineMap when engine is destroyed as the verifier / certificate callback may be called multiple times when the remote peer did initiate a renegotiation. If we fail to do so we will cause an NPE like this: ``` 13:16:36.750 [testsuite-oio-worker-5-18] DEBUG i.n.h.s.ReferenceCountedOpenSslServerContext - Failed to set the server-side key material java.lang.NullPointerException: null at io.netty.handler.ssl.OpenSslKeyMaterialManager.setKeyMaterialServerSide(OpenSslKeyMaterialManager.java:69) at io.netty.handler.ssl.ReferenceCountedOpenSslServerContext$OpenSslServerCertificateCallback.handle(ReferenceCountedOpenSslServerContext.java:212) at io.netty.internal.tcnative.SSL.readFromSSL(Native Method) at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.readPlaintextData(ReferenceCountedOpenSslEngine.java:575) at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1124) at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1236) at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1279) at io.netty.handler.ssl.SslHandler$SslEngineType$1.unwrap(SslHandler.java:217) at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1330) at io.netty.handler.ssl.SslHandler.decodeNonJdkCompatible(SslHandler.java:1237) at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1274) at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:502) at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:441) at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:278) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:337) at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1408) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345) at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:930) at io.netty.channel.oio.AbstractOioByteChannel.doRead(AbstractOioByteChannel.java:170) at io.netty.channel.oio.AbstractOioChannel$1.run(AbstractOioChannel.java:40) at io.netty.channel.ThreadPerChannelEventLoop.run(ThreadPerChannelEventLoop.java:69) at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:905) at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) at java.base/java.lang.Thread.run(Thread.java:834) ``` While the exception is kind of harmless (as we will reject the renegotiation at the end anyway) it produces some noise in the logs. Modifications: Don't remove engine from map after handshake is complete but wait for it to be removed until the engine is destroyed. Result: No more NPE and less noise in the logs.

…netty#8904) Motivation: Netty is very widely used which can lead to a lot of pain when we break API / ABI. We should make use japicmp-maven-plugin during the build to verify we do not introduce breakage by mistake. Modifications: - Add japicmp-maven-plugin to the build process - Fix a method signature change in HttpProxyHandler that was flagged as a possible problem. Result: Ensure no API/ABI breakage accour between releases.

…y name. (netty#8913) Motivation: 2bb9f64 introduced a change which made it possible to use different shaded versions of netty-tcnative on the classpath. This only partly worked as we did not correctly handled the case when os / arch is part of the library name (which is the case when netty-tcnative-boringssl-static is used with the uber jar). Modifications: - If patching the ID failed we retry again with the os / arch stripped - Add unit tests to verify that patching ID now works with and without os / arch as suffix. Result: Using multiple shaded version of netty-tcnative-boringssl-static on MacOS works.

…tty#8859) Motivation: SSLEngine API has a notion of tasks that may be expensive and offload these to another thread. We did not support this when using our native implementation but can now for various operations during the handshake. Modifications: - Support offloading tasks during the handshake when using our native SSLEngine implementation - Correctly handle the case when NEED_TASK is returned and nothing was consumed / produced yet Result: Be able to offload long running tasks from the EventLoop when using SslHandler with our native SSLEngine.

…y#8914) Motivation: Simple rules: * close the connection when sending any error * specify "Connection: close" header when closing the connection * successful responses should keep the connection intact when otherwise is not requested by the client Modifications: * "send response and cleanup the connection" logic moved to a helper * for all successful responses set "Content-Lenght" header * do not specify "Connection: Keep-Alive" header as far it's a default for HTTP/1.1 * set "Connection: close" header when necessary Result: Keep-Alive connections management is inlined with RFCs.

…tions. (netty#8919) Motivation: In the past we found a lot of SSL related bugs because of the interopt tests we have in place between different SSLEngine implementations. We should have as many of these interopt tests as possible for this reason. Modifications: - Add interopt tests between Conscrypt and OpenSSL SSLEngine implementations Result: More tests for SSL.

@jayv

netty#8921) * Do not use GetPrimitiveArrayCritical(...) due multiple not-fixed bugs related to GCLocker Motivation: GetPrimitiveArrayCritical(...) may cause multiple not-fixed bugs related to the GCLocker while there is little gain for our use-case. We should just use GetByteArrayRegion(...) and copy into a small on-stack buffer. See also: - https://shipilev.net/jvm/anatomy-quarks/9-jni-critical-gclocker/#_g1 - https://bugs.openjdk.java.net/browse/JDK-8048556 - https://bugs.openjdk.java.net/browse/JDK-8057573 - https://bugs.openjdk.java.net/browse/JDK-8057586 Special thanks to @jayv @shipilev @apangin for the pointers. Modifications: Replace GetPrimitiveArrayCritical(...) with GetByteArrayRegion(...) Result: Less risks hitting GCLocker related bugs.

netty#8922) Motivation: When HttpContentDecoder (and so HttpContentDecompressor) does not produce any message we need to make sure it calls ctx.read() if auto read is false to not stale. Modifications: - Keep track if we need to call ctx.read() or not - Add unit test Result: Fixes netty#8915.

netty#8918) Motivation: The SSLSession that is returned by SSLEngine.getHandshakeSession() must be able to provide the local certificates when the TrustManager is invoked on the server-side. Modifications: - Correctly return the local certificates - Add unit test Result: Be able to obtain local certificates from handshake SSLSession during verification on the server side.

Motivation: While looking at hpack header-processing hotspots I noticed some low level too-big-to-inline methods which can be shrunk. Modifications: Reduce bytecode size and/or runtime operations used for the following methods: PlatformDependent0.equals(byte[], ...) PlatformDependent0.equalsConstantTime(byte[], ...) PlatformDependent0.hashCodeAscii(byte[],int,int) PlatformDependent.hashCodeAscii(CharSequence) Result: Existing benchmarks show decent improvement Before Benchmark (size) Mode Cnt Score Error Units HpackUtilBenchmark.newEquals SMALL thrpt 5 17200229.374 ± 1701239.198 ops/s HpackUtilBenchmark.newEquals MEDIUM thrpt 5 3386061.629 ± 72264.685 ops/s HpackUtilBenchmark.newEquals LARGE thrpt 5 507579.209 ± 65883.951 ops/s After Benchmark (size) Mode Cnt Score Error Units HpackUtilBenchmark.newEquals SMALL thrpt 5 29221527.058 ± 4805825.836 ops/s HpackUtilBenchmark.newEquals MEDIUM thrpt 5 6556251.645 ± 466115.199 ops/s HpackUtilBenchmark.newEquals LARGE thrpt 5 879828.889 ± 148136.641 ops/s Before Benchmark (size) Mode Cnt Score Error Units PlatformDepBench.unsafeBytesEqual 4 avgt 10 4.263 ± 0.110 ns/op PlatformDepBench.unsafeBytesEqual 10 avgt 10 5.206 ± 0.133 ns/op PlatformDepBench.unsafeBytesEqual 50 avgt 10 8.160 ± 0.320 ns/op PlatformDepBench.unsafeBytesEqual 100 avgt 10 13.810 ± 0.751 ns/op PlatformDepBench.unsafeBytesEqual 1000 avgt 10 89.077 ± 7.275 ns/op PlatformDepBench.unsafeBytesEqual 10000 avgt 10 773.940 ± 24.579 ns/op PlatformDepBench.unsafeBytesEqual 100000 avgt 10 7546.807 ± 110.395 ns/op After Benchmark (size) Mode Cnt Score Error Units PlatformDepBench.unsafeBytesEqual 4 avgt 10 3.337 ± 0.087 ns/op PlatformDepBench.unsafeBytesEqual 10 avgt 10 4.286 ± 0.194 ns/op PlatformDepBench.unsafeBytesEqual 50 avgt 10 7.817 ± 0.123 ns/op PlatformDepBench.unsafeBytesEqual 100 avgt 10 11.260 ± 0.412 ns/op PlatformDepBench.unsafeBytesEqual 1000 avgt 10 84.255 ± 2.596 ns/op PlatformDepBench.unsafeBytesEqual 10000 avgt 10 591.892 ± 5.136 ns/op PlatformDepBench.unsafeBytesEqual 100000 avgt 10 6978.859 ± 285.043 ns/op

[maven-release-plugin] copy for tag netty-4.1.34.Final

Jenkins job that publishes netty artifacts is splitted in two subjobs. First publishes OSX artifacts, seconds publishes all other artifacts. The former depends on the latter but this dependency is not reflected in jenkins. During a first run OSX subjob fails due to unresolved dependencies (artifacts published by the second subjob). Add -U to workaround caching "unresolved dependencies".

Docker setup

Motivation: The special case fixed in netty#8497 also requires that we keep a derived slice when trimming components in place, as done by the capacity(int) and discardReadBytes() methods. Modifications: Ensure that we keep a ref to trimmed components' original retained slice in capacity(int) and discardReadBytes() methods, so that it is released properly when the they are later freed. Add unit test which fails prior to the fix. Result: Edge case leak is eliminated.

- Reason for reverting incrementMemoryCounter implementation (from Sergio's comment): "..moving from a CAS loop to the double addAndGet() might be faster, but by doing so, a single big-ish allocation which goes over the limit could cause concurrent small allocations to fail as well before the memory limit is brought back below threshold via DIRECT_MEMORY_COUNTER.addAndGet(-capacity)" - scheduledTaskQueue is now protected to simplify DB-3884 "we might need to peek at the scheduled queue ourselves"

DSP-19407 after upgrade review remarks

…netty#9492) Motivation: `HttpObjectDecoder` pre-checks that it doesn't request characters outside of the `AppendableCharSequence`'s length. `0` is always allowed because the minimal length of `AppendableCharSequence` is `1`. We can legally skip index check by using `AppendableCharSequence.charAtUnsafe(int)` in all existing cases in `HttpObjectDecoder`. Modifications: - Use `AppendableCharSequence.charAtUnsafe(int)` instead of `AppendableCharSequence.charAt(int)` in `HttpObjectDecoder`. Result: No unnecessary index checks in `HttpObjectDecoder`. (cherry picked from commit 85fcf4e)

…30#section-3.2.4 (netty#9585) Motivation: When parsing HTTP headers special care needs to be taken when a whitespace is detected in the header name. Modifications: - Ignore whitespace when decoding response (just like before) - Throw exception when whitespace is detected during parsing - Add unit tests Result: Fixes netty#9571 (cherry picked from commit 39cafcb)

) Motivation: Technical speaking its valid to have http headers with no values so we should support it. That said we need to detect if these are "generated" because of an "invalid" fold. Modifications: - Detect if a colon is missing when parsing headers. - Add unit test Result: Fixes netty#9866 (cherry picked from commit a7c18d4)

…-length and transfer-encoding: chunked header when using HTTP/1.1 (netty#9865) Motivation: RFC7230 states that we should not accept multiple content-length headers and also should not accept a content-length header in combination with transfer-encoding: chunked Modifications: - Check for multiple content-length headers and if found mark message as invalid - Check if we found a content-length header and also a transfer-encoding: chunked and if so mark the message as invalid - Add unit test Result: Fixes netty#9861 (cherry picked from commit 8494b04)

Compared against 4.1.34.2.dse, this tag cherry-picks upstream commits that fixed bugs in HttpObjectDecoder/HttpRequestDecoder, plus two intermediate refactoring commits that indirectly affect those bugfix commits. What follows is a list of PR links, issue links, CVE links, and hashes associated with the cherry-picked commits. Verify we do not receive multiple content-length headers or a content-length and transfer-encoding: chunked header when using HTTP/1.1 (netty#9865) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7238 netty#9861 netty#9865 8494b04 Detect missing colon when parsing http headers with no value (netty#9871) https://nvd.nist.gov/vuln/detail/CVE-2019-20444 netty#9866 netty#9871 a7c18d4 Fix typos in javadocs (netty#9527) skipped Correctly handle whitespaces in HTTP header names as defined by RFC7230#section-3.2.4 (netty#9585) https://nvd.nist.gov/vuln/detail/CVE-2019-16869 netty#9571 netty#9585 39cafcb Use `AppendableCharSequence.charAtUnsafe(int)` in `HttpObjectDecoder` (netty#9492) netty#9492 85fcf4e

DB-4068 cherry-pick upstream HttpRequest/ObjectDecoder fixes (4.1.34/bdp master)

Dse netty 4.1.34.final #18

Are you sure you want to change the base?

Dse netty 4.1.34.final #18

Commits on Sep 14, 2018

Commits on Sep 18, 2018

Commits on Sep 20, 2018

Commits on Sep 21, 2018

Commits on Sep 22, 2018

Commits on Sep 26, 2018

Commits on Sep 27, 2018

Commits on Sep 28, 2018

Commits on Oct 5, 2018

Commits on Oct 9, 2018

Commits on Oct 11, 2018

Commits on Oct 12, 2018

Commits on Oct 13, 2018

Commits on Oct 14, 2018

Commits on Oct 15, 2018

Commits on Oct 16, 2018

Commits on Oct 17, 2018

Commits on Oct 18, 2018

Commits on Oct 19, 2018

Commits on Oct 20, 2018

Commits on Oct 22, 2018

Commits on Oct 23, 2018

Commits on Oct 24, 2018

Commits on Oct 26, 2018

Commits on Oct 27, 2018

Commits on Oct 28, 2018

Commits on Oct 29, 2018

Commits on Oct 30, 2018

Commits on Nov 2, 2018

Commits on Nov 3, 2018

Commits on Nov 5, 2018

Commits on Nov 6, 2018

Commits on Nov 7, 2018

Commits on Nov 8, 2018

Commits on Nov 9, 2018

Commits on Nov 11, 2018

Commits on Nov 12, 2018

Commits on Nov 13, 2018

Commits on Nov 14, 2018

Commits on Nov 15, 2018

Commits on Nov 16, 2018

Commits on Nov 19, 2018

Commits on Nov 20, 2018

Commits on Nov 21, 2018

Commits on Nov 23, 2018

Commits on Nov 24, 2018

Commits on Nov 25, 2018

Commits on Nov 27, 2018

Commits on Nov 29, 2018

Commits on Dec 1, 2018

Commits on Dec 4, 2018

Commits on Dec 5, 2018

Commits on Dec 6, 2018

Commits on Dec 7, 2018

Commits on Dec 10, 2018

Commits on Dec 12, 2018

Commits on Dec 13, 2018

Commits on Dec 14, 2018

Commits on Dec 17, 2018

Commits on Dec 19, 2018

Commits on Dec 20, 2018

Commits on Dec 21, 2018

Commits on Dec 25, 2018

Commits on Dec 28, 2018

Commits on Jan 14, 2019

Commits on Jan 15, 2019

Commits on Jan 16, 2019

Commits on Jan 17, 2019

Commits on Jan 18, 2019

Commits on Jan 19, 2019

Commits on Jan 21, 2019

Commits on Jan 22, 2019

Commits on Jan 24, 2019

Commits on Jan 25, 2019

Commits on Jan 28, 2019

Commits on Jan 30, 2019

Commits on Jan 31, 2019