Pass through upgrade request #11266

Motivation: `Http2Frame` has extra empty line after `String name();`. However, it should not be there. Modification: Removed extra empty line. Result: Empty-line code style now matching with other classes.

This reverts commit 78d5ab4.

Motivation: We should have the `toString` method in `DefaultHttp2WindowUpdateFrame` because it makes debugging a little easy. Modification: Added `toString` method. Result: `toString` method to help in debugging. Co-authored-by: Norman Maurer <norman_maurer@apple.com>

…ameter (#10760) Motivation: `HttpConversionUtil#toHttpResponse` translates `Http2Headers` to `HttpResponse`. It uses `#addHttp2ToHttpHeaders(..., boolean isRequest)` to do so. However, `isRequest` field is set to `true` instead of `false`. It should be set to `false` because we're doing conversion of Response not Request. Modification: Changed `true` to `false`. Result: Correctly translates `Http2Headers` to `HttpResponse`.

Motivation: There is no need for ByteProcessor to throw a checked exception. The declared checked exception causes unnecessary code complications just to propagate it. This can be cleaned up. Modification: ByteProcessor.process no longer declares to throw a checked exception, and all the places that were trying to cope with the checked exception have been simplified. Result: Simpler code.

This reverts commit b70d0fa.

Motivation: There is no need for ByteProcessor to throw a checked exception. The declared checked exception causes unnecessary code complications just to propagate it. This can be cleaned up. Modification: ByteProcessor.process no longer declares to throw a checked exception, and all the places that were trying to cope with the checked exception have been simplified. Result: Simpler code.

Motivation: PoolChunk maintains multiple PriorityQueue<Long> collections. The usage of PoolChunk#removeAvailRun unboxes the Long values to long, and then this method uses queue.remove(..) which will auto box the value back to Long. This creates unnecessary allocations via Long.valueOf(long). Modifications: - Adjust method signature and usage of PoolChunk#removeAvailRun to avoid boxing Result: Less allocations as a result of PoolChunk#removeAvailRun.

Motivation: JUnit 5 is the new hotness. It's more expressive, extensible, and composable in many ways, and it's better able to run tests in parallel. But most importantly, it's able to directly run JUnit 4 tests. This means we can update and start using JUnit 5 without touching any of our existing tests. I'm also introducing a dependency on assertj-core, which is like hamcrest, but arguably has a nicer and more discoverable API. Modification: Add the JUnit 5 and assertj-core dependencies, without converting any tests at time time. Result: All our tests are now executed through the JUnit 5 Vintage Engine. Also, the JUnit 5 test APIs are available, and any JUnit 5 tests that are added from now on will also be executed.

Motivation: There were new releases of java. Modifications: Update java versions so we use the latest on the CI Result: Use latest releases

Motivation: `dnsinfo` uses `Apple Public Source License 2.0` not `Apache License 2.0`. Modification: Changed `Apache License 2.0` to `Apple Public Source License 2.0` Result: Fixes #10772

Motivation: We received a [bug report](https://bugs.chromium.org/p/chromium/issues/detail?id=1143320) from the Chrome team at Google, their canary builds are failing [HTTP/2 GREASE](https://tools.ietf.org/html/draft-bishop-httpbis-grease-00) testing to netflix.com. The reason it's failing is that Netty can't handle unknown frames without an active stream created. Let me know if you'd like more info, such as stack traces or repro steps. Modification: The change is minor and simply ignores unknown frames on the connection stream, similarly to `onWindowUpdateRead`. Result: I figured I would just submit a PR rather than filing an issue, but let me know if you want me to do that for tracking purposes.

…error (#10775) Motivation: When parsing HEADERS, connection errors can occur (e.g., too large of headers, such that we don't want to HPACK decode them). These trigger a GOAWAY with a last-stream-id telling the client which streams haven't been processed. Unfortunately that last-stream-id didn't include the stream for the HEADERS that triggered the error. Since clients are free to silently retry streams not included in last-stream-id, the client is free to retransmit the request on a new connection, which will fail the connection with the wrong last-stream-id, and the client is still free to retransmit the request. Modifications: Have fatal connection errors (those that hard-cut the connection) include all streams in last-stream-id, which guarantees the HEADERS' stream is included and thus should not be silently retried by the HTTP/2 client. This modification is heavy-handed, as it will cause racing streams to also fail, but alternatives that provide precise last-stream-id tracking are much more invasive. Hard-cutting the connection is already heavy-handed and so is rare. Result: Fixes #10670

Motivation: We should have a method to add `HttpScheme` if `HttpRequest` does not contain `x-http2-scheme` then we should use add it if `HttpToHttp2ConnectionHandler` is build using specified `HttpScheme`. Modification: Added `HttpScheme` in `HttpToHttp2ConnectionHandlerBuilder`. Result: Automatically add `HttpScheme` if missing in `HttpRequest`.

Motivation: Printing download progress in the build log makes it harder to see what's wrong when the build fails. Modification: Change the maven command to not show transfer progress, also enable batch mode so Maven don't print in colors that we can't see anyway. Result: More concise code analysis build logs.

…10783) Motivation: Sometimes it would be helpful to easily detect if an operation failed due the SSLEngine already be closed. Modifications: Add special exception that is used when the engine was closed Result: Easier to detect a failure caused by a closed exception

Motivation: `HttpConversionUtil#toFullHttpResponse` and `HttpConversionUtil#toFullHttpRequest` has `ByteBufAllocator` which is used for building `FullHttpMessage` and then data can be appended with `FullHttpMessage#content`. However, there can be cases when we already have `ByteBuf` ready with data. So we need a parameter to add `ByteBuf` directly into `FullHttpMessage` while creating it. Modification: Added `ByteBuf` parameter, Result: More functionality for handling `FullHttpMessage` content.

Motivation: https in xmlns URIs does not work and will let the maven release plugin fail: ``` [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 1.779 s [INFO] Finished at: 2020-11-10T07:45:21Z [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli) on project netty-parent: Execution default-cli of goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare failed: The namespace xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" could not be added as a namespace to "project": The namespace prefix "xsi" collides with an additional namespace declared by the element -> [Help 1] [ERROR] ``` See also https://issues.apache.org/jira/browse/HBASE-24014. Modifications: Use http for xmlns Result: Be able to use maven release plugin

Motivation: 2d1b143 missed to change the artifactId in one place Modification: Change to netty-build-common Result: Release works

Motivation: Passing a null value of byte[] to the `Unsafe.copyMemory(xxx)` would cause the JVM crash Modification: Add null checking before calling `PlatformDependent.copyMemory(src, xxx)` Result: Fixes #10791 .

Motivation: `DelegatingDecompressorFrameListener#initDecompressor` has multiple dots `.` in comments. However, it should not have that. Modification: Removed multiple dots. Result: Clean comment

Fix issue #10508 where PARANOID mode slow down about 1000 times compared to ADVANCED. Also fix a rare issue when internal buffer was growing over a limit, it was partially discarded using `discardReadBytes()` which causes bad changes within previously discovered HttpData. Reasons were: Too many `readByte()` method calls while other ways exist (such as keep in memory the last scan position when trying to find a delimiter or using `bytesBefore(firstByte)` instead of looping externally). Changes done: - major change on way buffer are parsed: instead of read byte per byte until found delimiter, try to find the delimiter using `bytesBefore()` and keep the last unfound position to skeep already parsed parts (algorithms are the same but implementation of scan are different) - Change the condition to discard read bytes when refCnt is at most 1. Observations using Async-Profiler: ================================== 1) Without optimizations, most of the time (more than 95%) is through `readByte()` method within `loadDataMultipartStandard` method. 2) With using `bytesBefore(byte)` instead of `readByte()` to find various delimiter, the `loadDataMultipartStandard` method is going down to 19 to 33% depending on the test used. the `readByte()` method or equivalent `getByte(pos)` method are going down to 15% (from 95%). Times are confirming those profiling: - With optimizations, in SIMPLE mode about 82% better, in ADVANCED mode about 79% better and in PARANOID mode about 99% better (most of the duplicate read accesses are removed or make internally through `bytesBefore(byte)` method) A benchmark is added to show the behavior of the various cases (one big item, such as File upload, and many items) and various level of detection (Disabled, Simple, Advanced, Paranoid). This benchmark is intend to alert if new implementations make too many differences (such as the previous version where about PARANOID gives about 1000 times slower than other levels, while it is now about at most 10 times). Extract of Benchmark run: ========================= Run complete. Total time: 00:13:27 Benchmark Mode Cnt Score Error Units HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigAdvancedLevel thrpt 6 2,248 ± 0,198 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigDisabledLevel thrpt 6 2,067 ± 1,219 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigParanoidLevel thrpt 6 1,109 ± 0,038 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigSimpleLevel thrpt 6 2,326 ± 0,314 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighAdvancedLevel thrpt 6 1,444 ± 0,226 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighDisabledLevel thrpt 6 1,462 ± 0,642 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighParanoidLevel thrpt 6 0,159 ± 0,003 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighSimpleLevel thrpt 6 1,522 ± 0,049 ops/ms

…ple (#10807) Motivation: People may use the object serialisation example as a vehicle to test out sending their own objects across the wire. If those objects are not actually serialisable for some reason, then we need to let the exception propagate so that this becomes obvious to people. Modification: Add a listener to the future that sends the first serialisable message, so that we ensure that any exceptions that shows up during serialisation becomes visible. Without this, the state of the future that sent the first message was never checked or inspected anywhere. Result: Serialisation bugs in code derived from the Object Echo example are much easier to diagnose. This fixes #10777

…fter custom headers to avoid duplication (#10793) Motivation: According rfc (https://tools.ietf.org/html/rfc6455#section-11.3.4), `Sec-WebSocket-Protocol` header field MUST NOT appear more than once in an HTTP response. At the moment we can pass `Sec-WebSocket-Protocol` via custom headers and it will be added to response. Modification: Change method add() to set() for avoid duplication. If we pass sub protocols in handshaker constructor it means that they are preferred over custom ones. Result: Less error prone behavior.

Motivation: ABORT and COMMIT commands were missing from the enum but they are part of the STOMP spec. Modifications: Modified the enum to add the missing commands. Result: ABORT and COMMIT commands can now be parsed properly and acted on.

Motivation: When a HashedWheelTimer instance is started or stopped, its working thread is started or stopped. These operations block the calling thread: - start() calls java.util.concurrent.CountDownLatch.await() to wait for the worker thread to finish initializing; - stop() calls java.lang.Thread.join(long) to wait for the worker thread to exit. BlockHound detects these calls and as a consequence, prevents HashedWheelTimer from working properly, if it is started or stopped in a thread that is not allowed to block. Modifications: Added two more BlockHound exceptions to io.netty.util.internal.Hidden.NettyBlockHoundIntegration: one for HashedWheelTimer.start() and one for HashedWheelTimer.stop(). Result: HashedWheelTimer can now be started and stopped properly when BlockHound is activated.

Motivation: In some enviroments sun.misc.Unsafe is not present. We should support these as well. Modifications: Fallback to JNI if we can't directly access the memoryAddress of the buffer. Result: Fixes #10813

Motivation: GlobalEventExecutor.addTask was rightfully allowed to block by commit 09d38c8. However the same should have been done for SingleThreadEventExecutor.addTask. BlockHound is currently intercepting that call, and as a consequence, it prevents SingleThreadEventExecutor from working properly, if addTask is called from a thread that cannot block. The interception is due to LinkedBlockingQueue.offer implementation, which uses a ReentrantLock internally. Modifications: * Added one BlockHound exception to io.netty.util.internal.Hidden.NettyBlockHoundIntegration for SingleThreadEventExecutor.addTask. * Also added unit tests for both SingleThreadEventExecutor.addTask and GlobalEventExecutor.addTask. Result: SingleThreadEventExecutor.addTask can now be invoked from any thread when BlockHound is activated.

… channelInputClosed(...) is processing the buffer. (#10817) Motivation: We need to carefully check for null before we pass the cumulation buffer into decodeLast as callDecode(...) may have removed the codec already and so set cumulation to null. Modifications: - Check for null and if we see null use Unpooled.EMPTY_BUFFEr - Only call decodeLast(...) if callDecode(...) didnt remove the handler yet. Result: Fixes #10802

…n't access the memoryAddress (#10818) Motivation: We can make use of internalNioBuffer(...) if we cant access the memoryAddress. This at least will reduce the object creations. Modifications: Use internalNioBuffer(...) and so reduce the GC Result: Less object creation if we can't access the memory address.

Motivation: #10267 introduced a change that reduced the fragmentation. Unfortunally it also introduced a regression when it comes to caching of normal allocations. This can have a negative performance impact depending on the allocation sizes. Modifications: - Fix algorithm to calculate the array size for normal allocation caches - Correctly calculate indeox for normal caches - Add unit test Result: Fixes #10805

…xecutor (#10827) Motivation: We should avoid lying with throws declarations whenever possible. Modification: Changed the code to instead directly throw Error, which seems to have been the intent. Also, while we're here, convert its associated test to JUnit 5 and clean it up a bit. Result: Cleaner code.

Motivation: The DnsNameResolver internally follows CNAME indirects for all records types, and supports caching for CNAME resolution and A* records. For DNS record types that are not cached (e.g. SRV records) the caching of CNAME records may result in failures at incorrect times. For example if a CNAME record has a larger TTL than the entries it resolves this may result in failures which don't occur if the CNAME cache is disabled. Modifications: - Don't cache CNAME and also dont use the cache for CNAME when using DnsRecordResolveContext - Add unit test Result: More correct resolving and also not possible to have failures due CNAME still be in the cache while the queried record experied

…oolChunk (#10826) Motivation: The uncached access to PoolChunk can be made faster, and avoid allocating boxed Longs, if we have a primitive hash map and priority queue implementation for it. Modification: Add bespoke primitive implementations of a hash map and a priority queue for PoolChunk. Remove all the long-boxing caused by the previous implementation. The hashmap is a linear probing map with a fairly short probe that keeps the search within a couple of cache lines. The priority queue is the same binary heap algorithm that's described in Algorithms by Sedgewick and Wayne. The implementation avoids the Long boxing by relying on a long[] array. This makes the internal-remove method faster, which is an important operation in PoolChunk. Result: Roughly 13% performance uplift in buffer allocations that miss cache.

Motivation: Http2ConnectionHandler tries to addListener to the future without checking if it's void. If it is void, this will fail and generate an exception. Modifications: Unvoid the promise in writeData() Result: Fixes #10816, Writing with a voidPromise no longer generates exceptions.

Motivation: We rely on this functionality in PoolChunk, and a bug was caught by a non-deterministic test failure Modification: Went back to the Algorithms book, and reimplemented remove() the way it was meant to. Result: No test failures after 200.000 runs, so we have some confidence the code is correct now.

…ebug() (#10836) Motivation: If Log4J2's `Filter` creates `Recycler.Stack` somehow, `Recycler.Stack()` will see uninitialized `Recycler.INITIAL_CAPACITY`. This has been raised originally in micrometer-metrics/micrometer#2369. Modification: This PR changes to initialize `Recycler.INITIAL_CAPACITY` before invoking `InternalLogger.debug()` to avoid it. Result: Fixes the problem described in the "Motivation" section.

@amir-shalem

…BOTTOM (#10839) Motivation: We need to ensure we override fillInStacktrace() when we store exceptions in static fields to not leak the Classloader in the backtrace. Came up in #10691 (comment). Thanks to @amir-shalem for notice this one. Modifications: - Add overrides of fillInStracktrace in TrackRecord.BOTTOM Result: Related fix to #10686

#10844) Motivation: Internally SSLEngineImpl.wrap(...) may call FileInputStream.read(...). This will cause the error below when BlockHound is enabled reactor.blockhound.BlockingOperationError: Blocking call! java.io.FileInputStream#readBytes at java.io.FileInputStream.readBytes(FileInputStream.java) at java.io.FileInputStream.read(FileInputStream.java:255) Modifications: - Add whitelist entry to BlockHound configuration - Add test Result: Fixes #10837

… frame encoding (allocate one buffer for full frame considering the size of the headers) (#10778) Motivation: At the moment `StompSubframeEncoder` encode a frame only to `ByteBuf` it is not convenient if further we need to convert it to another type of message, e.g. `WebSocketFrame`. Also, if we send a full frame, it splits into two headers and a content what makes it difficult to convert it in the next handler. Modification: Introduce additional converter methods e.g. (`Object protected convertFullFrame(StompFrame original, ByteBuf encoded`)...) for extending encoder functionality and allocate only one `ByteBuf` for full stomp frame. Change headers size calculation, previously used only 256 bytes that reallocate a new buffer each time when headers size more than this threshold. Add `StompEncoderBenchmark`. Result: Improved `StompSubframeEncoder` fro extensions. Previous version benchmark ``` Benchmark (contentLength) (headersType) (pooledAllocator) Mode Cnt Score Error Units StompEncoderBenchmark.writeStompFrame 0 ONE true thrpt 10 4432132.884 ± 178923.436 ops/s StompEncoderBenchmark.writeStompFrame 0 ONE false thrpt 10 1281122.756 ± 52484.174 ops/s StompEncoderBenchmark.writeStompFrame 0 THREE true thrpt 10 2980897.937 ± 130253.049 ops/s StompEncoderBenchmark.writeStompFrame 0 THREE false thrpt 10 1116883.574 ± 35471.482 ops/s StompEncoderBenchmark.writeStompFrame 0 SEVEN true thrpt 10 1988012.159 ± 74352.450 ops/s StompEncoderBenchmark.writeStompFrame 0 SEVEN false thrpt 10 881772.343 ± 94633.870 ops/s StompEncoderBenchmark.writeStompFrame 0 ELEVEN true thrpt 10 1048125.919 ± 151053.902 ops/s StompEncoderBenchmark.writeStompFrame 0 ELEVEN false thrpt 10 429900.066 ± 47956.661 ops/s StompEncoderBenchmark.writeStompFrame 0 TWENTY true thrpt 10 660584.122 ± 104973.439 ops/s StompEncoderBenchmark.writeStompFrame 0 TWENTY false thrpt 10 278255.488 ± 20143.708 ops/s StompEncoderBenchmark.writeStompFrame 10 ONE true thrpt 10 4251498.549 ± 625050.979 ops/s StompEncoderBenchmark.writeStompFrame 10 ONE false thrpt 10 1214006.861 ± 60421.601 ops/s StompEncoderBenchmark.writeStompFrame 10 THREE true thrpt 10 3117736.486 ± 173613.974 ops/s StompEncoderBenchmark.writeStompFrame 10 THREE false thrpt 10 1046605.891 ± 94428.064 ops/s StompEncoderBenchmark.writeStompFrame 10 SEVEN true thrpt 10 2006986.881 ± 108456.748 ops/s StompEncoderBenchmark.writeStompFrame 10 SEVEN false thrpt 10 877983.112 ± 82919.387 ops/s StompEncoderBenchmark.writeStompFrame 10 ELEVEN true thrpt 10 1132844.437 ± 84578.571 ops/s StompEncoderBenchmark.writeStompFrame 10 ELEVEN false thrpt 10 429334.649 ± 35403.161 ops/s StompEncoderBenchmark.writeStompFrame 10 TWENTY true thrpt 10 657093.390 ± 48092.947 ops/s StompEncoderBenchmark.writeStompFrame 10 TWENTY false thrpt 10 252140.876 ± 37337.255 ops/s StompEncoderBenchmark.writeStompFrame 100 ONE true thrpt 10 4720507.067 ± 100993.908 ops/s StompEncoderBenchmark.writeStompFrame 100 ONE false thrpt 10 1266182.925 ± 85888.413 ops/s StompEncoderBenchmark.writeStompFrame 100 THREE true thrpt 10 2898746.621 ± 452579.753 ops/s StompEncoderBenchmark.writeStompFrame 100 THREE false thrpt 10 1019555.288 ± 65640.507 ops/s StompEncoderBenchmark.writeStompFrame 100 SEVEN true thrpt 10 2259187.459 ± 20025.989 ops/s StompEncoderBenchmark.writeStompFrame 100 SEVEN false thrpt 10 896405.412 ± 53750.148 ops/s StompEncoderBenchmark.writeStompFrame 100 ELEVEN true thrpt 10 1110670.772 ± 107650.327 ops/s StompEncoderBenchmark.writeStompFrame 100 ELEVEN false thrpt 10 445187.398 ± 28845.959 ops/s StompEncoderBenchmark.writeStompFrame 100 TWENTY true thrpt 10 611506.846 ± 25304.240 ops/s StompEncoderBenchmark.writeStompFrame 100 TWENTY false thrpt 10 247687.007 ± 43471.578 ops/s StompEncoderBenchmark.writeStompFrame 1000 ONE true thrpt 10 4140949.576 ± 270274.087 ops/s StompEncoderBenchmark.writeStompFrame 1000 ONE false thrpt 10 1154515.598 ± 134413.876 ops/s StompEncoderBenchmark.writeStompFrame 1000 THREE true thrpt 10 3349996.875 ± 162309.889 ops/s StompEncoderBenchmark.writeStompFrame 1000 THREE false thrpt 10 1141040.562 ± 5895.693 ops/s StompEncoderBenchmark.writeStompFrame 1000 SEVEN true thrpt 10 2184632.248 ± 8957.833 ops/s StompEncoderBenchmark.writeStompFrame 1000 SEVEN false thrpt 10 959545.704 ± 5835.161 ops/s StompEncoderBenchmark.writeStompFrame 1000 ELEVEN true thrpt 10 1081113.327 ± 3957.527 ops/s StompEncoderBenchmark.writeStompFrame 1000 ELEVEN false thrpt 10 467524.660 ± 1383.236 ops/s StompEncoderBenchmark.writeStompFrame 1000 TWENTY true thrpt 10 568411.797 ± 108712.493 ops/s StompEncoderBenchmark.writeStompFrame 1000 TWENTY false thrpt 10 260764.231 ± 43149.129 ops/s StompEncoderBenchmark.writeStompFrame 10000 ONE true thrpt 10 4369787.147 ± 619367.939 ops/s StompEncoderBenchmark.writeStompFrame 10000 ONE false thrpt 10 1246782.845 ± 47468.764 ops/s StompEncoderBenchmark.writeStompFrame 10000 THREE true thrpt 10 3333328.810 ± 253061.481 ops/s StompEncoderBenchmark.writeStompFrame 10000 THREE false thrpt 10 1108278.988 ± 81905.149 ops/s StompEncoderBenchmark.writeStompFrame 10000 SEVEN true thrpt 10 2062961.266 ± 247096.284 ops/s StompEncoderBenchmark.writeStompFrame 10000 SEVEN false thrpt 10 925199.985 ± 36734.594 ops/s StompEncoderBenchmark.writeStompFrame 10000 ELEVEN true thrpt 10 1223240.034 ± 58833.801 ops/s StompEncoderBenchmark.writeStompFrame 10000 ELEVEN false thrpt 10 460864.117 ± 2361.459 ops/s StompEncoderBenchmark.writeStompFrame 10000 TWENTY true thrpt 10 655864.762 ± 35237.335 ops/s StompEncoderBenchmark.writeStompFrame 10000 TWENTY false thrpt 10 286388.865 ± 1002.460 ops/s ``` A new version benchmark ``` Benchmark (contentLength) (headersType) (pooledAllocator) Mode Cnt Score Error Units StompEncoderBenchmark.writeStompFrame 0 ONE true thrpt 10 4366110.018 ± 420377.867 ops/s StompEncoderBenchmark.writeStompFrame 0 ONE false thrpt 10 1289437.153 ± 215271.656 ops/s StompEncoderBenchmark.writeStompFrame 0 THREE true thrpt 10 2818791.355 ± 218894.471 ops/s StompEncoderBenchmark.writeStompFrame 0 THREE false thrpt 10 1040151.615 ± 75352.695 ops/s StompEncoderBenchmark.writeStompFrame 0 SEVEN true thrpt 10 1842144.001 ± 94668.864 ops/s StompEncoderBenchmark.writeStompFrame 0 SEVEN false thrpt 10 916742.825 ± 65467.820 ops/s StompEncoderBenchmark.writeStompFrame 0 ELEVEN true thrpt 10 1310454.012 ± 100747.490 ops/s StompEncoderBenchmark.writeStompFrame 0 ELEVEN false thrpt 10 679934.001 ± 82168.249 ops/s StompEncoderBenchmark.writeStompFrame 0 TWENTY true thrpt 10 746867.549 ± 68373.269 ops/s StompEncoderBenchmark.writeStompFrame 0 TWENTY false thrpt 10 483316.314 ± 50978.009 ops/s StompEncoderBenchmark.writeStompFrame 10 ONE true thrpt 10 4791698.722 ± 263890.510 ops/s StompEncoderBenchmark.writeStompFrame 10 ONE false thrpt 10 1289877.116 ± 128677.185 ops/s StompEncoderBenchmark.writeStompFrame 10 THREE true thrpt 10 2984662.187 ± 395567.524 ops/s StompEncoderBenchmark.writeStompFrame 10 THREE false thrpt 10 1079028.782 ± 43548.555 ops/s StompEncoderBenchmark.writeStompFrame 10 SEVEN true thrpt 10 1806763.709 ± 59162.209 ops/s StompEncoderBenchmark.writeStompFrame 10 SEVEN false thrpt 10 935274.980 ± 22064.148 ops/s StompEncoderBenchmark.writeStompFrame 10 ELEVEN true thrpt 10 1284172.151 ± 119068.047 ops/s StompEncoderBenchmark.writeStompFrame 10 ELEVEN false thrpt 10 687174.498 ± 30270.916 ops/s StompEncoderBenchmark.writeStompFrame 10 TWENTY true thrpt 10 803843.483 ± 29106.133 ops/s StompEncoderBenchmark.writeStompFrame 10 TWENTY false thrpt 10 502134.552 ± 23653.215 ops/s StompEncoderBenchmark.writeStompFrame 100 ONE true thrpt 10 4337438.694 ± 378524.452 ops/s StompEncoderBenchmark.writeStompFrame 100 ONE false thrpt 10 1289174.213 ± 50640.853 ops/s StompEncoderBenchmark.writeStompFrame 100 THREE true thrpt 10 3232767.156 ± 311934.194 ops/s StompEncoderBenchmark.writeStompFrame 100 THREE false thrpt 10 1115247.028 ± 15683.477 ops/s StompEncoderBenchmark.writeStompFrame 100 SEVEN true thrpt 10 2213147.232 ± 86326.187 ops/s StompEncoderBenchmark.writeStompFrame 100 SEVEN false thrpt 10 901120.188 ± 71344.491 ops/s StompEncoderBenchmark.writeStompFrame 100 ELEVEN true thrpt 10 1238317.714 ± 68148.477 ops/s StompEncoderBenchmark.writeStompFrame 100 ELEVEN false thrpt 10 671336.339 ± 72735.337 ops/s StompEncoderBenchmark.writeStompFrame 100 TWENTY true thrpt 10 754565.791 ± 28574.382 ops/s StompEncoderBenchmark.writeStompFrame 100 TWENTY false thrpt 10 498939.383 ± 38146.118 ops/s StompEncoderBenchmark.writeStompFrame 1000 ONE true thrpt 10 3722594.471 ± 515861.000 ops/s StompEncoderBenchmark.writeStompFrame 1000 ONE false thrpt 10 1265629.633 ± 84113.347 ops/s StompEncoderBenchmark.writeStompFrame 1000 THREE true thrpt 10 2829696.349 ± 172520.267 ops/s StompEncoderBenchmark.writeStompFrame 1000 THREE false thrpt 10 1111454.609 ± 26275.913 ops/s StompEncoderBenchmark.writeStompFrame 1000 SEVEN true thrpt 10 1901506.449 ± 37701.353 ops/s StompEncoderBenchmark.writeStompFrame 1000 SEVEN false thrpt 10 912528.888 ± 46221.215 ops/s StompEncoderBenchmark.writeStompFrame 1000 ELEVEN true thrpt 10 1299674.123 ± 21889.002 ops/s StompEncoderBenchmark.writeStompFrame 1000 ELEVEN false thrpt 10 724527.644 ± 2757.370 ops/s StompEncoderBenchmark.writeStompFrame 1000 TWENTY true thrpt 10 811389.799 ± 2606.626 ops/s StompEncoderBenchmark.writeStompFrame 1000 TWENTY false thrpt 10 504955.449 ± 6737.804 ops/s StompEncoderBenchmark.writeStompFrame 10000 ONE true thrpt 10 3837912.649 ± 380742.919 ops/s StompEncoderBenchmark.writeStompFrame 10000 ONE false thrpt 10 1375544.306 ± 3157.068 ops/s StompEncoderBenchmark.writeStompFrame 10000 THREE true thrpt 10 3224743.448 ± 297369.719 ops/s StompEncoderBenchmark.writeStompFrame 10000 THREE false thrpt 10 1125772.007 ± 4051.498 ops/s StompEncoderBenchmark.writeStompFrame 10000 SEVEN true thrpt 10 2127352.136 ± 106787.777 ops/s StompEncoderBenchmark.writeStompFrame 10000 SEVEN false thrpt 10 934848.418 ± 4564.147 ops/s StompEncoderBenchmark.writeStompFrame 10000 ELEVEN true thrpt 10 1379672.772 ± 8778.640 ops/s StompEncoderBenchmark.writeStompFrame 10000 ELEVEN false thrpt 10 723169.459 ± 2317.767 ops/s StompEncoderBenchmark.writeStompFrame 10000 TWENTY true thrpt 10 802275.113 ± 4155.137 ops/s StompEncoderBenchmark.writeStompFrame 10000 TWENTY false thrpt 10 517604.265 ± 3398.384 ops/s ``` For headers over 256 bytes we get a speedup.

Motivation: We should add `state` in the exception message of `HttpObjectEncoder` because it makes debugging a little easier. Modification: Added `state` in the exception message. Result: Better exception message for smooth debugging.

Motivation: According to specification 1006 status code must not be set as a status code in a Close control frame by the endpoint. However 1006 status code can be used in applications to indicate that the connection was closed abnormally. Modifications: - Enforce status code validation in CloseWebSocketFrame - Add WebSocketCloseStatus construction with disabled validation - Add test Result: Fixes #10838

…itialized at run-time (#10799) Motivation: In #10630, field substitutions were introduced for NetUtil.LOCALHOST4, NetUtil.LOCALHOST6 and NetUtil.LOCALHOST fields. They were required to allow a native image be built with most of Netty (including NetUtil) initialized at build time. The substitutions created in #10630 only define getters, so the 3 fields can only be read in a native image. But when NetUtil is initialized at run-time (this is what happens in #10797), its static initialization block is executed, and this block writes to all 3 fields. As the substitutions do not provide any setters, field stores are not valid, and such builds fail. Modifications: - Add netty-testsuite-native-image-client-runtime-init Maven module that builds a native image deferring NetUtil class initialization till run-time; this module is used to demonstrate the problem and verify the problem is gone with the fix - Add no-op setters to substitutions for NetUtil.LOCALHOST4, NetUtil.LOCALHOST6 and NetUtil.LOCALHOST Result: A native image initializing NetUtil at run-time builds successfully. Fixes #10797

Motivation: There was a new netty-tcnative release Modifications: Update to 2.0.35.Final Result: Use latest release

Motivation: We should use aarch_64 in our classifier / jni libname on aarch64 as os.detected.arch uses the name. Being non consistent (especially across our different projects) already gave us a lot of trouble in the past. Let's fix this once for all. Modifications: Use aarch_64 Result: More consistent classifier usage on aarch64

Motivation: Found a redundant assignment. Modification: Removed the redundant assignment. Result: Minor performance improvement.

Motivation: I found a typo in LimitingByteInput. Modification: Fixed the typo in LimitingByteInput Result: No typo anymore in LimitingByteInput.

Motivation: Found an invalid comment in UnpooledDirectByteBuf. Modification: Fixed a comment in UnpooledDirectByteBuf. Result: Fixed a comment in UnpooledDirectByteBuf.

Motivation: `DnsServerAddressStreamProviders` tries to load `MacOSDnsServerAddressStreamProvider` on macOS. However, it doesn't warn users when `MacOSDnsServerAddressStreamProvider` is not awailable, which may cause incorrect results for DNS resolutions. Modifications: - Log at warn level if `MacOSDnsServerAddressStreamProvider` is not found on macOS; - Log at debug level when `MacOSDnsServerAddressStreamProvider` is loaded and available; Result: macOS users are notified when `MacOSDnsServerAddressStreamProvider` is not available.

Motivation: To fix the infinite loop parsing a multipart body. Modifications: Modified the loop to use the correct variable. Result: Multipart bodies will be parsed correctly again.

…lead to multiple notifications (#10860) Motivation: When using the JDKs SSLEngineImpl with TLSv1.3 it sometimes returns HandshakeResult.FINISHED multiple times. This can lead to have SslHandshakeCompletionEvents to be fired multiple times. Modifications: - Keep track of if we notified before and if so not do so again if we use TLSv1.3 - Add unit test Result: Consistent usage of events

Motivation: Found a redundant local variable. Modification: Removed the local variable. Result: Minor performance improvement.

Motivation: We did include some extra " in the Bundle-NativeCode line on macOS. Modifications: Remove " Result: Fixes #10856

Motivation: We used , but should have used ; Modifications: Replace , by ; Result: Correct manifest

Motivation: We shouldnt catch Throwable in InternalLoggerFactory as this may hide OOME etc. Modifications: Only catch LinkageError and Exception Result: Fixes #10857

Motivation: #10814 did fix a bug where we did try to call memoryAddress() even tho this is not supported. Unfortunally this fix was only applied for one method and so we missed another method which then could throw an exception when we called memoryAddress() Modifications: - Also fix the memoryAddress(offset) method. _ Adjust unit test to also test this. Result: Fixes #10813 completely.

Motivation: I did not see any tangible advantage to the padding. The only other field that was guarded was a rarely changed object reference to a BitSet. Without the padding, there is also no longer any use of the inheritance hierarchy. The padding was also using `long`, which would not necessarily prevent the JVM from fitting the aforementioned object reference in an alignment gap. Modification: Move all the fields into the InternalThreadLocalMap Result: Simpler code. This resolves the discussion in #9284

Motivation: If the MQTT client specifies Subscribe Options parameters only available in MQTT v5 and tries to encode the message as MQTT v3 then an invalid QoS value is encoded Modification: Check MQTT version when encoding SUBSCRIBE message options, if it's 3.1 or 3.1.1 - only encode QoS, skip other options. Result: MqttEncoder produces a valid SUBSCRIBE message even if the client has specified options not available in the current MQTT version.

Motivation: netty-jni-util is now also hosted on maven central. Let's use it Modifications: Adjust plugins to just unpack netty-jni-util and use it Result: Be able to use what is in the maven cache for netty-jni-util

Motivation: HPACK static table is organized in a way that fields with the same name are sequential. Which means when doing sequential scan we can short-circuit scan on name mismatch. Modifications: * `HpackStaticTable.getIndexIndensitive` returns -1 on name mismatch rather than keep scanning. * `HpackStaticTable` statically defined max position in the array where name duplication is possible (after the given index there's no need to check for other fields with the same name) * Benchmark for different lookup patterns Result: Better HPACK static table lookup performance. Co-authored-by: Norman Maurer <norman_maurer@apple.com>

Motivation: switch is used when we have a good amount of cases because switch is faster than if-else. However, we're using only 1 case in switch which can affect performance. Modification: Changed switch to if. Result: Good code.

… JNI Motivation: Android seems to use a different field name so we should also try to access it with the name used by android. Modifications: Try first fd and if this fails try descriptor as field name Result: Workaround for android.

@OverRide

…properties. (#10812) Motivation: The CONNACK message builder `ConnAckBuilder` doesn't provide a smooth way to assign the message properties. This PR try to provide an simpler way to create them, in a lazy way. Modification: This PR permit to store properties in the ConnAck message, collecting them and inserting during the build phase. The syntax this PR introduces is: ```java MqttMessageBuilders.connAck().properties(new MqttMessageBuilders.PropertiesInitializer<MqttMessageBuilders.ConnAckPropertiesBuilder>() { @OverRide public void apply(MqttMessageBuilders.ConnAckPropertiesBuilder builder) { builder.assignedClientId("client1234"); builder.userProperty("custom_property", "value"); } }).build() ``` The name of the properties are defined in the `ConnAckPropertiesBuilder` so that is can be easily used by autocompletion tools. Result: This PR adds the builder class `ConnAckPropertiesBuilder`which is used by newly introduced method `properties` inside the message builder class `ConnAckBuilder`.

…tor (#10890) Motivation: A race detector discovered a data race in GlobalEventExecutor present in netty 4.1.51.Final: ``` Write of size 4 at 0x0000cea08774 by thread T103: #0 io.netty.util.internal.DefaultPriorityQueue.poll()Lio/netty/util/internal/PriorityQueueNode; DefaultPriorityQueue.java:113 #1 io.netty.util.internal.DefaultPriorityQueue.poll()Ljava/lang/Object; DefaultPriorityQueue.java:31 #2 java.util.AbstractQueue.remove()Ljava/lang/Object; AbstractQueue.java:113 #3 io.netty.util.concurrent.AbstractScheduledEventExecutor.pollScheduledTask(J)Ljava/lang/Runnable; AbstractScheduledEventExecutor.java:133 #4 io.netty.util.concurrent.GlobalEventExecutor.fetchFromScheduledTaskQueue()V GlobalEventExecutor.java:119 #5 io.netty.util.concurrent.GlobalEventExecutor.takeTask()Ljava/lang/Runnable; GlobalEventExecutor.java:106 #6 io.netty.util.concurrent.GlobalEventExecutor$TaskRunner.run()V GlobalEventExecutor.java:240 #7 io.netty.util.internal.ThreadExecutorMap$2.run()V ThreadExecutorMap.java:74 #8 io.netty.util.concurrent.FastThreadLocalRunnable.run()V FastThreadLocalRunnable.java:30 #9 java.lang.Thread.run()V Thread.java:835 #10 (Generated Stub) <null> Previous read of size 4 at 0x0000cea08774 by thread T110: #0 io.netty.util.internal.DefaultPriorityQueue.size()I DefaultPriorityQueue.java:46 #1 io.netty.util.concurrent.GlobalEventExecutor$TaskRunner.run()V GlobalEventExecutor.java:263 #2 io.netty.util.internal.ThreadExecutorMap$2.run()V ThreadExecutorMap.java:74 #3 io.netty.util.concurrent.FastThreadLocalRunnable.run()V FastThreadLocalRunnable.java:30 #4 java.lang.Thread.run()V Thread.java:835 #5 (Generated Stub) <null> ``` The race is legit, but benign. To trigger it requires a TaskRunner to begin exiting and set 'started' to false, more work to be scheduled which starts a new TaskRunner, that work then needs to schedule additional work which modifies 'scheduledTaskQueue', and then the original TaskRunner checks 'scheduledTaskQueue'. But there is no danger to this race as it can only produce a false negative in the condition which causes the code to CAS 'started' which is thread-safe. Modifications: Delete problematic references to scheduledTaskQueue. The only way scheduledTaskQueue could be modified since the last check is if another TaskRunner is running, in which case the current TaskRunner doesn't care. Result: Data-race free code, and a bit less code to boot.

Motivation: Right now, we don't have to handle Push Promise Read in `Http2FrameCodec`. Push Promise is one of the key features of HTTP/2 and we should support it in our `Http2FrameCodec`. Modification: Added `Http2PushPromiseFrame` and `Http2PushPromiseFrame` to handle Push Promise and Promise Frame. Result: Fixes #10748

…ws (#10899) Motivation: `mvn package` on Windows fails if there are some `dependency-reduced-pom.xml` files generated by the previous build. `mvn clean package` does not help because it does not remove those files at the clean phase. Modifications: Use the correct file pattern for the suppression filters. Result: Following `mvn package` runs well on Windows.

Motivation: New versions of `Bouncy Castle` libraries are out and we should upgrade to them. Modification: Upgraded all `Bouncy Castle` libraries to the latest version. Result: The latest versions of `Bouncy Castle` libraries. Fixes #10905.

Motivation: We can add some status badge and also should clarify requirements. Modifictations: - Add status badge - Clarify requirements Result: Cleanup docs

Motivation: We had a typo in the markdown Modification: Fix typo Result: Corect markdown

…ows (#10920) Motivation: We need to ensure we always drain the error stack when a callback throws as otherwise we may pick up the error on a different SSL instance which uses the same thread. Modifications: - Correctly drain the error stack if native method throws - Add a unit test which failed before the change Result: Always drain the error stack

…4 as well (#10933) Motivation: As shown in the past we need to verify we actually can load the native as otherwise we may introduce regressions. Modifications: - Add new maven module which tests loading of native modules - Add job that will also test loading on aarch64 Result: Less likely to introduce regressions related to loading native code in the future

#10932) Motiviation: We need to ensure we only register the methods for unix-native-common once as otherwise it may have strange side-effects. Modifications: - Add extra method that should be called to signal that we need to register the methods. The registration will only happen once. - Adjust code to make use of it. Result: No more problems due incorrect registration of these methods.

…rse (#10935) Motivation: Internally UnixResolverDnsServerAddressStreamProvider#parse calls FileInputStream.read(...) when parsing the etcResolverFiles. This will cause the error below when BlockHound is enabled reactor.blockhound.BlockingOperationError: Blocking call! java.io.FileInputStream#readBytes at java.io.FileInputStream.readBytes(FileInputStream.java) at java.io.FileInputStream.read(FileInputStream.java:255) Modifications: - Add whitelist entry to BlockHound configuration - Add test Result: Fixes #10925

Motivation: The writing was unclear. Modification: Clarified the documentation. Result: No more ambiguity about what FTL.remove() does. Fixes #10914

Motivation: Faster indexOf Modification: Create generic SWAR indexOf that any ByteBuf implementation can use Result: Fixes #10731

Motivation: We should use GracefulShutdown when we try to create a stream and fail it because the stream space is exhausted as we may still want to process the active streams. Modifications: - Use graceful shutdown - Add unit test Result: More graceful handling of stream creation failure due stream space exhaustation

Motivation: We produced a lot of noise during loading native libraries as we always included the stacktrace if we could not load by one mechanism. We should better just not include the stacktrace in the debugging logging if one mechanism fails. We will log all the stacks anyway when all of the mechanisms fail. Modifications: Make logging less aggressive Result: Less confusing behaviour for the end-user

Motivation: We had multiple bugs in JdkZlibDecoder which could lead to decoding errors when the data was received in a fragmentated manner. Modifications: - Correctly handle skipping of comments - Correctly handle footer / header decoding - Add unit test that verifies the correct handling of fragmentation Result: Fixes #10875

…10943) Motivation: #10765 added support for push promise and priority frames when using the Http2FrameCodec. Unfortunally it didnt correctly guard against the possibility to receive a priority frame for an non-existing stream, which resulted in a NPE Modifications: - Ignore priority frame for non existing stream - Correctly implement equals / hashcode for DefaultHttp2PriorityFrame - Add unit tests Result: Fixes #10941

…ext implementations (#10953) Motivation: We should expose some methods as protected to make it easier to write custom SslContext implementations. This will be reused by the code for netty/netty-incubator-codec-quic#97 Modifications: - Add protected to some static methods which are useful for sub-classes - Remove some unused methods - Move *Wrapper classes to util package and make these public Result: Easier to write custom SslContext implementations

Motivation: We should override the get*ApplicationProtocol() methods in ReferenceCountedOpenSslEngine to make it easier for users to obtain the selected application protocol Modifications: Add missing overrides Result: Easier for the user to get the selected application protocol (if any)

Motivation: Exception occurs in the MQTT message builder class (`io.netty.handler.codec.mqtt.MqttMessageBuilders`) when trying to create a message with packetId > 32767 Modification: -add method that takes int - deprecate old methods that take short. Result: Fixes #10929 .

Motivation: We currently append extensions to the user defined "sec-websocket-extensions" headers. This can cause duplicated entries. Modifications: * Replace existing `WebSocketExtensionUtil#appendExtension` private helper with a new `computeMergeExtensionsHeaderValue`. User defined parameters have higher precedence. * Add tests (existing method wasn't tested) * Reuse code for both client and server side (code was duplicated). Result: No more duplicated entries when user defined extensions overlap with the ones Netty generated.

Motivation: If the given port is already bound, the PcapWriteHandlerTest will sometimes fail. Modification: Use a dynamic port using `0`, which is more reliable Result: Less Flaky

…a channel (#10965) Motivation: We need to ensure we copy the attributes and options when bootstrap the channel as otherwise we may change the underlying Entry. This is similar to what was reported in netty/netty-incubator-codec-quic#152. Modifications: - Do a copy and re-use methods - Add unit tests Result: Don't affect attributes / options of channels that are already bootstrapped

Motivation: We did have the architecture hardcoded in the dependency which is not correct as this will let the build fail on Applie Silicion (m1). Also we did miss some dependencies on other BSDs Modifications: - Fix classifier - Add missing dependencies Result: Be able to build on Apple Silicon (m1)

@ignore

…ritabilityChange (#10970) Motivation: The testWriteAfterShutdownOutputNoWritabilityChange() failed a few times on the CI randomly. Let's skip it for now while we investigate and see if there is anything we can do to make the test less flaky on the CI. Modifications: Add @ignore on the testWriteAfterShutdownOutputNoWritabilityChange method Result: Less flaky CI

Motivation: We didnt correctly filter out TLSv1.3 ciphers when TLSv1.3 is not enabled. Modifications: - Filter out ciphers that are not supported due the selected TLS version - Add unit test Result: Fixes #10911 Co-authored-by: Bryce Anderson <banderson@twitter.com>

Motivation: We should add some more NULL checks to ensure we not SEGV in some cases Modifications: Add more NULL checks Result: More robust implementation

…ndlers (#10776) Allow and skip null handlers when adding a vararg list of handlers Motivation Allowing null handlers allows for more convenient idioms in conditionally adding handlers, e.g., ch.pipeline().addLast( new FooHandler(), condition ? new BarHandler() : null, new BazHandler() ); Modifications * Change addFirst(..) and addLast(..) to skip null handlers, rather than break or short-circuit. * Add new unit tests. Result * Makes addFirst(..) and addLast(..) behavior more consistent * Resolves #10728

… false (#10407)" (#10980) Motivation: TLS_FALSE_START slightly changes the "flow" during handshake which may cause suprises for the end-user. We should better disable it by default again and later add a way to enable it for the user. Modification: This reverts commit 514d349. Result: Restore "old flow" during TLS handshakes.

…#10983) Motivation: It was not 100% clear who is responsible calling close() on the InputStream. Modifications: Clarify javadocs. Result: Related to #10974 Co-authored-by: Chris Vest <christianvest_hansen@apple.com>

…oder to e5951d4 (#10989) Motivation: The changes introduced in 1c23040 did cause various issues while the fix itself is not considered critical. For now it is considered the best to just rollback and investigate more. Modifications: - Revert changes done in 1c23040 (and later) for the post decoders. - Ensure we give memory back to the system as soon as possible in a safe manner Result: Fixes #10973

…0988) Motivation: when customer need large of 'byteBuf.capacity' in [7168, 8192], the size of 'chunk.subpages' may be inflated when large of byteBuf be released, not consistent with other 'byteBuf.capacity' Modification: when maxNumElems == 1 need consider remove from pool Result: Fixes #10896. Co-authored-by: zxingy <zxingy@servyou.com.cn>

Motivation: DecodeHexBenchmark needs to be less branch-predictor friendly to mimic the "real" behaviour while decoding Modifications: DecodeHexBenchmark uses a larger sets of inputs, picking them at random on each iteration and the benchmarked method is made !inlineable Result: DecodeHexBenchmark is more trusty while showing the performance difference between different decoding methods

Motivation: ReadOnlyByteBuf and ReadOnlyByteBuffer are not writable, but their writableBytes related methods return non-zero values. This is inconsistent with the behavior of these buffer types. Modifications: - ReadOnlyByteBuf and ReadOnlyByteBuffer writableBytes related methods should return 0 Result: More correct ReadOnlyByteBuf and ReadOnlyByteBuffer behavior with respect to writability.

Motivation: A new version of the os-maven-plugin was released Modifications: Update to latest version Result: Use latest version

…er permissions Motivation: File.createTempFile(String, String)` will create a temporary file in the system temporary directory if the 'java.io.tmpdir'. The permissions on that file utilize the umask. In a majority of cases, this means that the file that java creates has the permissions: `-rw-r--r--`, thus, any other local user on that system can read the contents of that file. This can be a security concern if any sensitive data is stored in this file. This was reported by Jonathan Leitschuh <jonathan.leitschuh@gmail.com> as a security problem. Modifications: Use Files.createTempFile(...) which will use safe-defaults when running on java 7 and later. If running on java 6 there isnt much we can do, which is fair enough as java 6 shouldnt be considered "safe" anyway. Result: Create temporary files with sane permissions by default.

…L / BoringSSL (#10997) Motivation: At the moment we always set SSL_OP_NO_TICKET when building our context. The problem with this is that this also disables resumption for TLSv1.3 in BoringSSL as it only supports stateless resumption for TLSv1.3 which uses tickets. We should better clear this option when TLSv1.3 is enabled to be able to resume sessions. This is also inline with the OpenJDK which enables this for TLSv1.3 by default as well. Modifications: Check for enabled protocols and if TLSv1.3 is set clear SSL_OP_NO_TICKET. Result: Be able to resume sessions for TLSv1.3 when using BoringSSL.

* Revert "Add a profile for debugging tests that run from Maven (#11011)" This reverts commit 83895f0 The same functionality is already natively available in surefire, by adding the `-Dmaven.surefire.debug` flag to Maven. * Update surefire/failsafe version These new versions copes better when our tests prints to STDOUT, and disturbs the progress processing that these plugins do.

Motivation: There was some code that could be simplified. Modification: Simplify code. Result: Code cleanup

Motivation: When etcResolver/hosts files are parsed, FileInputStream.read(...) is internally called by - UnixResolverDnsServerAddressStreamProvider#parseEtcResolverSearchDomains - UnixResolverDnsServerAddressStreamProvider#parseEtcResolverOptions - HostsFileParser#parse This will cause the error below when BlockHound is enabled reactor.blockhound.BlockingOperationError: Blocking call! java.io.FileInputStream#readBytes at java.io.FileInputStream.readBytes(FileInputStream.java) at java.io.FileInputStream.read(FileInputStream.java:255) Modifications: - Add whitelist entries to BlockHound configuration - Fix typos in UnixResolverDnsServerAddressStreamProvider - Add tests Result: Fixes #11004

Motivation: The testGlobalWriteThrottle is flaky and failed our build multiple times now. Lets disable it for now until we had time to investigate Modifications: Disable flaky test Result: Less failures during build

Motivation: The current netty's graalvm dependency version is too low, so you need to upgrade the plugin Modification: Upgrade Graalvm version to the latest version, please review this pr, thank you Result: Use up-to-date version. Co-authored-by: xingrufei <xingrufei@sogou-inc.com>

Motivation: How we used exceptions was not consistent. Modifications: Use the same type of exception in the bind methods. Result: Fixes #11014

Support TCP Fast Open for clients and make SslHandler take advantage Motivation: - TCP Fast Open allow us to send a small amount of data along side the initial SYN packet when establishing a TCP connection. - The TLS Client Hello packet is small enough to fit in there, and is also idempotent (another requirement for using TCP Fast Open), so if we can save a round-trip when establishing TLS connections when using TFO. Modification: - Add support for client-side TCP Fast Open for Epoll, and also lowers the Linux kernel version requirements to 3.6. - When adding the SslHandler to a pipeline, if TCP Fast Open is enabled for the channel (and the channel is not already active) then start the handshake early by writing it to the outbound buffer. - An important detail to note here, is that the outbound buffer is not flushed at this point, like it would for normal handshakes. The flushing happens later as part of establishing the TCP connection. Result: - It is now possible for clients (on epoll) to open connections with TCP Fast Open. - The SslHandler automatically detects when this is the case, and now send its Client Hello message as part of the initial data in the TCP Fast Open flow when available, saving a round-trip when establishing TLS connections. Co-authored-by: Colin Godsey <crgodsey@gmail.com>

…11025) Motivation: The `!fastOpen` part of `active || !fastOpen` is always false. Modification: - Remove `!fastOpen` and keep only `active` as a `flushAtEnd` flag for `startHandshakeProcessing`; - Update comment; Result: Simplified `flushAtEnd` flag computation in `SslHandler#handlerAdded`.

Motivation: #10995 when `io.netty.channel.unix.Socket` is ipv6 and join a multicast group with ipv4 address will cause `io.netty.channel.ChannelException: setsockopt() failed: Invalid argument` (at least in `Linux centos.dev 4.18.0-240.10.1.el8_3.x86_64 #1 SMP Mon Jan 18 17:05:51 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux`) Modification: check if target group address is ipv6 before call `io.netty.channel.epoll.LinuxSocket#joinGroup(java.net.InetAddress, java.net.NetworkInterface, java.net.InetAddress)` I'm not sure if this modification is currect, but i checked source code of java NIO ``` Java_sun_nio_ch_Net_canJoin6WithIPv4Group0(JNIEnv* env, jclass cl) { #if defined(__APPLE__) /* IPV6_ADD_MEMBERSHIP can be used to join IPv4 multicast groups */ return JNI_TRUE; #else /* IPV6_ADD_MEMBERSHIP cannot be used to join IPv4 multicast groups */ return JNI_FALSE; #endif } ``` seems ipv6 address can't join ipv4 group except osx Result: test on `Linux 3.10.0-514.el7.x86_64 #1 SMP Tue Nov 22 16:42:41 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux` exception ` setsockopt() failed: Invalid argument` has fixed Fixes #10995

Motivation: Comment on method is outdated / incorrect. Modification: Adjust comment Result: Correct docs

Motivation: When TLSv1.3 is used (or TLS_FALSE_START) together with mTLS the handshake is considered successful before the server actually did verify the key material that was provided by the client. If the verification fails we currently will just close the stream without any extra information which makes it very hard to debug on the client side. Modifications: - Propagate SSLExceptions to the active streams - Add unit test Result: Better visibility into why a stream was closed

Motivation: If two different headers end up in the same hash bucket, and you are iterating the header that is not the first in the bucket, and you use the iterator to remove the first element returned from the iterator, then you would get a NullPointerException. Modification: Change the DefaultHeaders iterator remove method, to re-iterate the hash bucket and unlink the entry once found, if we don't have any existing iteration starting point. Also made DefaultHeaders.remove0 package private to avoid a synthetic method indirection. Result: Removing from iterators from DefaultHeaders is now robust towards hash collisions.

Motivation: It is not uncommon to run Netty on OS X without the specific `MacOSDnsServerAddressStreamProvider`. The current log message is too verbose because it prints a full stack trace on the console while a simple logging message would have been enough. Modifications: - Print a `WARN` message when `MacOSDnsServerAddressStreamProvider` class is not found; - Print a `ERROR` message with a stack trace when the class was found but could not be loaded due to some other reasons; Result: Less noise in logs.

Motivation: It is possible for two separate threads to race on recycling an object. If this happens, the object might be added to a WeakOrderQueue when it shouldn't be. The end result of this is that an object could be acquired multiple times, without a recycle in between. Effectively, it ends up in circulation twice. Modification: We fix this by making the update to the lastRecycledId field of the handle, an atomic state transition. Only the thread that "wins" the race and succeeds in their state transition will be allowed to recycle the object. The others will bail out on their recycling. We use weakCompareAndSet because we only need the atomicity guarantee, and the program order within each thread is sufficient. Also, spurious failures just means we won't recycle that particular object, which is fine. Result: Objects no longer risk circulating twice due to a recycle race. This fixes #10986

Motivation: There are unnecessary `this` keyword usages in `HttpStaticFileServerHandler`. Modification: Removed unnecessary `this` keywords. Result: Clean code

Motivation: - Underlying buffer usages might be erroneous when releasing them internaly in HttpPostMultipartRequestDecoder. 2 bugs occurs: 1) Final File upload seems not to be of the right size. 2) Memory, even in Disk mode, is increasing continuously, while it shouldn't. - Method `getByte(position)` is too often called within the current implementation of the HttpPostMultipartRequestDecoder. This implies too much activities which is visible when PARANOID mode is active. This is also true in standard mode. Apply the same fix on buffer from HttpPostMultipartRequestDecoder to HttpPostStandardRequestDecoder made previously. Finally in order to ensure we do not rewrite already decoded HttpData when decoding next ones within multipart, we must ensure the buffers are copied and not a retained slice. Modification: - Add some tests to check consistency for HttpPostMultipartRequestDecoder. Add a package protected method for testing purpose only. - Use the `bytesBefore(...)` method instead of `getByte(pos)` in order to limit the external access to the underlying buffer by retrieving iteratively the beginning of a correct start position. It is used to find both LF/CRLF and delimiter. 2 methods in HttpPostBodyUtil were created for that. The undecodedChunk is copied when adding a chunk to a DataMultipart is loaded. The same buffer is also rewritten in order to release the copied memory part. Result: Just for note, for both Memory or Disk or Mixed mode factories, the release has to be done as: for (InterfaceHttpData httpData: decoder.getBodyHttpDatas()) { httpData.release(); factory.removeHttpDataFromClean(request, httpData); } factory.cleanAllHttpData(); decoder.destroy(); The memory used is minimal in Disk or Mixed mode. In Memory mode, a big file is still in memory but not more in the undecodedChunk but its own buffer (copied). In terms of benchmarking, the results are: Original code Benchmark Mode Cnt Score Error Units HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigAdvancedLevel thrpt 6 0,152 ± 0,100 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigDisabledLevel thrpt 6 0,543 ± 0,218 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigParanoidLevel thrpt 6 0,001 ± 0,001 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigSimpleLevel thrpt 6 0,615 ± 0,070 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighAdvancedLevel thrpt 6 0,114 ± 0,063 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighDisabledLevel thrpt 6 0,664 ± 0,034 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighParanoidLevel thrpt 6 0,001 ± 0,001 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighSimpleLevel thrpt 6 0,620 ± 0,140 ops/ms New code Benchmark Mode Cnt Score Error Units HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigAdvancedLevel thrpt 6 4,037 ± 0,358 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigDisabledLevel thrpt 6 4,226 ± 0,471 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigParanoidLevel thrpt 6 0,875 ± 0,029 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigSimpleLevel thrpt 6 4,346 ± 0,275 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighAdvancedLevel thrpt 6 2,044 ± 0,020 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighDisabledLevel thrpt 6 2,278 ± 0,159 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighParanoidLevel thrpt 6 0,174 ± 0,004 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighSimpleLevel thrpt 6 2,370 ± 0,065 ops/ms In short, using big file transfers, this is about 7 times faster with new code, while using high number of HttpData, this is about 4 times faster with new code when using Simple Level. When using Paranoid Level, using big file transfers, this is about 800 times faster with new code, while using high number of HttpData, this is about 170 times faster with new code.

Motivation: To make it possible to experiment with alternative buffer implementations, we need a way to abstract away the concrete buffers used throughout most of the Netty pipelines, while still having a common currency for doing IO in the end. Modification: - Introduce an ByteBufConvertible interface, that allow arbitrary objects to convert themselves into ByteBuf objects. - Every place in the code, where we did an instanceof check for ByteBuf, we now do an instanceof check for ByteBufConvertible. - ByteBuf itself implements ByteBufConvertible, and returns itself from the asByteBuf method. Result: It is now possible to use Netty with alternative buffer implementations, as long as they can be converted to ByteBuf. This has been verified elsewhere, with an alternative buffer implementation.

Motivation: For protocols like QUIC using UDP_SEGMENT (GSO) can help to reduce the overhead quite a bit. We should support it. Modifications: - Add a SegmentedDatagramPacket which can be used to use UDP_SEGMENT - Add unit test Result: Be able to make use of UDP_SEGMENT

This brings forward the build and release automation changes from 4.1 (#10879, #10883, #10884, #10886, #10888, #10889, #10893, #10900, #10933, #10945, #10966, #10968, #11002, and #11019) to 5.0. Details are as follows: * Use Github workflows for CI (#10879) Motivation: We should just use GitHub Actions for the CI Modifications: - Adjust docker / docker compose files - Add different workflows and jobs to deploy and build the project Result: Don't depend on external CI services * Fix non leak build condition * Only use build and deploy workflows for 4.1 for now * Add deploy job for cross compiled aarch64 (#10883) Motivation: We should also deploy snapshots for our cross compiled native jars. Modifications: - Add job and docker files for deploying cross compiled native jars - Ensure we map the maven cache into our docker containers Result: Deploy aarch64 jars and re-use cache * Use correct docker-compose file to deploy cross compiled artifacts * Use correct docker-compose task to deploy for cross compiled artifacts * Split pr and normal build (#10884) Motivation: We should better use seperate workflows for PR and normal builds Modifications: - Split workflows - Better cache reuse Result: Cleanup * Only deploy snapshots for one arch Motivation: We need to find a way to deploy SNAPSHOTS for different arch with the same timestamp. Otherwise it will cause problems. See #10887 Modification: Skip all other deploys then x86_64 Result: Users are able to use SNAPSHOTS for x86_6 * Use maven cachen when running analyze job (#10888) Motivation: To prevent failures to problems while downloading dependencies we shoud cache these Modifications: Add maven cache Result: No more failures due problems while downloading dependencies * Also include one PR job that uses boringssl (#10886) Motivation: When validating PRs we should also at least run one job that uses boringssl Modifications: - Add job that uses boringssl - Cleanup docker compose files - Fix buffer leak in test Result: Also run with boringssl when PRs are validated * Use matrix for job configurations (#10889) Motivation: We can use the matrix feature to define our jobs. This reduces a lot of config Modification: Use job matrix Result: Easier to maintain * Correctly deploy artifacts that are build on different archs (#10893) Motivation: We need to take special care when deploying snapshots as we need to generate the jars in multiple steps Modifications: - Use the nexus staging pluging to stage jars locally in multiple steps - Add extra job that will merge these staged jars and deploy these Result: Fixes #10887 * Dont use cron for PRs Motivation: It doesnt make sense to use cron for PRs Modifications: Remove cron config Result: Cleanup * We run all combinations when validate the PR, let's just use one type for normal push Motivation: Let us just only use one build config when building the 4.1 branch. Modifications: As we already do a full validation when doing the PR builds we can just only use one build config for pushes to the "main" branches Result: Faster build times * Update action-docker-layer-caching (#10900) Motivation: We are three releases behind. Modifications: Update to latest version Result: Use up-to-date action-docker-layer-caching version * Verify we can load native modules and add job that verifies on aarch64 as well (#10933) Motivation: As shown in the past we need to verify we actually can load the native as otherwise we may introduce regressions. Modifications: - Add new maven module which tests loading of native modules - Add job that will also test loading on aarch64 Result: Less likely to introduce regressions related to loading native code in the future * Let script fail if one command fail (#10945) Motivation: We should use `set -e` to ensure we fail the script if one command fails. Modifications: Add set -e to script Result: Fail fast * Use action to report unit test errors (#10966) Motivation: To make it easier to understand why the build fails lets use an action that will report which unit test failed Modifications: - Replace custom script with action-surefire-report Result: Easier to understand test failures * Use custom script to check for build failures (#10968) Motivation: It turns out we can't use the action to check for build failures as it can't be used when a PR is done from a fork. Let's just use our simple script. Modifications: - Replace action with custom script Result: Builds for PRs that are done via forks work again. * Publish test results after PR run (#11002) Motivation: To make it easier to understand why a build failed let us publish the rest results Modifications: Use a new workflow to be able to publish the test reports Result: Easier to understand why a PR did fail * Fix test reports name * Add workflow to cut releases (#11019) Motivation: Doing releases manually is error-prone, it would be better if we could do it via a workflow Modification: - Add workflow to cut releases - Add related scripts Result: Be able to easily cut a release via a workflow * Update build for master branch Motivation: The build changes were brought forward from 4.1, and contain many things specific to 4.1. Modification: Changed baseline Java version from 8 to 11, and changed branch references from "4.1" to "master". Result: Builds should now work for the master branch. Co-authored-by: Norman Maurer <norman_maurer@apple.com>

…#11049) Motivation: We need to ensure that we call queue.remove() before we cal writeAndFlush() as this operation may cause an event that also touches the queue and remove from it. If we miss to do so we may see NoSuchElementExceptions. Modifications: - Call queue.remove() before calling writeAndFlush(...) - Add unit test Result: Fixes #11046

Motivation: Channels need to have their configurations applied before we can call out to user-code via handlerAdded and initChannel. Modification: This adds tests for this behaviour, and fixes their failures. Result: Channel initialisers now have access to channel configuration and attributes.

…utors are used (#11056) Motivation: In WriteTimeoutHandler we did make the assumption that the executor which is used to schedule the timeout is the same that is backing the write promise. This may not be true which will cause concurrency issues Modifications: Ensure we are on the right thread when try to modify the doubly-linked-list and if not schedule it on the right thread. Result: Fixes #11053

Motivation: This library is obsolete; hasn't been updated since 2013. Modification: Remove jzlib dependency, integration code and tests. Result: - No more jzlib support. - Less code. - The JdkZlib* code can now be simplified because it no longer share anything with jzlib.

…11057) Motivation: The JDK deflate implementation added support for operating on ByteBuffers in Java 11 or so. This means that we don't need to restrict that implementation to ByteBufs that are heap based and can expose arrays. Modification: Add clauses to JdkZlibEncoder and JdkZlibDecoder for handling ByteBufs that don't have arrays, but do have one nioByteBuffer. Expand the test coverage in JdkZlibTest to include all relevant combinations of buffer types and data types. Result: The JdkZlibEncoder and JdkZlibDecoder should now work on basically all non-composite ByteBufs, and likely also composite ByteBufs that have exactly one component.

#10981) Motivation: Some of the features we want to support can only be supported by some of the SslContext implementations. We should allow to configure these in a consistent way the same way as we do it with Channel / ChannelOption Modifications: - Add SslContextOption and add builder methods that take these - Add OpenSslContextOption and define two options there which are specific to openssl Result: More flexible configuration and implementation of SslContext

Motivation: Creating certificates from a byte[] while lazy parse it is general useful and is also needed by netty/netty-incubator-codec-quic#141 Modifications: Move classes, rename these and make them public Result: Be able to reuse code

…ne implementation (#10994) Motivation: At the moment we don't support session caching on the client side at all when using the native SSL implementation. We should at least allow to enable it. Modification: Allow to enable session cache for client side but disable ti by default due a JDK bug atm. Result: Be able to cache sessions on the client side when using native SSL implementation .

Motivation: The DnsResolver default start address listen to "0.0.0.0", which may be not what the user wants. Modification: Add localAddress as a param of DnsNameResolver and its builder Result: The DnsNameResolver's bind address can be configured.

Motivation: These days we always include the OS in the library name. This means we also can simplify things Modifications: Adjust build configuration to address for libray name change Result: Simplify build

) Motivation: HttpObjectDecoder may throw an IllegalArgumentException if it encounters a character that Character.isWhitespace() returns true for, but is not one of the two valid OWS (optional whitespace) values. Such values may not have friendly or readable toString() values. We should include the hex value so that the illegal character can always be determined. Modifications: Add hex value as well Result: Easier to debug Co-authored-by: Bennett Lynch <Bennett-Lynch@users.noreply.github.com>

Motivation: At the moment we use http to download rpms, let's switch to https Modifications: Use https for rpms Result: Hopefully more stable docker image builds

… UnorderedThreadPoolExecutor (#11074) Motivation: Add test to validate we are not affected by the regression introduced by fd8c187 Modifications: - Add unit test Result: Verify code works as expected

…agated to the child channels (#11076) Motivation: We should validate the exception is actually propagted Modifications: Add unit tests Result: Verify all works as expected

) Motivation The HttpObjectDecoder accepts input parameters for maxInitialLineLength and maxHeaderSize. These are important variables since both message components must be buffered in memory. As such, many decoders (like Netty and others) introduce constraints. Due to their importance, many users may wish to add instrumentation on the values of successful decoder results, or otherwise be able to access these values to enforce their own supplemental constraints. While users can perhaps estimate the sizes today, they will not be exact, due to the decoder being responsible for consuming optional whitespace and the like. Modifications * Add HttpMessageDecoderResult class. This class extends DecoderResult and is intended for HttpMessage objects successfully decoded by the HttpObjectDecoder. It exposes attributes for the decoded initialLineLength and headerSize. * Modify HttpObjectDecoder to produce HttpMessageDecoderResults upon successfully decoding the last HTTP header. * Add corresponding tests to HttpRequestDecoderTest & HttpResponseDecoderTest. Co-authored-by: Bennett Lynch <Bennett-Lynch@users.noreply.github.com>

Motivation: c22c6b8 introduced support for UDP_SEGMENT but did restrict it to continous buffers. This is not needed as it is also fine to use CompositeByteBuf Modifications: - Allow to use CompositeByteBuf as well - Add unit test Result: More flexible usage of segmented datagrams possible

Motivation: As stated by https://tools.ietf.org/html/rfc7540#section-8.1.2.6 we should report a stream error if the content-length does not match the sum of all data frames. Modifications: - Verify that the sum of data frames match if a content-length header was send. - Handle multiple content-length headers and also handle negative values - Add io.netty.http2.validateContentLength system property which allows to disable the more strict validation - Add unit tests Result: Correctly handle the case when the content-length header was included but not match what is send and also when content-length header is invalid

Motivation: There are several overloads of streamError(), with one receiving the Throwable to be made the cause of the new exception. However, the wrong overload was being called and instead the IllegalArgumentException was being passed as a message format argument which was summarily thrown away as the message format didn't reference it. Modifications: Move IllegalArgumentException to proper argument position. Result: A useful exception, with the underlying cause available.

Motivation: The EpollSocketConnectTest was not correctly configuring TCP Fast Open on the server socket. It's an option, not a child option. Modification: EpollSocketConnectTest now correctly enables TCP Fast Open on the server side, when available, for the test that needs it. Result: Test covers what it was intended to.

Motivation: SslHandler owns the responsibility to flush non-application data (e.g. handshake, renegotiation, etc.) to the socket. However when TCP Fast Open is supported but the client_hello cannot be written in the SYN the client_hello may not always be flushed. SslHandler may not wrap/flush previously written/flushed data in the event it was not able to be wrapped due to NEED_UNWRAP state being encountered in wrap (e.g. peer initiated renegotiation). Modifications: - SslHandler to flush in channelActive() if TFO is enabled and the client_hello cannot be written in the SYN. - SslHandler to wrap application data after non-application data wrap and handshake status is FINISHED. - SocketSslEchoTest only flushes when writes are done, and waits for the handshake to complete before writing. Result: SslHandler flushes handshake data for TFO, and previously flushed application data after peer initiated renegotiation finishes.

Motivation: We need to ensure we also build the modules we depend on as otherwise we may not be able to resolve the dependencies correctly Modifications: - Add -am when calling maven Result: Deployment works all the time

…op (#11086) Motivation: Allow to configure the maximum number of messages to write per eventloop run. This can be useful to ensure we read data in a timely manner and not let writes dominate the CPU time. This is especially useful in protocols like QUIC where you need to read "fast enough" as otherwise you may not read the ACKs fast enough. Modifications: - Add new ChannelOption / config that allows to limit the number of messages to write per eventloop run. - Respect this setting for DatagramChannels Result: Reduce the risk of having WRITES block the processing of other events in a timely manner Co-authored-by: terrarier2111 <58695553+terrarier2111@users.noreply.github.com>

#11089) ... number of bytes when using DatagramChannels Motivation: In our FixedRecvByteBufAllocator we dont continue to read if the number of bytes is less then what was configured. This is correct when using it for TCP but not when using it for UDP. When using UDP the number of bytes is the maximum of what we want to support but we often end up processing smaller datagrams in general. Because of this we should use contineReading(UncheckedBooleanSupplier) to determite if we should continue reading Modifications: - use contineReading(UncheckedBooleanSupplier) for DatagramChannels Result: Read more then once in the general case for DatagramChannels with the default config

…on (#11096) Motivation: Newer versions of dawidd6/action-download-artifact changed the default workflow_conclusion from "completed" to "completed, success" which can result in download failures if the associated job fails, which is expected when tests fail. Modifications: - Explicitly set the workflow_conclusion to "completed" Result: Test failures which result in build failures will still download test data and generate reports after updating dawidd6/action-download-artifact.

… missing (#11100) Motivation: Components in a composite buffer can "go missing" if the composite is a slice of another composite and the parent has changed its layout. Modification: Where we would previously have thrown a NullPointerException, we now have a null-check for the component, and we instead throw an IllegalStateException with a more descriptive message. Result: It's now a bit easier to understand what is going on in these situations. Fixes #10908

Motivation: There was some grammar / spelling error in the javadocs Modification: Fix error Result: Cleanup

…lso be used (#11102) Motivation: We should always bind to port 0 to ensure we not try to bind to a port that is already in use during our tests. As we missed to do this in one test we did see test failures sometimes. This showed up here: https://pipelines.actions.githubusercontent.com/obCqqsCMwwGme5y2aRyYOiZvWeJK4O0EY5AYRUDMSELILdqEjV/_apis/pipelines/1/runs/1963/signedlogcontent/18?urlExpires=2021-03-19T12%3A41%3A21.4370902Z&urlSigningMethod=HMACV1&urlSignature=zL6O0msEkghT%2B0hOAL1lqLK66SR0Mp99QIjiau1yPe4%3D Modifications: - Use new InetSocketAddress(0) Result: Fixes possible test failures.

Motivation: We released a new version of netty-build Modifications: Update to latest version Result: Use latest netty-build version

Motivation: netty-build is now called netty-build-common Modifications: Rename netty-build to netty-build-common Result: Be able to compile branch again

Motivation: If compression is enabled and the HttpResponse also implements HttpContent (but not LastHttpContent) then the buffer will be freed to eagerly. Modification: I retain the buffer the same way that is done for the LastHttpContent case. Note that there is another suspicious looking call a few lines above (if beginEncode returns null). I am not sure if this should also be retained. Result: Fixes #11092

Motivation A GOAWAY frame (or any other HTTP/2 frame) should not be sent before the connection preface. Clients that immediately close the channel may currently attempt to send a GOAWAY frame before the connection preface, resulting in servers receiving a seemingly-corrupt connection preface. Modifications * Ensure that the preface has been sent before attempting to automatically send a GOAWAY frame as part of channel shutdown logic * Add unit test that only passes with new behavior Result Fixes #11026 Co-authored-by: Bennett Lynch <Bennett-Lynch@users.noreply.github.com>

Motivation: Alignment handling was broken, and basically turned into a fixed offset into each allocation address regardless of its initial value, instead of ensuring that the allocated address is either aligned or bumped to the nearest alignment offset. The brokenness of the alignment handling extended so far, that overlapping ByteBuf instances could even be created, as was seen in #11101. Modification: Instead of fixing the per-allocation pointer bump, we now ensure that 1) the minimum page size is a whole multiple of the alignment, and 2) the reference memory for each chunk is bumped to the nearest aligned address, and finally 3) ensured that the reservations are whole multiples of the alignment, thus ensuring that the next allocation automatically occurs from an aligned address. Incidentally, (3) above comes for free because the reservations are in whole pages, and in (1) we ensured that pages are sized in whole multiples of the alignment. In order to ensure that the memory for a chunk is aligned, we introduce some new PlatformDependent infrastructure. The PlatformDependent.alignDirectBuffer will produce a slice of the given buffer, and the slice will have an address that is aligned. This method is plainly available on ByteBuffer in Java 9 onwards, but for pre-9 we have to use Unsafe, which means it can fail and might not be available on all platforms. Attempts to create a PooledByteBufAllocator that uses alignment, when this is not supported, will throw an exception. Luckily, I think use of aligned allocations are rare. Result: Aligned pooled byte bufs now work correctly, and never have any overlap. Fixes #11101

…ream flag is set (#11105) Motivation: We need to ensure we are still be able to correctly map errors to streams in all cases. The problem was that we sometimes called closeStreamRemote(...) in a finally block and so closed the underyling stream before the actual exception was propagated. This was only true in some cases and not in all. Generally speaking we should only call closeStreamRemote(...) if there was no error as in a case of error we should generate a RST frame. Modifications: - Only call closeStreamRemote(...) if no exeption was thrown and so let the Http2ConnectionHandler handle the exception correctly - Add unit tests Result: Correctly handle errors even when endStream is set to true

Motivation: CONNECT requests have no path defined as stated in the HTTP/2 spec, at the moment we will throw an exception if we try to convert such a request to HTTP/1.1 Modifications: - Don't throw an exception if we try to convert a HTTP/2 CONNECT request that has no path - Add unit test Result: Related to netty/netty-incubator-codec-http3#112.

Motivation: LSE (https://mysqlonarm.github.io/ARM-LSE-and-MySQL/) can have a huge performance difference. Let's ensure we use a compiler that can support it. Modifications: Update to gc10 when cross-compiling as it supports LSE and enables it by default Result: More optimized builds for aarch64

Motivation: These are necessary for creating a buffer implementation that uses Unsafe, and works generically for both on-heap and off-heap memory. Modification: PlatformDependent previously forced clients to decide if they are working on on-heap memory, or off-heap memory, by giving accessors distinct APIs for each. What is added here, are generic accessors that work the same in either case. Result: We can now make an Unsafe-based buffer implementation that is agnostic to whether the memory is on- or off-heap.

netty-jni-util 0.0.2.Final is incompatible with static linking. Before the netty-jni-util dependency was introduced netty-tcnative supported static linking via NETTY_BUILD_STATIC. netty-jni-util 0.0.3.Final adds static linking compatibility. Modifications: Bump netty-jni-util to version 0.0.3.Final and update to its new API which requires the caller to manage packagePrefix. Result: Using latest version of netty-jni-util and restored static linking compatibility.

Motivation: We had a typo and so the build for aarch64 failed before Modifications: Fix typo Result: Build for aarch64 works again

Motivation: The offsets were accidentally typed as int, where they should have been typed as long. Modification: Change type of offset arguments to PlatformDependent.put*(Object,int,?) from int to long. Result: It is now possible to use these methods to store to memory at absolute memory addresses.

…cted without ThreadGroup (#11119) Motivation: We had a bug in out DefaulThreadFactory as it always retrieved the ThreadGroup to used during creation time when now explicit ThreadGroup was given. This is problematic as the Thread may die and so the ThreadGroup is destroyed even tho the DefaultThreadFactory is still used. This could produce exceptions like: java.lang.IllegalThreadStateException at java.lang.ThreadGroup.addUnstarted(ThreadGroup.java:867) at java.lang.Thread.init(Thread.java:405) at java.lang.Thread.init(Thread.java:349) at java.lang.Thread.<init>(Thread.java:599) at io.netty.util.concurrent.FastThreadLocalThread.<init>(FastThreadLocalThread.java:60) at io.netty.util.concurrent.DefaultThreadFactory.newThread(DefaultThreadFactory.java:122) at io.netty.util.concurrent.DefaultThreadFactory.newThread(DefaultThreadFactory.java:106) at io.netty.util.concurrent.ThreadPerTaskExecutor.execute(ThreadPerTaskExecutor.java:32) at io.netty.util.internal.ThreadExecutorMap$1.execute(ThreadExecutorMap.java:57) at io.netty.util.concurrent.SingleThreadEventExecutor.doStartThread(SingleThreadEventExecutor.java:978) at io.netty.util.concurrent.SingleThreadEventExecutor.startThread(SingleThreadEventExecutor.java:947) at io.netty.util.concurrent.SingleThreadEventExecutor.execute(SingleThreadEventExecutor.java:830) at io.netty.util.concurrent.SingleThreadEventExecutor.execute(SingleThreadEventExecutor.java:818) at io.netty.channel.AbstractChannel$AbstractUnsafe.register(AbstractChannel.java:471) at io.netty.channel.SingleThreadEventLoop.register(SingleThreadEventLoop.java:87) at io.netty.channel.SingleThreadEventLoop.register(SingleThreadEventLoop.java:81) at io.netty.channel.MultithreadEventLoopGroup.register(MultithreadEventLoopGroup.java:86) at io.netty.bootstrap.AbstractBootstrap.initAndRegister(AbstractBootstrap.java:323) at io.netty.bootstrap.AbstractBootstrap.doBind(AbstractBootstrap.java:272) at io.netty.bootstrap.AbstractBootstrap.bind(AbstractBootstrap.java:239) at io.netty.incubator.codec.quic.QuicTestUtils.newServer(QuicTestUtils.java:138) at io.netty.incubator.codec.quic.QuicTestUtils.newServer(QuicTestUtils.java:143) at io.netty.incubator.codec.quic.QuicTestUtils.newServer(QuicTestUtils.java:147) at io.netty.incubator.codec.quic.QuicStreamFrameTest.testCloseHalfClosure(QuicStreamFrameTest.java:48) at io.netty.incubator.codec.quic.QuicStreamFrameTest.testCloseHalfClosureUnidirectional(QuicStreamFrameTest.java:35) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:59) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:56) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:288) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:282) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.lang.Thread.run(Thread.java:748) Modifications: - If the user dont specify a ThreadGroup we will just pass null to the constructor of FastThreadLocalThread and so let it retrieve on creation time - Adjust tests Result: Don't risk to see IllegalThreadStateExceptions.

Motivation: UDP_GRO can improve performance when reading UDP datagrams. This patch adds support for it. See https://lwn.net/Articles/768995/ Modifications: - Add recvmsg(...) - Add support for UDP_GRO in recvmsg(...) and recvmmsg(...) - Remove usage of recvfrom(...) and just always use recvmsg(...) or recvmmsg(...) to simplify things - Refactor some code for sharing - Add EpollChannelOption.UDP_GRO and the getter / setter in EpollDatagramConfig Result: UDP_GRO is supported when the underlying system supports it.

Motivation: There are some redundant checks and so these can be removed Modifications: - First check frameOpcode != OPCODE_PING is removed because the code executed int the branch where frameOpcode <= 7, while OPCODE_PING is 9. - Second check frameOpcode != OPCODE_PING is removed because its checked before. Result: Code cleanup

Motivation: As we can supported SegmentedDatagramPacket in multiple native transports (like in epoll and io_uring) we should just move it to unix-common so we can share code. Modification: - Move SegmentedDatagrampPacket to transport-native-unixu - Mark the SegmentedDatagramPacket in epoll as deprecated - Update code to use updated package. Result: Possibility of code re-use

Motivation: We also need to ensure that all the header validation is done when a single header with the endStream flag is received Modifications: - Adjust code to always enforce the validation - Add more unit tests Result: Always correctly validate

Motivation: We should skip the deployment of jars that are not meant to be consumed by the user as there is no public API. Modifications: Let's skip deployment for modules that are not useful for users Result: Build cleanup

… depending on the ChannelOutboundBuffer state (#11128) Motivation: This is a regression caused by #11086 Modifications: AbstractKQueueChannel#writeFilter should be invoked with `!in.isEmpty()` - false - all messages are written - true - there are still messages to be written Result: AbstractKQueueChannel#writeFilter is invoked with the correct boolean depending on the ChannelOutboundBuffer state

Motivation: SslHandler's wrap method notifies the handshakeFuture and sends a SslHandshakeCompletionEvent user event down the pipeline before writing the plaintext that has just been wrapped. It is possible the application may write as a result of these events and re-enter into wrap to write more data. This will result in out of sequence data and result in alerts such as SSLV3_ALERT_BAD_RECORD_MAC. Modifications: - SslHandler wrap should write any pending data before notifying promises, generating user events, or anything else that may create a re-entry scenario. Result: SslHandler will wrap/write data in the same order.

Motivation: We should avoid blocking in the event loop as much as possible. The InputStream.read() is a blocking method, and we don't need to call it if available() returns a positive number. Modification: Bypass calling InputStream.read() if available() returns a positive number. Result: Fewer blocking calls in the event loop, in general, when ChunkedStream is used.

…11148) Motivation: `SslHandler#unwrap` may produce `SslHandshakeCompletionEvent` if it receives `close_notify` alert. This alert indicates that the engine is closed and no more data are expected in the pipeline. However, it fires the event before the last data chunk. As the result, further handlers may loose data if they handle `SslHandshakeCompletionEvent`. This issue was not visible before #11133 because we did not write `close_notify` alert reliably. Modifications: - Add tests to reproduce described behavior; - Move `notifyClosePromise` after fire of the last `decodeOut`; Result: `SslHandshakeCompletionEvent` correctly indicates that the engine is closed and no more data are expected on the pipeline.

Motivation: SslHandler has many independent boolean member variables. They can be collapsed into a single variable to save memory. Modifications: - SslHandler boolean state consolidated into a single short variable. Result: Savings of 8 bytes per SslHandler (which is per connection) observed on OpenJDK.

…ory (#11145) Motivation: When Memory based Factory is used, if the first chunk starts with Line Break, the HttpData is not filled with the current available buffer if the delimiter is not found yet, while it may add some. Fix JavaDoc to note potential wrong usage of content() or getByteBuf() if HttpDatais has a huge content with the risk of Out Of Memory Exception. Fix JavaDoc to explain how to release properly the Factory, whatever it is in Memory, Disk or Mixed mode. Fix issue #11143 Modifications: First, when the delimiter is not found, instead of searching Line Break from readerIndex(), we should search from readerIndex() + readableBytes() - delimiter size, since this is the only part where usefull Line Break could be searched for, except if readableBytes is less than delimiter size (then we search from readerIndex). Second, when a Memory HttpData is created, it should be assigned an empty buffer to be consistent with the other implementations (Disk or Mixed mode). We cannot change the default behavior of the content() or getByteBuf() of the Memory based HttpData since the ByteBuf is supposed to be null when released, but not empty. When a new ByteBuf is added, one more check verifies if the current ByteBuf is empty, and if so, it is released and replaced by the new one, without creating a new CompositeByteBuf. Result: In the tests testBIgFileUploadDelimiterInMiddleChunkDecoderMemoryFactory and related for other modes, the buffers are starting with a CRLF. When we offer only the prefix part of the multipart (no data at all), the current Partial HttpData has an empty buffer. The first time we offer the data starting with CRLF to the decoder, it now has a correct current Partial HttpData with a buffer not empty. The Benchmark was re-run against this new version. Old Benchmark Mode Cnt Score Error Units HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigAdvancedLevel thrpt 6 4,037 ± 0,358 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigDisabledLevel thrpt 6 4,226 ± 0,471 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigParanoidLevel thrpt 6 0,875 ± 0,029 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigSimpleLevel thrpt 6 4,346 ± 0,275 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighAdvancedLevel thrpt 6 2,044 ± 0,020 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighDisabledLevel thrpt 6 2,278 ± 0,159 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighParanoidLevel thrpt 6 0,174 ± 0,004 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighSimpleLevel thrpt 6 2,370 ± 0,065 ops/ms New Benchmark Mode Cnt Score Error Units HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigAdvancedLevel thrpt 6 5,604 ± 0,415 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigDisabledLevel thrpt 6 6,058 ± 0,111 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigParanoidLevel thrpt 6 0,914 ± 0,031 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderBigSimpleLevel thrpt 6 6,053 ± 0,051 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighAdvancedLevel thrpt 6 2,636 ± 0,141 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighDisabledLevel thrpt 6 3,033 ± 0,181 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighParanoidLevel thrpt 6 0,178 ± 0,006 ops/ms HttpPostMultipartRequestDecoderBenchmark.multipartRequestDecoderHighSimpleLevel thrpt 6 2,859 ± 0,189 ops/ms So +20 to +40% improvement due to not searching for CRLF/LF into the full buffer when no delimiter is found, but only from the end and delimiter size + 2 (CRLF).

Motivation: SslHandler invokes channel.read() during the handshake process. For some channel implementations (e.g. LocalChannel) this may result in re-entry conditions into unwrap. Unwrap currently defers updating the input buffer indexes until the unwrap method returns to avoid intermediate updates if not necessary, but this may result in unwrapping the same contents multiple times which leads to handshake failures [1][2]. [1] ssl3_get_record:decryption failed or bad record mac [2] ssl3_read_bytes:sslv3 alert bad record mac Modifications: - SslHandler#unwrap updates buffer indexes on each iteration so that if reentry scenario happens the correct indexes will be visible. Result: Fixes #11146

Motivation: We are increasingly running in environments where Unsafe, setAccessible, etc. are not available. When debug logging is enabled, we log a complete stack trace every time one of these initialisations fail. Seeing these stack traces can cause people unnecessary concern. For instance, people might have alerts that are triggered by a stack trace showing up in logs, regardless of its log level. Modification: We continue to print debug log messages on the result of our initialisations, but now we only include the full stack trace is _trace_ logging (or FINEST, or equivalent in whatever logging framework is configured) is enabled. Result: We now only log these initialisation stack traces when the lowest possible log level is enabled. Fixes #7817

Motivation: There is an unused field Modifications: Remove useless code Result: Code cleanup Co-authored-by: xingrufei <xingrufei@sogou-inc.com>

Motivation: `ThreadLocalRandom` doesn't cause contention. Also `nextInt()` generates only 4 random bytes while `Math.random()` generates 8 bytes. Modification: Replaced `(int) Math.random()` with `PlatformDependent.threadLocalRandom().nextInt()` Result: No possible contention when random numbers for WebSockets.

Motivation: There is a bug in `StreamBufferingEncoder` such that when client receives GOWAY while there are pending streams due to MAX_CONCURRENT_STREAMS, we see the following error: ``` io.netty.handler.codec.http2.Http2Exception$StreamException: Maximum active streams violated for this endpoint. at io.netty.handler.codec.http2.Http2Exception.streamError(Http2Exception.java:147) at io.netty.handler.codec.http2.DefaultHttp2Connection$DefaultEndpoint.checkNewStreamAllowed(DefaultHttp2Connection.java:896) at io.netty.handler.codec.http2.DefaultHttp2Connection$DefaultEndpoint.createStream(DefaultHttp2Connection.java:748) at io.netty.handler.codec.http2.DefaultHttp2Connection$DefaultEndpoint.createStream(DefaultHttp2Connection.java:668) at io.netty.handler.codec.http2.DefaultHttp2ConnectionEncoder.writeHeaders0(DefaultHttp2ConnectionEncoder.java:201) at io.netty.handler.codec.http2.DefaultHttp2ConnectionEncoder.writeHeaders(DefaultHttp2ConnectionEncoder.java:167) at io.netty.handler.codec.http2.DecoratingHttp2FrameWriter.writeHeaders(DecoratingHttp2FrameWriter.java:53) at io.netty.handler.codec.http2.StreamBufferingEncoder.writeHeaders(StreamBufferingEncoder.java:153) at io.netty.handler.codec.http2.StreamBufferingEncoder.writeHeaders(StreamBufferingEncoder.java:141) at io.grpc.netty.NettyClientHandler.createStreamTraced(NettyClientHandler.java:584) at io.grpc.netty.NettyClientHandler.createStream(NettyClientHandler.java:567) at io.grpc.netty.NettyClientHandler.write(NettyClientHandler.java:328) at io.netty.channel.AbstractChannelHandlerContext.invokeWrite0(AbstractChannelHandlerContext.java:717) at io.netty.channel.AbstractChannelHandlerContext.invokeWrite(AbstractChannelHandlerContext.java:709) at io.netty.channel.AbstractChannelHandlerContext.write(AbstractChannelHandlerContext.java:792) at io.netty.channel.AbstractChannelHandlerContext.write(AbstractChannelHandlerContext.java:702) at io.netty.channel.DefaultChannelPipeline.write(DefaultChannelPipeline.java:1015) at io.netty.channel.AbstractChannel.write(AbstractChannel.java:289) at io.grpc.netty.WriteQueue$AbstractQueuedCommand.run(WriteQueue.java:213) at io.grpc.netty.WriteQueue.flush(WriteQueue.java:128) at io.grpc.netty.WriteQueue.drainNow(WriteQueue.java:114) at io.grpc.netty.NettyClientHandler.goingAway(NettyClientHandler.java:783) at io.grpc.netty.NettyClientHandler.access$300(NettyClientHandler.java:91) at io.grpc.netty.NettyClientHandler$3.onGoAwayReceived(NettyClientHandler.java:280) at io.netty.handler.codec.http2.DefaultHttp2Connection.goAwayReceived(DefaultHttp2Connection.java:236) at io.netty.handler.codec.http2.DefaultHttp2ConnectionDecoder.onGoAwayRead0(DefaultHttp2ConnectionDecoder.java:218) at io.netty.handler.codec.http2.DefaultHttp2ConnectionDecoder$FrameReadListener.onGoAwayRead(DefaultHttp2ConnectionDecoder.java:551) at io.netty.handler.codec.http2.Http2InboundFrameLogger$1.onGoAwayRead(Http2InboundFrameLogger.java:119) at io.netty.handler.codec.http2.DefaultHttp2FrameReader.readGoAwayFrame(DefaultHttp2FrameReader.java:591) at io.netty.handler.codec.http2.DefaultHttp2FrameReader.processPayloadState(DefaultHttp2FrameReader.java:272) at io.netty.handler.codec.http2.DefaultHttp2FrameReader.readFrame(DefaultHttp2FrameReader.java:160) at io.netty.handler.codec.http2.Http2InboundFrameLogger.readFrame(Http2InboundFrameLogger.java:41) at io.netty.handler.codec.http2.DefaultHttp2ConnectionDecoder.decodeFrame(DefaultHttp2ConnectionDecoder.java:174) at io.netty.handler.codec.http2.Http2ConnectionHandler$FrameDecoder.decode(Http2ConnectionHandler.java:378) at io.netty.handler.codec.http2.Http2ConnectionHandler.decode(Http2ConnectionHandler.java:438) at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:498) at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:437) at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1486) at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1235) at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1282) at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:498) at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:437) at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) at io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:792) at io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:475) at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:378) at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989) at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) at java.base/java.lang.Thread.run(Unknown Source) ``` The bug should come from the way that `StreamBufferingEncoder.writeHeaders()` handles the condition `connection().goAwayReceived()`. The current behavior is to delegate to `super.writeHeaders()` and let the stream fail, but this will end up with `Http2Exception` with the message "Maximum active streams violated for this endpoint" which is horrible. See https://github.com/netty/netty/blob/e5951d46fc89db507ba7d2968d2ede26378f0b04/codec-http2/src/main/java/io/netty/handler/codec/http2/StreamBufferingEncoder.java#L152-L155 Modification: Abort new stream immediately if goaway received *and* MAX_CONCURRENT_STREAM reached in `StreamBufferingEncoder` rather than delegating to the `writeHeaders()` method of its super class. Result: In the situation when GOAWAY received as well as MAX_CONCURRENT_STREAM exceeded, the client will fail the buffered streams with `Http2Error.NO_ERROR` and message "GOAWAY received" instead of "Maximum active streams violated for this endpoint". Co-authored-by: Norman Maurer <norman_maurer@apple.com>

…11167) Motivation: On Windows DnsNameResolver is not able to resolve the host(computer) name as it is not in the hosts file and the DNS server is also not able to resolve it. The exception below is the result of the resolution: Caused by: java.net.UnknownHostException: failed to resolve 'host(computer)-name' after 2 queries at io.netty.resolver.dns.DnsResolveContext.finishResolve(DnsResolveContext.java:1013) at io.netty.resolver.dns.DnsResolveContext.tryToFinishResolve(DnsResolveContext.java:966) at io.netty.resolver.dns.DnsResolveContext.query(DnsResolveContext.java:414) at io.netty.resolver.dns.DnsResolveContext.tryToFinishResolve(DnsResolveContext.java:938) at io.netty.resolver.dns.DnsResolveContext.access$700(DnsResolveContext.java:63) at io.netty.resolver.dns.DnsResolveContext$2.operationComplete(DnsResolveContext.java:467) Modifications: On Windows DnsNameResolver maps host(computer) name to LOCALHOST Result: DnsNameResolver is able to resolve the host(computer) name on Windows Fixes #11142

…ds that take ChannelHandlerContext as parameter (#11171) Motivation: At the moment we only expose close(...) methods that take a Channel as paramater. This can be problematic as the write will start at the end of the pipeline which may contain ChannelOutboundHandler implementations that not expect WebSocketFrame objects. We should better also support to pass in a ChannelHandlerContext as starting point for the write which ensures that the WebSocketFrame objects will be handled correctly from this position of the pipeline. Modifications: - Add new close(...) methods that take a ChannelHandlerContext - Add javadoc sentence to point users to the new methods. Result: Be able to "start" the close at the right position in the pipeline.

…11173) Motivation: While adding support for GRO (b05fdf3) we broke support for IP_RECVORIGDSTADDR when using the native transport. Beside this we also didnt correctly handle IP_RECVORIGDSTADDR when recvmmsg was used. Modifications: - Fix support for IP_RECVORIGDSTADDR when using the native epoll transport for normal reads (recvmsg) but also for scattering reads (recvmmsg) - Remove code from unix code-base as the support is linux specific and we not need the code there anymore Result: Fixes #11141

… ByteBuf Motivation: We have already calculated the payload length. So no need to calculate again when allocating ByteBuf Modification: Used payloadLength variable instead of calculating the payload length again Result: Re-use the variable value and make the code cleaner

Motivation: In the method processHeaderState(), we have checked the http2 payload length against max frame size. But later for different types of frames, we checked this again. Modifications: Removed the duplicate check in verify*() methods. And removed verifyPayloadLength() method, since it will not be used anymore. Result: Remove duplicate check and make the code cleaner.

Motivation: Under Android it was not possible to load a specific web page. It might be related to the (missing?) ALPN of the internal TLS implementation. BouncyCastle as a replacement works but this was not supported so far by Netty. BouncyCastle also has the benefit to be a pure Java solution, all the other providers (OpenSSL, Conscrypt) require native libraries which are not available under Android at least. Modification: BouncyCastleAlpnSslEngine.java and support classes have been added. It is relying on the JDK code, hence some support classes had to be opened to prevent code duplication. Result: BouncyCastle can be used as TLS provider. Co-authored-by: Norman Maurer <norman_maurer@apple.com>

…11170) (#11172) Motivation: NullChecks resulting in a NullPointerException or IllegalArgumentException, numeric ranges (>0, >=0) checks, not empty strings/arrays checks must never be anonymous but with the parameter or variable name which is checked. They must be specific and should not be done with an "OR-Logic" (if a == null || b == null) throw new NullPointerEx. Modifications: * Add some checks to ObjectUtil not present today but utilized in the code. * Add unit test for ObjectUtil * Update commmons internal usage with ObjectUtil Result: All checks needed are present, subsequent changes of usage of ObjectUtil are possible. Fixes for #11170

Motivation: Switch statements should always have a default block to ensure we not "fall-through" by mistake. Modification: Add default block Result: code cleanup. Signed-off-by: xingrufei <xingrufei@sogou-inc.com> Co-authored-by: xingrufei <xingrufei@sogou-inc.com>

…1170) (#11179) Motivation: NullChecks resulting in a NullPointerException or IllegalArgumentException, numeric ranges (>0, >=0) checks, not empty strings/arrays checks must never be anonymous but with the parameter or variable name which is checked. They must be specific and should not be done with an "OR-Logic" (if a == null || b == null) throw new NullPointerEx. Modifications: * import static relevant checks * Replace manual checks with ObjectUtil methods Result: All checks needed are done with ObjectUtil, some exception texts are improved. Fixes #11170

…11168) Motivation: SimpleChannelPromiseAggregator implements the promise API and allows for multiple operations to share a common promise. It currently propagates the last exception to occur, but this may mask the original exception which lead to the last exception and make debugging more difficult. Modifications: - SimpleChannelPromiseAggregator propagates the first exception instead of the last exception. Result: Fixes #11161.

…11170) (#11180) Motivation: NullChecks resulting in a NullPointerException or IllegalArgumentException, numeric ranges (>0, >=0) checks, not empty strings/arrays checks must never be anonymous but with the parameter or variable name which is checked. They must be specific and should not be done with an "OR-Logic" (if a == null || b == null) throw new NullPointerEx. Modifications: * import static relevant checks * Replace manual checks with ObjectUtil methods Result: All checks needed are done with ObjectUtil, some exception texts are improved. Fixes #11170

#11170) (#11181) Motivation: NullChecks resulting in a NullPointerException or IllegalArgumentException, numeric ranges (>0, >=0) checks, not empty strings/arrays checks must never be anonymous but with the parameter or variable name which is checked. They must be specific and should not be done with an "OR-Logic" (if a == null || b == null) throw new NullPointerEx. Modifications: * import static relevant checks * Replace manual checks with ObjectUtil methods Result: All checks needed are done with ObjectUtil, some exception texts are improved. Fixes #11170

…11170) (#11182) Motivation: NullChecks resulting in a NullPointerException or IllegalArgumentException, numeric ranges (>0, >=0) checks, not empty strings/arrays checks must never be anonymous but with the parameter or variable name which is checked. They must be specific and should not be done with an "OR-Logic" (if a == null || b == null) throw new NullPointerEx. Modifications: * import static relevant checks * Replace manual checks with ObjectUtil methods Result: All checks needed are done with ObjectUtil, some exception texts are improved. Fixes #11170

…11170) (#11183) Motivation: NullChecks resulting in a NullPointerException or IllegalArgumentException, numeric ranges (>0, >=0) checks, not empty strings/arrays checks must never be anonymous but with the parameter or variable name which is checked. They must be specific and should not be done with an "OR-Logic" (if a == null || b == null) throw new NullPointerEx. Modifications: * import static relevant checks * Replace manual checks with ObjectUtil methods Result: All checks needed are done with ObjectUtil, some exception texts are improved. Fixes #11170

…11170) (#11185) Motivation: NullChecks resulting in a NullPointerException or IllegalArgumentException, numeric ranges (>0, >=0) checks, not empty strings/arrays checks must never be anonymous but with the parameter or variable name which is checked. They must be specific and should not be done with an "OR-Logic" (if a == null || b == null) throw new NullPointerEx. Modifications: * import static relevant checks * Replace manual checks with ObjectUtil methods Result: All checks needed are done with ObjectUtil, some exception texts are improved. Fixes #11170

) (#11186) Motivation: NullChecks resulting in a NullPointerException or IllegalArgumentException, numeric ranges (>0, >=0) checks, not empty strings/arrays checks must never be anonymous but with the parameter or variable name which is checked. They must be specific and should not be done with an "OR-Logic" (if a == null || b == null) throw new NullPointerEx. Modifications: * import static relevant checks * Replace manual checks with ObjectUtil methods Result: All checks needed are done with ObjectUtil, some exception texts are improved in microbench and resolver-dns Fixes #11170

#11170) (#11187) Motivation: NullChecks resulting in a NullPointerException or IllegalArgumentException, numeric ranges (>0, >=0) checks, not empty strings/arrays checks must never be anonymous but with the parameter or variable name which is checked. They must be specific and should not be done with an "OR-Logic" (if a == null || b == null) throw new NullPointerEx. Modifications: * import static relevant checks * Replace manual checks with ObjectUtil methods Result: All checks needed are done with ObjectUtil, some exception texts are improved. Fixes #11170

Motivation: RFC 8411 defines a new HTTP/2 pseudo header called `:protocol`: - https://datatracker.ietf.org/doc/rfc8441/ Netty currently raises an exception when validating an `Http2Headers`. Modifications: - Added `Http2Headers.PseudoHeaderNames.PROTOCOL` so that `:protocol` pseudo header is not rejected. Result: - A user can implement WebSockets with HTTP/2.

Motivation: In the latest version of BouncyCastle, BCJSSE:'TLSv1.3' is now a supported protocol for both client and server. So should consider enabling TLSv1.3 when TLSv1.3 is available Modification: This pr is to enable TLSv1.3 when using BouncyCastle ALPN support, please review this pr,thanks Result: Enable TLSv1.3 when using BouncyCastle ALPN support Signed-off-by: xingrufei <xingrufei@sogou-inc.com> Co-authored-by: xingrufei <xingrufei@sogou-inc.com>

…11191) Motivation: When create a WebSocketServerProtocolConfig to check URI path starts from '/', only '/' or '//subPath' can be passed by the checker,but '/subPath' should be passed as well Modifications: in `WebSocketServerProtocolHandshakeHandler.isWebSocketPath()` treat '/' a special case Result: '/subPath' can be passed

Motivation: It turned out we didnt run the openssl tests on the CI when we used the non-static version of netty-tcnative. Modifications: - Upgrade netty-tcnative to fix segfault when using shared openssl - Adjust tests to only run session cache tests when openssl supports it - Fix some more tests to only depend on KeyManager if the underlying openssl version supports it Result: Run all openssl test on the CI even when shared library is used

Motivation: In the past we did see problems sometime when run-on-arch-action was used. We are multiple releases behind, lets update and so maybe fix the problems. Modifications: Update to latest release Result: Use latest run-on-arch-action release

…11198) Motivation: We didn't correctly handle the case when no content-type header was found or if the charset was illegal and just did throw a NPE or ICE. We should in both cases throw an ErrorDataDecoderException to reflect what is documented in the javadocs. Modifications: - Throw correct exception - Merge private method into the constructor as it is only used there - Add unit tests Result: Throw expected exceptions on decoding errors

Motivation: We need to call destroy() if the constructor of HttpPostMultipartRequestDecoder throws as otherwise we may leak memory. Modifications: - Call destroy() if we throw - Add unit test Result: No more leaks when constructor throws Co-authored-by: Frederic Bregier <frederic.bregier@waarp.fr>

…n in mqtt v3.1 on the server side (#11205) Motivation: In the mqtt v3.1 protocol, the default maximum Client Identifier length is 23.However, in (#11114), there are many cases, the server may still receive a client ID with a length greater than 23. Perhaps should consider letting the user decide whether accept client id greater than 23 on the server side Modification: - Allow to specify max length. Result: Give a choice for app to extend the length limitation of clientId even in mqtt v3.1 on the server side. Signed-off-by: xingrufei <xingrufei@sogou-inc.com> Co-authored-by: xingrufei <xingrufei@sogou-inc.com>

…d in MqttDecoder (#11204) Motivation: Before throwing TooLongFrameException, should call the skipBytes method to skip the bytes to be read Modification: - skip bytes before throw Result: Actually skip the bytes when we detect too much data Signed-off-by: xingrufei <xingrufei@sogou-inc.com> Co-authored-by: xingrufei <xingrufei@sogou-inc.com>

…11210) Motivation: ReferenceCountedOpenSslEngine may unwrap data and complete the handshake in a single unwrap() call. However it may return HanshakeStatus of HandshakeStatus of NEED_UNWRAP instead of FINISHED. This may result in the SslHandler sending the unwrapped data up the pipeline before notifying that the handshake has completed, and result in out-of-order events. Modifications: - if ReferenceCountedOpenSslEngine handshake status is NEED_UNWRAP and produced data, or NEED_WRAP and consumed some data, we should call handshake() to get the current state. Result: ReferenceCountedOpenSslEngine correctly indicates when the handshake has finished if at the same time data was produced or consumed.

__Motivation__ `Http2FrameCodecBuilder` constructor calls `server()` internally which disallows using certain methods on the builder later. Additionally, the constructor is package private which limits extension of the `Builder` as well as usage outside the available `forClient()` and `forServer()` static methods. __Modification__ - Introduce a `public` no-arg constructor to `Http2FrameCodecBuilder`. __Result__ `Http2FrameCodecBuilder` can now be used to create the codec with `Http2Connection` or `Http2ConnectionDecoder` and `Http2ConnectionEncoder` which was earlier not possible due to implicit call to `server()` by the `Http2FrameCodecBuilder` constructor.

…ion for a handshake success (#11203) Motivation: Modifications: - Add test Result: Verify fix in #11210 Co-authored-by: Norman Maurer <norman_maurer@apple.com>

Motivation: 2 years ago a change remove the default clearing of all HttpData, whatever they are disk based or memory based. A lot of users were probably releasing HttpData directly, so there was no issue. But now, it seems, and as the Javadoc said, that `decoder.destroy()` shall clean up also Memory based HttpData, and not only Disk based HttpData as currently. Change: - Add in `destroy()` method the necessary code to release if necessary the underlying Memory based HttpDatas. - Change one Junit Test (using Mixed, Memory and Disk based factories) in order to check the correctness of this behavior and to really act as a handler (releasing buffers or requests). - Modify one Junit core to check validity when a delimiter is present in the Chunk but not CRLF/LF (false delimiter), to ensure correctness. Result: No more issue on memory leak Note that still the List and the Map are not cleaned, since they were not before. No change is done on this, since it could produce backward issue compatibility. Fix issues #11175 and #11184

…artRequestDecoderTest Motivation: Some of the HttpPostMultiPartRequestDecoder specific tests were included in HttpPostRequestDecoderTest. We should better move these in the correct test class. Modifications: Move specific tests Result: Cleanup

#11215) Motivation: It turns out it is quite easy to cause a classloader deadlock in more recent java updates if you cause classloading while you are in native code. Because of this we should just workaround this issue by pre-load all the classes that needs to be accessed in the OnLoad function. Modifications: - Preload all classes that would otherwise be loaded by native OnLoad functions. Result: Workaround for #11209 and https://bugs.openjdk.java.net/browse/JDK-8266310

Motivation: netty-all already depends on the other netty-* packages so there's no need to also bundle them. The duplicated classes cause classpath issues, particularly with Java > 8, which reports errors like this: The package io.netty.buffer is accessible from more than one module: io.netty.all, io.netty.buffer Modifications: - Removed bundling tasks from netty-all's maven pom.xml Result: - netty-all no longer bundles all classes. Instead, classes are provided by expressed dependencies. Fixes #4671

Motivation: The last non-LTS release is JDK16 now. Modifications: Update from JDK15 to JDK16 for building as this is the last non-LTS release atm Result: Build with latest non-LTS release as well

…ected` (#11220) Motivation: `Http2FrameCodecBuilder` defines static factory methods `forClient()` and `forServer()` that should be used to create a new instance. The default ctor is useful only when users need to override behavior of the existing builder. Those users should define another way to create an instance. Modifications: - Decrease visibility of `Http2FrameCodecBuilder` default ctor from `public` to `protected`; - Add javadoc to clarity responsibilities; Result: Users of `Http2FrameCodecBuilder` are not confused why `new Http2FrameCodecBuilder().build()` works for the server-side, but does not work for the client-side.

Motivation: DNS resolver falls back to trying CNAME if no records found, but should only try this for A/AAAA queries. Does not make sense for other query types, results in a redundant CNAME query that is just going to fail. Modification: Check query type before deciding to try CNAME. Only proceed if type is A or AAAA. Added unit test to verify CNAME is only tried after A/AAAA queries. Result: Fixes #11214.

Motivation: We've seen (very rare) flaky test failures due to timeouts. They are too rare to analyse properly, but a theory is that on overloaded, small cloud CI instances, it can sometimes take a surprising amount of time to start a thread. It could be that the event loop thread is getting an unlucky schedule, and takes seconds to start, causing the timeouts to elapse. Modification: Increase the initial timeouts in the SSLEngineTest, that could end up waiting for the event loop thread to start. Also fix a few simple warnings from Intellij. Result: Hopefully we will not see these tests be flaky again.

Motivation: We use an old version of maven atm. Modifications: Update to maven 3.8.1 Result: Use latest maven release when compiling

Motivation: Fix switch case fall through, add default block in MqttVersion Modification: Fix switch case fall through, add default block in MqttVersion Result: Code cleanup Signed-off-by: xingrufei <xingrufei@sogou-inc.com> Co-authored-by: xingrufei <xingrufei@sogou-inc.com>

Motivation: When checking the latest commit i saw some bad exception messages in MqttVersion hence i improved them. Modification: Improved exception messages in MqttVersion. Result: Better exception messages in MqttVersion.

Motivation: We should add explicit null checks so its easier for people to understand why it throws. Modification: Add explicit checkNotNull(...) Result: Easier to understand for users why it fails. Signed-off-by: xingrufei <xingrufei@sogou-inc.com> Co-authored-by: xingrufei <xingrufei@sogou-inc.com>

Motivation: It seems like it is a known issue that maven frequently sees connection reset / connection timeout during CI builds. We should workaround these issues like others did: - kiegroup/kie-wb-common#3416 Modifications: Add extra maven options during build to reduce the likelyness of timeouts / resets Result: More stable builds

Motivation: 0f25213 introduced some properties that were used to make builds more stable on the ci. All of these properties were duplicated everywhere, this made it hard to maintain Modifications: - Add profile which sets the properties. - Just use the profile when build on the ci Result: Easier to maintain custom properties for the ci build

@hyperxpro

Motivation: Netty lacks client side support for decompressing Brotli compressed response bodies. Modification: * Introduce optional dependency to brotli4j by @hyperxpro. It will be up to the user to provide the brotli4j libraries for the target platform in the classpath. brotli4j is currently available for Linux, OSX and Windows, all for x86 only. * Introduce BrotliDecoder in codec module * Plug it onto `HttpContentDecompressor` for HTTP/1 and `DelegatingDecompressorFrameListener` for HTTP/2 * Add test in `HttpContentDecoderTest` * Add `BrotliDecoderTest` that doesn't extend `AbstractDecoderTest` that looks flaky Result: Netty now support decompressing Brotli compressed response bodies.

Motivation: Mac OS specific DNS resolver fails to take into account search order of resolvers causing wrong resolver being used is some circumstances Modifications: Re-order array of resolvers using their sort order as an ordering key. Final order is opposite of the search order to make sure that resolver with the lower sort order goes last (so it overrides previous one in the `resolverMap`). Result: Fixes issue #11225

…rop (#11239) Motivation: `PlatformDependent#normalizedOs()` already caches normalized variant of the value of `os.name` system property. Instead of inconsistently normalizing it in every case, use the utility method. Modifications: - `PlatformDependent`: `isWindows0()` and `isOsx0()` use `NORMALIZED_OS`; - `PlatformDependent#normalizeOs(String)` define `darwin` as `osx`; - `OpenSsl#loadTcNative()` does not require `equalsIgnoreCase` bcz `os` is already normalized; - Epoll and KQueue: `Native#loadNativeLibrary()` use `normalizedOs()`; - Use consistent `Locale.US` for lower case conversion of `os.name`; - `MacOSDnsServerAddressStreamProvider#loadNativeLibrary()` uses `PlatformDependent.isOsx()`; Result: Consistent approach for `os.name` parsing.

Motivation: Conscrypt not correctly filters out non support TLS versions which may lead to test failures. Related to google/conscrypt#1013 Modifications: - Bump up to latest patch release - Add workaround Result: No more test failures caused by conscrypt

Motivation: TLSv1 and TLSv1.1 is considered insecure. Let's follow the JDK and disable these by default Modifications: - Disable TLSv1 and TLSv1.1 by default when using OpenSSL. - Add unit tests Result: Use only strong TLS versions by default when using OpenSSL

Motivation: We should use the same maven cache for all builds so we can re-use as much of the downloaded maven dependencies as possible Modifications: - Just use the same cache for all Result: Hopefully be able to re-use most of the dependencies

#11248) Motivation: We should setup the caching so it will be able to use different restore keys and so almost never need to start from scratch Modifications: Adjust caching config to make use of different restore keys for maven caching but also docker caching Result: Better cache usage

Motivation: When trying to compile with java16 we should use adopt@1.16* Modifications: - Use adopt@1.16.0-1- - Upgrade to blockhoud 1.0.6 to be able to support java16 Result: Use correct java version / flavor

Motivation: We had some println left in the test-classes. Modifications: Remove println usage Result: Cleanup

Motivation: We introduced the ability to offload certain operations to an executor that may take some time to complete. At the moment this is not enabled by default when using the openssl based SSL provider. Let's enable it by default as we have this support for some while now and didnt see any issues yet. This will also make things less confusing and more consistent with the JDK based provider. Modifications: Use true as default value for io.netty.handler.ssl.openssl.useTasks. Result: Offloading works with openssl based SSL provider as well by default

Motivation: Just use MAVEN_OPTS to setup all the timeouts etc for dependency downloads. This way we at least can be sure these are applied. Modifications: - Use MAVEN_OPTS - Remove ci profile - Remove unused settings.xml file - Always use ./mvnw Result: Build stability improvements

Motivation: `SelfSignedCertificate` creates a certificate and private key files and store them in a temporary directory. However, if the certificate uses a wildcard hostname that uses asterisk *, e.g. `*.shieldblaze.com`, it'll throw an error because * is not a valid character in the file system. Modification: Replace the asterisk with 'x' Result: Fixes #11240

…le's entries for a hostname (#11246) Motivation: DefaultHostsFileEntriesResolver should provide all hosts file's entries for a hostname when DnsNameResolver#resolveAll as opposed to the current implementation where only the first entry is taken into consideration Modification: - Add DefaultHostsFileEntriesResolver#addresses to provide all hosts file's entries for a hostname - Add HostsFileEntriesProvider to provide all hosts file's entries for a hostname and to keep backwards compatibility for HostsFileEntries and HostsFileParser - DnsNameResolver#resolveAll uses the new DefaultHostsFileEntriesResolver#addresses - BlockHound configuration: replace HostsFileParser#parse with HostsFileEntriesProvider$ParserImpl#parse as the latter does the parsing - Add junit tests Result: Fixes #10834

Motivation: There is a typo in the javadocs Modification: correct grammar mistakes Result: cleanup

Motivation: ParserImpl is stateless and so we can use the same instance multiple times Modifications: - Make constructor private - Return the same instance all the time Result: Less object creation

Motivation: After the release was done we need to also copy the apidocs and xref to the netty-website Modifications: Add script that does the copy etc Result: Less manual steps to remember

Motivation: The current initialization of Slf4JLoggerFactory is not singleton. Modification: Use Slf4JLoggerFactory.INSTANCE to initialize Slf4JLoggerFactory. Result: The instance of Slf4JLoggerFactory became a singleton.

Motivation: When changing the netty-all artifact to not include any sources we also removed the ability to generate the javadocs / xref files for our website Modifications: - Add new profile which will generate the files - Add script which generates all the files and copy these over to the netty-website Result: Easier to generate files for website

Motivation: Cannot load the native library for DNS resolutions on MacOS. The exception below is observed: 18:02:43.453 [Test worker] ERROR i.n.r.d.DnsServerAddressStreamProviders - Unable to load io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider, fallback to system defaults. This may result in incorrect DNS resolutions on MacOS. java.lang.reflect.InvocationTargetException: null at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at io.netty.resolver.dns.DnsServerAddressStreamProviders.<clinit>(DnsServerAddressStreamProviders.java:64) at io.netty.resolver.dns.DnsNameResolverBuilder.<init>(DnsNameResolverBuilder.java:60) at reactor.netty.transport.NameResolverProvider.newNameResolverGroup(NameResolverProvider.java:432) ... Caused by: java.lang.UnsatisfiedLinkError: io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider.resolvers()[Lio/netty/resolver/dns/macos/DnsResolver; at io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider.resolvers(Native Method) at io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider.retrieveCurrentMappings(MacOSDnsServerAddressStreamProvider.java:127) at io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider.<init>(MacOSDnsServerAddressStreamProvider.java:123) This is a regression made with #11239 Modification: When checking for OS, an exception must be thrown when the OS is not MacOS Result: The native library for DNS resolutions on MacOS can be loaded

Motivation: A user might want to handle a certain HTTP upgrade request differently than what `HttpServerUpgradeHandler` does by default. For example, a user could let `HttpServerUpgradeHandler` handle HTTP/2 upgrades but not WebSocket upgrades. Modifications: - Added `HttpServerUpgradeHandler.isUpgrade(HttpRequest)` so a user can tell `HttpServerUpgradeHandler` to pass the request as it is to the next handler. Result: - A user can handle a certain upgrade request specially.

Commits on May 2, 2021

Update java versions (#11217 )

normanmaurer committed May 2, 2021

Configuration menu

View commit details

Copy full SHA for 467dc29

Browse repository at this point

Copy the full SHA

467dc29 View commit details

Browse the repository at this point in the history

Pass through upgrade request #11266

Pass through upgrade request #11266

Commits on Nov 2, 2020

Commits on Nov 3, 2020

Commits on Nov 4, 2020

Commits on Nov 5, 2020

Commits on Nov 9, 2020

Commits on Nov 10, 2020

Commits on Nov 16, 2020

Commits on Nov 19, 2020

Commits on Nov 23, 2020

Commits on Nov 24, 2020

Commits on Nov 25, 2020

Commits on Nov 26, 2020

Commits on Nov 29, 2020

Commits on Dec 2, 2020

Commits on Dec 4, 2020

Commits on Dec 5, 2020

Commits on Dec 7, 2020

Commits on Dec 8, 2020

Commits on Dec 10, 2020

Commits on Dec 11, 2020

Commits on Dec 15, 2020

Commits on Dec 16, 2020

Commits on Dec 18, 2020

Commits on Dec 19, 2020

Commits on Dec 21, 2020

Commits on Dec 22, 2020

Commits on Dec 23, 2020

Commits on Dec 24, 2020

Commits on Dec 27, 2020

Commits on Jan 1, 2021

Commits on Jan 11, 2021

Commits on Jan 14, 2021

Commits on Jan 15, 2021

Commits on Jan 16, 2021

Commits on Jan 18, 2021

Commits on Jan 21, 2021

Commits on Jan 22, 2021

Commits on Jan 26, 2021

Commits on Jan 27, 2021

Commits on Jan 28, 2021

Commits on Jan 29, 2021

Commits on Feb 1, 2021

Commits on Feb 3, 2021

Commits on Feb 5, 2021

Commits on Feb 8, 2021

Commits on Feb 10, 2021

Commits on Feb 11, 2021

Commits on Feb 15, 2021

Commits on Feb 16, 2021

Commits on Feb 19, 2021

Commits on Feb 23, 2021

Commits on Feb 26, 2021

Commits on Feb 27, 2021

Commits on Feb 28, 2021

Commits on Mar 2, 2021

Commits on Mar 3, 2021

Commits on Mar 4, 2021

Commits on Mar 5, 2021

Commits on Mar 7, 2021

Commits on Mar 8, 2021

Commits on Mar 9, 2021

Commits on Mar 11, 2021

Commits on Mar 12, 2021

Commits on Mar 14, 2021

Commits on Mar 15, 2021

Commits on Mar 17, 2021

Commits on Mar 18, 2021

Commits on Mar 19, 2021

Commits on Mar 20, 2021

Commits on Mar 21, 2021

Commits on Mar 23, 2021

Commits on Mar 24, 2021

Commits on Mar 25, 2021

Commits on Mar 26, 2021

Commits on Mar 29, 2021

Commits on Mar 30, 2021

Commits on Apr 1, 2021

Commits on Apr 12, 2021