(maven-resolver) branch maven-resolver-1.9.x updated: [MRESOLVER-433] Config for expect/continue inhibition (#363) (#366)

Fri, 17 Nov 2023 03:16:44 -0800 

This is an automated email from the ASF dual-hosted git repository.

cstamas pushed a commit to branch maven-resolver-1.9.x
in repository https://gitbox.apache.org/repos/asf/maven-resolver.git


The following commit(s) were added to refs/heads/maven-resolver-1.9.x by this 
push:
     new 1de8710e [MRESOLVER-433] Config for expect/continue inhibition (#363) 
(#366)
1de8710e is described below

commit 1de8710e03acfaf1a7660a1ef9e2b2b54814e0c4
Author: Tamas Cservenak <ta...@cservenak.net>
AuthorDate: Fri Nov 17 12:13:22 2023 +0100

    [MRESOLVER-433] Config for expect/continue inhibition (#363) (#366)
    
    Add configuration to inhibit expect/continue handshake.
    
    ---
    
    https://issues.apache.org/jira/browse/MRESOLVER-433
    Backport of relevants parts from this commit: 
https://github.com/apache/maven-resolver/commit/178cfba9f3889f7e942a6a0d74716355b01a78f5
---
 .../org/eclipse/aether/ConfigurationProperties.java | 16 ++++++++++++++++
 .../aether/transport/http/HttpTransporter.java      |  9 +++++++++
 .../aether/transport/http/HttpTransporterTest.java  | 21 +++++++++++++++++++++
 src/site/markdown/configuration.md                  |  1 +
 4 files changed, 47 insertions(+)

diff --git 
a/maven-resolver-api/src/main/java/org/eclipse/aether/ConfigurationProperties.java
 
b/maven-resolver-api/src/main/java/org/eclipse/aether/ConfigurationProperties.java
index a5519514..6ef570ca 100644
--- 
a/maven-resolver-api/src/main/java/org/eclipse/aether/ConfigurationProperties.java
+++ 
b/maven-resolver-api/src/main/java/org/eclipse/aether/ConfigurationProperties.java
@@ -259,6 +259,22 @@ public final class ConfigurationProperties {
      */
     public static final int DEFAULT_HTTP_MAX_CONNECTIONS_PER_ROUTE = 50;
 
+    /**
+     * Boolean flag should the HTTP transport use expect-continue handshake 
for PUT requests. Not all transport support
+     * this option. This option may be needed for some broken HTTP servers.
+     *
+     * @see #DEFAULT_HTTP_EXPECT_CONTINUE
+     * @since 1.9.17
+     */
+    public static final String HTTP_EXPECT_CONTINUE = PREFIX_CONNECTOR + 
"http.expectContinue";
+
+    /**
+     * Default value if {@link #HTTP_EXPECT_CONTINUE} is not set: {@code true}.
+     *
+     * @since 1.9.17
+     */
+    public static final boolean DEFAULT_HTTP_EXPECT_CONTINUE = true;
+
     /**
      * The mode that sets HTTPS transport "security mode": to ignore any SSL 
errors (certificate validity checks,
      * hostname verification). The default value is {@link 
#HTTPS_SECURITY_MODE_DEFAULT}.
diff --git 
a/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java
 
b/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java
index 87020474..f6ed915f 100644
--- 
a/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java
+++ 
b/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java
@@ -323,6 +323,15 @@ final class HttpTransporter extends AbstractTransporter {
             builder.useSystemProperties();
         }
 
+        final boolean expectContinue = ConfigUtils.getBoolean(
+                session,
+                ConfigurationProperties.DEFAULT_HTTP_EXPECT_CONTINUE,
+                ConfigurationProperties.HTTP_EXPECT_CONTINUE + "." + 
repository.getId(),
+                ConfigurationProperties.HTTP_EXPECT_CONTINUE);
+        if (expectContinue != 
ConfigurationProperties.DEFAULT_HTTP_EXPECT_CONTINUE) {
+            state.setExpectContinue(expectContinue);
+        }
+
         final boolean reuseConnections = ConfigUtils.getBoolean(
                 session,
                 ConfigurationProperties.DEFAULT_HTTP_REUSE_CONNECTIONS,
diff --git 
a/maven-resolver-transport-http/src/test/java/org/eclipse/aether/transport/http/HttpTransporterTest.java
 
b/maven-resolver-transport-http/src/test/java/org/eclipse/aether/transport/http/HttpTransporterTest.java
index 597b3578..5c0de84a 100644
--- 
a/maven-resolver-transport-http/src/test/java/org/eclipse/aether/transport/http/HttpTransporterTest.java
+++ 
b/maven-resolver-transport-http/src/test/java/org/eclipse/aether/transport/http/HttpTransporterTest.java
@@ -728,6 +728,27 @@ public class HttpTransporterTest {
         assertEquals("upload", TestFileUtils.readString(new File(repoDir, 
"file.txt")));
     }
 
+    @Test
+    public void testPut_Authenticated_ExpectContinueDisabled() throws 
Exception {
+        
session.setConfigProperty(ConfigurationProperties.HTTP_EXPECT_CONTINUE, false);
+        httpServer.setAuthentication("testuser", "testpass");
+        httpServer.setExpectSupport(HttpServer.ExpectContinue.FAIL); // if 
transport tries Expect/Continue explode
+        auth = new AuthenticationBuilder()
+                .addUsername("testuser")
+                .addPassword("testpass")
+                .build();
+        newTransporter(httpServer.getHttpUrl());
+        RecordingTransportListener listener = new RecordingTransportListener();
+        PutTask task =
+                new 
PutTask(URI.create("repo/file.txt")).setListener(listener).setDataString("upload");
+        transporter.put(task);
+        assertEquals(0L, listener.dataOffset);
+        assertEquals(6L, listener.dataLength);
+        assertEquals(1, listener.startedCount); // w/ expectContinue enabled 
would have here 2
+        assertTrue("Count: " + listener.progressedCount, 
listener.progressedCount > 0);
+        assertEquals("upload", TestFileUtils.readString(new File(repoDir, 
"file.txt")));
+    }
+
     @Test
     public void 
testPut_Authenticated_ExpectContinueRejected_ExplicitlyConfiguredHeader() 
throws Exception {
         Map<String, String> headers = new HashMap<>();
diff --git a/src/site/markdown/configuration.md 
b/src/site/markdown/configuration.md
index fbee0a98..982fd1f7 100644
--- a/src/site/markdown/configuration.md
+++ b/src/site/markdown/configuration.md
@@ -38,6 +38,7 @@ Option | Type | Description | Default Value | Supports Repo 
ID Suffix
 `aether.connector.http.cacheState` | boolean | Flag indicating whether a 
memory-based cache is used for user tokens, connection managers, expect 
continue requests and authentication schemes. | `true` | no
 `aether.connector.http.connectionMaxTtl` | int | Total time to live in seconds 
for an HTTP connection, after that time, the connection will be dropped (no 
matter for how long it was idle). | `300` | yes
 `aether.connector.http.credentialEncoding` | String | The encoding/charset to 
use when exchanging credentials with HTTP servers. | `"ISO-8859-1"` | yes
+`aether.connector.http.expectContinue` | boolean | Whether to use 
expect/continue handshake during PUTs. Some broken HTTP servers needs this 
disabled. | `true` | yes
 `aether.connector.http.headers` | `Map<String, String>` | The request headers 
to use for HTTP-based repository connectors. The headers are specified using a 
map of strings mapping a header name to its value. The repository-specific 
headers map is supposed to be complete, i.e. is not merged with the general 
headers map. | - | yes
 `aether.connector.http.maxConnectionsPerRoute` | int | The maximum concurrent 
connections per route HTTP client is allowed to use. | `50` | yes
 `aether.connector.http.preemptiveAuth` | boolean | Should HTTP client use 
preemptive-authentication for all HTTP verbs (works only w/ BASIC). By default 
is disabled, as it is considered less secure. | `false` | yes

Reply via email to