Run manually for releases

Build: #14 did not start Manual run by daryl herzmann

Code commits

Showing 100 of 618 code changes

Openfire (master)

  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 61dcc00ea03bae15a3d8d211f9dbd4685b07866b

    test: implement use of TLSv1.3 and assertions for LocalIncomingServerSessionTest and LocalOutgoingServerSessionTest
    Also fixes LocalOutgoingServerSessionTest by removing a specific expected case

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalIncomingServerSessionTest.java (version 61dcc00ea03bae15a3d8d211f9dbd4685b07866b)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalOutgoingServerSessionTest.java (version 61dcc00ea03bae15a3d8d211f9dbd4685b07866b)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteInitiatingServerDummy.java (version 61dcc00ea03bae15a3d8d211f9dbd4685b07866b)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteReceivingServerDummy.java (version 61dcc00ea03bae15a3d8d211f9dbd4685b07866b)
  • Guus der Kinderen

    Guus der Kinderen 3b175fea665afcd584988222a42fe74670055525

    Improve SO_TIMEOUT for more stable S2S unit test execution
    TLS handshaking is resource intensive. Relax the SO_TIMEOUT value a bit, to prevent test failures in constraint environments.

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/AbstractRemoteServerDummy.java (version 3b175fea665afcd584988222a42fe74670055525)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteInitiatingServerDummy.java (version 3b175fea665afcd584988222a42fe74670055525)
  • Guus der Kinderen

    Guus der Kinderen 742e095ab3ea1f674e16c706fe9f2b2a0956aeef

    Attempt to fix build

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalIncomingServerSessionTest.java (version 742e095ab3ea1f674e16c706fe9f2b2a0956aeef)
  • Guus der Kinderen

    Guus der Kinderen 2520f217b84239110629b5bc58761141d1600f9a

    Optimize loop in RemoteInitiatingServerDummy

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteInitiatingServerDummy.java (version 2520f217b84239110629b5bc58761141d1600f9a)
  • Guus der Kinderen

    Guus der Kinderen ba1c2b0a8785de611ff8fcefe31b7abf64673560

    OF-2646: Disable database interaction when running unit tests
    When running unit tests, the database isn't available. Trying to interact with it eats up resources, logs errors and throws exceptions.

    With this commit, a flag is introduced that allows database interaction to be skipped when using JiveProperties.
    Additionally, a dummy connection provider is used to initialize DbConnectionManager

    • xmppserver/src/main/java/org/jivesoftware/util/JiveProperties.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/Fixtures.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/admin/AuthCheckFilterTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/admin/SiteMinderServletRequestAuthenticatorTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/SessionPacketRouterTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/admin/GroupBasedAdminProviderTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/cluster/ClusterMonitorTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/entitycaps/EntityCapabilitiesListenerTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/group/AbstractGroupProviderTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/group/DefaultGroupProviderTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/group/GroupManagerNoMockTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/group/GroupManagerTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalIncomingServerSessionTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalOutgoingServerSessionTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/openfire/user/UserManagerTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/util/LDAPTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
    • xmppserver/src/test/java/org/jivesoftware/util/SystemPropertyTest.java (version ba1c2b0a8785de611ff8fcefe31b7abf64673560)
  • Guus der Kinderen

    Guus der Kinderen 95b570fc0838fc7ac9d378b7a660e53386b41445

    OF-2611: Optimize runtime of server-to-server unit tests
    Remove a 'sleep' that delays the startup of the dummy Server Dialback acceptor. I'm unsure why the sleep is needed. Tests seem to run fine without it.

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteInitiatingServerDummy.java (version 95b570fc0838fc7ac9d378b7a660e53386b41445)
  • Guus der Kinderen

    Guus der Kinderen ea1233db0942162568069c7e4535d0d7d380af0e

    OF-2611: Optimize runtime of server-to-server unit tests
    When waiting gracefully to tear down the unit test fixture, a lot of time is spent. As the fixture isn't re-used anyway, force-closing things should not have any functional effect, but is a lot faster.

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteInitiatingServerDummy.java (version ea1233db0942162568069c7e4535d0d7d380af0e)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteReceivingServerDummy.java (version ea1233db0942162568069c7e4535d0d7d380af0e)
  • Guus der Kinderen

    Guus der Kinderen 52919dd7d2c3295c073f5b53a79a0a11bab40be8

    OF-2559: Make Netty graceful shutdown timeouts configurable
    When shutting down Netty executors gracefully, a default set of timeout durations is used. In this commit, these durations are made configurable.

    These properties are introduced:
    - xmpp.socket.netty.graceful-shutdown.quiet-period
    - xmpp.socket.netty.graceful-shutdown.timeout

    The server-to-server unit tests make use of this to shut down Netty quickly.

    • i18n/src/main/resources/openfire_i18n.properties (version 52919dd7d2c3295c073f5b53a79a0a11bab40be8)
    • i18n/src/main/resources/openfire_i18n_nl.properties (version 52919dd7d2c3295c073f5b53a79a0a11bab40be8)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version 52919dd7d2c3295c073f5b53a79a0a11bab40be8)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version 52919dd7d2c3295c073f5b53a79a0a11bab40be8)
    • xmppserver/src/test/java/org/jivesoftware/Fixtures.java (version 52919dd7d2c3295c073f5b53a79a0a11bab40be8)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalIncomingServerSessionTest.java (version 52919dd7d2c3295c073f5b53a79a0a11bab40be8)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalOutgoingServerSessionTest.java (version 52919dd7d2c3295c073f5b53a79a0a11bab40be8)
  • Guus der Kinderen

    Guus der Kinderen a6971e197c0998c4f4f0e65bce538d4dfeec22aa

    Optimize unit tests that use certificate chains
    Instead of re-generating certificate chains for each test, re-use a static set.

    As the chains are unmodified by the test implementation this is safe.

    Generation of certificate chains is very resource intensive. Re-using them saves a significant amount of system resources when running the test.

    • xmppserver/src/test/java/org/jivesoftware/openfire/keystore/CheckChainTrustedTest.java (version a6971e197c0998c4f4f0e65bce538d4dfeec22aa)
    • xmppserver/src/test/java/org/jivesoftware/openfire/keystore/OpenfireX509TrustManagerTest.java (version a6971e197c0998c4f4f0e65bce538d4dfeec22aa)
  • Guus der Kinderen

    Guus der Kinderen 0c85484f62b29e13b1049034453cea6a68354b0e

    OF-2559: Replacy busy-wait with Future callback
    This intends to improve performance of outbound server session connections (and the corresponding unit tests), by replacing a busy-wait loop (is it done? sleep. is it done? sleep.) with a callback.

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version 0c85484f62b29e13b1049034453cea6a68354b0e)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java (version 0c85484f62b29e13b1049034453cea6a68354b0e)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version 0c85484f62b29e13b1049034453cea6a68354b0e)
  • Guus der Kinderen

    Guus der Kinderen 04b4f9a7f87e9202b54e4df45b9f6730ff599a06

    OF-2642: Remove incorrect code to prevent XEP-0084
    This code aims to prevent PEP from being used to store avatars. The existing code will not prevent this, and should be removed.

    Potentially, it is to be replaced with something that integrates the avatar upload with the VCardManager, to facilitate conversions between the various avatar-based XEPs. See OF-2034

    • xmppserver/src/main/java/org/jivesoftware/openfire/pep/IQPEPHandler.java (version 04b4f9a7f87e9202b54e4df45b9f6730ff599a06)
  • Guus der Kinderen

    Guus der Kinderen 47a267315ef86e309e7577b44778f2037c3df919

    OF-1574: Delay certain stanzas for inactive clients
    When a client is marked as inactive by CSI, the changes in this commit allow unimportant stanzas to be queued, rather than delivered immediately.

    These changes are inspired by (but different from) Prosody's mod_csi_simple

    • i18n/src/main/resources/openfire_i18n.properties (version 47a267315ef86e309e7577b44778f2037c3df919)
    • i18n/src/main/resources/openfire_i18n_nl.properties (version 47a267315ef86e309e7577b44778f2037c3df919)
    • xmppserver/src/main/java/org/jivesoftware/openfire/csi/CsiManager.java (version 47a267315ef86e309e7577b44778f2037c3df919)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalClientSession.java (version 47a267315ef86e309e7577b44778f2037c3df919)
    • xmppserver/src/main/webapp/session-details.jsp (version 47a267315ef86e309e7577b44778f2037c3df919)
  • Guus der Kinderen

    Guus der Kinderen 0efc3a9315fd4a2de31cc11e7823d66c9f005b2e

    OF-1573: Add support for XEP-0352: Client State Indication
    With this commit:
    - the 'active' and 'inactive' commands of CSI are recognized by Openfire;
    - the feature is advertised to clients;
    - the current client state is displayed on the session details in the admin console;
    - sessions that are resumed through Stream Management are automatically activated.

    No actual optimizations have been implemented as of yet.

    The implementation is loosely based on the implementation of Stream Management.

    This new feature can be disabled by setting the property `xmpp.client.csi.enabled` to `false`

    • documentation/protocol-support.html (version 0efc3a9315fd4a2de31cc11e7823d66c9f005b2e)
    • i18n/src/main/resources/openfire_i18n.properties (version 0efc3a9315fd4a2de31cc11e7823d66c9f005b2e)
    • i18n/src/main/resources/openfire_i18n_nl.properties (version 0efc3a9315fd4a2de31cc11e7823d66c9f005b2e)
    • xmppserver/src/main/java/org/jivesoftware/openfire/csi/CsiManager.java (version 0efc3a9315fd4a2de31cc11e7823d66c9f005b2e)
    • xmppserver/src/main/java/org/jivesoftware/openfire/csi/package-info.java (version 0efc3a9315fd4a2de31cc11e7823d66c9f005b2e)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ClientStanzaHandler.java (version 0efc3a9315fd4a2de31cc11e7823d66c9f005b2e)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalClientSession.java (version 0efc3a9315fd4a2de31cc11e7823d66c9f005b2e)
    • xmppserver/src/main/java/org/jivesoftware/openfire/websocket/StreamManagementPacketRouter.java (version 0efc3a9315fd4a2de31cc11e7823d66c9f005b2e)
    • xmppserver/src/main/webapp/session-details.jsp (version 0efc3a9315fd4a2de31cc11e7823d66c9f005b2e)
  • Guus der Kinderen

    Guus der Kinderen a51dbbf4afe256272c4f6292e4516e2cfc56523c

    OF-2639: No longer require authzid for S2S SASL EXTERNAL
    In the old days, the 'from' attribute on a stream element was not present. This made providing an authorization identity during the SASL handshake a requirement (otherwise, you'd not know who you'd be talking to).

    Now that the 'from' attribute can be relied on to provide the identity of the peer, it does not need to be included in the SASL EXTERNAL handshake any longer.

    This commit drops this requirement, but adds a new property (`xmpp.auth.sasl.external.server.require-authzid`) that can re-introduce it.

    • i18n/src/main/resources/openfire_i18n.properties (version a51dbbf4afe256272c4f6292e4516e2cfc56523c)
    • i18n/src/main/resources/openfire_i18n_nl.properties (version a51dbbf4afe256272c4f6292e4516e2cfc56523c)
    • xmppserver/src/main/java/org/jivesoftware/openfire/sasl/ExternalServerSaslServer.java (version a51dbbf4afe256272c4f6292e4516e2cfc56523c)
  • Guus der Kinderen

    Guus der Kinderen 17ba27b27e3334ced16e41cd446bd847303d00ff

    OF-2559: Do not assume that all connections have established TLS
    This intends to guard against null pointer exceptions.

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version 17ba27b27e3334ced16e41cd446bd847303d00ff)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 87f5d15d552d7253de35cf347ad8cd32b02cfa0c

    fix: OF-1913 - reinit connection when transferring session, move stream tag processing code to initiateSession

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version 87f5d15d552d7253de35cf347ad8cd32b02cfa0c)
  • Guus der Kinderen

    Guus der Kinderen a92b532f5d2d12907bd54606ddcd945b82b63fbc

    Revert "OF-1913: Refactor incoming stanza processing"
    This reverts commit a0262b2e67b190e88679996aba7e7fcdc1dbce24.

    Unsure, why, but this breaks the unit tests. I'd like to retain the changes for a later review, but want to be able to merge the PR. Hence the revert, instead of a history rewrite to remove the commit.

    • xmppserver/src/main/java/org/jivesoftware/openfire/SessionManager.java (version a92b532f5d2d12907bd54606ddcd945b82b63fbc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerSocketReader.java (version a92b532f5d2d12907bd54606ddcd945b82b63fbc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version a92b532f5d2d12907bd54606ddcd945b82b63fbc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/server/ServerDialback.java (version a92b532f5d2d12907bd54606ddcd945b82b63fbc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version a92b532f5d2d12907bd54606ddcd945b82b63fbc)
  • Guus der Kinderen

    Guus der Kinderen a44afebb1ebc26dcbd7b6b31f051cd40a2e88ac9

    OF-1913: Refactor incoming stanza processing
    This splits up the session creation and initial data exchange for incoming server sessions.

    • xmppserver/src/main/java/org/jivesoftware/openfire/SessionManager.java (version a44afebb1ebc26dcbd7b6b31f051cd40a2e88ac9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerSocketReader.java (version a44afebb1ebc26dcbd7b6b31f051cd40a2e88ac9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version a44afebb1ebc26dcbd7b6b31f051cd40a2e88ac9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/server/ServerDialback.java (version a44afebb1ebc26dcbd7b6b31f051cd40a2e88ac9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version a44afebb1ebc26dcbd7b6b31f051cd40a2e88ac9)
  • Guus der Kinderen

    Guus der Kinderen ca17d495a515d25d2e2a67f3c0c3bfeded904543

    Fix merge mistake

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalIncomingServerSessionTest.java (version ca17d495a515d25d2e2a67f3c0c3bfeded904543)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteInitiatingServerDummy.java (version ca17d495a515d25d2e2a67f3c0c3bfeded904543)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 7330810e52f4c80b6d7a9067e4be5052f13c8f2c

    fix: OF-1913 - fix missing stream stanza attributes for S2S during stream negotiation.
    Adds a 'to' attribute and ensures a consistent 'from' attribute when a second stream stanza is sent following TLS negotiation / SASL negotiation / Compression negotiation.

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerSocketReader.java (version 7330810e52f4c80b6d7a9067e4be5052f13c8f2c)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StanzaHandler.java (version 7330810e52f4c80b6d7a9067e4be5052f13c8f2c)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 884d38192cb428590c0e0bd882d7912f4aa52a70

    fix: OF-1913 - remove StringBuilder capacity declaration

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version 884d38192cb428590c0e0bd882d7912f4aa52a70)
  • Guus der Kinderen

    Guus der Kinderen bbf86015dfe56439ab4ea8e56c0d4ba337580b94

    OF-1913: Add unit tests
    Add some unit tests that test most of the desired functionality defined in OF-1913 to the LocalIncomingServerSessionTest implementation.

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalIncomingServerSessionTest.java (version bbf86015dfe56439ab4ea8e56c0d4ba337580b94)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteInitiatingServerDummy.java (version bbf86015dfe56439ab4ea8e56c0d4ba337580b94)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 74493e5b5f5774be0dbc8c213cd901c35109cb9c

    fix: OF-1913 - use domain pair in StanzaHandler

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version 74493e5b5f5774be0dbc8c213cd901c35109cb9c)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version 74493e5b5f5774be0dbc8c213cd901c35109cb9c)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StanzaHandler.java (version 74493e5b5f5774be0dbc8c213cd901c35109cb9c)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version 74493e5b5f5774be0dbc8c213cd901c35109cb9c)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 55e3c761249cf5f7d908f3606c5b372690e52c17

    fix: OF-1913 - transfer session authentication method when new session created for existing connection

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version 55e3c761249cf5f7d908f3606c5b372690e52c17)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 31f9e4af7248ce4fb3a6a7e2960cf9856c50f232

    fix: OF-1913 - move server-to-server specific functionality out of StanzaHandler to ServerStanzaHandler

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version 31f9e4af7248ce4fb3a6a7e2960cf9856c50f232)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StanzaHandler.java (version 31f9e4af7248ce4fb3a6a7e2960cf9856c50f232)
  • Guus der Kinderen

    Guus der Kinderen 5cb88cc07fd39832fb6b95da0507f1719dea37a6

    OF-2559: Use Netty for LocalIncomingServerSessionTest
    Prior to this commit, the unit test for LocalIncomingServerSession used the old, pre-Netty code. With this commit, the Netty code is being used instead.

    Insteead of the old blocking code, the test now uses a (Netty-backed) ConnectionListener directly. To identify the LocalIncomingServderSession instance that is to be created, a streamID value is used, which is collected by the dummy server peer implementation for that purpose.

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionListener.java (version 5cb88cc07fd39832fb6b95da0507f1719dea37a6)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalIncomingServerSessionTest.java (version 5cb88cc07fd39832fb6b95da0507f1719dea37a6)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteInitiatingServerDummy.java (version 5cb88cc07fd39832fb6b95da0507f1719dea37a6)
  • Guus der Kinderen

    Guus der Kinderen e5d88660a5dc6a3c7059f272fca186dd15de372c

    OF-2559: Prevent race condition when testing Inbound S2S connection

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version e5d88660a5dc6a3c7059f272fca186dd15de372c)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteInitiatingServerDummy.java (version e5d88660a5dc6a3c7059f272fca186dd15de372c)
  • Guus der Kinderen

    Guus der Kinderen fdf7ae1f5561a665a1eaabdfcc0eed21a81b0578

    OF-2644: Do not use getters in Session#toString implementations
    This prevents stack overflow when the getters use the toString implementation (for example, for debug logging).

    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalClientSession.java (version fdf7ae1f5561a665a1eaabdfcc0eed21a81b0578)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalComponentSession.java (version fdf7ae1f5561a665a1eaabdfcc0eed21a81b0578)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalConnectionMultiplexerSession.java (version fdf7ae1f5561a665a1eaabdfcc0eed21a81b0578)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version fdf7ae1f5561a665a1eaabdfcc0eed21a81b0578)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version fdf7ae1f5561a665a1eaabdfcc0eed21a81b0578)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalServerSession.java (version fdf7ae1f5561a665a1eaabdfcc0eed21a81b0578)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalSession.java (version fdf7ae1f5561a665a1eaabdfcc0eed21a81b0578)
  • Guus der Kinderen

    Guus der Kinderen 95a791dc4884d2fca90819f00e9d5a2d71000f16

    OF-2559: Optimize LocalOutgoingServerSessionTest
    As the unit test is being executed on a local network connection, we can reduce the session initialise timeout considerably. This makes tests that depend on that timeout execute in 20% of the time, which is a considerable runtime improvement.

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalOutgoingServerSessionTest.java (version 95a791dc4884d2fca90819f00e9d5a2d71000f16)
  • Guus der Kinderen

    Guus der Kinderen a634d144d54addb0ed6f29bbbea27c08b4e954ae

    OF-2559: Prevent race condition when setting up Outbound S2S connection
    Make sure to set 'authenticated' only after the internal state of 'session' itself is updated, to avoid race conditions.

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version a634d144d54addb0ed6f29bbbea27c08b4e954ae)
  • Guus der Kinderen

    Guus der Kinderen ec38c1ca120878aace2aa2ecdfd1c009d1697acc

    OF-2559: Optimize LocalOutgoingServerSessionTest
    By re-using a ByteBuffer, instead of re-allocating a new byte[] for each read, the amount of memory allocations is changes from thousands of gigabytes to hundreds of megabytes.

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteReceivingServerDummy.java (version ec38c1ca120878aace2aa2ecdfd1c009d1697acc)
  • Guus der Kinderen

    Guus der Kinderen 56155752e232deef9149fa1f25b8f7eec65fbcb9

    OF-2559: Optimize LocalIncoming/OutgoingServerSessionTest
    By calculating a 'valid' identity store (with a 'valid' certificate), each test no longer needs to recompute these instances.

    Profiling indicates that this saves roughly 66% of the CPU time spent in the LocalIncomingServerSessionTest

    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalIncomingServerSessionTest.java (version 56155752e232deef9149fa1f25b8f7eec65fbcb9)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalOutgoingServerSessionTest.java (version 56155752e232deef9149fa1f25b8f7eec65fbcb9)
  • Alex Gidman <55888024+AlexGidman@users.noreply.github.com>

    Alex Gidman <55888024+AlexGidman@users.noreply.github.com> 2d67f65b958c2a0fefadf9af7d60f7424f4a78f3

    OF-2641 - Cannot establish S2S with conference subdomain (#2239)
    * fix: OF-2559 - cleanup Connection & session when channel unregistered to prevent NPE in session summary

    * fix: OF-2559 - add null check for connection close

    * fix: OF-2641 - do not validate host for S2S connections (restores previous behaviour)

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version 2d67f65b958c2a0fefadf9af7d60f7424f4a78f3)
  • Guus der Kinderen

    Guus der Kinderen 741acc71707009bd7d5539187a5b7bb7c7e808d9

    OF-2638: Firewall documentation improvements
    The firewall section of the install guide should make it clear that even though the admin console _can_ be exposed to the general internet, it should not be.

    By highlighting port numbers and using paragraphs per subject, the text becomes easier to consume.

    The old text discarded the DirectTLS ports. At some point in time, it was believed that these would be phased out. As that's not the case, they should be mentioned in the guide.

    • documentation/install-guide.html (version 741acc71707009bd7d5539187a5b7bb7c7e808d9)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 09963e7ca2f8268e89fd923a1c032d90c00a0e1a

    OF-2559: Fix server-session-details NPE (#2235)
    Previous fix missed two instances of the troublesome properties.

    JSP resolvers are unable to resolve default properties on interfaces. NPEs were caused by the failure to resolve the new default methods on the ServerSession interface (e.g.  `ServerSession#isUsingServerDialback()`)

    See this post for further details:

    https://stackoverflow.com/questions/35130290/property-not-found-on-type-when-using-interface-default-methods-in-jsp-el

    • xmppserver/src/main/webapp/server-session-details.jsp (version 09963e7ca2f8268e89fd923a1c032d90c00a0e1a)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> c50cdf8807b62f1dba14a54131f4a271d3afacdc

    Fix for Netty connection cleanup bug (#2233)
    * feat: add IdleState handling for outbound connections so that they are automatically closed when idle as with inbound connections

    * fix: implement correct maxIdleTime in NettyOutboundConnectionHandler

    * fix: NettyIdleStateKeepAliveHandler should call close on connection not the channel context.

    Closign the connection should cascade and close both session and Netty channel

    * feat: add IdleState handling for outbound connections so that they are automatically closed when idle as with inbound connections

    * fix: implement correct maxIdleTime in NettyOutboundConnectionHandler

    * fix: NettyIdleStateKeepAliveHandler should call close on connection not the channel context.

    Closign the connection should cascade and close both session and Netty channel

    * OF-2559: Comment to explain hard-coded startTls(false)

    * fix: OF-2559 - cleanup Connection & session when channel unregistered to prevent NPE in session summary

    * fix: OF-2559 - add null check for connection close

    * Fix server-session-details NPE

    JSP resolvers are unable to resolve default properties on interfaces. NPEs were caused by the failure to resolve the new default methods on the ServerSession interface (e.g.  `ServerSession#isUsingServerDialback()`)

    See this post for further details:

    https://stackoverflow.com/questions/35130290/property-not-found-on-type-when-using-interface-default-methods-in-jsp-el

    * fix: OF-2559 - fix for compression pipeline position

    * fix: OF-2559 - unique names for compression handlers

    ---------

    Co-authored-by: Alex Gidman <alex.gidman@surevine.com>

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version c50cdf8807b62f1dba14a54131f4a271d3afacdc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version c50cdf8807b62f1dba14a54131f4a271d3afacdc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyIdleStateKeepAliveHandler.java (version c50cdf8807b62f1dba14a54131f4a271d3afacdc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java (version c50cdf8807b62f1dba14a54131f4a271d3afacdc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version c50cdf8807b62f1dba14a54131f4a271d3afacdc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version c50cdf8807b62f1dba14a54131f4a271d3afacdc)
    • xmppserver/src/main/webapp/server-session-details.jsp (version c50cdf8807b62f1dba14a54131f4a271d3afacdc)
  • Guus der Kinderen

    Guus der Kinderen 5cd2521df2e9c96571d9c87fdf94bb30c2dffc11

    OF-2633: When S2S TLS is required, announce that
    When Openfire is configured to require TLS for S2S, the StartTLS feature that’s advertised should be marked as being “required”. It currently is only when Dialback is not available (making TLS needed for authentication purposes).

    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version 5cd2521df2e9c96571d9c87fdf94bb30c2dffc11)
  • Guus der Kinderen

    Guus der Kinderen ee5bd6d9888c004c0c563831215ec713c7ccd497

    OF-2559: When Inbound S2S session fails, return stream error
    This might have been a problem that existed in the code for a long time, but only popped up with the migration from MINA to Netty: that's when ServerStanzaHandler started to being used in anger.

    ServerStanzaHandler is invoked to create a session. The code more or less assumes that this always happens.

    When a session is not created, the code should inform the peer that something went wrong. Without that, the peer is left hanging.

    In this commit, any attempt to create a session that does not lead to a session being created results in a stream error to be returned to the peer, after which the connection is forcefully closed.

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StanzaHandler.java (version ee5bd6d9888c004c0c563831215ec713c7ccd497)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version ee5bd6d9888c004c0c563831215ec713c7ccd497)
  • Guus der Kinderen

    Guus der Kinderen abbe994f7e71728be87fa0b90445968052ed1a85

    OF-2559: Refactor EncryptionFactory
    A slight refactoring that takes away the need to perform a call that almost implicitly prepares a to-be-used lazy-loaded field.

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version abbe994f7e71728be87fa0b90445968052ed1a85)
  • Guus der Kinderen

    Guus der Kinderen 57e093076e52e11d6f18d8757e2f7e693bbac74f

    OF-2559: Netty SslContext should have Openfire's TrustManager
    Key and Trust material is used when creating an SSL context. Openfire provides custom implementations, that tie into its own keystores (the 'identity' and 'key' stores).

    In one of the new SslContext creation methods that are specific to Netty, Openfire's custom truststore was never added to the context that was being created. As a result, trust material that is configured to be used by Openfire was not. This problem might not always be apparent, as I believe that without explicit configuration, default Java trust material is used. There will be much overlap between generally accepted trust material in Openfire's keystores, and the defaults in Java.

    This commit adds Openfire's specific trust store to the SSL context that is going to be used by Netty.

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version 57e093076e52e11d6f18d8757e2f7e693bbac74f)
  • Guus der Kinderen

    Guus der Kinderen d0da3596f57809c45d1615a0d8c523cda05d4cb9

    OF-2624: Try to answer data forms in users' preferred language
    When a user is requesting a data form, try to localize the text in the form according to the user's preferred language.

    In this commit, the preferred language is being obtained from the session of a locally connected user. This will not work for federated users.

    As a fallback, the default langague as configured in Openfire is used (as is already the case prior to this commit).

    • i18n/src/main/resources/openfire_i18n.properties (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/PrivateStorage.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/SessionManager.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/commands/admin/GetServerStats.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/muc/spi/IQMUCRegisterHandler.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/muc/spi/IQOwnerHandler.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/muc/spi/MultiUserChatServiceImpl.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/pep/IQPEPHandler.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/pubsub/CollectionNode.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/pubsub/DefaultNodeConfiguration.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/pubsub/LeafNode.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/pubsub/Node.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/pubsub/NodeSubscription.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/pubsub/PendingSubscriptionsCommand.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/pubsub/PubSubEngine.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/pubsub/PubSubModule.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/java/org/jivesoftware/util/LocaleUtils.java (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
    • xmppserver/src/main/webapp/pubsub-node-edit.jsp (version d0da3596f57809c45d1615a0d8c523cda05d4cb9)
  • Guus der Kinderen

    Guus der Kinderen 5f135aa87bf6e2560b641a78d2b9ed7dce4f2b67

    Merge pull request #2220 from surevine/OF-2559_mina-to-netty
    OF-2559: Introduce Netty for S2S & C2S

  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 5e06b1e66a1d133290005a722cb7522a6e33a96f

    OF-2559 Prevent old ssl engine from using TLS 1.3
    The old implementation (still used by ServerDialback) is unable to negotiate a TLS 1.3 connection. Netty-based connections can use TLS 1.3.

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version 5e06b1e66a1d133290005a722cb7522a6e33a96f)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 0dbf6299a845af372fe16c0f62bc9ba2d1478173

    OF-2559 Pass netty events along pipeline
    Prior to this commit SSL Handshake events were not making it down the netty pipeline to our client connection handler (aka business logic handler). This meant that inbound connections were never set to encrypted=true causing the session to be abandoned when TLS was required.

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyIdleStateKeepAliveHandler.java (version 0dbf6299a845af372fe16c0f62bc9ba2d1478173)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 7c9f90d2f96628e0ee9cf5c54ff8257a4b5537b1

    OF-2559 Create new business logic handler for each session
    Prior to this commit handlers were being shared across all sessions. Now a new handler is instantiated per connection/session.

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version 7c9f90d2f96628e0ee9cf5c54ff8257a4b5537b1)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version 7c9f90d2f96628e0ee9cf5c54ff8257a4b5537b1)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyServerInitializer.java (version 7c9f90d2f96628e0ee9cf5c54ff8257a4b5537b1)
  • Guus der Kinderen

    Guus der Kinderen 381286dd3e423f7bf7e9a998d202b4501dc82b65

    OF-2559: Remove MINA artifacts from pom.xml

    • pom.xml (version 381286dd3e423f7bf7e9a998d202b4501dc82b65)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 1d10a99259c1bdab366e892de9249d6232e30f44

    Merge branch 'OF-2559_mina-to-netty' of https://github.com/surevine/Openfire into OF-2559_mina-to-netty
    # Conflicts:
    #        xmppserver/src/main/java/org/jivesoftware/openfire/net/VirtualConnection.java
    #        xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java

  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> e4dd9df113fa5afeef83e5fc3363107a04d26eb5

    fix: OF-2599 - remove generic type on connection

    • xmppserver/src/main/java/org/jivesoftware/openfire/Connection.java (version e4dd9df113fa5afeef83e5fc3363107a04d26eb5)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketConnection.java (version e4dd9df113fa5afeef83e5fc3363107a04d26eb5)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/VirtualConnection.java (version e4dd9df113fa5afeef83e5fc3363107a04d26eb5)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version e4dd9df113fa5afeef83e5fc3363107a04d26eb5)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalSession.java (version e4dd9df113fa5afeef83e5fc3363107a04d26eb5)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 8d8dd7f10a72c729df9e2b5c19a4c8c3a520e239

    OF-2559 WIP startTLS does not need to return

    • xmppserver/src/main/java/org/jivesoftware/openfire/Connection.java (version 8d8dd7f10a72c729df9e2b5c19a4c8c3a520e239)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketConnection.java (version 8d8dd7f10a72c729df9e2b5c19a4c8c3a520e239)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/VirtualConnection.java (version 8d8dd7f10a72c729df9e2b5c19a4c8c3a520e239)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version 8d8dd7f10a72c729df9e2b5c19a4c8c3a520e239)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalOutgoingServerSessionTest.java (version 8d8dd7f10a72c729df9e2b5c19a4c8c3a520e239)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> edec92b72045f23eb436af57a465a7888019b663

    fix: OF-2599 - switch SSLHandshakeException check to a CertificateException check

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java (version edec92b72045f23eb436af57a465a7888019b663)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> f591cc9121c706831f15e1f8bdb5b3035b816364

    chore: OF-2559 - remove unnecessary System.out statements

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version f591cc9121c706831f15e1f8bdb5b3035b816364)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteReceivingServerDummy.java (version f591cc9121c706831f15e1f8bdb5b3035b816364)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 681c496655bcc68fdd9a6c2d0df94f8a2d6c41ce

    fix: OF-2559 - re-implement strictCertificateValidation logic so that LocalOutboundServerSessionTest pass.
    Also add generic typing for Connection.starttls return type, some tidy up of comments and WIP code.

    • xmppserver/src/main/java/org/jivesoftware/openfire/Connection.java (version 681c496655bcc68fdd9a6c2d0df94f8a2d6c41ce)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketConnection.java (version 681c496655bcc68fdd9a6c2d0df94f8a2d6c41ce)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/VirtualConnection.java (version 681c496655bcc68fdd9a6c2d0df94f8a2d6c41ce)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version 681c496655bcc68fdd9a6c2d0df94f8a2d6c41ce)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java (version 681c496655bcc68fdd9a6c2d0df94f8a2d6c41ce)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalSession.java (version 681c496655bcc68fdd9a6c2d0df94f8a2d6c41ce)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalOutgoingServerSessionTest.java (version 681c496655bcc68fdd9a6c2d0df94f8a2d6c41ce)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> b3832d963476afa2eb5ec69aed37cec77987b70f

    OF-2559 WIP Fixed TLS negotiation
    By waiting for handshake to complete before attempting SASL

    • xmppserver/src/main/java/org/jivesoftware/openfire/Connection.java (version b3832d963476afa2eb5ec69aed37cec77987b70f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version b3832d963476afa2eb5ec69aed37cec77987b70f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketConnection.java (version b3832d963476afa2eb5ec69aed37cec77987b70f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/VirtualConnection.java (version b3832d963476afa2eb5ec69aed37cec77987b70f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version b3832d963476afa2eb5ec69aed37cec77987b70f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version b3832d963476afa2eb5ec69aed37cec77987b70f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java (version b3832d963476afa2eb5ec69aed37cec77987b70f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version b3832d963476afa2eb5ec69aed37cec77987b70f)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalOutgoingServerSessionTest.java (version b3832d963476afa2eb5ec69aed37cec77987b70f)
  • Guus der Kinderen

    Guus der Kinderen 2b95a74bbb4beb2112b86386fe4fea600c23f445

    OF-2632: Do not offer StartTLS when the identity store is empty
    When the identity store does not contain any certificates, inbound TLS will never be able to succeed. In such cases, lets not advertise the StartTLS feature.

    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalClientSession.java (version 2b95a74bbb4beb2112b86386fe4fea600c23f445)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalConnectionMultiplexerSession.java (version 2b95a74bbb4beb2112b86386fe4fea600c23f445)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version 2b95a74bbb4beb2112b86386fe4fea600c23f445)
  • Guus der Kinderen

    Guus der Kinderen 0cdd9ed438f250bcca56591b17f5618438c29e11

    Documentation: add Load Balancing Guide

    • documentation/index.html (version 0cdd9ed438f250bcca56591b17f5618438c29e11)
    • documentation/load-balancing.html (version 0cdd9ed438f250bcca56591b17f5618438c29e11)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> ce54590a01608d6d72c8ab94662434673c975a75

    feat: OF-2599 - Delete all MINA dependencies, references, and deprecated  implementations

    • xmppserver/pom.xml (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/SessionManager.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/multiplex/MultiplexerPacketDeliverer.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ComponentStanzaHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StalledSessionsFilter.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StartTlsFilter.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ClientConnectionHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ComponentConnectionHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ConnectionHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/MultiplexerConnectionHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NIOConnection.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyClientConnectionHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyComponentConnectionHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyMultiplexerConnectionHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyServerConnectionHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/OfflinePacketDeliverer.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMPPCodecFactory.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMPPDecoder.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMPPEncoder.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionListener.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionManagerImpl.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/LegacyConnectionAcceptor.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/MINAConnectionAcceptor.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/java/org/jivesoftware/openfire/websocket/WebSocketClientConnectionHandler.java (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/main/webapp/session-details.jsp (version ce54590a01608d6d72c8ab94662434673c975a75)
    • xmppserver/src/test/java/org/jivesoftware/openfire/nio/XMLLightweightParserTest.java (version ce54590a01608d6d72c8ab94662434673c975a75)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> b25f6bab518879d25548f3e7ddeb7c11c88f5958

    OF-2559 Ensure NioEventLoopGroup is closed for outbound S2S
    We were seeing resource limit issues (too many open files) when running Outgoing S2S tests. This was caused by the outbound session initialisation failing to clean up its NioEventLoopGroup in many scenarios.

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version b25f6bab518879d25548f3e7ddeb7c11c88f5958)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version b25f6bab518879d25548f3e7ddeb7c11c88f5958)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> c89095a1b10b6fdc48eeac1cd1ea834ee2b99b12

    feat: OF-2599 - add NettyComponentConnectionHandler to handle Component connections

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyComponentConnectionHandler.java (version c89095a1b10b6fdc48eeac1cd1ea834ee2b99b12)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandlerFactory.java (version c89095a1b10b6fdc48eeac1cd1ea834ee2b99b12)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionListener.java (version c89095a1b10b6fdc48eeac1cd1ea834ee2b99b12)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version c89095a1b10b6fdc48eeac1cd1ea834ee2b99b12)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> b43d30b9eddb766c7f1cd0af05fb2cccc54b12b0

    fix: OF-2599 - move NettyConnectionHandler creation to a factory method

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyClientConnectionHandler.java (version b43d30b9eddb766c7f1cd0af05fb2cccc54b12b0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandlerFactory.java (version b43d30b9eddb766c7f1cd0af05fb2cccc54b12b0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version b43d30b9eddb766c7f1cd0af05fb2cccc54b12b0)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> c095508e2ae75946334ad9402520c49d08607daf

    feat: OF-2599 - add NettyMultiplexerConnectionHandler to handle Mutiplexer connections
    We can now deprecate (and remove) all NIO components that were built using the Apache MINA framework

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ComponentConnectionHandler.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ConnectionHandler.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/MultiplexerConnectionHandler.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NIOConnection.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandlerFactory.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyMultiplexerConnectionHandler.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ServerConnectionHandler.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMPPCodecFactory.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMPPDecoder.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMPPEncoder.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionListener.java (version c095508e2ae75946334ad9402520c49d08607daf)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/MINAConnectionAcceptor.java (version c095508e2ae75946334ad9402520c49d08607daf)
  • Guus der Kinderen

    Guus der Kinderen 7e43ceeb068824891eff251eaf41c001433aa227

    Remove duplication of connection configuration
    The Connection interface defines methods to read the configuration of TLS and compression policies, even though these are also defined by the ConnectionConfiguration instance that is used to create the connection.

    It is undesirable to have the configuration of a connection be defined in various places, or be modified after the original connection has been applied.

    This commit removes the duplication, and ensures that connection configuration is applied as soon as the instance is created.

    As a side-effect, this solves an issue with the new Netty code, that never explicitly sets the tlsPolicy on the connection.

    The single functional aspect of the separation of tlsPolicy between connection and configuration (prior to this change) was the following: the state of the connection-tlsPolicy was used to implicitly define if a session was initialized (this was used to close a connection that was sending unencrypted data, when its configuration required encryption). This commit replaces that implicit defintion by a new, explicit 'isInitialized` method on the Connection interface.

    • xmppserver/src/main/java/org/jivesoftware/openfire/Connection.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketConnection.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketReader.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketReadingMode.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StanzaHandler.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/VirtualConnection.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NIOConnection.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/server/ServerDialback.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalClientSession.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalConnectionMultiplexerSession.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version 7e43ceeb068824891eff251eaf41c001433aa227)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 20ac715dcf7f3d4ec78789651df52ffc8a9c9efc

    OF-2559 Faster fallback to Dialback
    Rather than wait for the Netty-based session to timeout (default 5s) before attempting dialback auth this commit moves the fallback dialback code into Netty-land by listening for `SslHandshakeCompletionEvent`.

    There's more refactoring required, I dislike the state leaking through the stanza handler - there is perhaps a need for a connection/session that wraps the netty connection. This concept might already exist but can't quite get my head around it yet.

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version 20ac715dcf7f3d4ec78789651df52ffc8a9c9efc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java (version 20ac715dcf7f3d4ec78789651df52ffc8a9c9efc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version 20ac715dcf7f3d4ec78789651df52ffc8a9c9efc)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version 20ac715dcf7f3d4ec78789651df52ffc8a9c9efc)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 3f4b065a6b764a16f2e94b82b4af1d8893c42e89

    feat: OF-2599 - add stats updates on Netty channel read and write operations

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version 3f4b065a6b764a16f2e94b82b4af1d8893c42e89)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version 3f4b065a6b764a16f2e94b82b4af1d8893c42e89)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyServerInitializer.java (version 3f4b065a6b764a16f2e94b82b4af1d8893c42e89)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 987eb52be777661c9b8e001f42e43f9aaf78375d

    OF-2559 Remove HTML tags in comments

    • xmppserver/src/main/java/org/jivesoftware/admin/PluginFilter.java (version 987eb52be777661c9b8e001f42e43f9aaf78375d)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version 987eb52be777661c9b8e001f42e43f9aaf78375d)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version 987eb52be777661c9b8e001f42e43f9aaf78375d)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 2066e829f78224e1d246f3167ecd05368b420c03

    OF-2559 Improved comments

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version 2066e829f78224e1d246f3167ecd05368b420c03)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> d28136c32afee3d9a45d91d18112fba6516e0ec2

    OF-2559 Tidy up comments

    • xmppserver/src/main/java/org/jivesoftware/admin/PluginFilter.java (version d28136c32afee3d9a45d91d18112fba6516e0ec2)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version d28136c32afee3d9a45d91d18112fba6516e0ec2)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketUtil.java (version d28136c32afee3d9a45d91d18112fba6516e0ec2)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StanzaHandler.java (version d28136c32afee3d9a45d91d18112fba6516e0ec2)
    • xmppserver/src/main/java/org/jivesoftware/openfire/server/OutgoingSessionPromise.java (version d28136c32afee3d9a45d91d18112fba6516e0ec2)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 394c0909308b49d265eeb1bcba36443006e3bbc9

    OF-2559 - Direct TLS on Netty inbound and outbound S2S

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ServerConnectionHandler.java (version 394c0909308b49d265eeb1bcba36443006e3bbc9)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version 394c0909308b49d265eeb1bcba36443006e3bbc9)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 545fc8c528caaf9e9653dc191ea7b23941c3348a

    OF-2559 S2S outbound with Netty
    TLS 1.2 & 1.3 working with S2S

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StanzaHandler.java (version 545fc8c528caaf9e9653dc191ea7b23941c3348a)
    • xmppserver/src/main/java/org/jivesoftware/openfire/server/OutgoingSessionPromise.java (version 545fc8c528caaf9e9653dc191ea7b23941c3348a)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version 545fc8c528caaf9e9653dc191ea7b23941c3348a)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> e56b34c6950ee9bb19dcd0da5a3ba31200292105

    OF-2559 Added TLS handler for inbound netty connections
    Tested with non-netty outbound server to a netty-based inbound, so using TLS 1.2 as restricted by outbound capabilities until we pull netty through into outbound connection.

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version e56b34c6950ee9bb19dcd0da5a3ba31200292105)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 9385d9ea2acaac37fa315c6c1a126bdaddd9464a

    OF-2559 Implement Netty inbound connection handlers
    Replace CopyOnWriteMap from MINA; migrating to netty so replacing MINA utility with something similar.

    Remove MINA-specific stat collector; migrating to netty so removing MINA specific stat collector. For netty we might look to the following in the future to implement a netty-specific stats collector:

     - https://netty.io/4.0/api/io/netty/handler/ssl/OpenSslSessionStats.html
     - https://netty.io/4.0/api/io/netty/handler/traffic/package-summary.html

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketUtil.java (version 9385d9ea2acaac37fa315c6c1a126bdaddd9464a)
    • xmppserver/src/main/java/org/jivesoftware/openfire/server/OutgoingSessionPromise.java (version 9385d9ea2acaac37fa315c6c1a126bdaddd9464a)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version 9385d9ea2acaac37fa315c6c1a126bdaddd9464a)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 444836cb8bd8583368a5bb18c94d9a7e4624aa29

    OF-2559 WIP after tests merge

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version 444836cb8bd8583368a5bb18c94d9a7e4624aa29)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java (version 444836cb8bd8583368a5bb18c94d9a7e4624aa29)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version 444836cb8bd8583368a5bb18c94d9a7e4624aa29)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version 444836cb8bd8583368a5bb18c94d9a7e4624aa29)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalOutgoingServerSessionTest.java (version 444836cb8bd8583368a5bb18c94d9a7e4624aa29)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/RemoteReceivingServerDummy.java (version 444836cb8bd8583368a5bb18c94d9a7e4624aa29)
  • Guus der Kinderen

    Guus der Kinderen 70294c641c805ae6cbf361d084200b05f508c2e6

    OF-2611: Add unit tests for outbound server session (#2165)
    * OF-2611: Refactor PKIX unit tests

    Adjusts unit tests and their utility methods that test functionality around TLS certificates:
    - Key size and algorithm, as well as the signature algorithm are now based on constants (allows for them to be changed faster)
    - Utilities that generate a certificate(chain) now return a holder object that returns both the certificate(chain) as well as the keypair that they were generated from.
    - Added more extensions to generated certifiates for them to represent certificates used in the wild better.
    - Additional methods to generate various certificate chains (eg: ones that will generate a chain with an expired intermediate certificate).

    These improvements facilitate future unit test development (which will be added in the next few commits)

    * OF-2611: (Draft) unit test for outbound server session

    * Workaround for OF-2592

    * fix: remove wrong cert name, invalid intermediate and root certificates from tests and RemoteServerDummy

    * RemoteServerDummy config option: disable dialback feature

    The dummy class used to represent a remote server when testing outbound S2S connections can now be configured to avoid supporting the Dialback authentication mechanism.

    * RemoteServerDummy config option: disable TLS feature

    The dummy class used to represent a remote server when testing outbound S2S connections can now be configured to avoid supporting the TLS encryption and authentication mechanism.

    * RemoteServerDummy should offer Dialback when not authenticated

    Instead of offering Dialback when there's no TLS encryption, the RemoteServerDummy test tool should offer Dialback whenever the peer is not authenticated.

    * fix: remove self signed cert test

    * feat: add Junit 4 parameterised test

    * OF-2611: Add parameterized local outgoing server session test

    This commit takes the individual unit tests from the pre-exising LocalOutgoingServerSessionTest, and turns them into one parameterized test. Of this test, the server config (both from the local and remote server) are the arguments.

    * OF-2611: Modify LocalOutgoingServerSessionTest to use a locally invalid certificate

    To test outbound connections, the test has been modified to be able to send an invalid (expired) certificate. The dummy server responds to this by rejecting it.

    * OF-2611: LocalOutBoundServerSessionTest's dummy peer should support an optional TLS policy

    Previous to this commit, the dummy used for the test could support or disable TLS. For some tests, optional support is desirable. That's added by this commit.

    * OF-2611: RemoteServerDummy should not allow Dialback when TLS is required, but missing

    If TLS is required, but not established, the RemoteServerDummy should not allow Dialback authentication (as authentication must follow encryption).

    * OF-2611: LocalOutgoingServerSessionParameterizedTest's 'invalid' cert should really be invalid

    This bumps up a 'sleep' to help ensure that a recently generated cert is expired.

    I do not like this approach. It's based on timing, which does is a brittle (and slow) approach.

    * OF-2611: RemoteServerDummy should do basic SASL EXTERNAL checking

    When testing TLS authentication, RemoteServerDummy should do some basic checking of the provided certificates, instead of blindly accepting everything.

    * fix: add certificate validation to RemoteServerDummy

    * chore: delete Junit4 parameterised tests

    * test: add invalid certificate and private key to test fixtures

    * fix: remove possible leaking state between tests, change invalid local server certificate implementation

    * fix: increase numeric replication in parameterised tests

    * test: ignore original attempt at outgoing session tests

    * feat: add strictCertificateValidation option to admin console and connection settings

    * fix: fix 8 outgoing server tests that setup a plain dialback connection when it should make no connection

    * chore: delete old test file

    * fix: make checkbox render only on s2s page and not the c2s page

    * Allow Remote test dummy to deal with missing certs

    Relax client authentication rules in the Remote dummy to just indicate that we would like to authenticate the client, but if client certificates are self-signed or have no certificate chain then we are still good

    * test: WIP - add parameterised test for incoming server session

    * fix: log message more accurate when SSLHandshakeException thrown with strictCertificateValidation enabled

    * chore: add to javadocs

    * chore: add javadocs for strictCertificateValidation methods

    * chore: change names of test fixtures

    * OF-2611: Scaffolding for LocalIncomingServerSessionTest

    This refactors the existing _outgoing_ server session test, to reuse some of its implementation for an _inbound_ test.

    An initial inbound test class has been added, which is far from functional

    * OF-2611: Renamed LocalOutgoingServerSessionParameterizedTest -> LocalOutgoingServerSessionTest

    * OF-2611: Phase out ServerSettings.EncryptionPolicy

    EncryptionPolicy was created for unit tests. It duplicates Connection.TLSPolicy. Use the latter instead.

    * OF-2611: Re-enable all LocalIncomingServerSession unit tests

    This reverts a temporary limitation used during development.

    * OF-2611: LocalIncomingServerSession unit test should wait until 'done'.

    Prior to this commit, the unit test for an inbound server session waited for a certain period of time, assuming that the test had run by that time.

    In this commit, a structure is introduced that allows the test to explicitly flag the 'done' status. This should improve the time it takes to execute tests.

    * OF-2611: LocalIncomingServerSession unit test: define a session that's not authenticated as 'no connection'

    Due to the nature of this test, it's possible for Openfire to keep open a session, while the local test has deduced that it cannot continue. Although the session is not 'null', it still isn't properly set-up.

    This commit allows a session that is established, but NOT authenticated to pass the 'NO CONNECTION' definition.

    * OF-2611: Prevent NPE in LocalInboundServerSession unit test

    Prevent null pointers when interacting with a dialback handler that never was initialized.

    * OF-2611: LocalIncomingServerSession unit test should wait until 'done'.

    Removes a hack that was used to work-around the missing 'done' check.

    This commit can be fixed-up with the commit that introduces this behavior (~3 commits prior to this one).

    * OF-2611: Make unit test configuration repeat in the same order.

    * OF-2622: Do not accept inbound Server Dialback when disabled

    If the Server Dialback feature is disabled, Openfire should not allow peers to authenticate with that authentication mechanism.

    Additionally, Openfire should not define the corresponding XML namespace when the feature is disabled, as other servers might use that to determine support.

    * OF-2611: Improve XML parsing

    This change allows for a root element with child elements to be parsed. Note that an XML snippet that contains several elements (without a shared root) still can't be parsed.

    * OF-2611: Add TLS support to LocalIncomingServerSessionTest

    This adds support for encryption and SASL EXTERNAL to the incoming unit tests for S2S.

    With these changes, 4 of out of the 324 still fail. I'm unsure if this is caused by a faulty test, or bug in the system under test.

    * OF-2611: Speed up test execution by reducing SO_TIMEOUT

    By reducing the socket timeout, the S2S unit test execute a lot faster.

    There's likely a balance between a low timeout value, and introducing timing-related issues. This value might require some tweaking.

    * test : fix null pointer exception for missing certificate state

    * OF-2611: Refactor Incoming/Outgoing S2S unit tests for performance

    The Incoming- and OutgoingServerSessionTest implementations depend heavily on 'mock' server implementations. During the tests, these mocks act as the peer/remote XMPP domain.

    The test implementation is based on establishing TCP socket connections. As there are many tests that are being executed, the socket timeouts should be kept low. This improves the test execution time.

    This commit refactors how the dummy implementation works with socket timeouts. Notably:
    - improve explicit shutdown of sockets/executors to improve throughput
    - temporarily bump up the allowed timeouts when Server Dialback is used. Server Dialback depends on a second socket, during which interaction on the first socket is paused.

    * OF-2611: Reduce socket timeout for S2S unit tests

    By reducing the socket timeout, test execution duration improves.

    * OF-2611: Optimize S2S unit test for CPU usage

    Generating certificates is expensive. For performance, it's best to generate each set once, and then reuse those during the execution of the tests.

    This removes about 70% of the CPU usage during test execution. Locally, the duration of test execution dropped to about 60% of the original duration.

    * Github CI flow: expose junit reports

    * OF-2611: Tweak S2S unit test output

    As these unit tests are parameterized, it's not always straightforward what configuration was used in a failed test. This commit prints the configuration to std-out to make that more clear.

    * OF-2611: Refactor unit test helper method

    ServerSettings' constructor arguments should match the toString output for convenience.

    * OF-2626: Fix Server Dialback race condition

    Openfire should not report Server Dialback results back to the remote server, before the results have been locally stored.

    This prevents a race condition in which a remote server starts sending data, before the local server is aware that the remote has finished authentication.

    * OF-2611: Adjust S2S Unit tests for OF-2626 (Dialback race)

    * Fix references to RFC6120

    * OF-2611: Ensure that strict-certificate setting always prevents dialback

    Depending on the exception that causes TLS to fail, dialback could still happen. With this change, Dialback won't happen if TLS failed.

    * OF-2611: Prevent NPEs when running tests that involves having no certs

    * OF-2611: Improved logging of S2S unit tests

    * OF-2611: More explicitly link 'strict cert verification' to cert status

    Previously, 'strict verification' would be applied to any TLS failure. It should be applied to certificate validation failures only.

    * OF-2611: Improve S2S unit test

    When the mock server doesn't have PKIX material, that shouldn't be reason to tell the peer that TLS (will) fail.

    Instead, the purpose of the test is to _see_ this fail. Thus, with this change, the peer is motivated to try (and fail).

    * OF-2611: S2S Outgoing Server Session unit test, add exemption

    In a very specific configuration of settings, a connection attempt must fail. However, the system under test can be expected to retry the connection immediately, with another configuration that's permissable under the unit test settings.

    * OF-2611: Remove unused defintion.

    * OF-2611: Introduce flag to disable logging to std-out

    * OF-2611: S2S unit test should print configuration

    Not all test-runners easily identify the parameters that are used to run each test iteration. Those that do not, typically show a number. By outputting the numbered arguments, they can be cross-referenced with any failed test case.

    * OF-2611: Add context to StreamError when no message is provided.

    * OF-2611: When Dialback fails, close the connection

    * OF-2611: Add copyright header

    * OF-2611: Modified copyright header

    This code was ported from a short-lived project in my personal repositories, hence the copyright definition.

    * OF-2611: Generically add references to specifications for ExpectedOutcome

    * OF-2611: S2S Unit test: clean up TODOs, add spec references

    This adds references to RFCs in the ExpectedOutcome calculation, and removes some of the TODO statements in that class.

    Most of the TODOs are 'resolved' by adding a 'strictCertificateValidation' setting in the calculation. This is used to choose between the multiple possible outcomes that were in the 'TODO'.

    Note taht the strictCertificateValidation setting is hardcoded in all tests. The current implementation makes it hard to configure different values for the initiating and receiving entities. Also, they would add to an already long list of tests.

    * OF-2611: Clean up test teardown

    * OF-2611: Additional null-check

    * Revert "Workaround for OF-2592"

    This reverts commit 0445be69f2213acfb03f6894272f28f7c0cbe4e5.

    * OF-2611: Additional additional null-check

    ---------

    Co-authored-by: Alex Gidman <alex.gidman@surevine.com>
    Co-authored-by: Matthew Vivian <matthew.vivian@surevine.com>
    Co-authored-by: Dan Caseley <dan@caseley.me.uk>

    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version 70294c641c805ae6cbf361d084200b05f508c2e6)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version 70294c641c805ae6cbf361d084200b05f508c2e6)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 08fe9cf67d5677aaf7154403b439f78a7c10069a

    OF-2559 Fixed minor typo

    • i18n/src/main/resources/openfire_i18n.properties (version 08fe9cf67d5677aaf7154403b439f78a7c10069a)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> cdac49652e6bb2cb55ad6c331f3f0676e49689d6

    OF-2559 Remove HTML tags in comments

    • xmppserver/src/main/java/org/jivesoftware/admin/PluginFilter.java (version cdac49652e6bb2cb55ad6c331f3f0676e49689d6)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 8223d5e12a7ca95ff472d09f23f220a7c57848eb

    OF-2559 Netty ConnectionAcceptor reconfigure logic
    Reconfigures the Netty-based ConnectionAcceptor after changes to the SSL configuration (e.g. certificate updates). Logic ported to match `MINAConnectionAcceptor.reconfigure()`.

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version 8223d5e12a7ca95ff472d09f23f220a7c57848eb)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version 8223d5e12a7ca95ff472d09f23f220a7c57848eb)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyServerInitializer.java (version 8223d5e12a7ca95ff472d09f23f220a7c57848eb)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> b8c4554177b01edb0c4789a2ee01292da726e8a7

    fix: OF-2559 - rename clientConnection boolean as isClientConnection for clarity.

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyServerInitializer.java (version b8c4554177b01edb0c4789a2ee01292da726e8a7)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 30237c627240c7baf6b98dea3fe01a3265be2a5f

    feat: OF-2559 - implement handling for idle states in inbound C2S and S2S connections
    Adds IdleStateHandler and NettyIdleStateKeepAliveHandler to the NettyServerInitializer pipeline code. If an inbound session idles Openfire will either send a ping to keep the connection alive, or close the connection.

    • i18n/src/main/resources/openfire_i18n.properties (version 30237c627240c7baf6b98dea3fe01a3265be2a5f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyClientConnectionHandler.java (version 30237c627240c7baf6b98dea3fe01a3265be2a5f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version 30237c627240c7baf6b98dea3fe01a3265be2a5f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyIdleStateKeepAliveHandler.java (version 30237c627240c7baf6b98dea3fe01a3265be2a5f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java (version 30237c627240c7baf6b98dea3fe01a3265be2a5f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyServerConnectionHandler.java (version 30237c627240c7baf6b98dea3fe01a3265be2a5f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/ConnectionSettings.java (version 30237c627240c7baf6b98dea3fe01a3265be2a5f)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyServerInitializer.java (version 30237c627240c7baf6b98dea3fe01a3265be2a5f)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> e186bc52c6a830b2920920a6240a76a1758f2a9a

    feat: OF-2559 - surface session initialise timeout to a system property

    • i18n/src/main/resources/openfire_i18n.properties (version e186bc52c6a830b2920920a6240a76a1758f2a9a)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version e186bc52c6a830b2920920a6240a76a1758f2a9a)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 31c1b239a9d99dc74fbe4dddd7c765940b9c295d

    OF-2559 Refactor to remove unused code following Netty migration

    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version 31c1b239a9d99dc74fbe4dddd7c765940b9c295d)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 04ecba7ded7bb8f6ef36d86c9a799d72ca0fb287

    OF-2559 Netty is always used for S2S and C2S
    Explicitly show this by removing the Mina-based implementations from the ConnectionAcceptor.

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/MINAConnectionAcceptor.java (version 04ecba7ded7bb8f6ef36d86c9a799d72ca0fb287)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> ad3c115a217db1d3b59cef77045363ef6f9fe1ca

    OF-2559 Improved comments

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version ad3c115a217db1d3b59cef77045363ef6f9fe1ca)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version ad3c115a217db1d3b59cef77045363ef6f9fe1ca)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version ad3c115a217db1d3b59cef77045363ef6f9fe1ca)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyServerConnectionHandler.java (version ad3c115a217db1d3b59cef77045363ef6f9fe1ca)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version ad3c115a217db1d3b59cef77045363ef6f9fe1ca)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version ad3c115a217db1d3b59cef77045363ef6f9fe1ca)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 4ee6a3971f8ab7ea6f0a2b53d8beabdedb9ff481

    OF-2559 Removed unused connection handler
    Was part of an incomplete migration to Mina.

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ServerConnectionHandler.java (version 4ee6a3971f8ab7ea6f0a2b53d8beabdedb9ff481)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> e71831c14f5415edd9f8a2c37d3f28a73a38b04f

    OF-2559 Deprecate Mina-based ClientConnectionHandler
    We are moving to Netty.

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ClientConnectionHandler.java (version e71831c14f5415edd9f8a2c37d3f28a73a38b04f)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 3f6241fffa9394b0b379d3d699d5496e3f416832

    OF-2559 Tidy up, removed unused properties

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version 3f6241fffa9394b0b379d3d699d5496e3f416832)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> fe819fb3d5af1bf0fa12fb0bb1a492271f4a4ac5

    OF-2559 Refactor: Log to application log

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version fe819fb3d5af1bf0fa12fb0bb1a492271f4a4ac5)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version fe819fb3d5af1bf0fa12fb0bb1a492271f4a4ac5)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyServerConnectionHandler.java (version fe819fb3d5af1bf0fa12fb0bb1a492271f4a4ac5)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version fe819fb3d5af1bf0fa12fb0bb1a492271f4a4ac5)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version fe819fb3d5af1bf0fa12fb0bb1a492271f4a4ac5)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> cc177aa292610bc7352cccc1af70a5094460c455

    OF-2559 Refactor: extracted isDirectTLS method

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version cc177aa292610bc7352cccc1af70a5094460c455)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> dec32a3dba17b05f2a9fc80143bc3518ce9d9584

    OF-2559 Tidy up comments

    • xmppserver/src/main/java/org/jivesoftware/admin/PluginFilter.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketConnection.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketUtil.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StanzaHandler.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ConnectionHandler.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyClientConnectionHandler.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyServerConnectionHandler.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyXMPPDecoder.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ServerConnectionHandler.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMLLightweightParser.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMPPDecoder.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/server/OutgoingSessionPromise.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionListener.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version dec32a3dba17b05f2a9fc80143bc3518ce9d9584)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> ee5bd079a2e5d9ba6d14714b6b0adab0054f74a5

    OF-2559 Remove temporary long timeout
    Increased time allowed dialback DNS lookup to timeout and enabled us to debug deeper into the flow.

    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version ee5bd079a2e5d9ba6d14714b6b0adab0054f74a5)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> c52100fb51bf82ca5e2705ddbb6711224d769593

    OF-2559 Refactor to remove duplication

    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version c52100fb51bf82ca5e2705ddbb6711224d769593)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> c8a2ba24635052545a4afc04f1feb7b8a7d75078

    OF-2559 - Direct TLS on Netty inbound and outbound S2S

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version c8a2ba24635052545a4afc04f1feb7b8a7d75078)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version c8a2ba24635052545a4afc04f1feb7b8a7d75078)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version c8a2ba24635052545a4afc04f1feb7b8a7d75078)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyServerConnectionHandler.java (version c8a2ba24635052545a4afc04f1feb7b8a7d75078)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version c8a2ba24635052545a4afc04f1feb7b8a7d75078)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ServerConnectionHandler.java (version c8a2ba24635052545a4afc04f1feb7b8a7d75078)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version c8a2ba24635052545a4afc04f1feb7b8a7d75078)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version c8a2ba24635052545a4afc04f1feb7b8a7d75078)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version c8a2ba24635052545a4afc04f1feb7b8a7d75078)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyServerInitializer.java (version c8a2ba24635052545a4afc04f1feb7b8a7d75078)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 48c9599779c241ba478e775ef8bf814aea8616c0

    OF-2559 S2S outbound with Netty
    TLS 1.2 & 1.3 working with S2S

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketConnection.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StanzaHandler.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyOutboundConnectionHandler.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyServerConnectionHandler.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettySessionInitializer.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/server/OutgoingSessionPromise.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/server/ServerDialback.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/RoutingTableImpl.java (version 48c9599779c241ba478e775ef8bf814aea8616c0)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 1650fe5003edfcf70de4df91a41763f527faa675

    OF-2559 Added TLS handler for inbound netty connections
    Tested with non-netty outbound server to a netty-based inbound, so using TLS 1.2 as restricted by outbound capabilities until we pull netty through into outbound connection.

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version 1650fe5003edfcf70de4df91a41763f527faa675)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/StanzaHandler.java (version 1650fe5003edfcf70de4df91a41763f527faa675)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version 1650fe5003edfcf70de4df91a41763f527faa675)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version 1650fe5003edfcf70de4df91a41763f527faa675)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/ConnectionSettings.java (version 1650fe5003edfcf70de4df91a41763f527faa675)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version 1650fe5003edfcf70de4df91a41763f527faa675)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version 1650fe5003edfcf70de4df91a41763f527faa675)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyServerInitializer.java (version 1650fe5003edfcf70de4df91a41763f527faa675)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 78f05a77947316e0adc5cd7298b1393eb6ef413d

    fix: OF-2559 - improve write timeout system property description and implementation

    • i18n/src/main/resources/openfire_i18n.properties (version 78f05a77947316e0adc5cd7298b1393eb6ef413d)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version 78f05a77947316e0adc5cd7298b1393eb6ef413d)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 5af394bded1c3d32ad261140f869189446dd4649

    feat: OF-2559 - add channel options that match settings in MinaConnectionAcceptor.buildSocketAcceptor function

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version 5af394bded1c3d32ad261140f869189446dd4649)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 6d9c6f367fea9864c63ef54adf9d82d27ff05e26

    feat: OF-2559 - add WriteTimeoutHandler to handle stalled sessions

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version 6d9c6f367fea9864c63ef54adf9d82d27ff05e26)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 00aa6fa6fd747910076d6f079d384ec2479ff112

    OF-2559 Removed last of MINA from XMLLightweightParser
    MINA will wrap the non-mina exception further up the chain, we were not using the hexdump feature the MINA exception added.

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/InboundBufferSizeException.java (version 00aa6fa6fd747910076d6f079d384ec2479ff112)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMLLightweightParser.java (version 00aa6fa6fd747910076d6f079d384ec2479ff112)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMPPDecoder.java (version 00aa6fa6fd747910076d6f079d384ec2479ff112)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> 16a412e792534e37407b6332e468884477b41fa2

    fix: OF-2559 - isIdle now returns true when channel open but not connected

    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version 16a412e792534e37407b6332e468884477b41fa2)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 2c91f910b316bc18e368d79a197340dba4017934

    OF-2559 Fixed tests after refactor
    XMLLightweightParserTest now works with the newly refactored XMLLightweightParser (which had MINA specifics extracted).

    • xmppserver/src/test/java/org/jivesoftware/openfire/nio/XMLLightweightParserTest.java (version 2c91f910b316bc18e368d79a197340dba4017934)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 3ec1999f5446ec6dbe59022949737aa33c4cfa84

    OF-2559 Implement Netty inbound connection handlers
    Replace CopyOnWriteMap from MINA; migrating to netty so replacing MINA utility with something similar.

    Remove MINA-specific stat collector; migrating to netty so removing MINA specific stat collector. For netty we might look to the following in the future to implement a netty-specific stats collector:

     - https://netty.io/4.0/api/io/netty/handler/ssl/OpenSslSessionStats.html
     - https://netty.io/4.0/api/io/netty/handler/traffic/package-summary.html

    • pom.xml (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/pom.xml (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/apache/mina/management/MINAStatCollector.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/admin/PluginFilter.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/ServerStanzaHandler.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SocketUtil.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/ConnectionHandler.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyClientConnectionHandler.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnectionHandler.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyServerConnectionHandler.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyXMPPDecoder.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMLLightweightParser.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/XMPPDecoder.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/server/OutgoingSessionPromise.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalIncomingServerSession.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionAcceptor.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionListener.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionManagerImpl.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/MINAConnectionAcceptor.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
    • xmppserver/src/test/java/org/jivesoftware/openfire/nio/XMLLightweightParserTest.java (version 3ec1999f5446ec6dbe59022949737aa33c4cfa84)
  • Alex Gidman <alex.gidman@surevine.com>

    Alex Gidman <alex.gidman@surevine.com> b0f873145a501165a90c609fe571de311afa3c60

    feat: OF-2559 - add compression for inbound and outbound traffic for incoming c2s and s2s connections

    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyConnection.java (version b0f873145a501165a90c609fe571de311afa3c60)