Build #1,884

Plan branch:

Build: #1884 was successful

Job: RPM Workflow was successful

Stages & jobs

  1. Build and Package

Code commits

Openfire (master)

  • Guus der Kinderen

    Guus der Kinderen b0120f8eb873a5032c6d676c7bb68ed3dfaeaf1d

    Merge pull request #2118 from guusdk/OF-2514_SASL-empty-vs-missing-initial-response
    OF-2514 & OF-2513: Prepare for non-default authzid on S2S SASL EXTERNAL

  • Guus der Kinderen

    Guus der Kinderen 4f58b41b0635637b76aaba0ea4675f29daab71fc

    Merge branch 'main' into OF-2514_SASL-empty-vs-missing-initial-response

  • Guus der Kinderen

    Guus der Kinderen 99a72df2cead6f28723514eb2ffb02fae9bf3e60

    OF-1378: Replaced much of 'SSL' with 'TLS'

    • documentation/index.html (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • documentation/ssl-guide.html (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_cs_CZ.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_de.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_es.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_fr.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_ja_JP.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_nl.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_pl_PL.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_pt_BR.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_pt_PT.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_ru_RU.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_sk.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_uk_UA.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • i18n/src/main/resources/openfire_i18n_zh_CN.properties (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • xmppserver/src/main/java/org/jivesoftware/openfire/Connection.java (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • xmppserver/src/main/java/org/jivesoftware/openfire/ConnectionManager.java (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • xmppserver/src/main/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/TLSStreamReader.java (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/TLSWrapper.java (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/Session.java (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionListener.java (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionManagerImpl.java (version 99a72df2cead6f28723514eb2ffb02fae9bf3e60)
  • Guus der Kinderen

    Guus der Kinderen 3e1d068b9bd534eafd28189c4874954e3be656d4

    OF-1378: Fixes for issues found in review

    • documentation/index.html (version 3e1d068b9bd534eafd28189c4874954e3be656d4)
    • i18n/src/main/resources/openfire_i18n.properties (version 3e1d068b9bd534eafd28189c4874954e3be656d4)
  • Guus der Kinderen

    Guus der Kinderen 05c871ea5f907b512dab98ee559f81a5a86b97a8

    OF-1378: Rename 'legacy SSL' (et al) into 'Direct TLS'

    • i18n/src/main/resources/openfire_i18n.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_cs_CZ.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_de.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_es.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_fr.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_ja_JP.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_nl.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_pl_PL.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_pt_BR.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_pt_PT.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_ru_RU.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_sk.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_uk_UA.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • i18n/src/main/resources/openfire_i18n_zh_CN.properties (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/java/org/jivesoftware/openfire/Connection.java (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/java/org/jivesoftware/openfire/ConnectionManager.java (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/java/org/jivesoftware/openfire/nio/NettyServerConnectionHandler.java (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionListener.java (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/ConnectionManagerImpl.java (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyConnectionAcceptor.java (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/NettyServerInitializer.java (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/webapp/connection-settings-advanced.jsp (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/webapp/connection-settings-external-components.jsp (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/webapp/connection-settings-socket-c2s.jsp (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/webapp/connection-settings-socket-s2s.jsp (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/webapp/dns-check.jsp (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/main/webapp/index.jsp (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalIncomingServerSessionTest.java (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
    • xmppserver/src/test/java/org/jivesoftware/openfire/session/LocalOutgoingServerSessionTest.java (version 05c871ea5f907b512dab98ee559f81a5a86b97a8)
  • Guus der Kinderen

    Guus der Kinderen 5db8d9057c456d1161395e61af0044c4da0d5e65

    OF-1378: Rename 'STARTSSL' into 'STARTTLS'

    • i18n/src/main/resources/openfire_i18n.properties (version 5db8d9057c456d1161395e61af0044c4da0d5e65)
    • i18n/src/main/resources/openfire_i18n_de.properties (version 5db8d9057c456d1161395e61af0044c4da0d5e65)
    • i18n/src/main/resources/openfire_i18n_es.properties (version 5db8d9057c456d1161395e61af0044c4da0d5e65)
    • i18n/src/main/resources/openfire_i18n_fr.properties (version 5db8d9057c456d1161395e61af0044c4da0d5e65)
    • i18n/src/main/resources/openfire_i18n_nl.properties (version 5db8d9057c456d1161395e61af0044c4da0d5e65)
    • i18n/src/main/resources/openfire_i18n_ru_RU.properties (version 5db8d9057c456d1161395e61af0044c4da0d5e65)
    • i18n/src/main/resources/openfire_i18n_uk_UA.properties (version 5db8d9057c456d1161395e61af0044c4da0d5e65)
    • i18n/src/main/resources/openfire_i18n_zh_CN.properties (version 5db8d9057c456d1161395e61af0044c4da0d5e65)
  • Guus der Kinderen

    Guus der Kinderen 255e924c49bd1850340952c33dce8dcb57d4d2fc

    OF-2514: Rework unit tests

    • xmppserver/src/test/java/org/jivesoftware/openfire/sasl/ExternalServerSaslServerTest.java (version 255e924c49bd1850340952c33dce8dcb57d4d2fc)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 09c12d205676431336236da4281596f02681c7ff

    WIP: Upgrades Jetty 9.4.43.v20210629 to 10.0.15
    Remaining Issues:
    - JSP compilation failure caused by:

    https://github.com/apache/tomcat/commit/224fb6c06528180213b6af28b28dee44029565d7#diff-ef02fd9c3f90ca4838d3cdaa051489556eca75d537fc396022e0ed456c24d895R329

    - `WebSocketClientConnectionHandler.onConnect` assumes that `session.getRemoteAddress()` supplies an `InetSocketAddress` which might not always be true. What's the best approach in our context?

    Fixed in this commit:
    - Websocket server Maven artifact renamed from `websocket-server` to `websocket-jetty-server`
    - `WebSocketServlet` renamed to `JettyWebSocketServlet`
    - `WebSocketServletFactory` renamed to `JettyWebSocketServletFactory`

    See: https://www.eclipse.org/jetty/documentation/jetty-10/programming-guide/index.html#pg-migration-94-to-10

    - `GzipHandler` is no longer part of `ServletContextHandler`
    https://github.com/eclipse/jetty.project/issues/4765

    - Renamed `setWebInfClassesDirs` to `setWebInfClassesResources`
    https://github.com/eclipse/jetty.project/issues/4506

    - Split `SslContextFactory` into Client and Server
    https://github.com/eclipse/jetty.project/issues/3464

    • plugins/pom.xml (version 09c12d205676431336236da4281596f02681c7ff)
    • pom.xml (version 09c12d205676431336236da4281596f02681c7ff)
    • xmppserver/pom.xml (version 09c12d205676431336236da4281596f02681c7ff)
    • xmppserver/src/main/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java (version 09c12d205676431336236da4281596f02681c7ff)
    • xmppserver/src/main/java/org/jivesoftware/openfire/container/PluginServletContext.java (version 09c12d205676431336236da4281596f02681c7ff)
    • xmppserver/src/main/java/org/jivesoftware/openfire/http/HttpBindManager.java (version 09c12d205676431336236da4281596f02681c7ff)
    • xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java (version 09c12d205676431336236da4281596f02681c7ff)
    • xmppserver/src/main/java/org/jivesoftware/openfire/websocket/OpenfireWebSocketServlet.java (version 09c12d205676431336236da4281596f02681c7ff)
    • xmppserver/src/main/java/org/jivesoftware/openfire/websocket/WebSocketClientConnectionHandler.java (version 09c12d205676431336236da4281596f02681c7ff)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> aad09e6950661458654cdb1eca44d3c7c25b9177

    Removed WebAppLoaderFix as it is now redundant
    Thanks to GregDThomas for spotting: IIRC it only worked on older versions of JRE/Jetty, so it's probably long redundant now.

    Originally created to fix https://igniterealtime.atlassian.net/browse/OF-1522 in #1228
    (with comment "Note; we may need to revisit this come Java 9.")

    • xmppserver/src/main/java/org/eclipse/jetty/util/WebAppLoaderFix.java (version aad09e6950661458654cdb1eca44d3c7c25b9177)
    • xmppserver/src/main/java/org/jivesoftware/openfire/http/HttpBindManager.java (version aad09e6950661458654cdb1eca44d3c7c25b9177)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> f8e0278e87afe40020e6389555f330e5247f0c45

    WIP: Upgrades Jetty 9.4.43.v20210629 to 10.0.15
    Correct configuration of websocket compression. Compression is provided out of the box by Jetty's `permessage-deflate` extension.

    Previously Openfire was registering the `permessage-deflate` extension, I assume this was attempting to enable websocket compression.

    Presently, websocket compression is enabled by default in Jetty. So the correct way to control websocket compression is to disable the `permessage-deflate` extension when compression is not wanted:
    https://github.com/eclipse/jetty.project/issues/1341

    • xmppserver/src/main/java/org/jivesoftware/openfire/websocket/OpenfireWebSocketServlet.java (version f8e0278e87afe40020e6389555f330e5247f0c45)
  • Guus der Kinderen

    Guus der Kinderen 50aeb542aa9c35398944219ec7e851bc3e1fdbd3

    WIP: Fix JSP compilation failure in Jetty 10.0.15
    In this commit, the taglib definitions are consolidated in one place, where Jetty 10.0.5 expects to find them.

    A nuisance is that with this layout, the IntelliJ IDE is no longer able to find the taglibs. This can be annoying during development, but does not introduce runtime issues.

    • xmppserver/src/main/resources/META-INF/admin.tld (version 50aeb542aa9c35398944219ec7e851bc3e1fdbd3)
    • xmppserver/src/main/webapp/META-INF/tags/admin/contentBox.tagx (version 50aeb542aa9c35398944219ec7e851bc3e1fdbd3)
    • xmppserver/src/main/webapp/META-INF/tags/admin/infoBox.tagx (version 50aeb542aa9c35398944219ec7e851bc3e1fdbd3)
    • xmppserver/src/main/webapp/WEB-INF/admin.tld (version 50aeb542aa9c35398944219ec7e851bc3e1fdbd3)
    • xmppserver/src/main/webapp/WEB-INF/classes/META-INF/admin.tld (version 50aeb542aa9c35398944219ec7e851bc3e1fdbd3)
    • xmppserver/src/main/webapp/WEB-INF/classes/META-INF/tags/admin/contentBox.tagx (version 50aeb542aa9c35398944219ec7e851bc3e1fdbd3)
    • xmppserver/src/main/webapp/WEB-INF/classes/META-INF/tags/admin/infoBox.tagx (version 50aeb542aa9c35398944219ec7e851bc3e1fdbd3)
    • xmppserver/src/main/webapp/WEB-INF/classes/META-INF/tags/admin/security/identityStoreConfig.tagx (version 50aeb542aa9c35398944219ec7e851bc3e1fdbd3)
    • xmppserver/src/main/webapp/WEB-INF/classes/META-INF/tags/admin/security/trustStoreConfig.tagx (version 50aeb542aa9c35398944219ec7e851bc3e1fdbd3)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> beed6c8456458de9bb62a4a020d4b79e4ef91a2d

    Bump Jetty patch version to latest on 10

    • plugins/pom.xml (version beed6c8456458de9bb62a4a020d4b79e4ef91a2d)
    • pom.xml (version beed6c8456458de9bb62a4a020d4b79e4ef91a2d)
  • Matthew Vivian <matthew.vivian@surevine.com>

    Matthew Vivian <matthew.vivian@surevine.com> 42d7cf52146e11d5db21820ca4e22cd8f3880456

    WIP: Upgrades Jetty 9.4.43.v20210629 to 10.0.15
    Fix to initialise web socket components.

    With Jetty 10 we now need to configure the WebSocket ServletContextHandler to call the JettyWebSocketServletContainerInitializer during the ServletContext initialization phase.

    • xmppserver/src/main/java/org/jivesoftware/openfire/http/HttpBindManager.java (version 42d7cf52146e11d5db21820ca4e22cd8f3880456)
  • Guus der Kinderen

    Guus der Kinderen 0a3ef02ae1ccd93278785013741b0fc04cdea481

    WIP: Fix classloading issue in Jetty 10.0.15
    With Jetty 10.0.15, the admin console shows HTTP 503 error responses, and ClassLoading exceptions are logged.

    It appears that in Jetty 10, unless a ClassLoader has been explicitly set on a ContextHandler, Jetty will use its own implementation. I assume (but did not check) that in Jetty 9, this was different (possibly, it used the ClassLoader of the invoking thread?). The ClassLoader that is provided by Jetty cannot find most of the libraries in the way they are provided by Openfire.

    Openfire uses its own ClassLoaders. When Jetty's embedded server is instantiated to use the ClassLoader of the invoking thread as done in this commit, then the problem disappears.

    Questions remain:
    - Why does Jetty use their own ClassLoader (unless explicitly overridden)? This suggests that this is somehow important (which this change has undone - which might not be safe).
    - Is there a better way of doing this? Maybe use a different ClassLoader instance, or somehow configure the Jetty classloader to find the classes it needs?
    - Will this work with plugins?
    - Do we need to do this elsewhere (eg: everywhere a Jetty Server is instantiated?)

    • xmppserver/src/main/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java (version 0a3ef02ae1ccd93278785013741b0fc04cdea481)
  • Guus der Kinderen

    Guus der Kinderen 5b3ce3d5bf57778d140a1e9b69989e708ddc6de9

    Add unit tests for OF-2513 & OF-2514.

    • xmppserver/src/test/java/org/jivesoftware/openfire/sasl/ExternalServerSaslServerTest.java (version 5b3ce3d5bf57778d140a1e9b69989e708ddc6de9)
  • Guus der Kinderen

    Guus der Kinderen 207ab49ef21fc493dd5077c1c9b9a558adddad1d

    OF-2513: Do not require authzid on SASL EXTERNAL for S2S
    Openfire should not require inbound federation connections to include an authorization identity in the initial response of the SASL EXTERNAL mechanism-based authentication attempt. RFC 6120 clearly states that this is optional data.

    This commit removes the requirement, but adds a configuration property (`xmpp.auth.external.server.require-authzid`) that can be used to re-enable the requirement, if so desired.

    Additionally, another new property (`xmpp.auth.external.server.skip-sending-authzid`) has been added that will prevent Openfire from _sending_ an authzid in the SASL initial handshake when attempting to connect to remote domains using EXTERNAL, sending an empty initial response (`=`) instead. The default behavior is to send the authzid, as prior to this commit. This is recommended by XEP-0178. This property was added mainly to facilitate testing of the other change in this commit.

    • i18n/src/main/resources/openfire_i18n.properties (version 207ab49ef21fc493dd5077c1c9b9a558adddad1d)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/RespondingServerStanzaHandler.java (version 207ab49ef21fc493dd5077c1c9b9a558adddad1d)
    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SASLAuthentication.java (version 207ab49ef21fc493dd5077c1c9b9a558adddad1d)
    • xmppserver/src/main/java/org/jivesoftware/openfire/sasl/ExternalServerSaslServer.java (version 207ab49ef21fc493dd5077c1c9b9a558adddad1d)
    • xmppserver/src/main/java/org/jivesoftware/openfire/session/LocalOutgoingServerSession.java (version 207ab49ef21fc493dd5077c1c9b9a558adddad1d)
  • Guus der Kinderen

    Guus der Kinderen 874e871c0e998f78fbbe7fe97e12a7883aee5877

    OF-2514: Differentiate between empty and missing SASL initial response
    XMPP defines a difference between not having an initial response (eg: `<auth></auth>`) and having an intial response that is present, but explicitly empty (`<auth>=</auth>`).

    Some SASL mechanisms should make use of this. EXTERNAL, for example, should query if the initial response is missing, but when it's empty, it should continue by using a value obtained elsewhere.

    A more detailed problem definition is provided in https://igniterealtime.atlassian.net/browse/OF-2514

    As Java's SaslServer API does not facilitate differentiating between the two (it does not support `null` values), this commit adds a flag to the peer's Session to indicate what the state of the initial response is.

    • xmppserver/src/main/java/org/jivesoftware/openfire/net/SASLAuthentication.java (version 874e871c0e998f78fbbe7fe97e12a7883aee5877)
    • xmppserver/src/main/java/org/jivesoftware/openfire/sasl/ExternalClientSaslServer.java (version 874e871c0e998f78fbbe7fe97e12a7883aee5877)
    • xmppserver/src/main/java/org/jivesoftware/openfire/sasl/ExternalServerSaslServer.java (version 874e871c0e998f78fbbe7fe97e12a7883aee5877)
  • Guus der Kinderen

    Guus der Kinderen 7ae57b14bf710d645521881538c12b08e37c2363

    OF-2540: Update slf4j and log4j2
    This updates the slf4j logging dependency from 1.7.36 to 2.0.9.

    As no compatible log4j2 binding is available for the version of log4j2 that was used (2.17.1), this dependency has also been updated to 2.20.0.

    • pom.xml (version 7ae57b14bf710d645521881538c12b08e37c2363)
    • starter/pom.xml (version 7ae57b14bf710d645521881538c12b08e37c2363)
    • xmppserver/pom.xml (version 7ae57b14bf710d645521881538c12b08e37c2363)