From 18e9120a80efd663b9d08048990c981691d0f1a8 Mon Sep 17 00:00:00 2001 From: Tamas Cservenak Date: Wed, 22 Nov 2023 15:15:29 +0100 Subject: [PATCH 1/2] [MRESOLVER-437] Resolver should not override given HTTP transport default use of expect-continue handshake Backport of MRESOLVER-437 to 1.9.x branch (only relevant parts): https://github.com/apache/maven-resolver/commit/a70ddef13490a4289e4a72327217218e688e4070 --- https://issues.apache.org/jira/browse/MRESOLVER-437 --- .../org/eclipse/aether/ConfigurationProperties.java | 12 +++--------- .../aether/transport/http/HttpTransporter.java | 8 ++++---- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/maven-resolver-api/src/main/java/org/eclipse/aether/ConfigurationProperties.java b/maven-resolver-api/src/main/java/org/eclipse/aether/ConfigurationProperties.java index 6ef570ca5..94a5fa279 100644 --- a/maven-resolver-api/src/main/java/org/eclipse/aether/ConfigurationProperties.java +++ b/maven-resolver-api/src/main/java/org/eclipse/aether/ConfigurationProperties.java @@ -261,20 +261,14 @@ public final class ConfigurationProperties { /** * Boolean flag should the HTTP transport use expect-continue handshake for PUT requests. Not all transport support - * this option. This option may be needed for some broken HTTP servers. + * this option. This option may be needed for some broken HTTP servers. Default value corresponds to given + * transport default one (resolver does not override those), but if configuration IS given, it will replace + * given transport own default value. * - * @see #DEFAULT_HTTP_EXPECT_CONTINUE * @since 1.9.17 */ public static final String HTTP_EXPECT_CONTINUE = PREFIX_CONNECTOR + "http.expectContinue"; - /** - * Default value if {@link #HTTP_EXPECT_CONTINUE} is not set: {@code true}. - * - * @since 1.9.17 - */ - public static final boolean DEFAULT_HTTP_EXPECT_CONTINUE = true; - /** * The mode that sets HTTPS transport "security mode": to ignore any SSL errors (certificate validity checks, * hostname verification). The default value is {@link #HTTPS_SECURITY_MODE_DEFAULT}. diff --git a/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java b/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java index f6ed915fc..8cd00f508 100644 --- a/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java +++ b/maven-resolver-transport-http/src/main/java/org/eclipse/aether/transport/http/HttpTransporter.java @@ -323,13 +323,13 @@ final class HttpTransporter extends AbstractTransporter { builder.useSystemProperties(); } - final boolean expectContinue = ConfigUtils.getBoolean( + final String expectContinue = ConfigUtils.getString( session, - ConfigurationProperties.DEFAULT_HTTP_EXPECT_CONTINUE, + null, ConfigurationProperties.HTTP_EXPECT_CONTINUE + "." + repository.getId(), ConfigurationProperties.HTTP_EXPECT_CONTINUE); - if (expectContinue != ConfigurationProperties.DEFAULT_HTTP_EXPECT_CONTINUE) { - state.setExpectContinue(expectContinue); + if (expectContinue != null) { + state.setExpectContinue(Boolean.parseBoolean(expectContinue)); } final boolean reuseConnections = ConfigUtils.getBoolean( From 725997f72cae2b4d48ac805eb3ac9cbda9fc519f Mon Sep 17 00:00:00 2001 From: Tamas Cservenak Date: Wed, 22 Nov 2023 15:22:25 +0100 Subject: [PATCH 2/2] Backport site changes as well. --- src/site/markdown/configuration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/site/markdown/configuration.md b/src/site/markdown/configuration.md index 982fd1f75..de0168b9c 100644 --- a/src/site/markdown/configuration.md +++ b/src/site/markdown/configuration.md @@ -38,7 +38,7 @@ Option | Type | Description | Default Value | Supports Repo ID Suffix `aether.connector.http.cacheState` | boolean | Flag indicating whether a memory-based cache is used for user tokens, connection managers, expect continue requests and authentication schemes. | `true` | no `aether.connector.http.connectionMaxTtl` | int | Total time to live in seconds for an HTTP connection, after that time, the connection will be dropped (no matter for how long it was idle). | `300` | yes `aether.connector.http.credentialEncoding` | String | The encoding/charset to use when exchanging credentials with HTTP servers. | `"ISO-8859-1"` | yes -`aether.connector.http.expectContinue` | boolean | Whether to use expect/continue handshake during PUTs. Some broken HTTP servers needs this disabled. | `true` | yes +`aether.connector.http.expectContinue` | boolean | Whether to use expect/continue handshake during PUTs. Some broken HTTP servers needs this disabled. Default value depends on given transport default value. | Default value depends on HTTP transport being in use. | yes `aether.connector.http.headers` | `Map` | The request headers to use for HTTP-based repository connectors. The headers are specified using a map of strings mapping a header name to its value. The repository-specific headers map is supposed to be complete, i.e. is not merged with the general headers map. | - | yes `aether.connector.http.maxConnectionsPerRoute` | int | The maximum concurrent connections per route HTTP client is allowed to use. | `50` | yes `aether.connector.http.preemptiveAuth` | boolean | Should HTTP client use preemptive-authentication for all HTTP verbs (works only w/ BASIC). By default is disabled, as it is considered less secure. | `false` | yes