-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support ALPN in latest JDK 8 builds #7060
Conversation
Oh, the build in Travis uses Should I change the build to have an extra job run on |
IDK what's going on here, but that check has been in the |
I've turned this into a draft because of:
|
Macos and many other CIs run on different infrastructure which require us to give an "okay" to run it. Don't worry about it, unless it is failing 😄
Simply upgrading to the newer version of OpenJDK would be fine. 252 is available on Xenial. And it was released sometime around April 15th. It looks like the Travis-CI images were built before that date:
I think we just need to add this snippet to
Although it should also include a comment saying we want to upgrade to u252. Note that the upgrade of Netty isn't that simple. Netty can be fickle to upgrade. We do a lot of testing when upgrading it. (We will have to do that testing.) If the failure was that Jetty_ALPN wasn't upgraded, that means we're probably preferring Jetty ALPN over the Java 9 ALPN API. As things are structured in Netty, I guess we can't easily test both Jetty ALPN and the Java 9 ALPN API within the same JVM. I think we may just say "a manual test is fine." In which case you should disable Jetty ALPN locally and make sure things work. You can disable it by commenting out the javaagent argument to the test. In pre-u252 you should see TlsTest[JDK] skipped and in u252 you should see it successful. (You can see the results in netty/build/reports/tests/test/index.html) |
Done. It's running now, let's see...
I think the Jetty_ALPN is required since only in I think setting up two jobs in TravisCI with JDK8u242 and JDK8u252 should do the trick. Both jobs should run the same code/build/settings and that should include Jetty_ALPN
I've commented the use of the Jetty_ALPN agent and done manual testing (
Then I enabled the Jett-ALPN agent in tests back again and re-run both jobs (
|
@ignasi35, excellent! Thank you for the testing.
Yeah, the agent chooses the correct version for the particular JRE version. We should upgrade to version 2.0.10 of the agent, but it does look like it becomes a noop on newer JRE versions.
So we actually already test against the Java 9 ALPN API via the openjdk11 test. I'm okay with stopping active testing of Jetty ALPN. Once we upgrade to the newer Netty we'll need to update our SECURITY.md to mention that Jetty ALPN does nothing starting in 8u252. And we could merge this PR. So we're temporarily blocked on the Netty upgrade. |
Friendly nudge! Hi @ejona86, how is this moving forward? Any plans to get the Netty upgrade completed? Or did I miss something and you are waiting on me to complete anything on this PR? |
No, we weren't waiting for you on the PR. We were waiting on someone testing the new Netty version internally. I've tested v4.1.51 and it passed, so I'll be sending out an update of Netty. |
With #7358 in, I think that completes all the pieces this PR was hoping to achieve. Closing. |
Thanks @ejona86 |
References #6997
The Jetty ALPN agent added support for JVM provided ALPN (that is, JDK8u252 and later) in
2.0.10
.Netty did the necessary fixes in
4.1.49.Final
but4.1.50.Final
is already out.I've tested locally with both AdoptOpen JDK 8u242 and AdoptOpen JDK 8u252.