Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request from GHSA-xhv5-w9c5-2r2w
Fix GHSA-xhv5-w9c5-2r2w for 1.0.x
  • Loading branch information
rossabaker committed Feb 2, 2021
2 parents 174d9e8 + bef1133 commit 987d658
Show file tree
Hide file tree
Showing 28 changed files with 765 additions and 709 deletions.
Expand Up @@ -38,7 +38,6 @@ import org.http4s.blaze.channel.{
SocketConnection
}
import org.http4s.blaze.channel.nio1.NIO1SocketServerGroup
import org.http4s.blaze.channel.nio2.NIO2SocketServerGroup
import org.http4s.blaze.http.http2.server.ALPNServerSelector
import org.http4s.blaze.pipeline.LeafBuilder
import org.http4s.blaze.pipeline.stages.SSLStage
Expand Down Expand Up @@ -86,13 +85,13 @@ import scodec.bits.ByteVector
* this is necessary to recover totality from the error condition.
* @param banner: Pretty log to display on server start. An empty sequence
* such as Nil disables this
* @param maxConnections: The maximum number of client connections that may be active at any time.
*/
class BlazeServerBuilder[F[_]](
class BlazeServerBuilder[F[_]] private (
socketAddress: InetSocketAddress,
executionContext: ExecutionContext,
responseHeaderTimeout: Duration,
idleTimeout: Duration,
isNio2: Boolean,
connectorPoolSize: Int,
bufferSize: Int,
selectorThreadFactory: ThreadFactory,
Expand All @@ -105,6 +104,7 @@ class BlazeServerBuilder[F[_]](
httpApp: HttpApp[F],
serviceErrorHandler: ServiceErrorHandler[F],
banner: immutable.Seq[String],
maxConnections: Int,
val channelOptions: ChannelOptions
)(implicit protected val F: Async[F])
extends ServerBuilder[F]
Expand All @@ -118,7 +118,6 @@ class BlazeServerBuilder[F[_]](
executionContext: ExecutionContext = executionContext,
idleTimeout: Duration = idleTimeout,
responseHeaderTimeout: Duration = responseHeaderTimeout,
isNio2: Boolean = isNio2,
connectorPoolSize: Int = connectorPoolSize,
bufferSize: Int = bufferSize,
selectorThreadFactory: ThreadFactory = selectorThreadFactory,
Expand All @@ -131,14 +130,14 @@ class BlazeServerBuilder[F[_]](
httpApp: HttpApp[F] = httpApp,
serviceErrorHandler: ServiceErrorHandler[F] = serviceErrorHandler,
banner: immutable.Seq[String] = banner,
maxConnections: Int = maxConnections,
channelOptions: ChannelOptions = channelOptions
): Self =
new BlazeServerBuilder(
socketAddress,
executionContext,
responseHeaderTimeout,
idleTimeout,
isNio2,
connectorPoolSize,
bufferSize,
selectorThreadFactory,
Expand All @@ -151,6 +150,7 @@ class BlazeServerBuilder[F[_]](
httpApp,
serviceErrorHandler,
banner,
maxConnections,
channelOptions
)

Expand Down Expand Up @@ -219,8 +219,6 @@ class BlazeServerBuilder[F[_]](
def withSelectorThreadFactory(selectorThreadFactory: ThreadFactory): Self =
copy(selectorThreadFactory = selectorThreadFactory)

def withNio2(isNio2: Boolean): Self = copy(isNio2 = isNio2)

def withWebSockets(enableWebsockets: Boolean): Self =
copy(enableWebSockets = enableWebsockets)

Expand All @@ -247,6 +245,9 @@ class BlazeServerBuilder[F[_]](
def withChunkBufferMaxSize(chunkBufferMaxSize: Int): BlazeServerBuilder[F] =
copy(chunkBufferMaxSize = chunkBufferMaxSize)

def withMaxConnections(maxConnections: Int): BlazeServerBuilder[F] =
copy(maxConnections = maxConnections)

private def pipelineFactory(
scheduler: TickWheelExecutor,
engineConfig: Option[(SSLContext, SSLEngine => Unit)],
Expand Down Expand Up @@ -343,12 +344,8 @@ class BlazeServerBuilder[F[_]](
else address

val mkFactory: Resource[F, ServerChannelGroup] = Resource.make(F.delay {
if (isNio2)
NIO2SocketServerGroup
.fixedGroup(connectorPoolSize, bufferSize, channelOptions, selectorThreadFactory)
else
NIO1SocketServerGroup
.fixedGroup(connectorPoolSize, bufferSize, channelOptions, selectorThreadFactory)
NIO1SocketServerGroup
.fixed(connectorPoolSize, bufferSize, channelOptions, selectorThreadFactory, maxConnections)
})(factory => F.delay(factory.closeGroup()))

def mkServerChannel(
Expand Down Expand Up @@ -415,7 +412,6 @@ object BlazeServerBuilder {
executionContext = executionContext,
responseHeaderTimeout = defaults.ResponseTimeout,
idleTimeout = defaults.IdleTimeout,
isNio2 = false,
connectorPoolSize = DefaultPoolSize,
bufferSize = 64 * 1024,
selectorThreadFactory = defaultThreadSelectorFactory,
Expand All @@ -428,6 +424,7 @@ object BlazeServerBuilder {
httpApp = defaultApp[F],
serviceErrorHandler = DefaultServiceErrorHandler[F],
banner = defaults.Banner,
maxConnections = defaults.MaxConnections,
channelOptions = ChannelOptions(Vector.empty)
)

Expand Down
8 changes: 4 additions & 4 deletions build.sbt
Expand Up @@ -83,7 +83,6 @@ lazy val core = libraryProject("core")
.enablePlugins(
BuildInfoPlugin,
MimeLoaderPlugin,
NowarnCompatPlugin,
)
.settings(
description := "Core http4s library for servers and clients",
Expand Down Expand Up @@ -113,7 +112,6 @@ lazy val core = libraryProject("core")
)
},
unusedCompileDependenciesFilter -= moduleFilter("org.scala-lang", "scala-reflect"),
Compile / packageBin / mappings ~= { _.filterNot(_._2.startsWith("scala/")) },
)

lazy val laws = libraryProject("laws")
Expand Down Expand Up @@ -175,7 +173,6 @@ lazy val tests = libraryProject("tests")
.dependsOn(core, specs2 % "test->test")

lazy val server = libraryProject("server")
.enablePlugins(NowarnCompatPlugin)
.settings(
description := "Base library for building http4s servers",
startYear := Some(2014),
Expand Down Expand Up @@ -209,7 +206,6 @@ lazy val prometheusMetrics = libraryProject("prometheus-metrics")
)

lazy val client = libraryProject("client")
.enablePlugins(NowarnCompatPlugin)
.settings(
description := "Base library for building http4s clients",
startYear := Some(2014),
Expand Down Expand Up @@ -286,6 +282,10 @@ lazy val blazeServer = libraryProject("blaze-server")
.settings(
description := "blaze implementation for http4s servers",
startYear := Some(2014),
mimaBinaryIssueFilters ++= Seq(
// privat constructor with new parameter
ProblemFilters.exclude[DirectMissingMethodProblem]("org.http4s.server.blaze.BlazeServerBuilder.this")
)
)
.dependsOn(blazeCore % "compile;test->test", server % "compile;test->test")

Expand Down
Expand Up @@ -73,7 +73,7 @@ class FollowRedirectSuite extends Http4sSuite with Http4sClientDsl[IO] {
val req = Request[IO](PUT, uri"http://localhost/303").withEntity("foo")
client
.run(req)
.use { case Ok(resp) =>
.use { case resp =>
resp.headers.get(CIString("X-Original-Content-Length")).map(_.value).pure[IO]
}
.map(_.get)
Expand Down Expand Up @@ -128,7 +128,7 @@ class FollowRedirectSuite extends Http4sSuite with Http4sClientDsl[IO] {
Header("Authorization", "Bearer s3cr3t"))
client
.run(req)
.use { case Ok(resp) =>
.use { case resp =>
resp.headers.get(CIString("X-Original-Authorization")).map(_.value).pure[IO]
}
.assertEquals(Some(""))
Expand All @@ -141,7 +141,7 @@ class FollowRedirectSuite extends Http4sSuite with Http4sClientDsl[IO] {
Header("Authorization", "Bearer s3cr3t"))
client
.run(req)
.use { case Ok(resp) =>
.use { case resp =>
resp.headers.get(CIString("X-Original-Authorization")).map(_.value).pure[IO]
}
.assertEquals(Some("Bearer s3cr3t"))
Expand All @@ -150,7 +150,7 @@ class FollowRedirectSuite extends Http4sSuite with Http4sClientDsl[IO] {
test("FollowRedirect should Record the intermediate URIs") {
client
.run(Request[IO](uri = uri"http://localhost/loop/0"))
.use { case Ok(resp) =>
.use { resp =>
IO.pure(FollowRedirect.getRedirectUris(resp))
}
.assertEquals(
Expand All @@ -164,7 +164,7 @@ class FollowRedirectSuite extends Http4sSuite with Http4sClientDsl[IO] {
test("FollowRedirect should Not add any URIs when there are no redirects") {
client
.run(Request[IO](uri = uri"http://localhost/loop/100"))
.use { case Ok(resp) =>
.use { case resp =>
IO.pure(FollowRedirect.getRedirectUris(resp))
}
.assertEquals(List.empty[Uri])
Expand Down
22 changes: 0 additions & 22 deletions core/src/main/scala-2.12/scala/annotation/nowarn.scala

This file was deleted.

0 comments on commit 987d658

Please sign in to comment.