WIP: Upgrades Jetty 9.4.43.v20210629 to 10.0.15

Remaining Issues:
- JSP compilation failure caused by:

apache/tomcat@224fb6c#diff-ef02fd9c3f90ca4838d3cdaa051489556eca75d537fc396022e0ed456c24d895R329

- `WebSocketClientConnectionHandler.onConnect` assumes that `session.getRemoteAddress()` supplies an `InetSocketAddress` which might not always be true. What's the best approach in our context?

Fixed in this commit:
- Websocket server Maven artifact renamed from `websocket-server` to `websocket-jetty-server`
- `WebSocketServlet` renamed to `JettyWebSocketServlet`
- `WebSocketServletFactory` renamed to `JettyWebSocketServletFactory`

See: https://www.eclipse.org/jetty/documentation/jetty-10/programming-guide/index.html#pg-migration-94-to-10

- `GzipHandler` is no longer part of `ServletContextHandler`
jetty/jetty.project#4765

- Renamed `setWebInfClassesDirs` to `setWebInfClassesResources`
jetty/jetty.project#4506

- Split `SslContextFactory` into Client and Server
jetty/jetty.project#3464

plugins/pom.xml

@@ -122,7 +122,7 @@
         <!-- Versions -->
         <openfire.version>4.8.0-SNAPSHOT</openfire.version>
         <!-- Note; the following jetty.version should be identical to the jetty.version in xmppserver/pom.xml -->
-        <jetty.version>9.4.43.v20210629</jetty.version>
+        <jetty.version>10.0.15</jetty.version>
     </properties>
 
     <profiles>

pom.xml

@@ -118,7 +118,7 @@
 
         <!-- Versions -->
         <!-- Note; the following jetty.version should be identical to the jetty.version in plugins/pom.xml -->
-        <jetty.version>9.4.43.v20210629</jetty.version>
+        <jetty.version>10.0.15</jetty.version>
         <standard-taglib.version>1.2.5</standard-taglib.version>
         <mina.version>2.2.1</mina.version>
         <bouncycastle.version>1.70</bouncycastle.version>

xmppserver/pom.xml

@@ -148,8 +148,6 @@
                             <jspc>
                                 <package>org.jivesoftware.openfire.admin</package>
                             </jspc>
-                            <sourceVersion>11</sourceVersion>
-                            <targetVersion>11</targetVersion>
                             <keepSources>true</keepSources>
                         </configuration>
                     </execution>
@@ -247,7 +245,7 @@
         </dependency>
         <dependency>
             <groupId>org.eclipse.jetty.websocket</groupId>
-            <artifactId>websocket-server</artifactId>
+            <artifactId>websocket-jetty-server</artifactId>
             <version>${jetty.version}</version>
         </dependency>
         <dependency>

xmppserver/src/main/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java

@@ -210,7 +210,7 @@ protected void startup() {
 
                     final ConnectionManagerImpl connectionManager = ( (ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager() );
                     final ConnectionConfiguration configuration = connectionManager.getListener( ConnectionType.WEBADMIN, true ).generateConnectionConfiguration();
-                    final SslContextFactory sslContextFactory = new EncryptionArtifactFactory( configuration ).getSslContextFactory();
+                    final SslContextFactory.Server sslContextFactory = new EncryptionArtifactFactory( configuration ).getSslContextFactory();
 
                     final HttpConfiguration httpsConfig = new HttpConfiguration();
                     httpsConfig.setSendServerVersion( false );
@@ -496,7 +496,7 @@ private void createWebAppContext() {
             new JettyWebXmlConfiguration()
         });
         final URL classes = getClass().getProtectionDomain().getCodeSource().getLocation();
-        context.getMetaData().setWebInfClassesDirs(Collections.singletonList(Resource.newResource(classes)));
+        context.getMetaData().setWebInfClassesResources(Collections.singletonList(Resource.newResource(classes)));
 
         // The index.html includes a redirect to the index.jsp and doesn't bypass
         // the context security when in development mode

xmppserver/src/main/java/org/jivesoftware/openfire/container/PluginServletContext.java

@@ -257,6 +257,11 @@ public ServletRegistration.Dynamic addServlet( String s, Class<? extends Servlet
         return proxy.addServlet( s, aClass );
     }
 
+    @Override
+    public ServletRegistration.Dynamic addJspFile(String servletName, String jspFile) {
+        return proxy.addJspFile(servletName, jspFile);
+    }
+
     @Override
     public <T extends Servlet> T createServlet( Class<T> aClass ) throws ServletException
     {
@@ -382,4 +387,34 @@ public String getVirtualServerName()
     {
         return proxy.getVirtualServerName();
     }
+
+    @Override
+    public int getSessionTimeout() {
+        return proxy.getSessionTimeout();
+    }
+
+    @Override
+    public void setSessionTimeout(int sessionTimeout) {
+        proxy.setSessionTimeout(sessionTimeout);
+    }
+
+    @Override
+    public String getRequestCharacterEncoding() {
+        return proxy.getRequestCharacterEncoding();
+    }
+
+    @Override
+    public void setRequestCharacterEncoding(String encoding) {
+        proxy.setRequestCharacterEncoding(encoding);
+    }
+
+    @Override
+    public String getResponseCharacterEncoding() {
+        return proxy.getResponseCharacterEncoding();
+    }
+
+    @Override
+    public void setResponseCharacterEncoding(String encoding) {
+        proxy.setResponseCharacterEncoding(encoding);
+    }
 }

xmppserver/src/main/java/org/jivesoftware/openfire/http/HttpBindManager.java

@@ -479,7 +479,7 @@ private Connector createSSLConnector( final Server httpBindServer ) {
 
                 final ConnectionManagerImpl connectionManager = ((ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager());
                 final ConnectionConfiguration configuration = connectionManager.getListener( ConnectionType.BOSH_C2S, true ).generateConnectionConfiguration();
-                final SslContextFactory sslContextFactory = new EncryptionArtifactFactory(configuration).getSslContextFactory();
+                final SslContextFactory.Server sslContextFactory = new EncryptionArtifactFactory(configuration).getSslContextFactory();
 
                 final HttpConfiguration httpsConfig = new HttpConfiguration();
                 httpsConfig.setSecureScheme("https");
@@ -645,12 +645,7 @@ public boolean isThisOriginAllowed(String origin) {
      */
     protected Handler createBoshHandler()
     {
-        final int options;
-        if(isHttpCompressionEnabled()) {
-            options = ServletContextHandler.SESSIONS | ServletContextHandler.GZIP;
-        } else {
-            options = ServletContextHandler.SESSIONS;
-        }
+        final int options = ServletContextHandler.SESSIONS;
         final ServletContextHandler context = new ServletContextHandler( null, "/http-bind", options );
 
         // Ensure the JSP engine is initialized correctly (in order to be able to cope with Tomcat/Jasper precompiled JSPs).
@@ -667,9 +662,10 @@ protected Handler createBoshHandler()
 
         // Add compression filter when needed.
         if (isHttpCompressionEnabled()) {
-            final GzipHandler gzipHandler = context.getGzipHandler();
+            final GzipHandler gzipHandler = new GzipHandler();
             gzipHandler.addIncludedPaths("/*");
             gzipHandler.addIncludedMethods(HttpMethod.POST.asString());
+            context.insertHandler(gzipHandler);
         }
 
         return context;

xmppserver/src/main/java/org/jivesoftware/openfire/spi/EncryptionArtifactFactory.java

@@ -42,7 +42,7 @@ public class EncryptionArtifactFactory
 
     // lazy loaded factory objects. These re-usable objects should be lazy loaded, preventing initialization in situations where they're never going to be used.
     private transient KeyManagerFactory keyManagerFactory;
-    private transient SslContextFactory sslContextFactory;
+    private transient SslContextFactory.Server sslContextFactory;
 
     /**
      * Creates a new instance of the factory.
@@ -266,7 +266,7 @@ public SSLEngine createClientModeSSLEngine() throws UnrecoverableKeyException, N
         return sslEngine;
     }
 
-    public synchronized SslContextFactory getSslContextFactory()
+    public synchronized SslContextFactory.Server getSslContextFactory()
     {
         if ( sslContextFactory != null )
         {

xmppserver/src/main/java/org/jivesoftware/openfire/websocket/OpenfireWebSocketServlet.java

@@ -15,9 +15,8 @@
  */
 package org.jivesoftware.openfire.websocket;
 
-import org.eclipse.jetty.websocket.common.extensions.compress.PerMessageDeflateExtension;
-import org.eclipse.jetty.websocket.servlet.WebSocketServlet;
-import org.eclipse.jetty.websocket.servlet.WebSocketServletFactory;
+import org.eclipse.jetty.websocket.server.JettyWebSocketServlet;
+import org.eclipse.jetty.websocket.server.JettyWebSocketServletFactory;
 import org.jivesoftware.openfire.SessionManager;
 import org.jivesoftware.openfire.XMPPServer;
 import org.jivesoftware.openfire.http.HttpBindManager;
@@ -43,7 +42,7 @@
  * forwarded to this plugin/servlet, which will in turn create a new {@link WebSocketClientConnectionHandler}
  * for each new connection. 
  */
-public class OpenfireWebSocketServlet extends WebSocketServlet {
+public class OpenfireWebSocketServlet extends JettyWebSocketServlet {
 
     private static final long serialVersionUID = 1074354600476010708L;
     private static final Logger Log = LoggerFactory.getLogger(OpenfireWebSocketServlet.class);
@@ -92,14 +91,15 @@ protected void service(HttpServletRequest request, HttpServletResponse response)
     }
 
     @Override
-    public void configure(WebSocketServletFactory factory)
+    public void configure(JettyWebSocketServletFactory factory)
     {
         if (WebSocketClientConnectionHandler.isCompressionEnabled()) {
-            factory.getExtensionFactory().register("permessage-deflate", PerMessageDeflateExtension.class);
+            factory.getAvailableExtensionNames().add("permessage-deflate");
         }
         final int messageSize = JiveGlobals.getIntProperty("xmpp.parser.buffer.size", 1048576);
-        factory.getPolicy().setMaxTextMessageBufferSize(messageSize * 5);
-        factory.getPolicy().setMaxTextMessageSize(messageSize);
+        factory.setInputBufferSize(messageSize * 5);
+        factory.setOutputBufferSize(messageSize * 5);
+        factory.setMaxTextMessageSize(messageSize);
 
         // Jetty's idle policy cannot be modified - it will bluntly kill the connection. Ensure that it's longer than
         // the maximum amount of idle-time that Openfire allows for its client connections!
@@ -110,7 +110,7 @@ public void configure(WebSocketServletFactory factory)
         } else {
             maxJettyIdleMs = propValue.plus(Duration.of(30, ChronoUnit.SECONDS)).toMillis();
         }
-        factory.getPolicy().setIdleTimeout(maxJettyIdleMs);
+        factory.setIdleTimeout(Duration.ofMillis(maxJettyIdleMs));
 
         factory.setCreator((req, resp) -> {
             try {
@@ -125,7 +125,7 @@ public void configure(WebSocketServletFactory factory)
             } catch (Exception e) {
                 Log.warn("Unable to load websocket factory", e);
             }
-            Log.warn("Failed to create websocket for {}:{} make a request at {}", req.getRemoteAddress(), req.getRemotePort(), req.getRequestPath() );
+            Log.warn("Failed to create websocket for {}:{} make a request at {}", req.getHttpServletRequest().getRemoteAddr(), req.getHttpServletRequest().getRemotePort(), req.getRequestPath() );
             return null;
         });
     }

xmppserver/src/main/java/org/jivesoftware/openfire/websocket/WebSocketClientConnectionHandler.java

@@ -38,6 +38,7 @@
 import org.xmpp.packet.StreamError;
 
 import java.io.IOException;
+import java.net.InetSocketAddress;
 import java.time.Duration;
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
@@ -103,7 +104,7 @@ public void onConnect(Session session)
         lastReceived = Instant.now();
         wsSession = session;
         final PacketDeliverer backupDeliverer = ClientConnectionHandler.BACKUP_PACKET_DELIVERY_ENABLED.getValue() ? new OfflinePacketDeliverer() : null;
-        wsConnection = new WebSocketConnection(this, backupDeliverer, session.getRemoteAddress());
+        wsConnection = new WebSocketConnection(this, backupDeliverer, (InetSocketAddress) session.getRemoteAddress()); // TODO can't assume InetSocketAddress
         websocketFramePingTask = new WebsocketFramePingTask();
         if (KEEP_ALIVE_FRAME_PING_ENABLED_PROPERTY.getValue()) {
             // Run the task every 10% of the interval, to get the timing roughly in-line with the configured interval.