Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Include client ip dimension for ssl handshake failure metrics (#13998) | Morten Tokle | 2020-08-05 | 3 | -3/+52 |
| | |||||
* | Allow 'discPreinstallBundle' per module, not in parent. | gjoranv | 2020-07-17 | 1 | -0/+1 |
| | | | | - New Vespa bundles should not preinstall other bundles from disk. | ||||
* | Merge pull request #13847 from ↵ | Henning Baldersheim | 2020-07-09 | 1 | -0/+20 |
|\ | | | | | | | | | vespa-engine/bjorncs/test-invalid-remote-port-header Test handling of invalid remote port header | ||||
| * | Test handling of invalid remote port header | Bjørn Christian Seime | 2020-07-09 | 1 | -0/+20 |
| | | |||||
* | | Remove feature flag 'jdisc-health-check-proxy-client-timeout' | Bjørn Christian Seime | 2020-07-09 | 1 | -3/+0 |
|/ | |||||
* | Don't assume remote port header contains a valid port number | Bjørn Christian Seime | 2020-07-08 | 1 | -1/+9 |
| | |||||
* | Don't log invalid requests for filter execution on servlets | Bjørn Christian Seime | 2020-07-07 | 1 | -1/+7 |
| | | | | | | Fix bug where a malformed uri to servlet/JAX-RS resource would trigger an unhandled request exception. Jetty logs unhandled exceptions from filters/servlets as warning with full stack trace. | ||||
* | Log failed requests as 'info' instead of 'warning' | Bjørn Christian Seime | 2020-07-07 | 1 | -1/+1 |
| | |||||
* | use more descriptive names | Arne Juul | 2020-07-06 | 1 | -8/+8 |
| | |||||
* | Update api spec | Morten Tokle | 2020-06-29 | 1 | -2/+38 |
| | |||||
* | Add request type dimension to http.nxx metrics | Morten Tokle | 2020-06-26 | 4 | -14/+77 |
| | |||||
* | Make proxy client timeout configurable | Bjørn Christian Seime | 2020-05-20 | 3 | -22/+29 |
| | | | | | Reduce default timeout to 1 second. Don't spam log with full stack trace. Don't close connection pool on timeout or other failures (when using sub-second timeout). | ||||
* | Disable jdisc debug logging for all unit tests (by default) | Bjørn Christian Seime | 2020-05-20 | 1 | -12/+0 |
| | |||||
* | Stabilize HttpServerTest | Bjørn Christian Seime | 2020-05-19 | 1 | -6/+17 |
| | | | | Retry test requests sent from Jetty client on failure | ||||
* | Disable debug logging in jdisc_http_service unit tests | Bjørn Christian Seime | 2020-05-19 | 1 | -0/+12 |
| | | | | Reduces surefire output from ~160MB to ~1MB. | ||||
* | Ignore local port reported from proxy-protocol header | Bjørn Christian Seime | 2020-04-30 | 8 | -8/+58 |
| | | | | | | Replace usage of ServletRequest.getLocalPort() with equivalent from ServerConnector. The latter will not be overridden by the proxy-protocol header if proxy-protocol is enabled for that connector. | ||||
* | Report expired client certificate as a separate metric | Bjørn Christian Seime | 2020-04-08 | 3 | -0/+46 |
| | |||||
* | 200 OK response on status.html for redirect handler | andreer | 2020-04-08 | 1 | -2/+6 |
| | |||||
* | Merge pull request #12855 from vespa-engine/bjorncs/jdisc-unknown-methods | Bjørn Christian Seime | 2020-04-07 | 2 | -6/+32 |
|\ | | | | | Return status code 405 for unknown HTTP methods | ||||
| * | Return status code 405 for unknown HTTP methods | Bjørn Christian Seime | 2020-04-06 | 2 | -6/+32 |
| | | | | | | | | JDisc previously returned 501 for unknown HTTP methods as mandated by the HTTP / Servlet specification. This caused a lot of noise in our 5xx response metrics for JDisc instances directly exposed to the internet (external actors performing vulnerability testing). This change will cause unknown methods to be handled identically to unsupported methods. | ||||
* | | make secure redirect use http (not https) | andreer | 2020-04-06 | 1 | -1/+1 |
|/ | |||||
* | Remove unused method | Bjørn Christian Seime | 2020-04-02 | 1 | -24/+0 |
| | |||||
* | Add connector config for max connection life | Bjørn Christian Seime | 2020-04-02 | 3 | -1/+15 |
| | |||||
* | Deprecate unused config parameter | Bjørn Christian Seime | 2020-04-02 | 1 | -1/+2 |
| | |||||
* | Make 'max requests per connection' config connector specific | Bjørn Christian Seime | 2020-04-02 | 6 | -14/+26 |
| | |||||
* | Add secure direct support to JDisc | Bjørn Christian Seime | 2020-04-02 | 4 | -4/+99 |
| | |||||
* | Merge pull request #12516 from ↵ | Morten Tokle | 2020-03-10 | 5 | -13/+187 |
|\ | | | | | | | | | vespa-engine/bjorncs/support-proxy-protocol-in-jdisc Support proxy protocol for https connectors | ||||
| * | Use multi-thread safe list implementation | Bjørn Christian Seime | 2020-03-09 | 1 | -1/+2 |
| | | |||||
| * | Close server before inspecting access log | Bjørn Christian Seime | 2020-03-09 | 1 | -9/+8 |
| | | |||||
| * | Update abi-spec | Bjørn Christian Seime | 2020-03-09 | 1 | -2/+36 |
| | | |||||
| * | Support proxy protocol for https connectors | Bjørn Christian Seime | 2020-03-09 | 4 | -10/+150 |
| | | |||||
* | | Remove unused variable | Bjørn Christian Seime | 2020-03-09 | 1 | -2/+0 |
| | | |||||
* | | Remove wiring for pre-bound channels in Jetty integration | Bjørn Christian Seime | 2020-03-09 | 4 | -98/+7 |
|/ | |||||
* | Handle SSLHandshakeException without message | Bjørn Christian Seime | 2020-03-06 | 1 | -0/+1 |
| | | | | We have observed in production that some SSLHandshakeException instances do not have a message. | ||||
* | Rename new jdisc http ssl handshake metrics | Bjørn Christian Seime | 2020-03-05 | 1 | -5/+5 |
| | | | | Rename new metrics to final names concluded from architect review. | ||||
* | Handle SslConnectionFactory wrapped in DetectorConnectionFactory | Bjørn Christian Seime | 2020-03-05 | 1 | -0/+3 |
| | | | | | Support TLS mixed mode after recent Jetty upgrade in health check proxy handler. SslConnectionFactory is no longer a top-level connection factory in connector if mixed mode is enabled. | ||||
* | Replace deprecated OptionalSslConnectionFactory with DetectorConnectionFactory | Bjørn Christian Seime | 2020-03-05 | 1 | -7/+2 |
| | |||||
* | Revert "Replace deprecated OptionalSslConnectionFactory with ↵ | Bjørn Christian Seime | 2020-03-05 | 1 | -2/+7 |
| | | | | | | | | | DetectorConnectionFactory" This reverts commit a7bfbb407c71e96d3a2effb34836d04ce3cd9d70. HealthCheckProxyHandler is unable to retrieve underlying SSLContext if SslConnectionFactory is wrapped in a DetectorConnectionFactory. | ||||
* | Merge pull request #12442 from ↵ | Bjørn Christian Seime | 2020-03-05 | 6 | -61/+268 |
|\ | | | | | | | | | vespa-engine/revert-12440-revert-12415-bjorncs/ssl-handshake-metric Revert "Revert "Bjorncs/ssl handshake metric"" | ||||
| * | Use TLSv1.3 in test instead of TLSv1.1 | Bjørn Christian Seime | 2020-03-05 | 1 | -2/+2 |
| | | | | | | | | TLSv1.1 seems to be disabled in JDK distribution on internal CI platform. | ||||
| * | Revert "Revert "Bjorncs/ssl handshake metric"" | Bjørn Christian Seime | 2020-03-04 | 6 | -61/+268 |
| | | |||||
* | | Merge pull request #12438 from vespa-engine/bjorncs/upgrade-jetty | Bjørn Christian Seime | 2020-03-04 | 1 | -6/+2 |
|\ \ | |/ |/| | Upgrade Jetty to 9.4.27 | ||||
| * | Replace deprecated OptionalSslConnectionFactory with DetectorConnectionFactory | Bjørn Christian Seime | 2020-03-04 | 1 | -7/+2 |
| | | |||||
| * | Upgrade Jetty to 9.4.27 | Bjørn Christian Seime | 2020-03-04 | 1 | -0/+1 |
| | | |||||
* | | Revert "Bjorncs/ssl handshake metric" | Harald Musum | 2020-03-04 | 6 | -268/+61 |
|/ | |||||
* | Replace dash with underscore in the new metric names | Bjørn Christian Seime | 2020-03-04 | 1 | -5/+5 |
| | |||||
* | Add workaround for odd behaviour with Jetty or Apache httpclient | Bjørn Christian Seime | 2020-03-03 | 1 | -0/+9 |
| | |||||
* | Report SSL handshake failures in metric | Bjørn Christian Seime | 2020-03-03 | 4 | -7/+224 |
| | |||||
* | Add constructor overload with list of enabled ciphers and protocol versions | Bjørn Christian Seime | 2020-03-03 | 1 | -1/+13 |
| | |||||
* | Make TLS client auth configurable in test driver factory | Bjørn Christian Seime | 2020-03-03 | 2 | -4/+11 |
| |