[UNDERTOW-2523] Update the Jakarta Servlet specification to Jakarta S…

…ervlet 6.1. Note this changed the Cookie specification to RFC 6265 which required test changes. https://issues.redhat.com/browse/UNDERTOW-2523 Signed-off-by: James R. Perkins <jperkins@redhat.com>
undertow-io · Dec 3, 2024 · b0c4fa6 · b0c4fa6
1 parent 27d7983
commit b0c4fa6
Show file tree

Hide file tree

Showing 31 changed files with 388 additions and 78 deletions.
diff --git a/core/src/main/java/io/undertow/UndertowOptions.java b/core/src/main/java/io/undertow/UndertowOptions.java
@@ -212,14 +212,25 @@ public class UndertowOptions {
      */
     public static final Option<Boolean> ALLOW_EQUALS_IN_COOKIE_VALUE = Option.simple(UndertowOptions.class, "ALLOW_EQUALS_IN_COOKIE_VALUE", Boolean.class);
 
+    /**
+     * If this is true then Undertow will disable RFC6265 compliant cookie parsing for Set-Cookie header instead of legacy backward compatible behavior.
+     * <p>
+     * default is {@code false}
+     * </p>
+     */
+    public static final Option<Boolean> DISABLE_RFC6265_COOKIE_PARSING = Option.simple(UndertowOptions.class, "DISABLE_RFC6265_COOKIE_PARSING", Boolean.class);
+
+    public static final boolean DEFAULT_DISABLE_RFC6265_COOKIE_PARSING = false;
+
     /**
      * If this is true then Undertow will enable RFC6265 compliant cookie validation for Set-Cookie header instead of legacy backward compatible behavior.
      *
      * default is false
      */
     public static final Option<Boolean> ENABLE_RFC6265_COOKIE_VALIDATION = Option.simple(UndertowOptions.class, "ENABLE_RFC6265_COOKIE_VALIDATION", Boolean.class);
 
-    public static final boolean DEFAULT_ENABLE_RFC6265_COOKIE_VALIDATION = false;
+    // As of Jakarta 6.1, RFC 6265 is used for the cookie specification https://github.com/jakartaee/servlet/issues/37
+    public static final boolean DEFAULT_ENABLE_RFC6265_COOKIE_VALIDATION = true;
 
     /**
      * If we should attempt to use SPDY for HTTPS connections.

diff --git a/core/src/main/java/io/undertow/attribute/SecureProtocolAttribute.java b/core/src/main/java/io/undertow/attribute/SecureProtocolAttribute.java
@@ -0,0 +1,72 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ *
+ * Copyright 2024 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.undertow.attribute;
+
+import io.undertow.server.HttpServerExchange;
+import io.undertow.server.SSLSessionInfo;
+
+/**
+ * An attribute which describes the secure protocol. This is the protocol resolved from the {@link SSLSessionInfo#getSecureProtocol()}.
+ * @author <a href="mailto:jperkins@redhat.com">James R. Perkins</a>
+ */
+public class SecureProtocolAttribute implements ExchangeAttribute {
+
+    public static final SecureProtocolAttribute INSTANCE = new SecureProtocolAttribute();
+
+    @Override
+    public String readAttribute(final HttpServerExchange exchange) {
+        final SSLSessionInfo ssl = exchange.getConnection().getSslSessionInfo();
+        if (ssl == null || ssl.getSecureProtocol() == null) {
+            return null;
+        }
+        return ssl.getSecureProtocol();
+    }
+
+    @Override
+    public void writeAttribute(final HttpServerExchange exchange, final String newValue) throws ReadOnlyAttributeException {
+        throw new ReadOnlyAttributeException("SSL Protocol", newValue);
+    }
+
+    @Override
+    public String toString() {
+        return "%{SECURE_PROTOCOL}";
+    }
+
+    public static final class Builder implements ExchangeAttributeBuilder {
+
+        @Override
+        public String name() {
+            return "Secure Protocol";
+        }
+
+        @Override
+        public ExchangeAttribute build(final String token) {
+            if (token.equals("%{SECURE_PROTOCOL}")) {
+                return INSTANCE;
+            }
+            return null;
+        }
+
+        @Override
+        public int priority() {
+            return 0;
+        }
+    }
+}
diff --git a/core/src/main/java/io/undertow/server/BasicSSLSessionInfo.java b/core/src/main/java/io/undertow/server/BasicSSLSessionInfo.java
@@ -43,6 +43,7 @@ public class BasicSSLSessionInfo implements SSLSessionInfo {
     private final java.security.cert.Certificate[] peerCertificate;
     private final X509Certificate[] certificate;
     private final Integer keySize;
+    private final String secureProtocol;
 
     /**
      *
@@ -54,9 +55,24 @@ public class BasicSSLSessionInfo implements SSLSessionInfo {
      * @throws CertificateException If the client cert could not be decoded
      */
     public BasicSSLSessionInfo(byte[] sessionId, String cypherSuite, String certificate, Integer keySize) throws java.security.cert.CertificateException, CertificateException {
+        this(sessionId, cypherSuite, certificate, keySize, null);
+    }
+
+    /**
+     *
+     * @param sessionId The SSL session ID
+     * @param cypherSuite The cypher suite name
+     * @param certificate A string representation of the client certificate
+     * @param keySize The key-size used by the cypher
+     * @param secureProtocol the secure protocol, example {@code TLSv1.2}
+     * @throws java.security.cert.CertificateException If the client cert could not be decoded
+     * @throws CertificateException If the client cert could not be decoded
+     */
+    public BasicSSLSessionInfo(byte[] sessionId, String cypherSuite, String certificate, Integer keySize, String secureProtocol) throws java.security.cert.CertificateException, CertificateException {
         this.sessionId = sessionId;
         this.cypherSuite = cypherSuite;
         this.keySize = keySize;
+        this.secureProtocol = secureProtocol;
         if (certificate != null) {
             java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509");
             byte[] certificateBytes = certificate.getBytes(StandardCharsets.US_ASCII);
@@ -123,6 +139,20 @@ public BasicSSLSessionInfo(String sessionId, String cypherSuite, String certific
         this(sessionId == null ? null : fromHex(sessionId), cypherSuite, certificate, keySize);
     }
 
+    /**
+     *
+     * @param sessionId The encoded SSL session ID
+     * @param cypherSuite The cypher suite name
+     * @param certificate A string representation of the client certificate
+     * @param keySize The key-size used by the cypher
+     * @param secureProtocol the secure protocol, example {@code TLSv1.2}
+     * @throws java.security.cert.CertificateException If the client cert could not be decoded
+     * @throws CertificateException If the client cert could not be decoded
+     */
+    public BasicSSLSessionInfo(String sessionId, String cypherSuite, String certificate, Integer keySize, String secureProtocol) throws java.security.cert.CertificateException, CertificateException {
+        this(sessionId == null ? null : fromHex(sessionId), cypherSuite, certificate, keySize, secureProtocol);
+    }
+
     @Override
     public byte[] getSessionId() {
         if(sessionId == null) {
@@ -174,6 +204,11 @@ public SSLSession getSSLSession() {
         return null;
     }
 
+    @Override
+    public String getSecureProtocol() {
+        return secureProtocol;
+    }
+
     private static byte[] fromHex(String sessionId) {
         try {
             return HexConverter.convertFromHex(sessionId);

diff --git a/core/src/main/java/io/undertow/server/ConnectionSSLSessionInfo.java b/core/src/main/java/io/undertow/server/ConnectionSSLSessionInfo.java
@@ -145,6 +145,11 @@ public SSLSession getSSLSession() {
         return channel.getSslSession();
     }
 
+    @Override
+    public String getSecureProtocol() {
+        return channel.getSslSession().getProtocol();
+    }
+
     //Suppress incorrect resource leak warning.
     @SuppressWarnings("resource")
     public void renegotiateBufferRequest(HttpServerExchange exchange, SslClientAuthMode newAuthMode) throws IOException {

diff --git a/core/src/main/java/io/undertow/server/Connectors.java b/core/src/main/java/io/undertow/server/Connectors.java
@@ -41,6 +41,9 @@
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 import java.util.Date;
+import java.util.Map;
+import java.util.Set;
+import java.util.TreeSet;
 import java.util.concurrent.Executor;
 import java.util.concurrent.RejectedExecutionException;
 
@@ -57,6 +60,7 @@ public class Connectors {
 
     private static final boolean[] ALLOWED_TOKEN_CHARACTERS = new boolean[256];
     private static final boolean[] ALLOWED_SCHEME_CHARACTERS = new boolean[256];
+    private static final Set<String> KNOWN_ATTRIBUTE_NAMES = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);
 
     static {
         for(int i = 0; i < ALLOWED_TOKEN_CHARACTERS.length; ++i) {
@@ -108,6 +112,16 @@ public class Connectors {
                 }
             }
         }
+
+        KNOWN_ATTRIBUTE_NAMES.add("Path");
+        KNOWN_ATTRIBUTE_NAMES.add("Domain");
+        KNOWN_ATTRIBUTE_NAMES.add("Discard");
+        KNOWN_ATTRIBUTE_NAMES.add("Secure");
+        KNOWN_ATTRIBUTE_NAMES.add("HttpOnly");
+        KNOWN_ATTRIBUTE_NAMES.add("Max-Age");
+        KNOWN_ATTRIBUTE_NAMES.add("Expires");
+        KNOWN_ATTRIBUTE_NAMES.add("Comment");
+        KNOWN_ATTRIBUTE_NAMES.add("SameSite");
     }
     /**
      * Flattens the exchange cookie map into the response header map. This should be called by a
@@ -224,17 +238,17 @@ private static String addRfc6265ResponseCookieToExchange(final Cookie cookie) {
             header.append("; Domain=");
             header.append(cookie.getDomain());
         }
-        if (cookie.isDiscard()) {
-            header.append("; Discard");
-        }
         if (cookie.isSecure()) {
             header.append("; Secure");
         }
         if (cookie.isHttpOnly()) {
             header.append("; HttpOnly");
         }
         if (cookie.getMaxAge() != null) {
-            if (cookie.getMaxAge() >= 0) {
+            // TODO (jrp) Per the TCK test "RFC 6265 - server should only send +ve values for Max-Age"
+            // TODO (jrp) This is possibly per https://datatracker.ietf.org/doc/html/rfc6265#section-5.2.2, however
+            // TODO (jrp) I'm not sure not adding the value is correct.
+            if (cookie.getMaxAge() > 0) {
                 header.append("; Max-Age=");
                 header.append(cookie.getMaxAge());
             }
@@ -270,6 +284,7 @@ private static String addRfc6265ResponseCookieToExchange(final Cookie cookie) {
                 header.append(cookie.getSameSiteMode());
             }
         }
+        appendAttributes(cookie, header);
         return header.toString();
     }
 
@@ -298,7 +313,10 @@ private static String addVersion0ResponseCookieToExchange(final Cookie cookie) {
             header.append("; Expires=");
             header.append(DateUtils.toOldCookieDateString(cookie.getExpires()));
         } else if (cookie.getMaxAge() != null) {
-            if (cookie.getMaxAge() >= 0) {
+            // TODO (jrp) Per the TCK test "RFC 6265 - server should only send +ve values for Max-Age"
+            // TODO (jrp) This is possibly per https://datatracker.ietf.org/doc/html/rfc6265#section-5.2.2, however
+            // TODO (jrp) I'm not sure not adding the value is correct.
+            if (cookie.getMaxAge() > 0) {
                 header.append("; Max-Age=");
                 header.append(cookie.getMaxAge());
             }
@@ -320,6 +338,7 @@ private static String addVersion0ResponseCookieToExchange(final Cookie cookie) {
                 header.append(cookie.getSameSiteMode());
             }
         }
+        appendAttributes(cookie, header);
         return header.toString();
 
     }
@@ -350,7 +369,10 @@ private static String addVersion1ResponseCookieToExchange(final Cookie cookie) {
             header.append("; HttpOnly");
         }
         if (cookie.getMaxAge() != null) {
-            if (cookie.getMaxAge() >= 0) {
+            // TODO (jrp) Per the TCK test "RFC 6265 - server should only send +ve values for Max-Age"
+            // TODO (jrp) This is possibly per https://datatracker.ietf.org/doc/html/rfc6265#section-5.2.2, however
+            // TODO (jrp) I'm not sure not adding the value is correct.
+            if (cookie.getMaxAge() > 0) {
                 header.append("; Max-Age=");
                 header.append(cookie.getMaxAge());
             }
@@ -386,6 +408,7 @@ private static String addVersion1ResponseCookieToExchange(final Cookie cookie) {
                 header.append(cookie.getSameSiteMode());
             }
         }
+        appendAttributes(cookie, header);
         return header.toString();
     }
 
@@ -656,4 +679,18 @@ public static boolean areRequestHeadersValid(HeaderMap headers) {
         }
         return true;
     }
+
+    private static void appendAttributes(final Cookie cookie, final StringBuilder header) {
+        for (Map.Entry<String, String> entry : cookie.getAttributes().entrySet()) {
+            if (KNOWN_ATTRIBUTE_NAMES.contains(entry.getKey())) {
+                continue;
+            }
+            header.append("; ")
+                    .append(entry.getKey());
+            if (!entry.getValue().isBlank()) {
+                header.append('=')
+                        .append(entry.getValue());
+            }
+        }
+    }
 }
diff --git a/core/src/main/java/io/undertow/server/HttpServerExchange.java b/core/src/main/java/io/undertow/server/HttpServerExchange.java
@@ -1245,7 +1245,7 @@ public Iterable<Cookie> requestCookies() {
             Cookies.parseRequestCookies(
                     getConnection().getUndertowOptions().get(UndertowOptions.MAX_COOKIES, UndertowOptions.DEFAULT_MAX_COOKIES),
                     getConnection().getUndertowOptions().get(UndertowOptions.ALLOW_EQUALS_IN_COOKIE_VALUE, false),
-                    requestHeaders.get(Headers.COOKIE), requestCookiesParam);
+                    requestHeaders.get(Headers.COOKIE), requestCookiesParam, getConnection().getUndertowOptions().get(UndertowOptions.DISABLE_RFC6265_COOKIE_PARSING, UndertowOptions.DEFAULT_DISABLE_RFC6265_COOKIE_PARSING));
         }
         return requestCookies;
     }

diff --git a/core/src/main/java/io/undertow/server/SSLSessionInfo.java b/core/src/main/java/io/undertow/server/SSLSessionInfo.java
@@ -18,10 +18,10 @@
 
 package io.undertow.server;
 
-import org.xnio.SslClientAuthMode;
-
-import javax.net.ssl.SSLSession;
 import java.io.IOException;
+import javax.net.ssl.SSLSession;
+
+import org.xnio.SslClientAuthMode;
 
 /**
  * SSL session information.
@@ -126,4 +126,13 @@ default int getKeySize() {
      */
     SSLSession getSSLSession();
 
+    /**
+     * Returns the {@linkplain SSLSession#getProtocol() secure protocol}, if applicable, for the curren session.
+     *
+     * @return the secure protocol or {@code null} if one could not be found
+     */
+    default String getSecureProtocol() {
+        return getSSLSession() == null ? null : getSSLSession().getProtocol();
+    }
+
 }
diff --git a/core/src/main/java/io/undertow/server/handlers/Cookie.java b/core/src/main/java/io/undertow/server/handlers/Cookie.java
@@ -19,6 +19,7 @@
 package io.undertow.server.handlers;
 
 import java.util.Date;
+import java.util.Map;
 
 /**
  * A HTTP cookie.
@@ -86,6 +87,39 @@ default Cookie setSameSiteMode(final String mode) {
         throw new UnsupportedOperationException("Not implemented");
     }
 
+    /**
+     * Returns the attribute associated with the name or {@code null} if no attribute is associated with the name.
+     *
+     * @param name the name of the attribute
+     *
+     * @return the value or {@code null} if not found
+     */
+    default String getAttribute(final String name) {
+        throw new UnsupportedOperationException("Not implemented");
+    }
+
+    /**
+     * Sets an attribute for the cookie. If the value is {@code null}, the attribute is removed. If the value is not
+     * {@code null}, the attribute is added to the attributes for this cookie.
+     *
+     * @param name  the name of the attribute
+     * @param value the value of the attribute or {@code null} to remove it
+     *
+     * @return this cookie
+     */
+    default Cookie setAttribute(final String name, final String value) {
+        throw new UnsupportedOperationException("Not implemented");
+    }
+
+    /**
+     * Returns an unmodifiable map of the attributes associated with this cookie.
+     *
+     * @return an unmodifiable map of the attributes
+     */
+    default Map<String, String> getAttributes() {
+        throw new UnsupportedOperationException("Not implemented");
+    }
+
     @Override
     default int compareTo(final Object other) {
         final Cookie o = (Cookie) other;