From ba499ea17b03b98830d3aa0ec7e534a3102b1a10 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 12 Oct 2023 08:20:18 +0000
Subject: [PATCH 1/4] Bump org.testcontainers:testcontainers-bom from 1.19.0 to
 1.19.1

Bumps [org.testcontainers:testcontainers-bom](https://github.com/testcontainers/testcontainers-java) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testcontainers/testcontainers-java/compare/1.19.0...1.19.1)

---
updated-dependencies:
- dependency-name: org.testcontainers:testcontainers-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 3cb48f2aa2a8..c13a42ae9eb9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -120,7 +120,7 @@
     <springboot.version>2.1.1.RELEASE</springboot.version>
     <taglibs-standard-impl.version>1.2.5</taglibs-standard-impl.version>
     <taglibs-standard-spec.version>1.2.5</taglibs-standard-spec.version>
-    <testcontainers.version>1.19.0</testcontainers.version>
+    <testcontainers.version>1.19.1</testcontainers.version>
     <weld.version>3.1.9.Final</weld.version>
     <wildfly.common.version>1.6.0.Final</wildfly.common.version>
     <wildfly.elytron.version>2.2.2.Final</wildfly.elytron.version>

From ad544cde5c3401c91731767e50d0449514876c58 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 12 Oct 2023 08:20:58 +0000
Subject: [PATCH 2/4] Bump org.infinispan:infinispan-bom from 11.0.17.Final to
 11.0.18.Final

Bumps [org.infinispan:infinispan-bom](https://github.com/infinispan/infinispan) from 11.0.17.Final to 11.0.18.Final.
- [Release notes](https://github.com/infinispan/infinispan/releases)
- [Changelog](https://github.com/infinispan/infinispan/blob/main/Jenkinsfile-release)
- [Commits](https://github.com/infinispan/infinispan/compare/11.0.17.Final...11.0.18.Final)

---
updated-dependencies:
- dependency-name: org.infinispan:infinispan-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 3cb48f2aa2a8..d34de3262f84 100644
--- a/pom.xml
+++ b/pom.xml
@@ -53,7 +53,7 @@
     <hawtio.version>2.15.2</hawtio.version>
     <hazelcast.version>5.2.1</hazelcast.version>
     <infinispan.protostream.version>4.6.5.Final</infinispan.protostream.version>
-    <infinispan.version>11.0.17.Final</infinispan.version>
+    <infinispan.version>11.0.18.Final</infinispan.version>
     <jackson.version>2.14.2</jackson.version>
     <jakarta.activation.api.version>1.2.2</jakarta.activation.api.version>
     <jakarta.annotation.api.version>1.3.5</jakarta.annotation.api.version>

From 1f1f6226b59d563ae6e43dea73fe3f3fd1a67a8e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 12 Oct 2023 17:17:15 +0000
Subject: [PATCH 3/4] Bump apache.directory.api.version from 2.1.4 to 2.1.5

Bumps `apache.directory.api.version` from 2.1.4 to 2.1.5.

Updates `org.apache.directory.api:api-ldap-schema-data` from 2.1.4 to 2.1.5

Updates `org.apache.directory.api:api-ldap-model` from 2.1.4 to 2.1.5

Updates `org.apache.directory.api:api-util` from 2.1.4 to 2.1.5
- [Commits](https://github.com/apache/directory-ldap-api/compare/2.1.4...2.1.5)

Updates `org.apache.directory.api:api-asn1-api` from 2.1.4 to 2.1.5

---
updated-dependencies:
- dependency-name: org.apache.directory.api:api-ldap-schema-data
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.api:api-ldap-model
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.api:api-util
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.api:api-asn1-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 jetty-jaas/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jetty-jaas/pom.xml b/jetty-jaas/pom.xml
index f4c6bbeb1bf1..649724d817ff 100644
--- a/jetty-jaas/pom.xml
+++ b/jetty-jaas/pom.xml
@@ -13,7 +13,7 @@
   <properties>
     <bundle-symbolic-name>${project.groupId}.jaas</bundle-symbolic-name>
     <apacheds.version>2.0.0.AM26</apacheds.version>
-    <apache.directory.api.version>2.1.4</apache.directory.api.version>
+    <apache.directory.api.version>2.1.5</apache.directory.api.version>
     <spotbugs.onlyAnalyze>org.eclipse.jetty.jaas.*</spotbugs.onlyAnalyze>
   </properties>
 

From f0060d9523fc44f07a6900f489878f81fbba261a Mon Sep 17 00:00:00 2001
From: Ludovic Orban <lorban@bitronix.be>
Date: Wed, 11 Oct 2023 11:07:28 +0200
Subject: [PATCH 4/4] #10705 improve error message when no valid keystore can
 be found during startup

Signed-off-by: Ludovic Orban <lorban@bitronix.be>
---
 .../http3/tests/HTTP3ServerConnectorTest.java | 116 ++++++++++++++++++
 .../quic/server/QuicServerConnector.java      |   2 +-
 2 files changed, 117 insertions(+), 1 deletion(-)
 create mode 100644 jetty-http3/http3-tests/src/test/java/org/eclipse/jetty/http3/tests/HTTP3ServerConnectorTest.java

diff --git a/jetty-http3/http3-tests/src/test/java/org/eclipse/jetty/http3/tests/HTTP3ServerConnectorTest.java b/jetty-http3/http3-tests/src/test/java/org/eclipse/jetty/http3/tests/HTTP3ServerConnectorTest.java
new file mode 100644
index 000000000000..6c3e4d9a6863
--- /dev/null
+++ b/jetty-http3/http3-tests/src/test/java/org/eclipse/jetty/http3/tests/HTTP3ServerConnectorTest.java
@@ -0,0 +1,116 @@
+//
+// ========================================================================
+// Copyright (c) 1995 Mort Bay Consulting Pty Ltd and others.
+//
+// This program and the accompanying materials are made available under the
+// terms of the Eclipse Public License v. 2.0 which is available at
+// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
+// which is available at https://www.apache.org/licenses/LICENSE-2.0.
+//
+// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
+// ========================================================================
+//
+
+package org.eclipse.jetty.http3.tests;
+
+import java.io.InputStream;
+import java.security.KeyStore;
+import javax.net.ssl.SSLContext;
+
+import org.eclipse.jetty.http3.server.HTTP3ServerConnectionFactory;
+import org.eclipse.jetty.http3.server.HTTP3ServerConnector;
+import org.eclipse.jetty.server.HttpConfiguration;
+import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.toolchain.test.jupiter.WorkDir;
+import org.eclipse.jetty.toolchain.test.jupiter.WorkDirExtension;
+import org.eclipse.jetty.util.component.LifeCycle;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+@ExtendWith(WorkDirExtension.class)
+public class HTTP3ServerConnectorTest
+{
+    public WorkDir workDir;
+
+    @Test
+    public void testStartHTTP3ServerConnectorWithoutKeyStore()
+    {
+        Server server = new Server();
+        SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
+        HTTP3ServerConnector connector = new HTTP3ServerConnector(server, sslContextFactory, new HTTP3ServerConnectionFactory(new HttpConfiguration()));
+        connector.getQuicConfiguration().setPemWorkDirectory(workDir.getEmptyPathDir());
+        server.addConnector(connector);
+        assertThrows(IllegalStateException.class, server::start);
+    }
+
+    @Test
+    public void testStartHTTP3ServerConnectorWithoutKeyStoreWithSSLContext() throws Exception
+    {
+        Server server = new Server();
+        SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
+        sslContextFactory.setSslContext(SSLContext.getDefault());
+        HTTP3ServerConnector connector = new HTTP3ServerConnector(server, sslContextFactory, new HTTP3ServerConnectionFactory(new HttpConfiguration()));
+        connector.getQuicConfiguration().setPemWorkDirectory(workDir.getEmptyPathDir());
+        server.addConnector(connector);
+        assertThrows(IllegalStateException.class, server::start);
+    }
+
+    @Test
+    public void testStartHTTP3ServerConnectorWithEmptyKeyStoreInstance() throws Exception
+    {
+        Server server = new Server();
+        SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
+        KeyStore keyStore = KeyStore.getInstance("PKCS12");
+        keyStore.load(null, null);
+        sslContextFactory.setKeyStore(keyStore);
+        HTTP3ServerConnector connector = new HTTP3ServerConnector(server, sslContextFactory, new HTTP3ServerConnectionFactory(new HttpConfiguration()));
+        connector.getQuicConfiguration().setPemWorkDirectory(workDir.getEmptyPathDir());
+        server.addConnector(connector);
+        assertThrows(IllegalStateException.class, server::start);
+    }
+
+    @Test
+    public void testStartHTTP3ServerConnectorWithValidKeyStoreInstanceWithoutPemWorkDir() throws Exception
+    {
+        Server server = new Server();
+        SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
+        KeyStore keyStore = KeyStore.getInstance("PKCS12");
+        try (InputStream is = getClass().getResourceAsStream("/keystore.p12"))
+        {
+            keyStore.load(is, "storepwd".toCharArray());
+        }
+        sslContextFactory.setKeyStore(keyStore);
+        sslContextFactory.setKeyManagerPassword("storepwd");
+        HTTP3ServerConnector connector = new HTTP3ServerConnector(server, sslContextFactory, new HTTP3ServerConnectionFactory(new HttpConfiguration()));
+        server.addConnector(connector);
+        assertThrows(IllegalStateException.class, server::start);
+    }
+
+    @Test
+    public void testStartHTTP3ServerConnectorWithValidKeyStoreInstance() throws Exception
+    {
+        Server server = new Server();
+        SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
+        KeyStore keyStore = KeyStore.getInstance("PKCS12");
+        try (InputStream is = getClass().getResourceAsStream("/keystore.p12"))
+        {
+            keyStore.load(is, "storepwd".toCharArray());
+        }
+        sslContextFactory.setKeyStore(keyStore);
+        sslContextFactory.setKeyManagerPassword("storepwd");
+        HTTP3ServerConnector connector = new HTTP3ServerConnector(server, sslContextFactory, new HTTP3ServerConnectionFactory(new HttpConfiguration()));
+        connector.getQuicConfiguration().setPemWorkDirectory(workDir.getEmptyPathDir());
+        server.addConnector(connector);
+        try
+        {
+            server.start();
+        }
+        finally
+        {
+            LifeCycle.stop(server);
+        }
+    }
+}
diff --git a/jetty-quic/quic-server/src/main/java/org/eclipse/jetty/quic/server/QuicServerConnector.java b/jetty-quic/quic-server/src/main/java/org/eclipse/jetty/quic/server/QuicServerConnector.java
index a23c680a4e98..d80c98068576 100644
--- a/jetty-quic/quic-server/src/main/java/org/eclipse/jetty/quic/server/QuicServerConnector.java
+++ b/jetty-quic/quic-server/src/main/java/org/eclipse/jetty/quic/server/QuicServerConnector.java
@@ -161,7 +161,7 @@ protected void doStart() throws Exception
 
         Set<String> aliases = sslContextFactory.getAliases();
         if (aliases.isEmpty())
-            throw new IllegalStateException("Invalid KeyStore: no aliases");
+            throw new IllegalStateException("Missing or invalid KeyStore: a SslContextFactory configured with a valid, non-empty KeyStore is required");
         String alias = sslContextFactory.getCertAlias();
         if (alias == null)
             alias = aliases.stream().findFirst().orElseThrow();