Skip to content

Commit

Permalink
[MRESOLVER-437] Resolver should not override given HTTP transport def…
Browse files Browse the repository at this point in the history
…ault use of expect-continue handshake (s4u#378)

Backport of MRESOLVER-437 to 1.9.x branch (only relevant parts): 
apache/maven-resolver@a70ddef

---

https://issues.apache.org/jira/browse/MRESOLVER-437
  • Loading branch information
cstamas authored Nov 22, 2023
1 parent b60921f commit 83a061c
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 14 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -261,20 +261,14 @@ public final class ConfigurationProperties {

/**
* Boolean flag should the HTTP transport use expect-continue handshake for PUT requests. Not all transport support
* this option. This option may be needed for some broken HTTP servers.
* this option. This option may be needed for some broken HTTP servers. Default value corresponds to given
* transport default one (resolver does not override those), but if configuration IS given, it will replace
* given transport own default value.
*
* @see #DEFAULT_HTTP_EXPECT_CONTINUE
* @since 1.9.17
*/
public static final String HTTP_EXPECT_CONTINUE = PREFIX_CONNECTOR + "http.expectContinue";

/**
* Default value if {@link #HTTP_EXPECT_CONTINUE} is not set: {@code true}.
*
* @since 1.9.17
*/
public static final boolean DEFAULT_HTTP_EXPECT_CONTINUE = true;

/**
* The mode that sets HTTPS transport "security mode": to ignore any SSL errors (certificate validity checks,
* hostname verification). The default value is {@link #HTTPS_SECURITY_MODE_DEFAULT}.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -323,13 +323,13 @@ final class HttpTransporter extends AbstractTransporter {
builder.useSystemProperties();
}

final boolean expectContinue = ConfigUtils.getBoolean(
final String expectContinue = ConfigUtils.getString(
session,
ConfigurationProperties.DEFAULT_HTTP_EXPECT_CONTINUE,
null,
ConfigurationProperties.HTTP_EXPECT_CONTINUE + "." + repository.getId(),
ConfigurationProperties.HTTP_EXPECT_CONTINUE);
if (expectContinue != ConfigurationProperties.DEFAULT_HTTP_EXPECT_CONTINUE) {
state.setExpectContinue(expectContinue);
if (expectContinue != null) {
state.setExpectContinue(Boolean.parseBoolean(expectContinue));
}

final boolean reuseConnections = ConfigUtils.getBoolean(
Expand Down
2 changes: 1 addition & 1 deletion src/site/markdown/configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ Option | Type | Description | Default Value | Supports Repo ID Suffix
`aether.connector.http.cacheState` | boolean | Flag indicating whether a memory-based cache is used for user tokens, connection managers, expect continue requests and authentication schemes. | `true` | no
`aether.connector.http.connectionMaxTtl` | int | Total time to live in seconds for an HTTP connection, after that time, the connection will be dropped (no matter for how long it was idle). | `300` | yes
`aether.connector.http.credentialEncoding` | String | The encoding/charset to use when exchanging credentials with HTTP servers. | `"ISO-8859-1"` | yes
`aether.connector.http.expectContinue` | boolean | Whether to use expect/continue handshake during PUTs. Some broken HTTP servers needs this disabled. | `true` | yes
`aether.connector.http.expectContinue` | boolean | Whether to use expect/continue handshake during PUTs. Some broken HTTP servers needs this disabled. Default value depends on given transport default value. | Default value depends on HTTP transport being in use. | yes
`aether.connector.http.headers` | `Map<String, String>` | The request headers to use for HTTP-based repository connectors. The headers are specified using a map of strings mapping a header name to its value. The repository-specific headers map is supposed to be complete, i.e. is not merged with the general headers map. | - | yes
`aether.connector.http.maxConnectionsPerRoute` | int | The maximum concurrent connections per route HTTP client is allowed to use. | `50` | yes
`aether.connector.http.preemptiveAuth` | boolean | Should HTTP client use preemptive-authentication for all HTTP verbs (works only w/ BASIC). By default is disabled, as it is considered less secure. | `false` | yes
Expand Down

0 comments on commit 83a061c

Please sign in to comment.