From 64a9e8fb77779c05d1f9458d1beb01515072a79c Mon Sep 17 00:00:00 2001 From: Oleg Kalnichevski Date: Tue, 29 Oct 2024 18:45:03 +0100 Subject: [PATCH 1/2] Upgraded Apache HttpClient to version 5.4.2; Fixed connection initialization for non-HTTP protocol --- docker-java-transport-httpclient5/pom.xml | 2 +- .../ApacheDockerHttpClientImpl.java | 92 ++++++++----------- 2 files changed, 39 insertions(+), 55 deletions(-) diff --git a/docker-java-transport-httpclient5/pom.xml b/docker-java-transport-httpclient5/pom.xml index 48b751d56..54c90185a 100644 --- a/docker-java-transport-httpclient5/pom.xml +++ b/docker-java-transport-httpclient5/pom.xml @@ -29,7 +29,7 @@ org.apache.httpcomponents.client5 httpclient5 - 5.0.3 + 5.4.2 diff --git a/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/ApacheDockerHttpClientImpl.java b/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/ApacheDockerHttpClientImpl.java index 4820c65e5..23eca07a8 100644 --- a/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/ApacheDockerHttpClientImpl.java +++ b/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/ApacheDockerHttpClientImpl.java @@ -4,24 +4,26 @@ import com.github.dockerjava.transport.NamedPipeSocket; import com.github.dockerjava.transport.SSLConfig; import com.github.dockerjava.transport.UnixSocket; + +import org.apache.hc.client5.http.SystemDefaultDnsResolver; import org.apache.hc.client5.http.classic.methods.HttpUriRequestBase; import org.apache.hc.client5.http.config.RequestConfig; +import org.apache.hc.client5.http.impl.DefaultSchemePortResolver; import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse; import org.apache.hc.client5.http.impl.classic.HttpClients; +import org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator; import org.apache.hc.client5.http.impl.io.ManagedHttpClientConnectionFactory; import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager; -import org.apache.hc.client5.http.socket.ConnectionSocketFactory; -import org.apache.hc.client5.http.socket.PlainConnectionSocketFactory; -import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory; +import org.apache.hc.client5.http.io.HttpClientConnectionOperator; +import org.apache.hc.client5.http.ssl.DefaultClientTlsStrategy; +import org.apache.hc.client5.http.ssl.TlsSocketStrategy; import org.apache.hc.core5.http.ConnectionClosedException; import org.apache.hc.core5.http.ContentLengthStrategy; import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.HttpHeaders; import org.apache.hc.core5.http.HttpHost; import org.apache.hc.core5.http.NameValuePair; -import org.apache.hc.core5.http.config.Registry; -import org.apache.hc.core5.http.config.RegistryBuilder; import org.apache.hc.core5.http.impl.DefaultContentLengthStrategy; import org.apache.hc.core5.http.impl.io.EmptyInputStream; import org.apache.hc.core5.http.io.SocketConfig; @@ -38,7 +40,6 @@ import javax.net.ssl.SSLContext; import java.io.IOException; import java.io.InputStream; -import java.net.InetSocketAddress; import java.net.Socket; import java.net.URI; import java.time.Duration; @@ -61,7 +62,13 @@ protected ApacheDockerHttpClientImpl( Duration connectionTimeout, Duration responseTimeout ) { - Registry socketFactoryRegistry = createConnectionSocketFactoryRegistry(sslConfig, dockerHost); + SSLContext sslContext; + try { + sslContext = sslConfig != null ? sslConfig.getSSLContext() : null; + } catch (Exception e) { + throw new RuntimeException(e); + } + HttpClientConnectionOperator connectionOperator = createConnectionOperator(dockerHost, sslContext); switch (dockerHost.getScheme()) { case "unix": @@ -75,7 +82,7 @@ protected ApacheDockerHttpClientImpl( ? rawPath.substring(0, rawPath.length() - 1) : rawPath; host = new HttpHost( - socketFactoryRegistry.lookup("https") != null ? "https" : "http", + sslContext != null ? "https" : "http", dockerHost.getHost(), dockerHost.getPort() ); @@ -85,7 +92,10 @@ protected ApacheDockerHttpClientImpl( } PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager( - socketFactoryRegistry, + connectionOperator, + null, + null, + null, new ManagedHttpClientConnectionFactory( null, null, @@ -128,53 +138,27 @@ protected ApacheDockerHttpClientImpl( .build(); } - private Registry createConnectionSocketFactoryRegistry( - SSLConfig sslConfig, - URI dockerHost + private HttpClientConnectionOperator createConnectionOperator( + URI dockerHost, + SSLContext sslContext ) { - RegistryBuilder socketFactoryRegistryBuilder = RegistryBuilder.create(); - - if (sslConfig != null) { - try { - SSLContext sslContext = sslConfig.getSSLContext(); - if (sslContext != null) { - socketFactoryRegistryBuilder.register("https", new SSLConnectionSocketFactory(sslContext)); - } - } catch (Exception e) { - throw new RuntimeException(e); - } - } - - return socketFactoryRegistryBuilder - .register("tcp", PlainConnectionSocketFactory.INSTANCE) - .register("http", PlainConnectionSocketFactory.INSTANCE) - .register("unix", new ConnectionSocketFactory() { - @Override - public Socket createSocket(HttpContext context) throws IOException { - return UnixSocket.get(dockerHost.getPath()); - } - - @Override - public Socket connectSocket(TimeValue timeValue, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, - InetSocketAddress inetSocketAddress1, HttpContext httpContext) throws IOException { - return PlainConnectionSocketFactory.INSTANCE.connectSocket(timeValue, socket, httpHost, inetSocketAddress, - inetSocketAddress1, httpContext); - } - }) - .register("npipe", new ConnectionSocketFactory() { - @Override - public Socket createSocket(HttpContext context) { - return new NamedPipeSocket(dockerHost.getPath()); + String dockerHostScheme = dockerHost.getScheme(); + String dockerHostPath = dockerHost.getPath(); + TlsSocketStrategy tlsSocketStrategy = sslContext != null ? + new DefaultClientTlsStrategy(sslContext) : DefaultClientTlsStrategy.createSystemDefault(); + return new DefaultHttpClientConnectionOperator( + socksProxy -> { + if ("unix".equalsIgnoreCase(dockerHostScheme)) { + return UnixSocket.get(dockerHostPath); + } else if ("npipe".equalsIgnoreCase(dockerHostScheme)) { + return new NamedPipeSocket(dockerHostPath); + } else { + return socksProxy == null ? new Socket() : new Socket(socksProxy); } - - @Override - public Socket connectSocket(TimeValue timeValue, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, - InetSocketAddress inetSocketAddress1, HttpContext httpContext) throws IOException { - return PlainConnectionSocketFactory.INSTANCE.connectSocket(timeValue, socket, httpHost, inetSocketAddress, - inetSocketAddress1, httpContext); - } - }) - .build(); + }, + DefaultSchemePortResolver.INSTANCE, + SystemDefaultDnsResolver.INSTANCE, + name -> "https".equalsIgnoreCase(name) ? tlsSocketStrategy : null); } @Override From e154dfbf61d414bb8d0b531fc414ac52a9e6fe8f Mon Sep 17 00:00:00 2001 From: strangelookingnerd <49242855+strangelookingnerd@users.noreply.github.com> Date: Fri, 1 Nov 2024 10:33:05 +0100 Subject: [PATCH 2/2] Remove usage of deprecated API --- .../ApacheDockerHttpClientImpl.java | 31 +++++++++---------- .../HijackingHttpRequestExecutor.java | 8 ++--- 2 files changed, 19 insertions(+), 20 deletions(-) diff --git a/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/ApacheDockerHttpClientImpl.java b/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/ApacheDockerHttpClientImpl.java index 23eca07a8..c97a2bc45 100644 --- a/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/ApacheDockerHttpClientImpl.java +++ b/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/ApacheDockerHttpClientImpl.java @@ -7,10 +7,10 @@ import org.apache.hc.client5.http.SystemDefaultDnsResolver; import org.apache.hc.client5.http.classic.methods.HttpUriRequestBase; +import org.apache.hc.client5.http.config.ConnectionConfig; import org.apache.hc.client5.http.config.RequestConfig; import org.apache.hc.client5.http.impl.DefaultSchemePortResolver; import org.apache.hc.client5.http.impl.classic.CloseableHttpClient; -import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse; import org.apache.hc.client5.http.impl.classic.HttpClients; import org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator; import org.apache.hc.client5.http.impl.io.ManagedHttpClientConnectionFactory; @@ -18,6 +18,7 @@ import org.apache.hc.client5.http.io.HttpClientConnectionOperator; import org.apache.hc.client5.http.ssl.DefaultClientTlsStrategy; import org.apache.hc.client5.http.ssl.TlsSocketStrategy; +import org.apache.hc.core5.http.ClassicHttpResponse; import org.apache.hc.core5.http.ConnectionClosedException; import org.apache.hc.core5.http.ContentLengthStrategy; import org.apache.hc.core5.http.Header; @@ -25,12 +26,12 @@ import org.apache.hc.core5.http.HttpHost; import org.apache.hc.core5.http.NameValuePair; import org.apache.hc.core5.http.impl.DefaultContentLengthStrategy; -import org.apache.hc.core5.http.impl.io.EmptyInputStream; import org.apache.hc.core5.http.io.SocketConfig; import org.apache.hc.core5.http.io.entity.ByteArrayEntity; +import org.apache.hc.core5.http.io.entity.EmptyInputStream; import org.apache.hc.core5.http.io.entity.InputStreamEntity; -import org.apache.hc.core5.http.protocol.BasicHttpContext; import org.apache.hc.core5.http.protocol.HttpContext; +import org.apache.hc.core5.http.protocol.HttpCoreContext; import org.apache.hc.core5.net.URIAuthority; import org.apache.hc.core5.util.TimeValue; import org.apache.hc.core5.util.Timeout; @@ -119,21 +120,19 @@ protected ApacheDockerHttpClientImpl( .setSoTimeout(Timeout.ZERO_MILLISECONDS) .build() ); - connectionManager.setValidateAfterInactivity(TimeValue.NEG_ONE_SECOND); connectionManager.setMaxTotal(maxConnections); connectionManager.setDefaultMaxPerRoute(maxConnections); - RequestConfig.Builder defaultRequest = RequestConfig.custom(); - if (connectionTimeout != null) { - defaultRequest.setConnectTimeout(connectionTimeout.toNanos(), TimeUnit.NANOSECONDS); - } - if (responseTimeout != null) { - defaultRequest.setResponseTimeout(responseTimeout.toNanos(), TimeUnit.NANOSECONDS); - } + connectionManager.setDefaultConnectionConfig(ConnectionConfig.custom() + .setValidateAfterInactivity(TimeValue.NEG_ONE_SECOND) + .setConnectTimeout(connectionTimeout != null ? Timeout.of(connectionTimeout.toNanos(), TimeUnit.NANOSECONDS) : null) + .build()); httpClient = HttpClients.custom() .setRequestExecutor(new HijackingHttpRequestExecutor(null)) .setConnectionManager(connectionManager) - .setDefaultRequestConfig(defaultRequest.build()) + .setDefaultRequestConfig(RequestConfig.custom() + .setResponseTimeout(responseTimeout != null ? Timeout.of(responseTimeout.toNanos(), TimeUnit.NANOSECONDS) : null) + .build()) .disableConnectionState() .build(); } @@ -163,7 +162,7 @@ private HttpClientConnectionOperator createConnectionOperator( @Override public Response execute(Request request) { - HttpContext context = new BasicHttpContext(); + HttpContext context = new HttpCoreContext(); HttpUriRequestBase httpUriRequest = new HttpUriRequestBase(request.method(), URI.create(pathPrefix + request.path())); httpUriRequest.setScheme(host.getSchemeName()); httpUriRequest.setAuthority(new URIAuthority(host.getHostName(), host.getPort())); @@ -187,7 +186,7 @@ public Response execute(Request request) { } try { - CloseableHttpResponse response = httpClient.execute(host, httpUriRequest, context); + ClassicHttpResponse response = httpClient.executeOpen(host, httpUriRequest, context); return new ApacheResponse(httpUriRequest, response); } catch (IOException e) { @@ -206,9 +205,9 @@ static class ApacheResponse implements Response { private final HttpUriRequestBase request; - private final CloseableHttpResponse response; + private final ClassicHttpResponse response; - ApacheResponse(HttpUriRequestBase httpUriRequest, CloseableHttpResponse response) { + ApacheResponse(HttpUriRequestBase httpUriRequest, ClassicHttpResponse response) { this.request = httpUriRequest; this.response = response; } diff --git a/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/HijackingHttpRequestExecutor.java b/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/HijackingHttpRequestExecutor.java index 59888a5dd..df8fbd059 100644 --- a/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/HijackingHttpRequestExecutor.java +++ b/docker-java-transport-httpclient5/src/main/java/com/github/dockerjava/httpclient5/HijackingHttpRequestExecutor.java @@ -44,7 +44,7 @@ public ClassicHttpResponse execute( InputStream hijackedInput = (InputStream) context.getAttribute(HIJACKED_INPUT_ATTRIBUTE); if (hijackedInput != null) { - return executeHijacked(request, conn, context, hijackedInput); + return executeHijacked(request, conn, (HttpCoreContext) context, hijackedInput); } return super.execute(request, conn, informationCallback, context); @@ -53,12 +53,12 @@ public ClassicHttpResponse execute( private ClassicHttpResponse executeHijacked( ClassicHttpRequest request, HttpClientConnection conn, - HttpContext context, + HttpCoreContext context, InputStream hijackedInput ) throws HttpException, IOException { try { - context.setAttribute(HttpCoreContext.SSL_SESSION, conn.getSSLSession()); - context.setAttribute(HttpCoreContext.CONNECTION_ENDPOINT, conn.getEndpointDetails()); + context.setSSLSession(conn.getSSLSession()); + context.setEndpointDetails(conn.getEndpointDetails()); final ProtocolVersion transportVersion = request.getVersion(); if (transportVersion != null) { context.setProtocolVersion(transportVersion);