Opened 2 years ago

Last modified 12 months ago

#2098 open defect

Jetty 9.3/9.4

Reported by: zzz Owned by:
Priority: minor Milestone: eventually
Component: apps/jetty Version: 0.9.32
Keywords: Cc: villain, Masayuki Hatta
Parent Tickets: Sensitive: no


Placeholder/tracker ticket

Quote gregw
"9.2.22 is an old release that is past end-of-life. I assume you are using it because you are using java7, which is also end-of-life"

lol. Can't even think about 9.3/9.4 until it appears in Debian. They've already shifted focus to Jetty 10, requiring Java 9. lol again. We just moved to 9.2 in 0.9.30 2017-05.

Target late 2018 / early 2019, maybe.


Change History (7)

comment:1 Changed 23 months ago by zzz

Status: newopen

EOL declared 2018-03-08
although it says "Major security issues will still be addressed".

A day after 9.2.23 release
At first glance, none of the fixed items looks important.

Still no sign of 9.3/9.4 in Debian.
9.3 requires Java 8; 9.4 requires Java 9.

Continues to be low priority and problematic unless something major goes unfixed in 9.2.x. Late 2018 is unlikely.

comment:2 Changed 16 months ago by zzz

first 9.4.x problem (reported with 9.4.11)
HostCheckHandler? extends GzipHandler?
ERROR [uter Console] outer.startup.RouterAppManager?: Client net.i2p.router.web.RouterConsoleRunner?@3d8e9f8b failed to start
java.lang.NoClassDefFoundError?: org/eclipse/jetty/servlets/gzip/GzipHandler

late 2019 a more realistic target

comment:4 Changed 14 months ago by zzz

Sid updated to 9.4, here's the ticket, with a patch

Will see how much of this we can put in now that's compatible with both 9.2 and 9.4, but the GzipHandler? class moving definitely isn't, as noted in comments above.

comment:5 Changed 14 months ago by zzz

Cc: Masayuki Hatta added

I've reviewed the patch and it looks reasonable. I won't have any time to test it before January, but perhaps mhatta and villain can do that.

The changes mainly affect:
1) Console password handling. To test, set a console password on /configui
2) Jetty xml configuration file parsing. To test, go to the SSL wizard on an i2ptunnel eepsite edit page.
See if anything breaks, and check the logs for anything unusual.

For the near-term, the best approach is to maintain this as a Debian patch. I don't plan to migrate to 9.4 for a long time because it would require us to bump our minimum java requirement to Java 9, which I don't think we want to do until probably 2020 at the earliest. Perhaps we'll go to Java 8 in 2019.

comment:6 Changed 14 months ago by Masayuki Hatta

I uploaded 0.9.37-3 to Debian sid. It contains the following patch:

Console password handling seems to work. I'm not sure what "SSL wizard" means. Let's see what happens.

comment:7 Changed 12 months ago by zzz

I checked the patch in under debian-alt/sid/, then refreshed the patch and moved it to debian-alt/disco/ for the release, as disco switched to 9.4. I've also started a branch i2p.i2p.zzz.jetty94 that has the patch applied, and the jetty 9.4.14 jars, for testing.

Note: See TracTickets for help on using tickets.