Opened 2 years ago

Last modified 11 months ago

#2098 open defect

Jetty 9.3/9.4

Reported by: zzz Owned by:
Priority: minor Milestone: eventually
Component: apps/jetty Version: 0.9.32
Keywords: Cc: villain, Masayuki Hatta
Parent Tickets: Sensitive: no

Description

Placeholder/tracker ticket

Quote gregw https://github.com/eclipse/jetty.project/issues/1925
"9.2.22 is an old release that is past end-of-life. I assume you are using it because you are using java7, which is also end-of-life"

lol. Can't even think about 9.3/9.4 until it appears in Debian. They've already shifted focus to Jetty 10, requiring Java 9. lol again. We just moved to 9.2 in 0.9.30 2017-05.

Target late 2018 / early 2019, maybe.

Subtickets

Change History (7)

comment:1 Changed 21 months ago by zzz

Status: newopen

EOL declared 2018-03-08 https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00116.html
although it says "Major security issues will still be addressed".

A day after 9.2.23 release https://dev.eclipse.org/mhonarc/lists/jetty-announce/msg00115.html
At first glance, none of the fixed items looks important.

Still no sign of 9.3/9.4 in Debian.
9.3 requires Java 8; 9.4 requires Java 9.

Continues to be low priority and problematic unless something major goes unfixed in 9.2.x. Late 2018 is unlikely.

comment:2 Changed 15 months ago by zzz

first 9.4.x problem (reported with 9.4.11)
HostCheckHandler? extends GzipHandler?
ERROR [uter Console] outer.startup.RouterAppManager?: Client net.i2p.router.web.RouterConsoleRunner?@3d8e9f8b failed to start
java.lang.NoClassDefFoundError?: org/eclipse/jetty/servlets/gzip/GzipHandler

late 2019 a more realistic target

comment:4 Changed 12 months ago by zzz

Sid updated to 9.4, here's the ticket, with a patch
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916177

Will see how much of this we can put in now that's compatible with both 9.2 and 9.4, but the GzipHandler? class moving definitely isn't, as noted in comments above.

comment:5 Changed 12 months ago by zzz

Cc: Masayuki Hatta added

I've reviewed the patch and it looks reasonable. I won't have any time to test it before January, but perhaps mhatta and villain can do that.

The changes mainly affect:
1) Console password handling. To test, set a console password on /configui
2) Jetty xml configuration file parsing. To test, go to the SSL wizard on an i2ptunnel eepsite edit page.
See if anything breaks, and check the logs for anything unusual.

For the near-term, the best approach is to maintain this as a Debian patch. I don't plan to migrate to 9.4 for a long time because it would require us to bump our minimum java requirement to Java 9, which I don't think we want to do until probably 2020 at the earliest. Perhaps we'll go to Java 8 in 2019.

comment:6 Changed 12 months ago by Masayuki Hatta

I uploaded 0.9.37-3 to Debian sid. It contains the following patch:

https://salsa.debian.org/debian/i2p/blob/debian/0.9.37-3/debian/patches/0002-jetty-compatibility.patch

Console password handling seems to work. I'm not sure what "SSL wizard" means. Let's see what happens.

comment:7 Changed 11 months ago by zzz

I checked the patch in under debian-alt/sid/, then refreshed the patch and moved it to debian-alt/disco/ for the release, as disco switched to 9.4. I've also started a branch i2p.i2p.zzz.jetty94 that has the patch applied, and the jetty 9.4.14 jars, for testing.

Note: See TracTickets for help on using tickets.