From cdf060f2deb196129c5f840a7488b6b46bb88780 Mon Sep 17 00:00:00 2001
From: Sandor Molnar <smolnar@apache.org>
Date: Thu, 14 Mar 2024 11:47:45 +0100
Subject: [PATCH] KNOX-3021 - Http configuration is set on non-SSL Jetty
 connectors too

---
 .../apache/knox/gateway/GatewayServer.java    |  36 ++++---
 .../GatewayHttpConfigPropertiesTest.java      | 101 ++++++++++++++++++
 2 files changed, 121 insertions(+), 16 deletions(-)
 create mode 100644 gateway-server/src/test/java/org/apache/knox/gateway/GatewayHttpConfigPropertiesTest.java

diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java
index 01c04cf7fa..8fc2e8690f 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java
@@ -431,7 +431,7 @@ private List<Connector> createConnector(final Server server,
         SslContextFactory sslContextFactory = (SslContextFactory)ssl.buildSslContextFactory( config );
         connector = new ServerConnector( server, sslContextFactory, new HttpConnectionFactory( httpsConfig ) );
       } else {
-        connector = new ServerConnector( server );
+        connector = new ServerConnector(server, new HttpConnectionFactory(httpConfig));
       }
       connector.setHost( address.getHostName() );
       connector.setPort( connectorPort );
@@ -600,20 +600,8 @@ private synchronized void start() throws Exception {
      // A map to keep track of current deployments by cluster name.
     deployments = new ConcurrentHashMap<>();
 
-    // Start Jetty.
-    jetty = new Server( new QueuedThreadPool( config.getThreadPoolMax() ) );
-
-    jetty.setAttribute(ContextHandler.MAX_FORM_CONTENT_SIZE_KEY, config.getJettyMaxFormContentSize());
-    log.setMaxFormContentSize(config.getJettyMaxFormContentSize());
-    jetty.setAttribute(ContextHandler.MAX_FORM_KEYS_KEY, config.getJettyMaxFormKeys());
-    log.setMaxFormKeys(config.getJettyMaxFormKeys());
-
-    /* topologyName is null because all topology listen on this port */
-    List<Connector> connectors = createConnector( jetty, config, config.getGatewayPort(), null);
-    for (Connector connector : connectors) {
-      jetty.addConnector(connector);
-    }
-
+    // Create Jetty.
+    createJetty();
 
     // Add Annotations processing into the Jetty server to support JSPs
     Configuration.ClassList classlist = Configuration.ClassList.setServerDefault( jetty );
@@ -670,7 +658,7 @@ private synchronized void start() throws Exception {
         if(deployedTopologyList.contains(entry.getKey()) && (entry.getValue() != config.getGatewayPort()) ) {
           log.createJettyConnector(entry.getKey().toLowerCase(Locale.ROOT), entry.getValue());
           try {
-            connectors = createConnector(jetty, config, entry.getValue(), entry.getKey().toLowerCase(Locale.ROOT));
+            List<Connector> connectors = createConnector(jetty, config, entry.getValue(), entry.getKey().toLowerCase(Locale.ROOT));
             for (Connector connector : connectors) {
               jetty.addConnector(connector);
             }
@@ -689,6 +677,7 @@ private synchronized void start() throws Exception {
     jetty.setHandler(handlers);
     jetty.addLifeCycleListener(new GatewayServerLifecycleListener(config));
 
+    // Start Jetty.
     try {
       jetty.start();
     }
@@ -715,6 +704,21 @@ public void run() {
     });
   }
 
+  void createJetty() throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, AliasServiceException {
+    jetty = new Server( new QueuedThreadPool( config.getThreadPoolMax() ) );
+
+    jetty.setAttribute(ContextHandler.MAX_FORM_CONTENT_SIZE_KEY, config.getJettyMaxFormContentSize());
+    log.setMaxFormContentSize(config.getJettyMaxFormContentSize());
+    jetty.setAttribute(ContextHandler.MAX_FORM_KEYS_KEY, config.getJettyMaxFormKeys());
+    log.setMaxFormKeys(config.getJettyMaxFormKeys());
+
+    /* topologyName is null because all topology listen on this port */
+    List<Connector> connectors = createConnector( jetty, config, config.getGatewayPort(), null);
+    for (Connector connector : connectors) {
+      jetty.addConnector(connector);
+    }
+  }
+
   private void handleHadoopXmlResources() {
     final HadoopXmlResourceParser hadoopXmlResourceParser = new HadoopXmlResourceParser(config);
     final HadoopXmlResourceMonitor hadoopXmlResourceMonitor = new HadoopXmlResourceMonitor(config, hadoopXmlResourceParser);
diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/GatewayHttpConfigPropertiesTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/GatewayHttpConfigPropertiesTest.java
new file mode 100644
index 0000000000..920171b4fe
--- /dev/null
+++ b/gateway-server/src/test/java/org/apache/knox/gateway/GatewayHttpConfigPropertiesTest.java
@@ -0,0 +1,101 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with this
+ * work for additional information regarding copyright ownership. The ASF
+ * licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.knox.gateway;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertEquals;
+
+import java.lang.reflect.Field;
+import java.net.InetSocketAddress;
+import java.util.Arrays;
+import java.util.Collections;
+
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.services.GatewayServices;
+import org.apache.knox.gateway.services.ServiceType;
+import org.apache.knox.gateway.services.security.SSLService;
+import org.easymock.EasyMock;
+import org.eclipse.jetty.server.Connector;
+import org.eclipse.jetty.server.HttpConnectionFactory;
+import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.server.SslConnectionFactory;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.junit.Test;
+
+public class GatewayHttpConfigPropertiesTest {
+
+  @Test
+  public void testHttpProperties() throws Exception {
+    doTest(false);
+  }
+
+  @Test
+  public void testHttpsProperties() throws Exception {
+    doTest(true);
+  }
+
+  private void doTest(boolean sslEnabled) throws Exception {
+    final int requestHeaderBuffer = 512 * 1024;
+    final int responseHeaderBuffer = 256 * 1024;
+    final int responseBuffer = 1024 * 1024;
+
+    final GatewayConfig gatewayConfig = EasyMock.createNiceMock(GatewayConfig.class);
+    EasyMock.expect(gatewayConfig.isSSLEnabled()).andReturn(sslEnabled).anyTimes();
+    EasyMock.expect(gatewayConfig.getGatewayAddress()).andReturn(Arrays.asList(new InetSocketAddress("localhost", 1234))).anyTimes();
+    EasyMock.expect(gatewayConfig.getGatewayPortMappings()).andReturn(Collections.emptyMap()).anyTimes();
+    EasyMock.expect(gatewayConfig.getHttpServerRequestHeaderBuffer()).andReturn(requestHeaderBuffer).anyTimes();
+    EasyMock.expect(gatewayConfig.getHttpServerResponseHeaderBuffer()).andReturn(responseHeaderBuffer).anyTimes();
+    EasyMock.expect(gatewayConfig.getHttpServerResponseBuffer()).andReturn(responseBuffer).anyTimes();
+    EasyMock.replay(gatewayConfig);
+
+    final GatewayServer server = new GatewayServer(gatewayConfig);
+
+    if (sslEnabled) {
+      final GatewayServices gatewayServices = EasyMock.createNiceMock(GatewayServices.class);
+      final SSLService sslService = EasyMock.createNiceMock(SSLService.class);
+      EasyMock.expect(sslService.buildSslContextFactory(gatewayConfig)).andReturn(new SslContextFactory.Server()).anyTimes();
+      EasyMock.expect(gatewayServices.getService(ServiceType.SSL_SERVICE)).andReturn(sslService).anyTimes();
+      EasyMock.replay(gatewayServices, sslService);
+
+      final Field servicesField = server.getClass().getDeclaredField("services");
+      servicesField.setAccessible(true);
+      servicesField.set(server, gatewayServices);
+    }
+
+    server.createJetty();
+
+    final Field jettyField = server.getClass().getDeclaredField("jetty");
+    jettyField.setAccessible(true);
+    final Server jetty = (Server) jettyField.get(server);
+
+    assertEquals(1, jetty.getConnectors().length);
+    final Connector connector = jetty.getConnectors()[0];
+    assertEquals(sslEnabled ? 2 : 1, connector.getConnectionFactories().size());
+    final HttpConnectionFactory connectionFactory = connector.getConnectionFactory(HttpConnectionFactory.class);
+    assertNotNull(connectionFactory);
+    assertEquals(requestHeaderBuffer, connectionFactory.getHttpConfiguration().getRequestHeaderSize());
+    assertEquals(responseHeaderBuffer, connectionFactory.getHttpConfiguration().getResponseHeaderSize());
+    assertEquals(responseBuffer, connectionFactory.getHttpConfiguration().getOutputBufferSize());
+
+    if (sslEnabled) {
+      final SslConnectionFactory sslConnectionFactory = connector.getConnectionFactory(SslConnectionFactory.class);
+      assertNotNull(sslConnectionFactory);
+      assertEquals("SSL", sslConnectionFactory.getProtocol());
+    }
+  }
+
+}