Motivation:

I sometimes use a default (null) TrustManager, but want to set this using the same code as when I do use a TrustManager.

Modification:

Allow setting a null TrustManager. Same as how it is for KeyManager.

Result:

Allow setting null TrustManager

Motivation:

EpollDatagramChannel failed to reflect with graalvm native image. Spring data redis always require it when running in linux.


Modification:

add configuration for EpollDatagramChannel in reflect-config.json.

Result:

Fixes [spring-data-redis #2527](spring-projects/spring-data-redis#2527).

Motivation:

Let's use the latest maven version to build

Modifications:

Upgrade to 3.9.0

Result:

Use latest maven release

Motivation:
The way to sent a GET request in the HttpUploadClient is wrong,  because if just send a GET request without a following LastHttpContent, the pipeline will be blocked, and  we can't reuse the channel to send another http request. The Example works because the channel is closed. but the following post and multi request both sent a LastHttpContent, so the get request should do this too. 
This may mislead the user.

Modification:
Fix the problem described in the motivation.

Result:
Illustrate the right way to send a GET request

---------

Co-authored-by: mipengcheng <mipengcheng3@jd.com>
Co-authored-by: Norman Maurer <norman_maurer@apple.com>

Motivation:

Let's use the latest maven version to build

Modifications:

Upgrade to 3.9.1

Result:

Use latest maven release

… aggregating is still in progress (#13290)

Motivation:

We should throw a PrematureChannelClosureException when the Channel is closed while aggregating is still in progress as otherwise the user will never know about this.

Modifications:

- Throw exception
- Add unit test

Result:

Fixes #13252

Motivation:

JDK20 was released so we should try to build with it for PRs

Modifications:

- Replace CI job that uses JDK19 with JDK20
- Add profiles for JDK20
- Use reflection in OpenJdkSelfSignedCertGenerator to be able to build on JDK20 as well

Result:

Verify PRs with latest JDK

…13298)

Motivation:

When the server response with NO_AUTH we should just connect directly and not use a password at all in all cases

Modifications:

- Connect without password if the server tells jus to do so.
- Add unit test

Result:

Fixes #13287

…m without logging an error (#13301)

Motivation:

Since java11 its supported to use "system" as a value for -Djava.net.preferIPv6Addresses.

Modifications:

Just fallback to "false" if -Djava.net.preferIPv6Addresses is not "true" without logging an error

Result:

Fixes #13300

Motivation:

To be able to use our DNS resolver with OSGI we should use an optional resolution of sun.net.dns

Modifications:

Add config to pom.xml

Result:

Fixes #13297

Motivation:

Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

Modifications:

- Included permissions for the action. 
  https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
  https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
  https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Result:

Secure GitHub actions

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

Motivation:

At the moment we always used "CANCEL" when reseting a stream because of an error. This is not correct, we should use the error that caused the stream error.

Modifications:

- Use correct error when reset a stream.
- Add unit test

Result:

Correctly propagate stream errors via reset

…opagate an error to all active streams (#13306)

Motivation:

There might be a desire to fire an exception to all the active streams. This is currently harder to do then it should be as the user needs to keep track of the active streams.

Modifications:

- Add Http2MultiplexActiveStreamsException which can be used to wrap an exception which should be fired to all the active streams by Http2MultiplexHandler
- Add unit tests

Result:

Alternative solution for #12830. Thanks @yawkat

…finished handshake (#13314)


Motiviation:

We should ensure we only unwrap data to the destination buffer once we did notify the user about the completion of the handshake.
Failing to do so might result in corrupted state machines.

Modifications:

Always use the jdkCompat mode until the handshake was complete

Result:

Correct state machine.

Motivation:

Currently, `StacklessSSLHandshakeException` doesn't have any stack-trace
which makes it harder to understand where it comes from.

Modifications:

- Add one-line stack-trace using `ThrowableUtil.unknownStackTrace`
utility;

Result:

Similar to `StacklessClosedChannelException`,
`StacklessSSLHandshakeException` always has one-line stack-trace to
indicate where it was originated.

…13318)

Motivation:

    We should throw a NoRouteToHostException when a socket connection fails with EHOSTUNREACH in the same way as
    ENETUNREACH.

    Modifications:

    Add handling for EHOSTUNREACH

    Result:

    Correct exception is thrown.

Motivation:
I want to allow logstash http input to be able to read snappy compressed
data.

Modifications:
To allow the HttpContentDecoder to support snappy it created a new
control flow to test for snappy content encoding.

If it is present, we are using a specific snappy decompressor to read
the data.

In order to make sure it was working I also included a e2e test on the
behaior of HttpContentDecoder.

Result:
We should be able to send snappy traffic to a server using
HttpContentDocder and be ale to uncompresse the traffic.

Co-authored-by: Aayush Atharva <hyperx.pro@outlook.com>
Co-authored-by: Norman Maurer <norman_maurer@apple.com>