Merge branch '2.1.x'

spring-boot-project/spring-boot-dependencies/pom.xml

@@ -119,7 +119,7 @@
 		<jedis.version>3.0.1</jedis.version>
 		<jersey.version>2.28</jersey.version>
 		<jest.version>6.3.1</jest.version>
-		<jetty.version>9.4.14.v20181114</jetty.version>
+		<jetty.version>9.4.15.v20190215</jetty.version>
 		<jetty-jsp.version>2.2.0.v201112011158</jetty-jsp.version>
 		<jetty-el.version>8.5.35.1</jetty-el.version>
 		<jetty-reactive-httpclient.version>1.0.3</jetty-reactive-httpclient.version>

spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/reactive/server/AbstractReactiveWebServerFactoryTests.java

@@ -21,11 +21,15 @@ import java.io.FileInputStream;
 import java.net.InetSocketAddress;
 import java.nio.charset.StandardCharsets;
 import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
 import java.time.Duration;
 import java.util.Arrays;
 
+import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLException;
+import javax.net.ssl.X509KeyManager;
 
 import io.netty.channel.ChannelHandlerContext;
 import io.netty.channel.ChannelInboundHandlerAdapter;
@@ -171,13 +175,24 @@ public abstract class AbstractReactiveWebServerFactoryTests {
 		KeyManagerFactory clientKeyManagerFactory = KeyManagerFactory
 				.getInstance(KeyManagerFactory.getDefaultAlgorithm());
 		clientKeyManagerFactory.init(clientKeyStore, "password".toCharArray());
-		SslContextBuilder builder = SslContextBuilder.forClient()
-				.sslProvider(SslProvider.JDK)
-				.trustManager(InsecureTrustManagerFactory.INSTANCE)
-				.keyManager(clientKeyManagerFactory);
-		HttpClient client = HttpClient.create().wiretap(true)
-				.secure((sslContextSpec) -> sslContextSpec.sslContext(builder));
-		return new ReactorClientHttpConnector(client);
+		for (KeyManager keyManager : clientKeyManagerFactory.getKeyManagers()) {
+			if (keyManager instanceof X509KeyManager) {
+				X509KeyManager x509KeyManager = (X509KeyManager) keyManager;
+				PrivateKey privateKey = x509KeyManager.getPrivateKey("spring-boot");
+				if (privateKey != null) {
+					X509Certificate[] certificateChain = x509KeyManager
+							.getCertificateChain("spring-boot");
+					SslContextBuilder builder = SslContextBuilder.forClient()
+							.sslProvider(SslProvider.JDK)
+							.trustManager(InsecureTrustManagerFactory.INSTANCE)
+							.keyManager(privateKey, certificateChain);
+					HttpClient client = HttpClient.create().wiretap(true).secure(
+							(sslContextSpec) -> sslContextSpec.sslContext(builder));
+					return new ReactorClientHttpConnector(client);
+				}
+			}
+		}
+		throw new IllegalStateException("Key with alias 'spring-boot' not found");
 	}
 
 	protected void testClientAuthSuccess(Ssl sslConfiguration,

spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/servlet/server/AbstractServletWebServerFactoryTests.java

@@ -25,6 +25,7 @@ import java.io.PrintWriter;
 import java.net.InetSocketAddress;
 import java.net.MalformedURLException;
 import java.net.ServerSocket;
+import java.net.Socket;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URL;
@@ -74,6 +75,8 @@ import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
 import org.apache.http.impl.client.HttpClientBuilder;
 import org.apache.http.impl.client.HttpClients;
 import org.apache.http.protocol.HttpContext;
+import org.apache.http.ssl.PrivateKeyDetails;
+import org.apache.http.ssl.PrivateKeyStrategy;
 import org.apache.http.ssl.SSLContextBuilder;
 import org.apache.http.ssl.TrustStrategy;
 import org.apache.jasper.EmbeddedServletOptions;
@@ -423,7 +426,7 @@ public abstract class AbstractServletWebServerFactoryTests {
 		this.webServer = factory.getWebServer(registration);
 		this.webServer.start();
 		TrustStrategy trustStrategy = new SerialNumberValidatingTrustSelfSignedStrategy(
-				"3a3aaec8");
+				"5c7ae101");
 		SSLContext sslContext = new SSLContextBuilder()
 				.loadTrustMaterial(null, trustStrategy).build();
 		HttpClient httpClient = HttpClients.custom()
@@ -499,7 +502,18 @@ public abstract class AbstractServletWebServerFactoryTests {
 		SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
 				new SSLContextBuilder()
 						.loadTrustMaterial(null, new TrustSelfSignedStrategy())
-						.loadKeyMaterial(keyStore, "secret".toCharArray()).build());
+						.loadKeyMaterial(keyStore, "secret".toCharArray(),
+								new PrivateKeyStrategy() {
+
+									@Override
+									public String chooseAlias(
+											Map<String, PrivateKeyDetails> aliases,
+											Socket socket) {
+										return "spring-boot";
+									}
+
+								})
+						.build());
 		HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory)
 				.build();
 		HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(
@@ -523,7 +537,17 @@ public abstract class AbstractServletWebServerFactoryTests {
 		SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
 				new SSLContextBuilder()
 						.loadTrustMaterial(null, new TrustSelfSignedStrategy())
-						.loadKeyMaterial(keyStore, "password".toCharArray()).build());
+						.loadKeyMaterial(keyStore, "password".toCharArray(),
+								new PrivateKeyStrategy() {
+
+									@Override
+									public String chooseAlias(
+											Map<String, PrivateKeyDetails> aliases,
+											Socket socket) {
+										return "spring-boot";
+									}
+								})
+						.build());
 		HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory)
 				.build();
 		HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(
@@ -614,7 +638,17 @@ public abstract class AbstractServletWebServerFactoryTests {
 		SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
 				new SSLContextBuilder()
 						.loadTrustMaterial(null, new TrustSelfSignedStrategy())
-						.loadKeyMaterial(keyStore, "password".toCharArray()).build());
+						.loadKeyMaterial(keyStore, "password".toCharArray(),
+								new PrivateKeyStrategy() {
+
+									@Override
+									public String chooseAlias(
+											Map<String, PrivateKeyDetails> aliases,
+											Socket socket) {
+										return "spring-boot";
+									}
+								})
+						.build());
 		HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory)
 				.build();
 		HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(