Update apache httpclient to version 4.5.8 (#40875)

This change updates our version of httpclient to version 4.5.8, which
contains the fix for HTTPCLIENT-1968, which is a bug where the client
started re-writing paths that contained encoded reserved characters
with their unreserved form.

buildSrc/version.properties

@@ -32,7 +32,7 @@ bouncycastle      = 1.61
 # test dependencies
 randomizedrunner  = 2.7.1
 junit             = 4.12
-httpclient        = 4.5.7
+httpclient        = 4.5.8
 httpcore          = 4.4.11
 httpasyncclient   = 4.1.4
 commonslogging    = 1.1.3

client/rest/licenses/httpclient-4.5.7.jar.sha1

@@ -1 +0,0 @@
-dda059f4908e1b548b7ba68d81a3b05897f27cb0

client/rest/licenses/httpclient-4.5.8.jar.sha1

@@ -0,0 +1 @@
+c27c9d6f15435dc2b6947112027b418b0eef32b9

client/sniffer/licenses/httpclient-4.5.7.jar.sha1

@@ -1 +0,0 @@
-dda059f4908e1b548b7ba68d81a3b05897f27cb0

client/sniffer/licenses/httpclient-4.5.8.jar.sha1

@@ -0,0 +1 @@
+c27c9d6f15435dc2b6947112027b418b0eef32b9

plugins/discovery-azure-classic/licenses/httpclient-4.5.7.jar.sha1

@@ -1 +0,0 @@
-dda059f4908e1b548b7ba68d81a3b05897f27cb0

plugins/discovery-azure-classic/licenses/httpclient-4.5.8.jar.sha1

@@ -0,0 +1 @@
+c27c9d6f15435dc2b6947112027b418b0eef32b9

plugins/discovery-ec2/licenses/httpclient-4.5.7.jar.sha1

@@ -1 +0,0 @@
-dda059f4908e1b548b7ba68d81a3b05897f27cb0

plugins/discovery-ec2/licenses/httpclient-4.5.8.jar.sha1

@@ -0,0 +1 @@
+c27c9d6f15435dc2b6947112027b418b0eef32b9

plugins/discovery-gce/licenses/httpclient-4.5.7.jar.sha1

@@ -1 +0,0 @@
-dda059f4908e1b548b7ba68d81a3b05897f27cb0

plugins/discovery-gce/licenses/httpclient-4.5.8.jar.sha1

@@ -0,0 +1 @@
+c27c9d6f15435dc2b6947112027b418b0eef32b9

plugins/repository-gcs/licenses/httpclient-4.5.7.jar.sha1

@@ -1 +0,0 @@
-dda059f4908e1b548b7ba68d81a3b05897f27cb0

plugins/repository-gcs/licenses/httpclient-4.5.8.jar.sha1

@@ -0,0 +1 @@
+c27c9d6f15435dc2b6947112027b418b0eef32b9

plugins/repository-s3/licenses/httpclient-4.5.7.jar.sha1

@@ -1 +0,0 @@
-dda059f4908e1b548b7ba68d81a3b05897f27cb0

plugins/repository-s3/licenses/httpclient-4.5.8.jar.sha1

@@ -0,0 +1 @@
+c27c9d6f15435dc2b6947112027b418b0eef32b9

x-pack/plugin/core/licenses/httpclient-4.5.7.jar.sha1

@@ -1 +0,0 @@
-dda059f4908e1b548b7ba68d81a3b05897f27cb0

x-pack/plugin/core/licenses/httpclient-4.5.8.jar.sha1

@@ -0,0 +1 @@
+c27c9d6f15435dc2b6947112027b418b0eef32b9

x-pack/plugin/security/licenses/httpclient-cache-4.5.7.jar.sha1

@@ -1 +0,0 @@
-c13a0ce27c17831e5e5be6c751842006dcecb270

x-pack/plugin/security/licenses/httpclient-cache-4.5.8.jar.sha1

@@ -0,0 +1 @@
+bb984b73da2153285b660f3e278498abd94ccbb5

x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/common/http/HttpClient.java

@@ -23,8 +23,8 @@ import org.apache.http.client.methods.HttpHead;
 import org.apache.http.client.methods.HttpRequestBase;
 import org.apache.http.client.methods.HttpRequestWrapper;
 import org.apache.http.client.protocol.HttpClientContext;
+import org.apache.http.client.utils.URIBuilder;
 import org.apache.http.client.utils.URIUtils;
-import org.apache.http.client.utils.URLEncodedUtils;
 import org.apache.http.conn.ssl.DefaultHostnameVerifier;
 import org.apache.http.conn.ssl.NoopHostnameVerifier;
 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
@@ -65,10 +65,13 @@ import java.io.ByteArrayOutputStream;
 import java.io.Closeable;
 import java.io.IOException;
 import java.io.InputStream;
+import java.io.UnsupportedEncodingException;
 import java.net.URI;
 import java.net.URISyntaxException;
+import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -314,33 +317,32 @@ public class HttpClient implements Closeable {
     }
 
     private Tuple<HttpHost, URI> createURI(HttpRequest request) {
-        // this could be really simple, as the apache http client has a UriBuilder class, however this class is always doing
-        // url path escaping, and we have done this already, so this would result in double escaping
         try {
             List<NameValuePair> qparams = new ArrayList<>(request.params.size());
             request.params.forEach((k, v) -> qparams.add(new BasicNameValuePair(k, v)));
-            String format = URLEncodedUtils.format(qparams, "UTF-8");
-            URI uri = URIUtils.createURI(request.scheme.scheme(), request.host, request.port, request.path,
-                    Strings.isNullOrEmpty(format) ? null : format, null);
-
-            if (uri.isAbsolute() == false) {
-                throw new IllegalStateException("URI [" + uri.toASCIIString() + "] must be absolute");
-            }
-            final HttpHost httpHost = URIUtils.extractHost(uri);
-            // what a mess that we need to do this to workaround https://issues.apache.org/jira/browse/HTTPCLIENT-1968
-            // in some cases the HttpClient will re-write the URI which drops the escaping for
-            // slashes within a path. This rewriting is done to obtain a relative URI when
-            // a proxy is not being used. To avoid this we can handle making it relative ourselves
-            if (request.path != null && request.path.contains("%2F")) {
-                final boolean isUsingProxy = (request.proxy != null && request.proxy.equals(HttpProxy.NO_PROXY) == false) ||
-                    HttpProxy.NO_PROXY.equals(settingsProxy) == false;
-                if (isUsingProxy == false) {
-                    // we need a relative uri
-                    uri = URIUtils.createURI(null, null, -1, request.path, Strings.isNullOrEmpty(format) ? null : format, null);
+            // this could be really simple, as the apache http client has a UriBuilder class, however this class is always doing
+            // url path escaping, and we have done this already, so this would result in double escaping
+            final List<String> unescapedPathParts;
+            if (Strings.isEmpty(request.path)) {
+                unescapedPathParts = Collections.emptyList();
+            } else {
+                final String[] pathParts = request.path.split("/");
+                unescapedPathParts = new ArrayList<>(pathParts.length);
+                for (String part : pathParts) {
+                    unescapedPathParts.add(URLDecoder.decode(part, StandardCharsets.UTF_8.name()));
                 }
             }
+
+            final URI uri =  new URIBuilder()
+                .setScheme(request.scheme().scheme())
+                .setHost(request.host)
+                .setPort(request.port)
+                .setPathSegments(unescapedPathParts)
+                .setParameters(qparams)
+                .build();
+            final HttpHost httpHost = URIUtils.extractHost(uri);
             return new Tuple<>(httpHost, uri);
-        } catch (URISyntaxException e) {
+        } catch (URISyntaxException | UnsupportedEncodingException e) {
             throw new IllegalArgumentException(e);
         }
     }