SslHandler dervies jdkCompatibilityMode from SSLEngine

Motivation:
Some SSLEngine implementations (e.g. ReferenceCountedOpenSslContext) support unwrapping/wrapping multiple packets at a time. The SslHandler behaves differently if the SSLEngine supports this feature, but currently requires that the constructor argument between the SSLEngine creation and SslHandler are coordinated. This can be difficult, or require package private access, if extending the SslHandler.

Modifications:
- The SslHandler should inspect the SSLEngine to see if it supports jdkCompatibilityMode instead of relying on getting an extra constructor argument which maybe out of synch with the SSLEngine

Result:
Easier to override SslHandler and have consistent jdkCompatibilityMode between SSLEngine and SslHandler.
This commit is contained in:
Scott Mitchell 2017-10-31 13:20:02 -07:00
parent ad1f0d46b3
commit fa584c146f
3 changed files with 21 additions and 12 deletions

View File

@ -380,12 +380,12 @@ public abstract class ReferenceCountedOpenSslContext extends SslContext implemen
@Override
protected final SslHandler newHandler(ByteBufAllocator alloc, boolean startTls) {
return new SslHandler(newEngine0(alloc, null, -1, false), startTls, false);
return new SslHandler(newEngine0(alloc, null, -1, false), startTls);
}
@Override
protected final SslHandler newHandler(ByteBufAllocator alloc, String peerHost, int peerPort, boolean startTls) {
return new SslHandler(newEngine0(alloc, peerHost, peerPort, false), startTls, false);
return new SslHandler(newEngine0(alloc, peerHost, peerPort, false), startTls);
}
SSLEngine newEngine0(ByteBufAllocator alloc, String peerHost, int peerPort, boolean jdkCompatibilityMode) {

View File

@ -201,7 +201,7 @@ public class ReferenceCountedOpenSslEngine extends SSLEngine implements Referenc
private boolean isInboundDone;
private boolean outboundClosed;
private final boolean jdkCompatibilityMode;
final boolean jdkCompatibilityMode;
private final boolean clientMode;
private final ByteBufAllocator alloc;
private final OpenSslEngineMap engineMap;

View File

@ -234,6 +234,11 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
int sslPending = ((ReferenceCountedOpenSslEngine) handler.engine).sslPending();
return sslPending > 0 ? sslPending : guess;
}
@Override
boolean jdkCompatibilityMode(SSLEngine engine) {
return ((ReferenceCountedOpenSslEngine) engine).jdkCompatibilityMode;
}
},
CONSCRYPT(true, COMPOSITE_CUMULATOR) {
@Override
@ -271,6 +276,11 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
int calculatePendingData(SslHandler handler, int guess) {
return guess;
}
@Override
boolean jdkCompatibilityMode(SSLEngine engine) {
return true;
}
},
JDK(false, MERGE_CUMULATOR) {
@Override
@ -292,6 +302,11 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
int calculatePendingData(SslHandler handler, int guess) {
return guess;
}
@Override
boolean jdkCompatibilityMode(SSLEngine engine) {
return true;
}
};
static SslEngineType forEngine(SSLEngine engine) {
@ -315,6 +330,8 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
abstract int calculatePendingData(SslHandler handler, int guess);
abstract boolean jdkCompatibilityMode(SSLEngine engine);
// BEGIN Platform-dependent flags
/**
@ -411,14 +428,6 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
*/
@Deprecated
public SslHandler(SSLEngine engine, boolean startTls, Executor delegatedTaskExecutor) {
this(engine, startTls, true, delegatedTaskExecutor);
}
SslHandler(SSLEngine engine, boolean startTls, boolean jdkCompatibilityMode) {
this(engine, startTls, jdkCompatibilityMode, ImmediateExecutor.INSTANCE);
}
SslHandler(SSLEngine engine, boolean startTls, boolean jdkCompatibilityMode, Executor delegatedTaskExecutor) {
if (engine == null) {
throw new NullPointerException("engine");
}
@ -429,7 +438,7 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
engineType = SslEngineType.forEngine(engine);
this.delegatedTaskExecutor = delegatedTaskExecutor;
this.startTls = startTls;
this.jdkCompatibilityMode = jdkCompatibilityMode;
this.jdkCompatibilityMode = engineType.jdkCompatibilityMode(engine);
setCumulator(engineType.cumulator);
}