SslHandler dervies jdkCompatibilityMode from SSLEngine

Motivation: Some SSLEngine implementations (e.g. ReferenceCountedOpenSslContext) support unwrapping/wrapping multiple packets at a time. The SslHandler behaves differently if the SSLEngine supports this feature, but currently requires that the constructor argument between the SSLEngine creation and SslHandler are coordinated. This can be difficult, or require package private access, if extending the SslHandler. Modifications: - The SslHandler should inspect the SSLEngine to see if it supports jdkCompatibilityMode instead of relying on getting an extra constructor argument which maybe out of synch with the SSLEngine Result: Easier to override SslHandler and have consistent jdkCompatibilityMode between SSLEngine and SslHandler.
2017-10-31 13:20:02 -07:00 · 2017-10-31 13:20:02 -07:00 · fa584c146f
commit fa584c146f
parent ad1f0d46b3
3 changed files with 21 additions and 12 deletions
--- a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslContext.java
@ -380,12 +380,12 @@ public abstract class ReferenceCountedOpenSslContext extends SslContext implemen

    @Override
    protected final SslHandler newHandler(ByteBufAllocator alloc, boolean startTls) {
-        return new SslHandler(newEngine0(alloc, null, -1, false), startTls, false);
+        return new SslHandler(newEngine0(alloc, null, -1, false), startTls);
    }

    @Override
    protected final SslHandler newHandler(ByteBufAllocator alloc, String peerHost, int peerPort, boolean startTls) {
-        return new SslHandler(newEngine0(alloc, peerHost, peerPort, false), startTls, false);
+        return new SslHandler(newEngine0(alloc, peerHost, peerPort, false), startTls);
    }

    SSLEngine newEngine0(ByteBufAllocator alloc, String peerHost, int peerPort, boolean jdkCompatibilityMode) {
--- a/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java
+++ b/handler/src/main/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngine.java
@ -201,7 +201,7 @@ public class ReferenceCountedOpenSslEngine extends SSLEngine implements Referenc
    private boolean isInboundDone;
    private boolean outboundClosed;

-    private final boolean jdkCompatibilityMode;
+    final boolean jdkCompatibilityMode;
    private final boolean clientMode;
    private final ByteBufAllocator alloc;
    private final OpenSslEngineMap engineMap;
--- a/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
+++ b/handler/src/main/java/io/netty/handler/ssl/SslHandler.java
@ -234,6 +234,11 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
                int sslPending = ((ReferenceCountedOpenSslEngine) handler.engine).sslPending();
                return sslPending > 0 ? sslPending : guess;
            }
+
+            @Override
+            boolean jdkCompatibilityMode(SSLEngine engine) {
+                return ((ReferenceCountedOpenSslEngine) engine).jdkCompatibilityMode;
+            }
        },
        CONSCRYPT(true, COMPOSITE_CUMULATOR) {
            @Override
@ -271,6 +276,11 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
            int calculatePendingData(SslHandler handler, int guess) {
                return guess;
            }
+
+            @Override
+            boolean jdkCompatibilityMode(SSLEngine engine) {
+                return true;
+            }
        },
        JDK(false, MERGE_CUMULATOR) {
            @Override
@ -292,6 +302,11 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
            int calculatePendingData(SslHandler handler, int guess) {
                return guess;
            }
+
+            @Override
+            boolean jdkCompatibilityMode(SSLEngine engine) {
+                return true;
+            }
        };

        static SslEngineType forEngine(SSLEngine engine) {
@ -315,6 +330,8 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH

        abstract int calculatePendingData(SslHandler handler, int guess);

+        abstract boolean jdkCompatibilityMode(SSLEngine engine);
+
        // BEGIN Platform-dependent flags

        /**
@ -411,14 +428,6 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
     */
    @Deprecated
    public SslHandler(SSLEngine engine, boolean startTls, Executor delegatedTaskExecutor) {
-        this(engine, startTls, true, delegatedTaskExecutor);
-    }
-
-    SslHandler(SSLEngine engine, boolean startTls, boolean jdkCompatibilityMode) {
-        this(engine, startTls, jdkCompatibilityMode, ImmediateExecutor.INSTANCE);
-    }
-
-    SslHandler(SSLEngine engine, boolean startTls, boolean jdkCompatibilityMode, Executor delegatedTaskExecutor) {
        if (engine == null) {
            throw new NullPointerException("engine");
        }
@ -429,7 +438,7 @@ public class SslHandler extends ByteToMessageDecoder implements ChannelOutboundH
        engineType = SslEngineType.forEngine(engine);
        this.delegatedTaskExecutor = delegatedTaskExecutor;
        this.startTls = startTls;
-        this.jdkCompatibilityMode = jdkCompatibilityMode;
+        this.jdkCompatibilityMode = engineType.jdkCompatibilityMode(engine);
        setCumulator(engineType.cumulator);
    }