author | michaelm |
Wed, 18 May 2016 16:39:08 +0100 | |
changeset 38381 | a2105ea409ec |
parent 37799 | 635c430d5a99 |
child 38464 | 08512546de5f |
permissions | -rw-r--r-- |
37720 | 1 |
/* |
2 |
* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. |
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. Oracle designates this |
|
8 |
* particular file as subject to the "Classpath" exception as provided |
|
9 |
* by Oracle in the LICENSE file that accompanied this code. |
|
10 |
* |
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
*/ |
|
24 |
package java.net.http; |
|
25 |
||
26 |
import java.io.Closeable; |
|
27 |
import java.io.IOException; |
|
28 |
import java.nio.ByteBuffer; |
|
29 |
import java.util.LinkedList; |
|
30 |
import java.util.concurrent.ExecutorService; |
|
31 |
import java.util.function.Consumer; |
|
32 |
import static javax.net.ssl.SSLEngineResult.Status.*; |
|
33 |
import javax.net.ssl.*; |
|
34 |
import static javax.net.ssl.SSLEngineResult.HandshakeStatus.*; |
|
35 |
||
36 |
/** |
|
37 |
* Asynchronous wrapper around SSLEngine. send and receive is fully non |
|
38 |
* blocking. When handshaking is required, a thread is created to perform |
|
39 |
* the handshake and application level sends do not take place during this time. |
|
40 |
* |
|
41 |
* Is implemented using queues and functions operating on the receiving end |
|
42 |
* of each queue. |
|
43 |
* |
|
44 |
* Application writes to: |
|
45 |
* || |
|
46 |
* \/ |
|
47 |
* appOutputQ |
|
48 |
* || |
|
49 |
* \/ |
|
50 |
* appOutputQ read by "upperWrite" method which does SSLEngine.wrap |
|
51 |
* and writes to |
|
52 |
* || |
|
53 |
* \/ |
|
54 |
* channelOutputQ |
|
55 |
* || |
|
56 |
* \/ |
|
57 |
* channelOutputQ is read by "lowerWrite" method which is invoked from |
|
58 |
* OP_WRITE events on the socket (from selector thread) |
|
59 |
* |
|
60 |
* Reading side is as follows |
|
61 |
* -------------------------- |
|
62 |
* |
|
63 |
* "upperRead" method reads off channelInputQ and calls SSLEngine.unwrap and |
|
64 |
* when decrypted data is returned, it is passed to the user's Consumer<ByteBuffer> |
|
65 |
* /\ |
|
66 |
* || |
|
67 |
* channelInputQ |
|
68 |
* /\ |
|
69 |
* || |
|
70 |
* "lowerRead" method puts buffers into channelInputQ. It is invoked from |
|
71 |
* OP_READ events from the selector. |
|
72 |
* |
|
73 |
* Whenever handshaking is required, the doHandshaking() method is called |
|
74 |
* which creates a thread to complete the handshake. It takes over the |
|
75 |
* channelInputQ from upperRead, and puts outgoing packets on channelOutputQ. |
|
76 |
* Selector events are delivered to lowerRead and lowerWrite as normal. |
|
77 |
* |
|
78 |
* Errors |
|
79 |
* |
|
80 |
* Any exception thrown by the engine or channel, causes all Queues to be closed |
|
81 |
* the channel to be closed, and the error is reported to the user's |
|
82 |
* Consumer<Throwable> |
|
83 |
*/ |
|
84 |
public class AsyncSSLDelegate implements Closeable, AsyncConnection { |
|
85 |
||
86 |
// outgoing buffers put in this queue first and may remain here |
|
87 |
// while SSL handshaking happening. |
|
88 |
final Queue<ByteBuffer> appOutputQ; |
|
89 |
||
90 |
// queue of wrapped ByteBuffers waiting to be sent on socket channel |
|
91 |
//final Queue<ByteBuffer> channelOutputQ; |
|
92 |
||
93 |
// Bytes read into this queue before being unwrapped. Backup on this |
|
94 |
// Q should only happen when the engine is stalled due to delegated tasks |
|
95 |
final Queue<ByteBuffer> channelInputQ; |
|
96 |
||
97 |
// input occurs through the read() method which is expected to be called |
|
98 |
// when the selector signals some data is waiting to be read. All incoming |
|
99 |
// handshake data is handled in this method, which means some calls to |
|
100 |
// read() may return zero bytes of user data. This is not a sign of spinning, |
|
101 |
// just that the handshake mechanics are being executed. |
|
102 |
||
103 |
final SSLEngine engine; |
|
104 |
final SSLParameters sslParameters; |
|
105 |
//final SocketChannel chan; |
|
106 |
final HttpConnection lowerOutput; |
|
107 |
final HttpClientImpl client; |
|
108 |
final ExecutorService executor; |
|
109 |
final BufferHandler bufPool; |
|
110 |
Consumer<ByteBuffer> receiver; |
|
111 |
Consumer<Throwable> errorHandler; |
|
112 |
// Locks. |
|
113 |
final Object reader = new Object(); |
|
114 |
final Object writer = new Object(); |
|
115 |
// synchronizing handshake state |
|
116 |
final Object handshaker = new Object(); |
|
117 |
// flag set when reader or writer is blocked waiting for handshake to finish |
|
118 |
boolean writerBlocked; |
|
119 |
boolean readerBlocked; |
|
120 |
||
121 |
// some thread is currently doing the handshake |
|
122 |
boolean handshaking; |
|
123 |
||
124 |
// alpn[] may be null. upcall is callback which receives incoming decoded bytes off socket |
|
125 |
||
126 |
AsyncSSLDelegate(HttpConnection lowerOutput, HttpClientImpl client, String[] alpn) |
|
127 |
{ |
|
128 |
SSLContext context = client.sslContext(); |
|
129 |
executor = client.executorService(); |
|
130 |
bufPool = client; |
|
131 |
appOutputQ = new Queue<>(); |
|
132 |
appOutputQ.registerPutCallback(this::upperWrite); |
|
133 |
//channelOutputQ = new Queue<>(); |
|
134 |
//channelOutputQ.registerPutCallback(this::lowerWrite); |
|
135 |
engine = context.createSSLEngine(); |
|
136 |
engine.setUseClientMode(true); |
|
137 |
SSLParameters sslp = client.sslParameters().orElse(null); |
|
138 |
if (sslp == null) { |
|
139 |
sslp = context.getSupportedSSLParameters(); |
|
140 |
//sslp = context.getDefaultSSLParameters(); |
|
141 |
//printParams(sslp); |
|
142 |
} |
|
143 |
sslParameters = Utils.copySSLParameters(sslp); |
|
144 |
if (alpn != null) { |
|
145 |
sslParameters.setApplicationProtocols(alpn); |
|
146 |
} |
|
37799
635c430d5a99
8153572: [JEP 110] IOException (connection closed for reading) is thrown when try to connect HTTPS service
michaelm
parents:
37720
diff
changeset
|
147 |
logParams(sslParameters); |
37720 | 148 |
engine.setSSLParameters(sslParameters); |
149 |
this.lowerOutput = lowerOutput; |
|
150 |
this.client = client; |
|
151 |
this.channelInputQ = new Queue<>(); |
|
152 |
this.channelInputQ.registerPutCallback(this::upperRead); |
|
153 |
} |
|
154 |
||
155 |
/** |
|
156 |
* Put buffers to appOutputQ, and call upperWrite() if q was empty. |
|
157 |
* |
|
158 |
* @param src |
|
159 |
*/ |
|
160 |
public void write(ByteBuffer[] src) throws IOException { |
|
161 |
appOutputQ.putAll(src); |
|
162 |
} |
|
163 |
||
164 |
public void write(ByteBuffer buf) throws IOException { |
|
165 |
ByteBuffer[] a = new ByteBuffer[1]; |
|
166 |
a[0] = buf; |
|
167 |
write(a); |
|
168 |
} |
|
169 |
||
170 |
@Override |
|
171 |
public void close() { |
|
172 |
Utils.close(appOutputQ, channelInputQ, lowerOutput); |
|
173 |
} |
|
174 |
||
175 |
/** |
|
176 |
* Attempts to wrap buffers from appOutputQ and place them on the |
|
177 |
* channelOutputQ for writing. If handshaking is happening, then the |
|
178 |
* process stalls and last buffers taken off the appOutputQ are put back |
|
179 |
* into it until handshaking completes. |
|
180 |
* |
|
181 |
* This same method is called to try and resume output after a blocking |
|
182 |
* handshaking operation has completed. |
|
183 |
*/ |
|
184 |
private void upperWrite() { |
|
185 |
try { |
|
186 |
EngineResult r = null; |
|
187 |
ByteBuffer[] buffers = appOutputQ.pollAll(Utils.EMPTY_BB_ARRAY); |
|
188 |
int bytes = Utils.remaining(buffers); |
|
189 |
while (bytes > 0) { |
|
190 |
synchronized (writer) { |
|
191 |
r = wrapBuffers(buffers); |
|
192 |
int bytesProduced = r.bytesProduced(); |
|
193 |
int bytesConsumed = r.bytesConsumed(); |
|
194 |
bytes -= bytesConsumed; |
|
195 |
if (bytesProduced > 0) { |
|
196 |
// pass destination buffer to channelOutputQ. |
|
197 |
lowerOutput.write(r.destBuffer); |
|
198 |
} |
|
199 |
synchronized (handshaker) { |
|
200 |
if (r.handshaking()) { |
|
201 |
// handshaking is happening or is needed |
|
202 |
// so we put the buffers back on Q to process again |
|
203 |
// later. It's possible that some may have already |
|
204 |
// been processed, which is ok. |
|
205 |
appOutputQ.pushbackAll(buffers); |
|
206 |
writerBlocked = true; |
|
207 |
if (!handshaking()) { |
|
208 |
// execute the handshake in another thread. |
|
209 |
// This method will be called again to resume sending |
|
210 |
// later |
|
211 |
doHandshake(r); |
|
212 |
} |
|
213 |
return; |
|
214 |
} |
|
215 |
} |
|
216 |
} |
|
217 |
} |
|
218 |
returnBuffers(buffers); |
|
219 |
} catch (Throwable t) { |
|
220 |
t.printStackTrace(); |
|
221 |
close(); |
|
222 |
} |
|
223 |
} |
|
224 |
||
225 |
private void doHandshake(EngineResult r) { |
|
226 |
handshaking = true; |
|
227 |
channelInputQ.registerPutCallback(null); |
|
228 |
executor.execute(() -> { |
|
229 |
try { |
|
230 |
doHandshakeImpl(r); |
|
231 |
channelInputQ.registerPutCallback(this::upperRead); |
|
232 |
} catch (Throwable t) { |
|
233 |
t.printStackTrace(); |
|
234 |
close(); |
|
235 |
} |
|
236 |
}); |
|
237 |
} |
|
238 |
||
239 |
private void returnBuffers(ByteBuffer[] bufs) { |
|
240 |
for (ByteBuffer buf : bufs) |
|
241 |
client.returnBuffer(buf); |
|
242 |
} |
|
243 |
||
244 |
/** |
|
245 |
* Return true if some thread is currently doing the handshake |
|
246 |
* |
|
247 |
* @return |
|
248 |
*/ |
|
249 |
boolean handshaking() { |
|
250 |
synchronized(handshaker) { |
|
251 |
return handshaking; |
|
252 |
} |
|
253 |
} |
|
254 |
||
255 |
/** |
|
256 |
* Executes entire handshake in calling thread. |
|
257 |
* Returns after handshake is completed or error occurs |
|
258 |
* @param r |
|
259 |
* @throws IOException |
|
260 |
*/ |
|
261 |
private void doHandshakeImpl(EngineResult r) throws IOException { |
|
262 |
while (true) { |
|
263 |
SSLEngineResult.HandshakeStatus status = r.handshakeStatus(); |
|
264 |
if (status == NEED_TASK) { |
|
265 |
LinkedList<Runnable> tasks = obtainTasks(); |
|
266 |
for (Runnable task : tasks) |
|
267 |
task.run(); |
|
268 |
r = handshakeWrapAndSend(); |
|
269 |
} else if (status == NEED_WRAP) { |
|
270 |
r = handshakeWrapAndSend(); |
|
271 |
} else if (status == NEED_UNWRAP) { |
|
272 |
r = handshakeReceiveAndUnWrap(); |
|
273 |
} |
|
274 |
if (!r.handshaking()) |
|
275 |
break; |
|
276 |
} |
|
277 |
boolean dowrite = false; |
|
278 |
boolean doread = false; |
|
279 |
// Handshake is finished. Now resume reading and/or writing |
|
280 |
synchronized(handshaker) { |
|
281 |
handshaking = false; |
|
282 |
if (writerBlocked) { |
|
283 |
writerBlocked = false; |
|
284 |
dowrite = true; |
|
285 |
} |
|
286 |
if (readerBlocked) { |
|
287 |
readerBlocked = false; |
|
288 |
doread = true; |
|
289 |
} |
|
290 |
} |
|
291 |
if (dowrite) |
|
292 |
upperWrite(); |
|
293 |
if (doread) |
|
294 |
upperRead(); |
|
295 |
} |
|
296 |
||
297 |
// acknowledge a received CLOSE request from peer |
|
298 |
void doClosure() throws IOException { |
|
299 |
//while (!wrapAndSend(emptyArray)) |
|
300 |
//; |
|
301 |
} |
|
302 |
||
303 |
LinkedList<Runnable> obtainTasks() { |
|
304 |
LinkedList<Runnable> l = new LinkedList<>(); |
|
305 |
Runnable r; |
|
306 |
while ((r = engine.getDelegatedTask()) != null) |
|
307 |
l.add(r); |
|
308 |
return l; |
|
309 |
} |
|
310 |
||
311 |
@Override |
|
312 |
public synchronized void setAsyncCallbacks(Consumer<ByteBuffer> asyncReceiver, Consumer<Throwable> errorReceiver) { |
|
313 |
this.receiver = asyncReceiver; |
|
314 |
this.errorHandler = errorReceiver; |
|
315 |
} |
|
316 |
||
317 |
@Override |
|
318 |
public void startReading() { |
|
319 |
// maybe this class does not need to implement AsyncConnection |
|
320 |
} |
|
321 |
||
322 |
static class EngineResult { |
|
323 |
ByteBuffer destBuffer; |
|
324 |
ByteBuffer srcBuffer; |
|
325 |
SSLEngineResult result; |
|
326 |
Throwable t; |
|
327 |
||
328 |
boolean handshaking() { |
|
329 |
SSLEngineResult.HandshakeStatus s = result.getHandshakeStatus(); |
|
330 |
return s != FINISHED && s != NOT_HANDSHAKING; |
|
331 |
} |
|
332 |
||
333 |
int bytesConsumed() { |
|
334 |
return result.bytesConsumed(); |
|
335 |
} |
|
336 |
||
337 |
int bytesProduced() { |
|
338 |
return result.bytesProduced(); |
|
339 |
} |
|
340 |
||
341 |
Throwable exception() { |
|
342 |
return t; |
|
343 |
} |
|
344 |
||
345 |
SSLEngineResult.HandshakeStatus handshakeStatus() { |
|
346 |
return result.getHandshakeStatus(); |
|
347 |
} |
|
348 |
||
349 |
SSLEngineResult.Status status() { |
|
350 |
return result.getStatus(); |
|
351 |
} |
|
352 |
} |
|
353 |
||
354 |
EngineResult handshakeWrapAndSend() throws IOException { |
|
355 |
EngineResult r = wrapBuffer(Utils.EMPTY_BYTEBUFFER); |
|
356 |
if (r.bytesProduced() > 0) { |
|
357 |
lowerOutput.write(r.destBuffer); |
|
358 |
} |
|
359 |
return r; |
|
360 |
} |
|
361 |
||
362 |
// called during handshaking. It blocks until a complete packet |
|
363 |
// is available, unwraps it and returns. |
|
364 |
EngineResult handshakeReceiveAndUnWrap() throws IOException { |
|
365 |
ByteBuffer buf = channelInputQ.take(); |
|
366 |
while (true) { |
|
367 |
// block waiting for input |
|
368 |
EngineResult r = unwrapBuffer(buf); |
|
369 |
SSLEngineResult.Status status = r.status(); |
|
370 |
if (status == BUFFER_UNDERFLOW) { |
|
371 |
// wait for another buffer to arrive |
|
372 |
ByteBuffer buf1 = channelInputQ.take(); |
|
373 |
buf = combine (buf, buf1); |
|
374 |
continue; |
|
375 |
} |
|
376 |
// OK |
|
377 |
// theoretically possible we could receive some user data |
|
378 |
if (r.bytesProduced() > 0) { |
|
379 |
receiver.accept(r.destBuffer); |
|
380 |
} |
|
381 |
if (!buf.hasRemaining()) |
|
382 |
return r; |
|
383 |
} |
|
384 |
} |
|
385 |
||
386 |
EngineResult wrapBuffer(ByteBuffer src) throws SSLException { |
|
387 |
ByteBuffer[] bufs = new ByteBuffer[1]; |
|
388 |
bufs[0] = src; |
|
389 |
return wrapBuffers(bufs); |
|
390 |
} |
|
391 |
||
392 |
EngineResult wrapBuffers(ByteBuffer[] src) throws SSLException { |
|
393 |
EngineResult r = new EngineResult(); |
|
394 |
ByteBuffer dst = bufPool.getBuffer(); |
|
395 |
while (true) { |
|
396 |
r.result = engine.wrap(src, dst); |
|
397 |
switch (r.result.getStatus()) { |
|
398 |
case BUFFER_OVERFLOW: |
|
399 |
dst = getPacketBuffer(); |
|
400 |
break; |
|
401 |
case CLOSED: |
|
402 |
case OK: |
|
403 |
dst.flip(); |
|
404 |
r.destBuffer = dst; |
|
405 |
return r; |
|
406 |
case BUFFER_UNDERFLOW: |
|
407 |
// underflow handled externally |
|
408 |
bufPool.returnBuffer(dst); |
|
409 |
return r; |
|
410 |
default: |
|
411 |
assert false; |
|
412 |
} |
|
413 |
} |
|
414 |
} |
|
415 |
||
416 |
EngineResult unwrapBuffer(ByteBuffer srcbuf) throws IOException { |
|
417 |
EngineResult r = new EngineResult(); |
|
418 |
r.srcBuffer = srcbuf; |
|
419 |
||
420 |
ByteBuffer dst = bufPool.getBuffer(); |
|
421 |
while (true) { |
|
422 |
r.result = engine.unwrap(srcbuf, dst); |
|
423 |
switch (r.result.getStatus()) { |
|
424 |
case BUFFER_OVERFLOW: |
|
425 |
// dest buffer not big enough. Reallocate |
|
426 |
int oldcap = dst.capacity(); |
|
427 |
dst = getApplicationBuffer(); |
|
428 |
assert dst.capacity() > oldcap; |
|
429 |
break; |
|
430 |
case CLOSED: |
|
431 |
doClosure(); |
|
432 |
throw new IOException("Engine closed"); |
|
433 |
case BUFFER_UNDERFLOW: |
|
434 |
bufPool.returnBuffer(dst); |
|
435 |
return r; |
|
436 |
case OK: |
|
437 |
dst.flip(); |
|
438 |
r.destBuffer = dst; |
|
439 |
return r; |
|
440 |
} |
|
441 |
} |
|
442 |
} |
|
443 |
||
444 |
/** |
|
445 |
* Asynchronous read input. Call this when selector fires. |
|
446 |
* Unwrap done in upperRead because it also happens in |
|
447 |
* doHandshake() when handshake taking place |
|
448 |
*/ |
|
449 |
public void lowerRead(ByteBuffer buffer) { |
|
450 |
try { |
|
451 |
channelInputQ.put(buffer); |
|
452 |
} catch (Throwable t) { |
|
453 |
close(); |
|
454 |
errorHandler.accept(t); |
|
455 |
} |
|
456 |
} |
|
457 |
||
458 |
public void upperRead() { |
|
459 |
EngineResult r; |
|
460 |
ByteBuffer srcbuf; |
|
461 |
synchronized (reader) { |
|
462 |
try { |
|
463 |
srcbuf = channelInputQ.poll(); |
|
464 |
if (srcbuf == null) { |
|
465 |
return; |
|
466 |
} |
|
467 |
while (true) { |
|
468 |
r = unwrapBuffer(srcbuf); |
|
469 |
switch (r.result.getStatus()) { |
|
470 |
case BUFFER_UNDERFLOW: |
|
471 |
// Buffer too small. Need to combine with next buf |
|
472 |
ByteBuffer nextBuf = channelInputQ.poll(); |
|
473 |
if (nextBuf == null) { |
|
474 |
// no data available. push buffer back until more data available |
|
475 |
channelInputQ.pushback(srcbuf); |
|
476 |
return; |
|
477 |
} else { |
|
478 |
srcbuf = combine(srcbuf, nextBuf); |
|
479 |
} |
|
480 |
break; |
|
481 |
case OK: |
|
482 |
// check for any handshaking work |
|
483 |
synchronized (handshaker) { |
|
484 |
if (r.handshaking()) { |
|
485 |
// handshaking is happening or is needed |
|
486 |
// so we put the buffer back on Q to process again |
|
487 |
// later. |
|
488 |
channelInputQ.pushback(srcbuf); |
|
489 |
readerBlocked = true; |
|
490 |
if (!handshaking()) { |
|
491 |
// execute the handshake in another thread. |
|
492 |
// This method will be called again to resume sending |
|
493 |
// later |
|
494 |
doHandshake(r); |
|
495 |
} |
|
496 |
return; |
|
497 |
} |
|
498 |
} |
|
499 |
ByteBuffer dst = r.destBuffer; |
|
500 |
if (dst.hasRemaining()) { |
|
501 |
receiver.accept(dst); |
|
502 |
} |
|
503 |
} |
|
504 |
if (srcbuf.hasRemaining()) { |
|
505 |
continue; |
|
506 |
} |
|
507 |
srcbuf = channelInputQ.poll(); |
|
508 |
if (srcbuf == null) { |
|
509 |
return; |
|
510 |
} |
|
511 |
} |
|
512 |
} catch (Throwable t) { |
|
513 |
Utils.close(lowerOutput); |
|
514 |
errorHandler.accept(t); |
|
515 |
} |
|
516 |
} |
|
517 |
} |
|
518 |
||
519 |
/** |
|
520 |
* Get a new buffer that is the right size for application buffers. |
|
521 |
* |
|
522 |
* @return |
|
523 |
*/ |
|
524 |
ByteBuffer getApplicationBuffer() { |
|
525 |
SSLSession session = engine.getSession(); |
|
526 |
int appBufsize = session.getApplicationBufferSize(); |
|
527 |
bufPool.setMinBufferSize(appBufsize); |
|
528 |
return bufPool.getBuffer(appBufsize); |
|
529 |
} |
|
530 |
||
531 |
ByteBuffer getPacketBuffer() { |
|
532 |
SSLSession session = engine.getSession(); |
|
533 |
int packetBufSize = session.getPacketBufferSize(); |
|
534 |
bufPool.setMinBufferSize(packetBufSize); |
|
535 |
return bufPool.getBuffer(packetBufSize); |
|
536 |
} |
|
537 |
||
538 |
ByteBuffer combine(ByteBuffer buf1, ByteBuffer buf2) { |
|
539 |
int avail1 = buf1.capacity() - buf1.remaining(); |
|
540 |
if (buf2.remaining() < avail1) { |
|
541 |
buf1.compact(); |
|
542 |
buf1.put(buf2); |
|
543 |
buf1.flip(); |
|
544 |
return buf1; |
|
545 |
} |
|
546 |
int newsize = buf1.remaining() + buf2.remaining(); |
|
547 |
ByteBuffer newbuf = bufPool.getBuffer(newsize); |
|
548 |
newbuf.put(buf1); |
|
549 |
newbuf.put(buf2); |
|
550 |
newbuf.flip(); |
|
551 |
return newbuf; |
|
552 |
} |
|
553 |
||
554 |
SSLParameters getSSLParameters() { |
|
555 |
return sslParameters; |
|
556 |
} |
|
557 |
||
37799
635c430d5a99
8153572: [JEP 110] IOException (connection closed for reading) is thrown when try to connect HTTPS service
michaelm
parents:
37720
diff
changeset
|
558 |
static void logParams(SSLParameters p) { |
38381
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
559 |
if (!Log.ssl()) { |
37799
635c430d5a99
8153572: [JEP 110] IOException (connection closed for reading) is thrown when try to connect HTTPS service
michaelm
parents:
37720
diff
changeset
|
560 |
return; |
38381
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
561 |
} |
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
562 |
|
37799
635c430d5a99
8153572: [JEP 110] IOException (connection closed for reading) is thrown when try to connect HTTPS service
michaelm
parents:
37720
diff
changeset
|
563 |
Log.logSSL("SSLParameters:"); |
37720 | 564 |
if (p == null) { |
37799
635c430d5a99
8153572: [JEP 110] IOException (connection closed for reading) is thrown when try to connect HTTPS service
michaelm
parents:
37720
diff
changeset
|
565 |
Log.logSSL("Null params"); |
37720 | 566 |
return; |
567 |
} |
|
38381
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
568 |
|
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
569 |
if (p.getCipherSuites() != null) { |
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
570 |
for (String cipher : p.getCipherSuites()) { |
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
571 |
Log.logSSL("cipher: {0}\n", cipher); |
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
572 |
} |
37720 | 573 |
} |
38381
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
574 |
|
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
575 |
// SSLParameters.getApplicationProtocols() can't return null |
37720 | 576 |
for (String approto : p.getApplicationProtocols()) { |
37799
635c430d5a99
8153572: [JEP 110] IOException (connection closed for reading) is thrown when try to connect HTTPS service
michaelm
parents:
37720
diff
changeset
|
577 |
Log.logSSL("application protocol: {0}\n", approto); |
37720 | 578 |
} |
38381
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
579 |
|
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
580 |
if (p.getProtocols() != null) { |
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
581 |
for (String protocol : p.getProtocols()) { |
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
582 |
Log.logSSL("protocol: {0}\n", protocol); |
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
583 |
} |
37720 | 584 |
} |
38381
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
585 |
|
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
586 |
if (p.getServerNames() != null) { |
37799
635c430d5a99
8153572: [JEP 110] IOException (connection closed for reading) is thrown when try to connect HTTPS service
michaelm
parents:
37720
diff
changeset
|
587 |
for (SNIServerName sname : p.getServerNames()) { |
635c430d5a99
8153572: [JEP 110] IOException (connection closed for reading) is thrown when try to connect HTTPS service
michaelm
parents:
37720
diff
changeset
|
588 |
Log.logSSL("server name: {0}\n", sname.toString()); |
38381
a2105ea409ec
8157107: HTTP/2 client may fail with NPE if additional logging enabled
michaelm
parents:
37799
diff
changeset
|
589 |
} |
37720 | 590 |
} |
591 |
} |
|
592 |
||
593 |
String getSessionInfo() { |
|
594 |
StringBuilder sb = new StringBuilder(); |
|
595 |
String application = engine.getApplicationProtocol(); |
|
596 |
SSLSession sess = engine.getSession(); |
|
597 |
String cipher = sess.getCipherSuite(); |
|
598 |
String protocol = sess.getProtocol(); |
|
599 |
sb.append("Handshake complete alpn: ") |
|
600 |
.append(application) |
|
601 |
.append(", Cipher: ") |
|
602 |
.append(cipher) |
|
603 |
.append(", Protocol: ") |
|
604 |
.append(protocol); |
|
605 |
return sb.toString(); |
|
606 |
} |
|
607 |
} |