Update to upstream's 4.0.42 release.

Resolves: RHBZ#1380921
This commit is contained in:
Severin Gehwolf 2016-10-20 17:55:57 +02:00
parent 2d63dcf3d9
commit 38464b7257
6 changed files with 6938 additions and 4410 deletions

File diff suppressed because it is too large Load Diff

884
0002-Remove-NPN-ALPN.patch Normal file
View File

@ -0,0 +1,884 @@
From cfb6f2a620525a94d6964c287792f2645bff4f4a Mon Sep 17 00:00:00 2001
From: Severin Gehwolf <sgehwolf@redhat.com>
Date: Thu, 20 Oct 2016 16:18:10 +0200
Subject: [PATCH 2/2] Remove NPN ALPN
---
.../ssl/JdkAlpnApplicationProtocolNegotiator.java | 120 ---------
.../io/netty/handler/ssl/JdkAlpnSslEngine.java | 124 ----------
.../ssl/JdkNpnApplicationProtocolNegotiator.java | 120 ---------
.../java/io/netty/handler/ssl/JdkNpnSslEngine.java | 122 ---------
.../java/io/netty/handler/ssl/JdkSslContext.java | 44 ----
.../io/netty/handler/ssl/JdkSslEngineTest.java | 273 ---------------------
6 files changed, 803 deletions(-)
delete mode 100644 handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java
delete mode 100644 handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java
delete mode 100644 handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java
delete mode 100644 handler/src/main/java/io/netty/handler/ssl/JdkNpnSslEngine.java
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java b/handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java
deleted file mode 100644
index aaaf5b7..0000000
--- a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * Copyright 2014 The Netty Project
- *
- * The Netty Project licenses this file to you under the Apache License,
- * version 2.0 (the "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations
- * under the License.
- */
-package io.netty.handler.ssl;
-
-import javax.net.ssl.SSLEngine;
-
-/**
- * The {@link JdkApplicationProtocolNegotiator} to use if you need ALPN and are using {@link SslProvider#JDK}.
- */
-public final class JdkAlpnApplicationProtocolNegotiator extends JdkBaseApplicationProtocolNegotiator {
- private static final SslEngineWrapperFactory ALPN_WRAPPER = new SslEngineWrapperFactory() {
- {
- if (!JdkAlpnSslEngine.isAvailable()) {
- throw new RuntimeException("ALPN unsupported. Is your classpatch configured correctly?"
- + " See http://www.eclipse.org/jetty/documentation/current/alpn-chapter.html#alpn-starting");
- }
- }
-
- @Override
- public SSLEngine wrapSslEngine(SSLEngine engine, JdkApplicationProtocolNegotiator applicationNegotiator,
- boolean isServer) {
- return new JdkAlpnSslEngine(engine, applicationNegotiator, isServer);
- }
- };
-
- /**
- * Create a new instance.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkAlpnApplicationProtocolNegotiator(Iterable<String> protocols) {
- this(false, protocols);
- }
-
- /**
- * Create a new instance.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkAlpnApplicationProtocolNegotiator(String... protocols) {
- this(false, protocols);
- }
-
- /**
- * Create a new instance.
- * @param failIfNoCommonProtocols Fail with a fatal alert if not common protocols are detected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkAlpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, Iterable<String> protocols) {
- this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);
- }
-
- /**
- * Create a new instance.
- * @param failIfNoCommonProtocols Fail with a fatal alert if not common protocols are detected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkAlpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, String... protocols) {
- this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);
- }
-
- /**
- * Create a new instance.
- * @param clientFailIfNoCommonProtocols Client side fail with a fatal alert if not common protocols are detected.
- * @param serverFailIfNoCommonProtocols Server side fail with a fatal alert if not common protocols are detected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkAlpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,
- boolean serverFailIfNoCommonProtocols, Iterable<String> protocols) {
- this(serverFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,
- clientFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,
- protocols);
- }
-
- /**
- * Create a new instance.
- * @param clientFailIfNoCommonProtocols Client side fail with a fatal alert if not common protocols are detected.
- * @param serverFailIfNoCommonProtocols Server side fail with a fatal alert if not common protocols are detected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkAlpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,
- boolean serverFailIfNoCommonProtocols, String... protocols) {
- this(serverFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,
- clientFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,
- protocols);
- }
-
- /**
- * Create a new instance.
- * @param selectorFactory The factory which provides classes responsible for selecting the protocol.
- * @param listenerFactory The factory which provides to be notified of which protocol was selected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkAlpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,
- ProtocolSelectionListenerFactory listenerFactory, Iterable<String> protocols) {
- super(ALPN_WRAPPER, selectorFactory, listenerFactory, protocols);
- }
-
- /**
- * Create a new instance.
- * @param selectorFactory The factory which provides classes responsible for selecting the protocol.
- * @param listenerFactory The factory which provides to be notified of which protocol was selected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkAlpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,
- ProtocolSelectionListenerFactory listenerFactory, String... protocols) {
- super(ALPN_WRAPPER, selectorFactory, listenerFactory, protocols);
- }
-}
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java
deleted file mode 100644
index bdf3aca..0000000
--- a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * Copyright 2014 The Netty Project
- *
- * The Netty Project licenses this file to you under the Apache License,
- * version 2.0 (the "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations
- * under the License.
- */
-package io.netty.handler.ssl;
-
-import static io.netty.util.internal.ObjectUtil.checkNotNull;
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelectionListener;
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelector;
-
-import java.util.LinkedHashSet;
-import java.util.List;
-
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLException;
-import javax.net.ssl.SSLHandshakeException;
-
-import org.eclipse.jetty.alpn.ALPN;
-import org.eclipse.jetty.alpn.ALPN.ClientProvider;
-import org.eclipse.jetty.alpn.ALPN.ServerProvider;
-
-final class JdkAlpnSslEngine extends JdkSslEngine {
- private static boolean available;
-
- static boolean isAvailable() {
- updateAvailability();
- return available;
- }
-
- private static void updateAvailability() {
- if (available) {
- return;
- }
-
- try {
- // Always use bootstrap class loader.
- Class.forName("sun.security.ssl.ALPNExtension", true, null);
- available = true;
- } catch (Exception ignore) {
- // alpn-boot was not loaded.
- }
- }
-
- JdkAlpnSslEngine(SSLEngine engine, final JdkApplicationProtocolNegotiator applicationNegotiator, boolean server) {
- super(engine);
- checkNotNull(applicationNegotiator, "applicationNegotiator");
-
- if (server) {
- final ProtocolSelector protocolSelector = checkNotNull(applicationNegotiator.protocolSelectorFactory()
- .newSelector(this, new LinkedHashSet<String>(applicationNegotiator.protocols())),
- "protocolSelector");
- ALPN.put(engine, new ServerProvider() {
- @Override
- public String select(List<String> protocols) throws SSLException {
- try {
- return protocolSelector.select(protocols);
- } catch (SSLHandshakeException e) {
- throw e;
- } catch (Throwable t) {
- SSLHandshakeException e = new SSLHandshakeException(t.getMessage());
- e.initCause(t);
- throw e;
- }
- }
-
- @Override
- public void unsupported() {
- protocolSelector.unsupported();
- }
- });
- } else {
- final ProtocolSelectionListener protocolListener = checkNotNull(applicationNegotiator
- .protocolListenerFactory().newListener(this, applicationNegotiator.protocols()),
- "protocolListener");
- ALPN.put(engine, new ClientProvider() {
- @Override
- public List<String> protocols() {
- return applicationNegotiator.protocols();
- }
-
- @Override
- public void selected(String protocol) throws SSLException {
- try {
- protocolListener.selected(protocol);
- } catch (SSLHandshakeException e) {
- throw e;
- } catch (Throwable t) {
- SSLHandshakeException e = new SSLHandshakeException(t.getMessage());
- e.initCause(t);
- throw e;
- }
- }
-
- @Override
- public void unsupported() {
- protocolListener.unsupported();
- }
- });
- }
- }
-
- @Override
- public void closeInbound() throws SSLException {
- ALPN.remove(getWrappedEngine());
- super.closeInbound();
- }
-
- @Override
- public void closeOutbound() {
- ALPN.remove(getWrappedEngine());
- super.closeOutbound();
- }
-}
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java b/handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java
deleted file mode 100644
index c893f05..0000000
--- a/handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * Copyright 2014 The Netty Project
- *
- * The Netty Project licenses this file to you under the Apache License,
- * version 2.0 (the "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations
- * under the License.
- */
-package io.netty.handler.ssl;
-
-import javax.net.ssl.SSLEngine;
-
-/**
- * The {@link JdkApplicationProtocolNegotiator} to use if you need NPN and are using {@link SslProvider#JDK}.
- */
-public final class JdkNpnApplicationProtocolNegotiator extends JdkBaseApplicationProtocolNegotiator {
- private static final SslEngineWrapperFactory NPN_WRAPPER = new SslEngineWrapperFactory() {
- {
- if (!JdkNpnSslEngine.isAvailable()) {
- throw new RuntimeException("NPN unsupported. Is your classpatch configured correctly?"
- + " See http://www.eclipse.org/jetty/documentation/current/npn-chapter.html#npn-starting");
- }
- }
-
- @Override
- public SSLEngine wrapSslEngine(SSLEngine engine, JdkApplicationProtocolNegotiator applicationNegotiator,
- boolean isServer) {
- return new JdkNpnSslEngine(engine, applicationNegotiator, isServer);
- }
- };
-
- /**
- * Create a new instance.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkNpnApplicationProtocolNegotiator(Iterable<String> protocols) {
- this(false, protocols);
- }
-
- /**
- * Create a new instance.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkNpnApplicationProtocolNegotiator(String... protocols) {
- this(false, protocols);
- }
-
- /**
- * Create a new instance.
- * @param failIfNoCommonProtocols Fail with a fatal alert if not common protocols are detected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkNpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, Iterable<String> protocols) {
- this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);
- }
-
- /**
- * Create a new instance.
- * @param failIfNoCommonProtocols Fail with a fatal alert if not common protocols are detected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkNpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, String... protocols) {
- this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);
- }
-
- /**
- * Create a new instance.
- * @param clientFailIfNoCommonProtocols Client side fail with a fatal alert if not common protocols are detected.
- * @param serverFailIfNoCommonProtocols Server side fail with a fatal alert if not common protocols are detected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkNpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,
- boolean serverFailIfNoCommonProtocols, Iterable<String> protocols) {
- this(clientFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,
- serverFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,
- protocols);
- }
-
- /**
- * Create a new instance.
- * @param clientFailIfNoCommonProtocols Client side fail with a fatal alert if not common protocols are detected.
- * @param serverFailIfNoCommonProtocols Server side fail with a fatal alert if not common protocols are detected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkNpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,
- boolean serverFailIfNoCommonProtocols, String... protocols) {
- this(clientFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,
- serverFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,
- protocols);
- }
-
- /**
- * Create a new instance.
- * @param selectorFactory The factory which provides classes responsible for selecting the protocol.
- * @param listenerFactory The factory which provides to be notified of which protocol was selected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkNpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,
- ProtocolSelectionListenerFactory listenerFactory, Iterable<String> protocols) {
- super(NPN_WRAPPER, selectorFactory, listenerFactory, protocols);
- }
-
- /**
- * Create a new instance.
- * @param selectorFactory The factory which provides classes responsible for selecting the protocol.
- * @param listenerFactory The factory which provides to be notified of which protocol was selected.
- * @param protocols The order of iteration determines the preference of support for protocols.
- */
- public JdkNpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,
- ProtocolSelectionListenerFactory listenerFactory, String... protocols) {
- super(NPN_WRAPPER, selectorFactory, listenerFactory, protocols);
- }
-}
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkNpnSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/JdkNpnSslEngine.java
deleted file mode 100644
index 422727a..0000000
--- a/handler/src/main/java/io/netty/handler/ssl/JdkNpnSslEngine.java
+++ /dev/null
@@ -1,122 +0,0 @@
-/*
- * Copyright 2014 The Netty Project
- *
- * The Netty Project licenses this file to you under the Apache License,
- * version 2.0 (the "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations
- * under the License.
- */
-
-package io.netty.handler.ssl;
-
-import static io.netty.util.internal.ObjectUtil.checkNotNull;
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelectionListener;
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelector;
-import io.netty.util.internal.PlatformDependent;
-
-import java.util.LinkedHashSet;
-import java.util.List;
-
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLException;
-
-import org.eclipse.jetty.npn.NextProtoNego;
-import org.eclipse.jetty.npn.NextProtoNego.ClientProvider;
-import org.eclipse.jetty.npn.NextProtoNego.ServerProvider;
-
-final class JdkNpnSslEngine extends JdkSslEngine {
- private static boolean available;
-
- static boolean isAvailable() {
- updateAvailability();
- return available;
- }
-
- private static void updateAvailability() {
- if (available) {
- return;
- }
- try {
- // Always use bootstrap class loader.
- Class.forName("sun.security.ssl.NextProtoNegoExtension", true, null);
- available = true;
- } catch (Exception ignore) {
- // npn-boot was not loaded.
- }
- }
-
- JdkNpnSslEngine(SSLEngine engine, final JdkApplicationProtocolNegotiator applicationNegotiator, boolean server) {
- super(engine);
- checkNotNull(applicationNegotiator, "applicationNegotiator");
-
- if (server) {
- final ProtocolSelectionListener protocolListener = checkNotNull(applicationNegotiator
- .protocolListenerFactory().newListener(this, applicationNegotiator.protocols()),
- "protocolListener");
- NextProtoNego.put(engine, new ServerProvider() {
- @Override
- public void unsupported() {
- protocolListener.unsupported();
- }
-
- @Override
- public List<String> protocols() {
- return applicationNegotiator.protocols();
- }
-
- @Override
- public void protocolSelected(String protocol) {
- try {
- protocolListener.selected(protocol);
- } catch (Throwable t) {
- PlatformDependent.throwException(t);
- }
- }
- });
- } else {
- final ProtocolSelector protocolSelector = checkNotNull(applicationNegotiator.protocolSelectorFactory()
- .newSelector(this, new LinkedHashSet<String>(applicationNegotiator.protocols())),
- "protocolSelector");
- NextProtoNego.put(engine, new ClientProvider() {
- @Override
- public boolean supports() {
- return true;
- }
-
- @Override
- public void unsupported() {
- protocolSelector.unsupported();
- }
-
- @Override
- public String selectProtocol(List<String> protocols) {
- try {
- return protocolSelector.select(protocols);
- } catch (Throwable t) {
- PlatformDependent.throwException(t);
- return null;
- }
- }
- });
- }
- }
-
- @Override
- public void closeInbound() throws SSLException {
- NextProtoNego.remove(getWrappedEngine());
- super.closeInbound();
- }
-
- @Override
- public void closeOutbound() {
- NextProtoNego.remove(getWrappedEngine());
- super.closeOutbound();
- }
-}
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java b/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java
index 0a120eb..cdad232 100644
--- a/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java
@@ -270,50 +270,6 @@ public class JdkSslContext extends SslContext {
switch(config.protocol()) {
case NONE:
return JdkDefaultApplicationProtocolNegotiator.INSTANCE;
- case ALPN:
- if (isServer) {
- switch(config.selectorFailureBehavior()) {
- case FATAL_ALERT:
- return new JdkAlpnApplicationProtocolNegotiator(true, config.supportedProtocols());
- case NO_ADVERTISE:
- return new JdkAlpnApplicationProtocolNegotiator(false, config.supportedProtocols());
- default:
- throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")
- .append(config.selectorFailureBehavior()).append(" failure behavior").toString());
- }
- } else {
- switch(config.selectedListenerFailureBehavior()) {
- case ACCEPT:
- return new JdkAlpnApplicationProtocolNegotiator(false, config.supportedProtocols());
- case FATAL_ALERT:
- return new JdkAlpnApplicationProtocolNegotiator(true, config.supportedProtocols());
- default:
- throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")
- .append(config.selectedListenerFailureBehavior()).append(" failure behavior").toString());
- }
- }
- case NPN:
- if (isServer) {
- switch(config.selectedListenerFailureBehavior()) {
- case ACCEPT:
- return new JdkNpnApplicationProtocolNegotiator(false, config.supportedProtocols());
- case FATAL_ALERT:
- return new JdkNpnApplicationProtocolNegotiator(true, config.supportedProtocols());
- default:
- throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")
- .append(config.selectedListenerFailureBehavior()).append(" failure behavior").toString());
- }
- } else {
- switch(config.selectorFailureBehavior()) {
- case FATAL_ALERT:
- return new JdkNpnApplicationProtocolNegotiator(true, config.supportedProtocols());
- case NO_ADVERTISE:
- return new JdkNpnApplicationProtocolNegotiator(false, config.supportedProtocols());
- default:
- throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")
- .append(config.selectorFailureBehavior()).append(" failure behavior").toString());
- }
- }
default:
throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")
.append(config.protocol()).append(" protocol").toString());
diff --git a/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java b/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java
index 9a57230..090f996 100644
--- a/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java
@@ -15,262 +15,15 @@
*/
package io.netty.handler.ssl;
-import io.netty.handler.ssl.ApplicationProtocolConfig.Protocol;
-import io.netty.handler.ssl.ApplicationProtocolConfig.SelectedListenerFailureBehavior;
-import io.netty.handler.ssl.ApplicationProtocolConfig.SelectorFailureBehavior;
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelector;
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelectorFactory;
-import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
-import io.netty.handler.ssl.util.SelfSignedCertificate;
import org.junit.Test;
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLHandshakeException;
-import java.util.List;
-import java.util.Set;
-import java.util.concurrent.TimeUnit;
-
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assume.assumeNoException;
-
public class JdkSslEngineTest extends SSLEngineTest {
- private static final String PREFERRED_APPLICATION_LEVEL_PROTOCOL = "my-protocol-http2";
- private static final String FALLBACK_APPLICATION_LEVEL_PROTOCOL = "my-protocol-http1_1";
- private static final String APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE = "my-protocol-FOO";
-
- @Test
- public void testNpn() throws Exception {
- try {
- // Typical code will not have to check this, but will get a initialization error on class load.
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
- // initialization error.
- if (!JdkNpnSslEngine.isAvailable()) {
- throw tlsExtensionNotFound(Protocol.NPN);
- }
- ApplicationProtocolConfig apn = failingNegotiator(Protocol.NPN,
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- setupHandlers(apn);
- runTest();
- } catch (SkipTestException e) {
- // NPN availability is dependent on the java version. If NPN is not available because of
- // java version incompatibility don't fail the test, but instead just skip the test
- assumeNoException(e);
- }
- }
-
- @Test
- public void testNpnNoCompatibleProtocolsNoHandshakeFailure() throws Exception {
- try {
- // Typical code will not have to check this, but will get a initialization error on class load.
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
- // initialization error.
- if (!JdkNpnSslEngine.isAvailable()) {
- throw tlsExtensionNotFound(Protocol.NPN);
- }
- ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.NPN,
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- ApplicationProtocolConfig serverApn = acceptingNegotiator(Protocol.NPN,
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
- setupHandlers(serverApn, clientApn);
- runTest(null);
- } catch (SkipTestException e) {
- // ALPN availability is dependent on the java version. If ALPN is not available because of
- // java version incompatibility don't fail the test, but instead just skip the test
- assumeNoException(e);
- }
- }
-
- @Test
- public void testNpnNoCompatibleProtocolsClientHandshakeFailure() throws Exception {
- try {
- // Typical code will not have to check this, but will get a initialization error on class load.
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
- // initialization error.
- if (!JdkNpnSslEngine.isAvailable()) {
- throw tlsExtensionNotFound(Protocol.NPN);
- }
- ApplicationProtocolConfig clientApn = failingNegotiator(Protocol.NPN,
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- ApplicationProtocolConfig serverApn = acceptingNegotiator(Protocol.NPN,
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
- setupHandlers(serverApn, clientApn);
- assertTrue(clientLatch.await(2, TimeUnit.SECONDS));
- assertTrue(clientException instanceof SSLHandshakeException);
- } catch (SkipTestException e) {
- // NPN availability is dependent on the java version. If NPN is not available because of
- // java version incompatibility don't fail the test, but instead just skip the test
- assumeNoException(e);
- }
- }
-
- @Test
- public void testNpnNoCompatibleProtocolsServerHandshakeFailure() throws Exception {
- try {
- // Typical code will not have to check this, but will get a initialization error on class load.
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
- // initialization error.
- if (!JdkNpnSslEngine.isAvailable()) {
- throw tlsExtensionNotFound(Protocol.NPN);
- }
- ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.NPN,
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- ApplicationProtocolConfig serverApn = failingNegotiator(Protocol.NPN,
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
- setupHandlers(serverApn, clientApn);
- assertTrue(serverLatch.await(2, TimeUnit.SECONDS));
- assertTrue(serverException instanceof SSLHandshakeException);
- } catch (SkipTestException e) {
- // NPN availability is dependent on the java version. If NPN is not available because of
- // java version incompatibility don't fail the test, but instead just skip the test
- assumeNoException(e);
- }
- }
-
- @Test
- public void testAlpn() throws Exception {
- try {
- // Typical code will not have to check this, but will get a initialization error on class load.
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
- // initialization error.
- if (!JdkAlpnSslEngine.isAvailable()) {
- throw tlsExtensionNotFound(Protocol.ALPN);
- }
- ApplicationProtocolConfig apn = failingNegotiator(Protocol.ALPN,
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- setupHandlers(apn);
- runTest();
- } catch (SkipTestException e) {
- // ALPN availability is dependent on the java version. If ALPN is not available because of
- // java version incompatibility don't fail the test, but instead just skip the test
- assumeNoException(e);
- }
- }
-
- @Test
- public void testAlpnNoCompatibleProtocolsNoHandshakeFailure() throws Exception {
- try {
- // Typical code will not have to check this, but will get a initialization error on class load.
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
- // initialization error.
- if (!JdkAlpnSslEngine.isAvailable()) {
- throw tlsExtensionNotFound(Protocol.ALPN);
- }
- ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.ALPN,
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- ApplicationProtocolConfig serverApn = acceptingNegotiator(Protocol.ALPN,
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
- setupHandlers(serverApn, clientApn);
- runTest(null);
- } catch (SkipTestException e) {
- // ALPN availability is dependent on the java version. If ALPN is not available because of
- // java version incompatibility don't fail the test, but instead just skip the test
- assumeNoException(e);
- }
- }
-
- @Test
- public void testAlpnNoCompatibleProtocolsServerHandshakeFailure() throws Exception {
- try {
- // Typical code will not have to check this, but will get a initialization error on class load.
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
- // initialization error.
- if (!JdkAlpnSslEngine.isAvailable()) {
- throw tlsExtensionNotFound(Protocol.ALPN);
- }
- ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.ALPN,
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- ApplicationProtocolConfig serverApn = failingNegotiator(Protocol.ALPN,
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
- setupHandlers(serverApn, clientApn);
- assertTrue(serverLatch.await(2, TimeUnit.SECONDS));
- assertTrue(serverException instanceof SSLHandshakeException);
- } catch (SkipTestException e) {
- // ALPN availability is dependent on the java version. If ALPN is not available because of
- // java version incompatibility don't fail the test, but instead just skip the test
- assumeNoException(e);
- }
- }
-
- @Test
- public void testAlpnCompatibleProtocolsDifferentClientOrder() throws Exception {
- try {
- // Typical code will not have to check this, but will get a initialization error on class load.
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
- // initialization error.
- if (!JdkAlpnSslEngine.isAvailable()) {
- throw tlsExtensionNotFound(Protocol.ALPN);
- }
- // Even the preferred application protocol appears second in the client's list, it will be picked
- // because it's the first one on server's list.
- ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.ALPN,
- FALLBACK_APPLICATION_LEVEL_PROTOCOL, PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- ApplicationProtocolConfig serverApn = failingNegotiator(Protocol.ALPN,
- PREFERRED_APPLICATION_LEVEL_PROTOCOL, FALLBACK_APPLICATION_LEVEL_PROTOCOL);
- setupHandlers(serverApn, clientApn);
- assertNull(serverException);
- runTest(PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- } catch (SkipTestException e) {
- // ALPN availability is dependent on the java version. If ALPN is not available because of
- // java version incompatibility don't fail the test, but instead just skip the test
- assumeNoException(e);
- }
- }
-
- @Test
- public void testAlpnNoCompatibleProtocolsClientHandshakeFailure() throws Exception {
- try {
- // Typical code will not have to check this, but will get a initialization error on class load.
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
- // initialization error.
- if (!JdkAlpnSslEngine.isAvailable()) {
- throw tlsExtensionNotFound(Protocol.ALPN);
- }
- SelfSignedCertificate ssc = new SelfSignedCertificate();
- JdkApplicationProtocolNegotiator clientApn = new JdkAlpnApplicationProtocolNegotiator(true, true,
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- JdkApplicationProtocolNegotiator serverApn = new JdkAlpnApplicationProtocolNegotiator(
- new ProtocolSelectorFactory() {
- @Override
- public ProtocolSelector newSelector(SSLEngine engine, Set<String> supportedProtocols) {
- return new ProtocolSelector() {
- @Override
- public void unsupported() {
- }
-
- @Override
- public String select(List<String> protocols) {
- return APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE;
- }
- };
- }
- }, JdkBaseApplicationProtocolNegotiator.FAIL_SELECTION_LISTENER_FACTORY,
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
-
- SslContext serverSslCtx = new JdkSslServerContext(ssc.certificate(), ssc.privateKey(), null, null,
- IdentityCipherSuiteFilter.INSTANCE, serverApn, 0, 0);
- SslContext clientSslCtx = new JdkSslClientContext(null, InsecureTrustManagerFactory.INSTANCE, null,
- IdentityCipherSuiteFilter.INSTANCE, clientApn, 0, 0);
-
- setupHandlers(serverSslCtx, clientSslCtx);
- assertTrue(clientLatch.await(2, TimeUnit.SECONDS));
- assertTrue(clientException instanceof SSLHandshakeException);
- } catch (SkipTestException e) {
- // ALPN availability is dependent on the java version. If ALPN is not available because of
- // java version incompatibility don't fail the test, but instead just skip the test
- assumeNoException(e);
- }
- }
@Test
public void testEnablingAnAlreadyDisabledSslProtocol() throws Exception {
testEnablingAnAlreadyDisabledSslProtocol(new String[]{}, new String[]{PROTOCOL_TLS_V1_2});
}
- private void runTest() throws Exception {
- runTest(PREFERRED_APPLICATION_LEVEL_PROTOCOL);
- }
-
@Override
protected SslProvider sslClientProvider() {
return SslProvider.JDK;
@@ -280,30 +33,4 @@ public class JdkSslEngineTest extends SSLEngineTest {
protected SslProvider sslServerProvider() {
return SslProvider.JDK;
}
-
- private ApplicationProtocolConfig failingNegotiator(Protocol protocol,
- String... supportedProtocols) {
- return new ApplicationProtocolConfig(protocol,
- SelectorFailureBehavior.FATAL_ALERT,
- SelectedListenerFailureBehavior.FATAL_ALERT,
- supportedProtocols);
- }
-
- private ApplicationProtocolConfig acceptingNegotiator(Protocol protocol,
- String... supportedProtocols) {
- return new ApplicationProtocolConfig(protocol,
- SelectorFailureBehavior.NO_ADVERTISE,
- SelectedListenerFailureBehavior.ACCEPT,
- supportedProtocols);
- }
-
- private SkipTestException tlsExtensionNotFound(Protocol protocol) {
- throw new SkipTestException(protocol + " not on classpath");
- }
-
- private static final class SkipTestException extends RuntimeException {
- public SkipTestException(String message) {
- super(message);
- }
- }
}
--
2.7.4

View File

@ -4,14 +4,15 @@
%global namedversion %{version}%{?namedreltag} %global namedversion %{version}%{?namedreltag}
Name: netty Name: netty
Version: 4.0.28 Version: 4.0.42
Release: 3%{?dist} Release: 1%{?dist}
Summary: An asynchronous event-driven network application framework and tools for Java Summary: An asynchronous event-driven network application framework and tools for Java
License: ASL 2.0 License: ASL 2.0
URL: https://netty.io/ URL: https://netty.io/
Source0: https://github.com/netty/netty/archive/netty-%{namedversion}.tar.gz Source0: https://github.com/netty/netty/archive/netty-%{namedversion}.tar.gz
Patch0: npn_alpn_ssl_fixes.patch Patch0: 0001-Remove-OpenSSL-parts-depending-on-tcnative.patch
Patch1: transport-native-epoll-configure-fix.patch Patch1: 0002-Remove-NPN-ALPN.patch
#Patch1: transport-native-epoll-configure-fix.patch
BuildRequires: maven-local BuildRequires: maven-local
BuildRequires: mvn(ant-contrib:ant-contrib) BuildRequires: mvn(ant-contrib:ant-contrib)
@ -21,6 +22,7 @@ BuildRequires: mvn(com.jcraft:jzlib)
BuildRequires: mvn(commons-logging:commons-logging) BuildRequires: mvn(commons-logging:commons-logging)
BuildRequires: mvn(junit:junit) BuildRequires: mvn(junit:junit)
BuildRequires: mvn(log4j:log4j) BuildRequires: mvn(log4j:log4j)
BuildRequires: mvn(org.jctools:jctools-core)
BuildRequires: mvn(org.apache.felix:maven-bundle-plugin) BuildRequires: mvn(org.apache.felix:maven-bundle-plugin)
BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin) BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin)
BuildRequires: mvn(org.apache.maven.plugins:maven-checkstyle-plugin) BuildRequires: mvn(org.apache.maven.plugins:maven-checkstyle-plugin)
@ -72,7 +74,7 @@ Summary: API documentation for %{name}
%setup -q -n netty-netty-%{namedversion} %setup -q -n netty-netty-%{namedversion}
%patch0 -p1 %patch0 -p1
%patch1 -p2 %patch1 -p1
# Missing Mavenized rxtx # Missing Mavenized rxtx
%pom_disable_module "transport-rxtx" %pom_disable_module "transport-rxtx"
@ -93,17 +95,16 @@ Summary: API documentation for %{name}
%pom_remove_plugin :maven-enforcer-plugin %pom_remove_plugin :maven-enforcer-plugin
%pom_remove_plugin :maven-antrun-plugin %pom_remove_plugin :maven-antrun-plugin
%pom_remove_plugin :maven-dependency-plugin %pom_remove_plugin :maven-dependency-plugin
%pom_remove_plugin :maven-shade-plugin
%pom_remove_plugin :maven-shade-plugin common
%pom_remove_plugin :xml-maven-plugin
# Optional things we don't ship # Optional things we don't ship
%pom_remove_dep ":netty-tcnative" %pom_remove_dep ":\${tcnative.artifactId}"
%pom_remove_dep ":netty-tcnative" handler %pom_remove_dep ":\${tcnative.artifactId}" handler
%pom_remove_dep "org.eclipse.jetty.npn:npn-api" %pom_remove_dep "org.eclipse.jetty.npn:npn-api"
%pom_remove_dep "org.eclipse.jetty.npn:npn-api" handler %pom_remove_dep "org.eclipse.jetty.npn:npn-api" handler
%pom_remove_dep "org.mortbay.jetty.npn:npn-boot"
%pom_remove_dep "org.mortbay.jetty.npn:npn-boot" handler
%pom_remove_dep "org.eclipse.jetty.alpn:alpn-api" %pom_remove_dep "org.eclipse.jetty.alpn:alpn-api"
%pom_remove_dep "org.eclipse.jetty.alpn:alpn-api" handler %pom_remove_dep "org.eclipse.jetty.alpn:alpn-api" handler
%pom_remove_dep "org.mortbay.jetty.alpn:alpn-boot"
%pom_remove_dep "org.mortbay.jetty.alpn:alpn-boot" handler
sed -i 's|taskdef|taskdef classpathref="maven.plugin.classpath"|' all/pom.xml sed -i 's|taskdef|taskdef classpathref="maven.plugin.classpath"|' all/pom.xml
@ -129,6 +130,10 @@ export CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
%doc LICENSE.txt NOTICE.txt %doc LICENSE.txt NOTICE.txt
%changelog %changelog
* Thu Oct 20 2016 Severin Gehwolf <sgehwolf@redhat.com> - 4.0.42-1
- Update to upstream 4.0.42 release.
- Resolves RHBZ#1380921
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.28-3 * Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.28-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

File diff suppressed because it is too large Load Diff

View File

@ -1 +1 @@
a38973b451fb2c8e59c1adb01b292224 netty-4.0.28.Final.tar.gz 1259f8126350883c5770bd26a6896fc0 netty-4.0.42.Final.tar.gz

View File

@ -1,14 +0,0 @@
diff --git a/netty-netty-4.0.27.Final/transport-native-epoll/pom.xml b/netty-netty-4.0.27.Final/transport-native-epoll/pom.xml
index c9c7b25..b489b3f 100644
--- a/netty-netty-4.0.27.Final/transport-native-epoll/pom.xml
+++ b/netty-netty-4.0.27.Final/transport-native-epoll/pom.xml
@@ -73,9 +73,6 @@
<platform>.</platform>
<forceConfigure>true</forceConfigure>
<forceAutogen>true</forceAutogen>
- <configureArgs>
- <arg>${jni.compiler.args}</arg>
- </configureArgs>
</configuration>
<goals>
<goal>generate</goal>