Update to upstream's 4.0.42 release.
Resolves: RHBZ#1380921
This commit is contained in:
parent
2d63dcf3d9
commit
38464b7257
6037
0001-Remove-OpenSSL-parts-depending-on-tcnative.patch
Normal file
6037
0001-Remove-OpenSSL-parts-depending-on-tcnative.patch
Normal file
File diff suppressed because it is too large
Load Diff
884
0002-Remove-NPN-ALPN.patch
Normal file
884
0002-Remove-NPN-ALPN.patch
Normal file
@ -0,0 +1,884 @@
|
|||||||
|
From cfb6f2a620525a94d6964c287792f2645bff4f4a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Severin Gehwolf <sgehwolf@redhat.com>
|
||||||
|
Date: Thu, 20 Oct 2016 16:18:10 +0200
|
||||||
|
Subject: [PATCH 2/2] Remove NPN ALPN
|
||||||
|
|
||||||
|
---
|
||||||
|
.../ssl/JdkAlpnApplicationProtocolNegotiator.java | 120 ---------
|
||||||
|
.../io/netty/handler/ssl/JdkAlpnSslEngine.java | 124 ----------
|
||||||
|
.../ssl/JdkNpnApplicationProtocolNegotiator.java | 120 ---------
|
||||||
|
.../java/io/netty/handler/ssl/JdkNpnSslEngine.java | 122 ---------
|
||||||
|
.../java/io/netty/handler/ssl/JdkSslContext.java | 44 ----
|
||||||
|
.../io/netty/handler/ssl/JdkSslEngineTest.java | 273 ---------------------
|
||||||
|
6 files changed, 803 deletions(-)
|
||||||
|
delete mode 100644 handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java
|
||||||
|
delete mode 100644 handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java
|
||||||
|
delete mode 100644 handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java
|
||||||
|
delete mode 100644 handler/src/main/java/io/netty/handler/ssl/JdkNpnSslEngine.java
|
||||||
|
|
||||||
|
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java b/handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java
|
||||||
|
deleted file mode 100644
|
||||||
|
index aaaf5b7..0000000
|
||||||
|
--- a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnApplicationProtocolNegotiator.java
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1,120 +0,0 @@
|
||||||
|
-/*
|
||||||
|
- * Copyright 2014 The Netty Project
|
||||||
|
- *
|
||||||
|
- * The Netty Project licenses this file to you under the Apache License,
|
||||||
|
- * version 2.0 (the "License"); you may not use this file except in compliance
|
||||||
|
- * with the License. You may obtain a copy of the License at:
|
||||||
|
- *
|
||||||
|
- * http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
- *
|
||||||
|
- * Unless required by applicable law or agreed to in writing, software
|
||||||
|
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
- * License for the specific language governing permissions and limitations
|
||||||
|
- * under the License.
|
||||||
|
- */
|
||||||
|
-package io.netty.handler.ssl;
|
||||||
|
-
|
||||||
|
-import javax.net.ssl.SSLEngine;
|
||||||
|
-
|
||||||
|
-/**
|
||||||
|
- * The {@link JdkApplicationProtocolNegotiator} to use if you need ALPN and are using {@link SslProvider#JDK}.
|
||||||
|
- */
|
||||||
|
-public final class JdkAlpnApplicationProtocolNegotiator extends JdkBaseApplicationProtocolNegotiator {
|
||||||
|
- private static final SslEngineWrapperFactory ALPN_WRAPPER = new SslEngineWrapperFactory() {
|
||||||
|
- {
|
||||||
|
- if (!JdkAlpnSslEngine.isAvailable()) {
|
||||||
|
- throw new RuntimeException("ALPN unsupported. Is your classpatch configured correctly?"
|
||||||
|
- + " See http://www.eclipse.org/jetty/documentation/current/alpn-chapter.html#alpn-starting");
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public SSLEngine wrapSslEngine(SSLEngine engine, JdkApplicationProtocolNegotiator applicationNegotiator,
|
||||||
|
- boolean isServer) {
|
||||||
|
- return new JdkAlpnSslEngine(engine, applicationNegotiator, isServer);
|
||||||
|
- }
|
||||||
|
- };
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkAlpnApplicationProtocolNegotiator(Iterable<String> protocols) {
|
||||||
|
- this(false, protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkAlpnApplicationProtocolNegotiator(String... protocols) {
|
||||||
|
- this(false, protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param failIfNoCommonProtocols Fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkAlpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, Iterable<String> protocols) {
|
||||||
|
- this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param failIfNoCommonProtocols Fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkAlpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, String... protocols) {
|
||||||
|
- this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param clientFailIfNoCommonProtocols Client side fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param serverFailIfNoCommonProtocols Server side fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkAlpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,
|
||||||
|
- boolean serverFailIfNoCommonProtocols, Iterable<String> protocols) {
|
||||||
|
- this(serverFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,
|
||||||
|
- clientFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,
|
||||||
|
- protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param clientFailIfNoCommonProtocols Client side fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param serverFailIfNoCommonProtocols Server side fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkAlpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,
|
||||||
|
- boolean serverFailIfNoCommonProtocols, String... protocols) {
|
||||||
|
- this(serverFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,
|
||||||
|
- clientFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,
|
||||||
|
- protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param selectorFactory The factory which provides classes responsible for selecting the protocol.
|
||||||
|
- * @param listenerFactory The factory which provides to be notified of which protocol was selected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkAlpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,
|
||||||
|
- ProtocolSelectionListenerFactory listenerFactory, Iterable<String> protocols) {
|
||||||
|
- super(ALPN_WRAPPER, selectorFactory, listenerFactory, protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param selectorFactory The factory which provides classes responsible for selecting the protocol.
|
||||||
|
- * @param listenerFactory The factory which provides to be notified of which protocol was selected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkAlpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,
|
||||||
|
- ProtocolSelectionListenerFactory listenerFactory, String... protocols) {
|
||||||
|
- super(ALPN_WRAPPER, selectorFactory, listenerFactory, protocols);
|
||||||
|
- }
|
||||||
|
-}
|
||||||
|
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java
|
||||||
|
deleted file mode 100644
|
||||||
|
index bdf3aca..0000000
|
||||||
|
--- a/handler/src/main/java/io/netty/handler/ssl/JdkAlpnSslEngine.java
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1,124 +0,0 @@
|
||||||
|
-/*
|
||||||
|
- * Copyright 2014 The Netty Project
|
||||||
|
- *
|
||||||
|
- * The Netty Project licenses this file to you under the Apache License,
|
||||||
|
- * version 2.0 (the "License"); you may not use this file except in compliance
|
||||||
|
- * with the License. You may obtain a copy of the License at:
|
||||||
|
- *
|
||||||
|
- * http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
- *
|
||||||
|
- * Unless required by applicable law or agreed to in writing, software
|
||||||
|
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
- * License for the specific language governing permissions and limitations
|
||||||
|
- * under the License.
|
||||||
|
- */
|
||||||
|
-package io.netty.handler.ssl;
|
||||||
|
-
|
||||||
|
-import static io.netty.util.internal.ObjectUtil.checkNotNull;
|
||||||
|
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelectionListener;
|
||||||
|
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelector;
|
||||||
|
-
|
||||||
|
-import java.util.LinkedHashSet;
|
||||||
|
-import java.util.List;
|
||||||
|
-
|
||||||
|
-import javax.net.ssl.SSLEngine;
|
||||||
|
-import javax.net.ssl.SSLException;
|
||||||
|
-import javax.net.ssl.SSLHandshakeException;
|
||||||
|
-
|
||||||
|
-import org.eclipse.jetty.alpn.ALPN;
|
||||||
|
-import org.eclipse.jetty.alpn.ALPN.ClientProvider;
|
||||||
|
-import org.eclipse.jetty.alpn.ALPN.ServerProvider;
|
||||||
|
-
|
||||||
|
-final class JdkAlpnSslEngine extends JdkSslEngine {
|
||||||
|
- private static boolean available;
|
||||||
|
-
|
||||||
|
- static boolean isAvailable() {
|
||||||
|
- updateAvailability();
|
||||||
|
- return available;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- private static void updateAvailability() {
|
||||||
|
- if (available) {
|
||||||
|
- return;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- try {
|
||||||
|
- // Always use bootstrap class loader.
|
||||||
|
- Class.forName("sun.security.ssl.ALPNExtension", true, null);
|
||||||
|
- available = true;
|
||||||
|
- } catch (Exception ignore) {
|
||||||
|
- // alpn-boot was not loaded.
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- JdkAlpnSslEngine(SSLEngine engine, final JdkApplicationProtocolNegotiator applicationNegotiator, boolean server) {
|
||||||
|
- super(engine);
|
||||||
|
- checkNotNull(applicationNegotiator, "applicationNegotiator");
|
||||||
|
-
|
||||||
|
- if (server) {
|
||||||
|
- final ProtocolSelector protocolSelector = checkNotNull(applicationNegotiator.protocolSelectorFactory()
|
||||||
|
- .newSelector(this, new LinkedHashSet<String>(applicationNegotiator.protocols())),
|
||||||
|
- "protocolSelector");
|
||||||
|
- ALPN.put(engine, new ServerProvider() {
|
||||||
|
- @Override
|
||||||
|
- public String select(List<String> protocols) throws SSLException {
|
||||||
|
- try {
|
||||||
|
- return protocolSelector.select(protocols);
|
||||||
|
- } catch (SSLHandshakeException e) {
|
||||||
|
- throw e;
|
||||||
|
- } catch (Throwable t) {
|
||||||
|
- SSLHandshakeException e = new SSLHandshakeException(t.getMessage());
|
||||||
|
- e.initCause(t);
|
||||||
|
- throw e;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public void unsupported() {
|
||||||
|
- protocolSelector.unsupported();
|
||||||
|
- }
|
||||||
|
- });
|
||||||
|
- } else {
|
||||||
|
- final ProtocolSelectionListener protocolListener = checkNotNull(applicationNegotiator
|
||||||
|
- .protocolListenerFactory().newListener(this, applicationNegotiator.protocols()),
|
||||||
|
- "protocolListener");
|
||||||
|
- ALPN.put(engine, new ClientProvider() {
|
||||||
|
- @Override
|
||||||
|
- public List<String> protocols() {
|
||||||
|
- return applicationNegotiator.protocols();
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public void selected(String protocol) throws SSLException {
|
||||||
|
- try {
|
||||||
|
- protocolListener.selected(protocol);
|
||||||
|
- } catch (SSLHandshakeException e) {
|
||||||
|
- throw e;
|
||||||
|
- } catch (Throwable t) {
|
||||||
|
- SSLHandshakeException e = new SSLHandshakeException(t.getMessage());
|
||||||
|
- e.initCause(t);
|
||||||
|
- throw e;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public void unsupported() {
|
||||||
|
- protocolListener.unsupported();
|
||||||
|
- }
|
||||||
|
- });
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public void closeInbound() throws SSLException {
|
||||||
|
- ALPN.remove(getWrappedEngine());
|
||||||
|
- super.closeInbound();
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public void closeOutbound() {
|
||||||
|
- ALPN.remove(getWrappedEngine());
|
||||||
|
- super.closeOutbound();
|
||||||
|
- }
|
||||||
|
-}
|
||||||
|
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java b/handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java
|
||||||
|
deleted file mode 100644
|
||||||
|
index c893f05..0000000
|
||||||
|
--- a/handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1,120 +0,0 @@
|
||||||
|
-/*
|
||||||
|
- * Copyright 2014 The Netty Project
|
||||||
|
- *
|
||||||
|
- * The Netty Project licenses this file to you under the Apache License,
|
||||||
|
- * version 2.0 (the "License"); you may not use this file except in compliance
|
||||||
|
- * with the License. You may obtain a copy of the License at:
|
||||||
|
- *
|
||||||
|
- * http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
- *
|
||||||
|
- * Unless required by applicable law or agreed to in writing, software
|
||||||
|
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
- * License for the specific language governing permissions and limitations
|
||||||
|
- * under the License.
|
||||||
|
- */
|
||||||
|
-package io.netty.handler.ssl;
|
||||||
|
-
|
||||||
|
-import javax.net.ssl.SSLEngine;
|
||||||
|
-
|
||||||
|
-/**
|
||||||
|
- * The {@link JdkApplicationProtocolNegotiator} to use if you need NPN and are using {@link SslProvider#JDK}.
|
||||||
|
- */
|
||||||
|
-public final class JdkNpnApplicationProtocolNegotiator extends JdkBaseApplicationProtocolNegotiator {
|
||||||
|
- private static final SslEngineWrapperFactory NPN_WRAPPER = new SslEngineWrapperFactory() {
|
||||||
|
- {
|
||||||
|
- if (!JdkNpnSslEngine.isAvailable()) {
|
||||||
|
- throw new RuntimeException("NPN unsupported. Is your classpatch configured correctly?"
|
||||||
|
- + " See http://www.eclipse.org/jetty/documentation/current/npn-chapter.html#npn-starting");
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public SSLEngine wrapSslEngine(SSLEngine engine, JdkApplicationProtocolNegotiator applicationNegotiator,
|
||||||
|
- boolean isServer) {
|
||||||
|
- return new JdkNpnSslEngine(engine, applicationNegotiator, isServer);
|
||||||
|
- }
|
||||||
|
- };
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkNpnApplicationProtocolNegotiator(Iterable<String> protocols) {
|
||||||
|
- this(false, protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkNpnApplicationProtocolNegotiator(String... protocols) {
|
||||||
|
- this(false, protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param failIfNoCommonProtocols Fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkNpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, Iterable<String> protocols) {
|
||||||
|
- this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param failIfNoCommonProtocols Fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkNpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, String... protocols) {
|
||||||
|
- this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param clientFailIfNoCommonProtocols Client side fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param serverFailIfNoCommonProtocols Server side fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkNpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,
|
||||||
|
- boolean serverFailIfNoCommonProtocols, Iterable<String> protocols) {
|
||||||
|
- this(clientFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,
|
||||||
|
- serverFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,
|
||||||
|
- protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param clientFailIfNoCommonProtocols Client side fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param serverFailIfNoCommonProtocols Server side fail with a fatal alert if not common protocols are detected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkNpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,
|
||||||
|
- boolean serverFailIfNoCommonProtocols, String... protocols) {
|
||||||
|
- this(clientFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,
|
||||||
|
- serverFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,
|
||||||
|
- protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param selectorFactory The factory which provides classes responsible for selecting the protocol.
|
||||||
|
- * @param listenerFactory The factory which provides to be notified of which protocol was selected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkNpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,
|
||||||
|
- ProtocolSelectionListenerFactory listenerFactory, Iterable<String> protocols) {
|
||||||
|
- super(NPN_WRAPPER, selectorFactory, listenerFactory, protocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /**
|
||||||
|
- * Create a new instance.
|
||||||
|
- * @param selectorFactory The factory which provides classes responsible for selecting the protocol.
|
||||||
|
- * @param listenerFactory The factory which provides to be notified of which protocol was selected.
|
||||||
|
- * @param protocols The order of iteration determines the preference of support for protocols.
|
||||||
|
- */
|
||||||
|
- public JdkNpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,
|
||||||
|
- ProtocolSelectionListenerFactory listenerFactory, String... protocols) {
|
||||||
|
- super(NPN_WRAPPER, selectorFactory, listenerFactory, protocols);
|
||||||
|
- }
|
||||||
|
-}
|
||||||
|
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkNpnSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/JdkNpnSslEngine.java
|
||||||
|
deleted file mode 100644
|
||||||
|
index 422727a..0000000
|
||||||
|
--- a/handler/src/main/java/io/netty/handler/ssl/JdkNpnSslEngine.java
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1,122 +0,0 @@
|
||||||
|
-/*
|
||||||
|
- * Copyright 2014 The Netty Project
|
||||||
|
- *
|
||||||
|
- * The Netty Project licenses this file to you under the Apache License,
|
||||||
|
- * version 2.0 (the "License"); you may not use this file except in compliance
|
||||||
|
- * with the License. You may obtain a copy of the License at:
|
||||||
|
- *
|
||||||
|
- * http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
- *
|
||||||
|
- * Unless required by applicable law or agreed to in writing, software
|
||||||
|
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
- * License for the specific language governing permissions and limitations
|
||||||
|
- * under the License.
|
||||||
|
- */
|
||||||
|
-
|
||||||
|
-package io.netty.handler.ssl;
|
||||||
|
-
|
||||||
|
-import static io.netty.util.internal.ObjectUtil.checkNotNull;
|
||||||
|
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelectionListener;
|
||||||
|
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelector;
|
||||||
|
-import io.netty.util.internal.PlatformDependent;
|
||||||
|
-
|
||||||
|
-import java.util.LinkedHashSet;
|
||||||
|
-import java.util.List;
|
||||||
|
-
|
||||||
|
-import javax.net.ssl.SSLEngine;
|
||||||
|
-import javax.net.ssl.SSLException;
|
||||||
|
-
|
||||||
|
-import org.eclipse.jetty.npn.NextProtoNego;
|
||||||
|
-import org.eclipse.jetty.npn.NextProtoNego.ClientProvider;
|
||||||
|
-import org.eclipse.jetty.npn.NextProtoNego.ServerProvider;
|
||||||
|
-
|
||||||
|
-final class JdkNpnSslEngine extends JdkSslEngine {
|
||||||
|
- private static boolean available;
|
||||||
|
-
|
||||||
|
- static boolean isAvailable() {
|
||||||
|
- updateAvailability();
|
||||||
|
- return available;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- private static void updateAvailability() {
|
||||||
|
- if (available) {
|
||||||
|
- return;
|
||||||
|
- }
|
||||||
|
- try {
|
||||||
|
- // Always use bootstrap class loader.
|
||||||
|
- Class.forName("sun.security.ssl.NextProtoNegoExtension", true, null);
|
||||||
|
- available = true;
|
||||||
|
- } catch (Exception ignore) {
|
||||||
|
- // npn-boot was not loaded.
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- JdkNpnSslEngine(SSLEngine engine, final JdkApplicationProtocolNegotiator applicationNegotiator, boolean server) {
|
||||||
|
- super(engine);
|
||||||
|
- checkNotNull(applicationNegotiator, "applicationNegotiator");
|
||||||
|
-
|
||||||
|
- if (server) {
|
||||||
|
- final ProtocolSelectionListener protocolListener = checkNotNull(applicationNegotiator
|
||||||
|
- .protocolListenerFactory().newListener(this, applicationNegotiator.protocols()),
|
||||||
|
- "protocolListener");
|
||||||
|
- NextProtoNego.put(engine, new ServerProvider() {
|
||||||
|
- @Override
|
||||||
|
- public void unsupported() {
|
||||||
|
- protocolListener.unsupported();
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public List<String> protocols() {
|
||||||
|
- return applicationNegotiator.protocols();
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public void protocolSelected(String protocol) {
|
||||||
|
- try {
|
||||||
|
- protocolListener.selected(protocol);
|
||||||
|
- } catch (Throwable t) {
|
||||||
|
- PlatformDependent.throwException(t);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- });
|
||||||
|
- } else {
|
||||||
|
- final ProtocolSelector protocolSelector = checkNotNull(applicationNegotiator.protocolSelectorFactory()
|
||||||
|
- .newSelector(this, new LinkedHashSet<String>(applicationNegotiator.protocols())),
|
||||||
|
- "protocolSelector");
|
||||||
|
- NextProtoNego.put(engine, new ClientProvider() {
|
||||||
|
- @Override
|
||||||
|
- public boolean supports() {
|
||||||
|
- return true;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public void unsupported() {
|
||||||
|
- protocolSelector.unsupported();
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public String selectProtocol(List<String> protocols) {
|
||||||
|
- try {
|
||||||
|
- return protocolSelector.select(protocols);
|
||||||
|
- } catch (Throwable t) {
|
||||||
|
- PlatformDependent.throwException(t);
|
||||||
|
- return null;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- });
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public void closeInbound() throws SSLException {
|
||||||
|
- NextProtoNego.remove(getWrappedEngine());
|
||||||
|
- super.closeInbound();
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public void closeOutbound() {
|
||||||
|
- NextProtoNego.remove(getWrappedEngine());
|
||||||
|
- super.closeOutbound();
|
||||||
|
- }
|
||||||
|
-}
|
||||||
|
diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java b/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java
|
||||||
|
index 0a120eb..cdad232 100644
|
||||||
|
--- a/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java
|
||||||
|
+++ b/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java
|
||||||
|
@@ -270,50 +270,6 @@ public class JdkSslContext extends SslContext {
|
||||||
|
switch(config.protocol()) {
|
||||||
|
case NONE:
|
||||||
|
return JdkDefaultApplicationProtocolNegotiator.INSTANCE;
|
||||||
|
- case ALPN:
|
||||||
|
- if (isServer) {
|
||||||
|
- switch(config.selectorFailureBehavior()) {
|
||||||
|
- case FATAL_ALERT:
|
||||||
|
- return new JdkAlpnApplicationProtocolNegotiator(true, config.supportedProtocols());
|
||||||
|
- case NO_ADVERTISE:
|
||||||
|
- return new JdkAlpnApplicationProtocolNegotiator(false, config.supportedProtocols());
|
||||||
|
- default:
|
||||||
|
- throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")
|
||||||
|
- .append(config.selectorFailureBehavior()).append(" failure behavior").toString());
|
||||||
|
- }
|
||||||
|
- } else {
|
||||||
|
- switch(config.selectedListenerFailureBehavior()) {
|
||||||
|
- case ACCEPT:
|
||||||
|
- return new JdkAlpnApplicationProtocolNegotiator(false, config.supportedProtocols());
|
||||||
|
- case FATAL_ALERT:
|
||||||
|
- return new JdkAlpnApplicationProtocolNegotiator(true, config.supportedProtocols());
|
||||||
|
- default:
|
||||||
|
- throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")
|
||||||
|
- .append(config.selectedListenerFailureBehavior()).append(" failure behavior").toString());
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- case NPN:
|
||||||
|
- if (isServer) {
|
||||||
|
- switch(config.selectedListenerFailureBehavior()) {
|
||||||
|
- case ACCEPT:
|
||||||
|
- return new JdkNpnApplicationProtocolNegotiator(false, config.supportedProtocols());
|
||||||
|
- case FATAL_ALERT:
|
||||||
|
- return new JdkNpnApplicationProtocolNegotiator(true, config.supportedProtocols());
|
||||||
|
- default:
|
||||||
|
- throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")
|
||||||
|
- .append(config.selectedListenerFailureBehavior()).append(" failure behavior").toString());
|
||||||
|
- }
|
||||||
|
- } else {
|
||||||
|
- switch(config.selectorFailureBehavior()) {
|
||||||
|
- case FATAL_ALERT:
|
||||||
|
- return new JdkNpnApplicationProtocolNegotiator(true, config.supportedProtocols());
|
||||||
|
- case NO_ADVERTISE:
|
||||||
|
- return new JdkNpnApplicationProtocolNegotiator(false, config.supportedProtocols());
|
||||||
|
- default:
|
||||||
|
- throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")
|
||||||
|
- .append(config.selectorFailureBehavior()).append(" failure behavior").toString());
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
default:
|
||||||
|
throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")
|
||||||
|
.append(config.protocol()).append(" protocol").toString());
|
||||||
|
diff --git a/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java b/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java
|
||||||
|
index 9a57230..090f996 100644
|
||||||
|
--- a/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java
|
||||||
|
+++ b/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java
|
||||||
|
@@ -15,262 +15,15 @@
|
||||||
|
*/
|
||||||
|
package io.netty.handler.ssl;
|
||||||
|
|
||||||
|
-import io.netty.handler.ssl.ApplicationProtocolConfig.Protocol;
|
||||||
|
-import io.netty.handler.ssl.ApplicationProtocolConfig.SelectedListenerFailureBehavior;
|
||||||
|
-import io.netty.handler.ssl.ApplicationProtocolConfig.SelectorFailureBehavior;
|
||||||
|
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelector;
|
||||||
|
-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelectorFactory;
|
||||||
|
-import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
-import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
import org.junit.Test;
|
||||||
|
|
||||||
|
-import javax.net.ssl.SSLEngine;
|
||||||
|
-import javax.net.ssl.SSLHandshakeException;
|
||||||
|
-import java.util.List;
|
||||||
|
-import java.util.Set;
|
||||||
|
-import java.util.concurrent.TimeUnit;
|
||||||
|
-
|
||||||
|
-import static org.junit.Assert.assertNull;
|
||||||
|
-import static org.junit.Assert.assertTrue;
|
||||||
|
-import static org.junit.Assume.assumeNoException;
|
||||||
|
-
|
||||||
|
public class JdkSslEngineTest extends SSLEngineTest {
|
||||||
|
- private static final String PREFERRED_APPLICATION_LEVEL_PROTOCOL = "my-protocol-http2";
|
||||||
|
- private static final String FALLBACK_APPLICATION_LEVEL_PROTOCOL = "my-protocol-http1_1";
|
||||||
|
- private static final String APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE = "my-protocol-FOO";
|
||||||
|
-
|
||||||
|
- @Test
|
||||||
|
- public void testNpn() throws Exception {
|
||||||
|
- try {
|
||||||
|
- // Typical code will not have to check this, but will get a initialization error on class load.
|
||||||
|
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
|
||||||
|
- // initialization error.
|
||||||
|
- if (!JdkNpnSslEngine.isAvailable()) {
|
||||||
|
- throw tlsExtensionNotFound(Protocol.NPN);
|
||||||
|
- }
|
||||||
|
- ApplicationProtocolConfig apn = failingNegotiator(Protocol.NPN,
|
||||||
|
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- setupHandlers(apn);
|
||||||
|
- runTest();
|
||||||
|
- } catch (SkipTestException e) {
|
||||||
|
- // NPN availability is dependent on the java version. If NPN is not available because of
|
||||||
|
- // java version incompatibility don't fail the test, but instead just skip the test
|
||||||
|
- assumeNoException(e);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Test
|
||||||
|
- public void testNpnNoCompatibleProtocolsNoHandshakeFailure() throws Exception {
|
||||||
|
- try {
|
||||||
|
- // Typical code will not have to check this, but will get a initialization error on class load.
|
||||||
|
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
|
||||||
|
- // initialization error.
|
||||||
|
- if (!JdkNpnSslEngine.isAvailable()) {
|
||||||
|
- throw tlsExtensionNotFound(Protocol.NPN);
|
||||||
|
- }
|
||||||
|
- ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.NPN,
|
||||||
|
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- ApplicationProtocolConfig serverApn = acceptingNegotiator(Protocol.NPN,
|
||||||
|
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
|
||||||
|
- setupHandlers(serverApn, clientApn);
|
||||||
|
- runTest(null);
|
||||||
|
- } catch (SkipTestException e) {
|
||||||
|
- // ALPN availability is dependent on the java version. If ALPN is not available because of
|
||||||
|
- // java version incompatibility don't fail the test, but instead just skip the test
|
||||||
|
- assumeNoException(e);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Test
|
||||||
|
- public void testNpnNoCompatibleProtocolsClientHandshakeFailure() throws Exception {
|
||||||
|
- try {
|
||||||
|
- // Typical code will not have to check this, but will get a initialization error on class load.
|
||||||
|
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
|
||||||
|
- // initialization error.
|
||||||
|
- if (!JdkNpnSslEngine.isAvailable()) {
|
||||||
|
- throw tlsExtensionNotFound(Protocol.NPN);
|
||||||
|
- }
|
||||||
|
- ApplicationProtocolConfig clientApn = failingNegotiator(Protocol.NPN,
|
||||||
|
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- ApplicationProtocolConfig serverApn = acceptingNegotiator(Protocol.NPN,
|
||||||
|
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
|
||||||
|
- setupHandlers(serverApn, clientApn);
|
||||||
|
- assertTrue(clientLatch.await(2, TimeUnit.SECONDS));
|
||||||
|
- assertTrue(clientException instanceof SSLHandshakeException);
|
||||||
|
- } catch (SkipTestException e) {
|
||||||
|
- // NPN availability is dependent on the java version. If NPN is not available because of
|
||||||
|
- // java version incompatibility don't fail the test, but instead just skip the test
|
||||||
|
- assumeNoException(e);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Test
|
||||||
|
- public void testNpnNoCompatibleProtocolsServerHandshakeFailure() throws Exception {
|
||||||
|
- try {
|
||||||
|
- // Typical code will not have to check this, but will get a initialization error on class load.
|
||||||
|
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
|
||||||
|
- // initialization error.
|
||||||
|
- if (!JdkNpnSslEngine.isAvailable()) {
|
||||||
|
- throw tlsExtensionNotFound(Protocol.NPN);
|
||||||
|
- }
|
||||||
|
- ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.NPN,
|
||||||
|
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- ApplicationProtocolConfig serverApn = failingNegotiator(Protocol.NPN,
|
||||||
|
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
|
||||||
|
- setupHandlers(serverApn, clientApn);
|
||||||
|
- assertTrue(serverLatch.await(2, TimeUnit.SECONDS));
|
||||||
|
- assertTrue(serverException instanceof SSLHandshakeException);
|
||||||
|
- } catch (SkipTestException e) {
|
||||||
|
- // NPN availability is dependent on the java version. If NPN is not available because of
|
||||||
|
- // java version incompatibility don't fail the test, but instead just skip the test
|
||||||
|
- assumeNoException(e);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Test
|
||||||
|
- public void testAlpn() throws Exception {
|
||||||
|
- try {
|
||||||
|
- // Typical code will not have to check this, but will get a initialization error on class load.
|
||||||
|
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
|
||||||
|
- // initialization error.
|
||||||
|
- if (!JdkAlpnSslEngine.isAvailable()) {
|
||||||
|
- throw tlsExtensionNotFound(Protocol.ALPN);
|
||||||
|
- }
|
||||||
|
- ApplicationProtocolConfig apn = failingNegotiator(Protocol.ALPN,
|
||||||
|
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- setupHandlers(apn);
|
||||||
|
- runTest();
|
||||||
|
- } catch (SkipTestException e) {
|
||||||
|
- // ALPN availability is dependent on the java version. If ALPN is not available because of
|
||||||
|
- // java version incompatibility don't fail the test, but instead just skip the test
|
||||||
|
- assumeNoException(e);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Test
|
||||||
|
- public void testAlpnNoCompatibleProtocolsNoHandshakeFailure() throws Exception {
|
||||||
|
- try {
|
||||||
|
- // Typical code will not have to check this, but will get a initialization error on class load.
|
||||||
|
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
|
||||||
|
- // initialization error.
|
||||||
|
- if (!JdkAlpnSslEngine.isAvailable()) {
|
||||||
|
- throw tlsExtensionNotFound(Protocol.ALPN);
|
||||||
|
- }
|
||||||
|
- ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.ALPN,
|
||||||
|
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- ApplicationProtocolConfig serverApn = acceptingNegotiator(Protocol.ALPN,
|
||||||
|
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
|
||||||
|
- setupHandlers(serverApn, clientApn);
|
||||||
|
- runTest(null);
|
||||||
|
- } catch (SkipTestException e) {
|
||||||
|
- // ALPN availability is dependent on the java version. If ALPN is not available because of
|
||||||
|
- // java version incompatibility don't fail the test, but instead just skip the test
|
||||||
|
- assumeNoException(e);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Test
|
||||||
|
- public void testAlpnNoCompatibleProtocolsServerHandshakeFailure() throws Exception {
|
||||||
|
- try {
|
||||||
|
- // Typical code will not have to check this, but will get a initialization error on class load.
|
||||||
|
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
|
||||||
|
- // initialization error.
|
||||||
|
- if (!JdkAlpnSslEngine.isAvailable()) {
|
||||||
|
- throw tlsExtensionNotFound(Protocol.ALPN);
|
||||||
|
- }
|
||||||
|
- ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.ALPN,
|
||||||
|
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- ApplicationProtocolConfig serverApn = failingNegotiator(Protocol.ALPN,
|
||||||
|
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
|
||||||
|
- setupHandlers(serverApn, clientApn);
|
||||||
|
- assertTrue(serverLatch.await(2, TimeUnit.SECONDS));
|
||||||
|
- assertTrue(serverException instanceof SSLHandshakeException);
|
||||||
|
- } catch (SkipTestException e) {
|
||||||
|
- // ALPN availability is dependent on the java version. If ALPN is not available because of
|
||||||
|
- // java version incompatibility don't fail the test, but instead just skip the test
|
||||||
|
- assumeNoException(e);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Test
|
||||||
|
- public void testAlpnCompatibleProtocolsDifferentClientOrder() throws Exception {
|
||||||
|
- try {
|
||||||
|
- // Typical code will not have to check this, but will get a initialization error on class load.
|
||||||
|
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
|
||||||
|
- // initialization error.
|
||||||
|
- if (!JdkAlpnSslEngine.isAvailable()) {
|
||||||
|
- throw tlsExtensionNotFound(Protocol.ALPN);
|
||||||
|
- }
|
||||||
|
- // Even the preferred application protocol appears second in the client's list, it will be picked
|
||||||
|
- // because it's the first one on server's list.
|
||||||
|
- ApplicationProtocolConfig clientApn = acceptingNegotiator(Protocol.ALPN,
|
||||||
|
- FALLBACK_APPLICATION_LEVEL_PROTOCOL, PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- ApplicationProtocolConfig serverApn = failingNegotiator(Protocol.ALPN,
|
||||||
|
- PREFERRED_APPLICATION_LEVEL_PROTOCOL, FALLBACK_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- setupHandlers(serverApn, clientApn);
|
||||||
|
- assertNull(serverException);
|
||||||
|
- runTest(PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- } catch (SkipTestException e) {
|
||||||
|
- // ALPN availability is dependent on the java version. If ALPN is not available because of
|
||||||
|
- // java version incompatibility don't fail the test, but instead just skip the test
|
||||||
|
- assumeNoException(e);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Test
|
||||||
|
- public void testAlpnNoCompatibleProtocolsClientHandshakeFailure() throws Exception {
|
||||||
|
- try {
|
||||||
|
- // Typical code will not have to check this, but will get a initialization error on class load.
|
||||||
|
- // Check in this test just in case we have multiple tests that just the class and we already ignored the
|
||||||
|
- // initialization error.
|
||||||
|
- if (!JdkAlpnSslEngine.isAvailable()) {
|
||||||
|
- throw tlsExtensionNotFound(Protocol.ALPN);
|
||||||
|
- }
|
||||||
|
- SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
|
- JdkApplicationProtocolNegotiator clientApn = new JdkAlpnApplicationProtocolNegotiator(true, true,
|
||||||
|
- PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- JdkApplicationProtocolNegotiator serverApn = new JdkAlpnApplicationProtocolNegotiator(
|
||||||
|
- new ProtocolSelectorFactory() {
|
||||||
|
- @Override
|
||||||
|
- public ProtocolSelector newSelector(SSLEngine engine, Set<String> supportedProtocols) {
|
||||||
|
- return new ProtocolSelector() {
|
||||||
|
- @Override
|
||||||
|
- public void unsupported() {
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- @Override
|
||||||
|
- public String select(List<String> protocols) {
|
||||||
|
- return APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE;
|
||||||
|
- }
|
||||||
|
- };
|
||||||
|
- }
|
||||||
|
- }, JdkBaseApplicationProtocolNegotiator.FAIL_SELECTION_LISTENER_FACTORY,
|
||||||
|
- APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
|
||||||
|
-
|
||||||
|
- SslContext serverSslCtx = new JdkSslServerContext(ssc.certificate(), ssc.privateKey(), null, null,
|
||||||
|
- IdentityCipherSuiteFilter.INSTANCE, serverApn, 0, 0);
|
||||||
|
- SslContext clientSslCtx = new JdkSslClientContext(null, InsecureTrustManagerFactory.INSTANCE, null,
|
||||||
|
- IdentityCipherSuiteFilter.INSTANCE, clientApn, 0, 0);
|
||||||
|
-
|
||||||
|
- setupHandlers(serverSslCtx, clientSslCtx);
|
||||||
|
- assertTrue(clientLatch.await(2, TimeUnit.SECONDS));
|
||||||
|
- assertTrue(clientException instanceof SSLHandshakeException);
|
||||||
|
- } catch (SkipTestException e) {
|
||||||
|
- // ALPN availability is dependent on the java version. If ALPN is not available because of
|
||||||
|
- // java version incompatibility don't fail the test, but instead just skip the test
|
||||||
|
- assumeNoException(e);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testEnablingAnAlreadyDisabledSslProtocol() throws Exception {
|
||||||
|
testEnablingAnAlreadyDisabledSslProtocol(new String[]{}, new String[]{PROTOCOL_TLS_V1_2});
|
||||||
|
}
|
||||||
|
|
||||||
|
- private void runTest() throws Exception {
|
||||||
|
- runTest(PREFERRED_APPLICATION_LEVEL_PROTOCOL);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
@Override
|
||||||
|
protected SslProvider sslClientProvider() {
|
||||||
|
return SslProvider.JDK;
|
||||||
|
@@ -280,30 +33,4 @@ public class JdkSslEngineTest extends SSLEngineTest {
|
||||||
|
protected SslProvider sslServerProvider() {
|
||||||
|
return SslProvider.JDK;
|
||||||
|
}
|
||||||
|
-
|
||||||
|
- private ApplicationProtocolConfig failingNegotiator(Protocol protocol,
|
||||||
|
- String... supportedProtocols) {
|
||||||
|
- return new ApplicationProtocolConfig(protocol,
|
||||||
|
- SelectorFailureBehavior.FATAL_ALERT,
|
||||||
|
- SelectedListenerFailureBehavior.FATAL_ALERT,
|
||||||
|
- supportedProtocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- private ApplicationProtocolConfig acceptingNegotiator(Protocol protocol,
|
||||||
|
- String... supportedProtocols) {
|
||||||
|
- return new ApplicationProtocolConfig(protocol,
|
||||||
|
- SelectorFailureBehavior.NO_ADVERTISE,
|
||||||
|
- SelectedListenerFailureBehavior.ACCEPT,
|
||||||
|
- supportedProtocols);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- private SkipTestException tlsExtensionNotFound(Protocol protocol) {
|
||||||
|
- throw new SkipTestException(protocol + " not on classpath");
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- private static final class SkipTestException extends RuntimeException {
|
||||||
|
- public SkipTestException(String message) {
|
||||||
|
- super(message);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.7.4
|
||||||
|
|
27
netty.spec
27
netty.spec
@ -4,14 +4,15 @@
|
|||||||
%global namedversion %{version}%{?namedreltag}
|
%global namedversion %{version}%{?namedreltag}
|
||||||
|
|
||||||
Name: netty
|
Name: netty
|
||||||
Version: 4.0.28
|
Version: 4.0.42
|
||||||
Release: 3%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: An asynchronous event-driven network application framework and tools for Java
|
Summary: An asynchronous event-driven network application framework and tools for Java
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
URL: https://netty.io/
|
URL: https://netty.io/
|
||||||
Source0: https://github.com/netty/netty/archive/netty-%{namedversion}.tar.gz
|
Source0: https://github.com/netty/netty/archive/netty-%{namedversion}.tar.gz
|
||||||
Patch0: npn_alpn_ssl_fixes.patch
|
Patch0: 0001-Remove-OpenSSL-parts-depending-on-tcnative.patch
|
||||||
Patch1: transport-native-epoll-configure-fix.patch
|
Patch1: 0002-Remove-NPN-ALPN.patch
|
||||||
|
#Patch1: transport-native-epoll-configure-fix.patch
|
||||||
|
|
||||||
BuildRequires: maven-local
|
BuildRequires: maven-local
|
||||||
BuildRequires: mvn(ant-contrib:ant-contrib)
|
BuildRequires: mvn(ant-contrib:ant-contrib)
|
||||||
@ -21,6 +22,7 @@ BuildRequires: mvn(com.jcraft:jzlib)
|
|||||||
BuildRequires: mvn(commons-logging:commons-logging)
|
BuildRequires: mvn(commons-logging:commons-logging)
|
||||||
BuildRequires: mvn(junit:junit)
|
BuildRequires: mvn(junit:junit)
|
||||||
BuildRequires: mvn(log4j:log4j)
|
BuildRequires: mvn(log4j:log4j)
|
||||||
|
BuildRequires: mvn(org.jctools:jctools-core)
|
||||||
BuildRequires: mvn(org.apache.felix:maven-bundle-plugin)
|
BuildRequires: mvn(org.apache.felix:maven-bundle-plugin)
|
||||||
BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin)
|
BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin)
|
||||||
BuildRequires: mvn(org.apache.maven.plugins:maven-checkstyle-plugin)
|
BuildRequires: mvn(org.apache.maven.plugins:maven-checkstyle-plugin)
|
||||||
@ -72,7 +74,7 @@ Summary: API documentation for %{name}
|
|||||||
%setup -q -n netty-netty-%{namedversion}
|
%setup -q -n netty-netty-%{namedversion}
|
||||||
|
|
||||||
%patch0 -p1
|
%patch0 -p1
|
||||||
%patch1 -p2
|
%patch1 -p1
|
||||||
|
|
||||||
# Missing Mavenized rxtx
|
# Missing Mavenized rxtx
|
||||||
%pom_disable_module "transport-rxtx"
|
%pom_disable_module "transport-rxtx"
|
||||||
@ -93,17 +95,16 @@ Summary: API documentation for %{name}
|
|||||||
%pom_remove_plugin :maven-enforcer-plugin
|
%pom_remove_plugin :maven-enforcer-plugin
|
||||||
%pom_remove_plugin :maven-antrun-plugin
|
%pom_remove_plugin :maven-antrun-plugin
|
||||||
%pom_remove_plugin :maven-dependency-plugin
|
%pom_remove_plugin :maven-dependency-plugin
|
||||||
|
%pom_remove_plugin :maven-shade-plugin
|
||||||
|
%pom_remove_plugin :maven-shade-plugin common
|
||||||
|
%pom_remove_plugin :xml-maven-plugin
|
||||||
# Optional things we don't ship
|
# Optional things we don't ship
|
||||||
%pom_remove_dep ":netty-tcnative"
|
%pom_remove_dep ":\${tcnative.artifactId}"
|
||||||
%pom_remove_dep ":netty-tcnative" handler
|
%pom_remove_dep ":\${tcnative.artifactId}" handler
|
||||||
%pom_remove_dep "org.eclipse.jetty.npn:npn-api"
|
%pom_remove_dep "org.eclipse.jetty.npn:npn-api"
|
||||||
%pom_remove_dep "org.eclipse.jetty.npn:npn-api" handler
|
%pom_remove_dep "org.eclipse.jetty.npn:npn-api" handler
|
||||||
%pom_remove_dep "org.mortbay.jetty.npn:npn-boot"
|
|
||||||
%pom_remove_dep "org.mortbay.jetty.npn:npn-boot" handler
|
|
||||||
%pom_remove_dep "org.eclipse.jetty.alpn:alpn-api"
|
%pom_remove_dep "org.eclipse.jetty.alpn:alpn-api"
|
||||||
%pom_remove_dep "org.eclipse.jetty.alpn:alpn-api" handler
|
%pom_remove_dep "org.eclipse.jetty.alpn:alpn-api" handler
|
||||||
%pom_remove_dep "org.mortbay.jetty.alpn:alpn-boot"
|
|
||||||
%pom_remove_dep "org.mortbay.jetty.alpn:alpn-boot" handler
|
|
||||||
|
|
||||||
sed -i 's|taskdef|taskdef classpathref="maven.plugin.classpath"|' all/pom.xml
|
sed -i 's|taskdef|taskdef classpathref="maven.plugin.classpath"|' all/pom.xml
|
||||||
|
|
||||||
@ -129,6 +130,10 @@ export CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
|
|||||||
%doc LICENSE.txt NOTICE.txt
|
%doc LICENSE.txt NOTICE.txt
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Oct 20 2016 Severin Gehwolf <sgehwolf@redhat.com> - 4.0.42-1
|
||||||
|
- Update to upstream 4.0.42 release.
|
||||||
|
- Resolves RHBZ#1380921
|
||||||
|
|
||||||
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.28-3
|
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.28-3
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||||
|
|
||||||
|
File diff suppressed because it is too large
Load Diff
2
sources
2
sources
@ -1 +1 @@
|
|||||||
a38973b451fb2c8e59c1adb01b292224 netty-4.0.28.Final.tar.gz
|
1259f8126350883c5770bd26a6896fc0 netty-4.0.42.Final.tar.gz
|
||||||
|
@ -1,14 +0,0 @@
|
|||||||
diff --git a/netty-netty-4.0.27.Final/transport-native-epoll/pom.xml b/netty-netty-4.0.27.Final/transport-native-epoll/pom.xml
|
|
||||||
index c9c7b25..b489b3f 100644
|
|
||||||
--- a/netty-netty-4.0.27.Final/transport-native-epoll/pom.xml
|
|
||||||
+++ b/netty-netty-4.0.27.Final/transport-native-epoll/pom.xml
|
|
||||||
@@ -73,9 +73,6 @@
|
|
||||||
<platform>.</platform>
|
|
||||||
<forceConfigure>true</forceConfigure>
|
|
||||||
<forceAutogen>true</forceAutogen>
|
|
||||||
- <configureArgs>
|
|
||||||
- <arg>${jni.compiler.args}</arg>
|
|
||||||
- </configureArgs>
|
|
||||||
</configuration>
|
|
||||||
<goals>
|
|
||||||
<goal>generate</goal>
|
|
Loading…
Reference in New Issue
Block a user