You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ignite.apache.org by sb...@apache.org on 2017/04/24 15:04:00 UTC
[37/50] [abbrv] ignite git commit: ignite-3054 - SSL fix
ignite-3054 - SSL fix
Project: http://git-wip-us.apache.org/repos/asf/ignite/repo
Commit: http://git-wip-us.apache.org/repos/asf/ignite/commit/9814a9d8
Tree: http://git-wip-us.apache.org/repos/asf/ignite/tree/9814a9d8
Diff: http://git-wip-us.apache.org/repos/asf/ignite/diff/9814a9d8
Branch: refs/heads/ignite-3054
Commit: 9814a9d855dab71583fb4371f444ec086efdfcb8
Parents: e9c30f8
Author: dkarachentsev <dk...@gridgain.com>
Authored: Wed Dec 14 13:40:11 2016 +0300
Committer: dkarachentsev <dk...@gridgain.com>
Committed: Wed Dec 14 13:40:11 2016 +0300
----------------------------------------------------------------------
.../util/nio/ssl/BlockingSslHandler.java | 82 ++++----------------
1 file changed, 13 insertions(+), 69 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ignite/blob/9814a9d8/modules/core/src/main/java/org/apache/ignite/internal/util/nio/ssl/BlockingSslHandler.java
----------------------------------------------------------------------
diff --git a/modules/core/src/main/java/org/apache/ignite/internal/util/nio/ssl/BlockingSslHandler.java b/modules/core/src/main/java/org/apache/ignite/internal/util/nio/ssl/BlockingSslHandler.java
index 899dc13..047fb6e 100644
--- a/modules/core/src/main/java/org/apache/ignite/internal/util/nio/ssl/BlockingSslHandler.java
+++ b/modules/core/src/main/java/org/apache/ignite/internal/util/nio/ssl/BlockingSslHandler.java
@@ -139,6 +139,8 @@ public class BlockingSslHandler {
boolean loop = true;
+ SSLEngineResult unwrapRes = null;
+
while (loop) {
switch (handshakeStatus) {
case NOT_HANDSHAKING:
@@ -157,11 +159,11 @@ public class BlockingSslHandler {
}
case NEED_UNWRAP: {
- Status status = unwrapHandshake();
+ unwrapRes = unwrapHandshake(unwrapRes);
handshakeStatus = sslEngine.getHandshakeStatus();
- if (status == BUFFER_UNDERFLOW && sslEngine.isInboundDone())
+ if (unwrapRes.getStatus() == BUFFER_UNDERFLOW && sslEngine.isInboundDone())
// Either there is no enough data in buffer or session was closed.
loop = false;
@@ -372,28 +374,19 @@ public class BlockingSslHandler {
* @throws SSLException If SSL exception occurred while unwrapping.
* @throws GridNioException If failed to pass event to the next filter.
*/
- private Status unwrapHandshake() throws SSLException, IgniteCheckedException {
- final int pos = inNetBuf.position();
-
- // Try to unwrap data already available in buffer.
- SSLEngineResult res = tryUnwrap();
-
- if (handshakeStatus == NEED_UNWRAP)
+ private SSLEngineResult unwrapHandshake(SSLEngineResult prevRes) throws SSLException, IgniteCheckedException {
+ // Avoid blocking on reading if there unprocessed data left in input buffer.
+ if (inNetBuf.position() == 0 || prevRes.getStatus() != OK)
readFromNet();
- if (res == null || handshakeStatus == NEED_UNWRAP) {
- // Flip input buffer so we can read the collected data.
- inNetBuf.flip();
-
- // Must restore position after tryUnwrap()
- inNetBuf.position(pos);
+ // Flip input buffer so we can read the collected data.
+ inNetBuf.flip();
- res = unwrap0();
+ SSLEngineResult res = unwrap0();
- handshakeStatus = res.getHandshakeStatus();
+ handshakeStatus = res.getHandshakeStatus();
- checkStatus(res);
- }
+ checkStatus(res);
// If handshake finished, no data was produced, and the status is still ok,
// try to unwrap more
@@ -416,39 +409,6 @@ public class BlockingSslHandler {
// prepare to be written again
inNetBuf.compact();
- return res.getStatus();
- }
-
- /**
- * Try to unwrap data left in buffer. If that data was not enough,
- * position must be restored after reading data from network.
- * <p>
- * This method was made for cases when all required data already read and next reading
- * from channel with block thread indefinitely.
- * </p>
- *
- * @return SSLEngineResult after unwrap.
- * @throws SSLException If failed.
- */
- private SSLEngineResult tryUnwrap() throws SSLException {
- final int pos = inNetBuf.position();
- final int lim = inNetBuf.limit();
-
- // Nothing to unwrap.
- if (pos == 0)
- return null;
-
- inNetBuf.flip();
-
- final SSLEngineResult res = unwrap0();
-
- handshakeStatus = res.getHandshakeStatus();
-
- if (handshakeStatus == NEED_UNWRAP) {
- inNetBuf.position(pos);
- inNetBuf.limit(lim);
- }
-
return res;
}
@@ -545,7 +505,7 @@ public class BlockingSslHandler {
}
/**
- * Copies data from out net buffer and passes it to the underlying chain.
+ * Copies data from out net buffer and passes it to the underlying channel.
*
* @throws GridNioException If send failed.
*/
@@ -578,22 +538,6 @@ public class BlockingSslHandler {
}
/**
- * Copies the given byte buffer.
- *
- * @param original Byte buffer to copy.
- * @return Copy of the original byte buffer.
- */
- private ByteBuffer copy(ByteBuffer original) {
- ByteBuffer cp = ByteBuffer.allocate(original.remaining());
-
- cp.put(original);
-
- cp.flip();
-
- return cp;
- }
-
- /**
* Get SSLEngine instance.
*
* @return SSLEngine instance.