make sure initial BC security provider registration works!

kares · kares · commit 4040772f6ade · 2016-06-01T09:28:44.000+02:00
... when **-Djruby.openssl.provider.register=true**
diff --git a/src/main/java/org/jruby/ext/openssl/OpenSSL.java b/src/main/java/org/jruby/ext/openssl/OpenSSL.java
@@ -56,8 +56,7 @@ public static boolean isProviderAvailable() {
     }
 
     public static void createOpenSSL(final Ruby runtime) {
-        boolean registerProvider = SafePropertyAccessor.getBoolean("jruby.openssl.provider.register");
-        SecurityHelper.setRegisterProvider( registerProvider );
+        SecurityHelper.setRegisterProvider( SafePropertyAccessor.getBoolean("jruby.openssl.provider.register") );
 
         final RubyModule _OpenSSL = runtime.getOrCreateModule("OpenSSL");
         RubyClass _StandardError = runtime.getClass("StandardError");
diff --git a/src/main/java/org/jruby/ext/openssl/SecurityHelper.java b/src/main/java/org/jruby/ext/openssl/SecurityHelper.java
@@ -99,8 +99,8 @@ public abstract class SecurityHelper {
     private static String BC_PROVIDER_CLASS = "org.bouncycastle.jce.provider.BouncyCastleProvider";
     static boolean setBouncyCastleProvider = true; // (package access for tests)
     static Provider securityProvider; // 'BC' provider (package access for tests)
-    private static Boolean registerProvider = null;
-    private static final Map<String, Class> implEngines = new ConcurrentHashMap<String, Class>(16, 0.75f, 1);
+    private static volatile Boolean registerProvider = null;
+    static final Map<String, Class> implEngines = new ConcurrentHashMap<String, Class>(16, 0.75f, 1);
 
     /**
      * inject under a given name a cipher. also ensures that the registered
@@ -152,8 +152,10 @@ private static Provider newBouncyCastleProvider() {
         return null;
     }
 
-    public static synchronized void setRegisterProvider(boolean register) {
-        registerProvider = Boolean.valueOf(register); doRegisterProvider();
+    public static synchronized void setRegisterProvider(final boolean register) {
+        registerProvider = Boolean.valueOf(register);
+        if ( register ) getSecurityProvider(); // so that securityProvider != null
+        // getSecurityProvider does doRegisterProvider();
     }
 
     static boolean isProviderAvailable(final String name) {
@@ -168,13 +170,14 @@ static boolean isProviderRegistered() {
     private static void doRegisterProvider() {
         if ( registerProvider != null ) {
             synchronized(SecurityHelper.class) {
-                if ( registerProvider != null && registerProvider.booleanValue() ) {
+                final Boolean register = registerProvider;
+                if ( register != null && register.booleanValue() ) {
                     if ( securityProvider != null ) {
                         Security.addProvider(securityProvider);
+                        registerProvider = null;
                     }
                 }
             }
-            registerProvider = null;
         }
     }
 

Original file line number	Diff line number	Diff line change
`@@ -56,8 +56,7 @@ public static boolean isProviderAvailable() {`
`56`	`56`	`}`
`57`	`57`
`58`	`58`	`public static void createOpenSSL(final Ruby runtime) {`
`59`		`- boolean registerProvider = SafePropertyAccessor.getBoolean("jruby.openssl.provider.register");`
`60`		`- SecurityHelper.setRegisterProvider( registerProvider );`
	`59`	`+ SecurityHelper.setRegisterProvider( SafePropertyAccessor.getBoolean("jruby.openssl.provider.register") );`
`61`	`60`
`62`	`61`	`final RubyModule _OpenSSL = runtime.getOrCreateModule("OpenSSL");`
`63`	`62`	`RubyClass _StandardError = runtime.getClass("StandardError");`
Original file line number	Diff line number	Diff line change
`@@ -99,8 +99,8 @@ public abstract class SecurityHelper {`
`99`	`99`	`private static String BC_PROVIDER_CLASS = "org.bouncycastle.jce.provider.BouncyCastleProvider";`
`100`	`100`	`static boolean setBouncyCastleProvider = true; // (package access for tests)`
`101`	`101`	`static Provider securityProvider; // 'BC' provider (package access for tests)`
`102`		`- private static Boolean registerProvider = null;`
`103`		`- private static final Map<String, Class> implEngines = new ConcurrentHashMap<String, Class>(16, 0.75f, 1);`
	`102`	`+ private static volatile Boolean registerProvider = null;`
	`103`	`+ static final Map<String, Class> implEngines = new ConcurrentHashMap<String, Class>(16, 0.75f, 1);`
`104`	`104`
`105`	`105`	`/**`
`106`	`106`	`* inject under a given name a cipher. also ensures that the registered`
`@@ -152,8 +152,10 @@ private static Provider newBouncyCastleProvider() {`
`152`	`152`	`return null;`
`153`	`153`	`}`
`154`	`154`
`155`		`- public static synchronized void setRegisterProvider(boolean register) {`
`156`		`- registerProvider = Boolean.valueOf(register); doRegisterProvider();`
	`155`	`+ public static synchronized void setRegisterProvider(final boolean register) {`
	`156`	`+ registerProvider = Boolean.valueOf(register);`
	`157`	`+ if ( register ) getSecurityProvider(); // so that securityProvider != null`
	`158`	`+ // getSecurityProvider does doRegisterProvider();`
`157`	`159`	`}`
`158`	`160`
`159`	`161`	`static boolean isProviderAvailable(final String name) {`
`@@ -168,13 +170,14 @@ static boolean isProviderRegistered() {`
`168`	`170`	`private static void doRegisterProvider() {`
`169`	`171`	`if ( registerProvider != null ) {`
`170`	`172`	`synchronized(SecurityHelper.class) {`
`171`		`- if ( registerProvider != null && registerProvider.booleanValue() ) {`
	`173`	`+ final Boolean register = registerProvider;`
	`174`	`+ if ( register != null && register.booleanValue() ) {`
`172`	`175`	`if ( securityProvider != null ) {`
`173`	`176`	`Security.addProvider(securityProvider);`
	`177`	`+ registerProvider = null;`
`174`	`178`	`}`
`175`	`179`	`}`
`176`	`180`	`}`
`177`		`- registerProvider = null;`
`178`	`181`	`}`
`179`	`182`	`}`
`180`	`183`