Some more changes needed after the changes in the base branch.

Author: kannanjgithub

netty/src/main/java/io/grpc/netty/InternalProtocolNegotiators.java

@@ -25,9 +25,9 @@
 import io.netty.channel.ChannelHandler;
 import io.netty.handler.ssl.SslContext;
 import io.netty.util.AsciiString;
+import java.util.concurrent.Executor;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;
-import java.util.concurrent.Executor;
 
 /**
  * Internal accessor for {@link ProtocolNegotiators}.
@@ -79,7 +79,8 @@ public void close() {
    * may happen immediately, even before the TLS Handshake is complete.
    */
   public static InternalProtocolNegotiator.ProtocolNegotiator tls(
-      SslContext sslContext, String sni, boolean isXdsTarget, TrustManager extendedX509TrustManager) {
+      SslContext sslContext, String sni, boolean isXdsTarget,
+      TrustManager extendedX509TrustManager) {
     return tls(sslContext, null, Optional.absent(), extendedX509TrustManager, sni, isXdsTarget);
   }
 
@@ -185,7 +186,7 @@ public static class ProtocolNegotiationHandler
       extends ProtocolNegotiators.ProtocolNegotiationHandler {
 
     protected ProtocolNegotiationHandler(ChannelHandler next, String negotiatorName,
-       ChannelLogger negotiationLogger) {
+        ChannelLogger negotiationLogger) {
       super(next, negotiatorName, negotiationLogger);
     }
 

netty/src/main/java/io/grpc/netty/NettyChannelBuilder.java

@@ -652,7 +652,8 @@ static ProtocolNegotiator createProtocolNegotiatorByType(
       case PLAINTEXT_UPGRADE:
         return ProtocolNegotiators.plaintextUpgrade();
       case TLS:
-        return ProtocolNegotiators.tls(sslContext, executorPool, Optional.absent(), null, null, false);
+        return ProtocolNegotiators.tls(
+            sslContext, executorPool, Optional.absent(), null, null, false);
       default:
         throw new IllegalArgumentException("Unsupported negotiationType: " + negotiationType);
     }

netty/src/main/java/io/grpc/netty/ProtocolNegotiators.java

@@ -90,7 +90,6 @@
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 import javax.net.ssl.X509TrustManager;
-
 import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement;
 
 /**
@@ -265,7 +264,7 @@ public static final class FromChannelCredentialsResult {
     public final String error;
 
     private FromChannelCredentialsResult(ProtocolNegotiator.ClientFactory negotiator,
-       CallCredentials creds, String error) {
+        CallCredentials creds, String error) {
       this.negotiator = negotiator;
       this.callCredentials = creds;
       this.error = error;
@@ -428,8 +427,8 @@ static final class ServerTlsHandler extends ChannelInboundHandlerAdapter {
     private ProtocolNegotiationEvent pne = ProtocolNegotiationEvent.DEFAULT;
 
     ServerTlsHandler(ChannelHandler next,
-       SslContext sslContext,
-       final ObjectPool<? extends Executor> executorPool) {
+        SslContext sslContext,
+        final ObjectPool<? extends Executor> executorPool) {
       this.sslContext = Preconditions.checkNotNull(sslContext, "sslContext");
       this.next = Preconditions.checkNotNull(next, "next");
       if (executorPool != null) {
@@ -486,8 +485,8 @@ private void fireProtocolNegotiationEvent(ChannelHandlerContext ctx, SSLSession
    * Returns a {@link ProtocolNegotiator} that does HTTP CONNECT proxy negotiation.
    */
   public static ProtocolNegotiator httpProxy(final SocketAddress proxyAddress,
-     final @Nullable String proxyUsername, final @Nullable String proxyPassword,
-     final ProtocolNegotiator negotiator) {
+      final @Nullable String proxyUsername, final @Nullable String proxyPassword,
+      final ProtocolNegotiator negotiator) {
     Preconditions.checkNotNull(negotiator, "negotiator");
     Preconditions.checkNotNull(proxyAddress, "proxyAddress");
     final AsciiString scheme = negotiator.scheme();
@@ -564,8 +563,8 @@ protected void userEventTriggered0(ChannelHandlerContext ctx, Object evt) throws
   static final class ClientTlsProtocolNegotiator implements ProtocolNegotiator {
 
     public ClientTlsProtocolNegotiator(SslContext sslContext,
-       ObjectPool<? extends Executor> executorPool, Optional<Runnable> handshakeCompleteRunnable,
-       X509TrustManager x509ExtendedTrustManager, String sni, boolean isXdsTarget) {
+        ObjectPool<? extends Executor> executorPool, Optional<Runnable> handshakeCompleteRunnable,
+        X509TrustManager x509ExtendedTrustManager, String sni, boolean isXdsTarget) {
       this.sslContext = Preconditions.checkNotNull(sslContext, "sslContext");
       this.executorPool = executorPool;
       if (this.executorPool != null) {
@@ -628,10 +627,10 @@ static final class ClientTlsHandler extends ProtocolNegotiationHandler {
     private SSLEngine sslEngine;
 
     ClientTlsHandler(ChannelHandler next, SslContext sslContext, String sniHostPort,
-       Executor executor, ChannelLogger negotiationLogger,
-       Optional<Runnable> handshakeCompleteRunnable,
-       ClientTlsProtocolNegotiator clientTlsProtocolNegotiator,
-       X509TrustManager x509ExtendedTrustManager) {
+        Executor executor, ChannelLogger negotiationLogger,
+        Optional<Runnable> handshakeCompleteRunnable,
+        ClientTlsProtocolNegotiator clientTlsProtocolNegotiator,
+        X509TrustManager x509ExtendedTrustManager) {
       super(next, negotiationLogger);
       this.sslContext = Preconditions.checkNotNull(sslContext, "sslContext");
       if (!Strings.isNullOrEmpty(sniHostPort)) {
@@ -753,8 +752,8 @@ static HostPort parseAuthority(String authority) {
    * @param executorPool a dedicated {@link Executor} pool for time-consuming TLS tasks
    */
   public static ProtocolNegotiator tls(SslContext sslContext,
-     ObjectPool<? extends Executor> executorPool, Optional<Runnable> handshakeCompleteRunnable,
-     X509TrustManager x509ExtendedTrustManager, String sni, boolean isXdsTarget) {
+      ObjectPool<? extends Executor> executorPool, Optional<Runnable> handshakeCompleteRunnable,
+      X509TrustManager x509ExtendedTrustManager, String sni, boolean isXdsTarget) {
     return new ClientTlsProtocolNegotiator(sslContext, executorPool, handshakeCompleteRunnable,
         x509ExtendedTrustManager, sni, isXdsTarget);
   }

xds/src/main/java/io/grpc/xds/ClusterResolverLoadBalancer.java

@@ -47,7 +47,6 @@
 import io.grpc.xds.client.Locality;
 import io.grpc.xds.client.XdsLogger;
 import io.grpc.xds.client.XdsLogger.XdsLogLevel;
-import io.grpc.xds.internal.security.SecurityProtocolNegotiators;
 import java.net.InetSocketAddress;
 import java.net.SocketAddress;
 import java.util.ArrayList;

xds/src/main/java/io/grpc/xds/EnvoyServerProtoData.java

@@ -74,23 +74,25 @@ public int hashCode() {
   public static final class UpstreamTlsContext extends BaseTlsContext {
 
     private final String sni;
-    private final boolean auto_host_sni;
-    private final boolean auto_sni_san_validation;
+    private final boolean autoHostSni;
+    private final boolean autoSniSanValidation;
 
     @VisibleForTesting
     public UpstreamTlsContext(CommonTlsContext commonTlsContext) {
       super(commonTlsContext);
       this.sni = null;
-      this.auto_host_sni = false;
-      this.auto_sni_san_validation = false;
+      this.autoHostSni = false;
+      this.autoSniSanValidation = false;
     }
 
     @VisibleForTesting
-    public UpstreamTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext upstreamTlsContext) {
+    public UpstreamTlsContext(
+        io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
+            upstreamTlsContext) {
       super(upstreamTlsContext.getCommonTlsContext());
       this.sni = upstreamTlsContext.getSni();
-      this.auto_host_sni = upstreamTlsContext.getAutoHostSni();
-      this.auto_sni_san_validation = upstreamTlsContext.getAutoSniSanValidation();
+      this.autoHostSni = upstreamTlsContext.getAutoHostSni();
+      this.autoSniSanValidation = upstreamTlsContext.getAutoSniSanValidation();
     }
 
     public static UpstreamTlsContext fromEnvoyProtoUpstreamTlsContext(
@@ -105,20 +107,20 @@ public String getSni() {
     }
 
     public boolean getAutoHostSni() {
-      return auto_host_sni;
+      return autoHostSni;
     }
 
     public boolean getAutoSniSanValidation() {
-      return auto_sni_san_validation;
+      return autoSniSanValidation;
     }
 
     @Override
     public String toString() {
-      return "UpstreamTlsContext{" +
-          "commonTlsContext=" + commonTlsContext
+      return "UpstreamTlsContext{"
+          + "commonTlsContext=" + commonTlsContext
           + "sni=" + sni
-          + "\nauto_host_sni=" + auto_host_sni
-          + "\nauto_sni_san_validation=" + auto_sni_san_validation
+          + "\nauto_host_sni=" + autoHostSni
+          + "\nauto_sni_san_validation=" + autoSniSanValidation
           + "}";
     }
   }

xds/src/main/java/io/grpc/xds/GcpAuthenticationFilter.java

@@ -37,7 +37,6 @@
 import io.grpc.ClientCall;
 import io.grpc.ClientInterceptor;
 import io.grpc.CompositeCallCredentials;
-import io.grpc.InternalLogId;
 import io.grpc.Metadata;
 import io.grpc.MethodDescriptor;
 import io.grpc.Status;
@@ -46,13 +45,10 @@
 import io.grpc.xds.GcpAuthenticationFilter.AudienceMetadataParser.AudienceWrapper;
 import io.grpc.xds.MetadataRegistry.MetadataValueParser;
 import io.grpc.xds.XdsConfig.XdsClusterConfig;
-import io.grpc.xds.client.XdsLogger;
-import io.grpc.xds.client.XdsLogger.XdsLogLevel;
 import io.grpc.xds.client.XdsResourceType.ResourceInvalidException;
 import java.util.LinkedHashMap;
 import java.util.Map;
 import java.util.concurrent.ScheduledExecutorService;
-import java.util.concurrent.TimeUnit;
 import java.util.function.Function;
 import javax.annotation.Nullable;
 
@@ -65,7 +61,6 @@ final class GcpAuthenticationFilter implements Filter {
   static final String TYPE_URL =
       "type.googleapis.com/envoy.extensions.filters.http.gcp_authn.v3.GcpAuthnFilterConfig";
   private final LruCache<String, CallCredentials> callCredentialsCache;
-  private final XdsLogger logger = XdsLogger.withLogId(InternalLogId.allocate("bootstrapper", null));
   final String filterInstanceName;
 
   GcpAuthenticationFilter(String name, int cacheSize) {

xds/src/main/java/io/grpc/xds/internal/security/ClientSslContextProviderFactory.java

@@ -24,7 +24,8 @@
 
 /** Factory to create client-side SslContextProvider from UpstreamTlsContext. */
 final class ClientSslContextProviderFactory
-    implements ValueFactory<AbstractMap.SimpleImmutableEntry<UpstreamTlsContext, String>, SslContextProvider> {
+    implements ValueFactory<AbstractMap.SimpleImmutableEntry<UpstreamTlsContext, String>,
+        SslContextProvider> {
 
   private BootstrapInfo bootstrapInfo;
   private final CertProviderClientSslContextProviderFactory
@@ -42,7 +43,8 @@ final class ClientSslContextProviderFactory
 
   /** Creates an SslContextProvider from the given UpstreamTlsContext. */
   @Override
-  public SslContextProvider create(AbstractMap.SimpleImmutableEntry<UpstreamTlsContext, String> key) {
+  public SslContextProvider create(
+      AbstractMap.SimpleImmutableEntry<UpstreamTlsContext, String> key) {
     return certProviderClientSslContextProviderFactory.getProvider(
         key.getKey(), key.getValue(),
         bootstrapInfo.node().toEnvoyProtoNode(),

xds/src/main/java/io/grpc/xds/internal/security/DynamicSslContextProvider.java

@@ -52,7 +52,8 @@ protected DynamicSslContextProvider(
   }
 
   @Nullable
-  public AbstractMap.SimpleImmutableEntry<SslContext, TrustManager> getSslContextAndExtendedX509TrustManager() {
+  public AbstractMap.SimpleImmutableEntry<SslContext, TrustManager>
+      getSslContextAndExtendedX509TrustManager() {
     return sslContextAndExtendedX509TrustManager;
   }
 
@@ -61,8 +62,9 @@ public AbstractMap.SimpleImmutableEntry<SslContext, TrustManager> getSslContextA
   /**
    * Gets a server or client side SslContextBuilder.
    */
-  protected abstract AbstractMap.SimpleImmutableEntry<SslContextBuilder, TrustManager> getSslContextBuilderAndExtendedX509TrustManager(
-      CertificateValidationContext certificateValidationContext)
+  protected abstract AbstractMap.SimpleImmutableEntry<SslContextBuilder, TrustManager>
+      getSslContextBuilderAndExtendedX509TrustManager(
+          CertificateValidationContext certificateValidationContext)
       throws CertificateException, IOException, CertStoreException;
 
   // this gets called only when requested secrets are ready...
@@ -84,7 +86,8 @@ protected final void updateSslContext() {
         sslContextBuilderAndTm.getKey().applicationProtocolConfig(apn);
       }
       List<Callback> pendingCallbacksCopy;
-      AbstractMap.SimpleImmutableEntry<SslContext, TrustManager> sslContextAndExtendedX09TrustManagerCopy;
+      AbstractMap.SimpleImmutableEntry<SslContext, TrustManager>
+          sslContextAndExtendedX09TrustManagerCopy;
       synchronized (pendingCallbacks) {
         sslContextAndExtendedX509TrustManager = new AbstractMap.SimpleImmutableEntry<>(
             sslContextBuilderAndTm.getKey().build(), sslContextBuilderAndTm.getValue());

xds/src/main/java/io/grpc/xds/internal/security/SecurityProtocolNegotiators.java

@@ -22,7 +22,6 @@
 import com.google.common.base.Strings;
 import io.grpc.Attributes;
 import io.grpc.EquivalentAddressGroup;
-import io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext;
 import io.grpc.Grpc;
 import io.grpc.internal.GrpcUtil;
 import io.grpc.internal.ObjectPool;
@@ -33,6 +32,7 @@
 import io.grpc.netty.InternalProtocolNegotiators;
 import io.grpc.netty.ProtocolNegotiationEvent;
 import io.grpc.xds.EnvoyServerProtoData;
+import io.grpc.xds.EnvoyServerProtoData.UpstreamTlsContext;
 import io.grpc.xds.internal.security.trust.CertificateUtils;
 import io.netty.channel.ChannelHandler;
 import io.netty.channel.ChannelHandlerAdapter;
@@ -384,8 +384,8 @@ protected void handlerAdded0(final ChannelHandlerContext ctx) {
             @Override
             public void updateSslContextAndExtendedX509TrustManager(
                 AbstractMap.SimpleImmutableEntry<SslContext, TrustManager> sslContextAndTm) {
-              ChannelHandler handler =
-                  InternalProtocolNegotiators.serverTls(sslContextAndTm.getKey()).newHandler(grpcHandler);
+              ChannelHandler handler = InternalProtocolNegotiators.serverTls(
+                  sslContextAndTm.getKey()).newHandler(grpcHandler);
 
               // Delegate rest of handshake to TLS handler
               if (!ctx.isRemoved()) {
@@ -399,8 +399,7 @@ public void updateSslContextAndExtendedX509TrustManager(
             public void onException(Throwable throwable) {
               ctx.fireExceptionCaught(throwable);
             }
-          },
-      null);
+          }, null);
     }
   }
 }

xds/src/main/java/io/grpc/xds/internal/security/SslContextProvider.java

@@ -29,13 +29,12 @@
 import io.netty.handler.ssl.ClientAuth;
 import io.netty.handler.ssl.SslContext;
 import io.netty.handler.ssl.SslContextBuilder;
-
-import javax.net.ssl.TrustManager;
 import java.io.IOException;
 import java.security.cert.CertStoreException;
 import java.security.cert.CertificateException;
 import java.util.AbstractMap;
 import java.util.concurrent.Executor;
+import javax.net.ssl.TrustManager;
 
 /**
  * A SslContextProvider is a "container" or provider of SslContext. This is used by gRPC-xds to
@@ -50,11 +49,9 @@ public abstract class SslContextProvider implements Closeable {
 
   @VisibleForTesting public abstract static class Callback {
     private final Executor executor;
-    private final String hostname;
 
     protected Callback(Executor executor) {
       this.executor = executor;
-      this.hostname = null;
     }
 
     @VisibleForTesting public Executor getExecutor() {