Save changes.

Author: kannanjgithub

netty/src/main/java/io/grpc/netty/InternalProtocolNegotiators.java

@@ -41,9 +41,9 @@ private InternalProtocolNegotiators() {}
    * @param executorPool a dedicated {@link Executor} pool for time-consuming TLS tasks
    */
   public static InternalProtocolNegotiator.ProtocolNegotiator tls(SslContext sslContext,
-          ObjectPool<? extends Executor> executorPool,
-          Optional<Runnable> handshakeCompleteRunnable,
-          String sni) {
+                                                                  ObjectPool<? extends Executor> executorPool,
+                                                                  Optional<Runnable> handshakeCompleteRunnable,
+                                                                  String sni) {
     final io.grpc.netty.ProtocolNegotiator negotiator = ProtocolNegotiators.tls(sslContext,
         executorPool, handshakeCompleteRunnable, null, sni);
     final class TlsNegotiator implements InternalProtocolNegotiator.ProtocolNegotiator {
@@ -63,17 +63,17 @@ public void close() {
         negotiator.close();
       }
     }
-    
+
     return new TlsNegotiator();
   }
-  
+
   /**
    * Returns a {@link ProtocolNegotiator} that ensures the pipeline is set up so that TLS will
    * be negotiated, the {@code handler} is added and writes to the {@link io.netty.channel.Channel}
    * may happen immediately, even before the TLS Handshake is complete.
    */
-  public static InternalProtocolNegotiator.ProtocolNegotiator tls(SslContext sslContext, String sni) {
-    return tls(sslContext, null, Optional.absent(), sni);
+  public static InternalProtocolNegotiator.ProtocolNegotiator tls(SslContext sslContext) {
+    return tls(sslContext, null, Optional.absent(), null);
   }
 
   /**
@@ -156,7 +156,7 @@ public void close() {
    * Internal version of {@link WaitUntilActiveHandler}.
    */
   public static ChannelHandler waitUntilActiveHandler(ChannelHandler next,
-      ChannelLogger negotiationLogger) {
+                                                      ChannelLogger negotiationLogger) {
     return new WaitUntilActiveHandler(next, negotiationLogger);
   }
 
@@ -171,19 +171,19 @@ public static ChannelHandler clientTlsHandler(
       ChannelHandler next, SslContext sslContext, String authority,
       ChannelLogger negotiationLogger) {
     return new ClientTlsHandler(next, sslContext, authority, null, negotiationLogger,
-        Optional.absent(), null, null);
+        Optional.absent(), null);
   }
 
   public static class ProtocolNegotiationHandler
       extends ProtocolNegotiators.ProtocolNegotiationHandler {
 
     protected ProtocolNegotiationHandler(ChannelHandler next, String negotiatorName,
-        ChannelLogger negotiationLogger) {
+                                         ChannelLogger negotiationLogger) {
       super(next, negotiatorName, negotiationLogger);
     }
 
     protected ProtocolNegotiationHandler(ChannelHandler next, ChannelLogger negotiationLogger) {
       super(next, negotiationLogger);
     }
   }
-}
+}

netty/src/main/java/io/grpc/netty/ProtocolNegotiators.java

@@ -46,7 +46,6 @@
 import io.grpc.internal.GrpcUtil;
 import io.grpc.internal.NoopSslSession;
 import io.grpc.internal.ObjectPool;
-import io.netty.channel.Channel;
 import io.netty.channel.ChannelDuplexHandler;
 import io.netty.channel.ChannelFutureListener;
 import io.netty.channel.ChannelHandler;
@@ -61,7 +60,6 @@
 import io.netty.handler.codec.http2.Http2ClientUpgradeCodec;
 import io.netty.handler.proxy.HttpProxyHandler;
 import io.netty.handler.proxy.ProxyConnectionEvent;
-import io.netty.handler.ssl.ClientAuth;
 import io.netty.handler.ssl.OpenSsl;
 import io.netty.handler.ssl.OpenSslEngine;
 import io.netty.handler.ssl.SslContext;
@@ -141,7 +139,7 @@ public static FromChannelCredentialsResult from(ChannelCredentials creds) {
           trustManagers = tlsCreds.getTrustManagers();
         } else if (tlsCreds.getRootCertificates() != null) {
           trustManagers = Arrays.asList(CertificateUtils.createTrustManager(
-                  new ByteArrayInputStream(tlsCreds.getRootCertificates())));
+              new ByteArrayInputStream(tlsCreds.getRootCertificates())));
         } else { // else use system default
           TrustManagerFactory tmf = TrustManagerFactory.getInstance(
               TrustManagerFactory.getDefaultAlgorithm());
@@ -159,7 +157,7 @@ public static FromChannelCredentialsResult from(ChannelCredentials creds) {
           }
         }
         return FromChannelCredentialsResult.negotiator(tlsClientFactory(builder.build(),
-                (X509TrustManager) x509ExtendedTrustManager));
+            (X509TrustManager) x509ExtendedTrustManager));
       } catch (SSLException | GeneralSecurityException ex) {
         log.log(Level.FINE, "Exception building SslContext", ex);
         return FromChannelCredentialsResult.error(
@@ -225,15 +223,15 @@ public static FromServerCredentialsResult from(ServerCredentials creds) {
       } // else use system default
       switch (tlsCreds.getClientAuth()) {
         case OPTIONAL:
-          builder.clientAuth(ClientAuth.OPTIONAL);
+          builder.clientAuth(io.netty.handler.ssl.ClientAuth.OPTIONAL);
           break;
 
         case REQUIRE:
-          builder.clientAuth(ClientAuth.REQUIRE);
+          builder.clientAuth(io.netty.handler.ssl.ClientAuth.REQUIRE);
           break;
 
         case NONE:
-          builder.clientAuth(ClientAuth.NONE);
+          builder.clientAuth(io.netty.handler.ssl.ClientAuth.NONE);
           break;
 
         default:
@@ -281,7 +279,7 @@ public static final class FromChannelCredentialsResult {
     public final String error;
 
     private FromChannelCredentialsResult(ProtocolNegotiator.ClientFactory negotiator,
-        CallCredentials creds, String error) {
+                                         CallCredentials creds, String error) {
       this.negotiator = negotiator;
       this.callCredentials = creds;
       this.error = error;
@@ -395,7 +393,7 @@ public ProtocolNegotiator newNegotiator(ObjectPool<? extends Executor> offloadEx
    * @param executorPool a dedicated {@link Executor} pool for time-consuming TLS tasks
    */
   public static ProtocolNegotiator serverTls(final SslContext sslContext,
-      final ObjectPool<? extends Executor> executorPool) {
+                                             final ObjectPool<? extends Executor> executorPool) {
     Preconditions.checkNotNull(sslContext, "sslContext");
     final Executor executor;
     if (executorPool != null) {
@@ -444,8 +442,8 @@ static final class ServerTlsHandler extends ChannelInboundHandlerAdapter {
     private ProtocolNegotiationEvent pne = ProtocolNegotiationEvent.DEFAULT;
 
     ServerTlsHandler(ChannelHandler next,
-        SslContext sslContext,
-        final ObjectPool<? extends Executor> executorPool) {
+                     SslContext sslContext,
+                     final ObjectPool<? extends Executor> executorPool) {
       this.sslContext = Preconditions.checkNotNull(sslContext, "sslContext");
       this.next = Preconditions.checkNotNull(next, "next");
       if (executorPool != null) {
@@ -475,7 +473,7 @@ public void userEventTriggered(ChannelHandlerContext ctx, Object evt) throws Exc
         }
         SslHandler sslHandler = ctx.pipeline().get(SslHandler.class);
         if (!sslContext.applicationProtocolNegotiator().protocols().contains(
-                sslHandler.applicationProtocol())) {
+            sslHandler.applicationProtocol())) {
           logSslEngineDetails(Level.FINE, ctx, "TLS negotiation failed for new client.", null);
           ctx.fireExceptionCaught(unavailableException(
               "Failed protocol negotiation: Unable to find compatible protocol"));
@@ -502,8 +500,8 @@ private void fireProtocolNegotiationEvent(ChannelHandlerContext ctx, SSLSession
    * Returns a {@link ProtocolNegotiator} that does HTTP CONNECT proxy negotiation.
    */
   public static ProtocolNegotiator httpProxy(final SocketAddress proxyAddress,
-      final @Nullable String proxyUsername, final @Nullable String proxyPassword,
-      final ProtocolNegotiator negotiator) {
+                                             final @Nullable String proxyUsername, final @Nullable String proxyPassword,
+                                             final ProtocolNegotiator negotiator) {
     Preconditions.checkNotNull(negotiator, "negotiator");
     Preconditions.checkNotNull(proxyAddress, "proxyAddress");
     final AsciiString scheme = negotiator.scheme();
@@ -580,8 +578,10 @@ protected void userEventTriggered0(ChannelHandlerContext ctx, Object evt) throws
   static final class ClientTlsProtocolNegotiator implements ProtocolNegotiator {
 
     public ClientTlsProtocolNegotiator(SslContext sslContext,
-                                       ObjectPool<? extends Executor> executorPool, Optional<Runnable> handshakeCompleteRunnable,
-                                       X509TrustManager x509ExtendedTrustManager, String sni) {
+                                       ObjectPool<? extends Executor> executorPool,
+                                       Optional<Runnable> handshakeCompleteRunnable,
+                                       X509TrustManager x509ExtendedTrustManager,
+                                       String sni) {
       this.sslContext = Preconditions.checkNotNull(sslContext, "sslContext");
       this.executorPool = executorPool;
       if (this.executorPool != null) {
@@ -608,9 +608,9 @@ public AsciiString scheme() {
     public ChannelHandler newHandler(GrpcHttp2ConnectionHandler grpcHandler) {
       ChannelHandler gnh = new GrpcNegotiationHandler(grpcHandler);
       ChannelLogger negotiationLogger = grpcHandler.getNegotiationLogger();
-      ChannelHandler cth = new ClientTlsHandler(gnh, sslContext, grpcHandler.getAuthority(),
-          this.executor, negotiationLogger, handshakeCompleteRunnable,
-              x509ExtendedTrustManager, sni);
+      ChannelHandler cth = new ClientTlsHandler(gnh, sslContext,
+          sni != null? sni : grpcHandler.getAuthority(),
+          this.executor, negotiationLogger, handshakeCompleteRunnable, x509ExtendedTrustManager);
       return new WaitUntilActiveHandler(cth, negotiationLogger);
     }
 
@@ -635,17 +635,15 @@ static final class ClientTlsHandler extends ProtocolNegotiationHandler {
     private Executor executor;
     private final Optional<Runnable> handshakeCompleteRunnable;
     private final X509TrustManager x509ExtendedTrustManager;
-    private final String sni;
     private SSLEngine sslEngine;
 
-    ClientTlsHandler(ChannelHandler next, SslContext sslContext, String authority,
+    ClientTlsHandler(ChannelHandler next, SslContext sslContext, String sni,
                      Executor executor, ChannelLogger negotiationLogger,
                      Optional<Runnable> handshakeCompleteRunnable,
-                     X509TrustManager x509ExtendedTrustManager, String sni) {
+                     X509TrustManager x509ExtendedTrustManager) {
       super(next, negotiationLogger);
       this.sslContext = Preconditions.checkNotNull(sslContext, "sslContext");
-      this.sni = sni;
-      HostPort hostPort = parseAuthority(authority);
+      HostPort hostPort = parseAuthority(sni);
       this.host = hostPort.host;
       this.port = hostPort.port;
       this.executor = executor;
@@ -656,7 +654,7 @@ static final class ClientTlsHandler extends ProtocolNegotiationHandler {
     @Override
     @IgnoreJRERequirement
     protected void handlerAdded0(ChannelHandlerContext ctx) {
-      sslEngine = sslContext.newEngine(ctx.alloc(), sni != null? sni : host, port);
+      sslEngine = sslContext.newEngine(ctx.alloc(), host, port);
       SSLParameters sslParams = sslEngine.getSSLParameters();
       sslParams.setEndpointIdentificationAlgorithm("HTTPS");
       sslEngine.setSSLParameters(sslParams);
@@ -749,11 +747,9 @@ static HostPort parseAuthority(String authority) {
 
   /**
    * Returns a {@link ProtocolNegotiator} that ensures the pipeline is set up so that TLS will
-   * be negotiated, the {@code handler} is added and writes to the {@link Channel}
+   * be negotiated, the {@code handler} is added and writes to the {@link io.netty.channel.Channel}
    * may happen immediately, even before the TLS Handshake is complete.
-   *
    * @param executorPool a dedicated {@link Executor} pool for time-consuming TLS tasks
-   * @param sni the SNI value to use in the Tls handshake
    */
   public static ProtocolNegotiator tls(SslContext sslContext,
                                        ObjectPool<? extends Executor> executorPool, Optional<Runnable> handshakeCompleteRunnable,
@@ -764,16 +760,16 @@ public static ProtocolNegotiator tls(SslContext sslContext,
 
   /**
    * Returns a {@link ProtocolNegotiator} that ensures the pipeline is set up so that TLS will
-   * be negotiated, the {@code handler} is added and writes to the {@link Channel}
+   * be negotiated, the {@code handler} is added and writes to the {@link io.netty.channel.Channel}
    * may happen immediately, even before the TLS Handshake is complete.
    */
   public static ProtocolNegotiator tls(SslContext sslContext,
-      X509TrustManager x509ExtendedTrustManager) {
+                                       X509TrustManager x509ExtendedTrustManager) {
     return tls(sslContext, null, Optional.absent(), x509ExtendedTrustManager, null);
   }
 
   public static ProtocolNegotiator.ClientFactory tlsClientFactory(SslContext sslContext,
-      X509TrustManager x509ExtendedTrustManager) {
+                                                                  X509TrustManager x509ExtendedTrustManager) {
     return new TlsProtocolNegotiatorClientFactory(sslContext, x509ExtendedTrustManager);
   }
 
@@ -911,8 +907,8 @@ public void userEventTriggered(ChannelHandlerContext ctx, Object evt) throws Exc
   }
 
   /**
-   * Returns a {@link ChannelHandler} that ensures that the {@code handler} is
-   * added to the pipeline writes to the {@link Channel} may happen immediately,
+   * Returns a {@link io.netty.channel.ChannelHandler} that ensures that the {@code handler} is
+   * added to the pipeline writes to the {@link io.netty.channel.Channel} may happen immediately,
    * even before it is active.
    */
   public static ProtocolNegotiator plaintext() {
@@ -941,7 +937,7 @@ private static RuntimeException unavailableException(String msg) {
 
   @VisibleForTesting
   static void logSslEngineDetails(Level level, ChannelHandlerContext ctx, String msg,
-      @Nullable Throwable t) {
+                                  @Nullable Throwable t) {
     if (!log.isLoggable(level)) {
       return;
     }
@@ -1067,8 +1063,8 @@ static final class PlaintextHandler extends ProtocolNegotiationHandler {
     protected void protocolNegotiationEventTriggered(ChannelHandlerContext ctx) {
       ProtocolNegotiationEvent existingPne = getProtocolNegotiationEvent();
       Attributes attrs = existingPne.getAttributes().toBuilder()
-              .set(GrpcAttributes.ATTR_AUTHORITY_VERIFIER, (authority) -> Status.OK)
-              .build();
+          .set(GrpcAttributes.ATTR_AUTHORITY_VERIFIER, (authority) -> Status.OK)
+          .build();
       replaceProtocolNegotiationEvent(existingPne.withAttributes(attrs));
       fireProtocolNegotiationEvent(ctx);
     }
@@ -1130,7 +1126,7 @@ static class ProtocolNegotiationHandler extends ChannelDuplexHandler {
     private final ChannelLogger negotiationLogger;
 
     protected ProtocolNegotiationHandler(ChannelHandler next, String negotiatorName,
-        ChannelLogger negotiationLogger) {
+                                         ChannelLogger negotiationLogger) {
       this.next = Preconditions.checkNotNull(next, "next");
       this.negotiatorName = negotiatorName;
       this.negotiationLogger = Preconditions.checkNotNull(negotiationLogger, "negotiationLogger");
@@ -1228,4 +1224,4 @@ public String getPeerHost() {
       return peerHost;
     }
   }
-}
+}

netty/src/test/java/io/grpc/netty/NettyClientTransportTest.java

@@ -149,6 +149,7 @@
 public class NettyClientTransportTest {
   @Rule public final MockitoRule mocks = MockitoJUnit.rule();
 
+  private static final String SNI = "sni";
   private static final SslContext SSL_CONTEXT = createSslContext();
 
   @Mock
@@ -836,7 +837,7 @@ public void tlsNegotiationServerExecutorShouldSucceed() throws Exception {
         .keyManager(clientCert, clientKey)
         .build();
     ProtocolNegotiator negotiator = ProtocolNegotiators.tls(clientContext, clientExecutorPool,
-        Optional.absent(), null, sni);
+        Optional.absent(), null, SNI);
     // after starting the client, the Executor in the client pool should be used
     assertEquals(true, clientExecutorPool.isInUse());
     final NettyClientTransport transport = newTransport(negotiator);