Skip to content

Commit fb79d6c

Browse files
msimacekmsimacek
committed
Remove unnecessary frame materialization
1 parent 9ada324 commit fb79d6c

File tree

5 files changed

+56
-68
lines changed

5 files changed

+56
-68
lines changed

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/builtins/objects/ssl/CertUtils.java

Lines changed: 8 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,6 @@
8585
import java.util.Date;
8686
import java.util.List;
8787

88-
import com.oracle.truffle.api.frame.MaterializedFrame;
8988
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
9089
import org.bouncycastle.cert.X509CRLHolder;
9190
import org.bouncycastle.cert.X509CertificateHolder;
@@ -112,7 +111,6 @@
112111
import com.oracle.graal.python.runtime.object.PythonObjectSlowPathFactory;
113112
import com.oracle.truffle.api.CompilerDirectives.TruffleBoundary;
114113
import com.oracle.truffle.api.TruffleFile;
115-
import com.oracle.truffle.api.frame.Frame;
116114

117115
public final class CertUtils {
118116
public static final BouncyCastleProvider BOUNCYCASTLE_PROVIDER = new BouncyCastleProvider();
@@ -620,7 +618,7 @@ public static List<Object> getCertificates(BufferedReader r, boolean onlyCertifi
620618
}
621619

622620
@TruffleBoundary
623-
static PrivateKey getPrivateKey(MaterializedFrame frame, PConstructAndRaiseNode constructAndRaiseNode, BufferedReader reader, char[] password, X509Certificate cert)
621+
static PrivateKey getPrivateKey(PythonContext context, BufferedReader reader, char[] password, X509Certificate cert)
624622
throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, NeedsPasswordException {
625623
PEMParser pemParser = new PEMParser(reader);
626624
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
@@ -656,17 +654,17 @@ static PrivateKey getPrivateKey(MaterializedFrame frame, PConstructAndRaiseNode
656654
break;
657655
}
658656
} catch (IOException | DecoderException | OperatorCreationException | PKCSException e) {
659-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_SSL_PEM_LIB, ErrorMessages.SSL_PEM_LIB);
657+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_SSL_PEM_LIB, ErrorMessages.SSL_PEM_LIB);
660658
}
661659
if (privateKey == null) {
662-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_SSL_PEM_LIB, ErrorMessages.SSL_PEM_LIB);
660+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_SSL_PEM_LIB, ErrorMessages.SSL_PEM_LIB);
663661
}
664662
PublicKey publicKey = cert.getPublicKey();
665-
checkPrivateKey(frame, constructAndRaiseNode, privateKey, publicKey);
663+
checkPrivateKey(context, privateKey, publicKey);
666664
return privateKey;
667665
}
668666

669-
private static void checkPrivateKey(Frame frame, PConstructAndRaiseNode constructAndRaiseNode, PrivateKey privateKey, PublicKey publicKey) {
667+
private static void checkPrivateKey(PythonContext context, PrivateKey privateKey, PublicKey publicKey) {
670668
/*
671669
* Check that the private key matches the public key by signing and verifying a short piece
672670
* of data.
@@ -680,7 +678,7 @@ private static void checkPrivateKey(Frame frame, PConstructAndRaiseNode construc
680678
}
681679
sign.initSign(privateKey);
682680
byte[] data = new byte[128];
683-
PythonContext.get(constructAndRaiseNode).getSecureRandom().nextBytes(data);
681+
context.getSecureRandom().nextBytes(data);
684682
sign.update(data);
685683
byte[] signature = sign.sign();
686684
sign.initVerify(publicKey);
@@ -689,11 +687,11 @@ private static void checkPrivateKey(Frame frame, PConstructAndRaiseNode construc
689687
return;
690688
}
691689
} catch (NoSuchAlgorithmException e) {
692-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_SSL, e);
690+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_SSL, e);
693691
} catch (SignatureException | InvalidKeyException e) {
694692
// fallthrough
695693
}
696-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_KEY_VALUES_MISMATCH, ErrorMessages.KEY_VALUES_MISMATCH);
694+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_KEY_VALUES_MISMATCH, ErrorMessages.KEY_VALUES_MISMATCH);
697695
}
698696

699697
@TruffleBoundary

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/builtins/objects/ssl/SSLContextBuiltins.java

Lines changed: 31 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -72,7 +72,6 @@
7272
import javax.net.ssl.SSLEngine;
7373
import javax.net.ssl.SSLParameters;
7474

75-
import com.oracle.truffle.api.frame.MaterializedFrame;
7675
import org.bouncycastle.util.encoders.DecoderException;
7776

7877
import com.oracle.graal.python.annotations.ArgumentClinic;
@@ -122,6 +121,7 @@
122121
import com.oracle.graal.python.nodes.util.CannotCastException;
123122
import com.oracle.graal.python.nodes.util.CastToJavaLongExactNode;
124123
import com.oracle.graal.python.nodes.util.CastToJavaStringNode;
124+
import com.oracle.graal.python.runtime.PythonContext;
125125
import com.oracle.graal.python.runtime.exception.PException;
126126
import com.oracle.graal.python.util.IPAddressUtil;
127127
import com.oracle.graal.python.util.PythonUtils;
@@ -199,11 +199,11 @@ protected ArgumentClinicProvider getArgumentClinic() {
199199
}
200200

201201
@TruffleBoundary
202-
static SSLEngine createSSLEngine(MaterializedFrame frame, PConstructAndRaiseNode constructAndRaiseNode, PNodeWithRaise node, PSSLContext context, boolean serverMode, String serverHostname) {
202+
static SSLEngine createSSLEngine(PNodeWithRaise node, PSSLContext context, boolean serverMode, String serverHostname) {
203203
try {
204204
context.init();
205205
} catch (NoSuchAlgorithmException | KeyStoreException | UnrecoverableKeyException | KeyManagementException | InvalidAlgorithmParameterException | IOException | CertificateException ex) {
206-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_SSL, ex);
206+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_SSL, ex);
207207
}
208208
SSLParameters parameters = new SSLParameters();
209209
SSLEngine engine;
@@ -268,14 +268,13 @@ private static boolean isIPAddress(String str) {
268268
@GenerateNodeFactory
269269
abstract static class WrapSocketNode extends PythonClinicBuiltinNode {
270270
@Specialization
271-
Object wrap(VirtualFrame frame, PSSLContext context, PSocket sock, boolean serverSide, Object serverHostnameObj, Object owner, @SuppressWarnings("unused") PNone session,
272-
@Cached StringNodes.CastToJavaStringCheckedNode cast,
273-
@Cached PConstructAndRaiseNode constructAndRaiseNode) {
271+
Object wrap(PSSLContext context, PSocket sock, boolean serverSide, Object serverHostnameObj, Object owner, @SuppressWarnings("unused") PNone session,
272+
@Cached StringNodes.CastToJavaStringCheckedNode cast) {
274273
String serverHostname = null;
275274
if (!(serverHostnameObj instanceof PNone)) {
276275
serverHostname = cast.cast(serverHostnameObj, ErrorMessages.S_MUST_BE_NONE_OR_STRING, "serverHostname", serverHostnameObj);
277276
}
278-
SSLEngine engine = createSSLEngine(frame.materialize(), constructAndRaiseNode, this, context, serverSide, serverHostname);
277+
SSLEngine engine = createSSLEngine(this, context, serverSide, serverHostname);
279278
PSSLSocket sslSocket = factory().createSSLSocket(PythonBuiltinClassType.PSSLSocket, context, engine, sock);
280279
if (!(owner instanceof PNone)) {
281280
sslSocket.setOwner(owner);
@@ -301,15 +300,14 @@ protected ArgumentClinicProvider getArgumentClinic() {
301300
@GenerateNodeFactory
302301
abstract static class WrapBIONode extends PythonClinicBuiltinNode {
303302
@Specialization
304-
Object wrap(VirtualFrame frame, PSSLContext context, PMemoryBIO incoming, PMemoryBIO outgoing, boolean serverSide, Object serverHostnameObj, Object owner,
303+
Object wrap(PSSLContext context, PMemoryBIO incoming, PMemoryBIO outgoing, boolean serverSide, Object serverHostnameObj, Object owner,
305304
@SuppressWarnings("unused") PNone session,
306-
@Cached StringNodes.CastToJavaStringCheckedNode cast,
307-
@Cached PConstructAndRaiseNode constructAndRaiseNode) {
305+
@Cached StringNodes.CastToJavaStringCheckedNode cast) {
308306
String serverHostname = null;
309307
if (!(serverHostnameObj instanceof PNone)) {
310308
serverHostname = cast.cast(serverHostnameObj, ErrorMessages.S_MUST_BE_NONE_OR_STRING, "serverHostname", serverHostnameObj);
311309
}
312-
SSLEngine engine = createSSLEngine(frame.materialize(), constructAndRaiseNode, this, context, serverSide, serverHostname);
310+
SSLEngine engine = createSSLEngine(this, context, serverSide, serverHostname);
313311
PSSLSocket sslSocket = factory().createSSLSocket(PythonBuiltinClassType.PSSLSocket, context, engine, incoming, outgoing);
314312
if (!(owner instanceof PNone)) {
315313
sslSocket.setOwner(owner);
@@ -693,10 +691,10 @@ Object load(VirtualFrame frame, PSSLContext self, Object cafile, Object capath,
693691
if (!(cadata instanceof PNone)) {
694692
Collection<?> certificates;
695693
try {
696-
certificates = fromString(frame, constructAndRaiseNode, castToString.execute(cadata));
694+
certificates = fromString(castToString.execute(cadata));
697695
} catch (CannotCastException cannotCastException) {
698696
if (cadata instanceof PBytesLike) {
699-
certificates = fromBytesLike(frame.materialize(), constructAndRaiseNode, toBytes, cadata);
697+
certificates = fromBytesLike(toBytes.execute(((PBytesLike) cadata).getSequenceStorage()));
700698
} else {
701699
throw raise(TypeError, ErrorMessages.S_SHOULD_BE_ASCII_OR_BYTELIKE, "cadata");
702700
}
@@ -729,48 +727,47 @@ private TruffleFile toTruffleFile(VirtualFrame frame, PyUnicodeFSDecoderNode asP
729727
}
730728
}
731729

732-
private List<Object> fromString(VirtualFrame frame, PConstructAndRaiseNode constructAndRaiseNode, String dataString)
730+
private List<Object> fromString(String dataString)
733731
throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException, CRLException {
734732
if (dataString.isEmpty()) {
735733
throw raise(ValueError, ErrorMessages.EMPTY_CERTIFICATE_DATA);
736734
}
737-
return getCertificates(frame.materialize(), constructAndRaiseNode, dataString);
735+
return getCertificates(dataString);
738736
}
739737

740738
@TruffleBoundary
741-
private List<Object> getCertificates(MaterializedFrame frame, PConstructAndRaiseNode constructAndRaiseNode, String dataString)
739+
private List<Object> getCertificates(String dataString)
742740
throws PException, CRLException, IOException, CertificateException {
743741
try (BufferedReader r = new BufferedReader(new StringReader(dataString))) {
744742
try {
745743
List<Object> certificates = CertUtils.getCertificates(r);
746744
if (certificates.isEmpty()) {
747-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_NO_START_LINE, ErrorMessages.SSL_PEM_NO_START_LINE);
745+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_NO_START_LINE, ErrorMessages.SSL_PEM_NO_START_LINE);
748746
}
749747
return certificates;
750748
} catch (DecoderException e) {
751-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_BAD_BASE64_DECODE, ErrorMessages.BAD_BASE64_DECODE);
749+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_BAD_BASE64_DECODE, ErrorMessages.BAD_BASE64_DECODE);
752750
} catch (IOException e) {
753-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_SSL_PEM_LIB, ErrorMessages.SSL_PEM_LIB);
751+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_SSL_PEM_LIB, ErrorMessages.SSL_PEM_LIB);
754752
}
755753
}
756754
}
757755

758756
@TruffleBoundary
759-
private Collection<?> fromBytesLike(MaterializedFrame frame, PConstructAndRaiseNode constructAndRaiseNode, ToByteArrayNode toBytes, Object cadata)
757+
private Collection<?> fromBytesLike(byte[] bytes)
760758
throws KeyStoreException, IOException, NoSuchAlgorithmException {
761-
byte[] bytes = toBytes.execute(((PBytesLike) cadata).getSequenceStorage());
762759
try {
763760
return CertUtils.generateCertificates(bytes);
764761
} catch (CertificateException ex) {
765762
String msg = ex.getMessage();
766763
if (msg != null) {
767764
if (msg.contains("No certificate data found")) {
768-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_NOT_ENOUGH_DATA, ErrorMessages.NOT_ENOUGH_DATA);
765+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_NOT_ENOUGH_DATA, ErrorMessages.NOT_ENOUGH_DATA);
769766
}
770767
} else {
771768
msg = "error while reading cadata";
772769
}
773-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_SSL, msg);
770+
throw PConstructAndRaiseNode.raiseUncachedSSLError(null, SSLErrorCode.ERROR_SSL, msg);
774771
}
775772
}
776773
}
@@ -795,12 +792,12 @@ Object load(VirtualFrame frame, PSSLContext self, Object certfile, Object keyfil
795792
TruffleFile keyTruffleFile = toTruffleFile(frame, asPath.execute(frame, kf));
796793
try {
797794
try {
798-
return load(frame.materialize(), constructAndRaiseNode, certTruffleFile, keyTruffleFile, null, self);
795+
return load(getContext(), certTruffleFile, keyTruffleFile, null, self);
799796
} catch (NeedsPasswordException e) {
800797
if (passwordObj != PNone.NONE) {
801798
char[] password = getPasswordNode.execute(frame, passwordObj);
802799
try {
803-
return load(frame.materialize(), constructAndRaiseNode, certTruffleFile, keyTruffleFile, password, self);
800+
return load(getContext(), certTruffleFile, keyTruffleFile, password, self);
804801
} catch (NeedsPasswordException e1) {
805802
throw CompilerDirectives.shouldNotReachHere();
806803
}
@@ -813,11 +810,11 @@ Object load(VirtualFrame frame, PSSLContext self, Object certfile, Object keyfil
813810
}
814811

815812
@TruffleBoundary
816-
private Object load(MaterializedFrame frame, PConstructAndRaiseNode constructAndRaiseNode, TruffleFile certTruffleFile, TruffleFile keyTruffleFile, char[] password, PSSLContext self)
813+
private Object load(PythonContext context, TruffleFile certTruffleFile, TruffleFile keyTruffleFile, char[] password, PSSLContext self)
817814
throws IOException, NeedsPasswordException {
818815
try (BufferedReader certReader = getReader(certTruffleFile, "certfile");
819816
BufferedReader keyReader = getReader(keyTruffleFile, "keyfile")) {
820-
return load(frame, constructAndRaiseNode, self, certReader, keyReader, password);
817+
return load(context, self, certReader, keyReader, password);
821818
}
822819
}
823820

@@ -830,7 +827,7 @@ private BufferedReader getReader(TruffleFile file, String arg) throws IOExceptio
830827
}
831828
}
832829

833-
private Object load(MaterializedFrame frame, PConstructAndRaiseNode constructAndRaiseNode, PSSLContext self, BufferedReader certReader, BufferedReader keyReader, char[] password)
830+
private Object load(PythonContext context, PSSLContext self, BufferedReader certReader, BufferedReader keyReader, char[] password)
834831
throws NeedsPasswordException {
835832
// TODO add logging
836833
try {
@@ -839,17 +836,17 @@ private Object load(MaterializedFrame frame, PConstructAndRaiseNode constructAnd
839836
List<Object> certificates = CertUtils.getCertificates(certReader, true);
840837
certs = certificates.toArray(new X509Certificate[certificates.size()]);
841838
if (certs.length == 0) {
842-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_SSL_PEM_LIB, ErrorMessages.SSL_PEM_LIB);
839+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_SSL_PEM_LIB, ErrorMessages.SSL_PEM_LIB);
843840
}
844841
} catch (IOException | DecoderException e) {
845-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_SSL_PEM_LIB, ErrorMessages.SSL_PEM_LIB);
842+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_SSL_PEM_LIB, ErrorMessages.SSL_PEM_LIB);
846843
}
847844
// if keyReader and certReader are from the same file, key is expected to come first
848-
PrivateKey pk = CertUtils.getPrivateKey(frame, constructAndRaiseNode, keyReader, password, certs[0]);
845+
PrivateKey pk = CertUtils.getPrivateKey(context, keyReader, password, certs[0]);
849846
self.setCertChain(pk, PythonUtils.EMPTY_CHAR_ARRAY, certs);
850847
return PNone.NONE;
851848
} catch (GeneralSecurityException | IOException ex) {
852-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_SSL, ex);
849+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_SSL, ex);
853850
}
854851
}
855852

@@ -1004,8 +1001,7 @@ Object getCerts(VirtualFrame frame, PSSLContext self, @SuppressWarnings("unused"
10041001
}
10051002

10061003
@Specialization(guards = "binary_form")
1007-
Object getCertsBinary(VirtualFrame frame, PSSLContext self, @SuppressWarnings("unused") boolean binary_form,
1008-
@Cached PConstructAndRaiseNode constructAndRaiseNode) {
1004+
Object getCertsBinary(PSSLContext self, @SuppressWarnings("unused") boolean binary_form) {
10091005
try {
10101006
List<PBytes> result = PythonUtils.newList();
10111007
for (X509Certificate cert : self.getCACerts()) {
@@ -1015,7 +1011,7 @@ Object getCertsBinary(VirtualFrame frame, PSSLContext self, @SuppressWarnings("u
10151011
}
10161012
return factory().createList(PythonUtils.toArray(result));
10171013
} catch (KeyStoreException | NoSuchAlgorithmException | CertificateEncodingException ex) {
1018-
throw constructAndRaiseNode.raiseSSLError(frame, SSLErrorCode.ERROR_SSL, ex);
1014+
throw PConstructAndRaiseNode.raiseUncachedSSLError(SSLErrorCode.ERROR_SSL, ex);
10191015
}
10201016
}
10211017

0 commit comments

Comments
 (0)