diff options
| author | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-07-19 14:29:20 +0200 |
|---|---|---|
| committer | Bjørn Christian Seime <bjorncs@yahooinc.com> | 2022-07-19 14:29:20 +0200 |
| commit | 529a26d7e1062a006196366454f1a047ca31202c (patch) | |
| tree | 8f66740e0f742756d837ab2412ed3855afe8e467 | |
| parent | fe7d61426067ceb53d95890bc24cd350cfa32f42 (diff) | |
Rename method/variable names to match new class name
| -rw-r--r-- | jrt/src/com/yahoo/jrt/TlsCryptoSocket.java | 16 | ||||
| -rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/authz/PeerAuthorizerTrustManager.java | 2 |
2 files changed, 9 insertions, 9 deletions
diff --git a/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java b/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java index 721c7c4d2e7..ecd76e1eb17 100644 --- a/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java +++ b/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java @@ -41,7 +41,7 @@ public class TlsCryptoSocket implements CryptoSocket { private int sessionApplicationBufferSize; private ByteBuffer handshakeDummyBuffer; private HandshakeState handshakeState; - private ConnectionAuthContext authorizationResult; + private ConnectionAuthContext authContext; public TlsCryptoSocket(SocketChannel channel, SSLEngine sslEngine) { this.channel = channel; @@ -97,13 +97,13 @@ public class TlsCryptoSocket implements CryptoSocket { channelRead(); break; case NEED_WORK: - if (authorizationResult == null) { - PeerAuthorizerTrustManager.getAuthorizationResult(sslEngine) // only available during handshake - .ifPresent(result -> { - if (!result.authorized()) { + if (authContext == null) { + PeerAuthorizerTrustManager.getConnectionAuthContext(sslEngine) // only available during handshake + .ifPresent(ctx -> { + if (!ctx.authorized()) { metrics.incrementPeerAuthorizationFailures(); } - authorizationResult = result; + authContext = ctx; }); } break; @@ -144,7 +144,7 @@ public class TlsCryptoSocket implements CryptoSocket { } } catch (SSLHandshakeException e) { // sslEngine.getDelegatedTask().run() and handshakeWrap() may throw SSLHandshakeException, potentially handshakeUnwrap() and sslEngine.beginHandshake() as well. - if (authorizationResult == null || authorizationResult.authorized()) { // don't include handshake failures due from PeerAuthorizerTrustManager + if (authContext == null || authContext.authorized()) { // don't include handshake failures due from PeerAuthorizerTrustManager metrics.incrementTlsCertificateVerificationFailures(); } throw e; @@ -221,7 +221,7 @@ public class TlsCryptoSocket implements CryptoSocket { @Override public Optional<ConnectionAuthContext> getConnectionAuthContext() { if (handshakeState != HandshakeState.COMPLETED) return Optional.empty(); - return Optional.ofNullable(authorizationResult); + return Optional.ofNullable(authContext); } private boolean handshakeWrap() throws IOException { diff --git a/security-utils/src/main/java/com/yahoo/security/tls/authz/PeerAuthorizerTrustManager.java b/security-utils/src/main/java/com/yahoo/security/tls/authz/PeerAuthorizerTrustManager.java index bc31d8ae450..334216a2c19 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/authz/PeerAuthorizerTrustManager.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/authz/PeerAuthorizerTrustManager.java @@ -101,7 +101,7 @@ public class PeerAuthorizerTrustManager extends X509ExtendedTrustManager { /** * Note: The authorization result is only available during handshake. The underlying handshake session is removed once handshake is complete. */ - public static Optional<ConnectionAuthContext> getAuthorizationResult(SSLEngine sslEngine) { + public static Optional<ConnectionAuthContext> getConnectionAuthContext(SSLEngine sslEngine) { return Optional.ofNullable(sslEngine.getHandshakeSession()) .flatMap(session -> Optional.ofNullable((ConnectionAuthContext) session.getValue(HANDSHAKE_SESSION_AUTH_CONTEXT_PROPERTY))); } |