diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-02-18 15:23:23 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-02-18 15:23:23 +0100 |
commit | f78e95b4c69949166670202edc7371deb92e7a6c (patch) | |
tree | 503957b58cfd4a3141a87a80b11659263fbabd63 /jrt/src/com/yahoo/jrt/TlsCryptoSocket.java | |
parent | 7baac9a29d01a23893b32d54b672001281bd3d96 (diff) |
Do heavy computation work as an explicit handshake step
Move execution of SSLEngine's delegated tasks to a separate method doHandshakeWork().
This is a preparation for performing computation heavy handshake work in a
separate thread.
Diffstat (limited to 'jrt/src/com/yahoo/jrt/TlsCryptoSocket.java')
-rw-r--r-- | jrt/src/com/yahoo/jrt/TlsCryptoSocket.java | 35 |
1 files changed, 23 insertions, 12 deletions
diff --git a/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java b/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java index f25a45169a8..c12c8ac88a3 100644 --- a/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java +++ b/jrt/src/com/yahoo/jrt/TlsCryptoSocket.java @@ -29,7 +29,7 @@ public class TlsCryptoSocket implements CryptoSocket { private static final Logger log = Logger.getLogger(TlsCryptoSocket.class.getName()); - private enum HandshakeState { NOT_STARTED, NEED_READ, NEED_WRITE, COMPLETED } + private enum HandshakeState { NOT_STARTED, NEED_READ, NEED_WRITE, NEED_WORK, COMPLETED } private final TransportMetrics metrics = TransportMetrics.getInstance(); private final SocketChannel channel; @@ -72,6 +72,14 @@ public class TlsCryptoSocket implements CryptoSocket { return toHandshakeResult(newHandshakeState); } + @Override + public void doHandshakeWork() { + Runnable task; + while ((task = sslEngine.getDelegatedTask()) != null) { + task.run(); + } + } + private HandshakeState processHandshakeState(HandshakeState state) throws IOException { try { switch (state) { @@ -85,6 +93,17 @@ public class TlsCryptoSocket implements CryptoSocket { case NEED_READ: channelRead(); break; + case NEED_WORK: + if (authorizationResult != null) { + PeerAuthorizerTrustManager.getAuthorizationResult(sslEngine) // only available during handshake + .ifPresent(result -> { + if (!result.succeeded()) { + metrics.incrementPeerAuthorizationFailures(); + } + authorizationResult = result; + }); + } + break; case COMPLETED: return HandshakeState.COMPLETED; default: @@ -108,17 +127,7 @@ public class TlsCryptoSocket implements CryptoSocket { } return HandshakeState.COMPLETED; case NEED_TASK: - sslEngine.getDelegatedTask().run(); - if (authorizationResult != null) { - PeerAuthorizerTrustManager.getAuthorizationResult(sslEngine) // only available during handshake - .ifPresent(result -> { - if (!result.succeeded()) { - metrics.incrementPeerAuthorizationFailures(); - } - authorizationResult = result; - }); - } - break; + return HandshakeState.NEED_WORK; case NEED_UNWRAP: if (wrapBuffer.bytes() > 0) return HandshakeState.NEED_WRITE; if (!handshakeUnwrap()) return HandshakeState.NEED_READ; @@ -145,6 +154,8 @@ public class TlsCryptoSocket implements CryptoSocket { return HandshakeResult.NEED_READ; case NEED_WRITE: return HandshakeResult.NEED_WRITE; + case NEED_WORK: + return HandshakeResult.NEED_WORK; case COMPLETED: return HandshakeResult.DONE; default: |