diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2021-01-14 13:23:22 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2021-01-14 13:23:22 +0100 |
commit | ad3d2e3a9aa89b3248db02a7929a737ea790497d (patch) | |
tree | d5dfa8fb6aaf138994476bab2d1839b09f5d55d7 /security-utils | |
parent | 6564d646f807bb23e725ffe9310e030259eeedc6 (diff) |
Revert "Use reference counting to avoid relying on GC to drop threads."
This reverts commit 1c6c89eb52ac80c583c0cd90efdd0784344af434.
Diffstat (limited to 'security-utils')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java | 25 | ||||
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/TlsManager.java | 19 |
2 files changed, 8 insertions, 36 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java index 9527d50f339..26dfbf9fd9f 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java @@ -31,17 +31,13 @@ public class ConfigFileBasedTlsContext implements TlsContext { private static TlsManager getOrCreateTrustManager(Path tlsOptionsConfigFile) { synchronized (trustManagers) { - WeakReference<TlsManager> tlsRef = trustManagers.get(tlsOptionsConfigFile); - TlsManager tlsManager = null; - if (tlsRef != null) { - tlsManager = tlsRef.get(); + WeakReference<TlsManager> tlsManager = trustManagers.get(tlsOptionsConfigFile); + if (tlsManager == null || tlsManager.get() == null) { + TlsManager manager = new TlsManager(tlsOptionsConfigFile); + trustManagers.put(tlsOptionsConfigFile, new WeakReference<>(manager)); + return manager; } - if (tlsManager == null) { - tlsManager = new TlsManager(tlsOptionsConfigFile); - trustManagers.put(tlsOptionsConfigFile, new WeakReference<>(tlsManager)); - } - tlsManager.addRef(); - return tlsManager; + return tlsManager.get(); } } @@ -63,15 +59,6 @@ public class ConfigFileBasedTlsContext implements TlsContext { @Override public SSLParameters parameters() { return tlsContext.parameters(); } @Override public SSLEngine createSslEngine() { return tlsContext.createSslEngine(); } @Override public SSLEngine createSslEngine(String peerHost, int peerPort) { return tlsContext.createSslEngine(peerHost, peerPort); } - @Override public void close() { - synchronized (trustManagers) { - int references = tlsManager.subRef(); - if (references == 0) { - tlsManager.close(); - trustManagers.remove(tlsManager.getTlsConfigFile()); - } - } - } private static DefaultTlsContext createDefaultTlsContext(TransportSecurityOptions options, AuthorizationMode mode, diff --git a/security-utils/src/main/java/com/yahoo/security/tls/TlsManager.java b/security-utils/src/main/java/com/yahoo/security/tls/TlsManager.java index c2286c3e8ac..bade1993982 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/TlsManager.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/TlsManager.java @@ -16,7 +16,6 @@ import java.util.concurrent.Executors; import java.util.concurrent.ScheduledExecutorService; import java.util.concurrent.ThreadFactory; import java.util.concurrent.TimeUnit; -import java.util.concurrent.atomic.AtomicInteger; import java.util.logging.Level; import java.util.logging.Logger; @@ -24,12 +23,10 @@ class TlsManager { private static final Logger log = Logger.getLogger(TlsManager.class.getName()); private static final Duration UPDATE_PERIOD = Duration.ofHours(1); - private final Path tlsConfigFile; private final MutableX509TrustManager trustManager; private final MutableX509KeyManager keyManager; private final ScheduledExecutorService scheduler; private TransportSecurityOptions options; - private final AtomicInteger references = new AtomicInteger(0); private static void reloadTrustManager(TransportSecurityOptions options, MutableX509TrustManager trustManager) { if (options.getCaCertificatesFile().isPresent()) { @@ -89,13 +86,13 @@ class TlsManager { try { TlsManager tlsManager = this.tlsManager.get(); if (tlsManager == null) { - // If reference count is done correctly this should not be necessary. scheduler.shutdown(); return; } TransportSecurityOptions options = TransportSecurityOptions.fromJsonFile(tlsOptionsConfigFile); reloadTrustManager(options, tlsManager.getTrustManager()); - reloadKeyManager(options, tlsManager.getKeyManager()); + MutableX509KeyManager keyManager = tlsManager.getKeyManager(); + reloadKeyManager(options, keyManager); } catch (Throwable t) { log.log(Level.SEVERE, String.format("Failed to reload crypto material (path='%s'): %s", tlsOptionsConfigFile, t.getMessage()), t); } @@ -117,7 +114,6 @@ class TlsManager { } TlsManager(Path tlsOptionsConfigFile) { - tlsConfigFile = tlsOptionsConfigFile; trustManager = new MutableX509TrustManager(); keyManager = new MutableX509KeyManager(); options = TransportSecurityOptions.fromJsonFile(tlsOptionsConfigFile); @@ -137,18 +133,7 @@ class TlsManager { return keyManager; } - Path getTlsConfigFile() { - return tlsConfigFile; - } - TransportSecurityOptions getOptions() { return options; } - - void close() { - scheduler.shutdown(); - } - - int addRef() { return references.incrementAndGet(); } - int subRef() { return references.decrementAndGet(); } } |