This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 62b73d5510 Refactor and simplify
62b73d5510 is described below
commit 62b73d551052a72efb5f2334d88bbe09e9baec6c
Author: remm <[email protected]>
AuthorDate: Thu Jun 30 10:45:03 2022 +0200
Refactor and simplify
As everything is synchronized, the segment can be allocated only once
(at the expense of adding memory use for the lifetime of the engine).
Note: no backport of this to Java 17 since using segments was causing
weird corruption for two of the methods (writeEncryptedData and
readEncryptedData; I never found an explanation for this but the direct
BB based code is working and can be avoided with configuration).
---
.../util/net/openssl/panama/OpenSSLEngine.java | 129 +++++++--------------
1 file changed, 41 insertions(+), 88 deletions(-)
diff --git
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index 361c72cf9a..3f34895b1d 100644
---
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -182,6 +182,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
private final EngineState state;
private final MemorySession engineMemorySession;
+ private MemorySegment bufSegment = null;
private enum Accepted { NOT, IMPLICIT, EXPLICIT }
private Accepted accepted = Accepted.NOT;
@@ -244,6 +245,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
throw new
IllegalArgumentException(sm.getString("engine.noSSLContext"));
}
engineMemorySession = MemorySession.openImplicit();
+ bufSegment = engineMemorySession.allocateArray(ValueLayout.JAVA_BYTE,
MAX_ENCRYPTED_PACKET_LENGTH);
session = new OpenSSLSession();
var ssl = SSL_new(sslCtx);
// Set ssl_info_callback
@@ -287,6 +289,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
destroyed = true;
// internal errors can cause shutdown without marking the engine
closed
isInboundDone = isOutboundDone = engineClosed = true;
+ bufSegment = null;
}
}
@@ -299,30 +302,18 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
private int writePlaintextData(final MemoryAddress ssl, final ByteBuffer
src) throws SSLException {
clearLastError();
final int pos = src.position();
- final int len = Math.min(src.limit() - pos, MAX_PLAINTEXT_LENGTH);
-
- if (src.isDirect()) {
- final int sslWrote = SSL_write(ssl, MemorySegment.ofBuffer(src),
len);
- if (sslWrote > 0) {
- src.position(pos + sslWrote);
- return sslWrote;
- } else {
- checkLastError();
- }
+ final int len = Math.min(src.remaining(), MAX_PLAINTEXT_LENGTH);
+ MemorySegment srcSegment = src.isDirect() ?
MemorySegment.ofBuffer(src) : bufSegment;
+ if (!src.isDirect()) {
+ MemorySegment.copy(src.array(), pos, bufSegment,
ValueLayout.JAVA_BYTE, 0, len);
+ }
+ final int sslWrote = SSL_write(ssl, srcSegment, len);
+ if (sslWrote > 0) {
+ src.position(pos + sslWrote);
+ return sslWrote;
} else {
- try (var memorySession = MemorySession.openConfined()) {
- MemorySegment bufSegment =
memorySession.allocateArray(ValueLayout.JAVA_BYTE, len);
- MemorySegment.copy(src.array(), pos, bufSegment,
ValueLayout.JAVA_BYTE, 0, len);
- final int sslWrote = SSL_write(ssl, bufSegment, len);
- if (sslWrote > 0) {
- src.position(pos + sslWrote);
- return sslWrote;
- } else {
- checkLastError();
- }
- }
+ checkLastError();
}
-
return 0;
}
@@ -334,30 +325,17 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
clearLastError();
final int pos = src.position();
final int len = src.remaining();
-
- if (src.isDirect()) {
- final int netWrote = BIO_write(networkBIO,
MemorySegment.ofBuffer(src), len);
- if (netWrote > 0) {
- src.position(pos + netWrote);
- return netWrote;
- } else {
- checkLastError();
- }
+ MemorySegment srcSegment = src.isDirect() ?
MemorySegment.ofBuffer(src) : bufSegment;
+ if (!src.isDirect()) {
+ MemorySegment.copy(src.array(), pos, bufSegment,
ValueLayout.JAVA_BYTE, 0, len);
+ }
+ final int netWrote = BIO_write(networkBIO, srcSegment, len);
+ if (netWrote > 0) {
+ src.position(pos + netWrote);
+ return netWrote;
} else {
- try (var memorySession = MemorySession.openConfined()) {
- MemorySegment bufSegment =
memorySession.allocateArray(ValueLayout.JAVA_BYTE, len);
- MemorySegment.copy(src.array(), pos, bufSegment,
ValueLayout.JAVA_BYTE, 0, len);
- final int netWrote = BIO_write(networkBIO, bufSegment, len);
- if (netWrote > 0) {
- src.position(pos + netWrote);
- return netWrote;
- } else {
- src.position(pos);
- checkLastError();
- }
- }
+ checkLastError();
}
-
return 0;
}
@@ -368,31 +346,18 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
private int readPlaintextData(final MemoryAddress ssl, final ByteBuffer
dst) throws SSLException {
clearLastError();
final int pos = dst.position();
-
- if (dst.isDirect()) {
- final int len = dst.remaining();
- final int sslRead = SSL_read(ssl, MemorySegment.ofBuffer(dst),
len);
- if (sslRead > 0) {
- dst.position(pos + sslRead);
- return sslRead;
- } else {
- checkLastError();
- }
+ final int len = Math.min(dst.remaining(), MAX_ENCRYPTED_PACKET_LENGTH);
+ MemorySegment dstSegment = dst.isDirect() ?
MemorySegment.ofBuffer(dst) : bufSegment;
+ final int sslRead = SSL_read(ssl, dstSegment, len);
+ if (sslRead > 0) {
+ if (!dst.isDirect()) {
+ MemorySegment.copy(dstSegment, ValueLayout.JAVA_BYTE, 0,
dst.array(), pos, sslRead);
+ }
+ dst.position(pos + sslRead);
+ return sslRead;
} else {
- final int len = Math.min(MAX_ENCRYPTED_PACKET_LENGTH, dst.limit()
- pos);
- try (var memorySession = MemorySession.openConfined()) {
- MemorySegment bufSegment =
memorySession.allocateArray(ValueLayout.JAVA_BYTE, len);
- final int sslRead = SSL_read(ssl, bufSegment, len);
- if (sslRead > 0) {
- MemorySegment.copy(bufSegment, ValueLayout.JAVA_BYTE, 0,
dst.array(), pos, sslRead);
- dst.position(pos + sslRead);
- return sslRead;
- } else {
- checkLastError();
- }
- }
+ checkLastError();
}
-
return 0;
}
@@ -403,29 +368,17 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
private int readEncryptedData(final MemoryAddress networkBIO, final
ByteBuffer dst, final int pending) throws SSLException {
clearLastError();
final int pos = dst.position();
-
- if (dst.isDirect()) {
- final int bioRead = BIO_read(networkBIO,
MemorySegment.ofBuffer(dst), pending);
- if (bioRead > 0) {
- dst.position(pos + bioRead);
- return bioRead;
- } else {
- checkLastError();
- }
+ MemorySegment dstSegment = dst.isDirect() ?
MemorySegment.ofBuffer(dst) : bufSegment;
+ final int bioRead = BIO_read(networkBIO, dstSegment, pending);
+ if (bioRead > 0) {
+ if (!dst.isDirect()) {
+ MemorySegment.copy(dstSegment, ValueLayout.JAVA_BYTE, 0,
dst.array(), pos, bioRead);
+ }
+ dst.position(pos + bioRead);
+ return bioRead;
} else {
- try (var memorySession = MemorySession.openConfined()) {
- MemorySegment bufSegment =
memorySession.allocateArray(ValueLayout.JAVA_BYTE, pending);
- final int bioRead = BIO_read(networkBIO, bufSegment, pending);
- if (bioRead > 0) {
- MemorySegment.copy(bufSegment, ValueLayout.JAVA_BYTE, 0,
dst.array(), pos, bioRead);
- dst.position(pos + bioRead);
- return bioRead;
- } else {
- checkLastError();
- }
- }
+ checkLastError();
}
-
return 0;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
