1
0
Fork 0
mirror of https://github.com/puma/puma.git synced 2022-11-09 13:48:40 -05:00

JRuby - Add Puma::MiniSSL::Engine#init? and #teardown methods, run all SSL tests (#2317)

Update MiniSSL.java and minissl.rb for JRuby

Add Puma::MiniSSL::Engine#init? and #teardown methods
This commit is contained in:
MSP-Greg 2020-09-01 17:00:36 -05:00 committed by GitHub
parent 2710a6a071
commit fa6e916fc0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 53 additions and 10 deletions

View file

@ -1,5 +1,7 @@
### Master
* Bugfixes
* JRuby - Add Puma::MiniSSL::Engine#init? and #teardown methods, run all SSL tests (#2317)
* Improve shutdown reliability (#2312)
* Resolve issue with threadpool waiting counter decrement when thread is killed
* Constrain rake-compiler version to 0.9.4 to fix `ClassNotFound` exception when using MiniSSL with Java8.
* Ensure that TCP_CORK is usable

View file

@ -120,6 +120,8 @@ public class MiniSSL extends RubyObject {
}
private SSLEngine engine;
private boolean closed;
private boolean handshake;
private MiniSSLBuffer inboundNetData;
private MiniSSLBuffer outboundAppData;
private MiniSSLBuffer outboundNetData;
@ -157,6 +159,8 @@ public class MiniSSL extends RubyObject {
SSLContext sslCtx = SSLContext.getInstance("TLS");
sslCtx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
closed = false;
handshake = false;
engine = sslCtx.createSSLEngine();
String[] protocols;
@ -240,14 +244,21 @@ public class MiniSSL extends RubyObject {
// need to wait for more data to come in before we retry
retryOp = false;
break;
default:
// other cases are OK and CLOSED. We're done here.
case CLOSED:
closed = true;
retryOp = false;
break;
default:
// other case is OK. We're done here.
retryOp = false;
}
if (res.getHandshakeStatus() == HandshakeStatus.FINISHED) {
handshake = true;
}
}
// after each op, run any delegated tasks if needed
if(engine.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
if(res.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
Runnable runnable;
while ((runnable = engine.getDelegatedTask()) != null) {
runnable.run();
@ -271,13 +282,14 @@ public class MiniSSL extends RubyObject {
HandshakeStatus handshakeStatus = engine.getHandshakeStatus();
boolean done = false;
SSLEngineResult res = null;
while (!done) {
switch (handshakeStatus) {
case NEED_WRAP:
doOp(SSLOperation.WRAP, inboundAppData, outboundNetData);
res = doOp(SSLOperation.WRAP, inboundAppData, outboundNetData);
break;
case NEED_UNWRAP:
SSLEngineResult res = doOp(SSLOperation.UNWRAP, inboundNetData, inboundAppData);
res = doOp(SSLOperation.UNWRAP, inboundNetData, inboundAppData);
if (res.getStatus() == Status.BUFFER_UNDERFLOW) {
// need more data before we can shake more hands
done = true;
@ -286,7 +298,9 @@ public class MiniSSL extends RubyObject {
default:
done = true;
}
handshakeStatus = engine.getHandshakeStatus();
if (!done) {
handshakeStatus = res.getHandshakeStatus();
}
}
if (inboundNetData.hasRemaining()) {
@ -360,4 +374,21 @@ public class MiniSSL extends RubyObject {
return getRuntime().getNil();
}
}
@JRubyMethod(name = "init?")
public IRubyObject isInit(ThreadContext context) {
return handshake ? getRuntime().getFalse() : getRuntime().getTrue();
}
@JRubyMethod
public IRubyObject shutdown() {
if (closed || engine.isInboundDone() && engine.isOutboundDone()) {
if (engine.isOutboundDone()) {
engine.closeOutbound();
}
return getRuntime().getTrue();
} else {
return getRuntime().getFalse();
}
}
}

View file

@ -197,6 +197,9 @@ module Puma
end
if IS_JRUBY
OPENSSL_NO_SSL3 = false
OPENSSL_NO_TLS1 = false
class SSLError < StandardError
# Define this for jruby even though it isn't used.
end

View file

@ -23,10 +23,17 @@ DISABLE_SSL = begin
Puma::MiniSSL.check
# net/http (loaded in helper) does not necessarily load OpenSSL
require "openssl" unless Object.const_defined? :OpenSSL
if Puma::IS_JRUBY
puts "", RUBY_DESCRIPTION, "RUBYOPT: #{ENV['RUBYOPT']}",
" OpenSSL",
"OPENSSL_LIBRARY_VERSION: #{OpenSSL::OPENSSL_LIBRARY_VERSION}",
" OPENSSL_VERSION: #{OpenSSL::OPENSSL_VERSION}", ""
else
puts "", RUBY_DESCRIPTION, "RUBYOPT: #{ENV['RUBYOPT']}",
" Puma::MiniSSL OpenSSL",
"OPENSSL_LIBRARY_VERSION: #{Puma::MiniSSL::OPENSSL_LIBRARY_VERSION.ljust 32}#{OpenSSL::OPENSSL_LIBRARY_VERSION}",
" OPENSSL_VERSION: #{Puma::MiniSSL::OPENSSL_VERSION.ljust 32}#{OpenSSL::OPENSSL_VERSION}", ""
end
rescue
true
else