From f7b8e27b5f55c4a21cf84fb56a616b8bfd4af8da Mon Sep 17 00:00:00 2001

From: Michael Simacek <msimacek@redhat.com>

Date: Fri, 7 Jul 2017 16:07:23 +0200

Subject: [PATCH 2/3] Remove NPN

---

 handler/pom.xml                                    |   5 -

 .../ssl/JdkNpnApplicationProtocolNegotiator.java   | 120 --------------------

 .../java/io/netty/handler/ssl/JdkSslContext.java   |  30 -----

 .../io/netty/handler/ssl/JettyNpnSslEngine.java    | 122 ---------------------

 .../io/netty/handler/ssl/JdkSslEngineTest.java     |   2 +-

 5 files changed, 1 insertion(+), 278 deletions(-)

 delete mode 100644 handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java

 delete mode 100644 handler/src/main/java/io/netty/handler/ssl/JettyNpnSslEngine.java

diff --git a/handler/pom.xml b/handler/pom.xml

index d0ed1bc..52e63ca 100644

--- a/handler/pom.xml

+++ b/handler/pom.xml

@@ -55,11 +55,6 @@

       <optional>true</optional>

     </dependency>

     <dependency>

-      <groupId>org.eclipse.jetty.npn</groupId>

-      <artifactId>npn-api</artifactId>

-      <optional>true</optional>

-    </dependency>

-    <dependency>

       <groupId>org.eclipse.jetty.alpn</groupId>

       <artifactId>alpn-api</artifactId>

       <optional>true</optional>

diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java b/handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java

deleted file mode 100644

index 06b29b7..0000000

--- a/handler/src/main/java/io/netty/handler/ssl/JdkNpnApplicationProtocolNegotiator.java

+++ /dev/null

@@ -1,120 +0,0 @@

-/*

- * Copyright 2014 The Netty Project

- *

- * The Netty Project licenses this file to you under the Apache License,

- * version 2.0 (the "License"); you may not use this file except in compliance

- * with the License. You may obtain a copy of the License at:

- *

- *   http://www.apache.org/licenses/LICENSE-2.0

- *

- * Unless required by applicable law or agreed to in writing, software

- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT

- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the

- * License for the specific language governing permissions and limitations

- * under the License.

- */

-package io.netty.handler.ssl;

-

-import javax.net.ssl.SSLEngine;

-

-/**

- * The {@link JdkApplicationProtocolNegotiator} to use if you need NPN and are using {@link SslProvider#JDK}.

- */

-public final class JdkNpnApplicationProtocolNegotiator extends JdkBaseApplicationProtocolNegotiator {

-    private static final SslEngineWrapperFactory NPN_WRAPPER = new SslEngineWrapperFactory() {

-        {

-            if (!JettyNpnSslEngine.isAvailable()) {

-                throw new RuntimeException("NPN unsupported. Is your classpath configured correctly?"

-                        + " See https://wiki.eclipse.org/Jetty/Feature/NPN");

-            }

-        }

-

-        @Override

-        public SSLEngine wrapSslEngine(SSLEngine engine, JdkApplicationProtocolNegotiator applicationNegotiator,

-                boolean isServer) {

-            return new JettyNpnSslEngine(engine, applicationNegotiator, isServer);

-        }

-    };

-

-    /**

-     * Create a new instance.

-     * @param protocols The order of iteration determines the preference of support for protocols.

-     */

-    public JdkNpnApplicationProtocolNegotiator(Iterable<String> protocols) {

-        this(false, protocols);

-    }

-

-    /**

-     * Create a new instance.

-     * @param protocols The order of iteration determines the preference of support for protocols.

-     */

-    public JdkNpnApplicationProtocolNegotiator(String... protocols) {

-        this(false, protocols);

-    }

-

-    /**

-     * Create a new instance.

-     * @param failIfNoCommonProtocols Fail with a fatal alert if not common protocols are detected.

-     * @param protocols The order of iteration determines the preference of support for protocols.

-     */

-    public JdkNpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, Iterable<String> protocols) {

-        this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);

-    }

-

-    /**

-     * Create a new instance.

-     * @param failIfNoCommonProtocols Fail with a fatal alert if not common protocols are detected.

-     * @param protocols The order of iteration determines the preference of support for protocols.

-     */

-    public JdkNpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, String... protocols) {

-        this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);

-    }

-

-    /**

-     * Create a new instance.

-     * @param clientFailIfNoCommonProtocols Client side fail with a fatal alert if not common protocols are detected.

-     * @param serverFailIfNoCommonProtocols Server side fail with a fatal alert if not common protocols are detected.

-     * @param protocols The order of iteration determines the preference of support for protocols.

-     */

-    public JdkNpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,

-            boolean serverFailIfNoCommonProtocols, Iterable<String> protocols) {

-        this(clientFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,

-                serverFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,

-                protocols);

-    }

-

-    /**

-     * Create a new instance.

-     * @param clientFailIfNoCommonProtocols Client side fail with a fatal alert if not common protocols are detected.

-     * @param serverFailIfNoCommonProtocols Server side fail with a fatal alert if not common protocols are detected.

-     * @param protocols The order of iteration determines the preference of support for protocols.

-     */

-    public JdkNpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,

-            boolean serverFailIfNoCommonProtocols, String... protocols) {

-        this(clientFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,

-                serverFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,

-                protocols);

-    }

-

-    /**

-     * Create a new instance.

-     * @param selectorFactory The factory which provides classes responsible for selecting the protocol.

-     * @param listenerFactory The factory which provides to be notified of which protocol was selected.

-     * @param protocols The order of iteration determines the preference of support for protocols.

-     */

-    public JdkNpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,

-            ProtocolSelectionListenerFactory listenerFactory, Iterable<String> protocols) {

-        super(NPN_WRAPPER, selectorFactory, listenerFactory, protocols);

-    }

-

-    /**

-     * Create a new instance.

-     * @param selectorFactory The factory which provides classes responsible for selecting the protocol.

-     * @param listenerFactory The factory which provides to be notified of which protocol was selected.

-     * @param protocols The order of iteration determines the preference of support for protocols.

-     */

-    public JdkNpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,

-            ProtocolSelectionListenerFactory listenerFactory, String... protocols) {

-        super(NPN_WRAPPER, selectorFactory, listenerFactory, protocols);

-    }

-}

diff --git a/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java b/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java

index 0ad6639..d5b86ff 100644

--- a/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java

+++ b/handler/src/main/java/io/netty/handler/ssl/JdkSslContext.java

@@ -288,47 +288,17 @@ public class JdkSslContext extends SslContext {

         case ALPN:

             if (isServer) {

                 switch(config.selectorFailureBehavior()) {

-                case FATAL_ALERT:

-                    return new JdkAlpnApplicationProtocolNegotiator(true, config.supportedProtocols());

-                case NO_ADVERTISE:

-                    return new JdkAlpnApplicationProtocolNegotiator(false, config.supportedProtocols());

                 default:

                     throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")

                     .append(config.selectorFailureBehavior()).append(" failure behavior").toString());

                 }

             } else {

                 switch(config.selectedListenerFailureBehavior()) {

-                case ACCEPT:

-                    return new JdkAlpnApplicationProtocolNegotiator(false, config.supportedProtocols());

-                case FATAL_ALERT:

-                    return new JdkAlpnApplicationProtocolNegotiator(true, config.supportedProtocols());

                 default:

                     throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")

                     .append(config.selectedListenerFailureBehavior()).append(" failure behavior").toString());

                 }

             }

-        case NPN:

-            if (isServer) {

-                switch(config.selectedListenerFailureBehavior()) {

-                case ACCEPT:

-                    return new JdkNpnApplicationProtocolNegotiator(false, config.supportedProtocols());

-                case FATAL_ALERT:

-                    return new JdkNpnApplicationProtocolNegotiator(true, config.supportedProtocols());

-                default:

-                    throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")

-                    .append(config.selectedListenerFailureBehavior()).append(" failure behavior").toString());

-                }

-            } else {

-                switch(config.selectorFailureBehavior()) {

-                case FATAL_ALERT:

-                    return new JdkNpnApplicationProtocolNegotiator(true, config.supportedProtocols());

-                case NO_ADVERTISE:

-                    return new JdkNpnApplicationProtocolNegotiator(false, config.supportedProtocols());

-                default:

-                    throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")

-                    .append(config.selectorFailureBehavior()).append(" failure behavior").toString());

-                }

-            }

         default:

             throw new UnsupportedOperationException(new StringBuilder("JDK provider does not support ")

             .append(config.protocol()).append(" protocol").toString());

diff --git a/handler/src/main/java/io/netty/handler/ssl/JettyNpnSslEngine.java b/handler/src/main/java/io/netty/handler/ssl/JettyNpnSslEngine.java

deleted file mode 100644

index 77e7366..0000000

--- a/handler/src/main/java/io/netty/handler/ssl/JettyNpnSslEngine.java

+++ /dev/null

@@ -1,122 +0,0 @@

-/*

- * Copyright 2014 The Netty Project

- *

- * The Netty Project licenses this file to you under the Apache License,

- * version 2.0 (the "License"); you may not use this file except in compliance

- * with the License. You may obtain a copy of the License at:

- *

- *   http://www.apache.org/licenses/LICENSE-2.0

- *

- * Unless required by applicable law or agreed to in writing, software

- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT

- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the

- * License for the specific language governing permissions and limitations

- * under the License.

- */

-

-package io.netty.handler.ssl;

-

-import static io.netty.util.internal.ObjectUtil.checkNotNull;

-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelectionListener;

-import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelector;

-import io.netty.util.internal.PlatformDependent;

-

-import java.util.LinkedHashSet;

-import java.util.List;

-

-import javax.net.ssl.SSLEngine;

-import javax.net.ssl.SSLException;

-

-import org.eclipse.jetty.npn.NextProtoNego;

-import org.eclipse.jetty.npn.NextProtoNego.ClientProvider;

-import org.eclipse.jetty.npn.NextProtoNego.ServerProvider;

-

-final class JettyNpnSslEngine extends JdkSslEngine {

-    private static boolean available;

-

-    static boolean isAvailable() {

-        updateAvailability();

-        return available;

-    }

-

-    private static void updateAvailability() {

-        if (available) {

-            return;

-        }

-        try {

-            // Always use bootstrap class loader.

-            Class.forName("sun.security.ssl.NextProtoNegoExtension", true, null);

-            available = true;

-        } catch (Exception ignore) {

-            // npn-boot was not loaded.

-        }

-    }

-

-    JettyNpnSslEngine(SSLEngine engine, final JdkApplicationProtocolNegotiator applicationNegotiator, boolean server) {

-        super(engine);

-        checkNotNull(applicationNegotiator, "applicationNegotiator");

-

-        if (server) {

-            final ProtocolSelectionListener protocolListener = checkNotNull(applicationNegotiator

-                    .protocolListenerFactory().newListener(this, applicationNegotiator.protocols()),

-                    "protocolListener");

-            NextProtoNego.put(engine, new ServerProvider() {

-                @Override

-                public void unsupported() {

-                    protocolListener.unsupported();

-                }

-

-                @Override

-                public List<String> protocols() {

-                    return applicationNegotiator.protocols();

-                }

-

-                @Override

-                public void protocolSelected(String protocol) {

-                    try {

-                        protocolListener.selected(protocol);

-                    } catch (Throwable t) {

-                        PlatformDependent.throwException(t);

-                    }

-                }

-            });

-        } else {

-            final ProtocolSelector protocolSelector = checkNotNull(applicationNegotiator.protocolSelectorFactory()

-                    .newSelector(this, new LinkedHashSet<String>(applicationNegotiator.protocols())),

-                    "protocolSelector");

-            NextProtoNego.put(engine, new ClientProvider() {

-                @Override

-                public boolean supports() {

-                    return true;

-                }

-

-                @Override

-                public void unsupported() {

-                    protocolSelector.unsupported();

-                }

-

-                @Override

-                public String selectProtocol(List<String> protocols) {

-                    try {

-                        return protocolSelector.select(protocols);

-                    } catch (Throwable t) {

-                        PlatformDependent.throwException(t);

-                        return null;

-                    }

-                }

-            });

-        }

-    }

-

-    @Override

-    public void closeInbound() throws SSLException {

-        NextProtoNego.remove(getWrappedEngine());

-        super.closeInbound();

-    }

-

-    @Override

-    public void closeOutbound() {

-        NextProtoNego.remove(getWrappedEngine());

-        super.closeOutbound();

-    }

-}

diff --git a/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java b/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java

index d6cd94d..4489b16 100644

--- a/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java

+++ b/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java

@@ -46,7 +46,7 @@ public class JdkSslEngineTest extends SSLEngineTest {

         NPN_DEFAULT {

             @Override

             boolean isAvailable() {

-                return JettyNpnSslEngine.isAvailable();

+                return false;

             }

             @Override

-- 

2.9.4