Issue #2135 - TLS on Android 8.1 workaround configuration for Direct ByteBuffer use

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2018-03-13 14:50:50 -05:00 · 2018-03-13 14:50:50 -05:00 · ea116028d4
parent 3001c8af2f
commit ea116028d4
3 changed files with 36 additions and 4 deletions
--- a/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslClientConnectionFactory.java
+++ b/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslClientConnectionFactory.java
@ -39,6 +39,8 @@ public class SslClientConnectionFactory implements ClientConnectionFactory
    private final ByteBufferPool byteBufferPool;
    private final Executor executor;
    private final ClientConnectionFactory connectionFactory;
+    private boolean _useDirectBuffersForEncryption = false;
+    private boolean _useDirectBuffersForDecryption = false;

    public SslClientConnectionFactory(SslContextFactory sslContextFactory, ByteBufferPool byteBufferPool, Executor executor, ClientConnectionFactory connectionFactory)
    {
@ -48,6 +50,16 @@ public class SslClientConnectionFactory implements ClientConnectionFactory
        this.connectionFactory = connectionFactory;
    }

+    public void setDirectBuffersForEncryption(boolean useDirectBuffers)
+    {
+        this._useDirectBuffersForEncryption = useDirectBuffers;
+    }
+
+    public void setDirectBuffersForDecryption(boolean useDirectBuffers)
+    {
+        this._useDirectBuffersForDecryption = useDirectBuffers;
+    }
+
    @Override
    public org.eclipse.jetty.io.Connection newConnection(EndPoint endPoint, Map<String, Object> context) throws IOException
    {
@ -68,6 +80,6 @@ public class SslClientConnectionFactory implements ClientConnectionFactory

    protected SslConnection newSslConnection(ByteBufferPool byteBufferPool, Executor executor, EndPoint endPoint, SSLEngine engine)
    {
-        return new SslConnection(byteBufferPool, executor, endPoint, engine);
+        return new SslConnection(byteBufferPool, executor, endPoint, engine, _useDirectBuffersForEncryption, _useDirectBuffersForDecryption);
    }
 }
--- a/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java
+++ b/jetty-io/src/main/java/org/eclipse/jetty/io/ssl/SslConnection.java
@ -88,8 +88,8 @@ public class SslConnection extends AbstractConnection
    private ByteBuffer _decryptedInput;
    private ByteBuffer _encryptedInput;
    private ByteBuffer _encryptedOutput;
-    private final boolean _encryptedDirectBuffers = false;
-    private final boolean _decryptedDirectBuffers = false;
+    private final boolean _encryptedDirectBuffers;
+    private final boolean _decryptedDirectBuffers;
    private final Runnable _runCompletWrite = new Runnable()
    {
        @Override
@ -101,6 +101,12 @@ public class SslConnection extends AbstractConnection
    private boolean _renegotiationAllowed;

    public SslConnection(ByteBufferPool byteBufferPool, Executor executor, EndPoint endPoint, SSLEngine sslEngine)
+    {
+        this(byteBufferPool, executor, endPoint, sslEngine, false, false);
+    }
+
+    public SslConnection(ByteBufferPool byteBufferPool, Executor executor, EndPoint endPoint, SSLEngine sslEngine,
+                         boolean useDirectBuffersForEncryption, boolean useDirectBuffersForDecryption)
    {
        // This connection does not execute calls to onfillable, so they will be called by the selector thread.
        // onfillable does not block and will only wakeup another thread to do the actual reading and handling.
@ -108,6 +114,8 @@ public class SslConnection extends AbstractConnection
        this._bufferPool = byteBufferPool;
        this._sslEngine = sslEngine;
        this._decryptedEndPoint = newDecryptedEndPoint();
+        this._encryptedDirectBuffers = useDirectBuffersForEncryption;
+        this._decryptedDirectBuffers = useDirectBuffersForDecryption;
    }

    protected DecryptedEndPoint newDecryptedEndPoint()
--- a/jetty-server/src/main/java/org/eclipse/jetty/server/SslConnectionFactory.java
+++ b/jetty-server/src/main/java/org/eclipse/jetty/server/SslConnectionFactory.java
@ -34,6 +34,8 @@ public class SslConnectionFactory extends AbstractConnectionFactory
 {
    private final SslContextFactory _sslContextFactory;
    private final String _nextProtocol;
+    private boolean _useDirectBuffersForEncryption = false;
+    private boolean _useDirectBuffersForDecryption = false;

    public SslConnectionFactory()
    {
@ -58,6 +60,16 @@ public class SslConnectionFactory extends AbstractConnectionFactory
        return _sslContextFactory;
    }

+    public void setDirectBuffersForEncryption(boolean useDirectBuffers)
+    {
+        this._useDirectBuffersForEncryption = useDirectBuffers;
+    }
+
+    public void setDirectBuffersForDecryption(boolean useDirectBuffers)
+    {
+        this._useDirectBuffersForDecryption = useDirectBuffers;
+    }
+
    @Override
    protected void doStart() throws Exception
    {
@ -91,7 +103,7 @@ public class SslConnectionFactory extends AbstractConnectionFactory

    protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine)
    {
-        return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine);
+        return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, _useDirectBuffersForEncryption, _useDirectBuffersForDecryption);
    }

    @Override