This is an automated email from the ASF dual-hosted git repository. bhaisaab pushed a commit to branch debian9-systemvmtemplate in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 021b6c5262cc0f0826be27be6a59d66bf4b4f37c Author: Rohit Yadav <rohit.ya...@shapeblue.com> AuthorDate: Thu Nov 30 16:51:48 2017 +0530 fix nio regression Signed-off-by: Rohit Yadav <rohit.ya...@shapeblue.com> --- .../cloud/agent/manager/ClusteredAgentManagerImpl.java | 2 +- utils/src/main/java/com/cloud/utils/nio/Link.java | 15 +++++++++------ utils/src/main/java/com/cloud/utils/nio/NioClient.java | 2 +- .../src/main/java/com/cloud/utils/nio/NioConnection.java | 2 +- 4 files changed, 12 insertions(+), 9 deletions(-) diff --git a/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java b/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java index 2ebfeb5..0b9899e 100644 --- a/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java +++ b/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java @@ -519,7 +519,7 @@ public class ClusteredAgentManagerImpl extends AgentManagerImpl implements Clust sslEngine.setUseClientMode(true); sslEngine.setEnabledProtocols(SSLUtils.getSupportedProtocols(sslEngine.getEnabledProtocols())); sslEngine.beginHandshake(); - if (!Link.doHandshake(ch1, sslEngine, true)) { + if (!Link.doHandshake(ch1, sslEngine)) { ch1.close(); throw new IOException(String.format("SSL: Handshake failed with peer management server '%s' on %s:%d ", peerName, ip, port)); } diff --git a/utils/src/main/java/com/cloud/utils/nio/Link.java b/utils/src/main/java/com/cloud/utils/nio/Link.java index 8f1b811..ee09f8c 100644 --- a/utils/src/main/java/com/cloud/utils/nio/Link.java +++ b/utils/src/main/java/com/cloud/utils/nio/Link.java @@ -32,6 +32,8 @@ import java.security.GeneralSecurityException; import java.security.KeyStore; import java.security.SecureRandom; import java.util.concurrent.ConcurrentLinkedQueue; +import java.util.concurrent.Executor; +import java.util.concurrent.Executors; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; @@ -462,7 +464,7 @@ public class Link { return buffer; } - public static ByteBuffer handleBufferUnderflow(final SSLEngine engine, ByteBuffer buffer) { + public static ByteBuffer handleBufferUnderflow(final SSLEngine engine, final ByteBuffer buffer) { if (engine == null || buffer == null) { return buffer; } @@ -503,7 +505,7 @@ public class Link { s_logger.error(String.format("SSL error caught during unwrap data: %s, for local address=%s, remote address=%s. The client may have invalid ca-certificates.", sslException.getMessage(), socketChannel.getLocalAddress(), socketChannel.getRemoteAddress())); sslEngine.closeOutbound(); - return false; + return true; } switch (result.getStatus()) { case OK: @@ -522,8 +524,8 @@ public class Link { return false; } else { sslEngine.closeOutbound(); - break; } + break; default: throw new IllegalStateException("Invalid SSL status: " + result.getStatus()); } @@ -545,7 +547,7 @@ public class Link { s_logger.error(String.format("SSL error caught during wrap data: %s, for local address=%s, remote address=%s.", sslException.getMessage(), socketChannel.getLocalAddress(), socketChannel.getRemoteAddress())); sslEngine.closeOutbound(); - return false; + return true; } switch (result.getStatus()) { case OK : @@ -582,7 +584,7 @@ public class Link { return true; } - public static boolean doHandshake(final SocketChannel socketChannel, final SSLEngine sslEngine, final boolean isClient) throws IOException { + public static boolean doHandshake(final SocketChannel socketChannel, final SSLEngine sslEngine) throws IOException { if (socketChannel == null || sslEngine == null) { return false; } @@ -593,6 +595,7 @@ public class Link { ByteBuffer myNetData = ByteBuffer.allocate(netBufferSize); ByteBuffer peerNetData = ByteBuffer.allocate(netBufferSize); + final Executor executor = Executors.newSingleThreadExecutor(); final long startTimeMills = System.currentTimeMillis(); HandshakeStatus handshakeStatus = sslEngine.getHandshakeStatus(); @@ -621,7 +624,7 @@ public class Link { if (s_logger.isTraceEnabled()) { s_logger.trace("SSL: Running delegated task!"); } - task.run(); + executor.execute(task); } break; case FINISHED: diff --git a/utils/src/main/java/com/cloud/utils/nio/NioClient.java b/utils/src/main/java/com/cloud/utils/nio/NioClient.java index 1c29b0c..d4a1e02 100644 --- a/utils/src/main/java/com/cloud/utils/nio/NioClient.java +++ b/utils/src/main/java/com/cloud/utils/nio/NioClient.java @@ -61,7 +61,7 @@ public class NioClient extends NioConnection { sslEngine.setUseClientMode(true); sslEngine.setEnabledProtocols(SSLUtils.getSupportedProtocols(sslEngine.getEnabledProtocols())); sslEngine.beginHandshake(); - if (!Link.doHandshake(_clientConnection, sslEngine, true)) { + if (!Link.doHandshake(_clientConnection, sslEngine)) { s_logger.error("SSL Handshake failed while connecting to host: " + _host + " port: " + _port); _selector.close(); throw new IOException("SSL Handshake failed while connecting to host: " + _host + " port: " + _port); diff --git a/utils/src/main/java/com/cloud/utils/nio/NioConnection.java b/utils/src/main/java/com/cloud/utils/nio/NioConnection.java index 30000cf..9a5bf7e 100644 --- a/utils/src/main/java/com/cloud/utils/nio/NioConnection.java +++ b/utils/src/main/java/com/cloud/utils/nio/NioConnection.java @@ -213,7 +213,7 @@ public abstract class NioConnection implements Callable<Boolean> { _selector.wakeup(); try { sslEngine.beginHandshake(); - if (!Link.doHandshake(socketChannel, sslEngine, false)) { + if (!Link.doHandshake(socketChannel, sslEngine)) { throw new IOException("SSL handshake timed out with " + socketChannel.getRemoteAddress()); } if (s_logger.isTraceEnabled()) { -- To stop receiving notification emails like this one, please contact "commits@cloudstack.apache.org" <commits@cloudstack.apache.org>.