This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 9.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push: new 8d2fd94 Add support for ALPN on Java 8 8d2fd94 is described below commit 8d2fd94055fa1c8b930264245571d768782876ac Author: remm <r...@apache.org> AuthorDate: Fri May 8 18:36:10 2020 +0200 Add support for ALPN on Java 8 HTTP/2 with a browser does work for me now. --- java/org/apache/tomcat/util/compat/Jre9Compat.java | 31 ---------------- java/org/apache/tomcat/util/compat/JreCompat.java | 41 ++++++++++++++++++++-- .../tomcat/util/net/AbstractJsseEndpoint.java | 2 +- .../apache/tomcat/util/net/SecureNio2Channel.java | 2 +- .../apache/tomcat/util/net/SecureNioChannel.java | 2 +- .../tomcat/util/net/jsse/JSSEImplementation.java | 2 +- webapps/docs/changelog.xml | 7 ++++ 7 files changed, 50 insertions(+), 37 deletions(-) diff --git a/java/org/apache/tomcat/util/compat/Jre9Compat.java b/java/org/apache/tomcat/util/compat/Jre9Compat.java index 29fef06..8e0812c 100644 --- a/java/org/apache/tomcat/util/compat/Jre9Compat.java +++ b/java/org/apache/tomcat/util/compat/Jre9Compat.java @@ -31,9 +31,6 @@ import java.util.Set; import java.util.jar.JarFile; import java.util.zip.ZipFile; -import javax.net.ssl.SSLEngine; -import javax.net.ssl.SSLParameters; - import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; import org.apache.tomcat.util.res.StringManager; @@ -44,8 +41,6 @@ class Jre9Compat extends JreCompat { private static final StringManager sm = StringManager.getManager(Jre9Compat.class); private static final Class<?> inaccessibleObjectExceptionClazz; - private static final Method setApplicationProtocolsMethod; - private static final Method getApplicationProtocolMethod; private static final Method setDefaultUseCachesMethod; private static final Method bootMethod; private static final Method configurationMethod; @@ -64,8 +59,6 @@ class Jre9Compat extends JreCompat { static { Class<?> c1 = null; - Method m2 = null; - Method m3 = null; Method m4 = null; Method m5 = null; Method m6 = null; @@ -96,8 +89,6 @@ class Jre9Compat extends JreCompat { Method runtimeVersionMethod = JarFile.class.getMethod("runtimeVersion"); Method majorMethod = versionClazz.getMethod("major"); - m2 = SSLParameters.class.getMethod("setApplicationProtocols", String[].class); - m3 = SSLEngine.class.getMethod("getApplicationProtocol"); m4 = URLConnection.class.getMethod("setDefaultUseCaches", String.class, boolean.class); m5 = moduleLayerClazz.getMethod("boot"); m6 = moduleLayerClazz.getMethod("configuration"); @@ -129,8 +120,6 @@ class Jre9Compat extends JreCompat { } inaccessibleObjectExceptionClazz = c1; - setApplicationProtocolsMethod = m2; - getApplicationProtocolMethod = m3; setDefaultUseCachesMethod = m4; bootMethod = m5; configurationMethod = m6; @@ -172,26 +161,6 @@ class Jre9Compat extends JreCompat { @Override - public void setApplicationProtocols(SSLParameters sslParameters, String[] protocols) { - try { - setApplicationProtocolsMethod.invoke(sslParameters, (Object) protocols); - } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { - throw new UnsupportedOperationException(e); - } - } - - - @Override - public String getApplicationProtocol(SSLEngine sslEngine) { - try { - return (String) getApplicationProtocolMethod.invoke(sslEngine); - } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { - throw new UnsupportedOperationException(e); - } - } - - - @Override public void disableCachingForJarUrlConnections() throws IOException { try { setDefaultUseCachesMethod.invoke(null, "JAR", Boolean.FALSE); diff --git a/java/org/apache/tomcat/util/compat/JreCompat.java b/java/org/apache/tomcat/util/compat/JreCompat.java index 2ad6cae..8275e60 100644 --- a/java/org/apache/tomcat/util/compat/JreCompat.java +++ b/java/org/apache/tomcat/util/compat/JreCompat.java @@ -19,6 +19,8 @@ package org.apache.tomcat.util.compat; import java.io.File; import java.io.IOException; import java.lang.reflect.AccessibleObject; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; import java.net.URL; import java.net.URLConnection; import java.util.Deque; @@ -44,6 +46,9 @@ public class JreCompat { private static final boolean jre9Available; private static final StringManager sm = StringManager.getManager(JreCompat.class); + protected static final Method setApplicationProtocolsMethod; + protected static final Method getApplicationProtocolMethod; + static { // This is Tomcat 9 with a minimum Java version of Java 8. // Look for the highest supported JVM first @@ -61,6 +66,17 @@ public class JreCompat { jre9Available = false; } jre11Available = instance.jarFileRuntimeMajorVersion() >= 11; + + Method m1 = null; + Method m2 = null; + try { + m1 = SSLParameters.class.getMethod("setApplicationProtocols", String[].class); + m2 = SSLEngine.class.getMethod("getApplicationProtocol"); + } catch (ReflectiveOperationException | IllegalArgumentException e) { + // Only the newest Java 8 have the ALPN API, so ignore + } + setApplicationProtocolsMethod = m1; + getApplicationProtocolMethod = m2; } @@ -74,6 +90,11 @@ public class JreCompat { } + public static boolean isAlpnSupported() { + return setApplicationProtocolsMethod != null && getApplicationProtocolMethod != null; + } + + public static boolean isJre9Available() { return jre9Available; } @@ -109,7 +130,15 @@ public class JreCompat { * connection */ public void setApplicationProtocols(SSLParameters sslParameters, String[] protocols) { - throw new UnsupportedOperationException(sm.getString("jreCompat.noApplicationProtocols")); + if (setApplicationProtocolsMethod != null) { + try { + setApplicationProtocolsMethod.invoke(sslParameters, (Object) protocols); + } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + throw new UnsupportedOperationException(e); + } + } else { + throw new UnsupportedOperationException(sm.getString("jreCompat.noApplicationProtocols")); + } } @@ -123,7 +152,15 @@ public class JreCompat { * @return The name of the negotiated protocol */ public String getApplicationProtocol(SSLEngine sslEngine) { - throw new UnsupportedOperationException(sm.getString("jreCompat.noApplicationProtocol")); + if (getApplicationProtocolMethod != null) { + try { + return (String) getApplicationProtocolMethod.invoke(sslEngine); + } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + throw new UnsupportedOperationException(e); + } + } else { + throw new UnsupportedOperationException(sm.getString("jreCompat.noApplicationProtocol")); + } } diff --git a/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java b/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java index 3ab42f7..d43ea54 100644 --- a/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java +++ b/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java @@ -123,7 +123,7 @@ public abstract class AbstractJsseEndpoint<S,U> extends AbstractEndpoint<S,U> { SSLParameters sslParameters = engine.getSSLParameters(); sslParameters.setUseCipherSuitesOrder(sslHostConfig.getHonorCipherOrder()); - if (JreCompat.isJre9Available() && clientRequestedApplicationProtocols != null + if (JreCompat.isAlpnSupported() && clientRequestedApplicationProtocols != null && clientRequestedApplicationProtocols.size() > 0 && negotiableProtocols.size() > 0) { // Only try to negotiate if both client and server have at least diff --git a/java/org/apache/tomcat/util/net/SecureNio2Channel.java b/java/org/apache/tomcat/util/net/SecureNio2Channel.java index d3a0b73..394837c 100644 --- a/java/org/apache/tomcat/util/net/SecureNio2Channel.java +++ b/java/org/apache/tomcat/util/net/SecureNio2Channel.java @@ -245,7 +245,7 @@ public class SecureNio2Channel extends Nio2Channel { if (sslEngine instanceof SSLUtil.ProtocolInfo) { socketWrapper.setNegotiatedProtocol( ((SSLUtil.ProtocolInfo) sslEngine).getNegotiatedProtocol()); - } else if (JreCompat.isJre9Available()) { + } else if (JreCompat.isAlpnSupported()) { socketWrapper.setNegotiatedProtocol( JreCompat.getInstance().getApplicationProtocol(sslEngine)); } diff --git a/java/org/apache/tomcat/util/net/SecureNioChannel.java b/java/org/apache/tomcat/util/net/SecureNioChannel.java index 1bd143f..820b736 100644 --- a/java/org/apache/tomcat/util/net/SecureNioChannel.java +++ b/java/org/apache/tomcat/util/net/SecureNioChannel.java @@ -196,7 +196,7 @@ public class SecureNioChannel extends NioChannel { if (sslEngine instanceof SSLUtil.ProtocolInfo) { socketWrapper.setNegotiatedProtocol( ((SSLUtil.ProtocolInfo) sslEngine).getNegotiatedProtocol()); - } else if (JreCompat.isJre9Available()) { + } else if (JreCompat.isAlpnSupported()) { socketWrapper.setNegotiatedProtocol( JreCompat.getInstance().getApplicationProtocol(sslEngine)); } diff --git a/java/org/apache/tomcat/util/net/jsse/JSSEImplementation.java b/java/org/apache/tomcat/util/net/jsse/JSSEImplementation.java index 561dc3d..1c1eae8 100644 --- a/java/org/apache/tomcat/util/net/jsse/JSSEImplementation.java +++ b/java/org/apache/tomcat/util/net/jsse/JSSEImplementation.java @@ -52,6 +52,6 @@ public class JSSEImplementation extends SSLImplementation { @Override public boolean isAlpnSupported() { - return JreCompat.isJre9Available(); + return JreCompat.isAlpnSupported(); } } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index b36da54..55646c5 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -45,6 +45,13 @@ issues do not "pop up" wrt. others). --> <section name="Tomcat 9.0.36 (markt)" rtext="in development"> + <subsection name="Coyote"> + <changelog> + <update> + Add support for ALPN on recent OpenJDK 8 releases. (remm) + </update> + </changelog> + </subsection> </section> <section name="Tomcat 9.0.35 (markt)" rtext="release in progress"> <subsection name="Catalina"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org