Skip to content

Commit

Permalink
address comments and minor clean up
Browse files Browse the repository at this point in the history
  • Loading branch information
@ikhoon
ikhoon committed Sep 20, 2024
1 parent a7a519b commit 8b085a7
Show file tree
Hide file tree
Showing 9 changed files with 18 additions and 24 deletions.
14 changes: 4 additions & 10 deletions core/src/main/java/com/linecorp/armeria/client/Bootstraps.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
import com.linecorp.armeria.common.SessionProtocol;
import com.linecorp.armeria.common.annotation.Nullable;
import com.linecorp.armeria.internal.common.SslContextFactory;
import com.linecorp.armeria.internal.common.TlsProviderUtil.SslContextMode;
import com.linecorp.armeria.internal.common.SslContextFactory.SslContextMode;

import io.netty.bootstrap.Bootstrap;
import io.netty.channel.Channel;
Expand Down Expand Up @@ -98,11 +98,6 @@ private Bootstrap select(boolean isDomainSocket, SessionProtocol desiredProtocol
SerializationFormat serializationFormat) {
final Bootstrap[][] bootstraps = isDomainSocket ? unixBootstraps : inetBootstraps;
assert bootstraps != null;
return select(bootstraps, desiredProtocol, serializationFormat);
}

private static Bootstrap select(Bootstrap[][] bootstraps, SessionProtocol desiredProtocol,
SerializationFormat serializationFormat) {
return bootstraps[desiredProtocol.ordinal()][toIndex(serializationFormat)];
}

Expand Down Expand Up @@ -179,8 +174,8 @@ private SslContext newSslContext(SocketAddress remoteAddress, SessionProtocol de
}

final SslContextMode sslContextMode =
desiredProtocol.isExplicitHttp1() ? SslContextMode.CLIENT_HTTP1_ONLY
: SslContextMode.CLIENT;
desiredProtocol.isExplicitHttp1() ? SslContextFactory.SslContextMode.CLIENT_HTTP1_ONLY
: SslContextFactory.SslContextMode.CLIENT;
assert sslContextFactory != null;
return sslContextFactory.getOrCreate(sslContextMode, hostname);
}
Expand All @@ -195,8 +190,7 @@ void releaseSslContext(SslContext sslContext) {
}
}

private ChannelInitializer<Channel> clientChannelInitializer(SessionProtocol p,
SslContext sslCtx,
private ChannelInitializer<Channel> clientChannelInitializer(SessionProtocol p, SslContext sslCtx,
boolean webSocket, boolean closeSslContext) {
return new ChannelInitializer<Channel>() {
@Override
Expand Down
4 changes: 0 additions & 4 deletions core/src/main/java/com/linecorp/armeria/client/ClientFactoryBuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -417,8 +417,6 @@ public ClientFactoryBuilder tls(PrivateKey key, @Nullable String keyPassword,
@Override
public ClientFactoryBuilder tls(TlsKeyPair tlsKeyPair) {
requireNonNull(tlsKeyPair, "tlsKeyPair");
ensureNoTlsProvider();
staticTlsSettingsSet = true;
return tlsCustomizer(customizer -> customizer.keyManager(tlsKeyPair.privateKey(),
tlsKeyPair.certificateChain()));
}
Expand All @@ -429,8 +427,6 @@ public ClientFactoryBuilder tls(TlsKeyPair tlsKeyPair) {
@Override
public ClientFactoryBuilder tls(KeyManagerFactory keyManagerFactory) {
requireNonNull(keyManagerFactory, "keyManagerFactory");
ensureNoTlsProvider();
staticTlsSettingsSet = true;
return tlsCustomizer(customizer -> customizer.keyManager(keyManagerFactory));
}

Expand Down
2 changes: 2 additions & 0 deletions core/src/main/java/com/linecorp/armeria/client/ClientTlsConfigBuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,8 @@ public final class ClientTlsConfigBuilder extends AbstractTlsConfigBuilder<Clien
private boolean tlsNoVerifySet;
private final Set<String> insecureHosts = new HashSet<>();

ClientTlsConfigBuilder() {}

/**
* Disables the verification of server's TLS certificate chain. If you want to disable verification for
* only specific hosts, use {@link #tlsNoVerifyHosts(String...)}.
Expand Down
2 changes: 1 addition & 1 deletion core/src/main/java/com/linecorp/armeria/common/metric/CertificateMetrics.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ public void bindTo(MeterRegistry registry) {
final Instant notAfter = x509Cert.getNotAfter().toInstant();
final Duration diff =
Duration.between(Instant.now(), notAfter);
return diff.isNegative() ? -1 : diff.toDays();
return diff.toDays();
})
.description("Duration in days before TLS certificate expires, which becomes -1 " +
"if certificate is expired")
Expand Down
7 changes: 6 additions & 1 deletion core/src/main/java/com/linecorp/armeria/internal/common/SslContextFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,6 @@
import com.linecorp.armeria.common.metric.MeterIdPrefix;
import com.linecorp.armeria.common.metric.MoreMeterBinders;
import com.linecorp.armeria.common.util.TlsEngineType;
import com.linecorp.armeria.internal.common.TlsProviderUtil.SslContextMode;
import com.linecorp.armeria.internal.common.util.ReentrantShortLock;
import com.linecorp.armeria.server.ServerTlsConfig;

Expand Down Expand Up @@ -221,6 +220,12 @@ public int numCachedContexts() {
return cache.size();
}

public enum SslContextMode {
SERVER,
CLIENT_HTTP1_ONLY,
CLIENT
}

private static final class CacheKey {
private final SslContextMode mode;
@Nullable
Expand Down
6 changes: 0 additions & 6 deletions core/src/main/java/com/linecorp/armeria/internal/common/TlsProviderUtil.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,5 @@ private static boolean needsNormalization(String hostname) {
return false;
}

public enum SslContextMode {
SERVER,
CLIENT_HTTP1_ONLY,
CLIENT
}

private TlsProviderUtil() {}
}
2 changes: 2 additions & 0 deletions core/src/main/java/com/linecorp/armeria/server/ServerTlsConfigBuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,14 @@

import com.linecorp.armeria.common.AbstractTlsConfigBuilder;
import com.linecorp.armeria.common.TlsProvider;
import com.linecorp.armeria.common.annotation.UnstableApi;

import io.netty.handler.ssl.ClientAuth;

/**
* A builder class for creating a {@link TlsProvider} that provides server-side TLS.
*/
@UnstableApi
public final class ServerTlsConfigBuilder extends AbstractTlsConfigBuilder<ServerTlsConfigBuilder> {

private ClientAuth clientAuth = ClientAuth.NONE;
Expand Down
3 changes: 1 addition & 2 deletions core/src/main/java/com/linecorp/armeria/server/TlsProviderMapping.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@
import com.linecorp.armeria.common.util.TlsEngineType;
import com.linecorp.armeria.internal.common.SslContextFactory;
import com.linecorp.armeria.internal.common.TlsProviderUtil;
import com.linecorp.armeria.internal.common.TlsProviderUtil.SslContextMode;

import io.netty.handler.ssl.SslContext;
import io.netty.util.Mapping;
Expand All @@ -42,7 +41,7 @@ public SslContext map(@Nullable String hostname) {
} else {
hostname = TlsProviderUtil.normalizeHostname(hostname);
}
return sslContextFactory.getOrCreate(SslContextMode.SERVER, hostname);
return sslContextFactory.getOrCreate(SslContextFactory.SslContextMode.SERVER, hostname);
}

void release(SslContext sslContext) {
Expand Down
2 changes: 2 additions & 0 deletions .../main/java/com/linecorp/armeria/testing/junit5/server/SelfSignedCertificateExtension.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
import org.junit.jupiter.api.extension.ExtensionContext;

import com.linecorp.armeria.common.TlsKeyPair;
import com.linecorp.armeria.common.annotation.UnstableApi;
import com.linecorp.armeria.internal.testing.SelfSignedCertificateRuleDelegate;
import com.linecorp.armeria.testing.junit5.common.AbstractAllOrEachExtension;

Expand Down Expand Up @@ -149,6 +150,7 @@ public File privateKeyFile() {
/**
* Returns the {@link TlsKeyPair} of the self-signed certificate.
*/
@UnstableApi
public TlsKeyPair tlsKeyPair() {
return delegate.tlsKeyPair();
}
Expand Down

0 comments on commit 8b085a7

Please sign in to comment.