From c48610b890fe820eda08bf3c1ea682831401eb62 Mon Sep 17 00:00:00 2001 From: Eric Anderson Date: Mon, 5 Jun 2017 12:35:04 -0700 Subject: [PATCH] netty: Eagerly create SslContext Creating the SslContext can throw, generally due to broken ALPN. We want that to propagate to the caller of build(), instead of within the channel where it could easily cause hangs. We still delay creation until actual build() time, since TLS is not guaranteed to work and the application may be configuring plaintext or similar later before calling build() where SslContext is unnecessary. The only externally-visible change should be the exception handling. I'd add a test, but the things throwing are static and trying to inject them would be pretty messy. Fixes #2599 --- .../java/io/grpc/netty/NettyChannelBuilder.java | 14 +++++++------- .../io/grpc/netty/NettyChannelBuilderTest.java | 13 ++++--------- 2 files changed, 11 insertions(+), 16 deletions(-) diff --git a/netty/src/main/java/io/grpc/netty/NettyChannelBuilder.java b/netty/src/main/java/io/grpc/netty/NettyChannelBuilder.java index 3bba2620cb..18770a8e37 100644 --- a/netty/src/main/java/io/grpc/netty/NettyChannelBuilder.java +++ b/netty/src/main/java/io/grpc/netty/NettyChannelBuilder.java @@ -381,13 +381,6 @@ public final class NettyChannelBuilder case PLAINTEXT_UPGRADE: return ProtocolNegotiators.plaintextUpgrade(); case TLS: - if (sslContext == null) { - try { - sslContext = GrpcSslContexts.forClient().build(); - } catch (SSLException ex) { - throw new RuntimeException(ex); - } - } return ProtocolNegotiators.tls(sslContext, authority); default: throw new IllegalArgumentException("Unsupported negotiationType: " + negotiationType); @@ -459,6 +452,13 @@ public final class NettyChannelBuilder this.channelType = channelType; this.negotiationType = negotiationType; this.channelOptions = new HashMap, Object>(channelOptions); + if (negotiationType == NegotiationType.TLS && sslContext == null) { + try { + sslContext = GrpcSslContexts.forClient().build(); + } catch (SSLException ex) { + throw new RuntimeException(ex); + } + } this.sslContext = sslContext; if (transportCreationParamsFilterFactory == null) { diff --git a/netty/src/test/java/io/grpc/netty/NettyChannelBuilderTest.java b/netty/src/test/java/io/grpc/netty/NettyChannelBuilderTest.java index 1942105d84..79fd2322b8 100644 --- a/netty/src/test/java/io/grpc/netty/NettyChannelBuilderTest.java +++ b/netty/src/test/java/io/grpc/netty/NettyChannelBuilderTest.java @@ -143,16 +143,11 @@ public class NettyChannelBuilderTest { @Test public void createProtocolNegotiator_tlsWithNoContext() { - ProtocolNegotiator negotiator = NettyChannelBuilder.createProtocolNegotiator( + thrown.expect(NullPointerException.class); + NettyChannelBuilder.createProtocolNegotiator( "authority:1234", NegotiationType.TLS, noSslContext); - - assertTrue(negotiator instanceof ProtocolNegotiators.TlsNegotiator); - ProtocolNegotiators.TlsNegotiator n = (TlsNegotiator) negotiator; - - assertEquals("authority", n.getHost()); - assertEquals(1234, n.getPort()); } @Test @@ -170,11 +165,11 @@ public class NettyChannelBuilderTest { } @Test - public void createProtocolNegotiator_tlsWithAuthorityFallback() { + public void createProtocolNegotiator_tlsWithAuthorityFallback() throws SSLException { ProtocolNegotiator negotiator = NettyChannelBuilder.createProtocolNegotiator( "bad_authority", NegotiationType.TLS, - noSslContext); + GrpcSslContexts.forClient().build()); assertTrue(negotiator instanceof ProtocolNegotiators.TlsNegotiator); ProtocolNegotiators.TlsNegotiator n = (TlsNegotiator) negotiator;