Changes from Alexei

Author: Stephane Landelle

providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/GrizzlyAsyncHttpProvider.java

@@ -29,6 +29,7 @@
 import org.asynchttpclient.providers.grizzly.filters.AsyncHttpClientFilter;
 import org.asynchttpclient.providers.grizzly.filters.AsyncSpdyClientEventFilter;
 import org.asynchttpclient.providers.grizzly.filters.ClientEncodingFilter;
+import org.asynchttpclient.providers.grizzly.filters.HostPortAwareSSLEngineConfigurator;
 import org.asynchttpclient.providers.grizzly.filters.SwitchingSSLFilter;
 import org.asynchttpclient.util.AsyncHttpProviderUtils;
 import org.asynchttpclient.util.ProxyUtils;
@@ -257,7 +258,7 @@ public void onTimeout(Connection connection) {
                 throw new IllegalStateException(e);
             }
         }
-        final SSLEngineConfigurator configurator = new SSLEngineConfigurator(context, true, false, false);
+        final SSLEngineConfigurator configurator = new HostPortAwareSSLEngineConfigurator(context, true, false, false);
         final SwitchingSSLFilter filter = new SwitchingSSLFilter(configurator);
         secure.add(filter);
         GrizzlyAsyncHttpProviderConfig providerConfig = (GrizzlyAsyncHttpProviderConfig) clientConfig.getAsyncHttpProviderConfig();

providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/filters/HostPortAwareSSLEngineConfigurator.java

@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2014 AsyncHttpClient Project. All rights reserved.
+ *
+ * This program is licensed to you under the Apache License Version 2.0,
+ * and you may not use this file except in compliance with the Apache License Version 2.0.
+ * You may obtain a copy of the Apache License Version 2.0 at http://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the Apache License Version 2.0 is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under.
+ */
+package org.asynchttpclient.providers.grizzly.filters;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import org.glassfish.grizzly.ssl.SSLEngineConfigurator;
+
+public class HostPortAwareSSLEngineConfigurator extends SSLEngineConfigurator {
+
+    public HostPortAwareSSLEngineConfigurator(final SSLContext context, final boolean clientMode, final boolean needClientAuth,
+            final boolean wantClientAuth) {
+        super(context, clientMode, needClientAuth, wantClientAuth);
+    }
+
+    /**
+     * Create and configure {@link SSLEngine} using this context configuration
+     * using advisory peer information.
+     * <P>
+     * Applications using this factory method are providing hints
+     * for an internal session reuse strategy.
+     * <P>
+     * Some cipher suites (such as Kerberos) require remote hostname
+     * information, in which case peerHost needs to be specified.
+     * 
+     * @param   peerHost the non-authoritative name of the host
+     * @param   peerPort the non-authoritative port
+     * 
+     * @return {@link SSLEngine}.
+     */
+    public SSLEngine createSSLEngine(final String peerHost, final int peerPort) {
+        final SSLEngine sslEngine = getSslContext().createSSLEngine(peerHost, peerPort);
+        configure(sslEngine);
+
+        return sslEngine;
+    }
+}

providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/filters/SwitchingSSLFilter.java

@@ -14,6 +14,7 @@
 package org.asynchttpclient.providers.grizzly.filters;
 
 import org.asynchttpclient.providers.grizzly.filters.events.SSLSwitchingEvent;
+import org.glassfish.grizzly.CompletionHandler;
 import org.glassfish.grizzly.Connection;
 import org.glassfish.grizzly.EmptyCompletionHandler;
 import org.glassfish.grizzly.Grizzly;
@@ -23,13 +24,16 @@
 import org.glassfish.grizzly.filterchain.FilterChainContext;
 import org.glassfish.grizzly.filterchain.FilterChainEvent;
 import org.glassfish.grizzly.filterchain.NextAction;
+import org.glassfish.grizzly.ssl.SSLConnectionContext;
 import org.glassfish.grizzly.ssl.SSLEngineConfigurator;
 import org.glassfish.grizzly.ssl.SSLFilter;
+import org.glassfish.grizzly.ssl.SSLUtils;
 
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLHandshakeException;
 
 import java.io.IOException;
+import java.net.InetSocketAddress;
 
 /**
  * SSL Filter that may be present within the FilterChain and may be
@@ -143,6 +147,28 @@ public static Throwable getHandshakeError(final Connection c) {
         return HANDSHAKE_ERROR.remove(c);
     }
 
+    @Override
+    protected void handshake(final Connection<?> connection,
+            final CompletionHandler<SSLEngine> completionHandler,
+            final Object dstAddress, SSLEngineConfigurator sslEngineConfigurator,
+            final FilterChainContext context) throws IOException {
+        
+        SSLEngine sslEngine = SSLUtils.getSSLEngine(connection);
+        if (sslEngine == null) {
+            InetSocketAddress peerAddress = (InetSocketAddress) connection.getPeerAddress();
+            String host = peerAddress.getHostString();
+            int port = peerAddress.getPort();
+            sslEngine = ((HostPortAwareSSLEngineConfigurator) sslEngineConfigurator)
+                    .createSSLEngine(host, port);
+            final SSLConnectionContext sslCtx = new SSLConnectionContext(connection);
+            sslCtx.configure(sslEngine);
+            sslCtx.attach();
+        }
+        
+        super.handshake(connection, completionHandler, dstAddress, sslEngineConfigurator,
+                context);
+    }
+
     // --------------------------------------------------------- Private Methods
 
     private static boolean isSecure(final Connection c) {