!str #18059 new hostInfo parameter to SslTls to transport createSslEngine arguments

2015-07-23 14:09:31 +02:00 · 2015-07-23 14:09:31 +02:00 · ce78c46115
commit ce78c46115
parent 9a3d8104fd
3 changed files with 32 additions and 15 deletions
--- a/akka-stream/src/main/scala/akka/stream/impl/ActorMaterializerImpl.scala
+++ b/akka-stream/src/main/scala/akka/stream/impl/ActorMaterializerImpl.scala
@ -103,7 +103,7 @@ private[akka] case class ActorMaterializerImpl(
          case tls: TlsModule ⇒ // TODO solve this so TlsModule doesn't need special treatment here
            val es = effectiveSettings(effectiveAttributes)
            val props =
-              SslTlsCipherActor.props(es, tls.sslContext, tls.firstSession, tracing = false, tls.role, tls.closing)
+              SslTlsCipherActor.props(es, tls.sslContext, tls.firstSession, tracing = false, tls.role, tls.closing, tls.hostInfo)
            val impl = actorOf(props, stageName(effectiveAttributes), es.dispatcher)
            def factory(id: Int) = new ActorPublisher[Any](impl) {
              override val wakeUpMsg = FanOut.SubstreamSubscribePending(id)
--- a/akka-stream/src/main/scala/akka/stream/impl/io/SslTls.scala
+++ b/akka-stream/src/main/scala/akka/stream/impl/io/SslTls.scala
@ -34,8 +34,9 @@ private[akka] object SslTlsCipherActor {
            firstSession: NegotiateNewSession,
            tracing: Boolean,
            role: Role,
-            closing: Closing): Props =
-    Props(new SslTlsCipherActor(settings, sslContext, firstSession, tracing, role, closing)).withDeploy(Deploy.local)
+            closing: Closing,
+            hostInfo: Option[(String, Int)]): Props =
+    Props(new SslTlsCipherActor(settings, sslContext, firstSession, tracing, role, closing, hostInfo)).withDeploy(Deploy.local)

  final val TransportIn = 0
  final val TransportOut = 0
@ -49,7 +50,7 @@ private[akka] object SslTlsCipherActor {
 */
 private[akka] class SslTlsCipherActor(settings: ActorMaterializerSettings, sslContext: SSLContext,
                                      firstSession: NegotiateNewSession, tracing: Boolean,
-                                      role: Role, closing: Closing)
+                                      role: Role, closing: Closing, hostInfo: Option[(String, Int)])
  extends Actor with ActorLogging with Pump {

  import SslTlsCipherActor._
@ -146,7 +147,11 @@ private[akka] class SslTlsCipherActor(settings: ActorMaterializerSettings, sslCo
  transportInChoppingBlock.prepare(transportInBuffer)

  val engine: SSLEngine = {
-    val e = sslContext.createSSLEngine()
+    val e = hostInfo match {
+      case Some((hostname, port)) ⇒ sslContext.createSSLEngine(hostname, port)
+      case None                   ⇒ sslContext.createSSLEngine()
+    }
+
    e.setUseClientMode(role == Client)
    e
  }
--- a/akka-stream/src/main/scala/akka/stream/io/SslTls.scala
+++ b/akka-stream/src/main/scala/akka/stream/io/SslTls.scala
@ -3,6 +3,9 @@
 */
 package akka.stream.io

+import java.lang.{ Integer ⇒ jInteger }
+
+import akka.japi
 import akka.stream._
 import akka.stream.impl.StreamLayout.Module
 import akka.util.ByteString
@ -10,7 +13,6 @@ import javax.net.ssl._
 import scala.annotation.varargs
 import scala.collection.immutable
 import java.security.cert.Certificate
-import akka.event.Logging.simpleName

 /**
 * Stream cipher support based upon JSSE.
@ -63,10 +65,15 @@ object SslTls {
   * protocol.
   *
   * For a description of the `closing` parameter please refer to [[Closing]].
+   *
+   * The `hostInfo` parameter allows to optionally specify a pair of hostname and port
+   * that will be used when creating the SSLEngine with `sslContext.createSslEngine`.
+   * The SSLEngine may use this information e.g. when an endpoint identification algorithm was
+   * configured using [[SSLParameters.setEndpointIdentificationAlgorithm]].
   */
-  def apply(sslContext: SSLContext, firstSession: NegotiateNewSession,
-            role: Role, closing: Closing = IgnoreComplete): ScalaFlow =
-    new scaladsl.BidiFlow(TlsModule(Attributes.none, sslContext, firstSession, role, closing))
+  def apply(sslContext: SSLContext, firstSession: NegotiateNewSession, role: Role,
+            closing: Closing = IgnoreComplete, hostInfo: Option[(String, Int)] = None): ScalaFlow =
+    new scaladsl.BidiFlow(TlsModule(Attributes.none, sslContext, firstSession, role, closing, hostInfo))

  /**
   * Java API: create a StreamTls [[akka.stream.javadsl.BidiFlow]] in client mode. The
@ -92,9 +99,14 @@ object SslTls {
   * protocol.
   *
   * For a description of the `closing` parameter please refer to [[Closing]].
+   *
+   * The `hostInfo` parameter allows to optionally specify a pair of hostname and port
+   * that will be used when creating the SSLEngine with `sslContext.createSslEngine`.
+   * The SSLEngine may use this information e.g. when an endpoint identification algorithm was
+   * configured using [[SSLParameters.setEndpointIdentificationAlgorithm]].
   */
-  def create(sslContext: SSLContext, firstSession: NegotiateNewSession, role: Role, closing: Closing): JavaFlow =
-    new javadsl.BidiFlow(apply(sslContext, firstSession, role, closing))
+  def create(sslContext: SSLContext, firstSession: NegotiateNewSession, role: Role, hostInfo: japi.Option[japi.Pair[String, jInteger]], closing: Closing): JavaFlow =
+    new javadsl.BidiFlow(apply(sslContext, firstSession, role, closing, hostInfo.asScala.map(e ⇒ (e.first, e.second))))

  /**
   * INTERNAL API.
@ -103,12 +115,12 @@ object SslTls {
                                     cipherIn: Inlet[ByteString], cipherOut: Outlet[ByteString],
                                     shape: Shape, attributes: Attributes,
                                     sslContext: SSLContext, firstSession: NegotiateNewSession,
-                                     role: Role, closing: Closing) extends Module {
+                                     role: Role, closing: Closing, hostInfo: Option[(String, Int)]) extends Module {
    override def subModules: Set[Module] = Set.empty

    override def withAttributes(att: Attributes): Module = copy(attributes = att)
    override def carbonCopy: Module = {
-      val mod = TlsModule(attributes, sslContext, firstSession, role, closing)
+      val mod = TlsModule(attributes, sslContext, firstSession, role, closing, hostInfo)
      if (plainIn == shape.inlets(0)) mod
      else mod.replaceShape(mod.shape.asInstanceOf[BidiShape[_, _, _, _]].reversed)
    }
@ -123,14 +135,14 @@ object SslTls {
   * INTERNAL API.
   */
  private[akka] object TlsModule {
-    def apply(attributes: Attributes, sslContext: SSLContext, firstSession: NegotiateNewSession, role: Role, closing: Closing): TlsModule = {
+    def apply(attributes: Attributes, sslContext: SSLContext, firstSession: NegotiateNewSession, role: Role, closing: Closing, hostInfo: Option[(String, Int)]): TlsModule = {
      val name = attributes.nameOrDefault(s"StreamTls($role)")
      val cipherIn = Inlet[ByteString](s"$name.cipherIn")
      val cipherOut = Outlet[ByteString](s"$name.cipherOut")
      val plainIn = Inlet[SslTlsOutbound](s"$name.transportIn")
      val plainOut = Outlet[SslTlsInbound](s"$name.transportOut")
      val shape = new BidiShape(plainIn, cipherOut, cipherIn, plainOut)
-      TlsModule(plainIn, plainOut, cipherIn, cipherOut, shape, attributes, sslContext, firstSession, role, closing)
+      TlsModule(plainIn, plainOut, cipherIn, cipherOut, shape, attributes, sslContext, firstSession, role, closing, hostInfo)
    }
  }
 }