[UNDERTOW-1932] - unify SSLContext manipulation flow

undertow-io · Jul 27, 2021 · 7dd4a70 · 7dd4a70
1 parent 8a67678
commit 7dd4a70
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 8 deletions.
diff --git a/core/src/main/java/io/undertow/UndertowMessages.java b/core/src/main/java/io/undertow/UndertowMessages.java
@@ -621,4 +621,11 @@ public interface UndertowMessages {
 
     @Message(id = 199, value = "Read timed out after %s milliseconds.")
     ReadTimeoutException readTimedOut(long timeoutMilliseconds);
+
+    @Message(id = 200, value = "Failed to replace hash output stream ")
+    SSLException failedToReplaceHashOutputStream(@Cause Exception e);
+
+    @Message(id = 201, value = "Failed to replace hash output stream ")
+    RuntimeException failedToReplaceHashOutputStreamOnWrite(@Cause Exception e);
+
 }
diff --git a/core/src/main/java/io/undertow/protocols/ssl/ALPNHackSSLEngine.java b/core/src/main/java/io/undertow/protocols/ssl/ALPNHackSSLEngine.java
@@ -19,6 +19,7 @@
 package io.undertow.protocols.ssl;
 
 import io.undertow.UndertowLogger;
+import io.undertow.UndertowMessages;
 
 import java.io.ByteArrayOutputStream;
 import java.lang.reflect.Field;
@@ -408,7 +409,7 @@ public String getSelectedApplicationProtocol() {
     }
 
 
-    static ALPNHackServerByteArrayOutputStream replaceServerByteOutput(SSLEngine sslEngine, String selectedAlpnProtocol) {
+    static ALPNHackServerByteArrayOutputStream replaceServerByteOutput(SSLEngine sslEngine, String selectedAlpnProtocol) throws SSLException {
         try {
             Object handshaker = HANDSHAKER.get(sslEngine);
             Object hash = HANDSHAKE_HASH.get(handshaker);
@@ -418,12 +419,11 @@ static ALPNHackServerByteArrayOutputStream replaceServerByteOutput(SSLEngine ssl
             HANDSHAKE_HASH_DATA.set(hash, out);
             return out;
         } catch (Exception e) {
-            UndertowLogger.ROOT_LOGGER.debug("Failed to replace hash output stream ", e);
-            return null;
+            throw UndertowMessages.MESSAGES.failedToReplaceHashOutputStream(e);
         }
     }
 
-    static ALPNHackClientByteArrayOutputStream replaceClientByteOutput(SSLEngine sslEngine) {
+    static ALPNHackClientByteArrayOutputStream replaceClientByteOutput(SSLEngine sslEngine) throws SSLException {
         try {
             Object handshaker = HANDSHAKER.get(sslEngine);
             Object hash = HANDSHAKE_HASH.get(handshaker);
@@ -432,8 +432,7 @@ static ALPNHackClientByteArrayOutputStream replaceClientByteOutput(SSLEngine ssl
             HANDSHAKE_HASH_DATA.set(hash, out);
             return out;
         } catch (Exception e) {
-            UndertowLogger.ROOT_LOGGER.debug("Failed to replace hash output stream ", e);
-            return null;
+            throw UndertowMessages.MESSAGES.failedToReplaceHashOutputStream(e);
         }
     }
     static void regenerateHashes(SSLEngine sslEngineToHack, ByteArrayOutputStream data, byte[]... hashBytes) {
@@ -451,8 +450,7 @@ static void regenerateHashes(SSLEngine sslEngineToHack, ByteArrayOutputStream da
                 HANDSHAKE_HASH_UPDATE.invoke(hash, b, 0, b.length);
             }
         } catch (Exception e) {
-            e.printStackTrace(); //TODO: remove
-            throw new RuntimeException(e);
+            throw UndertowMessages.MESSAGES.failedToReplaceHashOutputStreamOnWrite(e);
         }
     }
 }