Google Git
Sign in
android / platform / external / conscrypt / dcaf96015811c06816517f025b650e44039e571b
commitdcaf96015811c06816517f025b650e44039e571b[log] [tgz]
authorAdam Vartanian <flooey@gmail.com>Wed May 16 12:30:16 2018 +0100
committerAdam Vartanian <flooey@google.com>Wed May 16 12:36:29 2018 +0100
tree6d1b07ec418c986a2a6b13dd7b9ef9501138fa97
parent1271f448571ee629e0bad47d70e30eeac549b549 [diff]
Cherry-pick locking CL.

This uses a read/write lock around the ssl instance variable for
NativeSsl.  The write lock is only taken during close(), where ssl is
cleared, so all other operations can proceed in parallel with one
another.  I only added locking to the read- and write-style methods in
the class, rather than to methods that only read or write a property,
since the latter tend to be used only right when the SSL is created
and it would add a lot of noise to the code to lock everywhere, but
it's possible we want to add that as well for complete safety.

This should solve some longstanding but infrequent crashes we've seen
that involve race conditions with finalizers and other related
situations.

This is a cherry-pick of 47d96e94c8645d23a8f66033b4d124142ddc72b9 from
https://github.com/google/conscrypt.

Bug: 70507413
Test: cts -m CtsLibcoreTestCases -t com.android.org.conscrypt
Change-Id: Ie045232e08638ffd4199ac4b971ce12a72b402b1
1 file changed
tree: 6d1b07ec418c986a2a6b13dd7b9ef9501138fa97
  1. android/
  2. android-stub/
  3. api-doclet/
  4. benchmark-android/
  5. benchmark-base/
  6. benchmark-graphs/
  7. benchmark-jmh/
  8. common/
  9. constants/
  10. gradle/
  11. libcore-stub/
  12. licenses/
  13. openjdk/
  14. openjdk-integ-tests/
  15. openjdk-uber/
  16. platform/
  17. testing/
  18. .clang-format
  19. .gitignore
  20. .travis.yml
  21. Android.bp
  22. Android.mk
  23. appveyor.yml
  24. build.gradle
  25. BUILDING.md
  26. CONTRIBUTING.md
  27. CPPLINT.cfg
  28. Dockerfile
  29. gradlew
  30. gradlew.bat
  31. jarjar-rules.txt
  32. LICENSE
  33. MODULE_LICENSE_APACHE2
  34. NOTICE
  35. OWNERS
  36. PREUPLOAD.cfg
  37. README.md
  38. RELEASING.md
  39. settings.gradle
  40. test_logging.properties
README.md

Conscrypt - A Java Security Provider

Conscrypt is a Java Security Provider (JSP) that implements parts of the Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE). It uses BoringSSL to provide cryptographical primitives and Transport Layer Security (TLS) for Java applications on Android and OpenJDK.

The core SSL engine has borrowed liberally from the Netty project and their work on netty-tcnative, giving Conscrypt similar performance.

Download

All Conscrypt artifacts target the Java 6 runtime and are available on Maven central.

Download JARs

You can download the JARs directly from the Maven repositories.

OpenJDK (i.e. non-Android)

Native Classifiers

The OpenJDK artifacts are platform-dependent since each embeds a native library for a particular platform. We publish artifacts to Maven Central for the following platforms:

ClassifierOSArchitecture
linux-x86_64Linuxx86_64 (64-bit)
osx-x86_64Macx86_64 (64-bit)
windows-x86Windowsx86 (32-bit)
windows-x86_64Windowsx86_64 (64-bit)
Maven

Use the os-maven-plugin to add the dependency:

<build>
  <extensions>
    <extension>
      <groupId>kr.motd.maven</groupId>
      <artifactId>os-maven-plugin</artifactId>
      <version>1.4.1.Final</version>
    </extension>
  </extensions>
</build>

<dependency>
  <groupId>org.conscrypt</groupId>
  <artifactId>conscrypt-openjdk</artifactId>
  <version>1.0.1</version>
  <classifier>${os.detected.classifier}</classifier>
</dependency>
Gradle

Use the osdetector-gradle-plugin (which is a wrapper around the os-maven-plugin) to add the dependency:

buildscript {
  repositories {
    mavenCentral()
  }
  dependencies {
    classpath 'com.google.gradle:osdetector-gradle-plugin:1.4.0'
  }
}

// Use the osdetector-gradle-plugin
apply plugin: "com.google.osdetector"

dependencies {
  compile 'org.conscrypt:conscrypt-jdk:1.0.1:' + osdetector.classifier
}
Uber JAR

For convenience, we also publish an Uber JAR to Maven Central that contains the shared libraries for all of the published platforms. While the overall size of the JAR is larger than depending on a platform-specific artifact, it greatly simplifies the task of dependency management for most platforms.

To depend on the uber jar, simply use the conscrypt-openjdk-uber artifacts.

Maven
<dependency>
  <groupId>org.conscrypt</groupId>
  <artifactId>conscrypt-openjdk-uber</artifactId>
  <version>1.0.1</version>
</dependency>
Gradle
dependencies {
  compile 'org.conscrypt:conscrypt-jdk-uber:1.0.1'
}

How to Build

If you are making changes to Conscrypt, see the building instructions.

Source Overview

Here‘s a quick readers’ guide to the code to help folks get started. The high-level modules are Common, Android, OpenJDK, and Platform.

Common

This contains the bulk of the code for both Java and C. This isn't an actual module and builds no artifacts. Rather, the other modules just point to this directory as source.

Android

This module provides the Platform class for Android and also adds compatibility classes for supporting various versions of Android. This generates an aar library artifact.

OpenJDK

These modules provide the Platform class for non-Android (OpenJDK-based) systems. It also provides a native library loader supports bundling the shared library with the JAR.

Platform

This module contains code that is bundled with the Android operating system. The inclusion in the build is only to ensure that changes to other modules do not accidentally break the Android build.