commit | dcaf96015811c06816517f025b650e44039e571b | [log] [tgz] |
---|---|---|
author | Adam Vartanian <flooey@gmail.com> | Wed May 16 12:30:16 2018 +0100 |
committer | Adam Vartanian <flooey@google.com> | Wed May 16 12:36:29 2018 +0100 |
tree | 6d1b07ec418c986a2a6b13dd7b9ef9501138fa97 | |
parent | 1271f448571ee629e0bad47d70e30eeac549b549 [diff] |
Cherry-pick locking CL. This uses a read/write lock around the ssl instance variable for NativeSsl. The write lock is only taken during close(), where ssl is cleared, so all other operations can proceed in parallel with one another. I only added locking to the read- and write-style methods in the class, rather than to methods that only read or write a property, since the latter tend to be used only right when the SSL is created and it would add a lot of noise to the code to lock everywhere, but it's possible we want to add that as well for complete safety. This should solve some longstanding but infrequent crashes we've seen that involve race conditions with finalizers and other related situations. This is a cherry-pick of 47d96e94c8645d23a8f66033b4d124142ddc72b9 from https://github.com/google/conscrypt. Bug: 70507413 Test: cts -m CtsLibcoreTestCases -t com.android.org.conscrypt Change-Id: Ie045232e08638ffd4199ac4b971ce12a72b402b1
Conscrypt is a Java Security Provider (JSP) that implements parts of the Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE). It uses BoringSSL to provide cryptographical primitives and Transport Layer Security (TLS) for Java applications on Android and OpenJDK.
The core SSL engine has borrowed liberally from the Netty project and their work on netty-tcnative, giving Conscrypt
similar performance.
All Conscrypt artifacts target the Java 6 runtime and are available on Maven central.
You can download the JARs directly from the Maven repositories.
The OpenJDK artifacts are platform-dependent since each embeds a native library for a particular platform. We publish artifacts to Maven Central for the following platforms:
Classifier | OS | Architecture |
---|---|---|
linux-x86_64 | Linux | x86_64 (64-bit) |
osx-x86_64 | Mac | x86_64 (64-bit) |
windows-x86 | Windows | x86 (32-bit) |
windows-x86_64 | Windows | x86_64 (64-bit) |
Use the os-maven-plugin to add the dependency:
<build> <extensions> <extension> <groupId>kr.motd.maven</groupId> <artifactId>os-maven-plugin</artifactId> <version>1.4.1.Final</version> </extension> </extensions> </build> <dependency> <groupId>org.conscrypt</groupId> <artifactId>conscrypt-openjdk</artifactId> <version>1.0.1</version> <classifier>${os.detected.classifier}</classifier> </dependency>
Use the osdetector-gradle-plugin (which is a wrapper around the os-maven-plugin) to add the dependency:
buildscript { repositories { mavenCentral() } dependencies { classpath 'com.google.gradle:osdetector-gradle-plugin:1.4.0' } } // Use the osdetector-gradle-plugin apply plugin: "com.google.osdetector" dependencies { compile 'org.conscrypt:conscrypt-jdk:1.0.1:' + osdetector.classifier }
For convenience, we also publish an Uber JAR to Maven Central that contains the shared libraries for all of the published platforms. While the overall size of the JAR is larger than depending on a platform-specific artifact, it greatly simplifies the task of dependency management for most platforms.
To depend on the uber jar, simply use the conscrypt-openjdk-uber
artifacts.
<dependency> <groupId>org.conscrypt</groupId> <artifactId>conscrypt-openjdk-uber</artifactId> <version>1.0.1</version> </dependency>
dependencies { compile 'org.conscrypt:conscrypt-jdk-uber:1.0.1' }
If you are making changes to Conscrypt, see the building instructions.
Here‘s a quick readers’ guide to the code to help folks get started. The high-level modules are Common, Android, OpenJDK, and Platform.
This contains the bulk of the code for both Java and C. This isn't an actual module and builds no artifacts. Rather, the other modules just point to this directory as source.
This module provides the Platform
class for Android and also adds compatibility classes for supporting various versions of Android. This generates an aar
library artifact.
These modules provide the Platform
class for non-Android (OpenJDK-based) systems. It also provides a native library loader supports bundling the shared library with the JAR.
This module contains code that is bundled with the Android operating system. The inclusion in the build is only to ensure that changes to other modules do not accidentally break the Android build.