netty: Use Java 9 ALPN if available

jjteo74 · ejona86 · commit 3e76bf143bc7 · 2017-12-21T14:26:09.000-08:00
diff --git a/netty/src/main/java/io/grpc/netty/GrpcSslContexts.java b/netty/src/main/java/io/grpc/netty/GrpcSslContexts.java
@@ -156,6 +156,9 @@ private static ApplicationProtocolConfig selectApplicationProtocolConfig(SslProv
         if (JettyTlsUtil.isJettyNpnConfigured()) {
           return NPN;
         }
+        if (JettyTlsUtil.isJava9AlpnAvailable()) {
+          return ALPN;
+        }
         // Use the ALPN cause since it is prefered.
         throw new IllegalArgumentException(
             "ALPN is not configured properly. See https://github.com/grpc/grpc-java/blob/master/SECURITY.md#troubleshooting"
diff --git a/netty/src/main/java/io/grpc/netty/JettyTlsUtil.java b/netty/src/main/java/io/grpc/netty/JettyTlsUtil.java
@@ -16,6 +16,12 @@
 
 package io.grpc.netty;
 
+import java.lang.reflect.Method;
+import java.security.AccessController;
+import java.security.PrivilegedExceptionAction;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+
 /**
  * Utility class for determining support for Jetty TLS ALPN/NPN.
  */
@@ -26,6 +32,30 @@ private JettyTlsUtil() {
   private static Throwable jettyAlpnUnavailabilityCause;
   private static Throwable jettyNpnUnavailabilityCause;
 
+  private static class Java9AlpnUnavailabilityCauseHolder {
+
+    static final Throwable cause = checkAlpnAvailability();
+
+    static Throwable checkAlpnAvailability() {
+      try {
+        SSLContext context = SSLContext.getInstance("TLS");
+        context.init(null, null, null);
+        SSLEngine engine = context.createSSLEngine();
+        Method getApplicationProtocol =
+            AccessController.doPrivileged(new PrivilegedExceptionAction<Method>() {
+              @Override
+              public Method run() throws Exception {
+                return SSLEngine.class.getMethod("getApplicationProtocol");
+              }
+            });
+        getApplicationProtocol.invoke(engine);
+        return null;
+      } catch (Throwable t) {
+        return t;
+      }
+    }
+  }
+
   /**
    * Indicates whether or not the Jetty ALPN jar is installed in the boot classloader.
    */
@@ -67,4 +97,15 @@ static synchronized Throwable getJettyNpnUnavailabilityCause() {
     }
     return jettyNpnUnavailabilityCause;
   }
+
+  /**
+   * Indicates whether Java 9 ALPN is available.
+   */
+  static boolean isJava9AlpnAvailable() {
+    return getJava9AlpnUnavailabilityCause() == null;
+  }
+
+  static Throwable getJava9AlpnUnavailabilityCause() {
+    return Java9AlpnUnavailabilityCauseHolder.cause;
+  }
 }
diff --git a/netty/src/main/java/io/grpc/netty/ProtocolNegotiators.java b/netty/src/main/java/io/grpc/netty/ProtocolNegotiators.java
@@ -374,6 +374,8 @@ static void logSslEngineDetails(Level level, ChannelHandlerContext ctx, String m
       builder.append("    Jetty ALPN");
     } else if (JettyTlsUtil.isJettyNpnConfigured()) {
       builder.append("    Jetty NPN");
+    } else if (JettyTlsUtil.isJava9AlpnAvailable()) {
+      builder.append("    JDK9 ALPN");
     }
     builder.append("\n    TLS Protocol: ");
     builder.append(engine.getSession().getProtocol());

Original file line number	Diff line number	Diff line change
`@@ -374,6 +374,8 @@ static void logSslEngineDetails(Level level, ChannelHandlerContext ctx, String m`
`374`	`374`	`builder.append(" Jetty ALPN");`
`375`	`375`	`} else if (JettyTlsUtil.isJettyNpnConfigured()) {`
`376`	`376`	`builder.append(" Jetty NPN");`
	`377`	`+ } else if (JettyTlsUtil.isJava9AlpnAvailable()) {`
	`378`	`+ builder.append(" JDK9 ALPN");`
`377`	`379`	`}`
`378`	`380`	`builder.append("\n TLS Protocol: ");`
`379`	`381`	`builder.append(engine.getSession().getProtocol());`