Don't block on SslContext creation in Java S2A client.

rmehta19 · rmehta19 · commit 3184cdcfddda · 2024-09-09T13:12:04.000-07:00
diff --git a/s2a/src/main/java/io/grpc/s2a/handshaker/S2AProtocolNegotiatorFactory.java b/s2a/src/main/java/io/grpc/s2a/handshaker/S2AProtocolNegotiatorFactory.java
@@ -20,9 +20,13 @@
 
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.net.HostAndPort;
+import com.google.common.util.concurrent.FutureCallback;
+import com.google.common.util.concurrent.Futures;
+import com.google.common.util.concurrent.ListenableFuture;
+import com.google.common.util.concurrent.ListeningExecutorService;
+import com.google.common.util.concurrent.MoreExecutors;
 import com.google.errorprone.annotations.ThreadSafe;
 import io.grpc.Channel;
-import io.grpc.ChannelLogger;
 import io.grpc.internal.ObjectPool;
 import io.grpc.netty.GrpcHttp2ConnectionHandler;
 import io.grpc.netty.InternalProtocolNegotiator;
@@ -33,16 +37,15 @@
 import io.grpc.s2a.channel.S2AGrpcChannelPool;
 import io.grpc.s2a.handshaker.S2AIdentity;
 import io.netty.channel.ChannelHandler;
+import io.netty.channel.ChannelHandlerAdapter;
 import io.netty.channel.ChannelHandlerContext;
+import io.netty.channel.ChannelInboundHandlerAdapter;
 import io.netty.handler.ssl.SslContext;
 import io.netty.util.AsciiString;
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.List;
 import java.util.Optional;
+import java.util.concurrent.Executors;
 import org.checkerframework.checker.nullness.qual.Nullable;
 
 /** Factory for performing negotiation of a secure channel using the S2A. */
@@ -96,6 +99,8 @@ static final class S2AProtocolNegotiator implements ProtocolNegotiator {
 
     private final S2AChannelPool channelPool;
     private final Optional<S2AIdentity> localIdentity;
+    private final ListeningExecutorService service =
+        MoreExecutors.listeningDecorator(Executors.newFixedThreadPool(1));
 
     static S2AProtocolNegotiator createForClient(
         S2AChannelPool channelPool, Optional<S2AIdentity> localIdentity) {
@@ -128,65 +133,111 @@ public ChannelHandler newHandler(GrpcHttp2ConnectionHandler grpcHandler) {
       String hostname = getHostNameFromAuthority(grpcHandler.getAuthority());
       checkNotNull(hostname, "hostname should not be null.");
       return new S2AProtocolNegotiationHandler(
-          InternalProtocolNegotiators.grpcNegotiationHandler(grpcHandler),
-          grpcHandler.getNegotiationLogger(),
-          channelPool,
-          localIdentity,
-          hostname,
-          grpcHandler);
+        grpcHandler, channelPool, localIdentity, hostname, service);
     }
 
     @Override
     public void close() {
+      service.shutdown();
       channelPool.close();
     }
   }
 
+  @VisibleForTesting
+  static class BufferReadsHandler extends ChannelInboundHandlerAdapter {
+    private final List<Object> reads = new ArrayList<>();
+    private boolean readComplete;
+
+    public List<Object> getReads() {
+      return reads;
+    }
+
+    @Override
+    public void channelRead(ChannelHandlerContext ctx, Object msg) {
+      reads.add(msg);
+    }
+
+    @Override
+    public void channelReadComplete(ChannelHandlerContext ctx) {
+      readComplete = true;
+    }
+
+    @Override
+    public void handlerRemoved(ChannelHandlerContext ctx) throws Exception {
+      for (Object msg : reads) {
+        super.channelRead(ctx, msg);
+      }
+      if (readComplete) {
+        super.channelReadComplete(ctx);
+      }
+    }
+  }
+
   private static final class S2AProtocolNegotiationHandler extends ProtocolNegotiationHandler {
     private final S2AChannelPool channelPool;
     private final Optional<S2AIdentity> localIdentity;
     private final String hostname;
-    private InternalProtocolNegotiator.ProtocolNegotiator negotiator;
     private final GrpcHttp2ConnectionHandler grpcHandler;
+    private final ListeningExecutorService service;
 
     private S2AProtocolNegotiationHandler(
-        ChannelHandler next,
-        ChannelLogger negotiationLogger,
+        GrpcHttp2ConnectionHandler grpcHandler,
         S2AChannelPool channelPool,
         Optional<S2AIdentity> localIdentity,
         String hostname,
-        GrpcHttp2ConnectionHandler grpcHandler) {
-      super(next, negotiationLogger);
+        ListeningExecutorService service) {
+      super(
+          // superclass (InternalProtocolNegotiators.ProtocolNegotiationHandler) expects 'next'
+          // handler but we don't have a next handler _yet_. So we "disable" superclass's behavior
+          // here and then manually add 'next' when we call fireProtocolNegotiationEvent()
+          new ChannelHandlerAdapter() {
+            @Override
+            public void handlerAdded(ChannelHandlerContext ctx) {
+              ctx.pipeline().remove(this);
+            }
+          },
+          grpcHandler.getNegotiationLogger());
+      this.grpcHandler = grpcHandler;
       this.channelPool = channelPool;
       this.localIdentity = localIdentity;
       this.hostname = hostname;
-      this.grpcHandler = grpcHandler;
+      checkNotNull(service, "service should not be null.");
+      this.service = service;
     }
 
     @Override
-    protected void handlerAdded0(ChannelHandlerContext ctx) throws GeneralSecurityException {
-      SslContext sslContext;
-      try {
-        // Establish a stream to S2A server.
-        Channel ch = channelPool.getChannel();
-        S2AServiceGrpc.S2AServiceStub stub = S2AServiceGrpc.newStub(ch);
-        S2AStub s2aStub = S2AStub.newInstance(stub);
-        sslContext = SslContextFactory.createForClient(s2aStub, hostname, localIdentity);
-      } catch (InterruptedException
-          | IOException
-          | IllegalArgumentException
-          | UnrecoverableKeyException
-          | CertificateException
-          | NoSuchAlgorithmException
-          | KeyStoreException e) {
-        // GeneralSecurityException is intentionally not caught, and rather propagated. This is done
-        // because throwing a GeneralSecurityException in this context indicates that we encountered
-        // a retryable error.
-        throw new IllegalArgumentException(
-            "Something went wrong during the initialization of SslContext.", e);
-      }
-      negotiator = InternalProtocolNegotiators.tls(sslContext);
-      ctx.pipeline().addBefore(ctx.name(), /* name= */ null, negotiator.newHandler(grpcHandler));
+    protected void handlerAdded0(ChannelHandlerContext ctx) {
+      // Buffer all reads until the TLS Handler is added.
+      BufferReadsHandler bufferReads = new BufferReadsHandler();
+      ctx.pipeline().addBefore(ctx.name(), /* name= */ null, bufferReads);
+
+      Channel ch = channelPool.getChannel();
+      S2AServiceGrpc.S2AServiceStub stub = S2AServiceGrpc.newStub(ch);
+      S2AStub s2aStub = S2AStub.newInstance(stub);
+
+      ListenableFuture<SslContext> sslContextFuture =
+          service.submit(() -> SslContextFactory.createForClient(s2aStub, hostname, localIdentity));
+      Futures.addCallback(
+          sslContextFuture,
+          new FutureCallback<SslContext>() {
+            @Override
+            public void onSuccess(SslContext sslContext) {
+              ChannelHandler handler =
+                  InternalProtocolNegotiators.tls(sslContext).newHandler(grpcHandler);
+
+              // Remove the bufferReads handler and delegate the rest of the handshake to the TLS
+              // handler.
+              ctx.pipeline().addAfter(ctx.name(), /* name= */ null, handler);
+              fireProtocolNegotiationEvent(ctx);
+              ctx.pipeline().remove(bufferReads);
+            }
+
+            @Override
+            public void onFailure(Throwable t) {
+              ctx.fireExceptionCaught(t);
+            }
+          },
+          service);
     }
   }
 
diff --git a/s2a/src/test/java/io/grpc/s2a/handshaker/S2AProtocolNegotiatorFactoryTest.java b/s2a/src/test/java/io/grpc/s2a/handshaker/S2AProtocolNegotiatorFactoryTest.java
@@ -45,6 +45,7 @@
 import io.netty.channel.ChannelHandler;
 import io.netty.channel.ChannelHandlerContext;
 import io.netty.channel.ChannelPromise;
+import io.netty.channel.embedded.EmbeddedChannel;
 import io.netty.handler.codec.http2.Http2ConnectionDecoder;
 import io.netty.handler.codec.http2.Http2ConnectionEncoder;
 import io.netty.handler.codec.http2.Http2Settings;
@@ -85,6 +86,22 @@ public void tearDown() {
     fakeS2AServer.shutdown();
   }
 
+  @Test
+  public void handlerRemoved_success() throws Exception {
+    S2AProtocolNegotiatorFactory.BufferReadsHandler handler1 =
+        new S2AProtocolNegotiatorFactory.BufferReadsHandler();
+    S2AProtocolNegotiatorFactory.BufferReadsHandler handler2 =
+        new S2AProtocolNegotiatorFactory.BufferReadsHandler();
+    EmbeddedChannel channel = new EmbeddedChannel(handler1, handler2);
+    channel.writeInbound("message1");
+    channel.writeInbound("message2");
+    channel.writeInbound("message3");
+    assertThat(handler1.getReads()).hasSize(3);
+    assertThat(handler2.getReads()).isEmpty();
+    channel.pipeline().remove(handler1);
+    assertThat(handler2.getReads()).hasSize(3);
+  }
+
   @Test
   public void createProtocolNegotiatorFactory_nullArgument() throws Exception {
     NullPointerTester tester = new NullPointerTester().setDefault(Optional.class, Optional.empty());
