From b771bdad0ea37f0df96ce37c5f43851526407ea6 Mon Sep 17 00:00:00 2001
From: Ykrad <32481476+Ykrad@users.noreply.github.com>
Date: Thu, 03 Dec 2020 15:50:49 +0000
Subject: [PATCH] Add ability to set handshake timeout (#149)

---
 opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/LDAPServerFilter.java      |    6 +++++-
 opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/GrizzlyUtils.java          |    9 +++++++++
 opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/GrizzlyLDAPConnection.java |    2 ++
 3 files changed, 16 insertions(+), 1 deletions(-)

diff --git a/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/GrizzlyLDAPConnection.java b/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/GrizzlyLDAPConnection.java
index 6d42dbc..bd638bb 100644
--- a/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/GrizzlyLDAPConnection.java
+++ b/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/GrizzlyLDAPConnection.java
@@ -19,6 +19,7 @@
 import static com.forgerock.opendj.grizzly.GrizzlyMessages.LDAP_CONNECTION_BIND_OR_START_TLS_CONNECTION_TIMEOUT;
 import static com.forgerock.opendj.grizzly.GrizzlyMessages.LDAP_CONNECTION_BIND_OR_START_TLS_REQUEST_TIMEOUT;
 import static com.forgerock.opendj.grizzly.GrizzlyMessages.LDAP_CONNECTION_REQUEST_TIMEOUT;
+import static org.forgerock.opendj.grizzly.GrizzlyUtils.getLongProperty;
 import static org.forgerock.opendj.ldap.LDAPConnectionFactory.REQUEST_TIMEOUT;
 import static org.forgerock.opendj.ldap.LdapException.newLdapException;
 import static org.forgerock.opendj.ldap.ResultCode.CLIENT_SIDE_LOCAL_ERROR;
@@ -823,6 +824,7 @@
                     .toArray(new String[cipherSuites.size()]));
             sslEngineConfigurator.setCipherConfigured(true);
             final SSLFilter sslFilter = new SSLFilter(DUMMY_SSL_ENGINE_CONFIGURATOR, sslEngineConfigurator);
+            sslFilter.setHandshakeTimeout(getLongProperty("org.forgerock.opendj.grizzly.handshakeTimeout", sslFilter.getHandshakeTimeout(TimeUnit.MILLISECONDS)), TimeUnit.MILLISECONDS);
             installFilter(sslFilter);
             sslFilter.handshake(connection, completionHandler);
         }
diff --git a/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/GrizzlyUtils.java b/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/GrizzlyUtils.java
index 37ab80a0..d5b8a59 100644
--- a/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/GrizzlyUtils.java
+++ b/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/GrizzlyUtils.java
@@ -225,6 +225,15 @@
         }
     }
 
+    static long getLongProperty(final String name, final long defaultValue) {
+        final String value = System.getProperty(name);
+        try {
+            return value != null ? Long.parseLong(value) : defaultValue;
+        } catch (final NumberFormatException e) {
+            return defaultValue;
+        }
+    }
+
     /** Prevent instantiation. */
     private GrizzlyUtils() {
         // No implementation required.
diff --git a/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/LDAPServerFilter.java b/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/LDAPServerFilter.java
index 8025ff9..e2bf6a7 100644
--- a/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/LDAPServerFilter.java
+++ b/opendj-grizzly/src/main/java/org/forgerock/opendj/grizzly/LDAPServerFilter.java
@@ -18,6 +18,7 @@
 
 import static com.forgerock.reactive.RxJavaStreams.*;
 import static org.forgerock.opendj.grizzly.GrizzlyUtils.configureConnection;
+import static org.forgerock.opendj.grizzly.GrizzlyUtils.getLongProperty;
 import static org.forgerock.opendj.io.LDAP.*;
 import static org.forgerock.opendj.ldap.responses.Responses.newGenericExtendedResult;
 import static org.forgerock.opendj.ldap.spi.LdapMessages.newResponseMessage;
@@ -28,6 +29,7 @@
 import java.util.LinkedList;
 import java.util.List;
 import java.util.concurrent.CancellationException;
+import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicLong;
 
 import javax.net.ssl.SSLEngine;
@@ -384,7 +386,9 @@
                     return false;
                 }
                 SSLUtils.setSSLEngine(connection, sslEngine);
-                installFilter(startTls ? new StartTLSFilter(new SSLFilter()) : new SSLFilter());
+                SSLFilter sslFilter = new SSLFilter();
+                sslFilter.setHandshakeTimeout(getLongProperty("org.forgerock.opendj.grizzly.handshakeTimeout", sslFilter.getHandshakeTimeout(TimeUnit.MILLISECONDS)), TimeUnit.MILLISECONDS);
+                installFilter(startTls ? new StartTLSFilter(sslFilter) : sslFilter);
                 return true;
             }
         }

--
Gitblit v1.10.0