Automated import from //branches/master/...@141357,141357

3 files changed, 96 insertions, 102 deletions

diff --git a/core/java/android/net/http/CertificateChainValidator.java b/core/java/android/net/http/CertificateChainValidator.java
index 0edbe5b..91fa900 100644
--- a/core/java/android/net/http/CertificateChainValidator.java
+++ b/core/java/android/net/http/CertificateChainValidator.java
@@ -43,7 +43,8 @@ class CertificateChainValidator {
     /**
      * The singleton instance of the certificate chain validator
      */
-    private static CertificateChainValidator sInstance;
+    private static final CertificateChainValidator sInstance
+            = new CertificateChainValidator();
 
     /**
      * Default trust manager (used to perform CA certificate validation)
@@ -54,10 +55,6 @@ class CertificateChainValidator {
      * @return The singleton instance of the certificator chain validator
      */
     public static CertificateChainValidator getInstance() {
-        if (sInstance == null) {
-            sInstance = new CertificateChainValidator();
-        }
-
         return sInstance;
     }
 
@@ -159,13 +156,11 @@ class CertificateChainValidator {
         // report back to the user.
         //
         try {
-            synchronized (mDefaultTrustManager) {
-                mDefaultTrustManager.checkServerTrusted(
-                    serverCertificates, "RSA");
+            mDefaultTrustManager.checkServerTrusted(
+                serverCertificates, "RSA");
 
-                // no errors!!!
-                return null;
-            }
+            // no errors!!!
+            return null;
         } catch (CertificateException e) {
             if (HttpLog.LOGV) {
                 HttpLog.v(
@@ -191,10 +186,8 @@ class CertificateChainValidator {
         // check if the last certificate in the chain (root) is trusted
         X509Certificate[] rootCertificateChain = { currCertificate };
         try {
-            synchronized (mDefaultTrustManager) {
-                mDefaultTrustManager.checkServerTrusted(
-                    rootCertificateChain, "RSA");
-            }
+            mDefaultTrustManager.checkServerTrusted(
+                rootCertificateChain, "RSA");
         } catch (CertificateExpiredException e) {
             String errorMessage = e.getMessage();
             if (errorMessage == null) {
diff --git a/core/java/android/net/http/HttpsConnection.java b/core/java/android/net/http/HttpsConnection.java
index fe02d3e..55b733f 100644
--- a/core/java/android/net/http/HttpsConnection.java
+++ b/core/java/android/net/http/HttpsConnection.java
@@ -17,61 +17,41 @@
 package android.net.http;
 
 import android.content.Context;
-
-import junit.framework.Assert;
-
-import java.io.IOException;
-
-import java.security.cert.X509Certificate;
-
-import java.net.Socket;
-import java.net.InetSocketAddress;
-
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLException;
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
-
+import android.util.Log;
+import org.apache.harmony.xnet.provider.jsse.FileClientSessionCache;
+import org.apache.harmony.xnet.provider.jsse.SSLClientSessionCache;
+import org.apache.harmony.xnet.provider.jsse.SSLContextImpl;
 import org.apache.http.Header;
-import org.apache.http.HttpClientConnection;
 import org.apache.http.HttpException;
 import org.apache.http.HttpHost;
-import org.apache.http.HttpRequest;
-import org.apache.http.HttpResponse;
 import org.apache.http.HttpStatus;
 import org.apache.http.ParseException;
 import org.apache.http.ProtocolVersion;
 import org.apache.http.StatusLine;
-import org.apache.http.impl.DefaultHttpClientConnection;
 import org.apache.http.message.BasicHttpRequest;
 import org.apache.http.params.BasicHttpParams;
-import org.apache.http.params.HttpParams;
 import org.apache.http.params.HttpConnectionParams;
+import org.apache.http.params.HttpParams;
 
-/**
- * Simple exception we throw if the SSL connection is closed by the user.
- * 
- * {@hide}
- */
-class SSLConnectionClosedByUserException extends SSLException {
-
-    public SSLConnectionClosedByUserException(String reason) {
-        super(reason);
-    }
-}
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+import java.io.File;
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.security.KeyManagementException;
+import java.security.cert.X509Certificate;
 
 /**
  * A Connection connecting to a secure http server or tunneling through
  * a http proxy server to a https server.
+ *
+ * @hide
  */
-class HttpsConnection extends Connection {
-
-    /**
-     * SSL context
-     */
-    private static SSLContext mSslContext = null;
+public class HttpsConnection extends Connection {
 
     /**
      * SSL socket factory
@@ -79,42 +59,59 @@ class HttpsConnection extends Connection {
     private static SSLSocketFactory mSslSocketFactory = null;
 
     static {
-        // initialize the socket factory
+        // This intiialization happens in the zygote. It triggers some
+        // lazy initialization that can will benefit later invocations of
+        // initializeEngine().
+        initializeEngine(null);
+    }
+
+    /**
+     * @hide
+     *
+     * @param sessionDir directory to cache SSL sessions
+     */
+    public static void initializeEngine(File sessionDir) {
         try {
-            mSslContext = SSLContext.getInstance("TLS");
-            if (mSslContext != null) {
-                // here, trust managers is a single trust-all manager
-                TrustManager[] trustManagers = new TrustManager[] {
-                    new X509TrustManager() {
-                        public X509Certificate[] getAcceptedIssuers() {
-                            return null;
-                        }
+            SSLClientSessionCache cache = null;
+            if (sessionDir != null) {
+                Log.d("HttpsConnection", "Caching SSL sessions in "
+                        + sessionDir + ".");
+                cache = FileClientSessionCache.usingDirectory(sessionDir);
+            }
 
-                        public void checkClientTrusted(
-                            X509Certificate[] certs, String authType) {
-                        }
+            SSLContextImpl sslContext = new SSLContextImpl();
 
-                        public void checkServerTrusted(
-                            X509Certificate[] certs, String authType) {
-                        }
+            // here, trust managers is a single trust-all manager
+            TrustManager[] trustManagers = new TrustManager[] {
+                new X509TrustManager() {
+                    public X509Certificate[] getAcceptedIssuers() {
+                        return null;
                     }
-                };
 
-                mSslContext.init(null, trustManagers, null);
-                mSslSocketFactory = mSslContext.getSocketFactory();
-            }
-        } catch (Exception t) {
-            if (HttpLog.LOGV) {
-                HttpLog.v("HttpsConnection: failed to initialize the socket factory");
+                    public void checkClientTrusted(
+                        X509Certificate[] certs, String authType) {
+                    }
+
+                    public void checkServerTrusted(
+                        X509Certificate[] certs, String authType) {
+                    }
+                }
+            };
+
+            sslContext.engineInit(null, trustManagers, null, cache, null);
+
+            synchronized (HttpsConnection.class) {
+                mSslSocketFactory = sslContext.engineGetSocketFactory();
             }
+        } catch (KeyManagementException e) {
+            throw new RuntimeException(e);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
         }
     }
 
-    /**
-     * @return The shared SSL context.
-     */
-    /*package*/ static SSLContext getContext() {
-        return mSslContext;
+    private synchronized static SSLSocketFactory getSocketFactory() {
+        return mSslSocketFactory;
     }
 
     /**
@@ -252,10 +249,8 @@ class HttpsConnection extends Connection {
 
             if (statusCode == HttpStatus.SC_OK) {
                 try {
-                    synchronized (mSslSocketFactory) {
-                        sslSock = (SSLSocket) mSslSocketFactory.createSocket(
+                    sslSock = (SSLSocket) getSocketFactory().createSocket(
                             proxySock, mHost.getHostName(), mHost.getPort(), true);
-                    }
                 } catch(IOException e) {
                     if (sslSock != null) {
                         sslSock.close();
@@ -288,14 +283,11 @@ class HttpsConnection extends Connection {
         } else {
             // if we do not have a proxy, we simply connect to the host
             try {
-                synchronized (mSslSocketFactory) {
-                    sslSock = (SSLSocket) mSslSocketFactory.createSocket();
-                    
-                    sslSock.setSoTimeout(SOCKET_TIMEOUT);
-                    sslSock.connect(new InetSocketAddress(mHost.getHostName(),
-                            mHost.getPort()));
-                    
-                }
+                sslSock = (SSLSocket) getSocketFactory().createSocket();
+
+                sslSock.setSoTimeout(SOCKET_TIMEOUT);
+                sslSock.connect(new InetSocketAddress(mHost.getHostName(),
+                        mHost.getPort()));
             } catch(IOException e) {
                 if (sslSock != null) {
                     sslSock.close();
@@ -371,6 +363,7 @@ class HttpsConnection extends Connection {
         BasicHttpParams params = new BasicHttpParams();
         params.setIntParameter(HttpConnectionParams.SOCKET_BUFFER_SIZE, 8192);
         conn.bind(sslSock, params);
+
         return conn;
     }
 
@@ -425,3 +418,15 @@ class HttpsConnection extends Connection {
         return "https";
     }
 }
+
+/**
+ * Simple exception we throw if the SSL connection is closed by the user.
+ *
+ * {@hide}
+ */
+class SSLConnectionClosedByUserException extends SSLException {
+
+    public SSLConnectionClosedByUserException(String reason) {
+        super(reason);
+    }
+}
diff --git a/core/java/com/android/internal/logging/AndroidHandler.java b/core/java/com/android/internal/logging/AndroidHandler.java
index d9fcf60..c4a1479 100644
--- a/core/java/com/android/internal/logging/AndroidHandler.java
+++ b/core/java/com/android/internal/logging/AndroidHandler.java
@@ -151,7 +151,7 @@ public class AndroidHandler extends Handler {
             Log.e("AndroidHandler", "Error logging message.", e);
         }
     }
-    
+
     /**
      * Converts a {@link java.util.logging.Logger} logging level into an Android one.
      * 
@@ -159,20 +159,16 @@ public class AndroidHandler extends Handler {
      * 
      * @return The resulting Android logging level. 
      */
-    static int getAndroidLevel(Level level)
-    {
+    static int getAndroidLevel(Level level) {
         int value = level.intValue();
-        
-        if (value >= Level.SEVERE.intValue()) {
+        if (value >= 1000) { // SEVERE
             return Log.ERROR;
-        } else if (value >= Level.WARNING.intValue()) {
+        } else if (value >= 900) { // WARNING
             return Log.WARN;
-        } else if (value >= Level.INFO.intValue()) {
+        } else if (value >= 800) { // INFO
             return Log.INFO;
-        } else if (value >= Level.CONFIG.intValue()) {
+        } else {
             return Log.DEBUG;
-        }  else {
-            return Log.VERBOSE;
         }
     }