Skip to content

Commit

Permalink
Sys prop configuration to leverage SSL heap buffer pooling
Browse files Browse the repository at this point in the history
  • Loading branch information
@franz1981
franz1981 committed Dec 18, 2024
1 parent 7984bf3 commit 49ee0bc
Showing 1 changed file with 19 additions and 0 deletions.
19 changes: 19 additions & 0 deletions ...p/runtime/src/main/java/io/quarkus/vertx/http/runtime/options/HttpServerOptionsUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,12 +39,15 @@
import io.vertx.core.http.HttpVersion;
import io.vertx.core.net.JdkSSLEngineOptions;
import io.vertx.core.net.KeyCertOptions;
import io.vertx.core.net.TCPSSLOptions;
import io.vertx.core.net.TrafficShapingOptions;
import io.vertx.core.net.TrustOptions;

@SuppressWarnings("OptionalIsPresent")
public class HttpServerOptionsUtils {

private static final boolean JDK_SSL_BUFFER_POOLING = Boolean.getBoolean("quarkus.http.server.ssl.jdk.bufferPooling");

/**
* When the http port is set to 0, replace it by this value to let Vert.x choose a random port
*/
Expand Down Expand Up @@ -172,6 +175,7 @@ private static void applySslConfigToHttpServerOptions(ServerSslConfig httpConfig
serverOptions.setEnabledSecureTransportProtocols(sslConfig.protocols);
serverOptions.setSsl(true);
serverOptions.setSni(sslConfig.sni);
setJdkHeapBufferPooling(serverOptions);
}

/**
Expand Down Expand Up @@ -214,6 +218,7 @@ public static HttpServerOptions createSslOptionsForManagementInterface(Managemen

public static void applyTlsConfigurationToHttpServerOptions(TlsConfiguration bucket, HttpServerOptions serverOptions) {
serverOptions.setSsl(true);
setJdkHeapBufferPooling(serverOptions);

KeyCertOptions keyStoreOptions = bucket.getKeyStoreOptions();
TrustOptions trustStoreOptions = bucket.getTrustStoreOptions();
Expand All @@ -240,6 +245,20 @@ public static void applyTlsConfigurationToHttpServerOptions(TlsConfiguration buc
serverOptions.setEnabledSecureTransportProtocols(other.getEnabledSecureTransportProtocols());
}

private static void setJdkHeapBufferPooling(TCPSSLOptions tcpSslOptions) {
if (!JDK_SSL_BUFFER_POOLING) {
return;
}
var engineOption = tcpSslOptions.getSslEngineOptions();
if (engineOption == null) {
var jdkEngineOptions = new JdkSSLEngineOptions();
jdkEngineOptions.setPooledHeapBuffers(true);
tcpSslOptions.setSslEngineOptions(jdkEngineOptions);
} else if (engineOption instanceof JdkSSLEngineOptions jdkEngineOptions) {
jdkEngineOptions.setPooledHeapBuffers(true);
}
}

public static Optional<String> getCredential(Optional<String> password, Map<String, String> credentials,
Optional<String> passwordKey) {
if (password.isPresent()) {
Expand Down

0 comments on commit 49ee0bc

Please sign in to comment.