From 2e33f2663b19dfd28822503ed6a6bb85d5a1c464 Mon Sep 17 00:00:00 2001
From: jansupol <jan.supol@oracle.com>
Date: Fri, 28 Apr 2023 13:25:34 +0200
Subject: [PATCH] Additional logging for SNI

Signed-off-by: jansupol <jan.supol@oracle.com>
---
 .../client/innate/http/SniConfigurator.java   |  7 ++
 .../client/internal/HttpUrlConnector.java     |  8 +-
 .../jdkconnector/localization.properties      | 73 -------------------
 .../client/internal/localization.properties   |  4 +
 4 files changed, 18 insertions(+), 74 deletions(-)
 delete mode 100644 core-client/src/main/resources/org/glassfish/jersey/client/internal/jdkconnector/localization.properties

diff --git a/core-client/src/main/java/org/glassfish/jersey/client/innate/http/SniConfigurator.java b/core-client/src/main/java/org/glassfish/jersey/client/innate/http/SniConfigurator.java
index fc5d05732c..ae484ef986 100644
--- a/core-client/src/main/java/org/glassfish/jersey/client/innate/http/SniConfigurator.java
+++ b/core-client/src/main/java/org/glassfish/jersey/client/innate/http/SniConfigurator.java
@@ -16,6 +16,8 @@
 
 package org.glassfish.jersey.client.innate.http;
 
+import org.glassfish.jersey.client.internal.LocalizationMessages;
+
 import javax.net.ssl.SNIHostName;
 import javax.net.ssl.SNIServerName;
 import javax.net.ssl.SSLEngine;
@@ -27,12 +29,14 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;
+import java.util.logging.Logger;
 
 /**
  * A unified routines to set {@link SNIHostName} for the {@link javax.net.ssl.SSLContext}.
  * To be reused in connectors.
  */
 final class SniConfigurator {
+    private static final Logger LOGGER = Logger.getLogger(SniConfigurator.class.getName());
     private final String hostName;
     private SniConfigurator(String hostName) {
         this.hostName = hostName;
@@ -85,6 +89,7 @@ void setServerNames(SSLEngine sslEngine) {
         SSLParameters sslParameters = sslEngine.getSSLParameters();
         updateSSLParameters(sslParameters);
         sslEngine.setSSLParameters(sslParameters);
+        LOGGER.fine(LocalizationMessages.SNI_ON_SSLENGINE());
     }
 
     /**
@@ -95,6 +100,7 @@ void setServerNames(SSLSocket sslSocket) {
         SSLParameters sslParameters = sslSocket.getSSLParameters();
         updateSSLParameters(sslParameters);
         sslSocket.setSSLParameters(sslParameters);
+        LOGGER.fine(LocalizationMessages.SNI_ON_SSLSOCKET());
     }
 
     private SSLParameters updateSSLParameters(SSLParameters sslParameters) {
@@ -103,6 +109,7 @@ private SSLParameters updateSSLParameters(SSLParameters sslParameters) {
         serverNames.add(serverName);
 
         sslParameters.setServerNames(serverNames);
+        LOGGER.finer(LocalizationMessages.SNI_UPDATE_SSLPARAMS(hostName));
 
         return sslParameters;
     }
diff --git a/core-client/src/main/java/org/glassfish/jersey/client/internal/HttpUrlConnector.java b/core-client/src/main/java/org/glassfish/jersey/client/internal/HttpUrlConnector.java
index 212dac0f73..3e29e2be8a 100644
--- a/core-client/src/main/java/org/glassfish/jersey/client/internal/HttpUrlConnector.java
+++ b/core-client/src/main/java/org/glassfish/jersey/client/internal/HttpUrlConnector.java
@@ -345,7 +345,13 @@ private ClientResponse _apply(final ClientRequest request) throws IOException {
         final HttpURLConnection uc;
         final Optional<ClientProxy> proxy = ClientProxy.proxyFromRequest(request);
         final SSLParamConfigurator sniConfig = SSLParamConfigurator.builder().request(request).build();
-        final URI sniUri = sniConfig.isSNIRequired() ? sniConfig.toIPRequestUri() : request.getUri();
+        final URI sniUri;
+        if (sniConfig.isSNIRequired()) {
+            sniUri = sniConfig.toIPRequestUri();
+            LOGGER.fine(LocalizationMessages.SNI_URI_REPLACED(sniUri.getHost(), request.getUri().getHost()));
+        } else {
+            sniUri = request.getUri();
+        }
 
         proxy.ifPresent(clientProxy -> ClientProxy.setBasicAuthorizationHeader(request.getHeaders(), proxy.get()));
         uc = this.connectionFactory.getConnection(sniUri.toURL(), proxy.isPresent() ? proxy.get().proxy() : null);
diff --git a/core-client/src/main/resources/org/glassfish/jersey/client/internal/jdkconnector/localization.properties b/core-client/src/main/resources/org/glassfish/jersey/client/internal/jdkconnector/localization.properties
deleted file mode 100644
index e8f03425ef..0000000000
--- a/core-client/src/main/resources/org/glassfish/jersey/client/internal/jdkconnector/localization.properties
+++ /dev/null
@@ -1,73 +0,0 @@
-#
-# Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
-#
-# This program and the accompanying materials are made available under the
-# terms of the Eclipse Public License v. 2.0, which is available at
-# http://www.eclipse.org/legal/epl-2.0.
-#
-# This Source Code may also be made available under the following Secondary
-# Licenses when the conditions for such availability set forth in the
-# Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
-# version 2 with the GNU Classpath Exception, which is available at
-# https://www.gnu.org/software/classpath/license.html.
-#
-# SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-#
-
-read.listener.set.only.once="Read listener can be set only once."
-async.operation.not.supported="Operation not supported in synchronous mode."
-sync.operation.not.supported="Operation not supported in asynchronous mode."
-write.when.not.ready="Asynchronous write called when stream is in non-ready state."
-stream.closed.for.input="This stream has already been closed for input."
-write.listener.set.only.once="Write listener can be set only once."
-stream.closed="The stream has been closed."
-writing.failed="Writing data failed"
-buffer.incorrect.length="Buffer passed for encoding is neither a multiple of chunkSize nor smaller than chunkSize."
-connector.configuration="Connector configuration: {0}."
-negative.chunk.size="Configured chunk size is negative: {0}, using default value: {1}."
-timeout.receiving.response="Timeout receiving response."
-timeout.receiving.response.body="Timeout receiving response body."
-closed.while.sending.request="Connection closed by the server while sending request".
-closed.while.receiving.response="Connection closed by the server while receiving response."
-closed.while.receiving.body="Connection closed by the server while receiving response body."
-connection.closed="Connection closed by the server."
-closed.by.client.while.sending="Connection closed by the client while sending request."
-closed.by.client.while.receiving="Connection closed by the client while receiving response."
-closed.by.client.while.receiving.body="Connection closed by the client while receiving response body."
-connection.timeout="Connection timed out."
-connection.changing.state="HTTP connection {0}:{1} changing state {2} -> {3}."
-unexpected.data.in.buffer="Unexpected data remain in the buffer after the HTTP response has been parsed."
-http.initial.line.overflow="HTTP packet initial line is too large."
-http.packet.header.overflow="HTTP packet header is too large."
-http.negative.content.length="Content length cannot be less than 0."
-http.invalid.content.length="Invalid format of content length code."
-http.request.no.body="This HTTP request does not have a body."
-http.request.no.buffered.body="Buffered body is available only in buffered body mode."
-http.request.body.size.not.available="Body size is not available in chunked body mode."
-proxy.user.name.missing="User name is missing"
-proxy.password.missing="Password is missing"
-proxy.qop.no.supported="The 'qop' (quality of protection) = {0} extension requested by the server is not supported. Cannot authenticate against the server using Http Digest Authentication."
-proxy.407.twice="Received 407 for the second time."
-proxy.fail.auth.header="Creating authorization header failed."
-proxy.connect.fail="Connecting to proxy failed with status {0}."
-proxy.missing.auth.header="Proxy-Authenticate header value is missing or empty."
-proxy.unsupported.scheme="Unsupported scheme: {0}."
-redirect.no.location="Received redirect that does not contain a location or the location is empty."
-redirect.error.determining.location="Error determining redirect location."
-redirect.infinite.loop="Infinite loop in chained redirects detected."
-redirect.limit.reached="Max chained redirect limit ({0}) exceeded."
-ssl.session.closed="SSL session has been closed."
-http.body.size.overflow="Body size exceeds declared size"
-http.invalid.chunk.size.hex.value="Invalid byte representing a hex value within a chunk length encountered : {0}"
-http.unexpected.chunk.header="Unexpected HTTP chunk header."
-http.chunk.encoding.prefix.overflow="The chunked encoding length prefix is too large."
-http.trailer.header.overflow="The chunked encoding trailer header is too large."
-transport.connection.not.closed="Could not close a connection."
-transport.set.class.loader.failed="Cannot set thread context class loader."
-transport.executor.closed="Cannot set thread context class loader."
-transport.executor.queue.limit.reached="A limit of client thread pool queue has been reached."
-thread.pool.max.size.too.small="Max thread pool size cannot be smaller than 3."
-thread.pool.core.size.too.small="Core thread pool size cannot be smaller than 0."
-http.connection.establishing.illegal.state="Cannot try to establish connection if the connection is in other than CREATED state\
-  . Current state: {0}.
-http.connection.not.idle="Http request cannot be sent over a connection that is in other state than IDLE. Current state: {0}" 
diff --git a/core-client/src/main/resources/org/glassfish/jersey/client/internal/localization.properties b/core-client/src/main/resources/org/glassfish/jersey/client/internal/localization.properties
index ee80184bff..291ac98580 100644
--- a/core-client/src/main/resources/org/glassfish/jersey/client/internal/localization.properties
+++ b/core-client/src/main/resources/org/glassfish/jersey/client/internal/localization.properties
@@ -83,6 +83,10 @@ restricted.header.property.setting.false=Restricted headers are not enabled usin
 restricted.header.property.setting.true=Restricted headers are enabled using [{0}] system property(setting only takes effect on\
    connections created after the property has been set/changed).
 request.entity.already.written=The entity was already written in this request. The entity can be written (serialized into the output stream) only once per a request.
+sni.on.sslsocket=Setting SNIServerName on SSLSocket
+sni.on.sslengine=Setting SNIServerName on SSLEngine
+sni.uri.replaced=HTTP Request sent with request to IP address {0} rather than the hostname {1}.
+sni.update.sslparams=Updating SSLParameters for SNIServerName={0}.
 unexpected.error.response.processing=Unexpected error during response processing.
 use.encoding.ignored=Value {1} of {0} client property will be ignored as it is not a valid supported encoding. \
   Valid supported encodings are: {2}