Support ConnectionSpec on Okhttp client and support null ConnectionSpec parameters

[megla-tlanghorst]

I'm deploying a pretty customized gRPC client/server system which uses highly customized SSLSocketFactorys on both sides. Currently though it is not possible to customize the ConnectionSpec when supplying SslSocketFactoryChannelCredentials as the security parameters get frozen. This results in me having to use it like this:

val channelCreds = SslSocketFactoryChannelCredentials.create(authSslSocketFactory)
val builder =
    OkHttpChannelBuilder.forAddress(authAddress.host.toLiteral(), authAddress.port.toInt(), channelCreds)
val freezeSecurityConfigurationField =
    OkHttpChannelBuilder::class.java.getDeclaredField("freezeSecurityConfiguration")
freezeSecurityConfigurationField.isAccessible = true
freezeSecurityConfigurationField.set(builder, false)
return builder
    .tlsConnectionSpec(
        supportedProtocols.toTypedArray(),
        supportedCipers.toTypedArray(),
    )
    .build()

And on the server side I needed to rebuild my own ConnectionSpec class if I didn't want to have a really old okhttp dependency just for that class. The new overloads just take the raw parameters, like tlsConnectionSpec so you don't need to copy it from some other class.

With this PR it's now possible to do like this:

val channelCreds = SslSocketFactoryChannelCredentials.create(
    authSslSocketFactory,
    null, // <- tlsVersions
    null, // <- cipherSuiteList
    true, // <- supportsTlsExtensions
)
return OkHttpChannelBuilder.forAddress(authAddress.host.toLiteral(), authAddress.port.toInt(), channelCreds)
    .build()

Allowing the following:

• Providing ConnectionSpec parameters to the SslSocketFactoryChannelCredentials
• Allowing users to provide the parameters individually, like tlsConnectionSpec, so you don't need a dependency on okhttp (or reimplementation), just for the ConnectionSpec class
• Allowing null for tlsVersion and cipherSuiteList, so you can set them to "don't touch my socket", like it's possible in okhttp itself and already intended in some of this code

[linux-foundation-easycla]

• ❌ - login: @megla-tlanghorst / name: T. Langhorst . The commit (37cb29c, 3a79442, 5fb58fe, d2729db) is not authorized under a signed CLA. Please click here to be authorized. For further assistance with EasyCLA, please submit a support request ticket.