/** * Creates a builder instance. * * @param sslSettings existing SslSettings to default the builder settings on. * @return a builder * @since 3.7 */ public static Builder builder(final SslSettings sslSettings) { return builder().applySettings(sslSettings); }
@Override public void initChannel(final SocketChannel ch) { if (sslSettings.isEnabled()) { SSLEngine engine = getSslContext().createSSLEngine(address.getHost(), address.getPort()); engine.setUseClientMode(true); SSLParameters sslParameters = engine.getSSLParameters(); enableSni(address.getHost(), sslParameters); if (!sslSettings.isInvalidHostNameAllowed()) { enableHostNameVerification(sslParameters); } engine.setSSLParameters(sslParameters); ch.pipeline().addFirst("ssl", new SslHandler(engine, false)); } int readTimeout = settings.getReadTimeout(MILLISECONDS); if (readTimeout > 0) { ch.pipeline().addLast(READ_HANDLER_NAME, new ReadTimeoutHandler(readTimeout)); } ch.pipeline().addLast(new InboundBufferHandler()); } });
/** * Create a new SSLSettings from the settings in this builder. * * @return a new SSL settings * @throws com.mongodb.MongoInternalException if enabled is true, invalidHostNameAllowed is false, and the {@code "java.version"} * system property starts with 1.6 */ public SslSettings build() { return new SslSettings(this); } }
/** * Create a new factory. * * @param settings the socket settings * @param sslSettings the SSL settings * @param group the {@code AsynchronousChannelGroup} to use or null for the default group * * @since 3.6 */ public AsynchronousSocketChannelStreamFactory(final SocketSettings settings, final SslSettings sslSettings, final AsynchronousChannelGroup group) { if (sslSettings.isEnabled()) { throw new UnsupportedOperationException("No SSL support in java.nio.channels.AsynchronousSocketChannel. For SSL support use " + "com.mongodb.connection.netty.NettyStreamFactoryFactory"); } this.settings = notNull("settings", settings); this.group = group; }
private SSLContext getSslContext() { try { return (sslSettings.getContext() == null) ? SSLContext.getDefault() : sslSettings.getContext(); } catch (NoSuchAlgorithmException e) { throw new MongoClientException("Unable to create default SSLContext", e); } }
@Override public void run() { try { if (!socketChannel.finishConnect()) { throw new MongoSocketOpenException("Failed to finish connect", getServerAddress()); } SSLEngine sslEngine = getSslContext().createSSLEngine(getServerAddress().getHost(), getServerAddress().getPort()); sslEngine.setUseClientMode(true); SSLParameters sslParameters = sslEngine.getSSLParameters(); enableSni(getServerAddress().getHost(), sslParameters); if (!sslSettings.isInvalidHostNameAllowed()) { enableHostNameVerification(sslParameters); } sslEngine.setSSLParameters(sslParameters); BufferAllocator bufferAllocator = new BufferProviderAllocator(); TlsChannel tlsChannel = ClientTlsChannel.newBuilder(socketChannel, sslEngine) .withEncryptedBufferAllocator(bufferAllocator) .withPlainBufferAllocator(bufferAllocator) .build(); // build asynchronous channel, based in the TLS channel and associated with the global group. setChannel(new AsynchronousTlsChannel(group, tlsChannel, socketChannel)); handler.completed(null); } catch (IOException e) { handler.failed(new MongoSocketOpenException("Exception opening socket", getServerAddress(), e)); } catch (Throwable t) { handler.failed(t); } } });
/** * <p>The socket factory for creating sockets to the mongo server.</p> * * <p>Default is SocketFactory.getDefault()</p> * * @return the socket factory * @deprecated Prefer {@link #isSslEnabled()} and {@link #getSslContext()} */ @Deprecated public SocketFactory getSocketFactory() { if (socketFactory != null) { return socketFactory; } else if (getSslSettings().isEnabled()) { return sslContext == null ? DEFAULT_SSL_SOCKET_FACTORY : sslContext.getSocketFactory(); } else { return DEFAULT_SOCKET_FACTORY; } }
private SSLContext getSslContext() { try { return (sslSettings.getContext() == null) ? SSLContext.getDefault() : sslSettings.getContext(); } catch (NoSuchAlgorithmException e) { throw new MongoClientException("Unable to create default SSLContext", e); } } }
@Override public void run() { try { if (!socketChannel.finishConnect()) { throw new MongoSocketOpenException("Failed to finish connect", getServerAddress()); } SSLEngine sslEngine = getSslContext().createSSLEngine(getServerAddress().getHost(), getServerAddress().getPort()); sslEngine.setUseClientMode(true); SSLParameters sslParameters = sslEngine.getSSLParameters(); enableSni(getServerAddress().getHost(), sslParameters); if (!sslSettings.isInvalidHostNameAllowed()) { enableHostNameVerification(sslParameters); } sslEngine.setSSLParameters(sslParameters); BufferAllocator bufferAllocator = new BufferProviderAllocator(); TlsChannel tlsChannel = ClientTlsChannel.newBuilder(socketChannel, sslEngine) .withEncryptedBufferAllocator(bufferAllocator) .withPlainBufferAllocator(bufferAllocator) .build(); // build asynchronous channel, based in the TLS channel and associated with the global group. setChannel(new AsynchronousTlsChannel(group, tlsChannel, socketChannel)); handler.completed(null); } catch (IOException e) { handler.failed(new MongoSocketOpenException("Exception opening socket", getServerAddress(), e)); } catch (Throwable t) { handler.failed(t); } } });
static SslSettings ssl(final ConnectionString cstr, final Config conf) { SslSettings.Builder ssl = SslSettings.builder().applyConnectionString(cstr); withConf("ssl", conf, c -> { withBool("enabled", c, ssl::enabled); withBool("invalidHostNameAllowed", c, ssl::invalidHostNameAllowed); }); return ssl.build(); }
@SuppressWarnings("deprecation") static void initialize(final Socket socket, final InetSocketAddress inetSocketAddress, final SocketSettings settings, final SslSettings sslSettings) throws IOException { socket.setTcpNoDelay(true); socket.setSoTimeout(settings.getReadTimeout(MILLISECONDS)); socket.setKeepAlive(settings.isKeepAlive()); if (settings.getReceiveBufferSize() > 0) { socket.setReceiveBufferSize(settings.getReceiveBufferSize()); } if (settings.getSendBufferSize() > 0) { socket.setSendBufferSize(settings.getSendBufferSize()); } if (sslSettings.isEnabled() || socket instanceof SSLSocket) { if (!(socket instanceof SSLSocket)) { throw new MongoInternalException("SSL is enabled but the socket is not an instance of javax.net.ssl.SSLSocket"); } SSLSocket sslSocket = (SSLSocket) socket; SSLParameters sslParameters = sslSocket.getSSLParameters(); if (sslParameters == null) { sslParameters = new SSLParameters(); } enableSni(inetSocketAddress.getHostName(), sslParameters); if (!sslSettings.isInvalidHostNameAllowed()) { enableHostNameVerification(sslParameters); } sslSocket.setSSLParameters(sslParameters); } socket.connect(inetSocketAddress, settings.getConnectTimeout(MILLISECONDS)); }
@Override public Stream create(final ServerAddress serverAddress) { Stream stream; if (serverAddress instanceof UnixServerAddress) { if (sslSettings.isEnabled()) { throw new MongoClientException("Socket based connections do not support ssl"); } stream = new UnixSocketChannelStream((UnixServerAddress) serverAddress, settings, sslSettings, bufferProvider); } else { if (socketFactory != null) { stream = new SocketStream(serverAddress, settings, sslSettings, socketFactory, bufferProvider); } else if (sslSettings.isEnabled()) { stream = new SocketStream(serverAddress, settings, sslSettings, getSslContext().getSocketFactory(), bufferProvider); } else { stream = new SocketChannelStream(serverAddress, settings, sslSettings, bufferProvider); } } return stream; }
private SSLContext getSslContext() { try { return (sslSettings.getContext() == null) ? SSLContext.getDefault() : sslSettings.getContext(); } catch (NoSuchAlgorithmException e) { throw new MongoClientException("Unable to create default SSLContext", e); } }
/** * Create a new SSLSettings from the settings in this builder. * * @return a new SSL settings * @throws com.mongodb.MongoInternalException if enabled is true, invalidHostNameAllowed is false, and the {@code "java.version"} * system property starts with 1.6 */ public SslSettings build() { return new SslSettings(this); } }
sslSettings = SslSettings.builder() .enabled(sslEnabled) .invalidHostNameAllowed(sslInvalidHostNameAllowed)
@Override public void initChannel(final SocketChannel ch) { if (sslSettings.isEnabled()) { SSLEngine engine = getSslContext().createSSLEngine(address.getHost(), address.getPort()); engine.setUseClientMode(true); SSLParameters sslParameters = engine.getSSLParameters(); enableSni(address.getHost(), sslParameters); if (!sslSettings.isInvalidHostNameAllowed()) { enableHostNameVerification(sslParameters); } engine.setSSLParameters(sslParameters); ch.pipeline().addFirst("ssl", new SslHandler(engine, false)); } int readTimeout = settings.getReadTimeout(MILLISECONDS); if (readTimeout > 0) { ch.pipeline().addLast(READ_HANDLER_NAME, new ReadTimeoutHandler(readTimeout)); } ch.pipeline().addLast(new InboundBufferHandler()); } });
/** * <p>The socket factory for creating sockets to the mongo server.</p> * * <p>Default is SocketFactory.getDefault()</p> * * @return the socket factory * @deprecated Prefer {@link #isSslEnabled()} and {@link #getSslContext()} */ @Deprecated public SocketFactory getSocketFactory() { if (socketFactory != null) { return socketFactory; } else if (getSslSettings().isEnabled()) { return sslContext == null ? DEFAULT_SSL_SOCKET_FACTORY : sslContext.getSocketFactory(); } else { return DEFAULT_SOCKET_FACTORY; } }
private SSLContext getSslContext() { try { return (sslSettings.getContext() == null) ? SSLContext.getDefault() : sslSettings.getContext(); } catch (NoSuchAlgorithmException e) { throw new MongoClientException("Unable to create default SSLContext", e); } } }
/** * Creates a builder instance. * * @param sslSettings existing SslSettings to default the builder settings on. * @return a builder * @since 3.7 */ public static Builder builder(final SslSettings sslSettings) { return builder().applySettings(sslSettings); }
@SuppressWarnings("deprecation") static void initialize(final Socket socket, final InetSocketAddress inetSocketAddress, final SocketSettings settings, final SslSettings sslSettings) throws IOException { socket.setTcpNoDelay(true); socket.setSoTimeout(settings.getReadTimeout(MILLISECONDS)); socket.setKeepAlive(settings.isKeepAlive()); if (settings.getReceiveBufferSize() > 0) { socket.setReceiveBufferSize(settings.getReceiveBufferSize()); } if (settings.getSendBufferSize() > 0) { socket.setSendBufferSize(settings.getSendBufferSize()); } if (sslSettings.isEnabled() || socket instanceof SSLSocket) { if (!(socket instanceof SSLSocket)) { throw new MongoInternalException("SSL is enabled but the socket is not an instance of javax.net.ssl.SSLSocket"); } SSLSocket sslSocket = (SSLSocket) socket; SSLParameters sslParameters = sslSocket.getSSLParameters(); if (sslParameters == null) { sslParameters = new SSLParameters(); } enableSni(inetSocketAddress.getHostName(), sslParameters); if (!sslSettings.isInvalidHostNameAllowed()) { enableHostNameVerification(sslParameters); } sslSocket.setSSLParameters(sslParameters); } socket.connect(inetSocketAddress, settings.getConnectTimeout(MILLISECONDS)); }