public void handshake(final Connection connection, final CompletionHandler<SSLEngine> completionHandler, final Object dstAddress, final SSLEngineConfigurator sslEngineConfigurator) throws IOException { handshake(connection, completionHandler, dstAddress, sslEngineConfigurator, createContext(connection, Operation.WRITE), true); }
@Override public NextAction handleRead(FilterChainContext ctx) throws IOException { if (isSecure(ctx.getConnection())) { return super.handleRead(ctx); } return ctx.getInvokeAction(); }
private void flushOnSSLHandshakeComplete() throws IOException { final FilterChain filterChain = context.getFilterChain(); final int idx = filterChain.indexOfType(SSLFilter.class); assert (idx != -1); final SSLFilter filter = (SSLFilter) filterChain.get(idx); final Connection c = context.getConnection(); filter.addHandshakeListener(new SSLBaseFilter.HandshakeListener() { public void onStart(Connection connection) { } @Override public void onFailure(final Connection connection, final Throwable t) { connection.closeWithReason(Exceptions.makeIOException(t)); } public void onComplete(Connection connection) { if (c.equals(connection)) { filter.removeHandshakeListener(this); feederFlush(c); } } }); filter.handshake(context.getConnection(), null); }
final boolean forceBeginHandshake) throws IOException { final SSLConnectionContext sslCtx = obtainSslConnectionContext(connection); SSLEngine sslEngine = sslCtx.getSslEngine(); sslEngine = createClientSSLEngine(sslCtx, sslEngineConfigurator); notifyHandshakeStart(connection); final Buffer buffer = doHandshakeStep(sslCtx, context, null); assert (buffer == null);
@Override public NextAction handleWrite(final FilterChainContext ctx) throws IOException { final Connection connection = ctx.getConnection(); if (ctx.getMessage() instanceof FileTransfer) { throw new IllegalStateException("TLS operations not supported with SendFile messages"); } //noinspection SynchronizationOnLocalVariableOrMethodParameter synchronized (connection) { final SSLConnectionContext sslCtx = obtainSslConnectionContext(connection); final SSLEngine sslEngine = sslCtx.getSslEngine(); if (sslEngine != null && !isHandshaking(sslEngine)) { return sslCtx.isServerMode() ? super.handleWrite(ctx) : accurateWrite(ctx, true); } else { if (sslEngine == null || !handshakeContextAttr.isSet(connection)) { handshake(connection, null, null, clientSSLEngineConfigurator, ctx, false); } return accurateWrite(ctx, false); } } }
public void handshake(final Connection connection, final CompletionHandler<SSLEngine> completionHandler) throws IOException { handshake(connection, completionHandler, null, clientSSLEngineConfigurator); }
void startTLS(final SSLContext sslContext, final List<String> protocols, final List<String> cipherSuites, final CompletionHandler<SSLEngine> completionHandler) throws IOException { synchronized (stateLock) { if (isTLSEnabled()) { throw new IllegalStateException("TLS already enabled"); } final SSLEngineConfigurator sslEngineConfigurator = new SSLEngineConfigurator(sslContext, true, false, false); sslEngineConfigurator.setEnabledProtocols(protocols.isEmpty() ? null : protocols .toArray(new String[protocols.size()])); sslEngineConfigurator.setEnabledCipherSuites(cipherSuites.isEmpty() ? null : cipherSuites.toArray(new String[cipherSuites.size()])); final SSLFilter sslFilter = new SSLFilter(DUMMY_SSL_ENGINE_CONFIGURATOR, sslEngineConfigurator); installFilter(sslFilter); sslFilter.handshake(connection, completionHandler); } }
@Override public void enableTLS(final SSLContext sslContext, final String[] protocols, final String[] suites, final boolean wantClientAuth, final boolean needClientAuth) { Validator.ensureNotNull(sslContext); synchronized (this) { if (isTLSEnabled()) { throw new IllegalStateException("TLS already enabled"); } final SSLEngineConfigurator sslEngineConfigurator = new SSLEngineConfigurator(sslContext, false, false, false); sslEngineConfigurator.setEnabledCipherSuites(suites); sslEngineConfigurator.setEnabledProtocols(protocols); sslEngineConfigurator.setWantClientAuth(wantClientAuth); sslEngineConfigurator.setNeedClientAuth(needClientAuth); installFilter(new SSLFilter(sslEngineConfigurator, DUMMY_SSL_ENGINE_CONFIGURATOR)); } }
final boolean forceBeginHandshake) throws IOException { final SSLConnectionContext sslCtx = obtainSslConnectionContext(connection); SSLEngine sslEngine = sslCtx.getSslEngine(); sslEngine = createClientSSLEngine(sslCtx, sslEngineConfigurator); notifyHandshakeStart(connection); final Buffer buffer = doHandshakeStep(sslCtx, context, null); assert (buffer == null);
@Override public NextAction handleWrite(final FilterChainContext ctx) throws IOException { final Connection connection = ctx.getConnection(); if (ctx.getMessage() instanceof FileTransfer) { throw new IllegalStateException("TLS operations not supported with SendFile messages"); } //noinspection SynchronizationOnLocalVariableOrMethodParameter synchronized (connection) { final SSLConnectionContext sslCtx = obtainSslConnectionContext(connection); final SSLEngine sslEngine = sslCtx.getSslEngine(); if (sslEngine != null && !isHandshaking(sslEngine)) { return sslCtx.isServerMode() ? super.handleWrite(ctx) : accurateWrite(ctx, true); } else { if (sslEngine == null || !handshakeContextAttr.isSet(connection)) { handshake(connection, null, null, clientSSLEngineConfigurator, ctx, false); } return accurateWrite(ctx, false); } } }
public void handshake(final Connection connection, final CompletionHandler<SSLEngine> completionHandler) throws IOException { handshake(connection, completionHandler, null, clientSSLEngineConfigurator); }
private void flushOnSSLHandshakeComplete() throws IOException { final FilterChain filterChain = context.getFilterChain(); final int idx = filterChain.indexOfType(SSLFilter.class); assert (idx != -1); final SSLFilter filter = (SSLFilter) filterChain.get(idx); final Connection c = context.getConnection(); filter.addHandshakeListener(new SSLBaseFilter.HandshakeListener() { public void onStart(Connection connection) { } @Override public void onFailure(final Connection connection, final Throwable t) { connection.closeWithReason(Exceptions.makeIOException(t)); } public void onComplete(Connection connection) { if (c.equals(connection)) { filter.removeHandshakeListener(this); feederFlush(c); } } }); filter.handshake(context.getConnection(), null); }
private static Processor createFilterChain(SSLEngineConfigurator serverSSLEngineConfigurator, SSLEngineConfigurator clientSSLEngineConfigurator, boolean proxy) { FilterChainBuilder clientFilterChainBuilder = FilterChainBuilder.stateless(); clientFilterChainBuilder.add(new TransportFilter()); if (serverSSLEngineConfigurator != null || clientSSLEngineConfigurator != null) { clientFilterChainBuilder.add(new SSLFilter(serverSSLEngineConfigurator, clientSSLEngineConfigurator)); } clientFilterChainBuilder.add(new HttpClientFilter()); clientFilterChainBuilder.add(new WebSocketFilter(WebSocketFilter.DEFAULT_WS_IDLE_TIMEOUT_IN_SECONDS, proxy)); return clientFilterChainBuilder.build(); }
final boolean forceBeginHandshake) throws IOException { final SSLConnectionContext sslCtx = obtainSslConnectionContext(connection); SSLEngine sslEngine = sslCtx.getSslEngine(); sslEngine = createClientSSLEngine(sslCtx, sslEngineConfigurator); notifyHandshakeStart(connection); final Buffer buffer = doHandshakeStep(sslCtx, context, null); assert (buffer == null);
@Override public NextAction handleWrite(final FilterChainContext ctx) throws IOException { final Connection connection = ctx.getConnection(); if (ctx.getMessage() instanceof FileTransfer) { throw new IllegalStateException("TLS operations not supported with SendFile messages"); } //noinspection SynchronizationOnLocalVariableOrMethodParameter synchronized (connection) { final SSLConnectionContext sslCtx = obtainSslConnectionContext(connection); final SSLEngine sslEngine = sslCtx.getSslEngine(); if (sslEngine != null && !isHandshaking(sslEngine)) { return sslCtx.isServerMode() ? super.handleWrite(ctx) : accurateWrite(ctx, true); } else { if (sslEngine == null || !handshakeContextAttr.isSet(connection)) { handshake(connection, null, null, clientSSLEngineConfigurator, ctx, false); } return accurateWrite(ctx, false); } } }
public void handshake(final Connection connection, final CompletionHandler<SSLEngine> completionHandler, final Object dstAddress, final SSLEngineConfigurator sslEngineConfigurator) throws IOException { handshake(connection, completionHandler, dstAddress, sslEngineConfigurator, createContext(connection, Operation.WRITE), true); }
public void handshake(final Connection connection, final CompletionHandler<SSLEngine> completionHandler) throws IOException { handshake(connection, completionHandler, null, clientSSLEngineConfigurator); }
private void flushOnSSLHandshakeComplete() throws IOException { final FilterChain filterChain = context.getFilterChain(); final int idx = filterChain.indexOfType(SSLFilter.class); assert (idx != -1); final SSLFilter filter = (SSLFilter) filterChain.get(idx); final Connection c = context.getConnection(); filter.addHandshakeListener(new SSLBaseFilter.HandshakeListener() { public void onStart(Connection connection) { } @Override public void onFailure(final Connection connection, final Throwable t) { connection.closeWithReason(Exceptions.makeIOException(t)); } public void onComplete(Connection connection) { if (c.equals(connection)) { filter.removeHandshakeListener(this); feederFlush(c); } } }); filter.handshake(context.getConnection(), null); }
@Override public NextAction handleRead(FilterChainContext ctx) throws IOException { if (isSecure(ctx.getConnection())) { return super.handleRead(ctx); } return ctx.getInvokeAction(); }
final SSLEngineConfigurator clientConfig = serverConfig.copy().setClientMode(true); filterChainBuilder.add(new SSLFilter(serverConfig, clientConfig));