SSLConnectionHolder(TLSCertificates tlsCerificates) { this.isTLS = tlsCerificates != null; if (tlsCerificates != null) { this.engineFactory = new SSLEngineFactory(tlsCerificates); } else { this.engineFactory = null; } }
public void initTLSService() { //ensure that we have a trust manager in place BEFORE we start accepting connections getService(); }
public ClientConnection newClientConnection(ClientCoordinator ccm, int port, int sessionId, long connectionId, int requestPipeIdx, int responsePipeIdx, int hostId, long timeoutNS, int structureId) throws IOException { SSLEngine engine = ccm.isTLS ? ccm.engineFactory.createSSLEngine(ClientCoordinator.registeredDomain(hostId), port) :null; return new ClientConnection(engine, hostId, port, sessionId, requestPipeIdx, responsePipeIdx, connectionId, timeoutNS, structureId); } }
private static void statusClosed(SSLConnectionHolder ccm, Pipe<NetPayloadSchema> source, ByteBuffer rolling, ByteBuffer[] workspace, Pipe<NetPayloadSchema> handshakePipe, boolean isServer, BaseConnection cc, long arrivalTime) { //logger.trace("closed status detected"); try { cc.getEngine().closeOutbound(); handShakeUnWrapIfNeeded(ccm.engineFactory.maxEncryptedContentLength(), source, rolling, workspace, handshakePipe, isServer, arrivalTime, cc); cc.getSocketChannel().close(); } catch (IOException e) { cc.isValid = false; logger.warn("Error closing connection ",e); } //clear the rolling for the next user/call since this one is closed ((Buffer)rolling).clear(); cc.close(); }
engineFactory.initTLSService();
ccm.engineFactory.createSSLEngine(ClientCoordinator.registeredDomain(hostId), port) :null;
HandShakeUnwrapState unwrapResult = handShakeUnWrapIfNeeded(ccm.engineFactory.maxEncryptedContentLength(), source, rolling, workspace, handshakePipe, isServer, arrivalTime=Pipe.peekLong(source, 3), cc); shutdownUnwrapper(source, target, rolling, isServer, ccm.engineFactory.maxEncryptedContentLength(), System.currentTimeMillis(), cc); return -1; } else if (msgIdx == NetPayloadSchema.MSG_DISCONNECT_203) { gatherPipeDataForUnwrap(ccm.engineFactory.maxEncryptedContentLength(), rolling, cc, writeHolderUnWrap, isServer, source); result = unwrapRollingNominal(rolling, ccm.engineFactory.maxEncryptedContentLength(), writeHolderUnWrap, result, cc); //remaining data is ready for append status = null==result?null:result.getStatus(); } catch (SSLException sslex) {
coordinator.engineFactory.initTLSService();
int maxEncryptedContentLength() { return getService().maxEncryptedContentLength(); }
sslEngine = coordinator.engineFactory.createSSLEngine();//// not needed for server? host, port); sslEngine.setUseClientMode(false); //here just to be complete and clear
public SSLEngine createSSLEngine(String host, int port) { return getService().createSSLEngineClient(host, port); }
SSLEngine createSSLEngine() { return getService().createSSLEngineServer(); }