private void unwrap(NextFilter nextFilter) throws SSLException { // Prepare the net data for reading. if (inNetBuffer != null) { inNetBuffer.flip(); } if (inNetBuffer == null || !inNetBuffer.hasRemaining()) { return; } SSLEngineResult res = unwrap0(); // prepare to be written again if (inNetBuffer.hasRemaining()) { inNetBuffer.compact(); } else { inNetBuffer = null; } checkStatus(res); renegotiateIfNeeded(nextFilter, res); }
if (!sslHandler.closeOutbound()) { return DefaultWriteFuture.newNotWrittenFuture(session, new IllegalStateException( "SSL session is shut down already.")); future = sslHandler.writeNetBuffer(nextFilter); if (sslHandler.isInboundDone()) { sslHandler.destroy(); sslHandler.scheduleMessageReceived(nextFilter, SESSION_UNSECURED); sslHandler.release(); throw se;
synchronized (sslHandler) { if (!isSslStarted(session)) { sslHandler.scheduleFilterWrite(nextFilter, writeRequest); sslHandler.scheduleFilterWrite(nextFilter, writeRequest); } else { if (sslHandler.isWritingEncryptedData()) { sslHandler.scheduleFilterWrite(nextFilter, writeRequest); } else if (sslHandler.isHandshakeComplete()) { sslHandler.encrypt(buf.buf()); IoBuffer encryptedBuffer = sslHandler.fetchOutNetBuffer(); sslHandler.scheduleFilterWrite(nextFilter, new EncryptedWriteRequest(writeRequest, encryptedBuffer)); } else { if (session.isConnected()) { sslHandler.schedulePreHandshakeWriteRequest(nextFilter, writeRequest); sslHandler.flushScheduledEvents(); sslHandler.release(); throw se;
private void handleSslData(NextFilter nextFilter, SslHandler handler) throws SSLException { // Flush any buffered write requests occurred before handshaking. if (handler.isHandshakeComplete()) { handler.flushPreHandshakeEvents(); } // Write encrypted data to be written (if any) handler.writeNetBuffer(nextFilter); // handle app. data read (if any) handleAppDataRead(nextFilter, handler); }
private void handleAppDataRead(NextFilter nextFilter, SslHandler sslHandler) { // forward read app data IoBuffer readBuffer = sslHandler.fetchAppBuffer(); if (readBuffer.hasRemaining()) { sslHandler.scheduleMessageReceived(nextFilter, readBuffer); } }
private void handleSslData(NextFilter nextFilter, SslHandler sslHandler) throws SSLException { if (LOGGER.isDebugEnabled()) { LOGGER.debug("{}: Processing the SSL Data ", getSessionInfo(sslHandler.getSession())); } // Flush any buffered write requests occurred before handshaking. if (sslHandler.isHandshakeComplete()) { sslHandler.flushPreHandshakeEvents(); } // Write encrypted data to be written (if any) sslHandler.writeNetBuffer(nextFilter); // handle app. data read (if any) handleAppDataRead(nextFilter, sslHandler); }
SslHandler handler = getSslSessionHandler(session); synchronized (handler) { if (!isSslStarted(session) && handler.isInboundDone()) { handler.scheduleMessageReceived(nextFilter, message); } else { IoBuffer buf = (IoBuffer) message; try { handler.messageReceived(nextFilter, buf.buf()); if (handler.isInboundDone()) { if (handler.isOutboundDone()) { handler.destroy(); } else { initiateClosure(nextFilter, session); handler.scheduleMessageReceived(nextFilter, buf); if (!handler.isHandshakeComplete()) { SSLException newSsle = new SSLHandshakeException( "SSL handshake failed."); handler.flushScheduledEvents();
scheduleMessageReceived(nextFilter, SslFilter.SESSION_SECURED); handshakeStatus = doTasks(); break; SSLEngineResult.Status status = unwrapHandshake(nextFilter); isInboundDone()) { createOutNetBuffer(0); writeNetBuffer(nextFilter); break;
if (sslHandler.isOutboundDone()) { NextFilter nextFilter = (NextFilter) session.getAttribute(NEXT_FILTER); sslHandler.destroy(); sslHandler.init(); sslHandler.handshake(nextFilter); started = true; } else { sslHandler.flushScheduledEvents(); } catch (SSLException se) { sslHandler.release(); throw se;
handshake(nextFilter); } else { SSLEngineResult res = unwrap(); checkStatus(res); renegotiateIfNeeded(nextFilter, res); if (isInboundDone()) {
IoBuffer writeBuffer = fetchOutNetBuffer(); writeFuture = new DefaultWriteFuture(session); sslFilter.filterWrite(nextFilter, session, new DefaultWriteRequest(writeBuffer, writeFuture)); while (needToCompleteHandshake()) { try { handshake(nextFilter); } catch (SSLException ssle) { SSLException newSsle = new SSLHandshakeException("SSL handshake failed."); IoBuffer currentOutNetBuffer = fetchOutNetBuffer();
SSLEngineResult res = unwrap(); handshakeStatus = res.getHandshakeStatus(); checkStatus(res); && (res.getStatus() == SSLEngineResult.Status.OK) && inNetBuffer.hasRemaining()) { res = unwrap(); renegotiateIfNeeded(nextFilter, res); } else {
createOutNetBuffer(src.remaining()); doTasks();
/** * Executed just before the filter is added into the chain, we do : * <ul> * <li>check that we don't have a SSL filter already present * <li>we update the next filter * <li>we create the SSL handler helper class * <li>and we store it into the session's Attributes * </ul> */ @Override public void onPreAdd(IoFilterChain parent, String name, NextFilter nextFilter) throws SSLException { // Check that we don't have a SSL filter already present in the chain if (parent.contains(SslFilter.class)) { String msg = "Only one SSL filter is permitted in a chain."; LOGGER.error(msg); throw new IllegalStateException(msg); } LOGGER.debug("Adding the SSL Filter {} to the chain", name); IoSession session = parent.getSession(); session.setAttribute(NEXT_FILTER, nextFilter); // Create a SSL handler and start handshake. SslHandler sslHandler = new SslHandler(this, session); // Adding the supported ciphers in the SSLHandler if ((enabledCipherSuites == null) || (enabledCipherSuites.length == 0)) { enabledCipherSuites = sslContext.getServerSocketFactory().getSupportedCipherSuites(); } sslHandler.init(); session.setAttribute(SSL_HANDLER, sslHandler); }
@Override public void sessionClosed(NextFilter nextFilter, IoSession session) throws SSLException { SslHandler handler = getSslSessionHandler(session); try { synchronized (handler) { // release resources handler.destroy(); } handler.flushScheduledEvents(); } finally { // notify closed session nextFilter.sessionClosed(session); } }
outNetBuffer.capacity(sslEngine.getSession().getPacketBufferSize()); } else { createOutNetBuffer(0);
outNetBuffer.capacity(sslEngine.getSession().getPacketBufferSize()); } else { createOutNetBuffer(0); destroyOutNetBuffer();
@Override public void sessionClosed(NextFilter nextFilter, IoSession session) throws SSLException { SslHandler sslHandler = getSslSessionHandler(session); try { synchronized (sslHandler) { // release resources sslHandler.destroy(); } } finally { // notify closed session nextFilter.sessionClosed(session); } }
@Override public void onPreAdd(IoFilterChain parent, String name, NextFilter nextFilter) throws SSLException { if (parent.contains(SslFilter.class)) { throw new IllegalStateException( "Only one " + SslFilter.class.getName() + " is permitted."); } IoSession session = parent.getSession(); session.setAttribute(NEXT_FILTER, nextFilter); // Create an SSL handler and start handshake. SslHandler handler = new SslHandler(this, sslContext, session); session.setAttribute(SSL_HANDLER, handler); }
if (!isSslStarted(session) && sslHandler.isInboundDone()) { sslHandler.scheduleMessageReceived(nextFilter, message); } else { IoBuffer buf = (IoBuffer) message; if (sslHandler.isOutboundDone()) { sslHandler.destroy(); throw new SSLException("Outbound done"); sslHandler.messageReceived(nextFilter, buf.buf()); if (sslHandler.isInboundDone()) { if (sslHandler.isOutboundDone()) { sslHandler.destroy(); } else { initiateClosure(nextFilter, session); sslHandler.scheduleMessageReceived(nextFilter, buf); if (!sslHandler.isHandshakeComplete()) { SSLException newSsle = new SSLHandshakeException("SSL handshake failed."); newSsle.initCause(ssle); sslHandler.release(); sslHandler.flushScheduledEvents();