@Override @Nullable protected SslInfo initSslInfo() { SslHandler sslHandler = ((Connection) this.request).channel().pipeline().get(SslHandler.class); if (sslHandler != null) { SSLSession session = sslHandler.engine().getSession(); return new DefaultSslInfo(session); } return null; }
/** * Returns the name of the current application-level protocol. * * @return the protocol name or {@code null} if application-level protocol has not been negotiated */ public String applicationProtocol() { SSLEngine engine = engine(); if (!(engine instanceof ApplicationProtocolAccessor)) { return null; } return ((ApplicationProtocolAccessor) engine).getNegotiatedApplicationProtocol(); }
/** * Init the {@link SslHandler}. This will by default call {@link #initEngine(SSLEngine)}, sub-classes may override * this. */ protected void initHandler(SslHandler handler) { initEngine(handler.engine()); } }
private ClientAuth whichClientAuthEnum(SslHandler sslhandler) { ClientAuth clientAuth; if (sslhandler.engine().getNeedClientAuth()) { clientAuth = ClientAuth.REQUIRE; } else if (sslhandler.engine().getWantClientAuth()) { clientAuth = ClientAuth.OPTIONAL; } else { clientAuth = ClientAuth.NONE; } return clientAuth; }
@Nullable private static SSLSession getSSLSession(Channel channel) { final SslHandler sslHandler = channel.pipeline().get(SslHandler.class); return sslHandler != null ? sslHandler.engine().getSession() : null; }
/** * Finds the {@link SSLSession} of the current TLS connection. * * @return the {@link SSLSession} if found, or {@code null} if not found or {@link Channel} is {@code null}. */ @Nullable public static SSLSession findSslSession(@Nullable Channel channel) { if (channel == null) { return null; } final SslHandler sslHandler = channel.pipeline().get(SslHandler.class); return sslHandler != null ? sslHandler.engine().getSession() : null; }
/** * Init the {@link SslHandler}. This will by default call {@link #initEngine(SSLEngine)}, sub-classes may override * this. */ protected void initHandler(SslHandler handler) { initEngine(handler.engine()); } }
/** * Returns the name of the current application-level protocol. * * @return the protocol name or {@code null} if application-level protocol has not been negotiated */ public String applicationProtocol() { SSLEngine engine = engine(); if (!(engine instanceof ApplicationProtocolAccessor)) { return null; } return ((ApplicationProtocolAccessor) engine).getNegotiatedApplicationProtocol(); }
@Override @Nullable protected SslInfo initSslInfo() { SslHandler sslHandler = ((Connection) this.request).channel().pipeline().get(SslHandler.class); if (sslHandler != null) { SSLSession session = sslHandler.engine().getSession(); return new DefaultSslInfo(session); } return null; }
public static X509Certificate[] getCertsFromChannel(Channel channel) { X509Certificate[] certificates = null; ChannelHandler channelHandler = channel.pipeline().get("ssl"); if (channelHandler != null && channelHandler instanceof SslHandler) { SslHandler sslHandler = (SslHandler) channelHandler; try { certificates = sslHandler.engine().getSession().getPeerCertificateChain(); } catch (SSLPeerUnverifiedException e) { // ignore } } return certificates; } }
@Override protected void onSuccess(Channel value) { try { asyncHandler.onTlsHandshakeSuccess(sslHandler.engine().getSession()); } catch (Exception e) { LOGGER.error("onTlsHandshakeSuccess crashed", e); NettyConnectListener.this.onFailure(channel, e); return; } writeRequest(channel); }
public SSLSession sslSession() { if (isSSL()) { ChannelHandlerContext sslHandlerContext = chctx.pipeline().context("ssl"); assert sslHandlerContext != null; SslHandler sslHandler = (SslHandler) sslHandlerContext.handler(); return sslHandler.engine().getSession(); } else { return null; } }
/** * The default implementation of this method will simply replace {@code this} {@link SniHandler} * instance with a {@link SslHandler}. Users may override this method to implement custom behavior. * * Please be aware that this method may get called after a client has already disconnected and * custom implementations must take it into consideration when overriding this method. * * It's also possible for the hostname argument to be {@code null}. */ protected void replaceHandler(ChannelHandlerContext ctx, String hostname, SslContext sslContext) throws Exception { SslHandler sslHandler = null; try { sslHandler = sslContext.newHandler(ctx.alloc()); ctx.pipeline().replace(this, SslHandler.class.getName(), sslHandler); sslHandler = null; } finally { // Since the SslHandler was not inserted into the pipeline the ownership of the SSLEngine was not // transferred to the SslHandler. // See https://github.com/netty/netty/issues/5678 if (sslHandler != null) { ReferenceCountUtil.safeRelease(sslHandler.engine()); } } }
@Override public void userEventTriggered( ChannelHandlerContext ctx, Object evt ) throws Exception { if ( evt instanceof SslHandshakeCompletionEvent ) { SslHandshakeCompletionEvent sslHandshakeEvent = (SslHandshakeCompletionEvent) evt; if ( sslHandshakeEvent.cause() == null ) { SslHandler sslHandler = ctx.pipeline().get( SslHandler.class ); String ciphers = sslHandler.engine().getSession().getCipherSuite(); String protocols = sslHandler.engine().getSession().getProtocol(); ctx.fireUserEventTriggered( new SslHandlerDetailsRegisteredEvent( ciphers, protocols ) ); } } ctx.fireUserEventTriggered( evt ); } }
public X509Certificate[] peerCertificateChain() throws SSLPeerUnverifiedException { if (isSSL()) { ChannelHandlerContext sslHandlerContext = chctx.pipeline().context(SslHandler.class); assert sslHandlerContext != null; SslHandler sslHandler = (SslHandler) sslHandlerContext.handler(); return sslHandler.engine().getSession().getPeerCertificateChain(); } else { return null; } }
private void handleSsl(ChannelHandlerContext context) { SslHandler sslHandler = null; try { sslHandler = newSslHandler(context, sslContext); context.pipeline().replace(this, newSslHandlerName(), sslHandler); sslHandler = null; } finally { // Since the SslHandler was not inserted into the pipeline the ownership of the SSLEngine was not // transferred to the SslHandler. if (sslHandler != null) { ReferenceCountUtil.safeRelease(sslHandler.engine()); } } }
private ClientAuth whichClientAuthEnum(SslHandler sslhandler) { ClientAuth clientAuth; if (sslhandler.engine().getNeedClientAuth()) { clientAuth = ClientAuth.REQUIRE; } else if (sslhandler.engine().getWantClientAuth()) { clientAuth = ClientAuth.OPTIONAL; } else { clientAuth = ClientAuth.NONE; } return clientAuth; }
private void handleSsl(ChannelHandlerContext context) { SslHandler sslHandler = null; try { sslHandler = newSslHandler(context, sslContext); context.pipeline().replace(this, newSslHandlerName(), sslHandler); sslHandler = null; } finally { // Since the SslHandler was not inserted into the pipeline the ownership of the SSLEngine was not // transferred to the SslHandler. if (sslHandler != null) { ReferenceCountUtil.safeRelease(sslHandler.engine()); } } }
@Override protected void initChannel(Channel ch) throws Exception { SslHandler sslHandler = sslContext.newHandler(ch.alloc()); sslHandler.engine().setEnabledProtocols(sslContextFactory.getProtocols()); // Configure our pipeline of ChannelHandlerS. ChannelPipeline pipeline = ch.pipeline(); storeChannel(ch); addTimeoutHandlers(pipeline); addPassportHandler(pipeline); addTcpRelatedHandlers(pipeline); pipeline.addLast("ssl", sslHandler); addSslInfoHandlers(pipeline, isSSlFromIntermediary); addSslClientCertChecks(pipeline); addHttp1Handlers(pipeline); addHttpRelatedHandlers(pipeline); addZuulHandlers(pipeline); } }
@Override protected void initChannel(Channel ch) throws Exception { SslHandler sslHandler = sslContext.newHandler(ch.alloc()); sslHandler.engine().setEnabledProtocols(sslContextFactory.getProtocols()); // Configure our pipeline of ChannelHandlerS. ChannelPipeline pipeline = ch.pipeline(); storeChannel(ch); addTimeoutHandlers(pipeline); addPassportHandler(pipeline); addTcpRelatedHandlers(pipeline); pipeline.addLast("ssl", sslHandler); addSslInfoHandlers(pipeline, isSSlFromIntermediary); addSslClientCertChecks(pipeline); addHttp1Handlers(pipeline); addHttpRelatedHandlers(pipeline); addZuulHandlers(pipeline); } }