org.xnio.ssl.SslConnection Java Examples

UndertowAcceptingSslChannel(final UndertowXnioSsl ssl, final AcceptingChannel<? extends StreamConnection> tcpServer, final OptionMap optionMap, final ByteBufferPool applicationBufferPool, final boolean startTls) {
    this.tcpServer = tcpServer;
    this.ssl = ssl;
    this.applicationBufferPool = applicationBufferPool;
    this.startTls = startTls;
    clientAuthMode = optionMap.get(Options.SSL_CLIENT_AUTH_MODE);
    useClientMode = optionMap.get(Options.SSL_USE_CLIENT_MODE, false) ? 1 : 0;
    enableSessionCreation = optionMap.get(Options.SSL_ENABLE_SESSION_CREATION, true) ? 1 : 0;
    final Sequence<String> enabledCipherSuites = optionMap.get(Options.SSL_ENABLED_CIPHER_SUITES);
    cipherSuites = enabledCipherSuites != null ? enabledCipherSuites.toArray(new String[enabledCipherSuites.size()]) : null;
    final Sequence<String> enabledProtocols = optionMap.get(Options.SSL_ENABLED_PROTOCOLS);
    protocols = enabledProtocols != null ? enabledProtocols.toArray(new String[enabledProtocols.size()]) : null;
    //noinspection ThisEscapedInObjectConstruction
    closeSetter = ChannelListeners.<AcceptingChannel<SslConnection>>getDelegatingSetter(tcpServer.getCloseSetter(), this);
    //noinspection ThisEscapedInObjectConstruction
    acceptSetter = ChannelListeners.<AcceptingChannel<SslConnection>>getDelegatingSetter(tcpServer.getAcceptSetter(), this);
    useCipherSuitesOrder = optionMap.get(UndertowOptions.SSL_USER_CIPHER_SUITES_ORDER, false);
}
 

private void proxyAccept(SocketAddress source, SocketAddress dest, PooledByteBuffer additionalData) {
    StreamConnection streamConnection = this.streamConnection;
    if (source != null) {
        streamConnection = new AddressWrappedConnection(streamConnection, source, dest);
    }
    if (ssl != null) {

        //we need to apply the additional data before the SSL wrapping
        if (additionalData != null) {
            PushBackStreamSourceConduit conduit = new PushBackStreamSourceConduit(streamConnection.getSourceChannel().getConduit());
            conduit.pushBack(new PooledAdaptor(additionalData));
            streamConnection.getSourceChannel().setConduit(conduit);
        }
        SslConnection sslConnection = ssl.wrapExistingConnection(streamConnection, sslOptionMap == null ? OptionMap.EMPTY : sslOptionMap, false);
        streamConnection = sslConnection;

        callOpenListener(streamConnection, null);
    } else {
        callOpenListener(streamConnection, additionalData);
    }
}
 

@Override
public void sendRequest(final ClientRequest request, final ClientCallback<ClientExchange> clientCallback) {
    if(http2Delegate != null) {
        http2Delegate.sendRequest(request, clientCallback);
        return;
    }
    if (anyAreSet(state, UPGRADE_REQUESTED | UPGRADED | CLOSE_REQ | CLOSED)) {
        clientCallback.failed(UndertowClientMessages.MESSAGES.invalidConnectionState());
        return;
    }
    final HttpClientExchange httpClientExchange = new HttpClientExchange(clientCallback, request, this);
    boolean ssl = this.connection instanceof SslConnection;
    if(!ssl && !http2Tried && options.get(UndertowOptions.ENABLE_HTTP2, false) && !request.getRequestHeaders().contains(Headers.UPGRADE)) {
        //this is the first request, as we want to try a HTTP2 upgrade
        request.getRequestHeaders().put(new HttpString("HTTP2-Settings"), Http2ClearClientProvider.createSettingsFrame(options, bufferPool));
        request.getRequestHeaders().put(Headers.UPGRADE, Http2Channel.CLEARTEXT_UPGRADE_STRING);
        request.getRequestHeaders().put(Headers.CONNECTION, "Upgrade, HTTP2-Settings");
        http2Tried = true;
    }

    if (currentRequest == null) {
        initiateRequest(httpClientExchange);
    } else {
        pendingQueue.add(httpClientExchange);
    }
}
 

public void handleEvent(final StreamConnection connection) {
    try {

        SSLEngine sslEngine = JsseSslUtils.createSSLEngine(sslContext, optionMap, destination);
        SSLParameters params = sslEngine.getSSLParameters();
        params.setServerNames(Collections.singletonList(new SNIHostName(destination.getHostString())));
        sslEngine.setSSLParameters(params);

        final SslConnection wrappedConnection = new UndertowSslConnection(connection, sslEngine, bufferPool);
        if (!futureResult.setResult(wrappedConnection)) {
            IoUtils.safeClose(connection);
        } else {
            ChannelListeners.invokeChannelListener(wrappedConnection, openListener);
        }
    } catch (Throwable e) {
        futureResult.setException(new IOException(e));
    }
}
 

public SSLSession getSslSession() {
    StreamConnection con = getUnderlyingConnection();
    if (con instanceof SslConnection) {
        return ((SslConnection) con).getSslSession();
    }
    return null;
}
 

/**
 * @deprecated will be change to protected in future TODO: not sure if this should be public
 * @param listener {@link ClientCallback}
 * @param uri URI
 * @param bufferPool ByteBufferPool
 * @param options OptionMap
 * @return ALPNClientSelector.ALPNProtocol
 */
@Deprecated
public static ALPNClientSelector.ALPNProtocol alpnProtocol(final ClientCallback<ClientConnection> listener, URI uri, ByteBufferPool bufferPool, OptionMap options) {
    return new ALPNClientSelector.ALPNProtocol(new ChannelListener<SslConnection>() {
        @Override
        public void handleEvent(SslConnection connection) {
            listener.completed(createHttp2Channel(connection, bufferPool, options, uri.getHost()));
        }
    }, HTTP2);
}
 

public static ALPNClientSelector.ALPNProtocol alpnProtocol(final ClientCallback<ClientConnection> listener, URI uri, ByteBufferPool bufferPool, OptionMap options) {
    return new ALPNClientSelector.ALPNProtocol(new ChannelListener<SslConnection>() {
        @Override
        public void handleEvent(SslConnection connection) {
            listener.completed(createHttp2Channel(connection, bufferPool, options, uri.getHost()));
        }
    }, HTTP2);
}
 

@Override
public void run() {
    final ChannelListener<? super SslConnection> listener = handshakeSetter.get();
    if (listener == null) {
        return;
    }
    ChannelListeners.<SslConnection>invokeChannelListener(UndertowSslConnection.this, listener);
}
 

/**
 * Get the SSL engine for a given connection.
 *
 * @return the SSL engine
 */
public static SSLEngine getSslEngine(SslConnection connection) {
    if (connection instanceof UndertowSslConnection) {
        return ((UndertowSslConnection) connection).getSSLEngine();
    } else {
        return JsseXnioSsl.getSslEngine(connection);
    }
}
 

public ChannelListener<SslConnection> getSelected() {
    return selected;
}
 

protected void handleConnected(StreamConnection connection, final ClientCallback<ClientConnection> listener, URI uri,ByteBufferPool bufferPool, OptionMap options) {
	Light4jALPNClientSelector.runAlpn((SslConnection) connection, FAILED, listener, alpnProtocol(listener, uri, bufferPool, options));
}
 

@LogMessage(level = ERROR)
@Message(id = 5079, value = "ALPN negotiation on %s failed")
void alpnConnectionFailed(SslConnection connection);
 

@Override
public void handleEvent(SslConnection connection) {
    UndertowLogger.ROOT_LOGGER.alpnConnectionFailed(connection);
    IoUtils.safeClose(connection);
}
 

public ChannelListener.Setter<? extends AcceptingChannel<SslConnection>> getCloseSetter() {
    return closeSetter;
}
 

public ChannelListener.Setter<? extends AcceptingChannel<SslConnection>> getAcceptSetter() {
    return acceptSetter;
}
 

private void handleConnected(StreamConnection connection, final ClientCallback<ClientConnection> listener, URI uri,ByteBufferPool bufferPool, OptionMap options) {
    ALPNClientSelector.runAlpn((SslConnection) connection, FAILED, listener, alpnProtocol(listener, uri, bufferPool, options));
}
 

@Override
public void handleEvent(SslConnection connection) {
    UndertowLogger.ROOT_LOGGER.alpnConnectionFailed(connection);
    IoUtils.safeClose(connection);
}
 

@Override
public IoFuture<SslConnection> openSslConnection(final XnioIoThread ioThread, final InetSocketAddress bindAddress, final InetSocketAddress destination, final ChannelListener<? super SslConnection> openListener, final ChannelListener<? super BoundChannel> bindListener, final OptionMap optionMap) {
    final FutureResult<SslConnection> futureResult = new FutureResult<>(ioThread);
    final IoFuture<StreamConnection> connection = ioThread.openStreamConnection(bindAddress, destination, new StreamConnectionChannelListener(optionMap, destination, futureResult, openListener), bindListener, optionMap);
    return setupSslConnection(futureResult, connection);
}
 

public ALPNProtocol(ChannelListener<SslConnection> selected, String protocol) {
    this.selected = selected;
    this.protocol = protocol;
}
 

public static SslConduit getSslConduit(SslConnection connection) {
    return ((UndertowSslConnection) connection).getSslConduit();
}
 

@Override
public ChannelListener.Setter<? extends SslConnection> getHandshakeSetter() {
    return handshakeSetter;
}
 

public IoFuture<SslConnection> openSslConnection(final XnioWorker worker, final InetSocketAddress bindAddress, final InetSocketAddress destination, final ChannelListener<? super SslConnection> openListener, final ChannelListener<? super BoundChannel> bindListener, final OptionMap optionMap) {
    final FutureResult<SslConnection> futureResult = new FutureResult<>(worker);
    final IoFuture<StreamConnection> connection = worker.openStreamConnection(bindAddress, destination, new StreamConnectionChannelListener(optionMap, destination, futureResult, openListener), bindListener, optionMap);
    return setupSslConnection(futureResult, connection);
}
 

StreamConnectionChannelListener(OptionMap optionMap, InetSocketAddress destination, FutureResult<SslConnection> futureResult, ChannelListener<? super SslConnection> openListener) {
    this.optionMap = optionMap;
    this.destination = destination;
    this.futureResult = futureResult;
    this.openListener = openListener;
}
 

public AcceptingChannel<SslConnection> createSslConnectionServer(final XnioWorker worker, final InetSocketAddress bindAddress, final ChannelListener<? super AcceptingChannel<SslConnection>> acceptListener, final OptionMap optionMap) throws IOException {
    final UndertowAcceptingSslChannel server = new UndertowAcceptingSslChannel(this, worker.createStreamConnectionServer(bindAddress,  null,  optionMap), optionMap, bufferPool, false);
    if (acceptListener != null) server.getAcceptSetter().set(acceptListener);
    return server;
}
 

public SslConnection wrapExistingConnection(StreamConnection connection, OptionMap optionMap, boolean clientMode) {
    return new UndertowSslConnection(connection, createSSLEngine(sslContext, optionMap, (InetSocketAddress) connection.getPeerAddress(), clientMode), bufferPool);
}
 

public SslConnection wrapExistingConnection(StreamConnection connection, OptionMap optionMap) {
    return new UndertowSslConnection(connection, createSSLEngine(sslContext, optionMap, (InetSocketAddress) connection.getPeerAddress(), true), bufferPool);
}