Java Code Examples for javax.net.ssl.SSLEngine#setEnableSessionCreation()
The following examples show how to use
javax.net.ssl.SSLEngine#setEnableSessionCreation() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SSLConfigServer.java From Bats with Apache License 2.0 | 6 votes |
|
@Override
public SSLEngine createSSLEngine(BufferAllocator allocator, String peerHost, int peerPort) {
SSLEngine engine = super.createSSLEngine(allocator, peerHost, peerPort);
engine.setUseClientMode(false);
// No need for client side authentication (HTTPS like behaviour)
engine.setNeedClientAuth(false);
try {
engine.setEnableSessionCreation(true);
} catch (Exception e) {
// Openssl implementation may throw this.
logger.debug("Session creation not enabled. Exception: {}", e.getMessage());
}
return engine;
}
Example 2
| Source File: SSLConfigClient.java From Bats with Apache License 2.0 | 6 votes |
|
@Override
public SSLEngine createSSLEngine(BufferAllocator allocator, String peerHost, int peerPort) {
SSLEngine engine = super.createSSLEngine(allocator, peerHost, peerPort);
if (!this.disableHostVerification()) {
SSLParameters sslParameters = engine.getSSLParameters();
// only available since Java 7
sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
engine.setSSLParameters(sslParameters);
}
engine.setUseClientMode(true);
try {
engine.setEnableSessionCreation(true);
} catch (Exception e) {
// Openssl implementation may throw this.
logger.debug("Session creation not enabled. Exception: {}", e.getMessage());
}
return engine;
}
Example 3
| Source File: SSLEngineFactoryImpl.java From dremio-oss with Apache License 2.0 | 6 votes |
|
@Override
public SSLEngine newClientEngine(ByteBufAllocator allocator, String peerHost, int peerPort)
throws SSLException {
final SslContext sslContext = newClientContextBuilder().build();
final SSLEngine engine = sslContext.newEngine(allocator, peerHost, peerPort);
if (!sslConfig.disableHostVerification()) {
final SSLParameters sslParameters = engine.getSSLParameters();
// only available since Java 7
sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
engine.setSSLParameters(sslParameters);
}
try {
engine.setEnableSessionCreation(true);
} catch (UnsupportedOperationException ignored) {
// see ReferenceCountedOpenSslEngine#setEnableSessionCreation
logger.trace("Session creation not enabled", ignored);
}
return engine;
}
Example 4
| Source File: OvsdbChannelInitializer.java From onos with Apache License 2.0 | 6 votes |
|
@Override
protected void initChannel(SocketChannel channel) throws Exception {
ChannelPipeline pipeline = channel.pipeline();
if (sslContext != null) {
log.info("OVSDB SSL enabled.");
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setNeedClientAuth(true);
sslEngine.setUseClientMode(false);
sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
sslEngine.setEnableSessionCreation(true);
SslHandler sslHandler = new SslHandler(sslEngine);
pipeline.addLast("ssl", sslHandler);
} else {
log.info("OVSDB SSL disabled.");
}
pipeline.addLast(new StringEncoder(CharsetUtil.UTF_8));
pipeline.addLast(new MessageDecoder());
pipeline.addLast(new IdleStateHandler(READER_IDLE_TIME, WRITER_IDLE_TIME, ALL_IDLE_TIME));
pipeline.addLast(new ReadTimeoutHandler(TIMEOUT));
controller.handleNewNodeConnection(channel);
}
Example 5
| Source File: SNISSLEngine.java From lams with GNU General Public License v2.0 | 5 votes |
|
public SSLEngineResult unwrap(final ByteBuffer src, final ByteBuffer[] dsts, final int offset, final int length) throws SSLException {
SSLEngine next;
final int mark = src.position();
try {
if (src.remaining() < SNISSLExplorer.RECORD_HEADER_SIZE) {
packetBufferSize = SNISSLExplorer.RECORD_HEADER_SIZE;
return UNDERFLOW_UNWRAP;
}
final int requiredSize = SNISSLExplorer.getRequiredSize(src);
if (src.remaining() < requiredSize) {
packetBufferSize = requiredSize;
return UNDERFLOW_UNWRAP;
}
List<SNIServerName> names = SNISSLExplorer.explore(src);
SSLContext sslContext = selector.getContext(names);
if (sslContext == null) {
// no SSL context is available
throw UndertowMessages.MESSAGES.noContextForSslConnection();
}
next = engineFunction.apply(sslContext);
next.setUseClientMode(false);
final int flagsVal = flags.get();
if ((flagsVal & FL_WANT_C_AUTH) != 0) {
next.setWantClientAuth(true);
} else if ((flagsVal & FL_NEED_C_AUTH) != 0) {
next.setNeedClientAuth(true);
}
if ((flagsVal & FL_SESSION_CRE) != 0) {
next.setEnableSessionCreation(true);
}
next = selectionCallback.apply(next);
currentRef.set(next);
} finally {
src.position(mark);
}
return next.unwrap(src, dsts, offset, length);
}
Example 6
| Source File: SSLEngineFactoryImpl.java From dremio-oss with Apache License 2.0 | 5 votes |
|
@Override
public SSLEngine newServerEngine(ByteBufAllocator allocator, String peerHost, int peerPort)
throws SSLException {
final SslContext sslContext = newServerContextBuilder().build();
final SSLEngine engine = sslContext.newEngine(allocator, peerHost, peerPort);
try {
engine.setEnableSessionCreation(true);
} catch (UnsupportedOperationException ignored) {
// see ReferenceCountedOpenSslEngine#setEnableSessionCreation
logger.trace("Session creation not enabled", ignored);
}
return engine;
}
Example 7
| Source File: MqttSslHandlerProvider.java From iotplatform with Apache License 2.0 | 5 votes |
|
public SslHandler getSslHandler() {
try {
URL ksUrl = Resources.getResource(keyStoreFile);
File ksFile = new File(ksUrl.toURI());
URL tsUrl = Resources.getResource(keyStoreFile);
File tsFile = new File(tsUrl.toURI());
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore trustStore = KeyStore.getInstance(keyStoreType);
trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
tmFactory.init(trustStore);
KeyStore ks = KeyStore.getInstance(keyStoreType);
ks.load(new FileInputStream(ksFile), keyStorePassword.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, keyPassword.toCharArray());
KeyManager[] km = kmf.getKeyManagers();
TrustManager x509wrapped = getX509TrustManager(tmFactory);
TrustManager[] tm = {x509wrapped};
SSLContext sslContext = SSLContext.getInstance(TLS);
sslContext.init(km, tm, null);
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(false);
sslEngine.setNeedClientAuth(false);
sslEngine.setWantClientAuth(true);
sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
sslEngine.setEnableSessionCreation(true);
return new SslHandler(sslEngine);
} catch (Exception e) {
log.error("Unable to set up SSL context. Reason: " + e.getMessage(), e);
throw new RuntimeException("Failed to get SSL handler", e);
}
}
Example 8
| Source File: TlsConfigBean.java From datacollector with Apache License 2.0 | 5 votes |
|
public SSLEngine createSslEngine() {
SSLEngine sslEngine = createBaseSslEngine();
sslEngine.setEnabledProtocols(getFinalProtocols());
sslEngine.setEnabledCipherSuites(getFinalCipherSuites());
sslEngine.setEnableSessionCreation(true);
sslEngine.setUseClientMode(isClientMode());
return sslEngine;
}
Example 9
| Source File: SslHttpServerPipelineFactory.java From restcommander with Apache License 2.0 | 5 votes |
|
public ChannelPipeline getPipeline() throws Exception {
Integer max = Integer.valueOf(Play.configuration.getProperty("play.netty.maxContentLength", "-1"));
String mode = Play.configuration.getProperty("play.netty.clientAuth", "none");
ChannelPipeline pipeline = pipeline();
// Add SSL handler first to encrypt and decrypt everything.
SSLEngine engine = SslHttpServerContextFactory.getServerContext().createSSLEngine();
engine.setUseClientMode(false);
if ("want".equalsIgnoreCase(mode)) {
engine.setWantClientAuth(true);
} else if ("need".equalsIgnoreCase(mode)) {
engine.setNeedClientAuth(true);
}
engine.setEnableSessionCreation(true);
pipeline.addLast("flashPolicy", new FlashPolicyHandler());
pipeline.addLast("ssl", new SslHandler(engine));
pipeline.addLast("decoder", new HttpRequestDecoder());
pipeline.addLast("aggregator", new StreamChunkAggregator(max));
pipeline.addLast("encoder", new HttpResponseEncoder());
pipeline.addLast("chunkedWriter", new ChunkedWriteHandler());
pipeline.addLast("handler", new SslPlayHandler());
return pipeline;
}
Example 10
| Source File: OFChannelInitializer.java From onos with Apache License 2.0 | 5 votes |
|
@Override
protected void initChannel(SocketChannel ch) throws Exception {
OFChannelHandler handler = new OFChannelHandler(controller);
ChannelPipeline pipeline = ch.pipeline();
if (sslContext != null) {
log.info("OpenFlow SSL enabled.");
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setNeedClientAuth(true);
sslEngine.setUseClientMode(false);
sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
sslEngine.setEnableSessionCreation(true);
SslHandler sslHandler = new SslHandler(sslEngine);
pipeline.addLast("ssl", sslHandler);
} else {
log.debug("OpenFlow SSL disabled.");
}
pipeline.addLast("ofmessageencoder", OFMessageEncoder.getInstance());
pipeline.addLast("ofmessagedecoder", OFMessageDecoder.getInstance());
pipeline.addLast("consolidateflush", new FlushConsolidationHandler(
FlushConsolidationHandler.DEFAULT_EXPLICIT_FLUSH_AFTER_FLUSHES, true));
pipeline.addLast("idle", new IdleStateHandler(5, 25, 0));
pipeline.addLast("timeout", new ReadTimeoutHandler(30));
// XXX S ONOS: was 15 increased it to fix Issue #296
pipeline.addLast("handshaketimeout",
new HandshakeTimeoutHandler(handler, 60));
// ExecutionHandler equivalent now part of Netty core
if (pipelineExecutor != null) {
pipeline.addLast(pipelineExecutor, "handler", handler);
} else {
pipeline.addLast("handler", handler);
}
}
