1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
|
12 | |
|
13 | |
|
14 | |
|
15 | |
|
16 | |
|
17 | |
|
18 | |
|
19 | |
|
20 | |
|
21 | |
|
22 | |
|
23 | |
|
24 | |
|
25 | |
|
26 | |
|
27 | |
|
28 | |
|
29 | |
|
30 | |
|
31 | |
|
32 | |
|
33 | |
|
34 | |
|
35 | |
|
36 | |
|
37 | |
|
38 | |
package com.sun.grizzly; |
39 | |
|
40 | |
import com.sun.grizzly.async.AsyncQueueDataProcessor; |
41 | |
import com.sun.grizzly.async.AsyncQueueReadable; |
42 | |
import com.sun.grizzly.async.AsyncQueueWritable; |
43 | |
import com.sun.grizzly.async.AsyncReadCallbackHandler; |
44 | |
import com.sun.grizzly.async.AsyncReadCondition; |
45 | |
import com.sun.grizzly.async.AsyncWriteCallbackHandler; |
46 | |
import com.sun.grizzly.util.OutputWriter; |
47 | |
import com.sun.grizzly.util.SSLOutputWriter; |
48 | |
import com.sun.grizzly.util.SSLUtils; |
49 | |
import java.io.EOFException; |
50 | |
import java.io.IOException; |
51 | |
import java.net.SocketAddress; |
52 | |
import java.nio.BufferOverflowException; |
53 | |
import java.nio.ByteBuffer; |
54 | |
import java.nio.channels.AlreadyConnectedException; |
55 | |
import java.nio.channels.NotYetConnectedException; |
56 | |
import java.nio.channels.SelectableChannel; |
57 | |
import java.nio.channels.SelectionKey; |
58 | |
import java.nio.channels.SocketChannel; |
59 | |
import java.util.concurrent.CountDownLatch; |
60 | |
import java.util.concurrent.TimeUnit; |
61 | |
import java.util.logging.Level; |
62 | |
import java.util.logging.Logger; |
63 | |
import javax.net.ssl.SSLContext; |
64 | |
import javax.net.ssl.SSLEngine; |
65 | |
import javax.net.ssl.SSLEngineResult; |
66 | |
import javax.net.ssl.SSLEngineResult.HandshakeStatus; |
67 | |
import javax.net.ssl.SSLException; |
68 | |
|
69 | |
|
70 | |
|
71 | |
|
72 | |
|
73 | |
|
74 | |
|
75 | |
|
76 | |
|
77 | |
|
78 | |
|
79 | |
|
80 | |
|
81 | |
|
82 | |
|
83 | |
|
84 | |
|
85 | |
|
86 | |
|
87 | |
|
88 | |
|
89 | |
|
90 | |
|
91 | |
|
92 | |
|
93 | |
|
94 | |
|
95 | |
|
96 | |
|
97 | |
|
98 | |
|
99 | |
|
100 | |
|
101 | |
|
102 | |
|
103 | |
|
104 | |
|
105 | |
|
106 | |
|
107 | |
|
108 | 5106430 | public class SSLConnectorHandler implements ConnectorHandler<SSLSelectorHandler, |
109 | |
SSLCallbackHandler>, AsyncQueueWritable, AsyncQueueReadable { |
110 | |
|
111 | |
|
112 | |
|
113 | |
|
114 | 1 | private static Logger logger = Logger.getLogger("grizzly"); |
115 | |
|
116 | |
|
117 | |
|
118 | |
|
119 | |
private SSLSelectorHandler selectorHandler; |
120 | |
|
121 | |
|
122 | |
|
123 | |
|
124 | |
|
125 | |
private SSLCallbackHandler callbackHandler; |
126 | |
|
127 | |
|
128 | |
|
129 | |
|
130 | 1 | private static final ByteBuffer EMPTY_BUFFER = ByteBuffer.allocate(0); |
131 | |
|
132 | |
|
133 | |
|
134 | |
|
135 | |
private ByteBuffer securedInputBuffer; |
136 | |
|
137 | |
|
138 | |
|
139 | |
|
140 | |
private ByteBuffer securedOutputBuffer; |
141 | |
|
142 | |
|
143 | |
|
144 | |
|
145 | |
|
146 | |
|
147 | |
private ByteBuffer asyncHandshakeBuffer; |
148 | |
|
149 | |
|
150 | |
|
151 | |
|
152 | |
private SocketChannel socketChannel; |
153 | |
|
154 | |
|
155 | |
|
156 | |
|
157 | |
|
158 | |
private static volatile SSLContext defaultSSLContext; |
159 | |
|
160 | |
|
161 | |
|
162 | |
|
163 | |
private volatile boolean isConnected; |
164 | |
|
165 | |
|
166 | |
|
167 | |
|
168 | |
private volatile boolean isHandshakeDone; |
169 | |
|
170 | |
|
171 | |
|
172 | |
|
173 | |
private Controller controller; |
174 | |
|
175 | |
|
176 | |
|
177 | |
|
178 | |
private CountDownLatch isConnectedLatch; |
179 | |
|
180 | |
|
181 | |
|
182 | |
|
183 | 14 | private boolean isStandalone = false; |
184 | |
|
185 | |
|
186 | |
|
187 | |
|
188 | |
private boolean isProcessingAsyncHandshake; |
189 | |
|
190 | |
|
191 | |
|
192 | |
|
193 | |
private SSLEngineResult sslLastOperationResult; |
194 | |
|
195 | |
|
196 | |
|
197 | |
|
198 | |
private SSLEngineResult.HandshakeStatus handshakeStatus; |
199 | |
|
200 | |
|
201 | |
|
202 | |
|
203 | 14 | private SSLEngineResult.Status sslEngineStatus = null; |
204 | |
|
205 | |
|
206 | |
|
207 | |
|
208 | |
|
209 | |
private boolean delegateSSLTasks; |
210 | |
|
211 | |
|
212 | |
|
213 | |
|
214 | |
private SSLEngine sslEngine; |
215 | |
|
216 | |
|
217 | |
|
218 | |
|
219 | |
private SSLContext sslContext; |
220 | |
|
221 | |
|
222 | |
|
223 | |
|
224 | |
private volatile AsyncQueueDataProcessor sslReadPostProcessor; |
225 | |
|
226 | |
|
227 | |
|
228 | |
|
229 | |
private volatile AsyncQueueDataProcessor sslWritePreProcessor; |
230 | |
|
231 | |
|
232 | |
|
233 | |
|
234 | |
private boolean isAsyncWriteQueueMode; |
235 | |
|
236 | |
|
237 | |
|
238 | |
|
239 | |
private boolean isAsyncReadQueueMode; |
240 | |
|
241 | |
public SSLConnectorHandler() { |
242 | 14 | this(defaultSSLContext); |
243 | 14 | } |
244 | |
|
245 | |
public SSLConnectorHandler(SSLConfig sslConfig) { |
246 | 0 | this(sslConfig.createSSLContext()); |
247 | 0 | } |
248 | |
|
249 | 14 | public SSLConnectorHandler(SSLContext sslContext) { |
250 | 14 | if (sslContext == null) { |
251 | 1 | if (defaultSSLContext == null) { |
252 | 1 | synchronized (SSLConnectorHandler.class) { |
253 | 1 | if (defaultSSLContext == null) { |
254 | 1 | defaultSSLContext = SSLConfig.DEFAULT_CONFIG.createSSLContext(); |
255 | |
} |
256 | 1 | } |
257 | |
} |
258 | |
|
259 | 1 | sslContext = defaultSSLContext; |
260 | |
} |
261 | |
|
262 | 14 | this.sslContext = sslContext; |
263 | 14 | } |
264 | |
|
265 | |
public boolean getDelegateSSLTasks() { |
266 | 0 | return delegateSSLTasks; |
267 | |
} |
268 | |
|
269 | |
public void setDelegateSSLTasks(boolean delegateSSLTasks) { |
270 | 0 | this.delegateSSLTasks = delegateSSLTasks; |
271 | 0 | } |
272 | |
|
273 | |
|
274 | |
|
275 | |
|
276 | |
|
277 | |
|
278 | |
|
279 | |
|
280 | |
|
281 | |
|
282 | |
|
283 | |
|
284 | |
|
285 | |
public void connect(SocketAddress remoteAddress, SSLCallbackHandler callbackHandler) throws IOException { |
286 | 112 | connect(remoteAddress, null, callbackHandler); |
287 | 112 | } |
288 | |
|
289 | |
|
290 | |
|
291 | |
|
292 | |
|
293 | |
|
294 | |
|
295 | |
|
296 | |
|
297 | |
|
298 | |
|
299 | |
|
300 | |
|
301 | |
|
302 | |
public void connect(SocketAddress remoteAddress, SocketAddress localAddress, SSLCallbackHandler callbackHandler) throws IOException { |
303 | 112 | if (controller == null) { |
304 | 0 | throw new IllegalStateException("Controller cannot be null"); |
305 | |
} |
306 | |
|
307 | 112 | connect(remoteAddress, localAddress, callbackHandler, (SSLSelectorHandler) controller.getSelectorHandler(protocol())); |
308 | 112 | } |
309 | |
|
310 | |
|
311 | |
|
312 | |
|
313 | |
|
314 | |
|
315 | |
|
316 | |
|
317 | |
|
318 | |
|
319 | |
|
320 | |
public void connect(SocketAddress remoteAddress, SSLCallbackHandler callbackHandler, SSLSelectorHandler selectorHandler) throws IOException { |
321 | 0 | connect(remoteAddress, null, callbackHandler, selectorHandler); |
322 | 0 | } |
323 | |
|
324 | |
|
325 | |
|
326 | |
|
327 | |
|
328 | |
|
329 | |
|
330 | |
|
331 | |
|
332 | |
|
333 | |
|
334 | |
|
335 | |
|
336 | |
|
337 | |
|
338 | |
public void connect(SocketAddress remoteAddress, SocketAddress localAddress, |
339 | |
SSLCallbackHandler callbackHandler, |
340 | |
SSLSelectorHandler selectorHandler) throws IOException { |
341 | 122 | if (isConnected) { |
342 | 0 | throw new AlreadyConnectedException(); |
343 | |
} |
344 | |
|
345 | 122 | if (controller == null) { |
346 | 0 | throw new IllegalStateException("Controller cannot be null"); |
347 | |
} |
348 | |
|
349 | 122 | if (selectorHandler == null) { |
350 | 0 | throw new IllegalStateException("SelectorHandler cannot be null"); |
351 | |
} |
352 | |
|
353 | 122 | this.selectorHandler = selectorHandler; |
354 | 122 | if (callbackHandler == null){ |
355 | 0 | callbackHandler = new DefaultCallbackHandler(this); |
356 | |
} else { |
357 | 122 | this.callbackHandler = callbackHandler; |
358 | |
} |
359 | |
|
360 | |
|
361 | 122 | isConnectedLatch = new CountDownLatch(1); |
362 | |
|
363 | 122 | selectorHandler.connect(remoteAddress, localAddress, |
364 | |
new SSLInternalCallbackHandler()); |
365 | |
|
366 | |
try { |
367 | 122 | isConnectedLatch.await(30, TimeUnit.SECONDS); |
368 | 0 | } catch (InterruptedException ex) { |
369 | 0 | throw new IOException(ex.getMessage()); |
370 | 122 | } |
371 | 122 | } |
372 | |
|
373 | |
|
374 | |
|
375 | |
|
376 | |
|
377 | |
|
378 | |
|
379 | |
|
380 | |
|
381 | |
public void connect(SocketAddress remoteAddress) throws IOException { |
382 | 10 | connect(remoteAddress, (SocketAddress) null); |
383 | 10 | } |
384 | |
|
385 | |
|
386 | |
|
387 | |
|
388 | |
|
389 | |
|
390 | |
|
391 | |
|
392 | |
|
393 | |
|
394 | |
public void connect(SocketAddress remoteAddress, SocketAddress localAddress) throws IOException { |
395 | 10 | if (isConnected) { |
396 | 0 | throw new AlreadyConnectedException(); |
397 | |
} |
398 | |
|
399 | 10 | if (controller == null) { |
400 | 10 | isStandalone = true; |
401 | 10 | controller = new Controller(); |
402 | 10 | controller.setSelectorHandler(new SSLSelectorHandler(true)); |
403 | 10 | DefaultPipeline pipeline = new DefaultPipeline(); |
404 | 10 | pipeline.initPipeline(); |
405 | 10 | pipeline.startPipeline(); |
406 | 10 | controller.setPipeline(pipeline); |
407 | |
|
408 | 10 | final CountDownLatch latch = new CountDownLatch(1); |
409 | 10 | controller.addStateListener(new ControllerStateListenerAdapter() { |
410 | |
@Override |
411 | |
public void onReady() { |
412 | 10 | latch.countDown(); |
413 | 10 | } |
414 | |
|
415 | |
@Override |
416 | |
public void onException(Throwable e) { |
417 | 0 | if (latch.getCount() > 0) { |
418 | 0 | logger.log(Level.SEVERE, "Error occured on Controller startup: ", e); |
419 | |
} |
420 | |
|
421 | 0 | latch.countDown(); |
422 | 0 | } |
423 | |
}); |
424 | 10 | callbackHandler = new DefaultCallbackHandler(this,false); |
425 | 10 | new Thread(controller, "GrizzlySSLConnectorHandler-Controller").start(); |
426 | |
|
427 | |
try { |
428 | 10 | latch.await(); |
429 | 0 | } catch (InterruptedException ex) { |
430 | 10 | } |
431 | |
} |
432 | |
|
433 | 10 | connect(remoteAddress, localAddress, callbackHandler, (SSLSelectorHandler) |
434 | |
controller.getSelectorHandler(protocol())); |
435 | 10 | } |
436 | |
|
437 | |
|
438 | |
|
439 | |
|
440 | |
|
441 | |
|
442 | |
|
443 | |
|
444 | |
|
445 | |
|
446 | |
|
447 | |
|
448 | |
|
449 | |
|
450 | |
|
451 | |
public boolean handshake(ByteBuffer byteBuffer, boolean blocking) throws IOException { |
452 | 122 | sslEngine.beginHandshake(); |
453 | 122 | handshakeStatus = sslEngine.getHandshakeStatus(); |
454 | |
|
455 | 122 | if (blocking) { |
456 | 120 | SSLUtils.doHandshake(socketChannel, byteBuffer, securedInputBuffer, |
457 | |
securedOutputBuffer, sslEngine, handshakeStatus); |
458 | 120 | securedOutputBuffer.limit(securedOutputBuffer.position()); |
459 | 120 | finishHandshake(); |
460 | |
|
461 | |
|
462 | 120 | return true; |
463 | |
} else { |
464 | 2 | return doAsyncHandshake(byteBuffer); |
465 | |
} |
466 | |
} |
467 | |
|
468 | |
|
469 | |
|
470 | |
|
471 | |
|
472 | |
|
473 | |
|
474 | |
|
475 | |
|
476 | |
|
477 | |
|
478 | |
|
479 | |
|
480 | |
public long read(ByteBuffer byteBuffer, boolean blocking) throws IOException { |
481 | 83023 | if (!isConnected) { |
482 | 0 | throw new NotYetConnectedException(); |
483 | |
} |
484 | |
|
485 | 83023 | if (blocking) { |
486 | 100 | return SSLUtils.doSecureRead(socketChannel, sslEngine, |
487 | |
byteBuffer, securedInputBuffer); |
488 | |
} else { |
489 | 82923 | isAsyncReadQueueMode = false; |
490 | 82923 | int nRead = doReadAsync(byteBuffer); |
491 | |
|
492 | 82923 | if (nRead == 0) { |
493 | 40610 | registerSelectionKeyFor(SelectionKey.OP_READ); |
494 | |
} |
495 | |
|
496 | 82923 | return nRead; |
497 | |
} |
498 | |
} |
499 | |
|
500 | |
|
501 | |
|
502 | |
|
503 | |
|
504 | |
|
505 | |
|
506 | |
|
507 | |
|
508 | |
|
509 | |
|
510 | |
|
511 | |
|
512 | |
|
513 | |
public long write(ByteBuffer byteBuffer, boolean blocking) throws IOException { |
514 | 102 | if (!isConnected) { |
515 | 0 | throw new NotYetConnectedException(); |
516 | |
} |
517 | |
|
518 | 102 | if (blocking) { |
519 | 100 | long nWrite = SSLOutputWriter.flushChannel(socketChannel, |
520 | |
byteBuffer, securedOutputBuffer, sslEngine); |
521 | |
|
522 | 100 | securedOutputBuffer.position(securedOutputBuffer.limit()); |
523 | 100 | return nWrite; |
524 | |
} else { |
525 | 2 | if (callbackHandler == null) { |
526 | 0 | throw new IllegalStateException("Non blocking write needs a CallbackHandler"); |
527 | |
} |
528 | |
|
529 | 2 | isAsyncWriteQueueMode = false; |
530 | 2 | int nWrite = 1; |
531 | 2 | int totalWrite = 0; |
532 | |
|
533 | 4 | while (nWrite > 0 && |
534 | |
(byteBuffer.hasRemaining() || securedOutputBuffer.hasRemaining())) { |
535 | 2 | nWrite = doWriteAsync(byteBuffer); |
536 | 2 | totalWrite += nWrite; |
537 | |
} |
538 | |
|
539 | 2 | if (byteBuffer.hasRemaining() || securedOutputBuffer.hasRemaining()) { |
540 | 0 | registerSelectionKeyFor(SelectionKey.OP_WRITE); |
541 | |
} |
542 | |
|
543 | 2 | return totalWrite; |
544 | |
} |
545 | |
} |
546 | |
|
547 | |
|
548 | |
|
549 | |
|
550 | |
|
551 | |
public void writeToAsyncQueue(ByteBuffer buffer) throws IOException { |
552 | 599434 | writeToAsyncQueue(buffer, null); |
553 | 600000 | } |
554 | |
|
555 | |
|
556 | |
|
557 | |
|
558 | |
|
559 | |
public void writeToAsyncQueue(ByteBuffer buffer, |
560 | |
AsyncWriteCallbackHandler callbackHandler) throws IOException { |
561 | 599443 | writeToAsyncQueue(buffer, callbackHandler, obtainSSLWritePreProcessor()); |
562 | 599998 | } |
563 | |
|
564 | |
|
565 | |
|
566 | |
|
567 | |
|
568 | |
public void writeToAsyncQueue(ByteBuffer buffer, |
569 | |
AsyncWriteCallbackHandler callbackHandler, |
570 | |
AsyncQueueDataProcessor writePreProcessor) throws IOException { |
571 | 600000 | writeToAsyncQueue(buffer, callbackHandler, writePreProcessor, false); |
572 | 600000 | } |
573 | |
|
574 | |
|
575 | |
|
576 | |
|
577 | |
|
578 | |
public void writeToAsyncQueue(ByteBuffer buffer, |
579 | |
AsyncWriteCallbackHandler callbackHandler, |
580 | |
AsyncQueueDataProcessor writePreProcessor, |
581 | |
boolean isCloneByteBuffer) throws IOException { |
582 | 600000 | isAsyncWriteQueueMode = true; |
583 | 600000 | selectorHandler.getAsyncQueueWriter().write( |
584 | |
socketChannel.keyFor(selectorHandler.getSelector()), buffer, |
585 | |
callbackHandler, writePreProcessor, isCloneByteBuffer); |
586 | 600000 | } |
587 | |
|
588 | |
|
589 | |
|
590 | |
|
591 | |
|
592 | |
public void writeToAsyncQueue(SocketAddress dstAddress, ByteBuffer buffer) |
593 | |
throws IOException { |
594 | 0 | writeToAsyncQueue(dstAddress, buffer); |
595 | 0 | } |
596 | |
|
597 | |
|
598 | |
|
599 | |
|
600 | |
|
601 | |
public void writeToAsyncQueue(SocketAddress dstAddress, ByteBuffer buffer, |
602 | |
AsyncWriteCallbackHandler callbackHandler) throws IOException { |
603 | 0 | writeToAsyncQueue(dstAddress, buffer, callbackHandler, obtainSSLWritePreProcessor()); |
604 | 0 | } |
605 | |
|
606 | |
|
607 | |
|
608 | |
|
609 | |
|
610 | |
public void writeToAsyncQueue(SocketAddress dstAddress, ByteBuffer buffer, |
611 | |
AsyncWriteCallbackHandler callbackHandler, |
612 | |
AsyncQueueDataProcessor writePreProcessor) throws IOException { |
613 | 0 | writeToAsyncQueue(dstAddress, buffer, callbackHandler, writePreProcessor); |
614 | 0 | } |
615 | |
|
616 | |
|
617 | |
|
618 | |
|
619 | |
|
620 | |
public void writeToAsyncQueue(SocketAddress dstAddress, ByteBuffer buffer, |
621 | |
AsyncWriteCallbackHandler callbackHandler, |
622 | |
AsyncQueueDataProcessor writePreProcessor, boolean isCloneByteBuffer) |
623 | |
throws IOException { |
624 | 0 | isAsyncWriteQueueMode = true; |
625 | 0 | selectorHandler.getAsyncQueueWriter().write( |
626 | |
socketChannel.keyFor(selectorHandler.getSelector()), dstAddress, |
627 | |
buffer, callbackHandler, writePreProcessor, isCloneByteBuffer); |
628 | 0 | } |
629 | |
|
630 | |
|
631 | |
|
632 | |
|
633 | |
|
634 | |
public void readFromAsyncQueue(ByteBuffer buffer, |
635 | |
AsyncReadCallbackHandler callbackHandler) throws IOException { |
636 | 0 | readFromAsyncQueue(buffer, callbackHandler, null); |
637 | 0 | } |
638 | |
|
639 | |
|
640 | |
|
641 | |
|
642 | |
|
643 | |
public void readFromAsyncQueue(ByteBuffer buffer, |
644 | |
AsyncReadCallbackHandler callbackHandler, |
645 | |
AsyncReadCondition condition) throws IOException { |
646 | 100 | readFromAsyncQueue(buffer, callbackHandler, condition, |
647 | |
obtainSSLReadPostProcessor()); |
648 | 100 | } |
649 | |
|
650 | |
|
651 | |
|
652 | |
|
653 | |
|
654 | |
public void readFromAsyncQueue(ByteBuffer buffer, |
655 | |
AsyncReadCallbackHandler callbackHandler, |
656 | |
AsyncReadCondition condition, |
657 | |
AsyncQueueDataProcessor readPostProcessor) throws IOException { |
658 | 100 | isAsyncReadQueueMode = true; |
659 | 100 | selectorHandler.getAsyncQueueReader().read( |
660 | |
socketChannel.keyFor(selectorHandler.getSelector()), buffer, |
661 | |
callbackHandler, condition, readPostProcessor); |
662 | 100 | } |
663 | |
|
664 | |
|
665 | |
|
666 | |
|
667 | |
|
668 | |
public void close() throws IOException { |
669 | 122 | if (socketChannel != null) { |
670 | 122 | if (isConnected) { |
671 | |
try { |
672 | 122 | if (securedOutputBuffer.hasRemaining()) { |
673 | |
|
674 | 0 | OutputWriter.flushChannel(socketChannel, securedOutputBuffer); |
675 | |
} |
676 | |
|
677 | |
|
678 | 122 | sslEngine.closeOutbound(); |
679 | 122 | SSLUtils.wrap(EMPTY_BUFFER, securedOutputBuffer, sslEngine); |
680 | 122 | OutputWriter.flushChannel(socketChannel, securedOutputBuffer); |
681 | 0 | } catch (IOException e) { |
682 | 0 | logger.log(Level.FINE, "IOException during closing the connector.", e); |
683 | 122 | } |
684 | |
} |
685 | |
|
686 | 122 | if (selectorHandler != null) { |
687 | 122 | SelectionKey key = socketChannel.keyFor(selectorHandler.getSelector()); |
688 | |
|
689 | 122 | if (key == null) { |
690 | 0 | return; |
691 | |
} |
692 | 122 | selectorHandler.getSelectionKeyHandler().close(key); |
693 | |
} |
694 | |
|
695 | 122 | socketChannel.close(); |
696 | |
} |
697 | |
|
698 | 122 | if (controller != null && isStandalone) { |
699 | 10 | controller.stop(); |
700 | 10 | controller = null; |
701 | |
} |
702 | |
|
703 | 122 | sslEngine = null; |
704 | 122 | asyncHandshakeBuffer = null; |
705 | 122 | isStandalone = false; |
706 | 122 | isConnected = false; |
707 | 122 | isHandshakeDone = false; |
708 | 122 | } |
709 | |
|
710 | |
|
711 | |
|
712 | |
|
713 | |
|
714 | |
|
715 | |
public void finishConnect(SelectionKey key) throws IOException{ |
716 | |
try { |
717 | 122 | if (logger.isLoggable(Level.FINE)) { |
718 | 0 | logger.log(Level.FINE, "Finish connect"); |
719 | |
} |
720 | |
|
721 | 122 | socketChannel = (SocketChannel) key.channel(); |
722 | 122 | socketChannel.finishConnect(); |
723 | 122 | isConnected = socketChannel.isConnected(); |
724 | 122 | if (isConnected) { |
725 | 122 | initSSLEngineIfRequired(); |
726 | |
} |
727 | 0 | } catch (IOException e) { |
728 | 0 | throw e; |
729 | |
} finally { |
730 | 122 | isConnectedLatch.countDown(); |
731 | 122 | } |
732 | 122 | } |
733 | |
|
734 | |
|
735 | |
|
736 | |
|
737 | |
|
738 | |
|
739 | |
public void finishHandshake() { |
740 | 122 | isProcessingAsyncHandshake = false; |
741 | 122 | isHandshakeDone = true; |
742 | 122 | } |
743 | |
|
744 | |
|
745 | |
|
746 | |
|
747 | |
|
748 | |
|
749 | |
public Controller.Protocol protocol() { |
750 | 234 | return Controller.Protocol.TLS; |
751 | |
} |
752 | |
|
753 | |
|
754 | |
|
755 | |
|
756 | |
|
757 | |
|
758 | |
public boolean isConnected() { |
759 | 132 | return isConnected && socketChannel.isOpen(); |
760 | |
} |
761 | |
|
762 | |
|
763 | |
|
764 | |
|
765 | |
|
766 | |
public boolean isHandshakeDone() { |
767 | 112 | return isHandshakeDone && !isProcessingAsyncHandshake; |
768 | |
} |
769 | |
|
770 | |
|
771 | |
|
772 | |
|
773 | |
|
774 | |
public SSLContext getSSLContext() { |
775 | 0 | return sslContext; |
776 | |
} |
777 | |
|
778 | |
|
779 | |
|
780 | |
|
781 | |
|
782 | |
|
783 | |
|
784 | |
|
785 | |
public void setSSLContext(SSLContext sslContext) { |
786 | 0 | this.sslContext = sslContext; |
787 | 0 | } |
788 | |
|
789 | |
|
790 | |
|
791 | |
|
792 | |
|
793 | |
|
794 | |
|
795 | |
|
796 | |
|
797 | |
public void configure(SSLConfig sslConfig) { |
798 | 0 | this.sslContext = sslConfig.createSSLContext(); |
799 | 0 | } |
800 | |
|
801 | |
|
802 | |
|
803 | |
|
804 | |
|
805 | |
public SSLEngine getSSLEngine() { |
806 | 0 | return sslEngine; |
807 | |
} |
808 | |
|
809 | |
|
810 | |
|
811 | |
|
812 | |
|
813 | |
public void setSSLEngine(SSLEngine sslEngine) { |
814 | 0 | this.sslEngine = sslEngine; |
815 | 0 | } |
816 | |
|
817 | |
|
818 | |
|
819 | |
|
820 | |
|
821 | |
|
822 | |
public ByteBuffer getSecuredInputBuffer() { |
823 | 0 | return securedInputBuffer; |
824 | |
} |
825 | |
|
826 | |
|
827 | |
|
828 | |
|
829 | |
|
830 | |
|
831 | |
public ByteBuffer getSecuredOutputBuffer() { |
832 | 0 | return securedOutputBuffer; |
833 | |
} |
834 | |
|
835 | |
|
836 | |
|
837 | |
|
838 | |
|
839 | |
public Controller getController() { |
840 | 0 | return controller; |
841 | |
} |
842 | |
|
843 | |
|
844 | |
|
845 | |
|
846 | |
|
847 | |
|
848 | |
public void setController(Controller controller) { |
849 | 335 | this.controller = controller; |
850 | 335 | } |
851 | |
|
852 | |
|
853 | |
|
854 | |
|
855 | |
|
856 | |
|
857 | |
public SelectableChannel getUnderlyingChannel() { |
858 | 0 | return socketChannel; |
859 | |
} |
860 | |
|
861 | |
|
862 | |
|
863 | |
|
864 | |
|
865 | |
|
866 | |
protected void setUnderlyingChannel(SocketChannel socketChannel){ |
867 | 10 | this.socketChannel = socketChannel; |
868 | 10 | } |
869 | |
|
870 | |
|
871 | |
|
872 | |
|
873 | |
|
874 | |
|
875 | |
public SSLCallbackHandler getCallbackHandler() { |
876 | 0 | return callbackHandler; |
877 | |
} |
878 | |
|
879 | |
|
880 | |
|
881 | |
|
882 | |
|
883 | |
|
884 | |
public void setCallbackHandler(SSLCallbackHandler callbackHandler) { |
885 | 0 | this.callbackHandler = callbackHandler; |
886 | 0 | } |
887 | |
|
888 | |
|
889 | |
|
890 | |
|
891 | |
|
892 | |
|
893 | |
public SSLSelectorHandler getSelectorHandler() { |
894 | 0 | return selectorHandler; |
895 | |
} |
896 | |
|
897 | |
|
898 | |
|
899 | |
|
900 | |
|
901 | |
|
902 | |
|
903 | |
|
904 | |
|
905 | |
|
906 | |
|
907 | |
public int getApplicationBufferSize() { |
908 | 222 | initSSLEngineIfRequired(); |
909 | 222 | return sslEngine.getSession().getApplicationBufferSize(); |
910 | |
} |
911 | |
|
912 | |
|
913 | |
|
914 | |
|
915 | |
|
916 | |
|
917 | |
|
918 | |
private int doReadAsync(ByteBuffer byteBuffer) throws IOException { |
919 | |
|
920 | 82931 | clearOrCompactBuffer(securedInputBuffer); |
921 | |
|
922 | |
|
923 | 82931 | int bytesRead = socketChannel.read(securedInputBuffer); |
924 | |
|
925 | 82931 | if (bytesRead == -1) { |
926 | |
try { |
927 | 1 | sslEngine.closeInbound(); |
928 | |
|
929 | 0 | if (securedInputBuffer.position() == 0 || |
930 | |
sslEngineStatus == SSLEngineResult.Status.BUFFER_UNDERFLOW) { |
931 | 0 | return -1; |
932 | |
} |
933 | 1 | } catch (SSLException e) { |
934 | 1 | return -1; |
935 | 0 | } |
936 | |
} |
937 | |
|
938 | 82930 | securedInputBuffer.flip(); |
939 | |
|
940 | 82930 | if (bytesRead == 0 && !securedInputBuffer.hasRemaining()) { |
941 | 40605 | return 0; |
942 | |
} |
943 | |
|
944 | 42325 | int bytesProduced = unwrapAll(byteBuffer); |
945 | |
|
946 | 42325 | if (bytesProduced == 0) { |
947 | 34 | if (sslEngineStatus == SSLEngineResult.Status.CLOSED) { |
948 | 0 | return -1; |
949 | 34 | } else if (sslEngineStatus == SSLEngineResult.Status.BUFFER_OVERFLOW) { |
950 | 0 | throw new BufferOverflowException(); |
951 | |
} |
952 | |
} |
953 | |
|
954 | 42325 | return bytesRead; |
955 | |
} |
956 | |
|
957 | |
private int unwrapAll(ByteBuffer byteBuffer) throws SSLException { |
958 | 50894 | SSLEngineResult result = null; |
959 | 50894 | int bytesProduced = 0; |
960 | |
|
961 | |
do { |
962 | 103638 | result = sslEngine.unwrap(securedInputBuffer, byteBuffer); |
963 | 103638 | bytesProduced += result.bytesProduced(); |
964 | |
|
965 | 103638 | } while (result.getStatus() == SSLEngineResult.Status.OK && |
966 | |
(isHandshakeDone || (result.getHandshakeStatus() == |
967 | |
SSLEngineResult.HandshakeStatus.NEED_UNWRAP && |
968 | |
result.bytesProduced() == 0))); |
969 | |
|
970 | 50894 | updateSSLEngineStatus(result); |
971 | 50894 | return bytesProduced; |
972 | |
} |
973 | |
|
974 | |
|
975 | |
|
976 | |
|
977 | |
|
978 | |
|
979 | |
|
980 | |
|
981 | |
|
982 | |
|
983 | |
|
984 | |
private int doWriteAsync(ByteBuffer byteBuffer) throws IOException { |
985 | 2 | if (securedOutputBuffer.hasRemaining() && !flushSecuredOutputBuffer()) { |
986 | 0 | return 0; |
987 | |
} |
988 | |
|
989 | 2 | securedOutputBuffer.clear(); |
990 | 2 | SSLEngineResult result = SSLUtils.wrap(byteBuffer, securedOutputBuffer, sslEngine); |
991 | |
|
992 | 2 | updateSSLEngineStatus(result); |
993 | |
|
994 | 2 | return socketChannel.write(securedOutputBuffer); |
995 | |
|
996 | |
} |
997 | |
|
998 | |
|
999 | |
|
1000 | |
|
1001 | |
|
1002 | |
|
1003 | |
|
1004 | |
private boolean doAsyncHandshake(ByteBuffer byteBuffer) throws IOException { |
1005 | |
SSLEngineResult result; |
1006 | 6 | isProcessingAsyncHandshake = true; |
1007 | 6 | asyncHandshakeBuffer = byteBuffer; |
1008 | 14 | while (handshakeStatus != HandshakeStatus.FINISHED) { |
1009 | 1 | switch (handshakeStatus) { |
1010 | |
case NEED_WRAP: |
1011 | 8 | result = SSLUtils.wrap(EMPTY_BUFFER, securedOutputBuffer, sslEngine); |
1012 | 8 | updateSSLEngineStatus(result); |
1013 | 1 | switch (result.getStatus()) { |
1014 | |
case OK: |
1015 | 8 | if (!flushSecuredOutputBuffer()) { |
1016 | 0 | return false; |
1017 | |
} |
1018 | |
break; |
1019 | |
default: |
1020 | 0 | throw new IOException("Handshaking error: " + result.getStatus()); |
1021 | |
} |
1022 | |
|
1023 | 8 | if (handshakeStatus != HandshakeStatus.NEED_UNWRAP) { |
1024 | 4 | break; |
1025 | |
} |
1026 | |
case NEED_UNWRAP: |
1027 | 8 | int bytesRead = doReadAsync(byteBuffer); |
1028 | 8 | if (bytesRead == -1) { |
1029 | |
try { |
1030 | 0 | sslEngine.closeInbound(); |
1031 | 0 | } catch (IOException e) { |
1032 | 0 | logger.log(Level.FINE, "Exception occured when closing sslEngine inbound.", e); |
1033 | 0 | } |
1034 | |
|
1035 | 0 | throw new EOFException("Connection closed"); |
1036 | 8 | } else if (bytesRead == 0 && sslLastOperationResult.bytesConsumed() == 0) { |
1037 | 4 | registerSelectionKeyFor(SelectionKey.OP_READ); |
1038 | 4 | return false; |
1039 | |
} |
1040 | |
|
1041 | 4 | if (handshakeStatus != HandshakeStatus.NEED_TASK) { |
1042 | 2 | break; |
1043 | |
} |
1044 | |
case NEED_TASK: |
1045 | 2 | handshakeStatus = executeDelegatedTask(); |
1046 | 2 | break; |
1047 | |
default: |
1048 | 0 | throw new RuntimeException("Invalid Handshaking State" + handshakeStatus); |
1049 | |
} |
1050 | |
} |
1051 | |
|
1052 | 2 | if (isProcessingAsyncHandshake) { |
1053 | 2 | finishHandshake(); |
1054 | |
} |
1055 | |
|
1056 | 2 | asyncHandshakeBuffer = null; |
1057 | 2 | return true; |
1058 | |
} |
1059 | |
|
1060 | |
|
1061 | |
|
1062 | |
|
1063 | |
|
1064 | |
private SSLEngineResult.HandshakeStatus executeDelegatedTask() { |
1065 | |
Runnable runnable; |
1066 | 4 | while ((runnable = sslEngine.getDelegatedTask()) != null) { |
1067 | 2 | runnable.run(); |
1068 | |
} |
1069 | |
|
1070 | 2 | return sslEngine.getHandshakeStatus(); |
1071 | |
} |
1072 | |
|
1073 | |
|
1074 | |
|
1075 | |
|
1076 | |
|
1077 | |
|
1078 | |
|
1079 | |
private void updateSSLEngineStatus(SSLEngineResult result) { |
1080 | 650893 | sslLastOperationResult = result; |
1081 | 650903 | sslEngineStatus = result.getStatus(); |
1082 | 650902 | handshakeStatus = result.getHandshakeStatus(); |
1083 | 650901 | } |
1084 | |
|
1085 | |
|
1086 | |
|
1087 | |
|
1088 | |
|
1089 | |
private static void clearOrCompactBuffer(ByteBuffer buffer) { |
1090 | 91500 | if (!buffer.hasRemaining()) { |
1091 | 91368 | buffer.clear(); |
1092 | 132 | } else if (buffer.remaining() < buffer.capacity()) { |
1093 | 30 | buffer.compact(); |
1094 | |
} |
1095 | 91500 | } |
1096 | |
|
1097 | |
|
1098 | |
|
1099 | |
|
1100 | |
|
1101 | |
private SelectionKey getSelectionKey() { |
1102 | 40614 | return socketChannel.keyFor(selectorHandler.getSelector()); |
1103 | |
} |
1104 | |
|
1105 | |
|
1106 | |
|
1107 | |
|
1108 | |
|
1109 | |
|
1110 | |
private void registerSelectionKeyFor(int ops) { |
1111 | 40614 | SelectionKey key = getSelectionKey(); |
1112 | 40614 | selectorHandler.register(key, ops); |
1113 | 40614 | } |
1114 | |
|
1115 | |
|
1116 | |
|
1117 | |
|
1118 | |
|
1119 | |
private boolean flushSecuredOutputBuffer() throws IOException { |
1120 | 8 | int nWrite = 1; |
1121 | |
|
1122 | 16 | while (nWrite > 0 && securedOutputBuffer.hasRemaining()) { |
1123 | 8 | nWrite = socketChannel.write(securedOutputBuffer); |
1124 | |
} |
1125 | |
|
1126 | 8 | if (securedOutputBuffer.hasRemaining()) { |
1127 | 0 | SelectionKey key = socketChannel.keyFor(selectorHandler.getSelector()); |
1128 | 0 | selectorHandler.register(key, SelectionKey.OP_WRITE); |
1129 | |
|
1130 | 0 | return false; |
1131 | |
} |
1132 | |
|
1133 | 8 | return true; |
1134 | |
} |
1135 | |
|
1136 | |
|
1137 | |
|
1138 | |
|
1139 | |
private void initSSLEngineIfRequired() { |
1140 | 344 | if (sslEngine == null) { |
1141 | 122 | sslEngine = sslContext.createSSLEngine(); |
1142 | 122 | sslEngine.setUseClientMode(true); |
1143 | |
} |
1144 | |
|
1145 | 344 | int bbSize = sslEngine.getSession().getPacketBufferSize(); |
1146 | 344 | securedInputBuffer = ByteBuffer.allocate(bbSize * 2); |
1147 | 344 | securedOutputBuffer = ByteBuffer.allocate(bbSize * 2); |
1148 | 344 | securedOutputBuffer.limit(0); |
1149 | 344 | } |
1150 | |
|
1151 | |
private AsyncQueueDataProcessor obtainSSLReadPostProcessor() { |
1152 | 100 | if (sslReadPostProcessor == null) { |
1153 | 1 | synchronized(this) { |
1154 | 1 | if (sslReadPostProcessor == null) { |
1155 | 1 | sslReadPostProcessor = new SSLReadPostProcessor(); |
1156 | |
} |
1157 | 1 | } |
1158 | |
} |
1159 | |
|
1160 | 100 | return sslReadPostProcessor; |
1161 | |
} |
1162 | |
|
1163 | |
private AsyncQueueDataProcessor obtainSSLWritePreProcessor() { |
1164 | 600000 | if (sslWritePreProcessor == null) { |
1165 | 4 | synchronized(this) { |
1166 | 4 | if (sslWritePreProcessor == null) { |
1167 | 2 | sslWritePreProcessor = new SSLWritePreProcessor(); |
1168 | |
} |
1169 | 4 | } |
1170 | |
} |
1171 | |
|
1172 | 600000 | return sslWritePreProcessor; |
1173 | |
} |
1174 | |
|
1175 | |
|
1176 | |
|
1177 | |
|
1178 | |
|
1179 | 244 | private class SSLInternalCallbackHandler implements CallbackHandler { |
1180 | |
public void onConnect(IOEvent ioEvent) { |
1181 | 122 | callbackHandler.onConnect(ioEvent); |
1182 | 122 | } |
1183 | |
|
1184 | |
public void onRead(IOEvent ioEvent) { |
1185 | 40614 | if (!isAsyncReadQueueMode) { |
1186 | |
try { |
1187 | |
|
1188 | 40614 | if (isProcessingAsyncHandshake) { |
1189 | 4 | if (doAsyncHandshake(asyncHandshakeBuffer)) { |
1190 | 2 | callbackHandler.onHandshake(ioEvent); |
1191 | |
} |
1192 | |
|
1193 | 4 | return; |
1194 | |
} |
1195 | |
|
1196 | 40610 | callbackHandler.onRead(ioEvent); |
1197 | 0 | } catch (IOException e) { |
1198 | 0 | logger.log(Level.SEVERE, "Exception occured when reading from SSL channel.", e); |
1199 | 40610 | } |
1200 | |
} |
1201 | 40610 | } |
1202 | |
|
1203 | |
public void onWrite(IOEvent ioEvent) { |
1204 | 16 | if (!isAsyncWriteQueueMode) { |
1205 | |
try { |
1206 | |
|
1207 | |
|
1208 | 0 | if (!securedOutputBuffer.hasRemaining() || flushSecuredOutputBuffer()) { |
1209 | |
|
1210 | 0 | if (isProcessingAsyncHandshake) { |
1211 | 0 | if (doAsyncHandshake(asyncHandshakeBuffer)) { |
1212 | 0 | callbackHandler.onHandshake(ioEvent); |
1213 | |
} |
1214 | |
|
1215 | 0 | return; |
1216 | |
} |
1217 | |
|
1218 | 0 | callbackHandler.onWrite(ioEvent); |
1219 | |
} |
1220 | 0 | } catch (IOException e) { |
1221 | 0 | logger.log(Level.SEVERE, "Exception occured when writing to SSL channel.", e); |
1222 | 0 | } |
1223 | |
} |
1224 | 16 | } |
1225 | |
} |
1226 | |
|
1227 | |
|
1228 | |
|
1229 | |
|
1230 | |
|
1231 | 2 | private class SSLReadPostProcessor implements AsyncQueueDataProcessor { |
1232 | |
public ByteBuffer getInternalByteBuffer() { |
1233 | 150279 | return securedInputBuffer; |
1234 | |
} |
1235 | |
|
1236 | |
public void process(ByteBuffer byteBuffer) throws SSLException { |
1237 | 8569 | securedInputBuffer.flip(); |
1238 | 8569 | unwrapAll(byteBuffer); |
1239 | 8569 | clearOrCompactBuffer(securedInputBuffer); |
1240 | 8569 | } |
1241 | |
} |
1242 | |
|
1243 | |
|
1244 | |
|
1245 | |
|
1246 | |
|
1247 | 4 | private class SSLWritePreProcessor implements AsyncQueueDataProcessor { |
1248 | |
public ByteBuffer getInternalByteBuffer() { |
1249 | 1200000 | return securedOutputBuffer; |
1250 | |
} |
1251 | |
|
1252 | |
public void process(ByteBuffer byteBuffer) throws SSLException { |
1253 | 600000 | if (!byteBuffer.hasRemaining() || securedOutputBuffer.hasRemaining()) return; |
1254 | |
|
1255 | 600000 | securedOutputBuffer.clear(); |
1256 | 600000 | SSLEngineResult result = sslEngine.wrap(byteBuffer, securedOutputBuffer); |
1257 | 600000 | updateSSLEngineStatus(result); |
1258 | 600000 | securedOutputBuffer.flip(); |
1259 | 600000 | } |
1260 | |
} |
1261 | |
} |