All Downloads are FREE. Search and download functionalities are using the official Maven repository.
Please wait. This can take some minutes ...
Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
com.arangodb.shaded.vertx.core.net.impl.SslChannelProvider Maven / Gradle / Ivy
/*
* Copyright (c) 2011-2022 Contributors to the Eclipse Foundation
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
* which is available at https://www.apache.org/licenses/LICENSE-2.0.
*
* SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
*/
package com.arangodb.shaded.vertx.core.net.impl;
import com.arangodb.shaded.netty.buffer.ByteBufAllocator;
import com.arangodb.shaded.netty.channel.ChannelHandler;
import com.arangodb.shaded.netty.handler.ssl.SniHandler;
import com.arangodb.shaded.netty.handler.ssl.SslContext;
import com.arangodb.shaded.netty.handler.ssl.SslHandler;
import com.arangodb.shaded.netty.util.AsyncMapping;
import com.arangodb.shaded.netty.util.concurrent.ImmediateExecutor;
import com.arangodb.shaded.vertx.core.net.SocketAddress;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.Executor;
import java.util.concurrent.TimeUnit;
/**
* Provider for {@link SslHandler} and {@link SniHandler}.
*
* {@link SslContext} instances are cached and reused.
*/
public class SslChannelProvider {
private final long sslHandshakeTimeout;
private final TimeUnit sslHandshakeTimeoutUnit;
private final Executor workerPool;
private final boolean useWorkerPool;
private final boolean sni;
private final boolean useAlpn;
private final boolean trustAll;
private final SslContextProvider sslContextProvider;
private final SslContext[] sslContexts = new SslContext[2];
private final Map[] sslContextMaps = new Map[]{
new ConcurrentHashMap<>(), new ConcurrentHashMap<>()
};
public SslChannelProvider(SslContextProvider sslContextProvider,
long sslHandshakeTimeout,
TimeUnit sslHandshakeTimeoutUnit,
boolean sni,
boolean trustAll,
boolean useAlpn,
Executor workerPool,
boolean useWorkerPool) {
this.workerPool = workerPool;
this.useWorkerPool = useWorkerPool;
this.useAlpn = useAlpn;
this.sni = sni;
this.trustAll = trustAll;
this.sslHandshakeTimeout = sslHandshakeTimeout;
this.sslHandshakeTimeoutUnit = sslHandshakeTimeoutUnit;
this.sslContextProvider = sslContextProvider;
}
public SslContextProvider sslContextProvider() {
return sslContextProvider;
}
public SslContext sslClientContext(String serverName, boolean useAlpn) {
return sslClientContext(serverName, useAlpn, trustAll);
}
public SslContext sslClientContext(String serverName, boolean useAlpn, boolean trustAll) {
int idx = idx(useAlpn);
if (sslContexts[idx] == null) {
SslContext context = sslContextProvider.createClientContext(serverName, useAlpn, trustAll);
sslContexts[idx] = context;
}
return sslContexts[idx];
}
public SslContext sslServerContext(boolean useAlpn) {
int idx = idx(useAlpn);
if (sslContexts[idx] == null) {
sslContexts[idx] = sslContextProvider.createServerContext(useAlpn);
}
return sslContexts[idx];
}
/**
* Server name {@link AsyncMapping} for {@link SniHandler}, mapping happens on a Vert.x worker thread.
*
* @return the {@link AsyncMapping}
*/
public AsyncMapping serverNameMapping() {
return (AsyncMapping) (serverName, promise) -> {
workerPool.execute(() -> {
if (serverName == null) {
promise.setSuccess(sslServerContext(useAlpn));
} else {
KeyManagerFactory kmf;
try {
kmf = sslContextProvider.resolveKeyManagerFactory(serverName);
} catch (Exception e) {
promise.setFailure(e);
return;
}
TrustManager[] trustManagers;
try {
trustManagers = sslContextProvider.resolveTrustManagers(serverName);
} catch (Exception e) {
promise.setFailure(e);
return;
}
int idx = idx(useAlpn);
SslContext sslContext = sslContextMaps[idx].computeIfAbsent(serverName, s -> sslContextProvider.createServerContext(kmf, trustManagers, s, useAlpn));
promise.setSuccess(sslContext);
}
});
return promise;
};
}
public SslHandler createClientSslHandler(SocketAddress remoteAddress, String serverName, boolean useAlpn) {
SslContext sslContext = sslClientContext(serverName, useAlpn);
SslHandler sslHandler;
Executor delegatedTaskExec = useWorkerPool ? workerPool : ImmediateExecutor.INSTANCE;
if (remoteAddress.isDomainSocket()) {
sslHandler = sslContext.newHandler(ByteBufAllocator.DEFAULT, delegatedTaskExec);
} else {
sslHandler = sslContext.newHandler(ByteBufAllocator.DEFAULT, remoteAddress.host(), remoteAddress.port(), delegatedTaskExec);
}
sslHandler.setHandshakeTimeout(sslHandshakeTimeout, sslHandshakeTimeoutUnit);
return sslHandler;
}
public ChannelHandler createServerHandler() {
if (sni) {
return createSniHandler();
} else {
return createServerSslHandler(useAlpn);
}
}
private SslHandler createServerSslHandler(boolean useAlpn) {
SslContext sslContext = sslServerContext(useAlpn);
Executor delegatedTaskExec = useWorkerPool ? workerPool : ImmediateExecutor.INSTANCE;
SslHandler sslHandler = sslContext.newHandler(ByteBufAllocator.DEFAULT, delegatedTaskExec);
sslHandler.setHandshakeTimeout(sslHandshakeTimeout, sslHandshakeTimeoutUnit);
return sslHandler;
}
private SniHandler createSniHandler() {
Executor delegatedTaskExec = useWorkerPool ? workerPool : ImmediateExecutor.INSTANCE;
return new VertxSniHandler(serverNameMapping(), sslHandshakeTimeoutUnit.toMillis(sslHandshakeTimeout), delegatedTaskExec);
}
private static int idx(boolean useAlpn) {
return useAlpn ? 0 : 1;
}
}