io.undertow.protocols.ssl.UndertowAcceptingSslChannel Maven / Gradle / Ivy
/*
* JBoss, Home of Professional Open Source.
* Copyright 2014 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.undertow.protocols.ssl;
import io.undertow.UndertowLogger;
import io.undertow.UndertowOptions;
import io.undertow.connector.ByteBufferPool;
import org.xnio.ChannelListener;
import org.xnio.ChannelListeners;
import org.xnio.IoUtils;
import org.xnio.Option;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.Sequence;
import org.xnio.SslClientAuthMode;
import org.xnio.StreamConnection;
import org.xnio.Xnio;
import org.xnio.XnioExecutor;
import org.xnio.XnioIoThread;
import org.xnio.XnioWorker;
import org.xnio.channels.AcceptingChannel;
import org.xnio.ssl.SslConnection;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicIntegerFieldUpdater;
import java.util.concurrent.atomic.AtomicReferenceFieldUpdater;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
/**
* @author Stuart Douglas
*/
class UndertowAcceptingSslChannel implements AcceptingChannel {
private final UndertowXnioSsl ssl;
private final AcceptingChannel extends StreamConnection> tcpServer;
private volatile SslClientAuthMode clientAuthMode;
private volatile int useClientMode;
private volatile int enableSessionCreation;
private volatile String[] cipherSuites;
private volatile String[] protocols;
@SuppressWarnings("rawtypes")
private static final AtomicReferenceFieldUpdater clientAuthModeUpdater = AtomicReferenceFieldUpdater.newUpdater(UndertowAcceptingSslChannel.class, SslClientAuthMode.class, "clientAuthMode");
@SuppressWarnings("rawtypes")
private static final AtomicIntegerFieldUpdater useClientModeUpdater = AtomicIntegerFieldUpdater.newUpdater(UndertowAcceptingSslChannel.class, "useClientMode");
@SuppressWarnings("rawtypes")
private static final AtomicIntegerFieldUpdater enableSessionCreationUpdater = AtomicIntegerFieldUpdater.newUpdater(UndertowAcceptingSslChannel.class, "enableSessionCreation");
private final ChannelListener.Setter> closeSetter;
private final ChannelListener.Setter> acceptSetter;
protected final boolean startTls;
protected final ByteBufferPool applicationBufferPool;
private final boolean useCipherSuitesOrder;
UndertowAcceptingSslChannel(final UndertowXnioSsl ssl, final AcceptingChannel extends StreamConnection> tcpServer, final OptionMap optionMap, final ByteBufferPool applicationBufferPool, final boolean startTls) {
this.tcpServer = tcpServer;
this.ssl = ssl;
this.applicationBufferPool = applicationBufferPool;
this.startTls = startTls;
clientAuthMode = optionMap.get(Options.SSL_CLIENT_AUTH_MODE);
useClientMode = optionMap.get(Options.SSL_USE_CLIENT_MODE, false) ? 1 : 0;
enableSessionCreation = optionMap.get(Options.SSL_ENABLE_SESSION_CREATION, true) ? 1 : 0;
final Sequence enabledCipherSuites = optionMap.get(Options.SSL_ENABLED_CIPHER_SUITES);
cipherSuites = enabledCipherSuites != null ? enabledCipherSuites.toArray(new String[enabledCipherSuites.size()]) : null;
final Sequence enabledProtocols = optionMap.get(Options.SSL_ENABLED_PROTOCOLS);
protocols = enabledProtocols != null ? enabledProtocols.toArray(new String[enabledProtocols.size()]) : null;
//noinspection ThisEscapedInObjectConstruction
closeSetter = ChannelListeners.>getDelegatingSetter(tcpServer.getCloseSetter(), this);
//noinspection ThisEscapedInObjectConstruction
acceptSetter = ChannelListeners.>getDelegatingSetter(tcpServer.getAcceptSetter(), this);
useCipherSuitesOrder = optionMap.get(UndertowOptions.SSL_USER_CIPHER_SUITES_ORDER, false);
}
private static final Set
© 2015 - 2024 Weber Informatics LLC | Privacy Policy