Mercurial Hosting > luan
annotate src/org/eclipse/jetty/server/ssl/SslSelectChannelConnector.java @ 1003:21910079096e
minor
| author | Franklin Schmidt <fschmidt@gmail.com> |
|---|---|
| date | Sat, 22 Oct 2016 22:24:47 -0600 |
| parents | 35d04ac3fd0b |
| children | 0e96ce3db20a |
| rev | line source |
|---|---|
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
1 // |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
2 // ======================================================================== |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
3 // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd. |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
4 // ------------------------------------------------------------------------ |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
5 // All rights reserved. This program and the accompanying materials |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
6 // are made available under the terms of the Eclipse Public License v1.0 |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
7 // and Apache License v2.0 which accompanies this distribution. |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
8 // |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
9 // The Eclipse Public License is available at |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
10 // http://www.eclipse.org/legal/epl-v10.html |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
11 // |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
12 // The Apache License v2.0 is available at |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
13 // http://www.opensource.org/licenses/apache2.0.php |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
14 // |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
15 // You may elect to redistribute this code under either of these licenses. |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
16 // ======================================================================== |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
17 // |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
18 |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
19 package org.eclipse.jetty.server.ssl; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
20 |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
21 import java.io.IOException; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
22 import java.nio.channels.SocketChannel; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
23 |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
24 import javax.net.ssl.SSLContext; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
25 import javax.net.ssl.SSLEngine; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
26 import javax.net.ssl.SSLSession; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
27 import javax.net.ssl.SSLSocket; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
28 |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
29 import org.eclipse.jetty.http.HttpSchemes; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
30 import org.eclipse.jetty.io.AsyncEndPoint; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
31 import org.eclipse.jetty.io.Buffers; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
32 import org.eclipse.jetty.io.Buffers.Type; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
33 import org.eclipse.jetty.io.BuffersFactory; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
34 import org.eclipse.jetty.io.EndPoint; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
35 import org.eclipse.jetty.io.RuntimeIOException; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
36 import org.eclipse.jetty.io.nio.AsyncConnection; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
37 import org.eclipse.jetty.io.nio.SslConnection; |
|
952
669769bcdf5c
simplify AsyncEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
893
diff
changeset
|
38 import org.eclipse.jetty.io.nio.SelectChannelEndPoint; |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
39 import org.eclipse.jetty.server.Request; |
|
887
df84a1741687
make Connector reference to server explicit
Franklin Schmidt <fschmidt@gmail.com>
parents:
885
diff
changeset
|
40 import org.eclipse.jetty.server.Server; |
| 1001 | 41 import org.eclipse.jetty.server.AbstractHttpConnection; |
| 1003 | 42 import org.eclipse.jetty.server.AsyncHttpConnection; |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
43 import org.eclipse.jetty.server.nio.SelectChannelConnector; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
44 import org.eclipse.jetty.util.component.AggregateLifeCycle; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
45 import org.eclipse.jetty.util.ssl.SslContextFactory; |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
46 |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
47 /* ------------------------------------------------------------ */ |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
48 /** |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
49 * SslSelectChannelConnector. |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
50 * |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
51 * @org.apache.xbean.XBean element="sslConnector" description="Creates an NIO ssl connector" |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
52 */ |
| 1002 | 53 public final class SslSelectChannelConnector extends SelectChannelConnector |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
54 { |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
55 private final SslContextFactory _sslContextFactory; |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
56 private Buffers _sslBuffers; |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
57 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
58 /* ------------------------------------------------------------ */ |
|
887
df84a1741687
make Connector reference to server explicit
Franklin Schmidt <fschmidt@gmail.com>
parents:
885
diff
changeset
|
59 public SslSelectChannelConnector(Server server,int port) |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
60 { |
|
887
df84a1741687
make Connector reference to server explicit
Franklin Schmidt <fschmidt@gmail.com>
parents:
885
diff
changeset
|
61 this(new SslContextFactory(SslContextFactory.DEFAULT_KEYSTORE_PATH),server,port); |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
62 setSoLingerTime(30000); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
63 } |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
64 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
65 /* ------------------------------------------------------------ */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
66 /** Construct with explicit SslContextFactory. |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
67 * The SslContextFactory passed is added via {@link #addBean(Object)} so that |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
68 * it's lifecycle may be managed with {@link AggregateLifeCycle}. |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
69 * @param sslContextFactory |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
70 */ |
|
887
df84a1741687
make Connector reference to server explicit
Franklin Schmidt <fschmidt@gmail.com>
parents:
885
diff
changeset
|
71 public SslSelectChannelConnector(SslContextFactory sslContextFactory,Server server,int port) |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
72 { |
|
887
df84a1741687
make Connector reference to server explicit
Franklin Schmidt <fschmidt@gmail.com>
parents:
885
diff
changeset
|
73 super(server,port); |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
74 _sslContextFactory = sslContextFactory; |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
75 addBean(_sslContextFactory); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
76 setUseDirectBuffers(false); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
77 setSoLingerTime(30000); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
78 } |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
79 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
80 /* ------------------------------------------------------------ */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
81 /** |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
82 * Allow the Listener a chance to customise the request. before the server |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
83 * does its stuff. <br> |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
84 * This allows the required attributes to be set for SSL requests. <br> |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
85 * The requirements of the Servlet specs are: |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
86 * <ul> |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
87 * <li> an attribute named "javax.servlet.request.ssl_session_id" of type |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
88 * String (since Servlet Spec 3.0).</li> |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
89 * <li> an attribute named "javax.servlet.request.cipher_suite" of type |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
90 * String.</li> |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
91 * <li> an attribute named "javax.servlet.request.key_size" of type Integer.</li> |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
92 * <li> an attribute named "javax.servlet.request.X509Certificate" of type |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
93 * java.security.cert.X509Certificate[]. This is an array of objects of type |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
94 * X509Certificate, the order of this array is defined as being in ascending |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
95 * order of trust. The first certificate in the chain is the one set by the |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
96 * client, the next is the one used to authenticate the first, and so on. |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
97 * </li> |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
98 * </ul> |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
99 * |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
100 * @param endpoint |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
101 * The Socket the request arrived on. |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
102 * @param request |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
103 * HttpRequest to be customised. |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
104 */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
105 @Override |
| 1001 | 106 public void customize(AbstractHttpConnection con) throws IOException |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
107 { |
| 1001 | 108 con._request.setScheme(HttpSchemes.HTTPS); |
| 109 super.customize(con); | |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
110 |
| 1001 | 111 SslConnection.SslEndPoint sslEndpoint=(SslConnection.SslEndPoint)con._endp; |
| 112 SSLEngine sslEngine = sslEndpoint.getSslEngine(); | |
| 113 SSLSession sslSession = sslEngine.getSession(); | |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
114 |
| 1001 | 115 SslCertificates.customize(sslSession,con._endp,con._request); |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
116 } |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
117 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
118 /* ------------------------------------------------------------ */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
119 /** |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
120 * @see org.eclipse.jetty.server.ssl.SslConnector#getSslContextFactory() |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
121 */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
122 public SslContextFactory getSslContextFactory() |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
123 { |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
124 return _sslContextFactory; |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
125 } |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
126 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
127 /* ------------------------------------------------------------ */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
128 /** |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
129 * By default, we're confidential, given we speak SSL. But, if we've been |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
130 * told about an confidential port, and said port is not our port, then |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
131 * we're not. This allows separation of listeners providing INTEGRAL versus |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
132 * CONFIDENTIAL constraints, such as one SSL listener configured to require |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
133 * client certs providing CONFIDENTIAL, whereas another SSL listener not |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
134 * requiring client certs providing mere INTEGRAL constraints. |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
135 */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
136 @Override |
|
972
5ee36654b383
simplify AbstractHttpConnection
Franklin Schmidt <fschmidt@gmail.com>
parents:
970
diff
changeset
|
137 public boolean isConfidential() |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
138 { |
|
893
d1c302afeeb6
remove _confidentialPort
Franklin Schmidt <fschmidt@gmail.com>
parents:
891
diff
changeset
|
139 return true; |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
140 } |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
141 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
142 @Override |
|
970
d82eb99e8df6
remove ConnectorSelectorManager
Franklin Schmidt <fschmidt@gmail.com>
parents:
952
diff
changeset
|
143 public AsyncConnection newConnection(SocketChannel channel, AsyncEndPoint endpoint) |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
144 { |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
145 try |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
146 { |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
147 SSLEngine engine = createSSLEngine(channel); |
|
952
669769bcdf5c
simplify AsyncEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
893
diff
changeset
|
148 SslConnection connection = new SslConnection(engine, endpoint); |
| 1003 | 149 AsyncHttpConnection delegate = (AsyncHttpConnection)super.newConnection(channel, connection.getSslEndPoint()); |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
150 connection.getSslEndPoint().setConnection(delegate); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
151 connection.setAllowRenegotiate(_sslContextFactory.isAllowRenegotiate()); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
152 return connection; |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
153 } |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
154 catch (IOException e) |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
155 { |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
156 throw new RuntimeIOException(e); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
157 } |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
158 } |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
159 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
160 /* ------------------------------------------------------------ */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
161 /** |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
162 * @param channel A channel which if passed is used as to extract remote |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
163 * host and port for the purposes of SSL session caching |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
164 * @return A SSLEngine for a new or cached SSL Session |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
165 * @throws IOException if the SSLEngine cannot be created |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
166 */ |
| 1002 | 167 private SSLEngine createSSLEngine(SocketChannel channel) throws IOException |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
168 { |
| 1002 | 169 String peerHost = channel.socket().getInetAddress().getHostAddress(); |
| 170 int peerPort = channel.socket().getPort(); | |
| 171 SSLEngine engine = _sslContextFactory.newSslEngine(peerHost, peerPort); | |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
172 engine.setUseClientMode(false); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
173 return engine; |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
174 } |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
175 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
176 /* ------------------------------------------------------------ */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
177 /** |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
178 * @see org.eclipse.jetty.server.nio.SelectChannelConnector#doStart() |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
179 */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
180 @Override |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
181 protected void doStart() throws Exception |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
182 { |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
183 _sslContextFactory.checkKeyStore(); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
184 _sslContextFactory.start(); |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
185 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
186 SSLEngine sslEngine = _sslContextFactory.newSslEngine(); |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
187 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
188 sslEngine.setUseClientMode(false); |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
189 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
190 SSLSession sslSession = sslEngine.getSession(); |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
191 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
192 _sslBuffers = BuffersFactory.newBuffers( |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
193 getUseDirectBuffers()?Type.DIRECT:Type.INDIRECT,sslSession.getApplicationBufferSize(), |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
194 getUseDirectBuffers()?Type.DIRECT:Type.INDIRECT,sslSession.getApplicationBufferSize(), |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
195 getUseDirectBuffers()?Type.DIRECT:Type.INDIRECT,getMaxBuffers() |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
196 ); |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
197 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
198 if (getRequestHeaderSize()<sslSession.getApplicationBufferSize()) |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
199 setRequestHeaderSize(sslSession.getApplicationBufferSize()); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
200 if (getRequestBufferSize()<sslSession.getApplicationBufferSize()) |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
201 setRequestBufferSize(sslSession.getApplicationBufferSize()); |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
202 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
203 super.doStart(); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
204 } |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
205 |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
206 /* ------------------------------------------------------------ */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
207 /** |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
208 * @see org.eclipse.jetty.server.nio.SelectChannelConnector#doStop() |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
209 */ |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
210 @Override |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
211 protected void doStop() throws Exception |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
212 { |
| 1002 | 213 _sslBuffers = null; |
|
872
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
214 super.doStop(); |
|
1c0b6841cd32
remove SocketEndPoint
Franklin Schmidt <fschmidt@gmail.com>
parents:
802
diff
changeset
|
215 } |
|
802
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
216 |
|
3428c60d7cfc
replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff
changeset
|
217 } |