Mercurial Hosting > luan
comparison src/org/eclipse/jetty/io/nio/SslConnection.java @ 1002:35d04ac3fd0b
simplify ssl
| author | Franklin Schmidt <fschmidt@gmail.com> |
|---|---|
| date | Sat, 22 Oct 2016 21:56:44 -0600 |
| parents | bdb6eb0fbf93 |
| children | 21910079096e |
comparison
equal
deleted
inserted
replaced
| 1001:39154cfa58e4 | 1002:35d04ac3fd0b |
|---|---|
| 47 */ | 47 */ |
| 48 public final class SslConnection extends AbstractConnection implements AsyncConnection | 48 public final class SslConnection extends AbstractConnection implements AsyncConnection |
| 49 { | 49 { |
| 50 private final Logger _logger = LoggerFactory.getLogger("org.eclipse.jetty.io.nio.ssl"); | 50 private final Logger _logger = LoggerFactory.getLogger("org.eclipse.jetty.io.nio.ssl"); |
| 51 | 51 |
| 52 private static final NIOBuffer __ZERO_BUFFER=new IndirectNIOBuffer(0); | 52 private static final NIOBuffer __ZERO_BUFFER = new IndirectNIOBuffer(0); |
| 53 | 53 |
| 54 private static final ThreadLocal<SslBuffers> __buffers = new ThreadLocal<SslBuffers>(); | 54 private static final ThreadLocal<SslBuffers> __buffers = new ThreadLocal<SslBuffers>(); |
| 55 private final SSLEngine _engine; | 55 private final SSLEngine _engine; |
| 56 private final SSLSession _session; | 56 private final SSLSession _session; |
| 57 private AsyncConnection _connection; | 57 private AsyncConnection _connection; |
| 60 private SslBuffers _buffers; | 60 private SslBuffers _buffers; |
| 61 private NIOBuffer _inbound; | 61 private NIOBuffer _inbound; |
| 62 private NIOBuffer _unwrapBuf; | 62 private NIOBuffer _unwrapBuf; |
| 63 private NIOBuffer _outbound; | 63 private NIOBuffer _outbound; |
| 64 private final AsyncEndPoint _aEndp; | 64 private final AsyncEndPoint _aEndp; |
| 65 private boolean _allowRenegotiate=true; | 65 private boolean _allowRenegotiate = true; |
| 66 private boolean _handshook; | 66 private boolean _handshook; |
| 67 private boolean _ishut; | 67 private boolean _ishut; |
| 68 private boolean _oshut; | 68 private boolean _oshut; |
| 69 private final AtomicBoolean _progressed = new AtomicBoolean(); | 69 private final AtomicBoolean _progressed = new AtomicBoolean(); |
| 70 | 70 |
| 86 } | 86 } |
| 87 | 87 |
| 88 public SslConnection(SSLEngine engine,AsyncEndPoint endp) | 88 public SslConnection(SSLEngine engine,AsyncEndPoint endp) |
| 89 { | 89 { |
| 90 super(endp); | 90 super(endp); |
| 91 _engine=engine; | 91 _engine = engine; |
| 92 _session=_engine.getSession(); | 92 _session = _engine.getSession(); |
| 93 _aEndp=endp; | 93 _aEndp = endp; |
| 94 _sslEndPoint = new SslEndPoint(); | 94 _sslEndPoint = new SslEndPoint(); |
| 95 } | |
| 96 | |
| 97 /* ------------------------------------------------------------ */ | |
| 98 /** | |
| 99 * @return True if SSL re-negotiation is allowed (default false) | |
| 100 */ | |
| 101 public boolean isAllowRenegotiate() | |
| 102 { | |
| 103 return _allowRenegotiate; | |
| 104 } | 95 } |
| 105 | 96 |
| 106 /* ------------------------------------------------------------ */ | 97 /* ------------------------------------------------------------ */ |
| 107 /** | 98 /** |
| 108 * Set if SSL re-negotiation is allowed. CVE-2009-3555 discovered | 99 * Set if SSL re-negotiation is allowed. CVE-2009-3555 discovered |
| 117 public void setAllowRenegotiate(boolean allowRenegotiate) | 108 public void setAllowRenegotiate(boolean allowRenegotiate) |
| 118 { | 109 { |
| 119 _allowRenegotiate = allowRenegotiate; | 110 _allowRenegotiate = allowRenegotiate; |
| 120 } | 111 } |
| 121 | 112 |
| 122 /* ------------------------------------------------------------ */ | |
| 123 private void allocateBuffers() | 113 private void allocateBuffers() |
| 124 { | 114 { |
| 125 synchronized (this) | 115 synchronized (this) |
| 126 { | 116 { |
| 127 if (_allocations++==0) | 117 if (_allocations++==0) |
| 138 } | 128 } |
| 139 } | 129 } |
| 140 } | 130 } |
| 141 } | 131 } |
| 142 | 132 |
| 143 /* ------------------------------------------------------------ */ | |
| 144 private void releaseBuffers() | 133 private void releaseBuffers() |
| 145 { | 134 { |
| 146 synchronized (this) | 135 synchronized (this) |
| 147 { | 136 { |
| 148 if (--_allocations==0) | 137 if (--_allocations==0) |
| 205 } | 194 } |
| 206 } | 195 } |
| 207 } | 196 } |
| 208 } | 197 } |
| 209 | 198 |
| 199 @Override | |
| 210 public boolean isSuspended() | 200 public boolean isSuspended() |
| 211 { | 201 { |
| 212 return false; | 202 return false; |
| 213 } | 203 } |
| 214 | 204 |
| 205 @Override | |
| 215 public void onInputShutdown() throws IOException | 206 public void onInputShutdown() throws IOException |
| 216 { | 207 { |
| 217 | |
| 218 } | 208 } |
| 219 | 209 |
| 220 private synchronized boolean process(Buffer toFill, Buffer toFlush) throws IOException | 210 private synchronized boolean process(Buffer toFill, Buffer toFlush) throws IOException |
| 221 { | 211 { |
| 222 boolean some_progress=false; | 212 boolean some_progress=false; |
| 259 | 249 |
| 260 // If we are here, we have a buffer ready into which we can put some read data. | 250 // If we are here, we have a buffer ready into which we can put some read data. |
| 261 | 251 |
| 262 // If we have no data to flush, flush the empty buffer | 252 // If we have no data to flush, flush the empty buffer |
| 263 if (toFlush==null) | 253 if (toFlush==null) |
| 264 toFlush=__ZERO_BUFFER; | 254 toFlush = __ZERO_BUFFER; |
| 265 | 255 |
| 266 // While we are making progress processing SSL engine | 256 // While we are making progress processing SSL engine |
| 267 boolean progress=true; | 257 boolean progress=true; |
| 268 while (progress) | 258 while (progress) |
| 269 { | 259 { |