Package org.apache.mina.filter.ssl

Class SSLHandlerG1

  • class SSLHandlerG1
extends SslHandler
    Default implementation of SSLHandler

    The concurrency model is enforced using a simple mutex to ensure that the state of the decode buffer and closure is concurrent with the SSLEngine.

    • Field Detail

      • MAX_QUEUED_MESSAGES

        protected static final int MAX_QUEUED_MESSAGES
        Maximum number of queued messages waiting for encoding
        See Also:
        Constant Field Values

      • MAX_UNACK_MESSAGES

        protected static final int MAX_UNACK_MESSAGES
        Maximum number of messages waiting acknowledgement
        See Also:
        Constant Field Values

      • ENABLE_SOFT_CLOSURE

        protected static final boolean ENABLE_SOFT_CLOSURE
        Writes the SSL Closure messages after a close request
        See Also:
        Constant Field Values

      • ENABLE_FAST_HANDSHAKE

        protected static final boolean ENABLE_FAST_HANDSHAKE
        Enable aggregation of handshake messages
        See Also:
        Constant Field Values

      • ENABLE_ASYNC_TASKS

        protected static final boolean ENABLE_ASYNC_TASKS
        Enable asynchronous tasks. Default to false.
        See Also:
        Constant Field Values

      • mHandshakeComplete

        protected boolean mHandshakeComplete
        Indicates whether the first handshake was completed

      • mHandshakeStarted

        protected boolean mHandshakeStarted
        Indicated whether the first handshake was started

      • mOutboundClosing

        protected boolean mOutboundClosing
        Indicates that the outbound is closing

      • mOutboundLinger

        protected boolean mOutboundLinger
        Indicates that previously queued messages should be written before closing

      • mReceiveThread

        protected volatile java.lang.Thread mReceiveThread
        Holds the decoder thread reference; used for recursion detection introduced by a delegated task

      • mWriteQueue

        protected final java.util.Deque<EncryptedWriteRequest> mWriteQueue
        Encoded buffers ready for processing upstream

      • mReceiveQueue

        protected final java.util.Deque<IoBuffer> mReceiveQueue
        Decoded buffers ready for processing downstream

      • mEventQueue

        protected final java.util.Deque<FilterEvent> mEventQueue
        Pending filter events for dispatching

      • mPendingError

        protected javax.net.ssl.SSLException mPendingError
        Captured error state

    • Constructor Detail

      • SSLHandlerG1

        public SSLHandlerG1​(javax.net.ssl.SSLEngine sslEngine,
                    java.util.concurrent.Executor executor,
                    IoSession session)
        Instantiates a new handler
        Parameters:
        sslEngine - The SSLEngine instance
        executor - The executor instance to use to process tasks
        session - The session to handle

    • Method Detail

      • isOpen

        public boolean isOpen()
        Specified by:
        isOpen in class SslHandler
        Returns:
        true if the encryption session is open

      • isConnected

        public boolean isConnected()
        Specified by:
        isConnected in class SslHandler
        Returns:
        true if the encryption session is connected and secure

      • open

        public void open​(IoFilter.NextFilter next)
          throws javax.net.ssl.SSLException
        Opens the encryption session, this may include sending the initial handshake message
        Specified by:
        open in class SslHandler
        Parameters:
        next - The next filter
        Throws:
        javax.net.ssl.SSLException - The thrown exception

      • open_start

        protected void open_start​(IoFilter.NextFilter next)
                   throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException

      • receive

        public void receive​(IoFilter.NextFilter next,
                    IoBuffer message)
             throws javax.net.ssl.SSLException
        Decodes encrypted messages and passes the results to the next filter.
        Specified by:
        receive in class SslHandler
        Parameters:
        next - The next filter
        message - the received message
        Throws:
        javax.net.ssl.SSLException - The thrown exception

      • receive_start

        protected void receive_start​(IoFilter.NextFilter next,
                             IoBuffer message)
                      throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException

      • receive_loop

        protected void receive_loop​(IoFilter.NextFilter next,
                            IoBuffer message)
                     throws javax.net.ssl.SSLException
        Process a received message
        Parameters:
        next - The next filter
        message - The message to process
        Throws:
        javax.net.ssl.SSLException - If we get some error while processing the message

      • ack

        public void ack​(IoFilter.NextFilter next,
                WriteRequest request)
         throws javax.net.ssl.SSLException
        Acknowledge that a WriteRequest has been successfully written to the IoSession

        This functionality is used to enforce flow control by allowing only a specific number of pending write operations at any moment of time. When one WriteRequest is acknowledged, another can be encoded and written.

        Specified by:
        ack in class SslHandler
        Parameters:
        next - The next filter
        request - The request to ack
        Throws:
        javax.net.ssl.SSLException - The thrown exception

      • ack_start

        protected void ack_start​(IoFilter.NextFilter next,
                         WriteRequest request)
                  throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException

      • write

        public void write​(IoFilter.NextFilter next,
                  WriteRequest request)
           throws javax.net.ssl.SSLException,
                  WriteRejectedException
        Encrypts and writes the specified WriteRequest to the IoSession or enqueues it to be processed later.

        The encryption session may be currently handshaking preventing application messages from being written.

        Specified by:
        write in class SslHandler
        Parameters:
        next - The next filter
        request - The request to write
        Throws:
        javax.net.ssl.SSLException - The thrown exception
        WriteRejectedException - when the session is closing

      • write_loop

        protected boolean write_loop​(IoFilter.NextFilter next,
                             WriteRequest request)
                      throws javax.net.ssl.SSLException
        Attempts to encode the WriteRequest and write the data to the IoSession
        Parameters:
        next -
        request -
        Returns:
        true if the WriteRequest was fully consumed; otherwise false
        Throws:
        javax.net.ssl.SSLException

      • write_handshake

        protected boolean write_handshake​(IoFilter.NextFilter next)
                           throws javax.net.ssl.SSLException
        Attempts to generate a handshake message and write the data to the IoSession
        Parameters:
        next -
        Returns:
        true if a message was generated and written
        Throws:
        javax.net.ssl.SSLException

      • write_handshake_loop

        protected boolean write_handshake_loop​(IoFilter.NextFilter next,
                                       IoBuffer source,
                                       IoBuffer dest)
                                throws javax.net.ssl.SSLException
        Attempts to generate a handshake message and write the data to the IoSession.

        If FAST_HANDSHAKE is enabled, this method will recursively loop in order to combine multiple messages into one buffer.

        Parameters:
        next -
        source -
        dest -
        Returns:
        true if a message was generated and written
        Throws:
        javax.net.ssl.SSLException

      • finish_handshake

        protected void finish_handshake​(IoFilter.NextFilter next)
                         throws javax.net.ssl.SSLException
        Marks the handshake as complete and emits any signals
        Parameters:
        next -
        Throws:
        javax.net.ssl.SSLException

      • flush

        public void flush​(IoFilter.NextFilter next)
           throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException

      • flush_start

        protected void flush_start​(IoFilter.NextFilter next)
                    throws javax.net.ssl.SSLException
        Flushes the encode queue
        Parameters:
        next -
        Throws:
        javax.net.ssl.SSLException

      • close

        public void close​(IoFilter.NextFilter next,
                  boolean linger)
           throws javax.net.ssl.SSLException
        Closes the encryption session and writes any required messages
        Specified by:
        close in class SslHandler
        Parameters:
        next - The next filter
        linger - if true, write any queued messages before closing
        Throws:
        javax.net.ssl.SSLException - The thrown exception

      • close_start

        protected void close_start​(IoFilter.NextFilter next,
                           boolean linger)
                    throws javax.net.ssl.SSLException
        Throws:
        javax.net.ssl.SSLException

      • throw_pending_error

        protected void throw_pending_error​(IoFilter.NextFilter next)
                            throws javax.net.ssl.SSLException
        Process the pending error and loop to send the associated alert if we have some.
        Parameters:
        next - The next filter in the chain
        Throws:
        javax.net.ssl.SSLException - The rethrown pending error

      • store_pending_error

        protected void store_pending_error​(javax.net.ssl.SSLException sslException)
        Store any error we've got during the handshake or message handling
        Parameters:
        sslException - The exfeption to store

      • schedule_task

        protected void schedule_task​(IoFilter.NextFilter next)
        Schedule a SSLEngine task for execution, either using an Executor, or immediately.
        Parameters:
        next - The next filter to call

      • execute_task

        protected void execute_task​(IoFilter.NextFilter next)
        Execute a SSLEngine task. We may have more than one. If we get any exception during the processing, an error is stored and thrown.
        Parameters:
        next - The next filer in the chain