org.apache.tomcat.util.net
Class SecureNioChannel

java.lang.Object
  org.apache.tomcat.util.net.NioChannel
      org.apache.tomcat.util.net.SecureNioChannel

All Implemented Interfaces:

Closeable, ByteChannel, Channel, ReadableByteChannel, WritableByteChannel

public class SecureNioChannel
extends NioChannel

Implementation of a secure socket channel

Version:

1.0

Author:

Filip Hanik

Nested Class Summary

static interface

SecureNioChannel.ApplicationBufferHandler Callback interface to be able to expand buffers when buffer overflow exceptions happen

Field Summary

protected boolean	closed
protected boolean	closing
protected boolean	handshakeComplete
protected SSLEngineResult.HandshakeStatus	handshakeStatus
protected ByteBuffer	netInBuffer
protected ByteBuffer	netOutBuffer
protected NioSelectorPool	pool
protected SSLEngine	sslEngine

Fields inherited from class org.apache.tomcat.util.net.NioChannel

bufHandler, emptyBuf, poller, sc, sendFile

Constructor Summary

SecureNioChannel(SocketChannel channel, SSLEngine engine, SecureNioChannel.ApplicationBufferHandler bufHandler, NioSelectorPool pool)

Method Summary

void	close() Sends a SSL close message, will not physically close the connection here.
void	close(boolean force) Force a close, can throw an IOException
boolean	flush(boolean block, Selector s, long timeout) Flush the channel.
protected boolean	flush(ByteBuffer buf) Flushes the buffer to the network, non blocking
boolean	flushOutbound() Return true if the buffer wrote data
int	getBufferSize()
SecureNioChannel.ApplicationBufferHandler	getBufHandler() getBufHandler
ByteBuffer	getEmptyBuf()
SocketChannel	getIOChannel() getIOChannel
int	getOutboundRemaining()
SSLEngine	getSslEngine()
int	handshake(boolean read, boolean write) Performs SSL handshake, non blocking, but performs NEED_TASK on the same thread.
protected SSLEngineResult	handshakeUnwrap(boolean doread) Perform handshake unwrap
protected SSLEngineResult	handshakeWrap(boolean doWrite) Performs the WRAP function
boolean	isClosing() isClosing
boolean	isHandshakeComplete() isInitHandshakeComplete
int	read(ByteBuffer dst) Reads a sequence of bytes from this channel into the given buffer.
void	rehandshake(long timeout) Force a blocking handshake to take place for this key.
void	reset()
void	reset(SSLEngine engine)
void	setBufHandler(SecureNioChannel.ApplicationBufferHandler bufHandler)
protected SSLEngineResult.HandshakeStatus	tasks() Executes all the tasks needed on the same thread.
int	write(ByteBuffer src) Writes a sequence of bytes to this channel from the given buffer.

Methods inherited from class org.apache.tomcat.util.net.NioChannel

getAttachment, getPoller, isOpen, isSendFile, setIOChannel, setPoller, setSendFile, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

netInBuffer

protected ByteBuffer netInBuffer

netOutBuffer

protected ByteBuffer netOutBuffer

sslEngine

protected SSLEngine sslEngine

handshakeComplete

protected boolean handshakeComplete

handshakeStatus

protected SSLEngineResult.HandshakeStatus handshakeStatus

closed

protected boolean closed

closing

protected boolean closing

pool

protected NioSelectorPool pool

Constructor Detail

SecureNioChannel

public SecureNioChannel(SocketChannel channel,
                        SSLEngine engine,
                        SecureNioChannel.ApplicationBufferHandler bufHandler,
                        NioSelectorPool pool)
                 throws IOException

Throws:

IOException

Method Detail

reset

public void reset(SSLEngine engine)
           throws IOException

Throws:

IOException

reset

public void reset()
           throws IOException

Overrides:

reset in class NioChannel

Throws:

IOException

getBufferSize

public int getBufferSize()

Overrides:

getBufferSize in class NioChannel

flush

public boolean flush(boolean block,
                     Selector s,
                     long timeout)
              throws IOException

Flush the channel.

Overrides:

flush in class NioChannel

Parameters:

block - Should a blocking write be used?

s -

timeout -

Returns:

true if the network buffer has been flushed out and is empty else false

Throws:

IOException

flush

protected boolean flush(ByteBuffer buf)
                 throws IOException

Flushes the buffer to the network, non blocking

Parameters:

buf - ByteBuffer

Returns:

boolean true if the buffer has been emptied out, false otherwise

Throws:

IOException

handshake

public int handshake(boolean read,
                     boolean write)
              throws IOException

Performs SSL handshake, non blocking, but performs NEED_TASK on the same thread.
Hence, you should never call this method using your Acceptor thread, as you would slow down your system significantly.
The return for this operation is 0 if the handshake is complete and a positive value if it is not complete. In the event of a positive value coming back, reregister the selection key for the return values interestOps.

Overrides:

handshake in class NioChannel

Parameters:

read - boolean - true if the underlying channel is readable

write - boolean - true if the underlying channel is writable

Returns:

int - 0 if hand shake is complete, otherwise it returns a SelectionKey interestOps value

Throws:

IOException

rehandshake

public void rehandshake(long timeout)
                 throws IOException

Force a blocking handshake to take place for this key. This requires that both network and application buffers have been emptied out prior to this call taking place, or a IOException will be thrown.

Parameters:

timeout - - timeout in milliseconds for each socket operation

Throws:

IOException - - if an IO exception occurs or if application or network buffers contain data

SocketTimeoutException - - if a socket operation timed out

tasks

protected SSLEngineResult.HandshakeStatus tasks()

Executes all the tasks needed on the same thread.

Returns:

HandshakeStatus

handshakeWrap

protected SSLEngineResult handshakeWrap(boolean doWrite)
                                 throws IOException

Performs the WRAP function

Parameters:

doWrite - boolean

Returns:

SSLEngineResult

Throws:

IOException

handshakeUnwrap

protected SSLEngineResult handshakeUnwrap(boolean doread)
                                   throws IOException

Perform handshake unwrap

Parameters:

doread - boolean

Returns:

SSLEngineResult

Throws:

IOException

close

public void close()
           throws IOException

Sends a SSL close message, will not physically close the connection here.
To close the connection, you could do something like

   close();
   while (isOpen() && !myTimeoutFunction()) Thread.sleep(25);
   if ( isOpen() ) close(true); //forces a close if you timed out
 

Specified by:

close in interface Closeable

Specified by:

close in interface Channel

Overrides:

close in class NioChannel

Throws:

IOException - if an I/O error occurs

IOException - if there is data on the outgoing network buffer and we are unable to flush it TODO Implement this java.io.Closeable method

close

public void close(boolean force)
           throws IOException

Force a close, can throw an IOException

Overrides:

close in class NioChannel

Parameters:

force - boolean

Throws:

IOException

read

public int read(ByteBuffer dst)
         throws IOException

Reads a sequence of bytes from this channel into the given buffer.

Specified by:

read in interface ReadableByteChannel

Overrides:

read in class NioChannel

Parameters:

dst - The buffer into which bytes are to be transferred

Returns:

The number of bytes read, possibly zero, or -1 if the channel has reached end-of-stream

Throws:

IOException - If some other I/O error occurs

IllegalArgumentException - if the destination buffer is different than bufHandler.getReadBuffer() TODO Implement this java.nio.channels.ReadableByteChannel method

write

public int write(ByteBuffer src)
          throws IOException

Writes a sequence of bytes to this channel from the given buffer.

Specified by:

write in interface WritableByteChannel

Overrides:

write in class NioChannel

Parameters:

src - The buffer from which bytes are to be retrieved

Returns:

The number of bytes written, possibly zero

Throws:

IOException - If some other I/O error occurs TODO Implement this java.nio.channels.WritableByteChannel method

getOutboundRemaining

public int getOutboundRemaining()

Overrides:

getOutboundRemaining in class NioChannel

flushOutbound

public boolean flushOutbound()
                      throws IOException

Description copied from class: NioChannel

Return true if the buffer wrote data

Overrides:

flushOutbound in class NioChannel

Throws:

IOException

getBufHandler

public SecureNioChannel.ApplicationBufferHandler getBufHandler()

Description copied from class: NioChannel

getBufHandler

Overrides:

getBufHandler in class NioChannel

Returns:

ApplicationBufferHandler TODO Implement this org.apache.tomcat.util.net.SecureNioChannel method

isHandshakeComplete

public boolean isHandshakeComplete()

Description copied from class: NioChannel

isInitHandshakeComplete

Overrides:

isHandshakeComplete in class NioChannel

Returns:

boolean

isClosing

public boolean isClosing()

Description copied from class: NioChannel

isClosing

Overrides:

isClosing in class NioChannel

Returns:

boolean TODO Implement this org.apache.tomcat.util.net.SecureNioChannel method

getSslEngine

public SSLEngine getSslEngine()

getEmptyBuf

public ByteBuffer getEmptyBuf()

setBufHandler

public void setBufHandler(SecureNioChannel.ApplicationBufferHandler bufHandler)

getIOChannel

public SocketChannel getIOChannel()

Description copied from class: NioChannel

getIOChannel

Overrides:

getIOChannel in class NioChannel

Returns:

SocketChannel TODO Implement this org.apache.tomcat.util.net.SecureNioChannel method