You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ro...@apache.org on 2017/01/09 15:07:24 UTC
[11/30] qpid-proton git commit: PROTON-1385: remove proton-j from the
existing repo, it now has its own repo at:
https://git-wip-us.apache.org/repos/asf/qpid-proton-j.git
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutput.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutput.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutput.java
deleted file mode 100644
index b8df26b..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutput.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.proton.engine.impl;
-
-import java.nio.ByteBuffer;
-
-import org.apache.qpid.proton.engine.Transport;
-
-public interface TransportOutput
-{
-
- int pending();
-
- ByteBuffer head();
-
- void pop(int bytes);
-
- void close_head();
-
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutputAdaptor.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutputAdaptor.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutputAdaptor.java
deleted file mode 100644
index 2c43bfe..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutputAdaptor.java
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.qpid.proton.engine.impl;
-
-import static org.apache.qpid.proton.engine.impl.ByteBufferUtils.*;
-
-import java.nio.ByteBuffer;
-
-import org.apache.qpid.proton.engine.Transport;
-
-class TransportOutputAdaptor implements TransportOutput
-{
- private static final ByteBuffer _emptyHead = newReadableBuffer(0).asReadOnlyBuffer();
-
- private final TransportOutputWriter _transportOutputWriter;
- private final int _maxFrameSize;
-
- private ByteBuffer _outputBuffer = null;
- private ByteBuffer _head = null;
- private boolean _output_done = false;
- private boolean _head_closed = false;
-
- TransportOutputAdaptor(TransportOutputWriter transportOutputWriter, int maxFrameSize)
- {
- _transportOutputWriter = transportOutputWriter;
- _maxFrameSize = maxFrameSize > 0 ? maxFrameSize : 4*1024;
- }
-
- @Override
- public int pending()
- {
- if (_head_closed) {
- return Transport.END_OF_STREAM;
- }
-
- if(_outputBuffer == null)
- {
- init_buffers();
- }
-
- _output_done = _transportOutputWriter.writeInto(_outputBuffer);
- _head.limit(_outputBuffer.position());
-
- if (_outputBuffer.position() == 0 && _outputBuffer.capacity() > TransportImpl.BUFFER_RELEASE_THRESHOLD)
- {
- release_buffers();
- }
-
- if (_output_done && (_outputBuffer == null || _outputBuffer.position() == 0))
- {
- return Transport.END_OF_STREAM;
- }
- else
- {
- return _outputBuffer == null ? 0 : _outputBuffer.position();
- }
- }
-
- @Override
- public ByteBuffer head()
- {
- pending();
- return _head != null ? _head : _emptyHead;
- }
-
- @Override
- public void pop(int bytes)
- {
- if (_outputBuffer != null) {
- _outputBuffer.flip();
- _outputBuffer.position(bytes);
- _outputBuffer.compact();
- _head.position(0);
- _head.limit(_outputBuffer.position());
- if (_outputBuffer.position() == 0 && _outputBuffer.capacity() > TransportImpl.BUFFER_RELEASE_THRESHOLD) {
- release_buffers();
- }
- }
- }
-
- @Override
- public void close_head()
- {
- _head_closed = true;
- _transportOutputWriter.closed(null);
- release_buffers();
- }
-
- private void init_buffers() {
- _outputBuffer = newWriteableBuffer(_maxFrameSize);
- _head = _outputBuffer.asReadOnlyBuffer();
- _head.limit(0);
- }
-
- private void release_buffers() {
- _head = null;
- _outputBuffer = null;
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutputWriter.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutputWriter.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutputWriter.java
deleted file mode 100644
index 76c0df7..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportOutputWriter.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.qpid.proton.engine.impl;
-
-import java.nio.ByteBuffer;
-
-import org.apache.qpid.proton.engine.TransportException;
-
-interface TransportOutputWriter
-{
- /**
- * Writes my pending output bytes into outputBuffer. Does not
- * subsequently flip it. Returns true on end of stream.
- */
- boolean writeInto(ByteBuffer outputBuffer);
-
- void closed(TransportException error);
-
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportReceiver.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportReceiver.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportReceiver.java
deleted file mode 100644
index 29d97c4..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportReceiver.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.qpid.proton.engine.impl;
-
-import org.apache.qpid.proton.amqp.transport.Flow;
-
-class TransportReceiver extends TransportLink<ReceiverImpl>
-{
-
-
- TransportReceiver(ReceiverImpl link)
- {
- super(link);
- link.setTransportLink(this);
- }
-
- public ReceiverImpl getReceiver()
- {
- return getLink();
- }
-
- @Override
- void handleFlow(Flow flow)
- {
- super.handleFlow(flow);
- int remote = getRemoteDeliveryCount().intValue();
- int local = getDeliveryCount().intValue();
- int delta = remote - local;
- if(delta > 0)
- {
- getLink().addCredit(-delta);
- addCredit(-delta);
- setDeliveryCount(getRemoteDeliveryCount());
- getLink().setDrained(getLink().getDrained() + delta);
- }
-
-
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportSender.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportSender.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportSender.java
deleted file mode 100644
index cebe577..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportSender.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.qpid.proton.engine.impl;
-
-import org.apache.qpid.proton.amqp.UnsignedInteger;
-import org.apache.qpid.proton.amqp.transport.Flow;
-
-class TransportSender extends TransportLink<SenderImpl>
-{
- private boolean _drain;
- private DeliveryImpl _inProgressDelivery;
- private static final UnsignedInteger ORIGINAL_DELIVERY_COUNT = UnsignedInteger.ZERO;
-
- TransportSender(SenderImpl link)
- {
- super(link);
- setDeliveryCount(ORIGINAL_DELIVERY_COUNT);
- link.setTransportLink(this);
- }
-
- @Override
- void handleFlow(Flow flow)
- {
- super.handleFlow(flow);
- _drain = flow.getDrain();
- getLink().setDrain(flow.getDrain());
- int oldCredit = getLink().getCredit();
- UnsignedInteger oldLimit = getLinkCredit().add(getDeliveryCount());
- UnsignedInteger transferLimit = flow.getLinkCredit().add(flow.getDeliveryCount() == null
- ? ORIGINAL_DELIVERY_COUNT
- : flow.getDeliveryCount());
- UnsignedInteger linkCredit = transferLimit.subtract(getDeliveryCount());
-
- setLinkCredit(linkCredit);
- getLink().setCredit(transferLimit.subtract(oldLimit).intValue() + oldCredit);
-
- DeliveryImpl current = getLink().current();
- getLink().getConnectionImpl().workUpdate(current);
- setLinkCredit(linkCredit);
- }
-
- public void setInProgressDelivery(DeliveryImpl inProgressDelivery)
- {
- _inProgressDelivery = inProgressDelivery;
- }
-
- public DeliveryImpl getInProgressDelivery()
- {
- return _inProgressDelivery;
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportSession.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportSession.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportSession.java
deleted file mode 100644
index d9c1083..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportSession.java
+++ /dev/null
@@ -1,500 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.qpid.proton.engine.impl;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.qpid.proton.amqp.Binary;
-import org.apache.qpid.proton.amqp.UnsignedInteger;
-import org.apache.qpid.proton.amqp.transport.Disposition;
-import org.apache.qpid.proton.amqp.transport.Flow;
-import org.apache.qpid.proton.amqp.transport.Role;
-import org.apache.qpid.proton.amqp.transport.Transfer;
-import org.apache.qpid.proton.engine.Event;
-
-class TransportSession
-{
- private static final int HANDLE_MAX = 65535;
-
- private final TransportImpl _transport;
- private final SessionImpl _session;
- private int _localChannel = -1;
- private int _remoteChannel = -1;
- private boolean _openSent;
- private final UnsignedInteger _handleMax = UnsignedInteger.valueOf(HANDLE_MAX); //TODO: should this be configurable?
- // This is used for the delivery-id actually stamped in each transfer frame of a given message delivery.
- private UnsignedInteger _outgoingDeliveryId = UnsignedInteger.ZERO;
- // These are used for the session windows communicated via Begin/Flow frames
- // and the conceptual transfer-id relating to updating them.
- private UnsignedInteger _incomingWindowSize = UnsignedInteger.ZERO;
- private UnsignedInteger _outgoingWindowSize = UnsignedInteger.ZERO;
- private UnsignedInteger _nextOutgoingId = UnsignedInteger.ONE;
- private UnsignedInteger _nextIncomingId = null;
-
- private final Map<UnsignedInteger, TransportLink<?>> _remoteHandlesMap = new HashMap<UnsignedInteger, TransportLink<?>>();
- private final Map<UnsignedInteger, TransportLink<?>> _localHandlesMap = new HashMap<UnsignedInteger, TransportLink<?>>();
- private final Map<String, TransportLink> _halfOpenLinks = new HashMap<String, TransportLink>();
-
-
- private UnsignedInteger _incomingDeliveryId = null;
- private UnsignedInteger _remoteIncomingWindow;
- private UnsignedInteger _remoteOutgoingWindow;
- private UnsignedInteger _remoteNextIncomingId = _nextOutgoingId;
- private UnsignedInteger _remoteNextOutgoingId;
- private final Map<UnsignedInteger, DeliveryImpl>
- _unsettledIncomingDeliveriesById = new HashMap<UnsignedInteger, DeliveryImpl>();
- private final Map<UnsignedInteger, DeliveryImpl>
- _unsettledOutgoingDeliveriesById = new HashMap<UnsignedInteger, DeliveryImpl>();
- private int _unsettledIncomingSize;
- private boolean _endReceived;
- private boolean _beginSent;
-
- TransportSession(TransportImpl transport, SessionImpl session)
- {
- _transport = transport;
- _session = session;
- _outgoingWindowSize = UnsignedInteger.valueOf(session.getOutgoingWindow());
- }
-
- void unbind()
- {
- unsetLocalChannel();
- unsetRemoteChannel();
- }
-
- public SessionImpl getSession()
- {
- return _session;
- }
-
- public int getLocalChannel()
- {
- return _localChannel;
- }
-
- public void setLocalChannel(int localChannel)
- {
- if (!isLocalChannelSet()) {
- _session.incref();
- }
- _localChannel = localChannel;
- }
-
- public int getRemoteChannel()
- {
- return _remoteChannel;
- }
-
- public void setRemoteChannel(int remoteChannel)
- {
- if (!isRemoteChannelSet()) {
- _session.incref();
- }
- _remoteChannel = remoteChannel;
- }
-
- public boolean isOpenSent()
- {
- return _openSent;
- }
-
- public void setOpenSent(boolean openSent)
- {
- _openSent = openSent;
- }
-
- public boolean isRemoteChannelSet()
- {
- return _remoteChannel != -1;
- }
-
- public boolean isLocalChannelSet()
- {
- return _localChannel != -1;
- }
-
- public void unsetLocalChannel()
- {
- if (isLocalChannelSet()) {
- unsetLocalHandles();
- _session.decref();
- }
- _localChannel = -1;
- }
-
- private void unsetLocalHandles()
- {
- for (TransportLink<?> tl : _localHandlesMap.values())
- {
- tl.clearLocalHandle();
- }
- _localHandlesMap.clear();
- }
-
- public void unsetRemoteChannel()
- {
- if (isRemoteChannelSet()) {
- unsetRemoteHandles();
- _session.decref();
- }
- _remoteChannel = -1;
- }
-
- private void unsetRemoteHandles()
- {
- for (TransportLink<?> tl : _remoteHandlesMap.values())
- {
- tl.clearRemoteHandle();
- }
- _remoteHandlesMap.clear();
- }
-
- public UnsignedInteger getHandleMax()
- {
- return _handleMax;
- }
-
- public UnsignedInteger getIncomingWindowSize()
- {
- return _incomingWindowSize;
- }
-
- void updateIncomingWindow()
- {
- int size = _transport.getMaxFrameSize();
- if (size <= 0) {
- _incomingWindowSize = UnsignedInteger.valueOf(2147483647); // biggest legal value
- } else {
- _incomingWindowSize = UnsignedInteger.valueOf((_session.getIncomingCapacity() - _session.getIncomingBytes())/size);
- }
- }
-
- public UnsignedInteger getOutgoingDeliveryId()
- {
- return _outgoingDeliveryId;
- }
-
- void incrementOutgoingDeliveryId()
- {
- _outgoingDeliveryId = _outgoingDeliveryId.add(UnsignedInteger.ONE);
- }
-
- public UnsignedInteger getOutgoingWindowSize()
- {
- return _outgoingWindowSize;
- }
-
- public UnsignedInteger getNextOutgoingId()
- {
- return _nextOutgoingId;
- }
-
- public TransportLink getLinkFromRemoteHandle(UnsignedInteger handle)
- {
- return _remoteHandlesMap.get(handle);
- }
-
- public UnsignedInteger allocateLocalHandle(TransportLink transportLink)
- {
- for(int i = 0; i <= HANDLE_MAX; i++)
- {
- UnsignedInteger handle = UnsignedInteger.valueOf(i);
- if(!_localHandlesMap.containsKey(handle))
- {
- _localHandlesMap.put(handle, transportLink);
- transportLink.setLocalHandle(handle);
- return handle;
- }
- }
- throw new IllegalStateException("no local handle available for allocation");
- }
-
- public void addLinkRemoteHandle(TransportLink link, UnsignedInteger remoteHandle)
- {
- _remoteHandlesMap.put(remoteHandle, link);
- }
-
- public void addLinkLocalHandle(TransportLink link, UnsignedInteger localhandle)
- {
- _localHandlesMap.put(localhandle, link);
- }
-
- public void freeLocalHandle(UnsignedInteger handle)
- {
- _localHandlesMap.remove(handle);
- }
-
- public void freeRemoteHandle(UnsignedInteger handle)
- {
- _remoteHandlesMap.remove(handle);
- }
-
- public TransportLink resolveHalfOpenLink(String name)
- {
- return _halfOpenLinks.remove(name);
- }
-
- public void addHalfOpenLink(TransportLink link)
- {
- _halfOpenLinks.put(link.getName(), link);
- }
-
- public void handleTransfer(Transfer transfer, Binary payload)
- {
- DeliveryImpl delivery;
- incrementNextIncomingId();
- if(transfer.getDeliveryId() == null || transfer.getDeliveryId().equals(_incomingDeliveryId))
- {
- TransportReceiver transportReceiver = (TransportReceiver) getLinkFromRemoteHandle(transfer.getHandle());
- ReceiverImpl receiver = transportReceiver.getReceiver();
- Binary deliveryTag = transfer.getDeliveryTag();
- delivery = _unsettledIncomingDeliveriesById.get(_incomingDeliveryId);
- delivery.getTransportDelivery().incrementSessionSize();
-
- }
- else
- {
- // TODO - check deliveryId has been incremented by one
- _incomingDeliveryId = transfer.getDeliveryId();
- // TODO - check link handle valid and a receiver
- TransportReceiver transportReceiver = (TransportReceiver) getLinkFromRemoteHandle(transfer.getHandle());
- ReceiverImpl receiver = transportReceiver.getReceiver();
- Binary deliveryTag = transfer.getDeliveryTag();
- delivery = receiver.delivery(deliveryTag.getArray(), deliveryTag.getArrayOffset(),
- deliveryTag.getLength());
- UnsignedInteger messageFormat = transfer.getMessageFormat();
- if(messageFormat != null) {
- delivery.setMessageFormat(messageFormat.intValue());
- }
- TransportDelivery transportDelivery = new TransportDelivery(_incomingDeliveryId, delivery, transportReceiver);
- delivery.setTransportDelivery(transportDelivery);
- _unsettledIncomingDeliveriesById.put(_incomingDeliveryId, delivery);
- getSession().incrementIncomingDeliveries(1);
- }
- if( transfer.getState()!=null )
- {
- delivery.setRemoteDeliveryState(transfer.getState());
- }
- _unsettledIncomingSize++;
- // TODO - should this be a copy?
- if(payload != null)
- {
- if(delivery.getDataLength() == 0)
- {
- delivery.setData(payload.getArray());
- delivery.setDataLength(payload.getLength());
- delivery.setDataOffset(payload.getArrayOffset());
- }
- else
- {
- byte[] data = new byte[delivery.getDataLength() + payload.getLength()];
- System.arraycopy(delivery.getData(), delivery.getDataOffset(), data, 0, delivery.getDataLength());
- System.arraycopy(payload.getArray(), payload.getArrayOffset(), data, delivery.getDataLength(), payload.getLength());
- delivery.setData(data);
- delivery.setDataOffset(0);
- delivery.setDataLength(data.length);
- }
- getSession().incrementIncomingBytes(payload.getLength());
- }
- delivery.updateWork();
-
-
- if(!(transfer.getMore() || transfer.getAborted()))
- {
- delivery.setComplete();
- delivery.getLink().getTransportLink().decrementLinkCredit();
- delivery.getLink().getTransportLink().incrementDeliveryCount();
- }
- if(Boolean.TRUE.equals(transfer.getSettled()))
- {
- delivery.setRemoteSettled(true);
- }
-
- _incomingWindowSize = _incomingWindowSize.subtract(UnsignedInteger.ONE);
-
- // this will cause a flow to happen
- if (_incomingWindowSize.equals(UnsignedInteger.ZERO)) {
- delivery.getLink().modified(false);
- }
-
- getSession().getConnection().put(Event.Type.DELIVERY, delivery);
- }
-
- public void freeLocalChannel()
- {
- unsetLocalChannel();
- }
-
- public void freeRemoteChannel()
- {
- unsetRemoteChannel();
- }
-
- private void setRemoteIncomingWindow(UnsignedInteger incomingWindow)
- {
- _remoteIncomingWindow = incomingWindow;
- }
-
- void decrementRemoteIncomingWindow()
- {
- _remoteIncomingWindow = _remoteIncomingWindow.subtract(UnsignedInteger.ONE);
- }
-
- private void setRemoteOutgoingWindow(UnsignedInteger outgoingWindow)
- {
- _remoteOutgoingWindow = outgoingWindow;
- }
-
- void handleFlow(Flow flow)
- {
- UnsignedInteger inext = flow.getNextIncomingId();
- UnsignedInteger iwin = flow.getIncomingWindow();
-
- if(inext != null)
- {
- setRemoteNextIncomingId(inext);
- setRemoteIncomingWindow(inext.add(iwin).subtract(_nextOutgoingId));
- }
- else
- {
- setRemoteIncomingWindow(iwin);
- }
- setRemoteNextOutgoingId(flow.getNextOutgoingId());
- setRemoteOutgoingWindow(flow.getOutgoingWindow());
-
- if(flow.getHandle() != null)
- {
- TransportLink transportLink = getLinkFromRemoteHandle(flow.getHandle());
- transportLink.handleFlow(flow);
-
-
- }
- }
-
- private void setRemoteNextOutgoingId(UnsignedInteger nextOutgoingId)
- {
- _remoteNextOutgoingId = nextOutgoingId;
- }
-
- private void setRemoteNextIncomingId(UnsignedInteger remoteNextIncomingId)
- {
- _remoteNextIncomingId = remoteNextIncomingId;
- }
-
- void handleDisposition(Disposition disposition)
- {
- UnsignedInteger id = disposition.getFirst();
- UnsignedInteger last = disposition.getLast() == null ? id : disposition.getLast();
- final Map<UnsignedInteger, DeliveryImpl> unsettledDeliveries =
- disposition.getRole() == Role.RECEIVER ? _unsettledOutgoingDeliveriesById
- : _unsettledIncomingDeliveriesById;
-
- while(id.compareTo(last)<=0)
- {
- DeliveryImpl delivery = unsettledDeliveries.get(id);
- if(delivery != null)
- {
- if(disposition.getState() != null)
- {
- delivery.setRemoteDeliveryState(disposition.getState());
- }
- if(Boolean.TRUE.equals(disposition.getSettled()))
- {
- delivery.setRemoteSettled(true);
- unsettledDeliveries.remove(id);
- }
- delivery.updateWork();
-
- getSession().getConnection().put(Event.Type.DELIVERY, delivery);
- }
- id = id.add(UnsignedInteger.ONE);
- }
- //TODO - Implement.
- }
-
- void addUnsettledOutgoing(UnsignedInteger deliveryId, DeliveryImpl delivery)
- {
- _unsettledOutgoingDeliveriesById.put(deliveryId, delivery);
- }
-
- public boolean hasOutgoingCredit()
- {
- return _remoteIncomingWindow == null ? false
- : _remoteIncomingWindow.compareTo(UnsignedInteger.ZERO)>0;
-
- }
-
- void incrementOutgoingId()
- {
- _nextOutgoingId = _nextOutgoingId.add(UnsignedInteger.ONE);
- }
-
- public void settled(TransportDelivery transportDelivery)
- {
- if(transportDelivery.getTransportLink().getLink() instanceof ReceiverImpl)
- {
- _unsettledIncomingDeliveriesById.remove(transportDelivery.getDeliveryId());
- getSession().modified(false);
- }
- else
- {
- _unsettledOutgoingDeliveriesById.remove(transportDelivery.getDeliveryId());
- getSession().modified(false);
- }
- }
-
- public UnsignedInteger getNextIncomingId()
- {
- return _nextIncomingId;
- }
-
- public void setNextIncomingId(UnsignedInteger nextIncomingId)
- {
- _nextIncomingId = nextIncomingId;
- }
-
- public void incrementNextIncomingId()
- {
- _nextIncomingId = _nextIncomingId.add(UnsignedInteger.ONE);
- }
-
- public boolean endReceived()
- {
- return _endReceived;
- }
-
- public void receivedEnd()
- {
- _endReceived = true;
- }
-
- public boolean beginSent()
- {
- return _beginSent;
- }
-
- public void sentBegin()
- {
- _beginSent = true;
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportWrapper.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportWrapper.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportWrapper.java
deleted file mode 100644
index f0b5f5c..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/TransportWrapper.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.proton.engine.impl;
-
-
-public interface TransportWrapper extends TransportInput, TransportOutput
-{
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/DefaultSslEngineFacade.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/DefaultSslEngineFacade.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/DefaultSslEngineFacade.java
deleted file mode 100644
index 8c38126..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/DefaultSslEngineFacade.java
+++ /dev/null
@@ -1,119 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.proton.engine.impl.ssl;
-
-import java.nio.ByteBuffer;
-
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLEngineResult;
-import javax.net.ssl.SSLEngineResult.HandshakeStatus;
-import javax.net.ssl.SSLEngineResult.Status;
-import javax.net.ssl.SSLException;
-import javax.net.ssl.SSLSession;
-
-
-class DefaultSslEngineFacade implements ProtonSslEngine
-{
- private final SSLEngine _sslEngine;
-
- /**
- * Our testing has shown that application buffers need to be a bit larger
- * than that provided by {@link SSLSession#getApplicationBufferSize()} otherwise
- * {@link Status#BUFFER_OVERFLOW} will result on {@link SSLEngine#unwrap()}.
- * Sun's own example uses 50, so we use the same.
- */
- private static final int APPLICATION_BUFFER_EXTRA = 50;
-
- DefaultSslEngineFacade(SSLEngine sslEngine)
- {
- _sslEngine = sslEngine;
- }
-
- @Override
- public SSLEngineResult wrap(ByteBuffer src, ByteBuffer dst) throws SSLException
- {
- return _sslEngine.wrap(src, dst);
- }
-
- @Override
- public SSLEngineResult unwrap(ByteBuffer src, ByteBuffer dst) throws SSLException
- {
- return _sslEngine.unwrap(src, dst);
- }
-
- /**
- * @see #APPLICATION_BUFFER_EXTRA
- */
- @Override
- public int getEffectiveApplicationBufferSize()
- {
- return getApplicationBufferSize() + APPLICATION_BUFFER_EXTRA;
- }
-
- private int getApplicationBufferSize()
- {
- return _sslEngine.getSession().getApplicationBufferSize();
- }
-
- @Override
- public int getPacketBufferSize()
- {
- return _sslEngine.getSession().getPacketBufferSize();
- }
-
- @Override
- public String getCipherSuite()
- {
- return _sslEngine.getSession().getCipherSuite();
- }
-
- @Override
- public String getProtocol()
- {
- return _sslEngine.getSession().getProtocol();
- }
-
- @Override
- public Runnable getDelegatedTask()
- {
- return _sslEngine.getDelegatedTask();
- }
-
- @Override
- public HandshakeStatus getHandshakeStatus()
- {
- return _sslEngine.getHandshakeStatus();
- }
-
- @Override
- public boolean getUseClientMode()
- {
- return _sslEngine.getUseClientMode();
- }
-
- @Override
- public String toString()
- {
- StringBuilder builder = new StringBuilder();
- builder.append("DefaultSslEngineFacade [_sslEngine=").append(_sslEngine).append("]");
- return builder.toString();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngine.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngine.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngine.java
deleted file mode 100644
index a5ebc65..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngine.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.proton.engine.impl.ssl;
-
-import java.nio.ByteBuffer;
-
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLEngineResult;
-import javax.net.ssl.SSLEngineResult.HandshakeStatus;
-import javax.net.ssl.SSLEngineResult.Status;
-import javax.net.ssl.SSLException;
-
-/**
- * Thin wrapper around an {@link SSLEngine}.
- */
-public interface ProtonSslEngine
-{
- /**
- * @see SSLEngine#wrap(ByteBuffer, ByteBuffer)
- *
- * Note that wrap really does write <em>one</em> packet worth of data to the
- * dst byte buffer. If dst byte buffer is insufficiently large the
- * pointers within both src and dst are unchanged and the bytesConsumed and
- * bytesProduced on the returned result are zero.
- */
- SSLEngineResult wrap(ByteBuffer src, ByteBuffer dst) throws SSLException;
-
- /**
- * @see SSLEngine#unwrap(ByteBuffer, ByteBuffer)
- *
- * Note that unwrap does read exactly one packet of encoded data from src
- * and write to dst. If src contains insufficient bytes to read a complete
- * packet {@link Status#BUFFER_UNDERFLOW} occurs. If underflow occurs the
- * pointers within both src and dst are unchanged and the bytesConsumed and
- * bytesProduced on the returned result are zero.
- */
- SSLEngineResult unwrap(ByteBuffer src, ByteBuffer dst) throws SSLException;
-
- Runnable getDelegatedTask();
- HandshakeStatus getHandshakeStatus();
-
- /**
- * Gets the application buffer size.
- */
- int getEffectiveApplicationBufferSize();
-
- int getPacketBufferSize();
- String getCipherSuite();
- String getProtocol();
- boolean getUseClientMode();
-
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngineProvider.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngineProvider.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngineProvider.java
deleted file mode 100644
index 95ae337..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngineProvider.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.qpid.proton.engine.impl.ssl;
-
-import org.apache.qpid.proton.engine.SslPeerDetails;
-
-public interface ProtonSslEngineProvider
-{
- /**
- * Returns an SSL engine.
- *
- * @param peerDetails the details of the remote peer. If non-null, may be used to assist SSL session resumption.
- */
- public ProtonSslEngine createSslEngine(SslPeerDetails peerDetails);
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SimpleSslTransportWrapper.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SimpleSslTransportWrapper.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SimpleSslTransportWrapper.java
deleted file mode 100644
index a30e88b..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SimpleSslTransportWrapper.java
+++ /dev/null
@@ -1,441 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.proton.engine.impl.ssl;
-
-
-import static org.apache.qpid.proton.engine.impl.ByteBufferUtils.newWriteableBuffer;
-
-import java.nio.ByteBuffer;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import javax.net.ssl.SSLEngineResult;
-import javax.net.ssl.SSLEngineResult.HandshakeStatus;
-import javax.net.ssl.SSLEngineResult.Status;
-import javax.net.ssl.SSLException;
-
-import org.apache.qpid.proton.engine.Transport;
-import org.apache.qpid.proton.engine.TransportException;
-import org.apache.qpid.proton.engine.impl.TransportInput;
-import org.apache.qpid.proton.engine.impl.TransportOutput;
-
-/**
- * TODO close the SSLEngine when told to, and modify {@link #wrapOutput()} and {@link #unwrapInput()}
- * to respond appropriately thereafter.
- */
-public class SimpleSslTransportWrapper implements SslTransportWrapper
-{
- private static final Logger _logger = Logger.getLogger(SimpleSslTransportWrapper.class.getName());
-
- private final ProtonSslEngine _sslEngine;
-
- private final TransportInput _underlyingInput;
- private final TransportOutput _underlyingOutput;
-
- private boolean _tail_closed = false;
- private ByteBuffer _inputBuffer;
-
- private boolean _head_closed = false;
- private ByteBuffer _outputBuffer;
- private ByteBuffer _head;
-
- /**
- * A buffer for the decoded bytes that will be passed to _underlyingInput.
- * This extra layer of buffering is necessary in case the underlying input's buffer
- * is too small for SSLEngine to ever unwrap into.
- */
- private ByteBuffer _decodedInputBuffer;
-
- /** could change during the lifetime of the ssl connection owing to renegotiation. */
- private String _cipherName;
-
- /** could change during the lifetime of the ssl connection owing to renegotiation. */
- private String _protocolName;
-
-
- SimpleSslTransportWrapper(ProtonSslEngine sslEngine, TransportInput underlyingInput, TransportOutput underlyingOutput)
- {
- _underlyingInput = underlyingInput;
- _underlyingOutput = underlyingOutput;
- _sslEngine = sslEngine;
-
- int effectiveAppBufferMax = _sslEngine.getEffectiveApplicationBufferSize();
- int packetSize = _sslEngine.getPacketBufferSize();
-
- // Input and output buffers need to be large enough to contain one SSL packet,
- // as stated in SSLEngine JavaDoc.
- _inputBuffer = newWriteableBuffer(packetSize);
- _outputBuffer = newWriteableBuffer(packetSize);
- _head = _outputBuffer.asReadOnlyBuffer();
- _head.limit(0);
-
- _decodedInputBuffer = newWriteableBuffer(effectiveAppBufferMax);
-
- if(_logger.isLoggable(Level.FINE))
- {
- _logger.fine("Constructed " + this);
- }
- }
-
-
- /**
- * Unwraps the contents of {@link #_inputBuffer} and passes it to {@link #_underlyingInput}.
- *
- * Regarding the state of {@link #_inputBuffer}:
- * - On entry, it is assumed to be readable.
- * - On exit, it is still readable and its "remaining" bytes are those that we were unable
- * to unwrap (e.g. if they don't form a whole packet).
- */
- private void unwrapInput() throws SSLException
- {
- while (true) {
- SSLEngineResult result = _sslEngine.unwrap(_inputBuffer, _decodedInputBuffer);
- logEngineClientModeAndResult(result, "input");
-
- int read = result.bytesProduced();
- Status status = result.getStatus();
- HandshakeStatus hstatus = result.getHandshakeStatus();
-
- int capacity = _underlyingInput.capacity();
- if (capacity == Transport.END_OF_STREAM || capacity <= 0) {
- _tail_closed = true;
- if (_decodedInputBuffer.position() > 0) {
- throw new TransportException("bytes left unconsumed");
- }
- } else {
- _decodedInputBuffer.flip();
-
- while (_decodedInputBuffer.hasRemaining() && capacity > 0) {
- ByteBuffer tail = _underlyingInput.tail();
- int limit = _decodedInputBuffer.limit();
- int overflow = _decodedInputBuffer.remaining() - capacity;
- if (overflow > 0) {
- _decodedInputBuffer.limit(limit - overflow);
- }
- tail.put(_decodedInputBuffer);
- _decodedInputBuffer.limit(limit);
- _underlyingInput.process();
- capacity = _underlyingInput.capacity();
- }
-
- if (capacity == Transport.END_OF_STREAM || capacity <= 0) {
- _tail_closed = true;
- if (_decodedInputBuffer.hasRemaining()) {
- throw new TransportException("bytes left unconsumed");
- }
- }
-
- _decodedInputBuffer.compact();
- }
-
- switch (status) {
- case CLOSED:
- _tail_closed = true;
- break;
- case BUFFER_OVERFLOW:
- {
- ByteBuffer old = _decodedInputBuffer;
- _decodedInputBuffer = newWriteableBuffer(old.capacity()*2);
- old.flip();
- _decodedInputBuffer.put(old);
- }
- continue;
- case BUFFER_UNDERFLOW:
- if (_tail_closed) {
- _head_closed = true;
- }
- // wait for more data
- break;
- case OK:
- break;
- }
-
- switch (hstatus)
- {
- case NEED_WRAP:
- // wait for write to kick in
- break;
- case NEED_TASK:
- runDelegatedTasks(result);
- continue;
- case FINISHED:
- updateCipherAndProtocolName(result);
- case NOT_HANDSHAKING:
- case NEED_UNWRAP:
- if (_inputBuffer.position() > 0 && status == Status.OK) {
- continue;
- } else {
- if (_inputBuffer.position() == 0 &&
- hstatus == HandshakeStatus.NEED_UNWRAP &&
- _tail_closed) {
- _head_closed = true;
- }
- break;
- }
- }
-
- break;
- }
- }
-
- /**
- * Wrap the underlying transport's output, passing it to the output buffer.
- *
- * {@link #_outputBuffer} is assumed to be writeable on entry and is guaranteed to
- * be still writeable on exit.
- */
- private void wrapOutput() throws SSLException
- {
- while (true) {
- int pending = _underlyingOutput.pending();
- if (pending < 0) {
- _head_closed = true;
- }
-
- ByteBuffer clearOutputBuffer = _underlyingOutput.head();
- SSLEngineResult result = _sslEngine.wrap(clearOutputBuffer, _outputBuffer);
- logEngineClientModeAndResult(result, "output");
-
- int written = result.bytesConsumed();
- _underlyingOutput.pop(written);
- pending = _underlyingOutput.pending();
-
- Status status = result.getStatus();
- switch (status) {
- case CLOSED:
- _head_closed = true;
- break;
- case OK:
- break;
- case BUFFER_OVERFLOW:
- ByteBuffer old = _outputBuffer;
- _outputBuffer = newWriteableBuffer(_outputBuffer.capacity()*2);
- _head = _outputBuffer.asReadOnlyBuffer();
- old.flip();
- _outputBuffer.put(old);
- continue;
- case BUFFER_UNDERFLOW:
- throw new IllegalStateException("app buffer underflow");
- }
-
- HandshakeStatus hstatus = result.getHandshakeStatus();
- switch (hstatus) {
- case NEED_UNWRAP:
- // wait for input data
- if (_inputBuffer.position() == 0 && _tail_closed) {
- _head_closed = true;
- }
- break;
- case NEED_WRAP:
- // keep looping
- continue;
- case NEED_TASK:
- runDelegatedTasks(result);
- continue;
- case FINISHED:
- updateCipherAndProtocolName(result);
- // intentionally fall through
- case NOT_HANDSHAKING:
- if (pending > 0 && status == Status.OK) {
- continue;
- } else {
- break;
- }
- }
-
- break;
- }
- }
-
- private boolean hasSpaceForSslPacket(ByteBuffer byteBuffer)
- {
- return byteBuffer.remaining() >= _sslEngine.getPacketBufferSize();
- }
-
- /** @return the cipher name, which is null until the SSL handshaking is completed */
- @Override
- public String getCipherName()
- {
- return _cipherName;
- }
-
- /** @return the protocol name, which is null until the SSL handshaking is completed */
- @Override
- public String getProtocolName()
- {
- return _protocolName;
- }
-
- private void updateCipherAndProtocolName(SSLEngineResult result)
- {
- if (result.getHandshakeStatus() == HandshakeStatus.FINISHED)
- {
- _cipherName = _sslEngine.getCipherSuite();
- _protocolName = _sslEngine.getProtocol();
- }
- }
-
- private void runDelegatedTasks(SSLEngineResult result)
- {
- if (result.getHandshakeStatus() == HandshakeStatus.NEED_TASK)
- {
- Runnable runnable;
- while ((runnable = _sslEngine.getDelegatedTask()) != null)
- {
- runnable.run();
- }
-
- HandshakeStatus hsStatus = _sslEngine.getHandshakeStatus();
- if (hsStatus == HandshakeStatus.NEED_TASK)
- {
- throw new RuntimeException("handshake shouldn't need additional tasks");
- }
- }
- }
-
- private void logEngineClientModeAndResult(SSLEngineResult result, String direction)
- {
- if(_logger.isLoggable(Level.FINEST))
- {
- _logger.log(Level.FINEST, "useClientMode = " + _sslEngine.getUseClientMode() + " direction = " + direction
- + " " + resultToString(result));
- }
- }
-
- private String resultToString(SSLEngineResult result)
- {
- return new StringBuilder("[SSLEngineResult status = ").append(result.getStatus())
- .append(" handshakeStatus = ").append(result.getHandshakeStatus())
- .append(" bytesConsumed = ").append(result.bytesConsumed())
- .append(" bytesProduced = ").append(result.bytesProduced())
- .append("]").toString();
- }
-
- @Override
- public int capacity()
- {
- if (_tail_closed) return Transport.END_OF_STREAM;
- return _inputBuffer.remaining();
- }
-
- @Override
- public int position()
- {
- if (_tail_closed) return Transport.END_OF_STREAM;
- return _inputBuffer.position();
- }
-
- @Override
- public ByteBuffer tail()
- {
- if (_tail_closed) throw new TransportException("tail closed");
- return _inputBuffer;
- }
-
- @Override
- public void process() throws TransportException
- {
- if (_tail_closed) throw new TransportException("tail closed");
-
- _inputBuffer.flip();
-
- try {
- unwrapInput();
- } catch (SSLException e) {
- _logger.log(Level.WARNING, e.getMessage());
- _inputBuffer.position(_inputBuffer.limit());
- _tail_closed = true;
- } finally {
- _inputBuffer.compact();
- }
- }
-
- @Override
- public void close_tail()
- {
- try {
- _underlyingInput.close_tail();
- } finally {
- _tail_closed = true;
- }
- }
-
- @Override
- public int pending()
- {
- try {
- wrapOutput();
- } catch (SSLException e) {
- _logger.log(Level.WARNING, e.getMessage());
- _head_closed = true;
- }
-
- _head.limit(_outputBuffer.position());
-
- if (_head_closed && _outputBuffer.position() == 0) {
- return Transport.END_OF_STREAM;
- }
-
- return _outputBuffer.position();
- }
-
- @Override
- public ByteBuffer head()
- {
- pending();
- return _head;
- }
-
- @Override
- public void pop(int bytes)
- {
- _outputBuffer.flip();
- _outputBuffer.position(bytes);
- _outputBuffer.compact();
- _head.position(0);
- _head.limit(_outputBuffer.position());
- }
-
- @Override
- public void close_head()
- {
- _underlyingOutput.close_head();
- int p = pending();
- if (p > 0) {
- pop(p);
- }
- }
-
-
- @Override
- public String toString()
- {
- StringBuilder builder = new StringBuilder();
- builder.append("SimpleSslTransportWrapper [sslEngine=").append(_sslEngine)
- .append(", inputBuffer=").append(_inputBuffer)
- .append(", outputBuffer=").append(_outputBuffer)
- .append(", decodedInputBuffer=").append(_decodedInputBuffer)
- .append(", cipherName=").append(_cipherName)
- .append(", protocolName=").append(_protocolName)
- .append("]");
- return builder.toString();
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java
deleted file mode 100644
index 583e3ca..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.qpid.proton.engine.impl.ssl;
-
-import org.apache.qpid.proton.ProtonUnsupportedOperationException;
-import org.apache.qpid.proton.engine.ProtonJSslDomain;
-import org.apache.qpid.proton.engine.SslDomain;
-import org.apache.qpid.proton.engine.SslPeerDetails;
-
-public class SslDomainImpl implements SslDomain, ProtonSslEngineProvider, ProtonJSslDomain
-{
- private Mode _mode;
- private VerifyMode _verifyMode = VerifyMode.ANONYMOUS_PEER;
- private String _certificateFile;
- private String _privateKeyFile;
- private String _privateKeyPassword;
- private String _trustedCaDb;
- private boolean _allowUnsecuredClient;
-
- private final SslEngineFacadeFactory _sslEngineFacadeFactory = new SslEngineFacadeFactory();
-
- /**
- * @deprecated This constructor's visibility will be reduced to the default scope in a future release.
- * Client code outside this module should use {@link SslDomain.Factory#create()} instead.
- */
- @Deprecated public SslDomainImpl()
- {
- }
-
- @Override
- public void init(Mode mode)
- {
- _sslEngineFacadeFactory.resetCache();
- _mode = mode;
- }
-
- @Override
- public Mode getMode()
- {
- return _mode;
- }
-
- @Override
- public void setCredentials(String certificateFile, String privateKeyFile, String privateKeyPassword)
- {
- _certificateFile = certificateFile;
- _privateKeyFile = privateKeyFile;
- _privateKeyPassword = privateKeyPassword;
- _sslEngineFacadeFactory.resetCache();
- }
-
- @Override
- public void setTrustedCaDb(String certificateDb)
- {
- _trustedCaDb = certificateDb;
- _sslEngineFacadeFactory.resetCache();
- }
-
- @Override
- public String getTrustedCaDb()
- {
- return _trustedCaDb;
- }
-
- @Override
- public void setPeerAuthentication(VerifyMode verifyMode)
- {
- if(verifyMode == VerifyMode.VERIFY_PEER_NAME)
- {
- throw new ProtonUnsupportedOperationException();
- }
- _verifyMode = verifyMode;
- _sslEngineFacadeFactory.resetCache();
- }
-
- @Override
- public VerifyMode getPeerAuthentication()
- {
- return _verifyMode;
- }
-
- @Override
- public String getPrivateKeyFile()
- {
- return _privateKeyFile;
- }
-
- @Override
- public String getPrivateKeyPassword()
- {
- return _privateKeyPassword;
- }
-
- @Override
- public String getCertificateFile()
- {
- return _certificateFile;
- }
-
- @Override
- public void allowUnsecuredClient(boolean allowUnsecured)
- {
- _allowUnsecuredClient = allowUnsecured;
- _sslEngineFacadeFactory.resetCache();
- }
-
- @Override
- public boolean allowUnsecuredClient()
- {
- return _allowUnsecuredClient;
- }
-
- @Override
- public ProtonSslEngine createSslEngine(SslPeerDetails peerDetails)
- {
- return _sslEngineFacadeFactory.createProtonSslEngine(this, peerDetails);
- }
-
- @Override
- public String toString()
- {
- StringBuilder builder = new StringBuilder();
- builder.append("SslDomainImpl [_mode=").append(_mode)
- .append(", _verifyMode=").append(_verifyMode)
- .append(", _certificateFile=").append(_certificateFile)
- .append(", _privateKeyFile=").append(_privateKeyFile)
- .append(", _trustedCaDb=").append(_trustedCaDb)
- .append(", _allowUnsecuredClient=").append(_allowUnsecuredClient)
- .append("]");
- return builder.toString();
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java
deleted file mode 100644
index f6346aa..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java
+++ /dev/null
@@ -1,578 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.proton.engine.impl.ssl;
-
-import java.io.Closeable;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.FileReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.Reader;
-import java.lang.reflect.Constructor;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.security.KeyManagementException;
-import java.security.KeyPair;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.Security;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.X509TrustManager;
-
-import org.apache.qpid.proton.engine.SslDomain;
-import org.apache.qpid.proton.engine.SslPeerDetails;
-import org.apache.qpid.proton.engine.TransportException;
-
-public class SslEngineFacadeFactory
-{
- private static final Logger _logger = Logger.getLogger(SslEngineFacadeFactory.class.getName());
-
- /**
- * The protocol name used to create an {@link SSLContext}, taken from Java's list of
- * standard names at http://docs.oracle.com/javase/6/docs/technotes/guides/security/StandardNames.html
- *
- * TODO allow the protocol name to be overridden somehow
- */
- private static final String TLS_PROTOCOL = "TLS";
-
- // BouncyCastle Reflection Helpers
- private static final Constructor<?> pemParserCons;
- private static final Method pemReadMethod;
-
- private static final Constructor<?> JcaPEMKeyConverterCons;
- private static final Class<?> PEMKeyPairClass;
- private static final Method getKeyPairMethod;
- private static final Method getPrivateKeyMethod;
-
- private static final Class<?> PEMEncryptedKeyPairClass;
- private static final Method decryptKeyPairMethod;
-
- private static final Constructor<?> JcePEMDecryptorProviderBuilderCons;
- private static final Method builderMethod;
-
- private static final Class<?> PrivateKeyInfoClass;
- private static final Exception bouncyCastleSetupException;
-
- static
- {
- // Setup BouncyCastle Reflection artifacts
- Constructor<?> pemParserConsResult = null;
- Method pemReadMethodResult = null;
- Constructor<?> JcaPEMKeyConverterConsResult = null;
- Class<?> PEMKeyPairClassResult = null;
- Method getKeyPairMethodResult = null;
- Method getPrivateKeyMethodResult = null;
- Class<?> PEMEncryptedKeyPairClassResult = null;
- Method decryptKeyPairMethodResult = null;
- Constructor<?> JcePEMDecryptorProviderBuilderConsResult = null;
- Method builderMethodResult = null;
- Class<?> PrivateKeyInfoClassResult = null;
- Exception bouncyCastleSetupExceptionResult = null;
-
- try
- {
- final Class<?> pemParserClass = Class.forName("org.bouncycastle.openssl.PEMParser");
- pemParserConsResult = pemParserClass.getConstructor(Reader.class);
- pemReadMethodResult = pemParserClass.getMethod("readObject");
-
- final Class<?> jcaPEMKeyConverterClass = Class.forName("org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter");
- JcaPEMKeyConverterConsResult = jcaPEMKeyConverterClass.getConstructor();
- PEMKeyPairClassResult = Class.forName("org.bouncycastle.openssl.PEMKeyPair");
- getKeyPairMethodResult = jcaPEMKeyConverterClass.getMethod("getKeyPair", PEMKeyPairClassResult);
-
- final Class<?> PEMDecrypterProvider = Class.forName("org.bouncycastle.openssl.PEMDecryptorProvider");
-
- PEMEncryptedKeyPairClassResult = Class.forName("org.bouncycastle.openssl.PEMEncryptedKeyPair");
- decryptKeyPairMethodResult = PEMEncryptedKeyPairClassResult.getMethod("decryptKeyPair", PEMDecrypterProvider);
-
- final Class<?> jcePEMDecryptorProviderBuilderClass = Class.forName(
- "org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder");
- JcePEMDecryptorProviderBuilderConsResult = jcePEMDecryptorProviderBuilderClass.getConstructor();
- builderMethodResult = jcePEMDecryptorProviderBuilderClass.getMethod("build", char[].class);
-
- PrivateKeyInfoClassResult = Class.forName("org.bouncycastle.asn1.pkcs.PrivateKeyInfo");
- getPrivateKeyMethodResult = jcaPEMKeyConverterClass.getMethod("getPrivateKey", PrivateKeyInfoClassResult);
-
- // Try loading BC as a provider
- Class<?> klass = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
- Provider provider = (Provider) klass.getConstructor().newInstance();
- Security.addProvider(provider);
- }
- catch (Exception e)
- {
- bouncyCastleSetupExceptionResult = e;
- }
- finally {
- pemParserCons = pemParserConsResult;
- pemReadMethod = pemReadMethodResult;
- JcaPEMKeyConverterCons = JcaPEMKeyConverterConsResult;
- PEMKeyPairClass = PEMKeyPairClassResult;
- getKeyPairMethod = getKeyPairMethodResult;
- getPrivateKeyMethod = getPrivateKeyMethodResult;
- PEMEncryptedKeyPairClass = PEMEncryptedKeyPairClassResult;
- decryptKeyPairMethod = decryptKeyPairMethodResult;
- JcePEMDecryptorProviderBuilderCons = JcePEMDecryptorProviderBuilderConsResult;
- builderMethod = builderMethodResult;
- PrivateKeyInfoClass = PrivateKeyInfoClassResult;
- bouncyCastleSetupException = bouncyCastleSetupExceptionResult;
- }
- }
-
- SslEngineFacadeFactory()
- {
- }
-
- /**
- * This is a list of all anonymous cipher suites supported by Java 6, excluding those that
- * use MD5. These are all supported by both Oracle's and IBM's Java 6 implementation.
- */
- private static final List<String> ANONYMOUS_CIPHER_SUITES = Arrays.asList(
- "TLS_DH_anon_WITH_AES_128_CBC_SHA",
- "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
- "SSL_DH_anon_WITH_DES_CBC_SHA",
- "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA");
-
- /** lazily initialized */
- private SSLContext _sslContext;
-
-
- /**
- * Returns a {@link ProtonSslEngine}. May cache the domain's settings so callers should invoke
- * {@link #resetCache()} if the domain changes.
- *
- * @param peerDetails may be used to return an engine that supports SSL resume.
- */
- public ProtonSslEngine createProtonSslEngine(SslDomain domain, SslPeerDetails peerDetails)
- {
- SSLEngine engine = createAndInitialiseSslEngine(domain, peerDetails);
- if(_logger.isLoggable(Level.FINE))
- {
- _logger.fine("Created SSL engine: " + engineToString(engine));
- }
- return new DefaultSslEngineFacade(engine);
- }
-
-
- /**
- * Guarantees that no cached settings are used in subsequent calls to
- * {@link #createProtonSslEngine(SslDomain, SslPeerDetails)}.
- */
- public void resetCache()
- {
- _sslContext = null;
- }
-
-
- private SSLEngine createAndInitialiseSslEngine(SslDomain domain, SslPeerDetails peerDetails)
- {
- SslDomain.Mode mode = domain.getMode();
-
- SSLContext sslContext = getOrCreateSslContext(domain);
- SSLEngine sslEngine = createSslEngine(sslContext, peerDetails);
-
- if (domain.getPeerAuthentication() == SslDomain.VerifyMode.ANONYMOUS_PEER)
- {
- addAnonymousCipherSuites(sslEngine);
- }
- else
- {
- if (mode == SslDomain.Mode.SERVER)
- {
- sslEngine.setNeedClientAuth(true);
- }
- }
-
- if(_logger.isLoggable(Level.FINE))
- {
- _logger.log(Level.FINE, mode + " Enabled cipher suites " + Arrays.asList(sslEngine.getEnabledCipherSuites()));
- }
-
- boolean useClientMode = mode == SslDomain.Mode.CLIENT ? true : false;
- sslEngine.setUseClientMode(useClientMode);
-
- removeSSLv3Support(sslEngine);
-
- return sslEngine;
- }
-
- private static final String SSLV3_PROTOCOL = "SSLv3";
-
- private static void removeSSLv3Support(final SSLEngine engine)
- {
- List<String> enabledProtocols = Arrays.asList(engine.getEnabledProtocols());
- if(enabledProtocols.contains(SSLV3_PROTOCOL))
- {
- List<String> allowedProtocols = new ArrayList<String>(enabledProtocols);
- allowedProtocols.remove(SSLV3_PROTOCOL);
- engine.setEnabledProtocols(allowedProtocols.toArray(new String[allowedProtocols.size()]));
- }
- }
-
- /**
- * @param sslPeerDetails is allowed to be null. A non-null value is used to hint that SSL resumption
- * should be attempted
- */
- private SSLEngine createSslEngine(SSLContext sslContext, SslPeerDetails sslPeerDetails)
- {
- final SSLEngine sslEngine;
- if(sslPeerDetails == null)
- {
- sslEngine = sslContext.createSSLEngine();
- }
- else
- {
- sslEngine = sslContext.createSSLEngine(sslPeerDetails.getHostname(), sslPeerDetails.getPort());
- }
- return sslEngine;
- }
-
- private SSLContext getOrCreateSslContext(SslDomain sslDomain)
- {
- if(_sslContext == null)
- {
- if(_logger.isLoggable(Level.FINE))
- {
- _logger.fine("lazily creating new SSLContext using domain " + sslDomain);
- }
-
- final char[] dummyPassword = "unused-passphrase".toCharArray(); // Dummy password required by KeyStore and KeyManagerFactory, but never referred to again
-
- try
- {
- SSLContext sslContext = SSLContext.getInstance(TLS_PROTOCOL);
- KeyStore ksKeys = createKeyStoreFrom(sslDomain, dummyPassword);
-
- KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
- kmf.init(ksKeys, dummyPassword);
-
- final TrustManager[] trustManagers;
- if (sslDomain.getPeerAuthentication() == SslDomain.VerifyMode.ANONYMOUS_PEER)
- {
- trustManagers = new TrustManager[] { new AlwaysTrustingTrustManager() };
- }
- else
- {
- TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- tmf.init(ksKeys);
- trustManagers = tmf.getTrustManagers();
- }
-
- sslContext.init(kmf.getKeyManagers(), trustManagers, null);
- _sslContext = sslContext;
- }
- catch (NoSuchAlgorithmException e)
- {
- throw new TransportException("Unexpected exception creating SSLContext", e);
- }
- catch (KeyStoreException e)
- {
- throw new TransportException("Unexpected exception creating SSLContext", e);
- }
- catch (UnrecoverableKeyException e)
- {
- throw new TransportException("Unexpected exception creating SSLContext", e);
- }
- catch (KeyManagementException e)
- {
- throw new TransportException("Unexpected exception creating SSLContext", e);
- }
- }
- return _sslContext;
- }
-
- private KeyStore createKeyStoreFrom(SslDomain sslDomain, char[] dummyPassword)
- {
- try
- {
- KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
- keystore.load(null, null);
-
- if (sslDomain.getTrustedCaDb() != null)
- {
- String caCertAlias = "cacert";
-
- if(_logger.isLoggable(Level.FINE))
- {
- _logger.log(Level.FINE, "_sslParams.getTrustedCaDb() : " + sslDomain.getTrustedCaDb());
- }
- Certificate trustedCaCert = readCertificate(sslDomain.getTrustedCaDb());
- keystore.setCertificateEntry(caCertAlias, trustedCaCert);
- }
-
- if (sslDomain.getCertificateFile() != null
- && sslDomain.getPrivateKeyFile() != null)
- {
- String clientPrivateKeyAlias = "clientPrivateKey";
-
- Certificate clientCertificate = (Certificate) readCertificate(sslDomain.getCertificateFile());
- PrivateKey clientPrivateKey = readPrivateKey(sslDomain.getPrivateKeyFile(), sslDomain.getPrivateKeyPassword());
-
- keystore.setKeyEntry(clientPrivateKeyAlias, clientPrivateKey,
- dummyPassword, new Certificate[] { clientCertificate });
- }
-
- return keystore;
- }
- catch (KeyStoreException e)
- {
- throw new TransportException("Unexpected exception creating keystore", e);
- }
- catch (NoSuchAlgorithmException e)
- {
- throw new TransportException("Unexpected exception creating keystore", e);
- }
- catch (CertificateException e)
- {
- throw new TransportException("Unexpected exception creating keystore", e);
- }
- catch (IOException e)
- {
- throw new TransportException("Unexpected exception creating keystore", e);
- }
- }
-
- private void addAnonymousCipherSuites(SSLEngine sslEngine)
- {
- List<String> supportedSuites = Arrays.asList(sslEngine.getSupportedCipherSuites());
- List<String> currentEnabledSuites = Arrays.asList(sslEngine.getEnabledCipherSuites());
-
- List<String> enabledSuites = buildEnabledSuitesIncludingAnonymous(ANONYMOUS_CIPHER_SUITES, supportedSuites, currentEnabledSuites);
- sslEngine.setEnabledCipherSuites(enabledSuites.toArray(new String[0]));
- }
-
- private List<String> buildEnabledSuitesIncludingAnonymous(
- List<String> anonymousCipherSuites, List<String> supportedSuites, List<String> currentEnabled)
- {
- List<String> newEnabled = new ArrayList<String>(currentEnabled);
-
- int addedAnonymousCipherSuites = 0;
- for (String anonymousCipherSuiteName : anonymousCipherSuites)
- {
- if (supportedSuites.contains(anonymousCipherSuiteName))
- {
- newEnabled.add(anonymousCipherSuiteName);
- addedAnonymousCipherSuites++;
- }
- }
-
- if (addedAnonymousCipherSuites == 0)
- {
- throw new TransportException
- ("None of " + anonymousCipherSuites
- + " anonymous cipher suites are within the supported list "
- + supportedSuites);
- }
-
- if(_logger.isLoggable(Level.FINE))
- {
- _logger.fine("There are now " + newEnabled.size()
- + " cipher suites enabled (previously " + currentEnabled.size()
- + "), including " + addedAnonymousCipherSuites + " out of the "
- + anonymousCipherSuites.size() + " requested anonymous ones." );
- }
-
- return newEnabled;
- }
-
- private String engineToString(SSLEngine engine)
- {
- return new StringBuilder("[ " )
- .append(engine)
- .append(", needClientAuth=").append(engine.getNeedClientAuth())
- .append(", useClientMode=").append(engine.getUseClientMode())
- .append(", peerHost=").append(engine.getPeerHost())
- .append(", peerPort=").append(engine.getPeerPort())
- .append(" ]").toString();
- }
-
- Certificate readCertificate(String pemFile)
- {
- InputStream is = null;
-
- try
- {
- CertificateFactory cFactory = CertificateFactory.getInstance("X.509");
- is = new FileInputStream(pemFile);
- return cFactory.generateCertificate(is);
- }
- catch (CertificateException ce)
- {
- String msg = "Failed to load certificate [" + pemFile + "]";
- _logger.log(Level.SEVERE, msg, ce);
- throw new TransportException(msg, ce);
- }
- catch (FileNotFoundException e)
- {
- String msg = "Certificate file not found [" + pemFile + "]";
- _logger.log(Level.SEVERE, msg);
- throw new TransportException(msg, e);
- }
- finally
- {
- closeSafely(is);
- }
- }
-
- PrivateKey readPrivateKey(String pemFile, String password)
- {
- if (bouncyCastleSetupException != null)
- {
- throw new TransportException("BouncyCastle failed to load", bouncyCastleSetupException);
- }
-
- final Object pemObject = readPemObject(pemFile);
- PrivateKey privateKey = null;
-
- try
- {
- Object keyConverter = JcaPEMKeyConverterCons.newInstance();
- setProvider(keyConverter, "BC");
-
- if (PEMEncryptedKeyPairClass.isInstance(pemObject))
- {
- Object decryptorBuilder = JcePEMDecryptorProviderBuilderCons.newInstance();
-
- // Build a PEMDecryptProvider
- Object decryptProvider = builderMethod.invoke(decryptorBuilder, password.toCharArray());
-
- Object decryptedKeyPair = decryptKeyPairMethod.invoke(pemObject, decryptProvider);
- KeyPair keyPair = (KeyPair) getKeyPairMethod.invoke(keyConverter, decryptedKeyPair);
-
- privateKey = keyPair.getPrivate();
- }
- else if (PEMKeyPairClass.isInstance(pemObject))
- {
- // It's a KeyPair but not encrypted.
- KeyPair keyPair = (KeyPair) getKeyPairMethod.invoke(keyConverter, pemObject);
- privateKey = keyPair.getPrivate();
- }
- else if (PrivateKeyInfoClass.isInstance(pemObject))
- {
- // It's an unencrypted private key
- privateKey = (PrivateKey) getPrivateKeyMethod.invoke(keyConverter, pemObject);
- }
- else
- {
- final String msg = "Unable to load PrivateKey, Unpexected Object [" + pemObject.getClass().getName()
- + "]";
- _logger.log(Level.SEVERE, msg);
- throw new TransportException(msg);
- }
- }
- catch (InstantiationException | IllegalAccessException | IllegalArgumentException
- | InvocationTargetException | NoSuchMethodException | SecurityException e)
- {
- final String msg = "Failed to process key file [" + pemFile + "] - " + e.getMessage();
- throw new TransportException(msg, e);
- }
-
- return privateKey;
- }
-
- private Object readPemObject(String pemFile)
- {
- Reader reader = null;
- Object pemParser = null;
- Object pemObject = null;
-
- try
- {
- reader = new FileReader(pemFile);
- pemParser = pemParserCons.newInstance(reader); // = new PEMParser(reader);
- pemObject = pemReadMethod.invoke(pemParser); // = pemParser.readObject();
- }
- catch (IOException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | InstantiationException e)
- {
- _logger.log(Level.SEVERE, "Unable to read PEM object. Perhaps you need the unlimited strength libraries in <java-home>/jre/lib/security/ ?", e);
- throw new TransportException("Unable to read PEM object from file " + pemFile, e);
- }
- finally
- {
- closeSafely(reader);
- }
-
- return pemObject;
- }
-
- private void setProvider(Object obj, String provider) throws IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException
- {
- final Class<?> aClz = obj.getClass();
- final Method setProvider = aClz.getMethod("setProvider", String.class);
- setProvider.invoke(obj, provider);
- }
-
- private void closeSafely(Closeable c)
- {
- if (c != null)
- {
- try
- {
- c.close();
- }
- catch (IOException e)
- {
- // Swallow
- }
- }
- }
-
- private static final class AlwaysTrustingTrustManager implements X509TrustManager
- {
- @Override
- public X509Certificate[] getAcceptedIssuers()
- {
- return null;
- }
-
- @Override
- public void checkServerTrusted(X509Certificate[] arg0, String arg1)
- throws CertificateException
- {
- // Do not check certificate
- }
-
- @Override
- public void checkClientTrusted(X509Certificate[] arg0, String arg1)
- throws CertificateException
- {
- // Do not check certificate
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/ccdcf329/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslHandshakeSniffingTransportWrapper.java
----------------------------------------------------------------------
diff --git a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslHandshakeSniffingTransportWrapper.java b/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslHandshakeSniffingTransportWrapper.java
deleted file mode 100644
index c678343..0000000
--- a/proton-j/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslHandshakeSniffingTransportWrapper.java
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.proton.engine.impl.ssl;
-
-import org.apache.qpid.proton.engine.impl.HandshakeSniffingTransportWrapper;
-import org.apache.qpid.proton.engine.impl.TransportWrapper;
-
-
-/**
- * SslHandshakeSniffingTransportWrapper
- *
- */
-
-public class SslHandshakeSniffingTransportWrapper extends HandshakeSniffingTransportWrapper<SslTransportWrapper, TransportWrapper>
- implements SslTransportWrapper
-{
-
- SslHandshakeSniffingTransportWrapper(SslTransportWrapper ssl, TransportWrapper plain) {
- super(ssl, plain);
- }
-
- @Override
- public String getCipherName()
- {
- if(isSecureWrapperSelected())
- {
- return _wrapper1.getCipherName();
- }
- else
- {
- return null;
- }
- }
-
-
- @Override
- public String getProtocolName()
- {
- if (isSecureWrapperSelected())
- {
- return _wrapper1.getProtocolName();
- }
- else
- {
- return null;
- }
- }
-
- private boolean isSecureWrapperSelected()
- {
- return _selectedTransportWrapper == _wrapper1;
- }
-
- protected int bufferSize() {
- // minimum length for determination
- return 5;
- }
-
- protected void makeDetermination(byte[] bytesInput)
- {
- boolean isSecure = checkForSslHandshake(bytesInput);
- if (isSecure)
- {
- _selectedTransportWrapper = _wrapper1;
- }
- else
- {
- _selectedTransportWrapper = _wrapper2;
- }
- }
-
- // TODO perhaps the sniffer should save up the bytes from each
- // input call until it has sufficient bytes to make the determination
- // and only then pass them to the secure or plain wrapped transport?
- private boolean checkForSslHandshake(byte[] buf)
- {
- if (buf.length >= bufferSize())
- {
- /*
- * SSLv2 Client Hello format
- * http://www.mozilla.org/projects/security/pki/nss/ssl/draft02.html
- *
- * Bytes 0-1: RECORD-LENGTH Byte 2: MSG-CLIENT-HELLO (1) Byte 3:
- * CLIENT-VERSION-MSB Byte 4: CLIENT-VERSION-LSB
- *
- * Allowed versions: 2.0 - SSLv2 3.0 - SSLv3 3.1 - TLS 1.0 3.2 - TLS
- * 1.1 3.3 - TLS 1.2
- *
- * The version sent in the Client-Hello is the latest version
- * supported by the client. NSS may send version 3.x in an SSLv2
- * header for maximum compatibility.
- */
- boolean isSSL2Handshake = buf[2] == 1 && // MSG-CLIENT-HELLO
- ((buf[3] == 3 && buf[4] <= 3) || // SSL 3.0 & TLS 1.0-1.2
- // (v3.1-3.3)
- (buf[3] == 2 && buf[4] == 0)); // SSL 2
-
- /*
- * SSLv3/TLS Client Hello format RFC 2246
- *
- * Byte 0: ContentType (handshake - 22) Bytes 1-2: ProtocolVersion
- * {major, minor}
- *
- * Allowed versions: 3.0 - SSLv3 3.1 - TLS 1.0 3.2 - TLS 1.1 3.3 -
- * TLS 1.2
- */
- boolean isSSL3Handshake = buf[0] == 22 && // handshake
- (buf[1] == 3 && buf[2] <= 3); // SSL 3.0 & TLS 1.0-1.2
- // (v3.1-3.3)
-
- return (isSSL2Handshake || isSSL3Handshake);
- }
- else
- {
- throw new IllegalArgumentException("Too few bytes (" + buf.length + ") to make SSL/plain determination.");
- }
- }
-
-}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org