You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by el...@apache.org on 2008/11/12 14:35:51 UTC
svn commit: r713364 -
/mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java
Author: elecharny
Date: Wed Nov 12 05:35:51 2008
New Revision: 713364
URL: http://svn.apache.org/viewvc?rev=713364&view=rev
Log:
Minor code refactoring :
o added some comments
o used a switch to replace a 'if' cascade
o added a TODO
Modified:
mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java
Modified: mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java
URL: http://svn.apache.org/viewvc/mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java?rev=713364&r1=713363&r2=713364&view=diff
==============================================================================
--- mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java (original)
+++ mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java Wed Nov 12 05:35:51 2008
@@ -58,7 +58,7 @@
private final Logger logger = LoggerFactory.getLogger(getClass());
private final SslFilter parent;
- private final SSLContext ctx;
+ private final SSLContext sslContext;
private final IoSession session;
private final Queue<IoFilterEvent> preHandshakeEventQueue = new CircularQueue<IoFilterEvent>();
private final Queue<IoFilterEvent> filterWriteEventQueue = new ConcurrentLinkedQueue<IoFilterEvent>();
@@ -96,28 +96,39 @@
* @param sslc
* @throws SSLException
*/
- public SslHandler(SslFilter parent, SSLContext sslc, IoSession session)
+ public SslHandler(SslFilter parent, SSLContext sslContext, IoSession session)
throws SSLException {
this.parent = parent;
this.session = session;
- ctx = sslc;
+ this.sslContext = sslContext;
init();
}
+ /**
+ * Initialize the SSL handshake.
+ *
+ * @throws SSLException
+ */
public void init() throws SSLException {
if (sslEngine != null) {
+ // We already have a SSL engine created, no need to create a new one
return;
}
InetSocketAddress peer = (InetSocketAddress) session
.getAttribute(SslFilter.PEER_ADDRESS);
+
+ // Create the SSL engine here
if (peer == null) {
- sslEngine = ctx.createSSLEngine();
+ sslEngine = sslContext.createSSLEngine();
} else {
- sslEngine = ctx.createSSLEngine(peer.getHostName(), peer.getPort());
+ sslEngine = sslContext.createSSLEngine(peer.getHostName(), peer.getPort());
}
+
+ // Initialize the engine in client mode if necessary
sslEngine.setUseClientMode(parent.isUseClientMode());
+ // Initialize the different SslEngine modes
if (parent.isWantClientAuth()) {
sslEngine.setWantClientAuth(true);
}
@@ -134,7 +145,10 @@
sslEngine.setEnabledProtocols(parent.getEnabledProtocols());
}
+ // TODO : we may not need to call this method...
sslEngine.beginHandshake();
+
+
handshakeStatus = sslEngine.getHandshakeStatus();
handshakeComplete = false;
@@ -440,56 +454,69 @@
* Perform any handshaking processing.
*/
public void handshake(NextFilter nextFilter) throws SSLException {
- for (; ;) {
- if (handshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED) {
- session.setAttribute(
- SslFilter.SSL_SESSION, sslEngine.getSession());
- handshakeComplete = true;
- if (!initialHandshakeComplete
- && session.containsAttribute(SslFilter.USE_NOTIFICATION)) {
- // SESSION_SECURED is fired only when it's the first handshake.
- // (i.e. renegotiation shouldn't trigger SESSION_SECURED.)
- initialHandshakeComplete = true;
- scheduleMessageReceived(nextFilter,
- SslFilter.SESSION_SECURED);
- }
- break;
- } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) {
- handshakeStatus = doTasks();
- } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
- // we need more data read
- SSLEngineResult.Status status = unwrapHandshake(nextFilter);
- if (status == SSLEngineResult.Status.BUFFER_UNDERFLOW &&
- handshakeStatus != SSLEngineResult.HandshakeStatus.FINISHED ||
- isInboundDone()) {
- // We need more data or the session is closed
+ for (;;) {
+ switch (handshakeStatus) {
+ case FINISHED :
+ session.setAttribute(
+ SslFilter.SSL_SESSION, sslEngine.getSession());
+ handshakeComplete = true;
+
+ if (!initialHandshakeComplete
+ && session.containsAttribute(SslFilter.USE_NOTIFICATION)) {
+ // SESSION_SECURED is fired only when it's the first handshake.
+ // (i.e. renegotiation shouldn't trigger SESSION_SECURED.)
+ initialHandshakeComplete = true;
+ scheduleMessageReceived(nextFilter,
+ SslFilter.SESSION_SECURED);
+ }
+
+ return;
+
+ case NEED_TASK :
+ handshakeStatus = doTasks();
break;
- }
- } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
- // First make sure that the out buffer is completely empty. Since we
- // cannot call wrap with data left on the buffer
- if (outNetBuffer != null && outNetBuffer.hasRemaining()) {
+
+ case NEED_UNWRAP :
+ // we need more data read
+ SSLEngineResult.Status status = unwrapHandshake(nextFilter);
+
+ if (status == SSLEngineResult.Status.BUFFER_UNDERFLOW &&
+ handshakeStatus != SSLEngineResult.HandshakeStatus.FINISHED ||
+ isInboundDone()) {
+ // We need more data or the session is closed
+ return;
+ }
+
break;
- }
- SSLEngineResult result;
- createOutNetBuffer(0);
- for (;;) {
- result = sslEngine.wrap(emptyBuffer.buf(), outNetBuffer.buf());
- if (result.getStatus() == SSLEngineResult.Status.BUFFER_OVERFLOW) {
- outNetBuffer.capacity(outNetBuffer.capacity() << 1);
- outNetBuffer.limit(outNetBuffer.capacity());
- } else {
- break;
+ case NEED_WRAP :
+ // First make sure that the out buffer is completely empty. Since we
+ // cannot call wrap with data left on the buffer
+ if (outNetBuffer != null && outNetBuffer.hasRemaining()) {
+ return;
}
- }
- outNetBuffer.flip();
- handshakeStatus = result.getHandshakeStatus();
- writeNetBuffer(nextFilter);
- } else {
- throw new IllegalStateException("Invalid Handshaking State"
- + handshakeStatus);
+ SSLEngineResult result;
+ createOutNetBuffer(0);
+
+ for (;;) {
+ result = sslEngine.wrap(emptyBuffer.buf(), outNetBuffer.buf());
+ if (result.getStatus() == SSLEngineResult.Status.BUFFER_OVERFLOW) {
+ outNetBuffer.capacity(outNetBuffer.capacity() << 1);
+ outNetBuffer.limit(outNetBuffer.capacity());
+ } else {
+ break;
+ }
+ }
+
+ outNetBuffer.flip();
+ handshakeStatus = result.getHandshakeStatus();
+ writeNetBuffer(nextFilter);
+ break;
+
+ default :
+ throw new IllegalStateException("Invalid Handshaking State"
+ + handshakeStatus);
}
}
}
@@ -665,6 +692,7 @@
*/
Runnable runnable;
while ((runnable = sslEngine.getDelegatedTask()) != null) {
+ // TODO : we may have to use a thread pool here to improve the performances
runnable.run();
}
return sslEngine.getHandshakeStatus();