You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by jo...@apache.org on 2021/08/02 03:40:57 UTC
[mina] 12/15: simplifies #isSecured() checking; adds null checks
This is an automated email from the ASF dual-hosted git repository.
johnnyv pushed a commit to branch bugfix/DIRMINA1132
in repository https://gitbox.apache.org/repos/asf/mina.git
commit 89dc050b923cb4505909a980c118fa55f17496b2
Author: Jonathan Valliere <jo...@apache.org>
AuthorDate: Sat Jul 31 02:41:13 2021 -0400
simplifies #isSecured() checking; adds null checks
---
.../org/apache/mina/filter/ssl/SslHandler.java | 3 +-
.../org/apache/mina/filter/ssl2/SSL2Filter.java | 77 ++++++++++++++++------
.../org/apache/mina/filter/ssl2/SSL2HandlerG0.java | 5 +-
.../transport/socket/nio/NioSocketSession.java | 8 +--
4 files changed, 63 insertions(+), 30 deletions(-)
diff --git a/mina-core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java b/mina-core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java
index 5b6c306..6198100 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java
@@ -43,6 +43,7 @@ import org.apache.mina.core.write.DefaultWriteRequest;
import org.apache.mina.core.write.WriteRequest;
import org.apache.mina.core.write.WriteRequestQueue;
import org.apache.mina.filter.ssl.SslFilter.EncryptedWriteRequest;
+import org.apache.mina.filter.ssl2.SSL2Filter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -567,7 +568,7 @@ class SslHandler {
// Send the SECURE message only if it's the first SSL handshake
if (firstSSLNegociation) {
firstSSLNegociation = false;
-
+ this.session.setAttribute(SSL2Filter.SSL_SECURED, this);
nextFilter.event(session, SslEvent.SECURED);
}
diff --git a/mina-core/src/main/java/org/apache/mina/filter/ssl2/SSL2Filter.java b/mina-core/src/main/java/org/apache/mina/filter/ssl2/SSL2Filter.java
index 803fde5..9b5c5a5 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl2/SSL2Filter.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl2/SSL2Filter.java
@@ -20,6 +20,7 @@
package org.apache.mina.filter.ssl2;
import java.net.InetSocketAddress;
+import java.util.Objects;
import java.util.concurrent.Executor;
import java.util.concurrent.LinkedBlockingDeque;
import java.util.concurrent.ThreadPoolExecutor;
@@ -39,7 +40,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
- * An SSL Filter which simplifies and controls the flow of encrypted information
+ * An simple SSL processor which performs flow control of encrypted information
* on the filter-chain.
* <p>
* The initial handshake is automatically enabled for "client" sessions once the
@@ -49,34 +50,43 @@ import org.slf4j.LoggerFactory;
*/
public class SSL2Filter extends IoFilterAdapter {
- public static final AttributeKey SSL_HANDLER = new AttributeKey(SSL2Filter.class, "handler");
+ /**
+ * Returns the SSL2Handler object
+ */
+ static public final AttributeKey SSL_HANDLER = new AttributeKey(SSL2Filter.class, "handler");
+
+ /**
+ * The presence of this attribute in a session indicates that the session is
+ * secured.
+ */
+ static public final AttributeKey SSL_SECURED = new AttributeKey(SSL2Filter.class, "status");
- protected static final Logger LOGGER = LoggerFactory.getLogger(SSL2Filter.class);
+ /**
+ * The logger
+ */
+ static protected final Logger LOGGER = LoggerFactory.getLogger(SSL2Filter.class);
- protected static final Executor EXECUTOR = new ThreadPoolExecutor(2, 2, 100, TimeUnit.MILLISECONDS,
+ /**
+ * Task executor for processing handshakes
+ */
+ static protected final Executor EXECUTOR = new ThreadPoolExecutor(2, 2, 100, TimeUnit.MILLISECONDS,
new LinkedBlockingDeque<Runnable>(), new BasicThreadFactory("ssl-exec", true));
protected final SSLContext mContext;
-
protected boolean mNeedClientAuth;
-
protected boolean mWantClientAuth;
-
protected String[] mEnabledCipherSuites;
-
protected String[] mEnabledProtocols;
/**
* Creates a new SSL filter using the specified {@link SSLContext}.
*
- * @param sslContext The SSLContext to use
+ * @param context The SSLContext to use
*/
- public SSL2Filter(SSLContext sslContext) {
- if (sslContext == null) {
- throw new IllegalArgumentException("SSLContext is null");
- }
+ public SSL2Filter(SSLContext context) {
+ Objects.requireNonNull(context, "ssl must not be null");
- this.mContext = sslContext;
+ this.mContext = context;
}
/**
@@ -158,9 +168,7 @@ public class SSL2Filter extends IoFilterAdapter {
public void onPreAdd(IoFilterChain parent, String name, NextFilter next) throws Exception {
// Check that we don't have a SSL filter already present in the chain
if (parent.contains(SSL2Filter.class)) {
- String msg = "Only one SSL filter is permitted in a chain.";
- LOGGER.error(msg);
- throw new IllegalStateException(msg);
+ throw new IllegalStateException("Only one SSL filter is permitted in a chain");
}
if (LOGGER.isDebugEnabled()) {
@@ -168,6 +176,9 @@ public class SSL2Filter extends IoFilterAdapter {
}
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void onPostAdd(IoFilterChain parent, String name, NextFilter next) throws Exception {
IoSession session = parent.getSession();
@@ -177,15 +188,27 @@ public class SSL2Filter extends IoFilterAdapter {
super.onPostAdd(parent, name, next);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void onPreRemove(IoFilterChain parent, String name, NextFilter next) throws Exception {
IoSession session = parent.getSession();
+ session.removeAttribute(SSL_SECURED);
SSL2Handler x = SSL2Handler.class.cast(session.removeAttribute(SSL_HANDLER));
if (x != null) {
x.close(next);
}
}
+ /**
+ * Internal method for performing post-connect operations; this can be triggered
+ * during normal connect event or after the filter is added to the chain.
+ *
+ * @param next
+ * @param session
+ * @throws Exception
+ */
protected void sessionConnected(NextFilter next, IoSession session) throws Exception {
SSL2Handler x = SSL2Handler.class.cast(session.getAttribute(SSL_HANDLER));
@@ -204,6 +227,9 @@ public class SSL2Filter extends IoFilterAdapter {
x.open(next);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void sessionOpened(NextFilter next, IoSession session) throws Exception {
if (LOGGER.isDebugEnabled())
@@ -213,16 +239,24 @@ public class SSL2Filter extends IoFilterAdapter {
super.sessionOpened(next, session);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void messageReceived(NextFilter next, IoSession session, Object message) throws Exception {
+ if (LOGGER.isDebugEnabled())
+ LOGGER.debug("session {} received {}", session, message);
SSL2Handler x = SSL2Handler.class.cast(session.getAttribute(SSL_HANDLER));
x.receive(next, IoBuffer.class.cast(message));
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void messageSent(NextFilter next, IoSession session, WriteRequest request) throws Exception {
if (LOGGER.isDebugEnabled())
- LOGGER.debug("session {} sent {}", session, request);
+ LOGGER.debug("session {} ack {}", session, request);
if (request instanceof EncryptedWriteRequest) {
EncryptedWriteRequest e = EncryptedWriteRequest.class.cast(request);
@@ -236,10 +270,13 @@ public class SSL2Filter extends IoFilterAdapter {
}
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void filterWrite(NextFilter next, IoSession session, WriteRequest request) throws Exception {
-
- LOGGER.debug("session {} write {}", session, request);
+ if (LOGGER.isDebugEnabled())
+ LOGGER.debug("session {} write {}", session, request);
if (request instanceof EncryptedWriteRequest) {
super.filterWrite(next, session, request);
diff --git a/mina-core/src/main/java/org/apache/mina/filter/ssl2/SSL2HandlerG0.java b/mina-core/src/main/java/org/apache/mina/filter/ssl2/SSL2HandlerG0.java
index bf2fd6d..588ab68 100644
--- a/mina-core/src/main/java/org/apache/mina/filter/ssl2/SSL2HandlerG0.java
+++ b/mina-core/src/main/java/org/apache/mina/filter/ssl2/SSL2HandlerG0.java
@@ -425,6 +425,7 @@ public class SSL2HandlerG0 extends SSL2Handler {
*/
synchronized protected void lfinish(final NextFilter next) {
this.mHandshakeComplete = true;
+ this.mSession.setAttribute(SSL2Filter.SSL_SECURED, this);
next.event(this.mSession, SslEvent.SECURED);
}
@@ -459,14 +460,14 @@ public class SSL2HandlerG0 extends SSL2Handler {
* {@inheritDoc}
*/
synchronized public void close(final NextFilter next) throws SSLException {
- if (mEngine.isOutboundDone())
+ if (this.mEngine.isOutboundDone())
return;
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("{} close() - closing session", toString());
}
- mEngine.closeOutbound();
+ this.mEngine.closeOutbound();
this.qwrite(next);
}
diff --git a/mina-core/src/main/java/org/apache/mina/transport/socket/nio/NioSocketSession.java b/mina-core/src/main/java/org/apache/mina/transport/socket/nio/NioSocketSession.java
index fb04fa4..34064a3 100644
--- a/mina-core/src/main/java/org/apache/mina/transport/socket/nio/NioSocketSession.java
+++ b/mina-core/src/main/java/org/apache/mina/transport/socket/nio/NioSocketSession.java
@@ -344,12 +344,6 @@ class NioSocketSession extends NioSession {
*/
@Override
public final boolean isSecured() {
- SslFilter s = SslFilter.class.cast(getFilterChain().get(SslFilter.class));
- if (s != null) {
- return s.isSecured(this);
- } else {
- SSL2Handler x = SSL2Handler.class.cast(this.getAttribute(SSL2Filter.SSL_HANDLER));
- return x != null ? x.isConnected() : false;
- }
+ return (this.getAttribute(SSL2Filter.SSL_SECURED) != null);
}
}