public class SSLBaseFilter extends BaseFilter
Filter
to operate with SSL encrypted data.Modifier and Type | Class and Description |
---|---|
static class |
SSLBaseFilter.CertificateEvent |
static interface |
SSLBaseFilter.HandshakeListener |
Modifier and Type | Field and Description |
---|---|
protected static MessageCloner<Buffer> |
COPY_CLONER |
protected Set<SSLBaseFilter.HandshakeListener> |
handshakeListeners |
Constructor and Description |
---|
SSLBaseFilter() |
SSLBaseFilter(SSLEngineConfigurator serverSSLEngineConfigurator)
Build SSLFilter with the given
SSLEngineConfigurator . |
SSLBaseFilter(SSLEngineConfigurator serverSSLEngineConfigurator,
boolean renegotiateOnClientAuthWant)
Build SSLFilter with the given
SSLEngineConfigurator . |
Modifier and Type | Method and Description |
---|---|
void |
addHandshakeListener(SSLBaseFilter.HandshakeListener listener) |
TransportFilter |
createOptimizedTransportFilter(TransportFilter childFilter) |
protected Buffer |
doHandshakeStep(SSLConnectionContext sslCtx,
FilterChainContext ctx,
Buffer inputBuffer) |
protected Buffer |
doHandshakeStep(SSLConnectionContext sslCtx,
FilterChainContext ctx,
Buffer inputBuffer,
Buffer tmpAppBuffer0) |
protected Buffer |
doHandshakeSync(SSLConnectionContext sslCtx,
FilterChainContext ctx,
Buffer inputBuffer,
long timeoutMillis) |
long |
getHandshakeTimeout(TimeUnit timeUnit)
Returns the handshake timeout,
-1 if blocking handshake mode
is disabled (default). |
protected Object[] |
getPeerCertificateChain(SSLConnectionContext sslCtx,
FilterChainContext context,
boolean needClientAuth)
Obtains the certificate chain for this SSL session.
|
NextAction |
handleEvent(FilterChainContext ctx,
FilterChainEvent event)
Handle custom event associated with the
Connection . |
NextAction |
handleRead(FilterChainContext ctx)
Execute a unit of processing work to be performed, when channel will
become available for reading.
|
NextAction |
handleWrite(FilterChainContext ctx)
Execute a unit of processing work to be performed, when some data should
be written on channel.
|
protected void |
notifyHandshakeComplete(Connection<?> connection,
SSLEngine sslEngine) |
protected void |
notifyHandshakeFailed(Connection connection,
Throwable t) |
protected void |
notifyHandshakeStart(Connection connection) |
void |
onFilterChainChanged(FilterChain filterChain)
Method is called, when the
FilterChain this Filter is part of,
has been changed. |
void |
removeHandshakeListener(SSLBaseFilter.HandshakeListener listener) |
protected void |
renegotiate(SSLConnectionContext sslCtx,
FilterChainContext context)
Performs an SSL renegotiation.
|
void |
setHandshakeTimeout(long handshakeTimeout,
TimeUnit timeUnit)
Sets the handshake timeout.
|
protected NextAction |
unwrapAll(FilterChainContext ctx,
SSLConnectionContext sslCtx) |
protected Buffer |
wrapAll(FilterChainContext ctx,
SSLConnectionContext sslCtx) |
createContext, exceptionOccurred, handleAccept, handleClose, handleConnect, onAdded, onRemoved
protected static final MessageCloner<Buffer> COPY_CLONER
protected final Set<SSLBaseFilter.HandshakeListener> handshakeListeners
public SSLBaseFilter()
public SSLBaseFilter(SSLEngineConfigurator serverSSLEngineConfigurator)
SSLEngineConfigurator
.serverSSLEngineConfigurator
- SSLEngine configurator for server side connectionspublic SSLBaseFilter(SSLEngineConfigurator serverSSLEngineConfigurator, boolean renegotiateOnClientAuthWant)
SSLEngineConfigurator
.serverSSLEngineConfigurator
- SSLEngine configurator for server side connectionspublic void addHandshakeListener(SSLBaseFilter.HandshakeListener listener)
public void removeHandshakeListener(SSLBaseFilter.HandshakeListener listener)
public long getHandshakeTimeout(TimeUnit timeUnit)
-1
if blocking handshake mode
is disabled (default).public void setHandshakeTimeout(long handshakeTimeout, TimeUnit timeUnit)
handshakeTimeout
- timeout value, or -1
means for
non-blocking handshake mode.public TransportFilter createOptimizedTransportFilter(TransportFilter childFilter)
public void onFilterChainChanged(FilterChain filterChain)
BaseFilter
FilterChain
this Filter is part of,
has been changed.onFilterChainChanged
in interface Filter
onFilterChainChanged
in class BaseFilter
filterChain
- the FilterChain
.public NextAction handleEvent(FilterChainContext ctx, FilterChainEvent event) throws IOException
BaseFilter
Connection
.
This Filter
may either complete the required processing and
return StopAction
, or delegate remaining processing to the next
Filter
in a FilterChain
containing this Filter
by returning InvokeAction
.handleEvent
in interface Filter
handleEvent
in class BaseFilter
ctx
- FilterChainContext
NextAction
instruction for FilterChain
, how it
should continue the executionIOException
public NextAction handleRead(FilterChainContext ctx) throws IOException
BaseFilter
Filter
may either complete the required processing and
return false, or delegate remaining processing to the next
Filter
in a FilterChain
containing this Filter
by returning true.handleRead
in interface Filter
handleRead
in class BaseFilter
ctx
- FilterChainContext
NextAction
instruction for FilterChain
, how it
should continue the executionIOException
public NextAction handleWrite(FilterChainContext ctx) throws IOException
BaseFilter
Filter
may either complete the required processing and
return false, or delegate remaining processing to the next
Filter
in a FilterChain
containing this Filter
by returning true.handleWrite
in interface Filter
handleWrite
in class BaseFilter
ctx
- FilterChainContext
NextAction
instruction for FilterChain
, how it
should continue the executionIOException
protected NextAction unwrapAll(FilterChainContext ctx, SSLConnectionContext sslCtx) throws SSLException
SSLException
protected Buffer wrapAll(FilterChainContext ctx, SSLConnectionContext sslCtx) throws SSLException
SSLException
protected Buffer doHandshakeSync(SSLConnectionContext sslCtx, FilterChainContext ctx, Buffer inputBuffer, long timeoutMillis) throws IOException
IOException
protected Buffer doHandshakeStep(SSLConnectionContext sslCtx, FilterChainContext ctx, Buffer inputBuffer) throws IOException
IOException
protected Buffer doHandshakeStep(SSLConnectionContext sslCtx, FilterChainContext ctx, Buffer inputBuffer, Buffer tmpAppBuffer0) throws IOException
IOException
protected void renegotiate(SSLConnectionContext sslCtx, FilterChainContext context) throws IOException
sslCtx
- the SSLConnectionContext
associated with this
this renegotiation request.context
- the FilterChainContext
associated with this
this renegotiation request.IOException
- if an error occurs during SSL renegotiation.protected Object[] getPeerCertificateChain(SSLConnectionContext sslCtx, FilterChainContext context, boolean needClientAuth) throws IOException
Obtains the certificate chain for this SSL session. If no certificates
are available, and needClientAuth
is true, an SSL renegotiation
will be be triggered to request the certificates from the client.
sslCtx
- the SSLConnectionContext
associated with this
certificate request.context
- the FilterChainContext
associated with this
this certificate request.needClientAuth
- determines whether or not SSL renegotiation will
be attempted to obtain the certificate chain.Object[]
. If no
certificate chain can be determined, this method will return
null
.IOException
- if an error occurs during renegotiation.protected void notifyHandshakeStart(Connection connection)
protected void notifyHandshakeComplete(Connection<?> connection, SSLEngine sslEngine)
protected void notifyHandshakeFailed(Connection connection, Throwable t)
Copyright © 2014 Oracle Corporation. All rights reserved.