Crossfire JXClient, Trunk
|
Protected Member Functions | |
ChannelIOSecure (SocketChannel sc, boolean blocking, SSLContext sslc) throws IOException | |
void | resizeRequestBB () |
Protected Member Functions inherited from ChannelIO | |
ChannelIO (SocketChannel sc, boolean blocking) throws IOException | |
void | resizeRequestBB (int remaining) |
Package Functions | |
boolean | dataFlush () throws IOException |
boolean | doHandshake () throws IOException |
boolean | doHandshake (SelectionKey sk) throws IOException |
int | read () throws IOException |
boolean | shutdown () throws IOException |
long | transferTo (FileChannel fc, long pos, long len) throws IOException |
int | write (ByteBuffer src) throws IOException |
Package Functions inherited from ChannelIO | |
void | close () throws IOException |
ByteBuffer | getReadBuf () |
SocketChannel | getSocketChannel () |
Static Package Functions | |
static ChannelIOSecure | getInstance (SocketChannel sc, boolean blocking, SSLContext sslc) throws IOException |
Static Package Functions inherited from ChannelIO | |
static ChannelIO | getInstance (SocketChannel sc, boolean blocking) throws IOException |
Private Member Functions | |
SSLEngineResult.HandshakeStatus | doTasks () |
int | doWrite (ByteBuffer src) throws IOException |
void | resizeResponseBB () |
boolean | tryFlush (ByteBuffer bb) throws IOException |
Private Attributes | |
int | appBBSize |
ByteBuffer | fileChannelBB = null |
boolean | initialHSComplete |
HandshakeStatus | initialHSStatus |
ByteBuffer | inNetBB |
int | netBBSize |
ByteBuffer | outNetBB |
boolean | shutdown = false |
SSLEngine | sslEngine = null |
Static Private Attributes | |
static ByteBuffer | hsBB = ByteBuffer.allocate(0) |
Additional Inherited Members | |
Protected Attributes inherited from ChannelIO | |
ByteBuffer | requestBB |
SocketChannel | sc |
A helper class which performs I/O using the SSLEngine API.
Each connection has a SocketChannel and a SSLEngine that is used through the lifetime of the Channel. We allocate byte buffers for use as the outbound and inbound network buffers.
Application Data src requestBB | ^ | | | v | | +----+-----|-----+----+ | | | | SSL|Engine | wrap() | | | unwrap() | OUTBOUND | INBOUND | | | | +----+-----|-----+----+ | | ^ | | | v | outNetBB inNetBB Net data
These buffers handle all of the intermediary data for the SSL connection. To make things easy, we'll require outNetBB be completely flushed before trying to wrap any more data, but we could certainly remove that restriction by using larger buffers.
There are many, many ways to handle compute and I/O strategies. What follows is a relatively simple one. The reader is encouraged to develop the strategy that best fits the application.
In most of the non-blocking operations in this class, we let the Selector tell us when we're ready to attempt an I/O operation (by the application repeatedly calling our methods). Another option would be to attempt the operation and return from the method when no forward progress can be made.
There's lots of room for enhancements and improvement in this example.
We're checking for SSL/TLS end-of-stream truncation attacks via sslEngine.closeInbound(). When you reach the end of a input stream via a read() returning -1 or an IOException, we call sslEngine.closeInbound() to signal to the sslEngine that no more input will be available. If the peer's close_notify message has not yet been received, this could indicate a trucation attack, in which an attacker is trying to prematurely close the connection. The closeInbound() will throw an exception if this condition were present.
Definition at line 104 of file ChannelIOSecure.java.
|
protected |
Definition at line 156 of file ChannelIOSecure.java.
References initialHSComplete, initialHSStatus, inNetBB, netBBSize, outNetBB, ChannelIO.sc, and sslEngine.
Referenced by getInstance().
|
package |
Reimplemented from ChannelIO.
Definition at line 592 of file ChannelIOSecure.java.
References doWrite(), fileChannelBB, outNetBB, and tryFlush().
|
package |
Reimplemented from ChannelIO.
Definition at line 235 of file ChannelIOSecure.java.
|
package |
Reimplemented from ChannelIO.
Definition at line 256 of file ChannelIOSecure.java.
References appBBSize, doTasks(), hsBB, initialHSComplete, initialHSStatus, inNetBB, netBBSize, outNetBB, ChannelIO.requestBB, resizeRequestBB(), resizeResponseBB(), result, ChannelIO.sc, sslEngine, and tryFlush().
|
private |
Definition at line 408 of file ChannelIOSecure.java.
References sslEngine.
Referenced by doHandshake(), doWrite(), and read().
|
private |
Definition at line 508 of file ChannelIOSecure.java.
References doTasks(), outNetBB, result, sslEngine, and tryFlush().
Referenced by dataFlush(), transferTo(), and write().
|
staticpackage |
Definition at line 187 of file ChannelIOSecure.java.
References appBBSize, ChannelIOSecure(), ChannelIO.requestBB, ChannelIO.sc, and sslEngine.
Referenced by AcceptHandler.handle(), Acceptor.run(), B1.runServer(), BN.runServer(), and BP.runServer().
|
package |
Reimplemented from ChannelIO.
Definition at line 431 of file ChannelIOSecure.java.
References appBBSize, doTasks(), initialHSComplete, inNetBB, netBBSize, ChannelIO.requestBB, resizeRequestBB(), resizeResponseBB(), result, ChannelIO.sc, and sslEngine.
|
protected |
Definition at line 205 of file ChannelIOSecure.java.
References appBBSize.
Referenced by doHandshake(), and read().
|
private |
Definition at line 212 of file ChannelIOSecure.java.
References inNetBB, and netBBSize.
Referenced by doHandshake(), and read().
|
package |
Reimplemented from ChannelIO.
Definition at line 613 of file ChannelIOSecure.java.
References hsBB, outNetBB, result, shutdown, sslEngine, and tryFlush().
|
package |
Reimplemented from ChannelIO.
Definition at line 562 of file ChannelIOSecure.java.
References appBBSize, doWrite(), fileChannelBB, and initialHSComplete.
|
private |
Definition at line 224 of file ChannelIOSecure.java.
Referenced by dataFlush(), doHandshake(), doWrite(), and shutdown().
|
package |
Reimplemented from ChannelIO.
Definition at line 491 of file ChannelIOSecure.java.
References doWrite(), and initialHSComplete.
|
private |
Definition at line 108 of file ChannelIOSecure.java.
Referenced by doHandshake(), getInstance(), read(), resizeRequestBB(), and transferTo().
|
private |
Definition at line 133 of file ChannelIOSecure.java.
Referenced by dataFlush(), and transferTo().
|
staticprivate |
Definition at line 128 of file ChannelIOSecure.java.
Referenced by doHandshake(), and shutdown().
|
private |
Definition at line 145 of file ChannelIOSecure.java.
Referenced by ChannelIOSecure(), doHandshake(), read(), transferTo(), and write().
|
private |
Definition at line 144 of file ChannelIOSecure.java.
Referenced by ChannelIOSecure(), and doHandshake().
|
private |
Definition at line 120 of file ChannelIOSecure.java.
Referenced by ChannelIOSecure(), doHandshake(), read(), and resizeResponseBB().
|
private |
Definition at line 109 of file ChannelIOSecure.java.
Referenced by ChannelIOSecure(), doHandshake(), read(), and resizeResponseBB().
|
private |
Definition at line 121 of file ChannelIOSecure.java.
Referenced by ChannelIOSecure(), dataFlush(), doHandshake(), doWrite(), and shutdown().
|
private |
Definition at line 151 of file ChannelIOSecure.java.
Referenced by shutdown().
|
private |
Definition at line 106 of file ChannelIOSecure.java.
Referenced by ChannelIOSecure(), doHandshake(), doTasks(), doWrite(), getInstance(), read(), and shutdown().