Class SecureNioChannel
java.lang.Object
org.apache.tomcat.util.net.NioChannel
org.apache.tomcat.util.net.SecureNioChannel
- All Implemented Interfaces:
Closeable
,AutoCloseable
,ByteChannel
,Channel
,GatheringByteChannel
,ReadableByteChannel
,ScatteringByteChannel
,WritableByteChannel
Implementation of a secure socket channel
-
Field Summary
Modifier and TypeFieldDescriptionprotected boolean
protected boolean
protected boolean
protected SSLEngineResult.HandshakeStatus
protected boolean
protected ByteBuffer
protected ByteBuffer
protected boolean
protected SSLEngine
Fields inherited from class org.apache.tomcat.util.net.NioChannel
bufHandler, emptyBuf, sc, socketWrapper
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
close()
Sends an SSL close message, will not physically close the connection here.void
close
(boolean force) Close the connection.protected void
createSSLEngine
(String hostName, List<Cipher> clientRequestedCiphers, List<String> clientRequestedApplicationProtocols) protected boolean
flush
(ByteBuffer buf) Flushes the buffer to the network, non blockingboolean
Return true if the buffer wrote data.void
free()
Free the channel memoryint
int
handshake
(boolean read, boolean write) Performs SSL handshake, non blocking, but performs NEED_TASK on the same thread.protected SSLEngineResult
handshakeUnwrap
(boolean doread) Perform handshake unwrapprotected SSLEngineResult
handshakeWrap
(boolean doWrite) Performs the WRAP functionboolean
boolean
protected int
int
read
(ByteBuffer dst) Reads a sequence of bytes from this channel into the given buffer.long
read
(ByteBuffer[] dsts, int offset, int length) void
rehandshake
(long timeout) Force a blocking handshake to take place for this key.void
reset
(SocketChannel channel, NioEndpoint.NioSocketWrapper socketWrapper) Reset the channelprotected SSLEngineResult.HandshakeStatus
tasks()
Executes all the tasks needed on the same thread.int
write
(ByteBuffer src) Writes a sequence of bytes to this channel from the given buffer.long
write
(ByteBuffer[] srcs, int offset, int length) Methods inherited from class org.apache.tomcat.util.net.NioChannel
checkInterruptStatus, getAppReadBufHandler, getBufHandler, getIOChannel, isOpen, read, setAppReadBufHandler, toString, write
-
Field Details
-
netInBuffer
-
netOutBuffer
-
sslEngine
-
sniComplete
protected boolean sniComplete -
handshakeComplete
protected boolean handshakeComplete -
needHandshakeWrap
protected boolean needHandshakeWrap -
handshakeStatus
-
closed
protected boolean closed -
closing
protected boolean closing
-
-
Constructor Details
-
SecureNioChannel
-
-
Method Details
-
reset
public void reset(SocketChannel channel, NioEndpoint.NioSocketWrapper socketWrapper) throws IOException Description copied from class:NioChannel
Reset the channel- Overrides:
reset
in classNioChannel
- Parameters:
channel
- the socket channelsocketWrapper
- the socket wrapper- Throws:
IOException
- If a problem was encountered resetting the channel
-
free
public void free()Description copied from class:NioChannel
Free the channel memory- Overrides:
free
in classNioChannel
-
flush
Flushes the buffer to the network, non blocking- Parameters:
buf
- ByteBuffer- Returns:
- boolean true if the buffer has been emptied out, false otherwise
- Throws:
IOException
- An IO error occurred writing data
-
handshake
Performs SSL handshake, non blocking, but performs NEED_TASK on the same thread. Hence, you should never call this method using your Acceptor thread, as you would slow down your system significantly. If the return value from this method is positive, the selection key should be registered interestOps given by the return value.- Overrides:
handshake
in classNioChannel
- Parameters:
read
- boolean - true if the underlying channel is readablewrite
- boolean - true if the underlying channel is writable- Returns:
- 0 if hand shake is complete, -1 if an error (other than an IOException) occurred, otherwise it returns a SelectionKey interestOps value
- Throws:
IOException
- If an I/O error occurs during the handshake or if the handshake fails during wrapping or unwrapping
-
processSNI
- Throws:
IOException
-
rehandshake
Force a blocking handshake to take place for this key. This requires that both network and application buffers have been emptied out prior to this call taking place, or a IOException will be thrown.- Parameters:
timeout
- - timeout in milliseconds for each socket operation- Throws:
IOException
- - if an IO exception occurs or if application or network buffers contain dataSocketTimeoutException
- - if a socket operation timed out
-
tasks
Executes all the tasks needed on the same thread.- Returns:
- the status
-
handshakeWrap
Performs the WRAP function- Parameters:
doWrite
- boolean- Returns:
- the result
- Throws:
IOException
- An IO error occurred
-
handshakeUnwrap
Perform handshake unwrap- Parameters:
doread
- boolean- Returns:
- the result
- Throws:
IOException
- An IO error occurred
-
getSSLSupport
-
close
Sends an SSL close message, will not physically close the connection here.
To close the connection, you could do something likeclose(); while (isOpen() && !myTimeoutFunction()) Thread.sleep(25); if ( isOpen() ) close(true); //forces a close if you timed out
- Specified by:
close
in interfaceAutoCloseable
- Specified by:
close
in interfaceChannel
- Specified by:
close
in interfaceCloseable
- Overrides:
close
in classNioChannel
- Throws:
IOException
- if an I/O error occursIOException
- if there is data on the outgoing network buffer and we are unable to flush it
-
close
Description copied from class:NioChannel
Close the connection.- Overrides:
close
in classNioChannel
- Parameters:
force
- Should the underlying socket be forcibly closed?- Throws:
IOException
- If closing the secure channel fails.
-
read
Reads a sequence of bytes from this channel into the given buffer.- Specified by:
read
in interfaceReadableByteChannel
- Overrides:
read
in classNioChannel
- Parameters:
dst
- The buffer into which bytes are to be transferred- Returns:
- The number of bytes read, possibly zero, or
-1
if the channel has reached end-of-stream - Throws:
IOException
- If some other I/O error occursIllegalArgumentException
- if the destination buffer is different than getBufHandler().getReadBuffer()
-
read
- Specified by:
read
in interfaceScatteringByteChannel
- Overrides:
read
in classNioChannel
- Throws:
IOException
-
write
Writes a sequence of bytes to this channel from the given buffer.- Specified by:
write
in interfaceWritableByteChannel
- Overrides:
write
in classNioChannel
- Parameters:
src
- The buffer from which bytes are to be retrieved- Returns:
- The number of bytes written, possibly zero
- Throws:
IOException
- If some other I/O error occurs
-
write
- Specified by:
write
in interfaceGatheringByteChannel
- Overrides:
write
in classNioChannel
- Throws:
IOException
-
getOutboundRemaining
public int getOutboundRemaining()- Overrides:
getOutboundRemaining
in classNioChannel
-
flushOutbound
Description copied from class:NioChannel
Return true if the buffer wrote data. NO-OP for non-secure channel.- Overrides:
flushOutbound
in classNioChannel
- Returns:
- Always returns
false
for non-secure channel - Throws:
IOException
- Never for non-secure channel
-
isHandshakeComplete
public boolean isHandshakeComplete()- Overrides:
isHandshakeComplete
in classNioChannel
-
isClosing
public boolean isClosing()- Overrides:
isClosing
in classNioChannel
-
getSslEngine
-
getEmptyBuf
-
createSSLEngine
-