Examples of org.apache.mina.filter.support.SSLHandler$Event

• org.apache.mina.filter.support.SSLHandler
  A helper class using the SSLEngine API to decrypt/encrypt data.

  Each connection has a SSLEngine that is used through the lifetime of the connection. We allocate byte buffers for use as the outbound and inbound network buffers. These buffers handle all of the intermediary data for the SSL connection. To make things easy, we'll require outNetBuffer be completely flushed before trying to wrap any more data. @author The Apache Directory Project (mina-dev@directory.apache.org) @version $Rev: 561232 $, $Date: 2007-07-31 14:19:37 +0900 (Tue, 31 Jul 2007) $

    }

    public void messageReceived( NextFilter nextFilter, IoSession session,
                                 Object message ) throws SSLException
    {
        SSLHandler handler = getSSLSessionHandler( session );
        synchronized( handler )
        {
            if( !isSSLStarted( session ) )
            {
                if( handler.isInboundDone() )
                {
                    nextFilter.messageReceived( session, message );
                    return;
                }
            }

            ByteBuffer buf = ( ByteBuffer ) message;
            if( SessionLog.isDebugEnabled( session ) )
            {
                SessionLog.debug( session, " Data Read: " + handler + " (" + buf+ ')' );
            }

            try
            {
                // forward read encrypted data to SSL handler
                handler.messageReceived( nextFilter, buf.buf() );

                // Handle data to be forwarded to application or written to net
                handleSSLData( nextFilter, handler );

                if( handler.isInboundDone() )
                {
                    if( handler.isOutboundDone() )
                    {
                        if( SessionLog.isDebugEnabled( session ) )
                        {
                            SessionLog.debug(
                                    session, " SSL Session closed." );
                        }

                        handler.destroy();
                    }
                    else
                    {
                        initiateClosure( nextFilter, session );
                    }

                    if( buf.hasRemaining() )
                    {
                        nextFilter.messageReceived( session, buf );
                    }
                }
            }
            catch( SSLException ssle )
            {
                if( !handler.isInitialHandshakeComplete() )
                {
                    SSLException newSSLE = new SSLHandshakeException(
                            "Initial SSL handshake failed." );
                    newSSLE.initCause( ssle );
                    ssle = newSSLE;

        }
    }

    public void filterWrite( NextFilter nextFilter, IoSession session, WriteRequest writeRequest ) throws SSLException
    {
        SSLHandler handler = getSSLSessionHandler( session );
        synchronized( handler )
        {
            if( !isSSLStarted( session ) )
            {
                nextFilter.filterWrite( session, writeRequest );
                return;
            }

            // Don't encrypt the data if encryption is disabled.
            if( session.containsAttribute( DISABLE_ENCRYPTION_ONCE ) )
            {
                // Remove the marker attribute because it is temporary.
                session.removeAttribute( DISABLE_ENCRYPTION_ONCE );
                nextFilter.filterWrite( session, writeRequest );
                return;
            }

            // Otherwise, encrypt the buffer.
            ByteBuffer buf = ( ByteBuffer ) writeRequest.getMessage();

            if( SessionLog.isDebugEnabled( session ) )
            {
                SessionLog.debug( session, " Filtered Write: " + handler );
            }

            if( handler.isWritingEncryptedData() )
            {
                // data already encrypted; simply return buffer
                if( SessionLog.isDebugEnabled( session ) )
                {
                    SessionLog.debug( session, "   already encrypted: " + buf );
                }
                nextFilter.filterWrite( session, writeRequest );
                return;
            }

            if( handler.isInitialHandshakeComplete() )
            {
                // SSL encrypt
                if( SessionLog.isDebugEnabled( session ) )
                {
                    SessionLog.debug( session, " encrypt: " + buf );
                }

                int pos = buf.position();
                handler.encrypt( buf.buf() );
                buf.position( pos );
                ByteBuffer encryptedBuffer = new EncryptedBuffer(
                        SSLHandler.copy( handler.getOutNetBuffer() ), buf );

                if( SessionLog.isDebugEnabled( session ) )
                {
                    SessionLog.debug( session, " encrypted buf: " + encryptedBuffer);
                }
                nextFilter.filterWrite( session, new WriteRequest( encryptedBuffer, writeRequest.getFuture() ) );
                return;
            }
            else
            {
                if( !session.isConnected() )
                {
                    if( SessionLog.isDebugEnabled( session ) )
                    {
                        SessionLog.debug( session, " Write request on closed session." );
                    }
                }
                else
                {
                    if( SessionLog.isDebugEnabled( session ) )
                    {
                        SessionLog.debug( session, " Handshaking is not complete yet. Buffering write request." );
                    }
                    handler.scheduleWrite( nextFilter, writeRequest );
                }
            }
        }
    }

        }
    }

    public void filterClose( final NextFilter nextFilter, final IoSession session ) throws SSLException
    {
        SSLHandler handler = getSSLSessionHandler( session );

        WriteFuture future = null;
        synchronized( handler )
        {
            try

        }
    }

    private WriteFuture initiateClosure( NextFilter nextFilter, IoSession session ) throws SSLException
    {
        SSLHandler handler = getSSLSessionHandler( session );
        // if already shut down
        if( !handler.closeOutbound() )
        {
            return DefaultWriteFuture.newNotWrittenFuture( session );
        }

        // there might be data to write out here?
        WriteFuture future = handler.writeNetBuffer( nextFilter );

        if( handler.isInboundDone() )
        {
            handler.destroy();
        }

        if( session.containsAttribute( USE_NOTIFICATION ) )
        {
            nextFilter.messageReceived( session, SESSION_UNSECURED );

        nextFilter.messageReceived( session, readBuffer );
    }

    private SSLHandler getSSLSessionHandler( IoSession session )
    {
        SSLHandler handler = ( SSLHandler ) session.getAttribute( SSL_HANDLER );
        if( handler == null )
        {
            throw new IllegalStateException();
        }
        if( handler.getParent() != this )
        {
            throw new IllegalArgumentException( "Not managed by this filter." );
        }
        return handler;
    }

     *
     * @return <tt>true</tt> if the SSL session has been started, <tt>false</tt> if already started.
     * @throws SSLException if failed to start the SSL session
     */
    public boolean startSSL(IoSession session) throws SSLException {
        SSLHandler handler = getSSLSessionHandler(session);
        boolean started;
        synchronized (handler) {
            if (handler.isOutboundDone()) {
                NextFilter nextFilter = (NextFilter) session
                        .getAttribute(NEXT_FILTER);
                handler.destroy();
                handler.init();
                handler.handshake(nextFilter);
                started = true;
            } else {
                started = false;
            }
        }

        handler.flushScheduledEvents();
        return started;
    }

     * encrypted/decrypted over SSL/TLS currently.  This method will start
     * to retun <tt>false</tt> after TLS <tt>close_notify</tt> message
     * is sent and any messages written after then is not goinf to get encrypted.
     */
    public boolean isSSLStarted(IoSession session) {
        SSLHandler handler = getSSLSessionHandler0(session);
        if (handler == null) {
            return false;
        }

        synchronized (handler) {
            return !handler.isOutboundDone();
        }
    }

     * @param session the {@link IoSession} to initiate TLS closure
     * @throws SSLException if failed to initiate TLS closure
     * @throws IllegalArgumentException if this filter is not managing the specified session
     */
    public WriteFuture stopSSL(IoSession session) throws SSLException {
        SSLHandler handler = getSSLSessionHandler(session);
        NextFilter nextFilter = (NextFilter) session.getAttribute(NEXT_FILTER);
        WriteFuture future;
        synchronized (handler) {
            future = initiateClosure(nextFilter, session);
        }

        handler.flushScheduledEvents();

        return future;
    }

        IoSession session = parent.getSession();
        session.setAttribute(NEXT_FILTER, nextFilter);

        // Create an SSL handler and start handshake.
        SSLHandler handler = new SSLHandler(this, sslContext, session);
        session.setAttribute(SSL_HANDLER, handler);
    }

        session.setAttribute(SSL_HANDLER, handler);
    }

    public void onPostAdd(IoFilterChain parent, String name,
            NextFilter nextFilter) throws SSLException {
        SSLHandler handler = getSSLSessionHandler(parent.getSession());
        synchronized (handler) {
            handler.handshake(nextFilter);
        }
        handler.flushScheduledEvents();
    }