Class SecureNioChannel

java.lang.Object
org.apache.tomcat.util.net.NioChannel
org.apache.tomcat.util.net.SecureNioChannel
All Implemented Interfaces:
Closeable, AutoCloseable, ByteChannel, Channel, GatheringByteChannel, ReadableByteChannel, ScatteringByteChannel, WritableByteChannel
public class SecureNioChannel extends NioChannel
Implementation of a secure socket channel

  • Field Details

    • netInBuffer

      protected ByteBuffer netInBuffer
      Network input buffer for encrypted data

    • netOutBuffer

      protected ByteBuffer netOutBuffer
      Network output buffer for encrypted data

    • sslEngine

      protected SSLEngine sslEngine
      SSL engine for this channel

    • sniComplete

      protected boolean sniComplete
      True when SNI processing is complete

    • handshakeComplete

      protected boolean handshakeComplete
      True when the SSL handshake is complete

    • needHandshakeWrap

      protected boolean needHandshakeWrap
      True when a handshake wrap is pending

    • handshakeStatus

      protected SSLEngineResult.HandshakeStatus handshakeStatus
      Current handshake status, updated during handshake processing

    • closed

      protected boolean closed
      True when the channel is closed

    • closing

      protected boolean closing
      True when the channel is in the process of closing

  • Constructor Details

    • SecureNioChannel

      public SecureNioChannel(SocketBufferHandler bufHandler, NioEndpoint endpoint)
      Creates a new secure NIO channel.
      Parameters:
      bufHandler - Buffer handler for the application buffers
      endpoint - The NIO endpoint managing this channel

  • Method Details

    • reset

      public void reset(SocketChannel channel, NioEndpoint.NioSocketWrapper socketWrapper) throws IOException
      Description copied from class: NioChannel
      Reset the channel
      Overrides:
      reset in class NioChannel
      Parameters:
      channel - the socket channel
      socketWrapper - the socket wrapper
      Throws:
      IOException - If a problem was encountered resetting the channel

    • free

      public void free()
      Description copied from class: NioChannel
      Free the channel memory
      Overrides:
      free in class NioChannel

    • flush

      protected boolean flush(ByteBuffer buf) throws IOException
      Flushes the buffer to the network, non-blocking
      Parameters:
      buf - ByteBuffer
      Returns:
      boolean true if the buffer has been emptied out, false otherwise
      Throws:
      IOException - An IO error occurred writing data

    • handshake

      public int handshake(boolean read, boolean write) throws IOException
      Performs SSL handshake, non-blocking, but performs NEED_TASK on the same thread. Hence, you should never call this method using your Acceptor thread, as you would slow down your system significantly. If the return value from this method is positive, the selection key should be registered interestOps given by the return value.
      Overrides:
      handshake in class NioChannel
      Parameters:
      read - boolean - true if the underlying channel is readable
      write - boolean - true if the underlying channel is writable
      Returns:
      0 if handshake is complete, -1 if an error (other than an IOException) occurred, otherwise it returns a SelectionKey interestOps value
      Throws:
      IOException - If an I/O error occurs during the handshake or if the handshake fails during wrapping or unwrapping

    • rehandshake

      public void rehandshake(long timeout) throws IOException
      Force a blocking handshake to take place for this key. This requires that both network and application buffers have been emptied out prior to this call taking place, or a IOException will be thrown.
      Parameters:
      timeout - - timeout in milliseconds for each socket operation
      Throws:
      IOException - - if an IO exception occurs or if application or network buffers contain data
      SocketTimeoutException - - if a socket operation timed out

    • tasks

      protected SSLEngineResult.HandshakeStatus tasks()
      Executes all the tasks needed on the same thread.
      Returns:
      the status

    • handshakeWrap

      protected SSLEngineResult handshakeWrap(boolean doWrite) throws IOException
      Performs the WRAP function
      Parameters:
      doWrite - boolean
      Returns:
      the result
      Throws:
      IOException - An IO error occurred

    • handshakeUnwrap

      protected SSLEngineResult handshakeUnwrap(boolean doread) throws IOException
      Perform handshake unwrap
      Parameters:
      doread - boolean
      Returns:
      the result
      Throws:
      IOException - An IO error occurred

    • getSSLSupport

      public SSLSupport getSSLSupport()
      Returns the SSL support object for this channel, or null if the SSL engine has not been initialized.
      Returns:
      the SSL support object, or null

    • close

      public void close() throws IOException
      Sends an SSL close message, will not physically close the connection here.
      To close the connection, you could do something like 
      
  close();
  while (isOpen() && !myTimeoutFunction()) Thread.sleep(25);
  if ( isOpen() ) close(true); //forces a close if you timed out
      Specified by:
      close in interface AutoCloseable
      Specified by:
      close in interface Channel
      Specified by:
      close in interface Closeable
      Overrides:
      close in class NioChannel
      Throws:
      IOException - if an I/O error occurs
      IOException - if there is data on the outgoing network buffer, and we are unable to flush it

    • close

      public void close(boolean force) throws IOException
      Description copied from class: NioChannel
      Close the connection.
      Overrides:
      close in class NioChannel
      Parameters:
      force - Should the underlying socket be forcibly closed?
      Throws:
      IOException - If closing the secure channel fails.

    • read

      public int read(ByteBuffer dst) throws IOException
      Reads a sequence of bytes from this channel into the given buffer.
      Specified by:
      read in interface ReadableByteChannel
      Overrides:
      read in class NioChannel
      Parameters:
      dst - The buffer into which bytes are to be transferred
      Returns:
      The number of bytes read, possibly zero, or -1 if the channel has reached end-of-stream
      Throws:
      IOException - If some other I/O error occurs
      IllegalStateException - if the handshake was not completed

    • read

      public long read(ByteBuffer[] dsts, int offset, int length) throws IOException
      Specified by:
      read in interface ScatteringByteChannel
      Overrides:
      read in class NioChannel
      Throws:
      IOException

    • write

      public int write(ByteBuffer src) throws IOException
      Writes a sequence of bytes to this channel from the given buffer.
      Specified by:
      write in interface WritableByteChannel
      Overrides:
      write in class NioChannel
      Parameters:
      src - The buffer from which bytes are to be retrieved
      Returns:
      The number of bytes written, possibly zero
      Throws:
      IOException - If some other I/O error occurs

    • write

      public long write(ByteBuffer[] srcs, int offset, int length) throws IOException
      Specified by:
      write in interface GatheringByteChannel
      Overrides:
      write in class NioChannel
      Throws:
      IOException

    • getOutboundRemaining

      public int getOutboundRemaining()
      Description copied from class: NioChannel
      Returns the number of bytes remaining in the outbound buffer.
      Overrides:
      getOutboundRemaining in class NioChannel
      Returns:
      Always returns 0 for non-secure channels

    • flushOutbound

      public boolean flushOutbound() throws IOException
      Description copied from class: NioChannel
      Return true if the buffer wrote data. NO-OP for non-secure channel.
      Overrides:
      flushOutbound in class NioChannel
      Returns:
      Always returns false for non-secure channel
      Throws:
      IOException - Never for non-secure channel

    • isHandshakeComplete

      public boolean isHandshakeComplete()
      Description copied from class: NioChannel
      Indicates whether the SSL handshake is complete.
      Overrides:
      isHandshakeComplete in class NioChannel
      Returns:
      true for non-secure channels (no handshake required)

    • isClosing

      public boolean isClosing()
      Description copied from class: NioChannel
      Indicates whether the channel is in the process of closing.
      Overrides:
      isClosing in class NioChannel
      Returns:
      false for non-secure channels

    • getSslEngine

      public SSLEngine getSslEngine()
      Returns the SSL engine for this channel.
      Returns:
      the SSL engine, or null if not yet created

    • getEmptyBuf

      public ByteBuffer getEmptyBuf()
      Returns an empty byte buffer used for SSL wrap operations.
      Returns:
      an empty byte buffer