Example 1 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project hadoop by apache.
the class TestSSLFactory method wrap.
private SSLEngineResult wrap(SSLEngine engine, ByteBuffer from, ByteBuffer to) throws Exception {
SSLEngineResult result = engine.wrap(from, to);
runDelegatedTasks(result, engine);
return result;
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 2 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project hadoop by apache.
the class TestSSLFactory method unwrap.
private SSLEngineResult unwrap(SSLEngine engine, ByteBuffer from, ByteBuffer to) throws Exception {
SSLEngineResult result = engine.unwrap(from, to);
runDelegatedTasks(result, engine);
return result;
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 3 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project kafka by apache.
the class SslTransportLayer method write.
/**
* Writes a sequence of bytes to this channel from the given buffer.
*
* @param src The buffer from which bytes are to be retrieved
* @return The number of bytes read, possibly zero, or -1 if the channel has reached end-of-stream
* @throws IOException If some other I/O error occurs
*/
@Override
public int write(ByteBuffer src) throws IOException {
int written = 0;
if (closing)
throw new IllegalStateException("Channel is in closing state");
if (!handshakeComplete)
return written;
if (!flush(netWriteBuffer))
return written;
netWriteBuffer.clear();
SSLEngineResult wrapResult = sslEngine.wrap(src, netWriteBuffer);
netWriteBuffer.flip();
//handle ssl renegotiation
if (wrapResult.getHandshakeStatus() != HandshakeStatus.NOT_HANDSHAKING && wrapResult.getStatus() == Status.OK) {
renegotiate();
return written;
}
if (wrapResult.getStatus() == Status.OK) {
written = wrapResult.bytesConsumed();
flush(netWriteBuffer);
} else if (wrapResult.getStatus() == Status.BUFFER_OVERFLOW) {
int currentNetWriteBufferSize = netWriteBufferSize();
netWriteBuffer.compact();
netWriteBuffer = Utils.ensureCapacity(netWriteBuffer, currentNetWriteBufferSize);
netWriteBuffer.flip();
if (netWriteBuffer.limit() >= currentNetWriteBufferSize)
throw new IllegalStateException("SSL BUFFER_OVERFLOW when available data size (" + netWriteBuffer.limit() + ") >= network buffer size (" + currentNetWriteBufferSize + ")");
} else if (wrapResult.getStatus() == Status.BUFFER_UNDERFLOW) {
throw new IllegalStateException("SSL BUFFER_UNDERFLOW during write");
} else if (wrapResult.getStatus() == Status.CLOSED) {
throw new EOFException();
}
return written;
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
EOFException(java.io.EOFException)
Example 4 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project kafka by apache.
the class SslTransportLayer method handshakeWrap.
/**
* Performs the WRAP function
* @param doWrite boolean
* @return SSLEngineResult
* @throws IOException
*/
private SSLEngineResult handshakeWrap(boolean doWrite) throws IOException {
log.trace("SSLHandshake handshakeWrap {}", channelId);
if (netWriteBuffer.hasRemaining())
throw new IllegalStateException("handshakeWrap called with netWriteBuffer not empty");
//this should never be called with a network buffer that contains data
//so we can clear it here.
netWriteBuffer.clear();
SSLEngineResult result = sslEngine.wrap(emptyBuf, netWriteBuffer);
//prepare the results to be written
netWriteBuffer.flip();
handshakeStatus = result.getHandshakeStatus();
if (result.getStatus() == SSLEngineResult.Status.OK && result.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
handshakeStatus = runDelegatedTasks();
}
if (doWrite)
flush(netWriteBuffer);
return result;
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
Example 5 with SSLEngineResult
use of javax.net.ssl.SSLEngineResult in project kafka by apache.
the class SslTransportLayer method handshakeUnwrap.
/**
* Perform handshake unwrap
* @param doRead boolean
* @return SSLEngineResult
* @throws IOException
*/
private SSLEngineResult handshakeUnwrap(boolean doRead) throws IOException {
log.trace("SSLHandshake handshakeUnwrap {}", channelId);
SSLEngineResult result;
if (doRead) {
int read = socketChannel.read(netReadBuffer);
if (read == -1)
throw new EOFException("EOF during handshake.");
}
boolean cont;
do {
//prepare the buffer with the incoming data
netReadBuffer.flip();
result = sslEngine.unwrap(netReadBuffer, appReadBuffer);
netReadBuffer.compact();
handshakeStatus = result.getHandshakeStatus();
if (result.getStatus() == SSLEngineResult.Status.OK && result.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
handshakeStatus = runDelegatedTasks();
}
cont = result.getStatus() == SSLEngineResult.Status.OK && handshakeStatus == HandshakeStatus.NEED_UNWRAP;
log.trace("SSLHandshake handshakeUnwrap: handshakeStatus {} status {}", handshakeStatus, result.getStatus());
} while (netReadBuffer.position() != 0 && cont);
return result;
}
Also used :
SSLEngineResult(javax.net.ssl.SSLEngineResult)
EOFException(java.io.EOFException)
Aggregations
SSLEngineResult (javax.net.ssl.SSLEngineResult)131
ByteBuffer (java.nio.ByteBuffer)53
IOException (java.io.IOException)31
SSLException (javax.net.ssl.SSLException)29
SSLEngine (javax.net.ssl.SSLEngine)23
Test (org.junit.Test)13
ReadOnlyBufferException (java.nio.ReadOnlyBufferException)12
SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)10
EOFException (java.io.EOFException)7
HandshakeStatus (javax.net.ssl.SSLEngineResult.HandshakeStatus)7
ByteBuf (io.netty.buffer.ByteBuf)6
SSLSession (javax.net.ssl.SSLSession)6
WritePendingException (java.nio.channels.WritePendingException)5
KeyManagementException (java.security.KeyManagementException)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
ExecutionException (java.util.concurrent.ExecutionException)5
TimeoutException (java.util.concurrent.TimeoutException)5
CompositeByteBuf (io.netty.buffer.CompositeByteBuf)4
Status (javax.net.ssl.SSLEngineResult.Status)4
BufferUnderflowException (java.nio.BufferUnderflowException)3
