use of org.apache.qpid.server.bytebuffer.QpidByteBuffer in project qpid-broker-j by apache.
the class NonBlockingConnection method setTransportEncryption.
public void setTransportEncryption(TransportEncryption transportEncryption) {
NonBlockingConnectionDelegate oldDelegate = _delegate;
switch(transportEncryption) {
case TLS:
_onTransportEncryptionAction.run();
_delegate = new NonBlockingConnectionTLSDelegate(this, _port);
break;
case NONE:
_delegate = new NonBlockingConnectionPlainDelegate(this, _port);
break;
default:
throw new IllegalArgumentException("unknown TransportEncryption " + transportEncryption);
}
if (oldDelegate != null) {
try (QpidByteBuffer src = oldDelegate.getNetInputBuffer().duplicate()) {
src.flip();
_delegate.getNetInputBuffer().put(src);
}
oldDelegate.shutdownInput();
oldDelegate.shutdownOutput();
}
LOGGER.debug("Identified transport encryption as " + transportEncryption);
}
use of org.apache.qpid.server.bytebuffer.QpidByteBuffer in project qpid-broker-j by apache.
the class NonBlockingConnectionPlainDelegate method restoreApplicationBufferForWrite.
protected void restoreApplicationBufferForWrite() {
try (QpidByteBuffer oldNetInputBuffer = _netInputBuffer) {
int unprocessedDataLength = _netInputBuffer.remaining();
_netInputBuffer.limit(_netInputBuffer.capacity());
_netInputBuffer = oldNetInputBuffer.slice();
_netInputBuffer.limit(unprocessedDataLength);
}
if (_netInputBuffer.limit() != _netInputBuffer.capacity()) {
_netInputBuffer.position(_netInputBuffer.limit());
_netInputBuffer.limit(_netInputBuffer.capacity());
} else {
try (QpidByteBuffer currentBuffer = _netInputBuffer) {
int newBufSize;
if (currentBuffer.capacity() < _networkBufferSize) {
newBufSize = _networkBufferSize;
} else {
newBufSize = currentBuffer.capacity() + _networkBufferSize;
_parent.reportUnexpectedByteBufferSizeUsage();
}
_netInputBuffer = QpidByteBuffer.allocateDirect(newBufSize);
_netInputBuffer.put(currentBuffer);
}
}
}
use of org.apache.qpid.server.bytebuffer.QpidByteBuffer in project qpid-broker-j by apache.
the class NonBlockingConnectionTLSDelegate method processData.
@Override
public boolean processData() throws IOException {
if (!_hostChecked) {
try (QpidByteBuffer buffer = _netInputBuffer.duplicate()) {
buffer.flip();
if (SSLUtil.isSufficientToDetermineClientSNIHost(buffer)) {
String hostName = SSLUtil.getServerNameFromTLSClientHello(buffer);
if (hostName != null) {
_parent.setSelectedHost(hostName);
SSLParameters sslParameters = _sslEngine.getSSLParameters();
sslParameters.setServerNames(Collections.singletonList(new SNIHostName(hostName)));
_sslEngine.setSSLParameters(sslParameters);
}
_hostChecked = true;
} else {
return false;
}
}
}
_netInputBuffer.flip();
boolean readData = false;
boolean tasksRun;
int oldNetBufferPos;
do {
int oldAppBufPos = _applicationBuffer.position();
oldNetBufferPos = _netInputBuffer.position();
_status = QpidByteBuffer.decryptSSL(_sslEngine, _netInputBuffer, _applicationBuffer);
if (_status.getStatus() == SSLEngineResult.Status.CLOSED) {
int remaining = _netInputBuffer.remaining();
_netInputBuffer.position(_netInputBuffer.limit());
// We'd usually expect no more bytes to be sent following a close_notify
LOGGER.debug("SSLEngine closed, discarded {} byte(s)", remaining);
}
tasksRun = runSSLEngineTasks(_status);
_applicationBuffer.flip();
if (_applicationBuffer.position() > oldAppBufPos) {
readData = true;
}
_parent.processAmqpData(_applicationBuffer);
restoreApplicationBufferForWrite();
} while ((_netInputBuffer.hasRemaining() && (_netInputBuffer.position() > oldNetBufferPos)) || tasksRun);
if (_netInputBuffer.hasRemaining()) {
_netInputBuffer.compact();
} else {
_netInputBuffer.clear();
}
return readData;
}
use of org.apache.qpid.server.bytebuffer.QpidByteBuffer in project qpid-broker-j by apache.
the class NonBlockingConnectionTLSDelegate method doWrite.
@Override
public WriteResult doWrite(Collection<QpidByteBuffer> buffers) throws IOException {
final int bufCount = buffers.size();
int totalConsumed = wrapBufferArray(buffers);
boolean bufsSent = true;
final Iterator<QpidByteBuffer> itr = buffers.iterator();
int bufIndex = 0;
while (itr.hasNext() && bufsSent && bufIndex++ < bufCount) {
QpidByteBuffer buf = itr.next();
bufsSent = !buf.hasRemaining();
}
if (!_encryptedOutput.isEmpty()) {
_parent.writeToTransport(_encryptedOutput);
ListIterator<QpidByteBuffer> iter = _encryptedOutput.listIterator();
while (iter.hasNext()) {
QpidByteBuffer buf = iter.next();
if (!buf.hasRemaining()) {
buf.dispose();
iter.remove();
} else {
break;
}
}
}
return new WriteResult(bufsSent && _encryptedOutput.isEmpty(), totalConsumed);
}
use of org.apache.qpid.server.bytebuffer.QpidByteBuffer in project qpid-broker-j by apache.
the class NonBlockingConnectionTLSDelegate method wrapBufferArray.
private int wrapBufferArray(Collection<QpidByteBuffer> buffers) throws SSLException {
int totalConsumed = 0;
boolean encrypted;
do {
if (_sslEngine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
if (_netOutputBuffer.remaining() < _sslEngine.getSession().getPacketBufferSize()) {
if (_netOutputBuffer.position() != 0) {
_netOutputBuffer.flip();
_encryptedOutput.add(_netOutputBuffer);
} else {
_netOutputBuffer.dispose();
}
_netOutputBuffer = QpidByteBuffer.allocateDirect(_networkBufferSize);
}
_status = QpidByteBuffer.encryptSSL(_sslEngine, buffers, _netOutputBuffer);
encrypted = _status.bytesProduced() > 0;
totalConsumed += _status.bytesConsumed();
runSSLEngineTasks(_status);
if (encrypted && _netOutputBuffer.remaining() < _sslEngine.getSession().getPacketBufferSize()) {
_netOutputBuffer.flip();
_encryptedOutput.add(_netOutputBuffer);
_netOutputBuffer = QpidByteBuffer.allocateDirect(_networkBufferSize);
}
} else {
encrypted = false;
}
} while (encrypted && _sslEngine.getHandshakeStatus() != SSLEngineResult.HandshakeStatus.NEED_UNWRAP);
if (_netOutputBuffer.position() != 0) {
final QpidByteBuffer outputBuffer = _netOutputBuffer;
_netOutputBuffer = _netOutputBuffer.slice();
outputBuffer.flip();
_encryptedOutput.add(outputBuffer);
}
return totalConsumed;
}
Aggregations