Package org.dogtagpki.jss.tomcat
Class JSSSecureNioChannel
java.lang.Object
org.apache.tomcat.util.net.NioChannel
org.apache.tomcat.util.net.SecureNioChannel
org.dogtagpki.jss.tomcat.JSSSecureNioChannel
- All Implemented Interfaces:
Closeable
,AutoCloseable
,ByteChannel
,Channel
,GatheringByteChannel
,ReadableByteChannel
,ScatteringByteChannel
,WritableByteChannel
public class JSSSecureNioChannel
extends org.apache.tomcat.util.net.SecureNioChannel
Implementation of a secure socket channel
Code in the following methods are almost identical of that available in the base
class invalid input: 'from tomcat git repository
for the version 9.0.78.
<p>
The only difference is the registration of local and remote IP in the SSL engine session.
These IPs are required for audit purpose but the tomcat implementation does not provide
such information to the engine, since they are not needed for Java SSL engine specification.
<p>
The SSL engine is created in the private method {@link JSSSecureNioChannel#processSNI()} so
the calling methods have been duplicated in order to work properly.
@see org.apache.tomcat.util.net.SecureNioChannel'
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate final JSSNioEndpoint
private static final org.apache.juli.logging.Log
private static final org.apache.tomcat.util.res.StringManager
Fields inherited from class org.apache.tomcat.util.net.SecureNioChannel
closed, closing, handshakeComplete, handshakeStatus, netInBuffer, netOutBuffer, sniComplete, sslEngine
Fields inherited from class org.apache.tomcat.util.net.NioChannel
bufHandler, emptyBuf, sc, socketWrapper
-
Constructor Summary
ConstructorsConstructorDescriptionJSSSecureNioChannel
(org.apache.tomcat.util.net.SocketBufferHandler bufHandler, org.apache.tomcat.util.net.NioEndpoint endpoint) -
Method Summary
Modifier and TypeMethodDescriptionorg.apache.tomcat.util.net.SSLSupport
int
handshake
(boolean read, boolean write) Performs SSL handshake, non blocking, but performs NEED_TASK on the same thread.private int
Methods inherited from class org.apache.tomcat.util.net.SecureNioChannel
close, close, flush, flushOutbound, free, getEmptyBuf, getOutboundRemaining, getSslEngine, handshakeUnwrap, handshakeWrap, isClosing, isHandshakeComplete, read, read, rehandshake, reset, tasks, write, write
Methods inherited from class org.apache.tomcat.util.net.NioChannel
checkInterruptStatus, flush, getAppReadBufHandler, getBufHandler, getIOChannel, isOpen, read, setAppReadBufHandler, toString, write
-
Field Details
-
log
private static final org.apache.juli.logging.Log log -
sm
private static final org.apache.tomcat.util.res.StringManager sm -
endpoint
-
additionalTlsAttributes
-
-
Constructor Details
-
JSSSecureNioChannel
public JSSSecureNioChannel(org.apache.tomcat.util.net.SocketBufferHandler bufHandler, org.apache.tomcat.util.net.NioEndpoint endpoint)
-
-
Method Details
-
handshake
Performs SSL handshake, non blocking, but performs NEED_TASK on the same thread. Hence, you should never call this method using your Acceptor thread, as you would slow down your system significantly. If the return value from this method is positive, the selection key should be registered interestOps given by the return value.- Overrides:
handshake
in classorg.apache.tomcat.util.net.SecureNioChannel
- Parameters:
read
- boolean - true if the underlying channel is readablewrite
- boolean - true if the underlying channel is writable- Returns:
- 0 if hand shake is complete, -1 if an error (other than an IOException) occurred, otherwise it returns a SelectionKey interestOps value
- Throws:
IOException
- If an I/O error occurs during the handshake or if the handshake fails during wrapping or unwrapping
-
processJSSSNI
- Throws:
IOException
-
getSSLSupport
public org.apache.tomcat.util.net.SSLSupport getSSLSupport()- Overrides:
getSSLSupport
in classorg.apache.tomcat.util.net.SecureNioChannel
-