-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Rework the SSLHelper class as being renamed to SslContextManager and …
…decoupled from the Netty channel side. It is also moved to the internal package so it can be reused in other components.
- Loading branch information
Showing
21 changed files
with
357 additions
and
365 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
83 changes: 83 additions & 0 deletions
83
src/main/java/io/vertx/core/internal/net/SslChannelProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
/* | ||
* Copyright (c) 2011-2022 Contributors to the Eclipse Foundation | ||
* | ||
* This program and the accompanying materials are made available under the | ||
* terms of the Eclipse Public License 2.0 which is available at | ||
* http://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0 | ||
* which is available at https://www.apache.org/licenses/LICENSE-2.0. | ||
* | ||
* SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 | ||
*/ | ||
package io.vertx.core.internal.net; | ||
|
||
import io.netty.buffer.ByteBufAllocator; | ||
import io.netty.channel.ChannelHandler; | ||
import io.netty.handler.ssl.SniHandler; | ||
import io.netty.handler.ssl.SslContext; | ||
import io.netty.handler.ssl.SslHandler; | ||
import io.netty.util.concurrent.ImmediateExecutor; | ||
import io.vertx.core.internal.VertxInternal; | ||
import io.vertx.core.internal.tls.SslContextProvider; | ||
import io.vertx.core.net.SocketAddress; | ||
|
||
import java.util.concurrent.Executor; | ||
import java.util.concurrent.TimeUnit; | ||
|
||
/** | ||
* Provider for Netty {@link SslHandler} and {@link SniHandler}. | ||
* <br/> | ||
* {@link SslContext} instances are cached and reused. | ||
*/ | ||
public class SslChannelProvider { | ||
|
||
private final Executor workerPool; | ||
private final boolean sni; | ||
private final SslContextProvider sslContextProvider; | ||
|
||
public SslChannelProvider(VertxInternal vertx, | ||
SslContextProvider sslContextProvider, | ||
boolean sni) { | ||
this.workerPool = vertx.getInternalWorkerPool().executor(); | ||
this.sni = sni; | ||
this.sslContextProvider = sslContextProvider; | ||
} | ||
|
||
public SslContextProvider sslContextProvider() { | ||
return sslContextProvider; | ||
} | ||
|
||
public SslHandler createClientSslHandler(SocketAddress peerAddress, String serverName, boolean useAlpn, long sslHandshakeTimeout, TimeUnit sslHandshakeTimeoutUnit) { | ||
SslContext sslContext = sslContextProvider.sslClientContext(serverName, useAlpn); | ||
SslHandler sslHandler; | ||
Executor delegatedTaskExec = sslContextProvider.useWorkerPool() ? workerPool : ImmediateExecutor.INSTANCE; | ||
if (peerAddress != null && peerAddress.isInetSocket()) { | ||
sslHandler = sslContext.newHandler(ByteBufAllocator.DEFAULT, peerAddress.host(), peerAddress.port(), delegatedTaskExec); | ||
} else { | ||
sslHandler = sslContext.newHandler(ByteBufAllocator.DEFAULT, delegatedTaskExec); | ||
} | ||
sslHandler.setHandshakeTimeout(sslHandshakeTimeout, sslHandshakeTimeoutUnit); | ||
return sslHandler; | ||
} | ||
|
||
public ChannelHandler createServerHandler(boolean useAlpn, long sslHandshakeTimeout, TimeUnit sslHandshakeTimeoutUnit) { | ||
if (sni) { | ||
return createSniHandler(useAlpn, sslHandshakeTimeout, sslHandshakeTimeoutUnit); | ||
} else { | ||
return createServerSslHandler(useAlpn, sslHandshakeTimeout, sslHandshakeTimeoutUnit); | ||
} | ||
} | ||
|
||
private SslHandler createServerSslHandler(boolean useAlpn, long sslHandshakeTimeout, TimeUnit sslHandshakeTimeoutUnit) { | ||
SslContext sslContext = sslContextProvider.sslServerContext(useAlpn); | ||
Executor delegatedTaskExec = sslContextProvider.useWorkerPool() ? workerPool : ImmediateExecutor.INSTANCE; | ||
SslHandler sslHandler = sslContext.newHandler(ByteBufAllocator.DEFAULT, delegatedTaskExec); | ||
sslHandler.setHandshakeTimeout(sslHandshakeTimeout, sslHandshakeTimeoutUnit); | ||
return sslHandler; | ||
} | ||
|
||
private SniHandler createSniHandler(boolean useAlpn, long sslHandshakeTimeout, TimeUnit sslHandshakeTimeoutUnit) { | ||
Executor delegatedTaskExec = sslContextProvider.useWorkerPool() ? workerPool : ImmediateExecutor.INSTANCE; | ||
return new VertxSniHandler(sslContextProvider.serverNameMapping(delegatedTaskExec, useAlpn), sslHandshakeTimeoutUnit.toMillis(sslHandshakeTimeout), delegatedTaskExec); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.