Author: elecharny Date: Wed Nov 12 05:35:51 2008 New Revision: 713364 URL: http://svn.apache.org/viewvc?rev=713364&view=rev Log: Minor code refactoring : o added some comments o used a switch to replace a 'if' cascade o added a TODO
Modified: mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java Modified: mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java URL: http://svn.apache.org/viewvc/mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java?rev=713364&r1=713363&r2=713364&view=diff ============================================================================== --- mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java (original) +++ mina/trunk/core/src/main/java/org/apache/mina/filter/ssl/SslHandler.java Wed Nov 12 05:35:51 2008 @@ -58,7 +58,7 @@ private final Logger logger = LoggerFactory.getLogger(getClass()); private final SslFilter parent; - private final SSLContext ctx; + private final SSLContext sslContext; private final IoSession session; private final Queue<IoFilterEvent> preHandshakeEventQueue = new CircularQueue<IoFilterEvent>(); private final Queue<IoFilterEvent> filterWriteEventQueue = new ConcurrentLinkedQueue<IoFilterEvent>(); @@ -96,28 +96,39 @@ * @param sslc * @throws SSLException */ - public SslHandler(SslFilter parent, SSLContext sslc, IoSession session) + public SslHandler(SslFilter parent, SSLContext sslContext, IoSession session) throws SSLException { this.parent = parent; this.session = session; - ctx = sslc; + this.sslContext = sslContext; init(); } + /** + * Initialize the SSL handshake. + * + * @throws SSLException + */ public void init() throws SSLException { if (sslEngine != null) { + // We already have a SSL engine created, no need to create a new one return; } InetSocketAddress peer = (InetSocketAddress) session .getAttribute(SslFilter.PEER_ADDRESS); + + // Create the SSL engine here if (peer == null) { - sslEngine = ctx.createSSLEngine(); + sslEngine = sslContext.createSSLEngine(); } else { - sslEngine = ctx.createSSLEngine(peer.getHostName(), peer.getPort()); + sslEngine = sslContext.createSSLEngine(peer.getHostName(), peer.getPort()); } + + // Initialize the engine in client mode if necessary sslEngine.setUseClientMode(parent.isUseClientMode()); + // Initialize the different SslEngine modes if (parent.isWantClientAuth()) { sslEngine.setWantClientAuth(true); } @@ -134,7 +145,10 @@ sslEngine.setEnabledProtocols(parent.getEnabledProtocols()); } + // TODO : we may not need to call this method... sslEngine.beginHandshake(); + + handshakeStatus = sslEngine.getHandshakeStatus(); handshakeComplete = false; @@ -440,56 +454,69 @@ * Perform any handshaking processing. */ public void handshake(NextFilter nextFilter) throws SSLException { - for (; ;) { - if (handshakeStatus == SSLEngineResult.HandshakeStatus.FINISHED) { - session.setAttribute( - SslFilter.SSL_SESSION, sslEngine.getSession()); - handshakeComplete = true; - if (!initialHandshakeComplete - && session.containsAttribute(SslFilter.USE_NOTIFICATION)) { - // SESSION_SECURED is fired only when it's the first handshake. - // (i.e. renegotiation shouldn't trigger SESSION_SECURED.) - initialHandshakeComplete = true; - scheduleMessageReceived(nextFilter, - SslFilter.SESSION_SECURED); - } - break; - } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_TASK) { - handshakeStatus = doTasks(); - } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) { - // we need more data read - SSLEngineResult.Status status = unwrapHandshake(nextFilter); - if (status == SSLEngineResult.Status.BUFFER_UNDERFLOW && - handshakeStatus != SSLEngineResult.HandshakeStatus.FINISHED || - isInboundDone()) { - // We need more data or the session is closed + for (;;) { + switch (handshakeStatus) { + case FINISHED : + session.setAttribute( + SslFilter.SSL_SESSION, sslEngine.getSession()); + handshakeComplete = true; + + if (!initialHandshakeComplete + && session.containsAttribute(SslFilter.USE_NOTIFICATION)) { + // SESSION_SECURED is fired only when it's the first handshake. + // (i.e. renegotiation shouldn't trigger SESSION_SECURED.) + initialHandshakeComplete = true; + scheduleMessageReceived(nextFilter, + SslFilter.SESSION_SECURED); + } + + return; + + case NEED_TASK : + handshakeStatus = doTasks(); break; - } - } else if (handshakeStatus == SSLEngineResult.HandshakeStatus.NEED_WRAP) { - // First make sure that the out buffer is completely empty. Since we - // cannot call wrap with data left on the buffer - if (outNetBuffer != null && outNetBuffer.hasRemaining()) { + + case NEED_UNWRAP : + // we need more data read + SSLEngineResult.Status status = unwrapHandshake(nextFilter); + + if (status == SSLEngineResult.Status.BUFFER_UNDERFLOW && + handshakeStatus != SSLEngineResult.HandshakeStatus.FINISHED || + isInboundDone()) { + // We need more data or the session is closed + return; + } + break; - } - SSLEngineResult result; - createOutNetBuffer(0); - for (;;) { - result = sslEngine.wrap(emptyBuffer.buf(), outNetBuffer.buf()); - if (result.getStatus() == SSLEngineResult.Status.BUFFER_OVERFLOW) { - outNetBuffer.capacity(outNetBuffer.capacity() << 1); - outNetBuffer.limit(outNetBuffer.capacity()); - } else { - break; + case NEED_WRAP : + // First make sure that the out buffer is completely empty. Since we + // cannot call wrap with data left on the buffer + if (outNetBuffer != null && outNetBuffer.hasRemaining()) { + return; } - } - outNetBuffer.flip(); - handshakeStatus = result.getHandshakeStatus(); - writeNetBuffer(nextFilter); - } else { - throw new IllegalStateException("Invalid Handshaking State" - + handshakeStatus); + SSLEngineResult result; + createOutNetBuffer(0); + + for (;;) { + result = sslEngine.wrap(emptyBuffer.buf(), outNetBuffer.buf()); + if (result.getStatus() == SSLEngineResult.Status.BUFFER_OVERFLOW) { + outNetBuffer.capacity(outNetBuffer.capacity() << 1); + outNetBuffer.limit(outNetBuffer.capacity()); + } else { + break; + } + } + + outNetBuffer.flip(); + handshakeStatus = result.getHandshakeStatus(); + writeNetBuffer(nextFilter); + break; + + default : + throw new IllegalStateException("Invalid Handshaking State" + + handshakeStatus); } } } @@ -665,6 +692,7 @@ */ Runnable runnable; while ((runnable = sslEngine.getDelegatedTask()) != null) { + // TODO : we may have to use a thread pool here to improve the performances runnable.run(); } return sslEngine.getHandshakeStatus();