andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Introduce helper method to detect if a buffer is encrypted. See #657

Browse Source
This commit is contained in:
Norman Maurer 2012-10-16 13:22:41 +02:00
parent f5969778d0
commit 0c82f5d2e5
1 changed files with 60 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
src/main/java/org/jboss/netty/handler/ssl/SslHandler.java
View File

@ -660,12 +660,38 @@ public class SslHandler extends FrameDecoder
return false; return false;
} }
@Override /**
protected Object decode( * Returns <code>true</code> if the given {@link ChannelBuffer} is encrypted. Be aware that this method
final ChannelHandlerContext ctx, Channel channel, ChannelBuffer buffer) throws Exception { * will not increase the readerIndex of the given {@link ChannelBuffer}.
*
* @param buffer
* The {@link ChannelBuffer} to read from. Be aware that it must have at least 5 bytes to read,
* otherwise it will throw an {@link IllegalArgumentException}.
* @return encrypted
* <code>true</code> if the {@link ChannelBuffer} is encrypted, <code>false</code> otherwise.
* @throws IllegalArgumentException
* Is thrown if the given {@link ChannelBuffer} has not at least 5 bytes to read.
*/
public static boolean isEncrypted(ChannelBuffer buffer) {
return getEncryptedPacketLength(buffer) != -1;
}
/**
* Return how much bytes can be read out of the encrypted data. Be aware that this method will not increase
* the readerIndex of the given {@link ChannelBuffer}.
*
* @param buffer
* The {@link ChannelBuffer} to read from. Be aware that it must have at least 5 bytes to read,
* otherwise it will throw an {@link IllegalArgumentException}.
* @return length
* The length of the encrypted packet that is included in the buffer. This will
* return <code>-1</code> if the given {@link ChannelBuffer} is not encrypted at all.
* @throws IllegalArgumentException
* Is thrown if the given {@link ChannelBuffer} has not at least 5 bytes to read.
*/
private static int getEncryptedPacketLength(ChannelBuffer buffer) {
if (buffer.readableBytes() < 5) { if (buffer.readableBytes() < 5) {
return null; throw new IllegalArgumentException("buffer must have at least 5 readable bytes");
} }
int packetLength = 0; int packetLength = 0;
@ -722,21 +748,37 @@ public class SslHandler extends FrameDecoder
} }
if (!sslv2) { if (!sslv2) {
// Bad data - discard the buffer and raise an exception. return -1;
NotSslRecordException e = new NotSslRecordException( }
"not an SSL/TLS record: " + ChannelBuffers.hexDump(buffer)); }
buffer.skipBytes(buffer.readableBytes()); return packetLength;
if (closeOnSSLException) { }
// first trigger the exception and then close the channel
fireExceptionCaught(ctx, e);
Channels.close(ctx, future(channel));
// just return null as we closed the channel before, that @Override
// will take care of cleanup etc protected Object decode(
return null; final ChannelHandlerContext ctx, Channel channel, ChannelBuffer buffer) throws Exception {
} else {
throw e; if (buffer.readableBytes() < 5) {
} return null;
}
int packetLength = getEncryptedPacketLength(buffer);
if (packetLength == -1) {
// Bad data - discard the buffer and raise an exception.
NotSslRecordException e = new NotSslRecordException(
"not an SSL/TLS record: " + ChannelBuffers.hexDump(buffer));
buffer.skipBytes(buffer.readableBytes());
if (closeOnSSLException) {
// first trigger the exception and then close the channel
fireExceptionCaught(ctx, e);
Channels.close(ctx, future(channel));
// just return null as we closed the channel before, that
// will take care of cleanup etc
return null;
} else {
throw e;
} }
} }