Added more configuration parameters for SSLEngine

This commit is contained in:
Trustin Lee 2009-06-25 10:26:04 +00:00
parent 147173e56d
commit de717916be
3 changed files with 91 additions and 1 deletions

View File

@ -254,12 +254,24 @@ class HttpTunnelingClientSocketChannel extends AbstractChannel
@Override @Override
public void channelConnected(ChannelHandlerContext ctx, public void channelConnected(ChannelHandlerContext ctx,
ChannelStateEvent e) throws Exception { ChannelStateEvent e) throws Exception {
SSLContext sslContext = getConfig().getSslContext(); HttpTunnelingSocketChannelConfig config = getConfig();
SSLContext sslContext = config.getSslContext();
if (sslContext != null) { if (sslContext != null) {
URI uri = remoteAddress.getUri(); URI uri = remoteAddress.getUri();
SSLEngine engine = sslContext.createSSLEngine( SSLEngine engine = sslContext.createSSLEngine(
uri.getHost(), uri.getPort()); uri.getHost(), uri.getPort());
// Configure the SSLEngine.
engine.setUseClientMode(true); engine.setUseClientMode(true);
engine.setEnableSessionCreation(config.isEnableSslSessionCreation());
String[] enabledCipherSuites = config.getEnabledSslCipherSuites();
if (enabledCipherSuites != null) {
engine.setEnabledCipherSuites(enabledCipherSuites);
}
String[] enabledProtocols = config.getEnabledSslProtocols();
if (enabledProtocols != null) {
engine.setEnabledProtocols(enabledProtocols);
}
SocketChannel ch = (SocketChannel) e.getChannel(); SocketChannel ch = (SocketChannel) e.getChannel();
SslHandler sslHandler = new SslHandler(engine); SslHandler sslHandler = new SslHandler(engine);

View File

@ -31,6 +31,7 @@ import org.jboss.netty.channel.ChannelConfig;
import org.jboss.netty.channel.ChannelPipelineFactory; import org.jboss.netty.channel.ChannelPipelineFactory;
import org.jboss.netty.channel.socket.SocketChannel; import org.jboss.netty.channel.socket.SocketChannel;
import org.jboss.netty.channel.socket.SocketChannelConfig; import org.jboss.netty.channel.socket.SocketChannelConfig;
import org.jboss.netty.util.internal.ConversionUtil;
/** /**
* The {@link ChannelConfig} of a client-side HTTP tunneling * The {@link ChannelConfig} of a client-side HTTP tunneling
@ -61,6 +62,9 @@ public final class HttpTunnelingSocketChannelConfig implements SocketChannelConf
private final HttpTunnelingClientSocketChannel channel; private final HttpTunnelingClientSocketChannel channel;
private volatile SSLContext sslContext; private volatile SSLContext sslContext;
private volatile String[] enabledSslCipherSuites;
private volatile String[] enabledSslProtocols;
private volatile boolean enableSslSessionCreation = true;
/** /**
* Creates a new instance. * Creates a new instance.
@ -85,6 +89,48 @@ public final class HttpTunnelingSocketChannelConfig implements SocketChannelConf
this.sslContext = sslContext; this.sslContext = sslContext;
} }
public String[] getEnabledSslCipherSuites() {
String[] suites = enabledSslCipherSuites;
if (suites == null) {
return null;
} else {
return suites.clone();
}
}
public void setEnabledSslCipherSuites(String[] suites) {
if (suites == null) {
enabledSslCipherSuites = null;
} else {
enabledSslCipherSuites = suites.clone();
}
}
public String[] getEnabledSslProtocols() {
String[] protocols = enabledSslProtocols;
if (protocols == null) {
return null;
} else {
return protocols.clone();
}
}
public void setEnabledSslProtocols(String[] protocols) {
if (protocols == null) {
enabledSslProtocols = null;
} else {
enabledSslProtocols = protocols.clone();
}
}
public boolean isEnableSslSessionCreation() {
return enableSslSessionCreation;
}
public void setEnableSslSessionCreation(boolean flag) {
enableSslSessionCreation = flag;
}
public void setOptions(Map<String, Object> options) { public void setOptions(Map<String, Object> options) {
channel.channel.getConfig().setOptions(options); channel.channel.getConfig().setOptions(options);
SSLContext sslContext = (SSLContext) options.get("sslContext"); SSLContext sslContext = (SSLContext) options.get("sslContext");
@ -100,6 +146,12 @@ public final class HttpTunnelingSocketChannelConfig implements SocketChannelConf
if (key.equals("sslContext")) { if (key.equals("sslContext")) {
setSslContext((SSLContext) value); setSslContext((SSLContext) value);
} else if (key.equals("enabledSslCipherSuites")){
setEnabledSslCipherSuites(ConversionUtil.toStringArray(value));
} else if (key.equals("enabledSslProtocols")){
setEnabledSslProtocols(ConversionUtil.toStringArray(value));
} else if (key.equals("enableSslSessionCreation")){
setEnableSslSessionCreation(ConversionUtil.toBoolean(value));
} else { } else {
return false; return false;
} }

View File

@ -22,6 +22,9 @@
*/ */
package org.jboss.netty.util.internal; package org.jboss.netty.util.internal;
import java.util.ArrayList;
import java.util.List;
/** /**
* Conversion utility class to parse a property represented as a string or * Conversion utility class to parse a property represented as a string or
* an object. * an object.
@ -77,4 +80,27 @@ public class ConversionUtil {
private ConversionUtil() { private ConversionUtil() {
// Unused // Unused
} }
/**
* Converts the specified object into an array of strings.
*/
public static String[] toStringArray(Object value) {
if (value instanceof String[]) {
return (String[]) value;
}
if (value instanceof Iterable<?>) {
List<String> answer = new ArrayList<String>();
for (Object v: (Iterable<?>) value) {
if (v == null) {
answer.add(null);
} else {
answer.add(String.valueOf(v));
}
}
return answer.toArray(new String[answer.size()]);
}
return String.valueOf(value).split("[, \\t\\n\\r\\f\\e\\a]");
}
} }