org.eclipse.jetty.io.nio
Class SslConnection

java.lang.Object
  extended by org.eclipse.jetty.io.AbstractConnection
      extended by org.eclipse.jetty.io.nio.SslConnection
All Implemented Interfaces:
Connection, AsyncConnection

public class SslConnection
extends AbstractConnection
implements AsyncConnection

SSL Connection. An AysyncConnection that acts as an interceptor between and EndPoint and another Connection, that implements TLS encryption using an SSLEngine.

The connector uses an AsyncEndPoint (like SelectChannelEndPoint) as it's source/sink of encrypted data. It then provides getSslEndPoint() to expose a source/sink of unencrypted data to another connection (eg HttpConnection).


Nested Class Summary
 class SslConnection.SslEndPoint
           
 
Field Summary
 
Fields inherited from class org.eclipse.jetty.io.AbstractConnection
_endp
 
Constructor Summary
SslConnection(javax.net.ssl.SSLEngine engine, EndPoint endp)
           
SslConnection(javax.net.ssl.SSLEngine engine, EndPoint endp, long timeStamp)
           
 
Method Summary
 AsyncEndPoint getSslEndPoint()
           
 Connection handle()
          Handle the connection.
 boolean isAllowRenegotiate()
           
 boolean isIdle()
           
 boolean isSuspended()
          The semantic of this method is to return true to indicate interest in further reads, or false otherwise, but it is misnamed and should be really called isReadInterested().
protected  SslConnection.SslEndPoint newSslEndPoint()
           
 void onClose()
          Called after the connection is closed
 void onIdleExpired(long idleForMs)
          Called when the connection idle timeout expires
 void onInputShutdown()
           
 void setAllowRenegotiate(boolean allowRenegotiate)
          Set if SSL re-negotiation is allowed.
 java.lang.String toString()
           
 
Methods inherited from class org.eclipse.jetty.io.AbstractConnection
getEndPoint, getTimeStamp
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface org.eclipse.jetty.io.Connection
getTimeStamp
 

Constructor Detail

SslConnection

public SslConnection(javax.net.ssl.SSLEngine engine,
                     EndPoint endp)

SslConnection

public SslConnection(javax.net.ssl.SSLEngine engine,
                     EndPoint endp,
                     long timeStamp)
Method Detail

newSslEndPoint

protected SslConnection.SslEndPoint newSslEndPoint()

isAllowRenegotiate

public boolean isAllowRenegotiate()
Returns:
True if SSL re-negotiation is allowed (default false)

setAllowRenegotiate

public void setAllowRenegotiate(boolean allowRenegotiate)
Set if SSL re-negotiation is allowed. CVE-2009-3555 discovered a vulnerability in SSL/TLS with re-negotiation. If your JVM does not have CVE-2009-3555 fixed, then re-negotiation should not be allowed. CVE-2009-3555 was fixed in Sun java 1.6 with a ban of renegotiates in u19 and with RFC5746 in u22.

Parameters:
allowRenegotiate - true if re-negotiation is allowed (default false)

handle

public Connection handle()
                  throws java.io.IOException
Description copied from interface: Connection
Handle the connection.

Specified by:
handle in interface Connection
Returns:
The Connection to use for the next handling of the connection. This allows protocol upgrades and support for CONNECT.
Throws:
java.io.IOException - if the handling of I/O operations fail

isIdle

public boolean isIdle()
Specified by:
isIdle in interface Connection
Returns:
whether this connection is idle, that is not parsing and not generating
See Also:
Connection.onIdleExpired(long)

isSuspended

public boolean isSuspended()
Description copied from interface: Connection

The semantic of this method is to return true to indicate interest in further reads, or false otherwise, but it is misnamed and should be really called isReadInterested().

Specified by:
isSuspended in interface Connection
Returns:
true to indicate interest in further reads, false otherwise

onClose

public void onClose()
Description copied from interface: Connection
Called after the connection is closed

Specified by:
onClose in interface Connection

onIdleExpired

public void onIdleExpired(long idleForMs)
Description copied from interface: Connection
Called when the connection idle timeout expires

Specified by:
onIdleExpired in interface Connection
Overrides:
onIdleExpired in class AbstractConnection
Parameters:
idleForMs - how long the connection has been idle
See Also:
Connection.isIdle()

onInputShutdown

public void onInputShutdown()
                     throws java.io.IOException
Specified by:
onInputShutdown in interface AsyncConnection
Throws:
java.io.IOException

getSslEndPoint

public AsyncEndPoint getSslEndPoint()

toString

public java.lang.String toString()
Overrides:
toString in class AbstractConnection


Copyright © 2013. All Rights Reserved.