NetworkSslServerHandler.java
/*
* This file is part of Waarp Project (named also Waarp or GG).
*
* Copyright (c) 2019, Waarp SAS, and individual contributors by the @author
* tags. See the COPYRIGHT.txt in the distribution for a full listing of
* individual contributors.
*
* All Waarp Project is free software: you can redistribute it and/or
* modify it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* Waarp is distributed in the hope that it will be useful, but WITHOUT ANY
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
* A PARTICULAR PURPOSE. See the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along with
* Waarp . If not, see <http://www.gnu.org/licenses/>.
*/
package org.waarp.openr66.protocol.networkhandler.ssl;
import io.netty.channel.Channel;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.handler.ssl.SslHandler;
import io.netty.util.concurrent.Future;
import io.netty.util.concurrent.GenericFutureListener;
import org.waarp.common.crypto.ssl.WaarpSslUtility;
import org.waarp.common.logging.WaarpLogger;
import org.waarp.common.logging.WaarpLoggerFactory;
import org.waarp.openr66.protocol.configuration.Configuration;
import org.waarp.openr66.protocol.networkhandler.NetworkServerHandler;
import org.waarp.openr66.protocol.networkhandler.NetworkTransaction;
/**
*
*/
public class NetworkSslServerHandler extends NetworkServerHandler {
/**
* Internal Logger
*/
private static final WaarpLogger logger =
WaarpLoggerFactory.getLogger(NetworkSslServerHandler.class);
/**
* @param isServer
*/
public NetworkSslServerHandler(final boolean isServer) {
super();
}
/**
* @param channel
*
* @return True if the SSL handshake is over and OK, else False
*/
public static boolean isSslConnectedChannel(final Channel channel) {
return WaarpSslUtility.waitForHandshake(channel);
}
@Override
public void channelActive(final ChannelHandlerContext ctx) throws Exception {
final Channel networkChannel = ctx.channel();
logger.debug("Add channel to ssl");
WaarpSslUtility.addSslOpenedChannel(networkChannel);
isSSL = true;
// Check first if allowed
if (NetworkTransaction.isBlacklisted(networkChannel)) {
try {
logger.warn("Connection refused since Partner is in BlackListed from " +
networkChannel.remoteAddress());
isBlackListed = true;
if (Configuration.configuration.getR66Mib() != null) {
Configuration.configuration.getR66Mib().notifyError(
"Black Listed connection temptative", "During Handshake");
}
// close immediately the connection
WaarpSslUtility.closingSslChannel(networkChannel);
return;
} finally {
ctx.read();
}
}
// Get the SslHandler in the current pipeline.
// We added it in NetworkSslServerInitializer.
final ChannelHandler handler = ctx.pipeline().first();
if (handler instanceof SslHandler) {
final SslHandler sslHandler = (SslHandler) handler;
sslHandler.handshakeFuture().addListener(
new GenericFutureListener<Future<? super Channel>>() {
@Override
public void operationComplete(
final Future<? super Channel> future) {
if (!future.isSuccess() &&
Configuration.configuration.getR66Mib() != null) {
Configuration.configuration.getR66Mib()
.notifyError("SSL Connection Error",
"During Handshake");
}
ctx.channel().config().setAutoRead(false);
}
});
} else {
logger.error("SSL Not found");
}
super.channelActive(ctx);
}
}