View Javadoc
1   /*
2    * This file is part of Waarp Project (named also Waarp or GG).
3    *
4    *  Copyright (c) 2019, Waarp SAS, and individual contributors by the @author
5    *  tags. See the COPYRIGHT.txt in the distribution for a full listing of
6    * individual contributors.
7    *
8    *  All Waarp Project is free software: you can redistribute it and/or
9    * modify it under the terms of the GNU General Public License as published by
10   * the Free Software Foundation, either version 3 of the License, or (at your
11   * option) any later version.
12   *
13   * Waarp is distributed in the hope that it will be useful, but WITHOUT ANY
14   * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
15   * A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16   *
17   *  You should have received a copy of the GNU General Public License along with
18   * Waarp . If not, see <http://www.gnu.org/licenses/>.
19   */
20  package org.waarp.openr66.proxy.network.ssl;
21  
22  import io.netty.channel.ChannelPipeline;
23  import io.netty.channel.socket.SocketChannel;
24  import io.netty.handler.ssl.SslHandler;
25  import io.netty.handler.timeout.IdleStateHandler;
26  import io.netty.handler.traffic.ChannelTrafficShapingHandler;
27  import io.netty.handler.traffic.GlobalTrafficShapingHandler;
28  import org.waarp.openr66.protocol.networkhandler.ssl.NetworkSslServerInitializer;
29  import org.waarp.openr66.proxy.network.NetworkPacketCodec;
30  
31  import java.util.concurrent.TimeUnit;
32  
33  import static org.waarp.openr66.protocol.configuration.Configuration.*;
34  import static org.waarp.openr66.protocol.networkhandler.NetworkServerInitializer.*;
35  
36  /**
37   *
38   */
39  public class NetworkSslServerInitializerProxy
40      extends NetworkSslServerInitializer {
41    /**
42     * @param isClient True if this Factory is to be used in Client mode
43     */
44    public NetworkSslServerInitializerProxy(final boolean isClient) {
45      super(isClient);
46    }
47  
48    @Override
49    protected void initChannel(final SocketChannel ch) {
50      final ChannelPipeline pipeline = ch.pipeline();
51      // Add SSL handler first to encrypt and decrypt everything.
52      final SslHandler sslHandler;
53      if (isClient) {
54        // Not server: no clientAuthent, no renegotiation
55        sslHandler = getWaarpSslContextFactory().createHandlerClient(ch);
56      } else {
57        // Server: no renegotiation still, but possible clientAuthent
58        sslHandler = getWaarpSslContextFactory().createHandlerServer(
59            getWaarpSslContextFactory().needClientAuthentication(), ch);
60      }
61      pipeline.addLast(SSL_HANDLER, sslHandler);
62  
63      pipeline.addLast(TIMEOUT, new IdleStateHandler(true, 0, 0,
64                                                     configuration.getTimeoutCon(),
65                                                     TimeUnit.MILLISECONDS));
66      final GlobalTrafficShapingHandler handler =
67          configuration.getGlobalTrafficShapingHandler();
68      if (handler != null) {
69        pipeline.addLast(LIMITGLOBAL, handler);
70      }
71      pipeline.addLast(LIMITCHANNEL, new ChannelTrafficShapingHandler(
72          configuration.getServerChannelWriteLimit(),
73          configuration.getServerChannelReadLimit(),
74          configuration.getDelayLimit(), configuration.getTimeoutCon()));
75      pipeline.addLast(NETWORK_CODEC, new NetworkPacketCodec());
76      pipeline.addLast(configuration.getHandlerGroup(), NETWORK_HANDLER,
77                       new NetworkSslServerHandler(!isClient));
78    }
79  }