MCPcopy Create free account
hub / github.com/apache/cloudstack / doHandshakeWrap

Method doHandshakeWrap

utils/src/main/java/com/cloud/utils/nio/Link.java:540–593  ·  view source on GitHub ↗
(final SocketChannel socketChannel, final SSLEngine sslEngine,
                                           ByteBuffer myAppData, ByteBuffer myNetData, ByteBuffer peerNetData,
                                           final int netBufferSize)

Source from the content-addressed store, hash-verified

538 }
539
540 private static HandshakeHolder doHandshakeWrap(final SocketChannel socketChannel, final SSLEngine sslEngine,
541 ByteBuffer myAppData, ByteBuffer myNetData, ByteBuffer peerNetData,
542 final int netBufferSize) throws IOException {
543 if (socketChannel == null || sslEngine == null || myNetData == null || peerNetData == null
544 || myAppData == null || netBufferSize < 0) {
545 return new HandshakeHolder(myAppData, myNetData, false);
546 }
547 myNetData.clear();
548 SSLEngineResult result = null;
549 try {
550 result = sslEngine.wrap(myAppData, myNetData);
551 } catch (final SSLException sslException) {
552 LOGGER.error(String.format("SSL error caught during wrap data: %s, for local address=%s, remote address=%s.",
553 sslException.getMessage(), socketChannel.getLocalAddress(), socketChannel.getRemoteAddress()));
554 sslEngine.closeOutbound();
555 return new HandshakeHolder(myAppData, myNetData, true);
556 }
557 if (result == null) {
558 return new HandshakeHolder(myAppData, myNetData, false);
559 }
560 switch (result.getStatus()) {
561 case OK :
562 myNetData.flip();
563 while (myNetData.hasRemaining()) {
564 socketChannel.write(myNetData);
565 }
566 break;
567 case BUFFER_OVERFLOW:
568 // Will occur if there is not enough space in myNetData buffer to write all the data
569 // that would be generated by the method wrap. Since myNetData is set to session's packet
570 // size we should not get to this point because SSLEngine is supposed to produce messages
571 // smaller or equal to that, but a general handling would be the following:
572 myNetData = enlargeBuffer(myNetData, netBufferSize);
573 break;
574 case BUFFER_UNDERFLOW:
575 throw new SSLException("Buffer underflow occurred after a wrap. We should not reach here.");
576 case CLOSED:
577 try {
578 myNetData.flip();
579 while (myNetData.hasRemaining()) {
580 socketChannel.write(myNetData);
581 }
582 // At this point the handshake status will probably be NEED_UNWRAP
583 // so we make sure that peerNetData is clear to read.
584 peerNetData.clear();
585 } catch (Exception e) {
586 LOGGER.error("Failed to send server's CLOSE message due to socket channel's failure.");
587 }
588 break;
589 default:
590 throw new IllegalStateException("Invalid SSL status: " + result.getStatus());
591 }
592 return new HandshakeHolder(myAppData, myNetData, true);
593 }
594
595 public static boolean doHandshake(final SocketChannel socketChannel, final SSLEngine sslEngine) throws IOException {
596 return doHandshake(socketChannel, sslEngine, null);

Callers 1

doHandshakeMethod · 0.95

Calls 8

enlargeBufferMethod · 0.95
formatMethod · 0.80
flipMethod · 0.80
clearMethod · 0.65
getStatusMethod · 0.65
writeMethod · 0.65
errorMethod · 0.45
getMessageMethod · 0.45

Tested by

no test coverage detected