private boolean initPipeline(ChannelHandlerContext var1) {
SslHandler var2 = (SslHandler) var1.pipeline().get(SslHandler.class);
if (var2 == null) {
throw new IllegalStateException("SslHandler is needed for SPDY");
} else {
SpdyOrHttpChooser.SelectedProtocol var3 = this.getProtocol(var2.engine());
switch (SpdyOrHttpChooser.SyntheticClass_1
.$SwitchMap$io$netty$handler$codec$spdy$SpdyOrHttpChooser$SelectedProtocol[
var3.ordinal()]) {
case 1:
return false;
case 2:
this.addSpdyHandlers(var1, SpdyVersion.SPDY_3_1);
break;
case 3:
case 4:
this.addHttpHandlers(var1);
break;
default:
throw new IllegalStateException("Unknown SelectedProtocol");
}
return true;
}
}
public void testSslRenegotiationRejected(ServerBootstrap sb, Bootstrap cb) throws Throwable {
reset();
sb.childHandler(
new ChannelInitializer<Channel>() {
@Override
@SuppressWarnings("deprecation")
public void initChannel(Channel sch) throws Exception {
serverChannel = sch;
serverSslHandler = serverCtx.newHandler(sch.alloc());
sch.pipeline().addLast("ssl", serverSslHandler);
sch.pipeline().addLast("handler", serverHandler);
}
});
cb.handler(
new ChannelInitializer<Channel>() {
@Override
@SuppressWarnings("deprecation")
public void initChannel(Channel sch) throws Exception {
clientChannel = sch;
clientSslHandler = clientCtx.newHandler(sch.alloc());
sch.pipeline().addLast("ssl", clientSslHandler);
sch.pipeline().addLast("handler", clientHandler);
}
});
Channel sc = sb.bind().sync().channel();
cb.connect().sync();
Future<Channel> clientHandshakeFuture = clientSslHandler.handshakeFuture();
clientHandshakeFuture.sync();
String renegotiation = "SSL_RSA_WITH_RC4_128_SHA";
clientSslHandler.engine().setEnabledCipherSuites(new String[] {renegotiation});
clientSslHandler.renegotiate().await();
serverChannel.close().awaitUninterruptibly();
clientChannel.close().awaitUninterruptibly();
sc.close().awaitUninterruptibly();
try {
if (serverException.get() != null) {
throw serverException.get();
}
fail();
} catch (DecoderException e) {
assertTrue(e.getCause() instanceof SSLHandshakeException);
}
if (clientException.get() != null) {
throw clientException.get();
}
}
public NettyServerConnection createConnection(
final ChannelHandlerContext ctx, String protocol, boolean httpEnabled) throws Exception {
if (connectionsAllowed == -1 || connections.size() < connectionsAllowed) {
super.channelActive(ctx);
Listener connectionListener = new Listener();
NettyServerConnection nc =
new NettyServerConnection(
configuration,
ctx.channel(),
connectionListener,
!httpEnabled && batchDelay > 0,
directDeliver);
connectionListener.connectionCreated(NettyAcceptor.this, nc, protocol);
SslHandler sslHandler = ctx.pipeline().get(SslHandler.class);
if (sslHandler != null) {
sslHandler
.handshakeFuture()
.addListener(
new GenericFutureListener<io.netty.util.concurrent.Future<Channel>>() {
public void operationComplete(
final io.netty.util.concurrent.Future<Channel> future) throws Exception {
if (future.isSuccess()) {
active = true;
} else {
future.getNow().close();
}
}
});
} else {
active = true;
}
return nc;
} else {
if (ActiveMQServerLogger.LOGGER.isDebugEnabled()) {
ActiveMQServerLogger.LOGGER.debug(
new StringBuilder()
.append("Connection limit of ")
.append(connectionsAllowed)
.append(" reached. Refusing connection from ")
.append(ctx.channel().remoteAddress()));
}
throw new Exception();
}
}
protected void decode(ChannelHandlerContext context, ByteBuf buffer) throws Exception {
ChannelPipeline pipeline = context.pipeline();
if (detectSsl && SslHandler.isEncrypted(buffer)) {
SSLEngine engine = SSL_SERVER_CONTEXT.getValue().createSSLEngine();
engine.setUseClientMode(false);
pipeline.addLast(
new SslHandler(engine),
new ChunkedWriteHandler(),
new PortUnificationServerHandler(delegatingHttpRequestHandler, false, detectGzip));
} else {
int magic1 = buffer.getUnsignedByte(buffer.readerIndex());
int magic2 = buffer.getUnsignedByte(buffer.readerIndex() + 1);
if (detectGzip && magic1 == 31 && magic2 == 139) {
pipeline.addLast(
new JZlibEncoder(ZlibWrapper.GZIP),
new JdkZlibDecoder(ZlibWrapper.GZIP),
new PortUnificationServerHandler(delegatingHttpRequestHandler, detectSsl, false));
} else if (isHttp(magic1, magic2)) {
NettyUtil.initHttpHandlers(pipeline);
pipeline.addLast(delegatingHttpRequestHandler);
if (BuiltInServer.LOG.isDebugEnabled()) {
pipeline.addLast(
new ChannelOutboundHandlerAdapter() {
@Override
public void write(
ChannelHandlerContext context, Object message, ChannelPromise promise)
throws Exception {
if (message instanceof HttpResponse) {
// BuiltInServer.LOG.debug("OUT HTTP:\n" + message);
HttpResponse response = (HttpResponse) message;
BuiltInServer.LOG.debug(
"OUT HTTP: "
+ response.getStatus().code()
+ " "
+ response.headers().get("Content-type"));
}
super.write(context, message, promise);
}
});
}
} else if (magic1 == 'C' && magic2 == 'H') {
buffer.skipBytes(2);
pipeline.addLast(new CustomHandlerDelegator());
} else {
BuiltInServer.LOG.warn("unknown request, first two bytes " + magic1 + " " + magic2);
context.close();
}
}
// must be after new channels handlers addition (netty bug?)
ensureThatExceptionHandlerIsLast(pipeline);
pipeline.remove(this);
context.fireChannelRead(buffer);
}
@Override
public synchronized NetSocket upgradeToSsl(final Handler<Void> handler) {
SslHandler sslHandler = channel.pipeline().get(SslHandler.class);
if (sslHandler == null) {
sslHandler = helper.createSslHandler(vertx);
channel.pipeline().addFirst("ssl", sslHandler);
}
sslHandler
.handshakeFuture()
.addListener(
future ->
context.executeFromIO(
() -> {
if (future.isSuccess()) {
handler.handle(null);
} else {
log.error(future.cause());
}
}));
return this;
}
private void closeSSLAndChannel(SslHandler sslHandler, Channel channel) {
if (sslHandler != null) {
try {
ChannelFuture sslCloseFuture = sslHandler.close();
if (!sslCloseFuture.awaitUninterruptibly(10000)) {
ActiveMQClientLogger.LOGGER.timeoutClosingSSL();
}
} catch (Throwable t) {
// ignore
}
}
ChannelFuture closeFuture = channel.close();
if (!closeFuture.awaitUninterruptibly(10000)) {
ActiveMQClientLogger.LOGGER.timeoutClosingNettyChannel();
}
}
@Override
public void handlerAdded(ChannelHandlerContext ctx) throws Exception {
ctx.channel().config().setAutoRead(true);
super.handlerAdded(ctx);
logger.debug("Ssl Handler added: " + ctx.channel().toString());
}
