private SSLEngine createSSLEngine(LDAPConnectionHandlerCfg config, SSLContext sslContext)
throws DirectoryException {
try {
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(false);
final Set<String> protocols = config.getSSLProtocol();
if (!protocols.isEmpty()) {
sslEngine.setEnabledProtocols(protocols.toArray(new String[0]));
}
final Set<String> ciphers = config.getSSLCipherSuite();
if (!ciphers.isEmpty()) {
sslEngine.setEnabledCipherSuites(ciphers.toArray(new String[0]));
}
switch (config.getSSLClientAuthPolicy()) {
case DISABLED:
sslEngine.setNeedClientAuth(false);
sslEngine.setWantClientAuth(false);
break;
case REQUIRED:
sslEngine.setWantClientAuth(true);
sslEngine.setNeedClientAuth(true);
break;
case OPTIONAL:
default:
sslEngine.setNeedClientAuth(false);
sslEngine.setWantClientAuth(true);
break;
}
return sslEngine;
} catch (Exception e) {
logger.traceException(e);
ResultCode resCode = DirectoryServer.getServerErrorResultCode();
LocalizableMessage message =
ERR_CONNHANDLER_SSL_CANNOT_INITIALIZE.get(getExceptionMessage(e));
throw new DirectoryException(resCode, message, e);
}
}
/** returns a list of rdpserversockets */
Set<DatagramChannel> getActiveChannels() throws InterruptedException, java.io.IOException {
lock.lock();
try {
while (channelMap.isEmpty()) {
channelMapNotEmpty.await();
}
} finally {
lock.unlock();
}
Set<SelectionKey> readyKeys = null;
do {
lock.lock();
try {
if (!newChannelSet.isEmpty()) {
if (Log.loggingNet) Log.net("RDPServer.getActiveChannels: newChannelSet is not null");
Iterator<DatagramChannel> iter = newChannelSet.iterator();
while (iter.hasNext()) {
DatagramChannel newDC = iter.next();
iter.remove();
newDC.register(selector, SelectionKey.OP_READ);
}
}
} finally {
lock.unlock();
}
int numReady = selector.select(); // this is a blocking call - thread safe
selectCalls++;
if (numReady == 0) {
if (Log.loggingNet) Log.net("RDPServer.getActiveChannels: selector returned 0");
continue;
}
readyKeys = selector.selectedKeys();
if (Log.loggingNet)
Log.net(
"RDPServer.getActiveChannels: called select - # of ready keys = "
+ readyKeys.size()
+ " == "
+ numReady);
} while (readyKeys == null || readyKeys.isEmpty());
lock.lock();
try {
// get a datagramchannel that is ready
Set<DatagramChannel> activeChannels = new HashSet<DatagramChannel>();
Iterator<SelectionKey> iter = readyKeys.iterator();
while (iter.hasNext()) {
SelectionKey key = iter.next();
if (Log.loggingNet)
Log.net(
"RDPServer.getActiveChannels: matched selectionkey: "
+ key
+ ", isAcceptable="
+ key.isAcceptable()
+ ", isReadable="
+ key.isReadable()
+ ", isValid="
+ key.isValid()
+ ", isWritable="
+ key.isWritable());
iter.remove(); // remove from the selected key list
if (!key.isReadable() || !key.isValid()) {
Log.error(
"RDPServer.getActiveChannels: Throwing exception: RDPServer: not readable or invalid");
throw new MVRuntimeException("RDPServer: not readable or invalid");
}
DatagramChannel dc = (DatagramChannel) key.channel();
activeChannels.add(dc);
}
if (Log.loggingNet)
Log.net(
"RDPServer.getActiveChannels: returning " + activeChannels.size() + " active channels");
return activeChannels;
} finally {
lock.unlock();
}
}