Author: philharveyonline Date: Mon Dec 17 15:52:33 2012 New Revision: 1422986
URL: http://svn.apache.org/viewvc?rev=1422986&view=rev Log: PROTON-136: moved proton-j SSLDomain's createSSLEngine method from public interface in proton-api into implementation class. Added: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngine.java qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngineProvider.java Removed: qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/SslEngineFacade.java Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/SslDomain.java qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/Transport.java qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/TransportImpl.java qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/DefaultSslEngineFacade.java qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SimpleSslTransportWrapper.java qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslImpl.java qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/test/java/org/apache/qpid/proton/engine/impl/ssl/CapitalisingDummySslEngine.java Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/SslDomain.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/SslDomain.java?rev=1422986&r1=1422985&r2=1422986&view=diff ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/SslDomain.java (original) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/SslDomain.java Mon Dec 17 15:52:33 2012 @@ -132,11 +132,4 @@ public interface SslDomain void allowUnsecuredClient(boolean allowUnsecured); boolean allowUnsecuredClient(); - - /** - * Returns an SSL engine. Only intended to be used inside {@link Transport#ssl(SslDomain, SslPeerDetailsImpl)}. - * - * @param sslPeerDetails the details of the remote peer. If non-null, may be used to assist SSL session resumption. - */ - SslEngineFacade createSslEngine(SslPeerDetails sslPeerDetails); } Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/Transport.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/Transport.java?rev=1422986&r1=1422985&r2=1422986&view=diff ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/Transport.java (original) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton-api/src/main/java/org/apache/qpid/proton/engine/Transport.java Mon Dec 17 15:52:33 2012 @@ -62,6 +62,7 @@ public interface Transport extends Endpo /** * Wrap this transport's output and input to apply SSL encryption and decryption respectively. * + * @param sslDomain the SSL settings to use * @param sslPeerDetails may be null, in which case SSL session resume will not be attempted * @return an {@link Ssl} object representing the SSL session. */ Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/TransportImpl.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/TransportImpl.java?rev=1422986&r1=1422985&r2=1422986&view=diff ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/TransportImpl.java (original) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/TransportImpl.java Mon Dec 17 15:52:33 2012 @@ -38,6 +38,7 @@ import org.apache.qpid.proton.engine.Ssl import org.apache.qpid.proton.engine.SslPeerDetails; import org.apache.qpid.proton.engine.Transport; import org.apache.qpid.proton.engine.TransportException; +import org.apache.qpid.proton.engine.impl.ssl.ProtonSslEngineProvider; import org.apache.qpid.proton.engine.impl.ssl.SslImpl; import org.apache.qpid.proton.framing.TransportFrame; import org.apache.qpid.proton.amqp.transport.Attach; @@ -240,6 +241,13 @@ public class TransportImpl extends Endpo } + /** + * {@inheritDoc} + * + * <p>Note that sslDomain must implement {@link ProtonSslEngineProvider}. This is not possible + * enforce at the API level because {@link ProtonSslEngineProvider} is not part of the + * public Proton API.</p> + */ @Override public Ssl ssl(SslDomain sslDomain, SslPeerDetails sslPeerDetails) { Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/DefaultSslEngineFacade.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/DefaultSslEngineFacade.java?rev=1422986&r1=1422985&r2=1422986&view=diff ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/DefaultSslEngineFacade.java (original) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/DefaultSslEngineFacade.java Mon Dec 17 15:52:33 2012 @@ -26,9 +26,8 @@ import javax.net.ssl.SSLEngineResult; import javax.net.ssl.SSLEngineResult.HandshakeStatus; import javax.net.ssl.SSLException; -import org.apache.qpid.proton.engine.SslEngineFacade; -class DefaultSslEngineFacade implements SslEngineFacade +class DefaultSslEngineFacade implements ProtonSslEngine { private final SSLEngine _sslEngine; Added: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngine.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngine.java?rev=1422986&view=auto ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngine.java (added) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngine.java Mon Dec 17 15:52:33 2012 @@ -0,0 +1,64 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.qpid.proton.engine.impl.ssl; + +import java.nio.ByteBuffer; + +import javax.net.ssl.SSLEngine; +import javax.net.ssl.SSLEngineResult; +import javax.net.ssl.SSLEngineResult.HandshakeStatus; +import javax.net.ssl.SSLEngineResult.Status; +import javax.net.ssl.SSLException; + +/** + * Thin wrapper around an {@link SSLEngine}. + */ +public interface ProtonSslEngine +{ + /** + * @see SSLEngine#wrap(ByteBuffer, ByteBuffer) + * + * Note that wrap really does write <em>one</em> packet worth of data to the + * dst byte buffer. If dst byte buffer is insufficiently large the + * pointers within both src and dst are unchanged and the bytesConsumed and + * bytesProduced on the returned result are zero. + */ + SSLEngineResult wrap(ByteBuffer src, ByteBuffer dst) throws SSLException; + + /** + * @see SSLEngine#unwrap(ByteBuffer, ByteBuffer) + * + * Note that unwrap does read exactly one packet of encoded data from src + * and write to dst. If src contains insufficient bytes to read a complete + * packet {@link Status#BUFFER_UNDERFLOW} occurs. If underflow occurs the + * pointers within both src and dst are unchanged and the bytesConsumed and + * bytesProduced on the returned result are zero. + */ + SSLEngineResult unwrap(ByteBuffer src, ByteBuffer dst) throws SSLException; + + Runnable getDelegatedTask(); + HandshakeStatus getHandshakeStatus(); + + int getApplicationBufferSize(); + int getPacketBufferSize(); + String getCipherSuite(); + String getProtocol(); + boolean getUseClientMode(); +} Added: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngineProvider.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngineProvider.java?rev=1422986&view=auto ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngineProvider.java (added) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/ProtonSslEngineProvider.java Mon Dec 17 15:52:33 2012 @@ -0,0 +1,31 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.qpid.proton.engine.impl.ssl; + +import org.apache.qpid.proton.engine.SslPeerDetails; + +public interface ProtonSslEngineProvider +{ + /** + * Returns an SSL engine. + * + * @param sslPeerDetails the details of the remote peer. If non-null, may be used to assist SSL session resumption. + */ + public ProtonSslEngine createSslEngine(SslPeerDetails peerDetails); +} Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SimpleSslTransportWrapper.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SimpleSslTransportWrapper.java?rev=1422986&r1=1422985&r2=1422986&view=diff ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SimpleSslTransportWrapper.java (original) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SimpleSslTransportWrapper.java Mon Dec 17 15:52:33 2012 @@ -31,7 +31,6 @@ import javax.net.ssl.SSLEngineResult.Sta import javax.net.ssl.SSLException; import javax.net.ssl.SSLSession; -import org.apache.qpid.proton.engine.SslEngineFacade; import org.apache.qpid.proton.engine.TransportException; import org.apache.qpid.proton.engine.impl.TransportInput; import org.apache.qpid.proton.engine.impl.TransportOutput; @@ -55,7 +54,7 @@ public class SimpleSslTransportWrapper i private final TransportInput _underlyingInput; private final TransportOutput _underlyingOutput; - private SslEngineFacade _sslEngine; + private ProtonSslEngine _sslEngine; /** Used by {@link #output(byte[], int, int)}. Acts as a buffer for the output from underlyingOutput */ private ByteHolder _clearOutputHolder; @@ -75,7 +74,7 @@ public class SimpleSslTransportWrapper i /** could change during the lifetime of the ssl connection owing to renegotiation. */ private String _protocolName; - SimpleSslTransportWrapper(SslEngineFacade sslEngine, TransportInput underlyingInput, TransportOutput underlyingOutput) + SimpleSslTransportWrapper(ProtonSslEngine sslEngine, TransportInput underlyingInput, TransportOutput underlyingOutput) { _underlyingInput = underlyingInput; _underlyingOutput = underlyingOutput; Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java?rev=1422986&r1=1422985&r2=1422986&view=diff ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java (original) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslDomainImpl.java Mon Dec 17 15:52:33 2012 @@ -19,10 +19,9 @@ package org.apache.qpid.proton.engine.impl.ssl; import org.apache.qpid.proton.engine.SslDomain; -import org.apache.qpid.proton.engine.SslEngineFacade; import org.apache.qpid.proton.engine.SslPeerDetails; -public class SslDomainImpl implements SslDomain +public class SslDomainImpl implements SslDomain, ProtonSslEngineProvider { private Mode _mode; private VerifyMode _verifyMode = VerifyMode.ANONYMOUS_PEER; @@ -114,7 +113,7 @@ public class SslDomainImpl implements Ss } @Override - public SslEngineFacade createSslEngine(SslPeerDetails peerDetails) + public ProtonSslEngine createSslEngine(SslPeerDetails peerDetails) { return _sslEngineFacadeFactory.createProtonSslEngine(this, peerDetails); } Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java?rev=1422986&r1=1422985&r2=1422986&view=diff ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java (original) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslEngineFacadeFactory.java Mon Dec 17 15:52:33 2012 @@ -47,7 +47,6 @@ import javax.net.ssl.TrustManagerFactory import javax.net.ssl.X509TrustManager; import org.apache.qpid.proton.engine.SslDomain; -import org.apache.qpid.proton.engine.SslEngineFacade; import org.apache.qpid.proton.engine.SslPeerDetails; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.bouncycastle.openssl.PEMException; @@ -86,12 +85,12 @@ public class SslEngineFacadeFactory /** - * Returns a {@link SslEngineFacade}. May cache the domain's settings so callers should invoke + * Returns a {@link ProtonSslEngine}. May cache the domain's settings so callers should invoke * {@link #resetCache()} if the domain changes. * * @param peerDetails may be used to return an engine that supports SSL resume. */ - public SslEngineFacade createProtonSslEngine(SslDomain domain, SslPeerDetails peerDetails) + public ProtonSslEngine createProtonSslEngine(SslDomain domain, SslPeerDetails peerDetails) { SSLEngine engine = createAndInitialiseSslEngine(domain, peerDetails); if(_logger.isLoggable(Level.FINE)) Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslImpl.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslImpl.java?rev=1422986&r1=1422985&r2=1422986&view=diff ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslImpl.java (original) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/main/java/org/apache/qpid/proton/engine/impl/ssl/SslImpl.java Mon Dec 17 15:52:33 2012 @@ -33,12 +33,19 @@ public class SslImpl implements Ssl private SslTransportWrapper _unsecureClientAwareTransportWrapper; private final SslDomain _domain; + private final ProtonSslEngineProvider _protonSslEngineProvider; private final SslPeerDetails _peerDetails; + /** + * @param sslDomain must implement {@link ProtonSslEngineProvider}. This is not possible + * enforce at the API level because {@link ProtonSslEngineProvider} is not part of the + * public Proton API.</p> + */ public SslImpl(SslDomain domain, SslPeerDetails peerDetails) { _domain = domain; + _protonSslEngineProvider = (ProtonSslEngineProvider)domain; _peerDetails = peerDetails; } @@ -132,7 +139,11 @@ public class SslImpl implements Ssl { if (_transportWrapper == null) { - SslTransportWrapper sslTransportWrapper = new SimpleSslTransportWrapper(_domain.createSslEngine(_peerDetails), _inputProcessor, _outputProcessor); + SslTransportWrapper sslTransportWrapper = new SimpleSslTransportWrapper( + _protonSslEngineProvider.createSslEngine(_peerDetails), + _inputProcessor, + _outputProcessor); + if (_domain.allowUnsecuredClient()) { TransportWrapper plainTransportWrapper = new PlainTransportWrapper(_outputProcessor, _inputProcessor); Modified: qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/test/java/org/apache/qpid/proton/engine/impl/ssl/CapitalisingDummySslEngine.java URL: http://svn.apache.org/viewvc/qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/test/java/org/apache/qpid/proton/engine/impl/ssl/CapitalisingDummySslEngine.java?rev=1422986&r1=1422985&r2=1422986&view=diff ============================================================================== --- qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/test/java/org/apache/qpid/proton/engine/impl/ssl/CapitalisingDummySslEngine.java (original) +++ qpid/proton/branches/kgiusti-proton-136/proton-j/proton/src/test/java/org/apache/qpid/proton/engine/impl/ssl/CapitalisingDummySslEngine.java Mon Dec 17 15:52:33 2012 @@ -30,7 +30,6 @@ import javax.net.ssl.SSLEngineResult.Han import javax.net.ssl.SSLEngineResult.Status; import javax.net.ssl.SSLException; -import org.apache.qpid.proton.engine.SslEngineFacade; /** @@ -39,7 +38,7 @@ import org.apache.qpid.proton.engine.Ssl * * Using a true SSLEngine for this would be impractical. */ -public class CapitalisingDummySslEngine implements SslEngineFacade +public class CapitalisingDummySslEngine implements ProtonSslEngine { static final int SHORT_ENCODED_CHUNK_SIZE = 2; private static final int MAX_ENCODED_CHUNK_SIZE = 5; --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org
