tlsmanager.java

jxta_src_2.41b jxta 2.41b 最新版源码 from www.jxta.org

/************************************************************************
 *
 * $Id: TlsManager.java,v 1.37 2004/12/03 23:29:45 bondolo Exp $
 *
 * Copyright (c) 2001 Sun Microsystems, Inc.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. The end-user documentation included with the redistribution,
 *    if any, must include the following acknowledgment:
 *       "This product includes software developed by the
 *       Sun Microsystems, Inc. for Project JXTA."
 *    Alternately, this acknowledgment may appear in the software itself,
 *    if and wherever such third-party acknowledgments normally appear.
 *
 * 4. The names "Sun", "Sun Microsystems, Inc.", "JXTA" and "Project JXTA"
 *    must not be used to endorse or promote products derived from this
 *    software without prior written permission. For written
 *    permission, please contact Project JXTA at http://www.jxta.org.
 *
 * 5. Products derived from this software may not be called "JXTA",
 *    nor may "JXTA" appear in their name, without prior written
 *    permission of Sun.
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED.  IN NO EVENT SHALL SUN MICROSYSTEMS OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * ====================================================================
 *
 * This software consists of voluntary contributions made by many
 * individuals on behalf of Project JXTA.  For more
 * information on Project JXTA, please see
 * <http://www.jxta.org/>.
 *
 * This license is based on the BSD license adopted by the Apache Foundation.
 *********************************************************************************/

package net.jxta.impl.endpoint.tls;

import java.io.DataInputStream;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

import java.io.IOException;

import org.apache.log4j.Level;
import org.apache.log4j.Logger;

import net.jxta.endpoint.EndpointAddress;
import net.jxta.endpoint.EndpointListener;
import net.jxta.endpoint.Message;
import net.jxta.endpoint.MessageElement;

import net.jxta.impl.util.TimeUtils;

import net.jxta.impl.endpoint.tls.TlsConn.HandshakeState;


/**
 * Manages the connection pool between peers.
 **/
class TlsManager implements EndpointListener {
    
    /**
     *  Log4J Logger
     **/
    private final static transient Logger LOG = Logger.getLogger(TlsManager.class.getName());
    
    /**
     *  Transport we are working for.
     **/
    private TlsTransport transport = null;
    
    /**
     * Hash table for known connections
     *
     *  <ul>
     *  <li>keys are {@link String } containing {@link net.jxta.peer.PeerID#getUniqueValue() PeerID.getUniqueValue()}</li>
     *  <li>values are {@link TlsConn}<li>
     *  </ul>
     **/
    private Map connections = new HashMap();
    
    /**
     *  The last time at which we printed a warning about discarding messages
     *  due to no authentication.
     **/
    private long lastNonAuthenticatedWarning = 0;
    
    /**
     *  Standard Constructor for TLS Manager
     **/
    TlsManager(TlsTransport tp) {
        this.transport = tp;
    }
    
    /**
     *  Close this manager. This involves closing all registered connections.
     *
     **/
    void close() {
        
        if (LOG.isEnabledFor(Level.INFO)) {
            LOG.info("Shutting down all connections");
        }
        
        synchronized (connections) {
            Iterator eachConnection = connections.values().iterator();
            
            while (eachConnection.hasNext()) {
                TlsConn aConnection = (TlsConn) eachConnection.next();
                
                try {
                    aConnection.close(HandshakeState.CONNECTIONDEAD);
                } catch (IOException ignored) {
                    if (LOG.isEnabledFor(Level.INFO)) {
                        LOG.info("Non-fatal problem shutting down connection to " + aConnection);
                    }
                }
                
                eachConnection.remove();
            }
        }
    }
    
    /**
     *  Returns or creates a TLS Connection to the specified peer. If an
     *  existing connection exists, it will be returned.
     *
     *  @param dstAddr the EndpointAddress of the remote peer.
     *  @return A TLS Connection or null if the connection could not be opened.
     **/
    TlsConn getTlsConn(EndpointAddress dstAddr) {
        
        if (null == transport.credential) {
            if (LOG.isEnabledFor(Level.WARN)) {
                LOG.warn("Not authenticated. Cannot open connections.");
            }
            
            return null;
        }
        
        boolean startHandshake = false;
        
        // see if we have an existing conn, and if so, then reuse it
        // if it has not timed out.
        String paddr = dstAddr.getProtocolAddress();
        
        TlsConn conn = null;
        
        synchronized (connections) {
            conn = (TlsConn) connections.get(paddr);
            
            // remove it if it is dead
            if (null != conn) {
                if ((HandshakeState.CONNECTIONDEAD == conn.getHandshakeState()) || (HandshakeState.HANDSHAKEFAILED == conn.getHandshakeState())) {
                    if (LOG.isEnabledFor(Level.DEBUG)) {
                        LOG.debug("Removing connection for: " + paddr);
                    }
                    connections.remove(paddr);
                    conn = null;
                }
            }
            
            // create the connection info entry as needed
            if (null == conn) {
                try {
                    conn = new TlsConn(transport, dstAddr, true); // true means client
                } catch (Exception failed) {
                    if (LOG.isEnabledFor(Level.WARN)) {
                        LOG.warn("Failed making connection to " + paddr, failed);
                    }
                    
                    return null;
                }
                
                if (LOG.isEnabledFor(Level.DEBUG)) {
                    LOG.debug("Adding connection for: " + paddr);
                }
                connections.put(paddr, conn);
                startHandshake = true;
            }
        }
        
        // if we got to be the first one to start the handshake then do it here.
        // We do this outside of the synchro block so that others can enter the
        // state machine.
        if (startHandshake) {
            try {
                // OK. We are originating the connection:
                // Open the connection (returns when handshake is completed)
                // or throws an IOException if a TLS internal error occurs.
                if (LOG.isEnabledFor(Level.INFO)) {
                    LOG.info("Start of client handshake for " + paddr);
                }
                
                conn.finishHandshake();
            } catch (Throwable e) {
                if (LOG.isEnabledFor(Level.WARN)) {
                    LOG.warn("Failed making connection to " + paddr, e);
                }
                
                synchronized (connections) {
                    if (LOG.isEnabledFor(Level.DEBUG)) {
                        LOG.debug("Removing connection for: " + paddr);
                    }
                    connections.remove(paddr);
                }
                try {
                    conn.close(HandshakeState.HANDSHAKEFAILED);
                } catch (IOException ignored) {
                    ;
                }
                
                return null;
            }
        }
        
        do {
            if (LOG.isEnabledFor(Level.DEBUG)) {
                LOG.debug("getting " + conn);
            }
            
            synchronized (conn) {
                HandshakeState currentState = conn.getHandshakeState();
                
                if ((HandshakeState.SERVERSTART == currentState) || (HandshakeState.CLIENTSTART == currentState)) {
                    // wait for the handshake to get going on another thread.
                    if (LOG.isEnabledFor(Level.DEBUG)) {
                        LOG.debug("Sleeping until handshake starts for " + paddr);
                    }
                    
                    try {
                        conn.wait(TimeUtils.ASECOND);
                    } catch (InterruptedException woken) {
                        Thread.interrupted();
                    }
                    continue;
                } else if (HandshakeState.HANDSHAKESTARTED == currentState) {
                    if (LOG.isEnabledFor(Level.DEBUG)) {
                        LOG.debug("Handshake in progress for " + paddr);
                    }
                    
                    try {
                        // sleep forever waiting for the state to change.
                        conn.wait(200);
                    } catch (InterruptedException woken) {
                        Thread.interrupted();
                    }
                    continue;
                } else if (HandshakeState.HANDSHAKEFINISHED == currentState) {
                    
                    if (LOG.isEnabledFor(Level.INFO)) {
                        LOG.info("Returning active connection to " + paddr);
                    }
                    
                    conn.lastAccessed = TimeUtils.timeNow(); // update idle timer
                    
                    return conn;
                } else if (HandshakeState.HANDSHAKEFAILED == currentState) {
                    if (LOG.isEnabledFor(Level.WARN)) {
                        LOG.warn("Handshake failed. " + paddr + " unreachable");
                    }
                    
                    return null;
                } else if (HandshakeState.CONNECTIONDEAD == currentState) {
                    if (LOG.isEnabledFor(Level.WARN)) {
                        LOG.warn("Connection dead for " + paddr);
                    }
                    
                    return null;
                } else if (HandshakeState.CONNECTIONCLOSING == currentState) {
                    if (LOG.isEnabledFor(Level.WARN)) {
                        LOG.warn("Connection closing for " + paddr);
                    }
                    
                    return null;
                } else {
                    if (LOG.isEnabledFor(Level.ERROR)) {
                        LOG.error("Unhandled Handshake state: " + currentState);
                    }
                }
            }