📄 tlstransport.java
字号:
/* * * $Id: TlsTransport.java,v 1.57 2006/03/01 23:14:27 bondolo Exp $ * * Copyright (c) 2001 Sun Microsystems, Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by the * Sun Microsystems, Inc. for Project JXTA." * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * * 4. The names "Sun", "Sun Microsystems, Inc.", "JXTA" and "Project JXTA" * must not be used to endorse or promote products derived from this * software without prior written permission. For written * permission, please contact Project JXTA at http://www.jxta.org. * * 5. Products derived from this software may not be called "JXTA", * nor may "JXTA" appear in their name, without prior written * permission of Sun. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL SUN MICROSYSTEMS OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of Project JXTA. For more * information on Project JXTA, please see * <http://www.jxta.org/>. * * This license is based on the BSD license adopted by the Apache Foundation. */package net.jxta.impl.endpoint.tls;import java.beans.PropertyChangeEvent;import java.beans.PropertyChangeListener;import java.io.ByteArrayInputStream;import java.net.URI;import java.security.PrivateKey;import java.security.cert.X509Certificate;import java.util.Collections;import java.util.Enumeration;import java.util.Iterator;import java.util.ResourceBundle;import javax.security.auth.x500.X500Principal;import java.io.IOException;import java.net.URISyntaxException;import java.security.InvalidKeyException;import java.security.KeyStoreException;import java.security.SignatureException;import java.util.MissingResourceException;import org.apache.log4j.Level;import org.apache.log4j.Logger;import net.jxta.credential.AuthenticationCredential;import net.jxta.document.Advertisement;import net.jxta.endpoint.EndpointAddress;import net.jxta.endpoint.EndpointService;import net.jxta.endpoint.Message;import net.jxta.endpoint.MessageReceiver;import net.jxta.endpoint.MessageSender;import net.jxta.endpoint.Messenger;import net.jxta.id.ID;import net.jxta.id.IDFactory;import net.jxta.membership.MembershipService;import net.jxta.peer.PeerID;import net.jxta.peergroup.PeerGroup;import net.jxta.platform.Module;import net.jxta.protocol.ModuleImplAdvertisement;import net.jxta.exception.PeerGroupException;import net.jxta.impl.endpoint.LoopbackMessenger;import net.jxta.impl.membership.pse.PSECredential;import net.jxta.impl.membership.pse.PSEMembershipService;import net.jxta.impl.membership.pse.PSEUtils;import net.jxta.impl.membership.pse.StringAuthenticator;import net.jxta.impl.membership.pse.PSEUtils.IssuerInfo;import net.jxta.impl.util.TimeUtils;/** * A JXTA {@link net.jxta.endpoint.MessageTransport} implementation which * uses TLS sockets. */public class TlsTransport implements Module, MessageSender, MessageReceiver { /** * Log4J Logger */ private static final Logger LOG = Logger.getLogger(TlsTransport.class.getName()); /** * If true then we can accept incoming connections. Eventually this should * be coming out of the transport advertisement. */ static final boolean ACT_AS_SERVER = true; private PeerGroup group = null; ID assignedID = null; ModuleImplAdvertisement implAdvertisement = null; EndpointService endpoint = null; PSEMembershipService membership = null; private membershipPCL membershipListener = null; X509Certificate [] serviceCert = null; PSECredential credential = null; private credentialPCL credentialListener = null; EndpointAddress localPeerAddr = null; EndpointAddress localTlsPeerAddr = null; /** * local peerID */ PeerID localPeerId = null; /** * Amount of a connection must be idle before a reconnection attempt will * be considered. */ long MIN_IDLE_RECONNECT = 1 * TimeUtils.AMINUTE; /** * Amount of time after which a connection is considered idle and may be * scavenged. */ long CONNECTION_IDLE_TIMEOUT = 5 * TimeUtils.AMINUTE; /** * Amount if time which retries may remain queued for retrasmission. If * still unACKed after this amount of time then the connection is * considered dead. */ long RETRMAXAGE = 2 * TimeUtils.AMINUTE; /** * Will manage connections to remote peers. */ private TlsManager manager = null; /** * This is the thread group into which we will place all of the threads * we create. THIS HAS NO EFFECT ON SCHEDULING. Java thread groups are * only for organization and naming. */ ThreadGroup myThreadGroup = null; /** * Extends LoopbackMessenger to add a message property to passed messages * so that TLS pipes and other users can be sure that the message * originate with the local TLS transport. */ class TlsLoopbackMessenger extends LoopbackMessenger { TlsLoopbackMessenger(EndpointService ep, EndpointAddress src, EndpointAddress dest, EndpointAddress logicalDest) { super(ep, src, dest, logicalDest); } /** * {@inheritDoc} **/ public boolean sendMessageBImpl(Message message, String service, String serviceParam) throws IOException { // add a property to the message to indicate it came from us. message.setMessageProperty(TlsTransport.class, TlsTransport.this); return super.sendMessageBImpl(message, service, serviceParam); } } /** * Default constructor **/ public TlsTransport() { // initialize connection timeout try { ResourceBundle jxtaRsrcs = ResourceBundle.getBundle("net.jxta.user"); try { String override_str = jxtaRsrcs.getString("impl.endpoint.tls.connection.idletimeout"); if (null != override_str) { long override_long = Long.parseLong(override_str.trim()); if (override_long >= 1) { CONNECTION_IDLE_TIMEOUT = override_long * TimeUtils.AMINUTE; if (LOG.isEnabledFor(Level.INFO)) { LOG.info("Adjusting TLS connection idle timeout to " + CONNECTION_IDLE_TIMEOUT + " millis."); } } } } catch (NumberFormatException badvalue) { ; } try { String override_str = jxtaRsrcs.getString("impl.endpoint.tls.connection.minidlereconnect"); if (null != override_str) { long override_long = Long.parseLong(override_str.trim()); if (override_long >= 1) { MIN_IDLE_RECONNECT = override_long * TimeUtils.AMINUTE; if (LOG.isEnabledFor(Level.INFO)) { LOG.info("Adjusting TLS min reconnection idle to " + MIN_IDLE_RECONNECT + " millis."); } } } } catch (NumberFormatException badvalue) { ; } try { String override_str = jxtaRsrcs.getString("impl.endpoint.tls.connection.maxretryage"); if (null != override_str) { long override_long = Long.parseLong(override_str.trim()); if (override_long >= 1) { RETRMAXAGE = override_long * TimeUtils.AMINUTE; if (LOG.isEnabledFor(Level.INFO)) { LOG.info("Adjusting TLS maximum retry queue age to " + RETRMAXAGE + " millis."); } } } } catch (NumberFormatException badvalue) { ; } // reconnect must be less the idle interval. MIN_IDLE_RECONNECT = Math.min(MIN_IDLE_RECONNECT, CONNECTION_IDLE_TIMEOUT); // max retry queue age must be less the idle interval. RETRMAXAGE = Math.min(RETRMAXAGE, CONNECTION_IDLE_TIMEOUT); } catch (MissingResourceException notthere) { ; } } /** * {@inheritDoc} */ public boolean equals(Object target) { if (this == target) { return true; } if (null == target) { return false; } if (target instanceof TlsTransport) { TlsTransport likeMe = (TlsTransport) target; if (!getProtocolName().equals(likeMe.getProtocolName())) { return false; } return localTlsPeerAddr.equals(likeMe.localTlsPeerAddr); } return false; } /** * {@inheritDoc} */ PeerGroup getPeerGroup() { return group; } /** * {@inheritDoc} */ public void init(PeerGroup group, ID assignedID, Advertisement impl) throws PeerGroupException { this.group = group; this.assignedID = assignedID; this.implAdvertisement = (ModuleImplAdvertisement) impl; localPeerId = group.getPeerID(); localPeerAddr = mkAddress(group.getPeerID(), null, null); localTlsPeerAddr = new EndpointAddress(JTlsDefs.tlsPName, localPeerId.getUniqueValue().toString(), null, null); myThreadGroup = new ThreadGroup(group.getHomeThreadGroup(), "TLSTransport " + localTlsPeerAddr); if (LOG.isEnabledFor(Level.INFO)) { StringBuffer configInfo = new StringBuffer("Configuring TLS Transport : " + assignedID); if( null != implAdvertisement ) { configInfo.append("\n\tImplementation:"); configInfo.append("\n\t\tModule Spec ID: " + implAdvertisement.getModuleSpecID()); configInfo.append("\n\t\tImpl Description : " + implAdvertisement.getDescription()); configInfo.append("\n\t\tImpl URI : " + implAdvertisement.getUri()); configInfo.append("\n\t\tImpl Code : " + implAdvertisement.getCode()); } configInfo.append("\n\tGroup Params:"); configInfo.append("\n\t\tGroup: " + group.getPeerGroupName()); configInfo.append("\n\t\tGroup ID: " + group.getPeerGroupID()); configInfo.append("\n\t\tPeer ID: " + group.getPeerID()); configInfo.append("\n\tConfiguration :"); configInfo.append("\n\t\tProtocol: " + JTlsDefs.tlsPName); configInfo.append("\n\t\tOutgoing Connections Enabled: " + Boolean.TRUE); configInfo.append("\n\t\tIncoming Connections Enabled: " + ACT_AS_SERVER); configInfo.append("\n\t\tMinimum idle for reconnect : " + MIN_IDLE_RECONNECT + " millis"); configInfo.append("\n\t\tConnection idle timeout : " + CONNECTION_IDLE_TIMEOUT + " millis"); configInfo.append("\n\t\tRetry queue maximum age : " + RETRMAXAGE + " millis"); configInfo.append("\n\t\tPeerID : " + localPeerId); configInfo.append("\n\t\tRoute through : " + localPeerAddr); configInfo.append("\n\t\tPublic Address : " + localTlsPeerAddr); LOG.info(configInfo); } } /** * {@inheritDoc} */ public synchronized int startApp(String[] args) { endpoint = group.getEndpointService(); if (null == endpoint) { if (LOG.isEnabledFor(Level.WARN)) { LOG.warn("Stalled until there is an endpoint service"); } return START_AGAIN_STALLED; } MembershipService groupMembership = group.getMembershipService(); if (null == groupMembership) { if (LOG.isEnabledFor(Level.WARN)) { LOG.warn("Stalled until there is a membership service"); } return START_AGAIN_STALLED; } if (endpoint.addMessageTransport(this) == null) { if (LOG.isEnabledFor(Level.ERROR)) { LOG.error("Transport registration refused"); } return -1; } if (!(groupMembership instanceof PSEMembershipService)) { if (LOG.isEnabledFor(Level.ERROR)) { LOG.error("TLS Transport requires PSE Membership Service"); } return -1; } ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -