2 * Copyright (c) 2013 Pantheon Technologies s.r.o. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.openflowjava.protocol.impl.core;
11 import io.netty.buffer.ByteBuf;
12 import io.netty.channel.ChannelHandlerContext;
13 import io.netty.channel.ChannelPipeline;
14 import io.netty.handler.codec.ByteToMessageDecoder;
15 import io.netty.handler.ssl.SslHandler;
17 import java.util.List;
19 import javax.net.ssl.SSLEngine;
21 import org.slf4j.Logger;
22 import org.slf4j.LoggerFactory;
23 import org.opendaylight.openflowjava.protocol.impl.connection.ConnectionFacade;
24 import org.opendaylight.openflowjava.protocol.impl.core.TcpHandler.COMPONENT_NAMES;
25 import org.opendaylight.openflowjava.protocol.impl.util.ByteBufUtils;
28 * Class for detecting TLS encrypted connection. If TLS encrypted connection is detected,
29 * TLSDetector engages SSLHandler and OFFrameDecoder into pipeline else it engages only
32 * @author michal.polkorab
34 public class TlsDetector extends ByteToMessageDecoder {
36 private boolean detectSsl;
37 private static final Logger LOGGER = LoggerFactory
38 .getLogger(TlsDetector.class);
40 private ConnectionFacade connectionFacade;
43 * Constructor of class
45 public TlsDetector() {
46 LOGGER.debug("Creating TLS Detector");
51 public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
52 LOGGER.warn("Unexpected exception from downstream.",
57 private boolean isSsl(ByteBuf bb) {
59 LOGGER.info("Testing connection for TLS");
60 return SslHandler.isEncrypted(bb);
65 private static void enableSsl(ChannelHandlerContext ctx) {
66 if (ctx.pipeline().get(COMPONENT_NAMES.SSL_HANDLER.name()) == null) {
67 LOGGER.info("Engaging TLS handler");
68 ChannelPipeline p = ctx.channel().pipeline();
69 SSLEngine engine = SslContextFactory.getServerContext()
71 engine.setUseClientMode(false);
72 p.addAfter(COMPONENT_NAMES.TLS_DETECTOR.name(), COMPONENT_NAMES.SSL_HANDLER.name(),
73 new SslHandler(engine));
78 protected void decode(ChannelHandlerContext ctx, ByteBuf bb,
79 List<Object> list) throws Exception {
80 if (bb.readableBytes() < 5) {
83 if (LOGGER.isDebugEnabled()) {
84 LOGGER.debug(ByteBufUtils.byteBufToHexString(bb));
87 LOGGER.info("Connection is encrypted");
90 LOGGER.info("Connection is not encrypted");
93 if (connectionFacade != null) {
94 LOGGER.debug("Firing onConnectionReady notification");
95 connectionFacade.fireConnectionReadyNotification();
98 ctx.pipeline().remove(COMPONENT_NAMES.TLS_DETECTOR.name());
102 * @param connectionFacade the connectionFacade to set
104 public void setConnectionFacade(ConnectionFacade connectionFacade) {
105 this.connectionFacade = connectionFacade;