import java.util.List;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLEngine;
+import org.opendaylight.openflowjava.protocol.api.connection.TlsConfiguration;
import org.opendaylight.openflowjava.protocol.impl.core.connection.ConnectionAdapterFactory;
import org.opendaylight.openflowjava.protocol.impl.core.connection.ConnectionAdapterFactoryImpl;
import org.opendaylight.openflowjava.protocol.impl.core.connection.ConnectionFacade;
LOG.debug("Calling OF plugin: {}", getSwitchConnectionHandler());
getSwitchConnectionHandler().onSwitchConnected(connectionFacade);
connectionFacade.checkListeners();
- ch.pipeline().addLast(PipelineHandlers.IDLE_HANDLER.name(),
- new IdleHandler(getSwitchIdleTimeout(), TimeUnit.MILLISECONDS));
- boolean tlsPresent = false;
// If this channel is configured to support SSL it will only support SSL
- if (getTlsConfiguration() != null) {
- tlsPresent = true;
- final SslContextFactory sslFactory = new SslContextFactory(getTlsConfiguration());
+ final TlsConfiguration tlsConfig = getTlsConfiguration();
+ if (tlsConfig != null) {
+ final SslContextFactory sslFactory = new SslContextFactory(tlsConfig);
final SSLEngine engine = sslFactory.getServerContext().createSSLEngine();
engine.setNeedClientAuth(true);
engine.setUseClientMode(false);
List<String> suitesList = getTlsConfiguration().getCipherSuites();
if (suitesList != null && !suitesList.isEmpty()) {
LOG.debug("Requested Cipher Suites are: {}", suitesList);
- String[] suites = suitesList.toArray(new String[suitesList.size()]);
- engine.setEnabledCipherSuites(suites);
+ engine.setEnabledCipherSuites(suitesList.toArray(new String[0]));
LOG.debug("Cipher suites enabled in SSLEngine are: {}",
Arrays.toString(engine.getEnabledCipherSuites()));
}
final SslHandler ssl = new SslHandler(engine);
final Future<Channel> handshakeFuture = ssl.handshakeFuture();
final ConnectionFacade finalConnectionFacade = connectionFacade;
+ handshakeFuture.addListener(future -> finalConnectionFacade.onSwitchCertificateIdentified(
+ sslFactory.getSwitchCertificateChain()));
handshakeFuture.addListener(future -> finalConnectionFacade.fireConnectionReadyNotification());
ch.pipeline().addLast(PipelineHandlers.SSL_HANDLER.name(), ssl);
}
ch.pipeline().addLast(PipelineHandlers.OF_FRAME_DECODER.name(),
- new OFFrameDecoder(connectionFacade, tlsPresent));
+ new OFFrameDecoder(connectionFacade, tlsConfig != null));
ch.pipeline().addLast(PipelineHandlers.OF_VERSION_DETECTOR.name(), new OFVersionDetector());
final OFDecoder ofDecoder = new OFDecoder();
ofDecoder.setDeserializationFactory(getDeserializationFactory());
final OFEncoder ofEncoder = new OFEncoder();
ofEncoder.setSerializationFactory(getSerializationFactory());
ch.pipeline().addLast(PipelineHandlers.OF_ENCODER.name(), ofEncoder);
+ ch.pipeline().addLast(PipelineHandlers.IDLE_HANDLER.name(),
+ new IdleHandler(getSwitchIdleTimeout(), TimeUnit.MILLISECONDS));
ch.pipeline().addLast(PipelineHandlers.DELEGATING_INBOUND_HANDLER.name(),
new DelegatingInboundHandler(connectionFacade));
- if (!tlsPresent) {
+
+ if (tlsConfig == null) {
connectionFacade.fireConnectionReadyNotification();
}
} catch (RuntimeException e) {