import java.net.InetAddress;
import java.util.Collection;
+import io.netty.handler.ssl.SslContext;
/**
* OvsDBConnection Interface provides OVSDB connection management APIs which includes
* @param port Layer 4 port on which the remote ovsdb server is listening on.
* @return OvsDBClient The primary Client interface for the ovsdb connection.
*/
- public OvsdbClient connect(InetAddress address, int port);
+ public OvsdbClient connect(final InetAddress address, final int port);
+
+ /**
+ * connect API can be used by the applications to initiate Active ssl
+ * connection from the controller towards ovsdb-server
+ * @param address IP Address of the remote server that hosts the ovsdb server.
+ * @param port Layer 4 port on which the remote ovsdb server is listening on.
+ * @param sslContext Netty sslContext for channel configuration
+ * @return OvsDBClient The primary Client interface for the ovsdb connection.
+ */
+ public OvsdbClient connectWithSsl(final InetAddress address, final int port,
+ final SslContext sslContext);
/**
* Method to disconnect an existing connection.
*/
public boolean startOvsdbManager(final int ovsdbListenPort);
+ /**
+ * Method to start ovsdb server for passive connection with SSL
+ */
+ public boolean startOvsdbManagerWithSsl(final int ovsdbListenPort,
+ final SslContext sslContext);
+
/**
* Method to register a Passive Connection Listener with the ConnectionService.
* @param listener Passive Connection listener interested in Passive OVSDB connection requests.
import io.netty.handler.logging.LogLevel;
import io.netty.handler.logging.LoggingHandler;
import io.netty.util.CharsetUtil;
+import io.netty.handler.ssl.SslContext;
import java.net.InetAddress;
import java.util.Collection;
return connectionService;
}
@Override
- public OvsdbClient connect(InetAddress address, int port) {
+ public OvsdbClient connect(final InetAddress address, final int port) {
+ return connectWithSsl(address, port, null /* SslContext */);
+ }
+ @Override
+ public OvsdbClient connectWithSsl(final InetAddress address, final int port,
+ final SslContext sslContext) {
try {
Bootstrap bootstrap = new Bootstrap();
bootstrap.group(new NioEventLoopGroup());
bootstrap.handler(new ChannelInitializer<SocketChannel>() {
@Override
public void initChannel(SocketChannel channel) throws Exception {
+ if (sslContext != null) {
+ /* First add ssl handler if ssl context is given */
+ channel.pipeline().addLast(sslContext.newHandler(channel.alloc(),
+ address.toString(), port));
+ }
channel.pipeline().addLast(
//new LoggingHandler(LogLevel.INFO),
new JsonRpcDecoder(100000),
}
/**
- * OVSDB Passive listening thread that uses Netty ServerBootstrap to open passive connection
- * and handle channel callbacks.
+ * Method that initiates the Passive OVSDB channel listening functionality
+ * with ssl.By default the ovsdb passive connection will listen in port
+ * 6640 which can be overridden using the ovsdb.listenPort system property.
+ */
+ @Override
+ synchronized
+ public boolean startOvsdbManagerWithSsl(final int ovsdbListenPort,
+ final SslContext sslContext) {
+ if (!singletonCreated) {
+ new Thread() {
+ @Override
+ public void run() {
+ ovsdbManagerWithSsl(ovsdbListenPort, sslContext);
+ }
+ }.start();
+ singletonCreated = true;
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ /**
+ * OVSDB Passive listening thread that uses Netty ServerBootstrap to open
+ * passive connection handle channel callbacks.
*/
private static void ovsdbManager(int port) {
+ ovsdbManagerWithSsl(port, null /* SslContext */);
+ }
+
+ /**
+ * OVSDB Passive listening thread that uses Netty ServerBootstrap to open
+ * passive connection with Ssl and handle channel callbacks.
+ */
+ private static void ovsdbManagerWithSsl(int port, final SslContext sslContext) {
EventLoopGroup bossGroup = new NioEventLoopGroup();
EventLoopGroup workerGroup = new NioEventLoopGroup();
try {
@Override
public void initChannel(SocketChannel channel) throws Exception {
logger.debug("New Passive channel created : "+ channel.toString());
+ if (sslContext != null) {
+ /* Add SSL handler first if SSL context is provided */
+ channel.pipeline().addLast(sslContext.newHandler(channel.alloc()));
+ }
+
channel.pipeline().addLast(
new JsonRpcDecoder(100000),
new StringEncoder(CharsetUtil.UTF_8),