SecureChatServerInitializer.java

/*
 * Copyright 2012 The Netty Project
 *
 * The Netty Project licenses this file to you under the Apache License,
 * version 2.0 (the "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at:
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */
package com.phei.netty.ssl;

import io.netty.channel.ChannelInitializer;
import io.netty.channel.ChannelPipeline;
import io.netty.channel.socket.SocketChannel;
import io.netty.handler.codec.DelimiterBasedFrameDecoder;
import io.netty.handler.codec.Delimiters;
import io.netty.handler.codec.string.StringDecoder;
import io.netty.handler.codec.string.StringEncoder;
import io.netty.handler.ssl.SslHandler;

import javax.net.ssl.SSLEngine;

/**
 * Creates a newly configured {@link ChannelPipeline} for a new channel.
 */
public class SecureChatServerInitializer extends
	ChannelInitializer<SocketChannel> {

    private String tlsMode;

    public SecureChatServerInitializer(String TLS_MODE) {
	tlsMode = TLS_MODE;
    }

    @Override
    public void initChannel(SocketChannel ch) throws Exception {
	ChannelPipeline pipeline = ch.pipeline();

	// Add SSL handler first to encrypt and decrypt everything.
	// In this example, we use a bogus certificate in the server side
	// and accept any invalid certificates in the client side.
	// You will need something more complicated to identify both
	// and server in the real world.
	//
	// Read SecureChatSslContextFactory
	// if you need client certificate authentication.

	SSLEngine engine = null;
	if (SSLMODE.CA.toString().equals(tlsMode)) {
	    engine = SecureChatSslContextFactory
		    .getServerContext(
			    tlsMode,
			    System.getProperty("user.dir")
				    + "/src/com/phei/netty/ssl/conf/client/sChat.jks",
			    null).createSSLEngine();
	} else if (SSLMODE.CSA.toString().equals(tlsMode)) {
	    engine = SecureChatSslContextFactory
		    .getServerContext(
			    tlsMode,
			    System.getProperty("user.dir")
				    + "/src/com/phei/netty/ssl/conf/twoway/sChat.jks",
			    System.getProperty("user.dir")
				    + "/src/com/phei/netty/ssl/conf/twoway/sChat.jks")
		    .createSSLEngine();

	    // engine = SecureChatSslContextFactory
	    // .getServerContext(
	    // tlsMode,
	    // System.getProperty("user.dir")
	    // + "/src/com/phei/netty/ssl/conf/client/sChat.jks",
	    // System.getProperty("user.dir")
	    // + "/src/com/phei/netty/ssl/conf/client/sChat.jks")
	    // .createSSLEngine();
	} else {
	    System.err.println("ERROR : " + tlsMode);
	    System.exit(-1);
	}
	engine.setUseClientMode(false);

	// Client auth
	if (SSLMODE.CSA.toString().equals(tlsMode))
	    engine.setNeedClientAuth(true);
	pipeline.addLast("ssl", new SslHandler(engine));

	// On top of the SSL handler, add the text line codec.
	pipeline.addLast("framer", new DelimiterBasedFrameDecoder(8192,
		Delimiters.lineDelimiter()));
	pipeline.addLast("decoder", new StringDecoder());
	pipeline.addLast("encoder", new StringEncoder());

	// and then business logic.
	pipeline.addLast("handler", new SecureChatServerHandler());
    }
}