OLD | NEW |
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 part of dart.io; | 5 part of dart.io; |
6 | 6 |
7 /** | 7 /** |
8 * The [SecureServerSocket] is a server socket, providing a stream of high-level | 8 * The [SecureServerSocket] is a server socket, providing a stream of high-level |
9 * [Socket]s. | 9 * [Socket]s. |
10 * | 10 * |
(...skipping 27 matching lines...) Expand all Loading... |
38 * The optional argument [backlog] can be used to specify the listen | 38 * The optional argument [backlog] can be used to specify the listen |
39 * backlog for the underlying OS listen setup. If [backlog] has the | 39 * backlog for the underlying OS listen setup. If [backlog] has the |
40 * value of [:0:] (the default) a reasonable value will be chosen by | 40 * value of [:0:] (the default) a reasonable value will be chosen by |
41 * the system. | 41 * the system. |
42 * | 42 * |
43 * Incoming client connections are promoted to secure connections, using | 43 * Incoming client connections are promoted to secure connections, using |
44 * the server certificate given by [certificateName]. | 44 * the server certificate given by [certificateName]. |
45 * | 45 * |
46 * [address] must be given as a numeric address, not a host name. | 46 * [address] must be given as a numeric address, not a host name. |
47 * | 47 * |
48 * [certificateName] is the nickname or the distinguished name (DN) of | |
49 * the certificate in the certificate database. It is looked up in the | |
50 * NSS certificate database set by SecureSocket.initialize. | |
51 * If [certificateName] contains "CN=", it is assumed to be a distinguished | |
52 * name. Otherwise, it is looked up as a nickname. | |
53 * | |
54 * To request or require that clients authenticate by providing an SSL (TLS) | 48 * To request or require that clients authenticate by providing an SSL (TLS) |
55 * client certificate, set the optional parameter [requestClientCertificate] | 49 * client certificate, set the optional parameter [requestClientCertificate] |
56 * or [requireClientCertificate] to true. Requiring a certificate implies | 50 * or [requireClientCertificate] to true. Requiring a certificate implies |
57 * requesting a certificate, so one doesn't need to set both to true. | 51 * requesting a certificate, so one doesn't need to set both to true. |
58 * To check whether a client certificate was received, check | 52 * To check whether a client certificate was received, check |
59 * SecureSocket.peerCertificate after connecting. If no certificate | 53 * SecureSocket.peerCertificate after connecting. If no certificate |
60 * was received, the result will be null. | 54 * was received, the result will be null. |
61 * | 55 * |
62 * The optional argument [shared] specify whether additional binds | 56 * The optional argument [shared] specify whether additional binds |
63 * to the same `address`, `port` and `v6Only` combination is | 57 * to the same `address`, `port` and `v6Only` combination is |
64 * possible from the same Dart process. If `shared` is `true` and | 58 * possible from the same Dart process. If `shared` is `true` and |
65 * additional binds are performed, then the incoming connections | 59 * additional binds are performed, then the incoming connections |
66 * will be distributed between that set of | 60 * will be distributed between that set of |
67 * `SecureServerSocket`s. One way of using this is to have number of | 61 * `SecureServerSocket`s. One way of using this is to have number of |
68 * isolates between which incoming connections are distributed. | 62 * isolates between which incoming connections are distributed. |
69 */ | 63 */ |
70 static Future<SecureServerSocket> bind( | 64 static Future<SecureServerSocket> bind( |
71 address, | 65 address, |
72 int port, | 66 int port, |
73 String certificateName, | 67 SecurityContext context, |
74 {int backlog: 0, | 68 {int backlog: 0, |
75 bool v6Only: false, | 69 bool v6Only: false, |
76 bool requestClientCertificate: false, | 70 bool requestClientCertificate: false, |
77 bool requireClientCertificate: false, | 71 bool requireClientCertificate: false, |
78 List<String> supportedProtocols, | 72 List<String> supportedProtocols, |
79 bool shared: false}) { | 73 bool shared: false}) { |
80 return RawSecureServerSocket.bind( | 74 return RawSecureServerSocket.bind( |
81 address, | 75 address, |
82 port, | 76 port, |
83 certificateName, | 77 context, |
84 backlog: backlog, | 78 backlog: backlog, |
85 v6Only: v6Only, | 79 v6Only: v6Only, |
86 requestClientCertificate: requestClientCertificate, | 80 requestClientCertificate: requestClientCertificate, |
87 requireClientCertificate: requireClientCertificate, | 81 requireClientCertificate: requireClientCertificate, |
88 supportedProtocols: supportedProtocols, | 82 supportedProtocols: supportedProtocols, |
89 shared: shared).then( | 83 shared: shared).then( |
90 (serverSocket) => new SecureServerSocket._(serverSocket)); | 84 (serverSocket) => new SecureServerSocket._(serverSocket)); |
91 } | 85 } |
92 | 86 |
93 StreamSubscription<SecureSocket> listen(void onData(SecureSocket socket), | 87 StreamSubscription<SecureSocket> listen(void onData(SecureSocket socket), |
(...skipping 27 matching lines...) Expand all Loading... |
121 } | 115 } |
122 | 116 |
123 | 117 |
124 /** | 118 /** |
125 * The RawSecureServerSocket is a server socket, providing a stream of low-level | 119 * The RawSecureServerSocket is a server socket, providing a stream of low-level |
126 * [RawSecureSocket]s. | 120 * [RawSecureSocket]s. |
127 * | 121 * |
128 * See [RawSecureSocket] for more info. | 122 * See [RawSecureSocket] for more info. |
129 */ | 123 */ |
130 class RawSecureServerSocket extends Stream<RawSecureSocket> { | 124 class RawSecureServerSocket extends Stream<RawSecureSocket> { |
131 RawServerSocket _socket; | 125 final RawServerSocket _socket; |
132 StreamController<RawSecureSocket> _controller; | 126 StreamController<RawSecureSocket> _controller; |
133 StreamSubscription<RawSocket> _subscription; | 127 StreamSubscription<RawSocket> _subscription; |
134 final String certificateName; | 128 final SecurityContext _context; |
135 final bool requestClientCertificate; | 129 final bool requestClientCertificate; |
136 final bool requireClientCertificate; | 130 final bool requireClientCertificate; |
137 final List<String> supportedProtocols; | 131 final List<String> supportedProtocols; |
138 bool _closed = false; | 132 bool _closed = false; |
139 | 133 |
140 RawSecureServerSocket._(RawServerSocket serverSocket, | 134 RawSecureServerSocket._(this._socket, |
141 this.certificateName, | 135 this._context, |
142 this.requestClientCertificate, | 136 this.requestClientCertificate, |
143 this.requireClientCertificate, | 137 this.requireClientCertificate, |
144 this.supportedProtocols) { | 138 this.supportedProtocols) { |
145 _socket = serverSocket; | |
146 _controller = new StreamController<RawSecureSocket>( | 139 _controller = new StreamController<RawSecureSocket>( |
147 sync: true, | 140 sync: true, |
148 onListen: _onSubscriptionStateChange, | 141 onListen: _onSubscriptionStateChange, |
149 onPause: _onPauseStateChange, | 142 onPause: _onPauseStateChange, |
150 onResume: _onPauseStateChange, | 143 onResume: _onPauseStateChange, |
151 onCancel: _onSubscriptionStateChange); | 144 onCancel: _onSubscriptionStateChange); |
152 } | 145 } |
153 | 146 |
154 /** | 147 /** |
155 * Returns a future for a [RawSecureServerSocket]. When the future | 148 * Returns a future for a [RawSecureServerSocket]. When the future |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
198 * to the same `address`, `port` and `v6Only` combination is | 191 * to the same `address`, `port` and `v6Only` combination is |
199 * possible from the same Dart process. If `shared` is `true` and | 192 * possible from the same Dart process. If `shared` is `true` and |
200 * additional binds are performed, then the incoming connections | 193 * additional binds are performed, then the incoming connections |
201 * will be distributed between that set of | 194 * will be distributed between that set of |
202 * `RawSecureServerSocket`s. One way of using this is to have number | 195 * `RawSecureServerSocket`s. One way of using this is to have number |
203 * of isolates between which incoming connections are distributed. | 196 * of isolates between which incoming connections are distributed. |
204 */ | 197 */ |
205 static Future<RawSecureServerSocket> bind( | 198 static Future<RawSecureServerSocket> bind( |
206 address, | 199 address, |
207 int port, | 200 int port, |
208 String certificateName, | 201 SecurityContext context, |
209 {int backlog: 0, | 202 {int backlog: 0, |
210 bool v6Only: false, | 203 bool v6Only: false, |
211 bool requestClientCertificate: false, | 204 bool requestClientCertificate: false, |
212 bool requireClientCertificate: false, | 205 bool requireClientCertificate: false, |
213 List<String> supportedProtocols, | 206 List<String> supportedProtocols, |
214 bool shared: false}) { | 207 bool shared: false}) { |
215 return RawServerSocket.bind( | 208 return RawServerSocket.bind( |
216 address, port, backlog: backlog, v6Only: v6Only, shared: shared) | 209 address, port, backlog: backlog, v6Only: v6Only, shared: shared) |
217 .then((serverSocket) => new RawSecureServerSocket._( | 210 .then((serverSocket) => new RawSecureServerSocket._( |
218 serverSocket, | 211 serverSocket, |
219 certificateName, | 212 context, |
220 requestClientCertificate, | 213 requestClientCertificate, |
221 requireClientCertificate, | 214 requireClientCertificate, |
222 supportedProtocols)); | 215 supportedProtocols)); |
223 } | 216 } |
224 | 217 |
225 StreamSubscription<RawSecureSocket> listen(void onData(RawSecureSocket s), | 218 StreamSubscription<RawSecureSocket> listen(void onData(RawSecureSocket s), |
226 {Function onError, | 219 {Function onError, |
227 void onDone(), | 220 void onDone(), |
228 bool cancelOnError}) { | 221 bool cancelOnError}) { |
229 return _controller.stream.listen(onData, | 222 return _controller.stream.listen(onData, |
(...skipping 26 matching lines...) Expand all Loading... |
256 try { | 249 try { |
257 remotePort = connection.remotePort; | 250 remotePort = connection.remotePort; |
258 } catch (e) { | 251 } catch (e) { |
259 // If connection is already closed, remotePort throws an exception. | 252 // If connection is already closed, remotePort throws an exception. |
260 // Do nothing - connection is closed. | 253 // Do nothing - connection is closed. |
261 return; | 254 return; |
262 } | 255 } |
263 _RawSecureSocket.connect( | 256 _RawSecureSocket.connect( |
264 connection.address, | 257 connection.address, |
265 remotePort, | 258 remotePort, |
266 certificateName, | 259 context: _context, |
267 is_server: true, | 260 is_server: true, |
268 socket: connection, | 261 socket: connection, |
269 requestClientCertificate: requestClientCertificate, | 262 requestClientCertificate: requestClientCertificate, |
270 requireClientCertificate: requireClientCertificate, | 263 requireClientCertificate: requireClientCertificate, |
271 supportedProtocols: supportedProtocols) | 264 supportedProtocols: supportedProtocols) |
272 .then((RawSecureSocket secureConnection) { | 265 .then((RawSecureSocket secureConnection) { |
273 if (_closed) { | 266 if (_closed) { |
274 secureConnection.close(); | 267 secureConnection.close(); |
275 } else { | 268 } else { |
276 _controller.add(secureConnection); | 269 _controller.add(secureConnection); |
(...skipping 22 matching lines...) Expand all Loading... |
299 close(); | 292 close(); |
300 } | 293 } |
301 } | 294 } |
302 | 295 |
303 void set _owner(owner) { | 296 void set _owner(owner) { |
304 (_socket as dynamic)._owner = owner; | 297 (_socket as dynamic)._owner = owner; |
305 } | 298 } |
306 } | 299 } |
307 | 300 |
308 | 301 |
OLD | NEW |