pekko/akka-stream/src/main/scala/akka/stream/impl/io/TlsModule.scala

package akka.stream.impl.io

import javax.net.ssl.{ SSLEngine, SSLSession }

import akka.NotUsed
import akka.actor.ActorSystem
import akka.stream._
import akka.stream.impl.StreamLayout.AtomicModule
import akka.stream.TLSProtocol._
import akka.stream.impl.{ TlsModuleIslandTag, TraversalBuilder }
import akka.util.ByteString

import scala.util.Try

/**
 * INTERNAL API.
 */
private[stream] final case class TlsModule(plainIn: Inlet[SslTlsOutbound], plainOut: Outlet[SslTlsInbound],
                                           cipherIn: Inlet[ByteString], cipherOut: Outlet[ByteString],
                                           shape:           BidiShape[SslTlsOutbound, ByteString, ByteString, SslTlsInbound],
                                           attributes:      Attributes,
                                           createSSLEngine: ActorSystem ⇒ SSLEngine, // ActorSystem is only needed to support the AkkaSSLConfig legacy, see #21753
                                           verifySession:   (ActorSystem, SSLSession) ⇒ Try[Unit], // ActorSystem is only needed to support the AkkaSSLConfig legacy, see #21753
                                           closing:         TLSClosing)
  extends AtomicModule[BidiShape[SslTlsOutbound, ByteString, ByteString, SslTlsInbound], NotUsed] {

  override def withAttributes(att: Attributes): TlsModule = copy(attributes = att)

  override def toString: String = f"TlsModule($closing) [${System.identityHashCode(this)}%08x]"

  override private[stream] def traversalBuilder = TraversalBuilder.atomic(this, attributes).makeIsland(TlsModuleIslandTag)
}

/**
 * INTERNAL API.
 */
private[stream] object TlsModule {
  def apply(
    attributes:      Attributes,
    createSSLEngine: ActorSystem ⇒ SSLEngine, // ActorSystem is only needed to support the AkkaSSLConfig legacy, see #21753
    verifySession:   (ActorSystem, SSLSession) ⇒ Try[Unit], // ActorSystem is only needed to support the AkkaSSLConfig legacy, see #21753
    closing:         TLSClosing): TlsModule = {
    val name = attributes.nameOrDefault(s"StreamTls()")
    val cipherIn = Inlet[ByteString](s"$name.cipherIn")
    val cipherOut = Outlet[ByteString](s"$name.cipherOut")
    val plainIn = Inlet[SslTlsOutbound](s"$name.transportIn")
    val plainOut = Outlet[SslTlsInbound](s"$name.transportOut")
    val shape = new BidiShape(plainIn, cipherOut, cipherIn, plainOut)
    TlsModule(plainIn, plainOut, cipherIn, cipherOut, shape, attributes, createSSLEngine, verifySession, closing)
  }
}
splitting up TLS APIs 2016-02-16 18:19:30 +01:00			`package akka.stream.impl.io`

=str #22430 add TlsModulePhase (#22466) 2017-03-07 12:39:15 +01:00			`import javax.net.ssl.{ SSLEngine, SSLSession }`
splitting up TLS APIs 2016-02-16 18:19:30 +01:00
New materializer and layout 2016-07-27 13:29:23 +02:00			`import akka.NotUsed`
=str #21753 simplify TLSActor configuration by allowing to specify SSLEngine directly (#21822) Do all (Akka)SSLConfig magic in one place directly in the TLS API. Also, introduce new low-level entrypoint in TLS that allows to specify an SSLEngine constructor directly without relying on SSLContext. This allows users to use third-party SSLEngine implementations like netty's OpenSslEngine together with akka-stream. 2016-11-17 16:07:24 +01:00			`import akka.actor.ActorSystem`
splitting up TLS APIs 2016-02-16 18:19:30 +01:00			`import akka.stream._`
New materializer and layout 2016-07-27 13:29:23 +02:00			`import akka.stream.impl.StreamLayout.AtomicModule`
splitting up TLS APIs 2016-02-16 18:19:30 +01:00			`import akka.stream.TLSProtocol._`
=str #22430 add TlsModulePhase (#22466) 2017-03-07 12:39:15 +01:00			`import akka.stream.impl.{ TlsModuleIslandTag, TraversalBuilder }`
splitting up TLS APIs 2016-02-16 18:19:30 +01:00			`import akka.util.ByteString`

=str #21753 simplify TLSActor configuration by allowing to specify SSLEngine directly (#21822) Do all (Akka)SSLConfig magic in one place directly in the TLS API. Also, introduce new low-level entrypoint in TLS that allows to specify an SSLEngine constructor directly without relying on SSLContext. This allows users to use third-party SSLEngine implementations like netty's OpenSslEngine together with akka-stream. 2016-11-17 16:07:24 +01:00			`import scala.util.Try`

splitting up TLS APIs 2016-02-16 18:19:30 +01:00			`/**`
			`* INTERNAL API.`
			`*/`
=str #21753 simplify TLSActor configuration by allowing to specify SSLEngine directly (#21822) Do all (Akka)SSLConfig magic in one place directly in the TLS API. Also, introduce new low-level entrypoint in TLS that allows to specify an SSLEngine constructor directly without relying on SSLContext. This allows users to use third-party SSLEngine implementations like netty's OpenSslEngine together with akka-stream. 2016-11-17 16:07:24 +01:00			`private[stream] final case class TlsModule(plainIn: Inlet[SslTlsOutbound], plainOut: Outlet[SslTlsInbound],`
			`cipherIn: Inlet[ByteString], cipherOut: Outlet[ByteString],`
New materializer and layout 2016-07-27 13:29:23 +02:00			`shape: BidiShape[SslTlsOutbound, ByteString, ByteString, SslTlsInbound],`
			`attributes: Attributes,`
=str #21753 simplify TLSActor configuration by allowing to specify SSLEngine directly (#21822) Do all (Akka)SSLConfig magic in one place directly in the TLS API. Also, introduce new low-level entrypoint in TLS that allows to specify an SSLEngine constructor directly without relying on SSLContext. This allows users to use third-party SSLEngine implementations like netty's OpenSslEngine together with akka-stream. 2016-11-17 16:07:24 +01:00			`createSSLEngine: ActorSystem ⇒ SSLEngine, // ActorSystem is only needed to support the AkkaSSLConfig legacy, see #21753`
Revert "=str Remove manual hostname verifier support, used to be included only because Java 6 (#22320)" Let's revert this until we have decided in #22345 what to do exactly about it. We will still introduce an overload of TLS.apply that works without specifying a `verifySession` function. This reverts commit 021829e21e76b13fa961eb973339c9ab77e94edc. Conflicts: project/MiMa.scala 2017-02-23 12:00:54 +01:00			`verifySession: (ActorSystem, SSLSession) ⇒ Try[Unit], // ActorSystem is only needed to support the AkkaSSLConfig legacy, see #21753`
New materializer and layout 2016-07-27 13:29:23 +02:00			`closing: TLSClosing)`
			`extends AtomicModule[BidiShape[SslTlsOutbound, ByteString, ByteString, SslTlsInbound], NotUsed] {`
splitting up TLS APIs 2016-02-16 18:19:30 +01:00
simplify materialized value computation tree, fixes #20015 - also fixes materialized value sources for graphs that import zero or one graphs, with and without Fusing 2016-03-11 17:08:30 +01:00			`override def withAttributes(att: Attributes): TlsModule = copy(attributes = att)`

=str #21753 simplify TLSActor configuration by allowing to specify SSLEngine directly (#21822) Do all (Akka)SSLConfig magic in one place directly in the TLS API. Also, introduce new low-level entrypoint in TLS that allows to specify an SSLEngine constructor directly without relying on SSLContext. This allows users to use third-party SSLEngine implementations like netty's OpenSslEngine together with akka-stream. 2016-11-17 16:07:24 +01:00			`override def toString: String = f"TlsModule($closing) [${System.identityHashCode(this)}%08x]"`
New materializer and layout 2016-07-27 13:29:23 +02:00
include initialAttributes of GraphStage, #22463 * these must also be included via setAttributes because because it will create island for async (dispatcher attribute) * better actor name of GraphStageIsland, we need it in tests for lookup of the actor * this unlocks OutputStreamSourceSpec and InputStreamSinkSpec 2017-03-07 19:40:50 +01:00			`override private[stream] def traversalBuilder = TraversalBuilder.atomic(this, attributes).makeIsland(TlsModuleIslandTag)`
splitting up TLS APIs 2016-02-16 18:19:30 +01:00			`}`

			`/**`
			`* INTERNAL API.`
			`*/`
=str #21753 simplify TLSActor configuration by allowing to specify SSLEngine directly (#21822) Do all (Akka)SSLConfig magic in one place directly in the TLS API. Also, introduce new low-level entrypoint in TLS that allows to specify an SSLEngine constructor directly without relying on SSLContext. This allows users to use third-party SSLEngine implementations like netty's OpenSslEngine together with akka-stream. 2016-11-17 16:07:24 +01:00			`private[stream] object TlsModule {`
			`def apply(`
			`attributes: Attributes,`
			`createSSLEngine: ActorSystem ⇒ SSLEngine, // ActorSystem is only needed to support the AkkaSSLConfig legacy, see #21753`
Revert "=str Remove manual hostname verifier support, used to be included only because Java 6 (#22320)" Let's revert this until we have decided in #22345 what to do exactly about it. We will still introduce an overload of TLS.apply that works without specifying a `verifySession` function. This reverts commit 021829e21e76b13fa961eb973339c9ab77e94edc. Conflicts: project/MiMa.scala 2017-02-23 12:00:54 +01:00			`verifySession: (ActorSystem, SSLSession) ⇒ Try[Unit], // ActorSystem is only needed to support the AkkaSSLConfig legacy, see #21753`
=str #21753 simplify TLSActor configuration by allowing to specify SSLEngine directly (#21822) Do all (Akka)SSLConfig magic in one place directly in the TLS API. Also, introduce new low-level entrypoint in TLS that allows to specify an SSLEngine constructor directly without relying on SSLContext. This allows users to use third-party SSLEngine implementations like netty's OpenSslEngine together with akka-stream. 2016-11-17 16:07:24 +01:00			`closing: TLSClosing): TlsModule = {`
			`val name = attributes.nameOrDefault(s"StreamTls()")`
splitting up TLS APIs 2016-02-16 18:19:30 +01:00			`val cipherIn = Inlet[ByteString](s"$name.cipherIn")`
			`val cipherOut = Outlet[ByteString](s"$name.cipherOut")`
			`val plainIn = Inlet[SslTlsOutbound](s"$name.transportIn")`
			`val plainOut = Outlet[SslTlsInbound](s"$name.transportOut")`
			`val shape = new BidiShape(plainIn, cipherOut, cipherIn, plainOut)`
Revert "=str Remove manual hostname verifier support, used to be included only because Java 6 (#22320)" Let's revert this until we have decided in #22345 what to do exactly about it. We will still introduce an overload of TLS.apply that works without specifying a `verifySession` function. This reverts commit 021829e21e76b13fa961eb973339c9ab77e94edc. Conflicts: project/MiMa.scala 2017-02-23 12:00:54 +01:00			`TlsModule(plainIn, plainOut, cipherIn, cipherOut, shape, attributes, createSSLEngine, verifySession, closing)`
splitting up TLS APIs 2016-02-16 18:19:30 +01:00			`}`
			`}`