Google Git
Sign in
apache / hbase-site / 1d2de3e49e6fe05cd3cb04fe49ad09e6c4a7af22 / . / devapidocs / src-html / org / apache / hadoop / hbase / security / HBaseSaslRpcClient.WrappedOutputStream.html
blob: 4840193066f5be9970da7049390c1c131c5f6d09 [file] [log] [blame]
<!DOCTYPE HTML>
<html lang="en">
<head>
<!-- Generated by javadoc (17) -->
<title>Source code</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="source: package: org.apache.hadoop.hbase.security, class: HBaseSaslRpcClient, class: WrappedOutputStream">
<meta name="generator" content="javadoc/SourceToHTMLConverter">
<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
</head>
<body class="source-page">
<main role="main">
<div class="source-container">
<pre><span class="source-line-no">001</span><span id="line-1">/*</span>
<span class="source-line-no">002</span><span id="line-2"> * Licensed to the Apache Software Foundation (ASF) under one</span>
<span class="source-line-no">003</span><span id="line-3"> * or more contributor license agreements. See the NOTICE file</span>
<span class="source-line-no">004</span><span id="line-4"> * distributed with this work for additional information</span>
<span class="source-line-no">005</span><span id="line-5"> * regarding copyright ownership. The ASF licenses this file</span>
<span class="source-line-no">006</span><span id="line-6"> * to you under the Apache License, Version 2.0 (the</span>
<span class="source-line-no">007</span><span id="line-7"> * "License"); you may not use this file except in compliance</span>
<span class="source-line-no">008</span><span id="line-8"> * with the License. You may obtain a copy of the License at</span>
<span class="source-line-no">009</span><span id="line-9"> *</span>
<span class="source-line-no">010</span><span id="line-10"> * http://www.apache.org/licenses/LICENSE-2.0</span>
<span class="source-line-no">011</span><span id="line-11"> *</span>
<span class="source-line-no">012</span><span id="line-12"> * Unless required by applicable law or agreed to in writing, software</span>
<span class="source-line-no">013</span><span id="line-13"> * distributed under the License is distributed on an "AS IS" BASIS,</span>
<span class="source-line-no">014</span><span id="line-14"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span>
<span class="source-line-no">015</span><span id="line-15"> * See the License for the specific language governing permissions and</span>
<span class="source-line-no">016</span><span id="line-16"> * limitations under the License.</span>
<span class="source-line-no">017</span><span id="line-17"> */</span>
<span class="source-line-no">018</span><span id="line-18">package org.apache.hadoop.hbase.security;</span>
<span class="source-line-no">019</span><span id="line-19"></span>
<span class="source-line-no">020</span><span id="line-20">import java.io.BufferedInputStream;</span>
<span class="source-line-no">021</span><span id="line-21">import java.io.BufferedOutputStream;</span>
<span class="source-line-no">022</span><span id="line-22">import java.io.DataInputStream;</span>
<span class="source-line-no">023</span><span id="line-23">import java.io.DataOutputStream;</span>
<span class="source-line-no">024</span><span id="line-24">import java.io.FilterInputStream;</span>
<span class="source-line-no">025</span><span id="line-25">import java.io.FilterOutputStream;</span>
<span class="source-line-no">026</span><span id="line-26">import java.io.IOException;</span>
<span class="source-line-no">027</span><span id="line-27">import java.io.InputStream;</span>
<span class="source-line-no">028</span><span id="line-28">import java.io.OutputStream;</span>
<span class="source-line-no">029</span><span id="line-29">import java.net.InetAddress;</span>
<span class="source-line-no">030</span><span id="line-30">import java.nio.ByteBuffer;</span>
<span class="source-line-no">031</span><span id="line-31">import javax.security.sasl.Sasl;</span>
<span class="source-line-no">032</span><span id="line-32">import javax.security.sasl.SaslException;</span>
<span class="source-line-no">033</span><span id="line-33">import org.apache.hadoop.conf.Configuration;</span>
<span class="source-line-no">034</span><span id="line-34">import org.apache.hadoop.hbase.io.crypto.aes.CryptoAES;</span>
<span class="source-line-no">035</span><span id="line-35">import org.apache.hadoop.hbase.ipc.FallbackDisallowedException;</span>
<span class="source-line-no">036</span><span id="line-36">import org.apache.hadoop.hbase.security.provider.SaslClientAuthenticationProvider;</span>
<span class="source-line-no">037</span><span id="line-37">import org.apache.hadoop.io.WritableUtils;</span>
<span class="source-line-no">038</span><span id="line-38">import org.apache.hadoop.ipc.RemoteException;</span>
<span class="source-line-no">039</span><span id="line-39">import org.apache.hadoop.security.SaslInputStream;</span>
<span class="source-line-no">040</span><span id="line-40">import org.apache.hadoop.security.SaslOutputStream;</span>
<span class="source-line-no">041</span><span id="line-41">import org.apache.hadoop.security.token.Token;</span>
<span class="source-line-no">042</span><span id="line-42">import org.apache.hadoop.security.token.TokenIdentifier;</span>
<span class="source-line-no">043</span><span id="line-43">import org.apache.yetus.audience.InterfaceAudience;</span>
<span class="source-line-no">044</span><span id="line-44">import org.slf4j.Logger;</span>
<span class="source-line-no">045</span><span id="line-45">import org.slf4j.LoggerFactory;</span>
<span class="source-line-no">046</span><span id="line-46"></span>
<span class="source-line-no">047</span><span id="line-47">import org.apache.hadoop.hbase.shaded.protobuf.generated.RPCProtos;</span>
<span class="source-line-no">048</span><span id="line-48"></span>
<span class="source-line-no">049</span><span id="line-49">/**</span>
<span class="source-line-no">050</span><span id="line-50"> * A utility class that encapsulates SASL logic for RPC client. Copied from</span>
<span class="source-line-no">051</span><span id="line-51"> * &lt;code&gt;org.apache.hadoop.security&lt;/code&gt;</span>
<span class="source-line-no">052</span><span id="line-52"> */</span>
<span class="source-line-no">053</span><span id="line-53">@InterfaceAudience.Private</span>
<span class="source-line-no">054</span><span id="line-54">public class HBaseSaslRpcClient extends AbstractHBaseSaslRpcClient {</span>
<span class="source-line-no">055</span><span id="line-55"></span>
<span class="source-line-no">056</span><span id="line-56"> private static final Logger LOG = LoggerFactory.getLogger(HBaseSaslRpcClient.class);</span>
<span class="source-line-no">057</span><span id="line-57"> private boolean cryptoAesEnable;</span>
<span class="source-line-no">058</span><span id="line-58"> private CryptoAES cryptoAES;</span>
<span class="source-line-no">059</span><span id="line-59"> private InputStream saslInputStream;</span>
<span class="source-line-no">060</span><span id="line-60"> private InputStream cryptoInputStream;</span>
<span class="source-line-no">061</span><span id="line-61"> private OutputStream saslOutputStream;</span>
<span class="source-line-no">062</span><span id="line-62"> private OutputStream cryptoOutputStream;</span>
<span class="source-line-no">063</span><span id="line-63"> private boolean initStreamForCrypto;</span>
<span class="source-line-no">064</span><span id="line-64"></span>
<span class="source-line-no">065</span><span id="line-65"> public HBaseSaslRpcClient(Configuration conf, SaslClientAuthenticationProvider provider,</span>
<span class="source-line-no">066</span><span id="line-66"> Token&lt;? extends TokenIdentifier&gt; token, InetAddress serverAddr, String servicePrincipal,</span>
<span class="source-line-no">067</span><span id="line-67"> boolean fallbackAllowed) throws IOException {</span>
<span class="source-line-no">068</span><span id="line-68"> super(conf, provider, token, serverAddr, servicePrincipal, fallbackAllowed);</span>
<span class="source-line-no">069</span><span id="line-69"> }</span>
<span class="source-line-no">070</span><span id="line-70"></span>
<span class="source-line-no">071</span><span id="line-71"> public HBaseSaslRpcClient(Configuration conf, SaslClientAuthenticationProvider provider,</span>
<span class="source-line-no">072</span><span id="line-72"> Token&lt;? extends TokenIdentifier&gt; token, InetAddress serverAddr, String servicePrincipal,</span>
<span class="source-line-no">073</span><span id="line-73"> boolean fallbackAllowed, String rpcProtection, boolean initStreamForCrypto) throws IOException {</span>
<span class="source-line-no">074</span><span id="line-74"> super(conf, provider, token, serverAddr, servicePrincipal, fallbackAllowed, rpcProtection);</span>
<span class="source-line-no">075</span><span id="line-75"> this.initStreamForCrypto = initStreamForCrypto;</span>
<span class="source-line-no">076</span><span id="line-76"> }</span>
<span class="source-line-no">077</span><span id="line-77"></span>
<span class="source-line-no">078</span><span id="line-78"> private static void readStatus(DataInputStream inStream) throws IOException {</span>
<span class="source-line-no">079</span><span id="line-79"> int status = inStream.readInt(); // read status</span>
<span class="source-line-no">080</span><span id="line-80"> if (status != SaslStatus.SUCCESS.state) {</span>
<span class="source-line-no">081</span><span id="line-81"> throw new RemoteException(WritableUtils.readString(inStream),</span>
<span class="source-line-no">082</span><span id="line-82"> WritableUtils.readString(inStream));</span>
<span class="source-line-no">083</span><span id="line-83"> }</span>
<span class="source-line-no">084</span><span id="line-84"> }</span>
<span class="source-line-no">085</span><span id="line-85"></span>
<span class="source-line-no">086</span><span id="line-86"> /**</span>
<span class="source-line-no">087</span><span id="line-87"> * Do client side SASL authentication with server via the given InputStream and OutputStream</span>
<span class="source-line-no">088</span><span id="line-88"> * @param inS InputStream to use</span>
<span class="source-line-no">089</span><span id="line-89"> * @param outS OutputStream to use</span>
<span class="source-line-no">090</span><span id="line-90"> * @return true if connection is set up, or false if needs to switch to simple Auth.</span>
<span class="source-line-no">091</span><span id="line-91"> */</span>
<span class="source-line-no">092</span><span id="line-92"> public boolean saslConnect(InputStream inS, OutputStream outS) throws IOException {</span>
<span class="source-line-no">093</span><span id="line-93"> DataInputStream inStream = new DataInputStream(new BufferedInputStream(inS));</span>
<span class="source-line-no">094</span><span id="line-94"> DataOutputStream outStream = new DataOutputStream(new BufferedOutputStream(outS));</span>
<span class="source-line-no">095</span><span id="line-95"></span>
<span class="source-line-no">096</span><span id="line-96"> try {</span>
<span class="source-line-no">097</span><span id="line-97"> byte[] saslToken = getInitialResponse();</span>
<span class="source-line-no">098</span><span id="line-98"> if (saslToken != null) {</span>
<span class="source-line-no">099</span><span id="line-99"> outStream.writeInt(saslToken.length);</span>
<span class="source-line-no">100</span><span id="line-100"> outStream.write(saslToken, 0, saslToken.length);</span>
<span class="source-line-no">101</span><span id="line-101"> outStream.flush();</span>
<span class="source-line-no">102</span><span id="line-102"> if (LOG.isDebugEnabled()) {</span>
<span class="source-line-no">103</span><span id="line-103"> LOG.debug("Have sent token of size " + saslToken.length + " from initSASLContext.");</span>
<span class="source-line-no">104</span><span id="line-104"> }</span>
<span class="source-line-no">105</span><span id="line-105"> }</span>
<span class="source-line-no">106</span><span id="line-106"> if (!isComplete()) {</span>
<span class="source-line-no">107</span><span id="line-107"> readStatus(inStream);</span>
<span class="source-line-no">108</span><span id="line-108"> int len = inStream.readInt();</span>
<span class="source-line-no">109</span><span id="line-109"> if (len == SaslUtil.SWITCH_TO_SIMPLE_AUTH) {</span>
<span class="source-line-no">110</span><span id="line-110"> if (!fallbackAllowed) {</span>
<span class="source-line-no">111</span><span id="line-111"> throw new FallbackDisallowedException();</span>
<span class="source-line-no">112</span><span id="line-112"> }</span>
<span class="source-line-no">113</span><span id="line-113"> LOG.debug("Server asks us to fall back to simple auth.");</span>
<span class="source-line-no">114</span><span id="line-114"> dispose();</span>
<span class="source-line-no">115</span><span id="line-115"> return false;</span>
<span class="source-line-no">116</span><span id="line-116"> }</span>
<span class="source-line-no">117</span><span id="line-117"> saslToken = new byte[len];</span>
<span class="source-line-no">118</span><span id="line-118"> if (LOG.isDebugEnabled()) {</span>
<span class="source-line-no">119</span><span id="line-119"> LOG.debug("Will read input token of size " + saslToken.length</span>
<span class="source-line-no">120</span><span id="line-120"> + " for processing by initSASLContext");</span>
<span class="source-line-no">121</span><span id="line-121"> }</span>
<span class="source-line-no">122</span><span id="line-122"> inStream.readFully(saslToken);</span>
<span class="source-line-no">123</span><span id="line-123"> }</span>
<span class="source-line-no">124</span><span id="line-124"></span>
<span class="source-line-no">125</span><span id="line-125"> while (!isComplete()) {</span>
<span class="source-line-no">126</span><span id="line-126"> saslToken = evaluateChallenge(saslToken);</span>
<span class="source-line-no">127</span><span id="line-127"> if (saslToken != null) {</span>
<span class="source-line-no">128</span><span id="line-128"> if (LOG.isDebugEnabled()) {</span>
<span class="source-line-no">129</span><span id="line-129"> LOG.debug("Will send token of size " + saslToken.length + " from initSASLContext.");</span>
<span class="source-line-no">130</span><span id="line-130"> }</span>
<span class="source-line-no">131</span><span id="line-131"> outStream.writeInt(saslToken.length);</span>
<span class="source-line-no">132</span><span id="line-132"> outStream.write(saslToken, 0, saslToken.length);</span>
<span class="source-line-no">133</span><span id="line-133"> outStream.flush();</span>
<span class="source-line-no">134</span><span id="line-134"> }</span>
<span class="source-line-no">135</span><span id="line-135"> if (!isComplete()) {</span>
<span class="source-line-no">136</span><span id="line-136"> readStatus(inStream);</span>
<span class="source-line-no">137</span><span id="line-137"> saslToken = new byte[inStream.readInt()];</span>
<span class="source-line-no">138</span><span id="line-138"> if (LOG.isDebugEnabled()) {</span>
<span class="source-line-no">139</span><span id="line-139"> LOG.debug("Will read input token of size " + saslToken.length</span>
<span class="source-line-no">140</span><span id="line-140"> + " for processing by initSASLContext");</span>
<span class="source-line-no">141</span><span id="line-141"> }</span>
<span class="source-line-no">142</span><span id="line-142"> inStream.readFully(saslToken);</span>
<span class="source-line-no">143</span><span id="line-143"> }</span>
<span class="source-line-no">144</span><span id="line-144"> }</span>
<span class="source-line-no">145</span><span id="line-145"></span>
<span class="source-line-no">146</span><span id="line-146"> if (LOG.isDebugEnabled()) {</span>
<span class="source-line-no">147</span><span id="line-147"> LOG.debug("SASL client context established. Negotiated QoP: "</span>
<span class="source-line-no">148</span><span id="line-148"> + saslClient.getNegotiatedProperty(Sasl.QOP));</span>
<span class="source-line-no">149</span><span id="line-149"> }</span>
<span class="source-line-no">150</span><span id="line-150"> // initial the inputStream, outputStream for both Sasl encryption</span>
<span class="source-line-no">151</span><span id="line-151"> // and Crypto AES encryption if necessary</span>
<span class="source-line-no">152</span><span id="line-152"> // if Crypto AES encryption enabled, the saslInputStream/saslOutputStream is</span>
<span class="source-line-no">153</span><span id="line-153"> // only responsible for connection header negotiation,</span>
<span class="source-line-no">154</span><span id="line-154"> // cryptoInputStream/cryptoOutputStream is responsible for rpc encryption with Crypto AES</span>
<span class="source-line-no">155</span><span id="line-155"> saslInputStream = new SaslInputStream(inS, saslClient);</span>
<span class="source-line-no">156</span><span id="line-156"> saslOutputStream = new SaslOutputStream(outS, saslClient);</span>
<span class="source-line-no">157</span><span id="line-157"> if (initStreamForCrypto) {</span>
<span class="source-line-no">158</span><span id="line-158"> cryptoInputStream = new WrappedInputStream(inS);</span>
<span class="source-line-no">159</span><span id="line-159"> cryptoOutputStream = new WrappedOutputStream(outS);</span>
<span class="source-line-no">160</span><span id="line-160"> }</span>
<span class="source-line-no">161</span><span id="line-161"></span>
<span class="source-line-no">162</span><span id="line-162"> return true;</span>
<span class="source-line-no">163</span><span id="line-163"> } catch (IOException e) {</span>
<span class="source-line-no">164</span><span id="line-164"> try {</span>
<span class="source-line-no">165</span><span id="line-165"> saslClient.dispose();</span>
<span class="source-line-no">166</span><span id="line-166"> } catch (SaslException ignored) {</span>
<span class="source-line-no">167</span><span id="line-167"> // ignore further exceptions during cleanup</span>
<span class="source-line-no">168</span><span id="line-168"> }</span>
<span class="source-line-no">169</span><span id="line-169"> throw e;</span>
<span class="source-line-no">170</span><span id="line-170"> }</span>
<span class="source-line-no">171</span><span id="line-171"> }</span>
<span class="source-line-no">172</span><span id="line-172"></span>
<span class="source-line-no">173</span><span id="line-173"> public String getSaslQOP() {</span>
<span class="source-line-no">174</span><span id="line-174"> return (String) saslClient.getNegotiatedProperty(Sasl.QOP);</span>
<span class="source-line-no">175</span><span id="line-175"> }</span>
<span class="source-line-no">176</span><span id="line-176"></span>
<span class="source-line-no">177</span><span id="line-177"> public void initCryptoCipher(RPCProtos.CryptoCipherMeta cryptoCipherMeta, Configuration conf)</span>
<span class="source-line-no">178</span><span id="line-178"> throws IOException {</span>
<span class="source-line-no">179</span><span id="line-179"> // create SaslAES for client</span>
<span class="source-line-no">180</span><span id="line-180"> cryptoAES = EncryptionUtil.createCryptoAES(cryptoCipherMeta, conf);</span>
<span class="source-line-no">181</span><span id="line-181"> cryptoAesEnable = true;</span>
<span class="source-line-no">182</span><span id="line-182"> }</span>
<span class="source-line-no">183</span><span id="line-183"></span>
<span class="source-line-no">184</span><span id="line-184"> /**</span>
<span class="source-line-no">185</span><span id="line-185"> * Get a SASL wrapped InputStream. Can be called only after saslConnect() has been called.</span>
<span class="source-line-no">186</span><span id="line-186"> * @return a SASL wrapped InputStream</span>
<span class="source-line-no">187</span><span id="line-187"> */</span>
<span class="source-line-no">188</span><span id="line-188"> public InputStream getInputStream() throws IOException {</span>
<span class="source-line-no">189</span><span id="line-189"> if (!saslClient.isComplete()) {</span>
<span class="source-line-no">190</span><span id="line-190"> throw new IOException("Sasl authentication exchange hasn't completed yet");</span>
<span class="source-line-no">191</span><span id="line-191"> }</span>
<span class="source-line-no">192</span><span id="line-192"> // If Crypto AES is enabled, return cryptoInputStream which unwrap the data with Crypto AES.</span>
<span class="source-line-no">193</span><span id="line-193"> if (cryptoAesEnable &amp;&amp; cryptoInputStream != null) {</span>
<span class="source-line-no">194</span><span id="line-194"> return cryptoInputStream;</span>
<span class="source-line-no">195</span><span id="line-195"> }</span>
<span class="source-line-no">196</span><span id="line-196"> return saslInputStream;</span>
<span class="source-line-no">197</span><span id="line-197"> }</span>
<span class="source-line-no">198</span><span id="line-198"></span>
<span class="source-line-no">199</span><span id="line-199"> class WrappedInputStream extends FilterInputStream {</span>
<span class="source-line-no">200</span><span id="line-200"> private ByteBuffer unwrappedRpcBuffer = ByteBuffer.allocate(0);</span>
<span class="source-line-no">201</span><span id="line-201"></span>
<span class="source-line-no">202</span><span id="line-202"> public WrappedInputStream(InputStream in) throws IOException {</span>
<span class="source-line-no">203</span><span id="line-203"> super(in);</span>
<span class="source-line-no">204</span><span id="line-204"> }</span>
<span class="source-line-no">205</span><span id="line-205"></span>
<span class="source-line-no">206</span><span id="line-206"> @Override</span>
<span class="source-line-no">207</span><span id="line-207"> public int read() throws IOException {</span>
<span class="source-line-no">208</span><span id="line-208"> byte[] b = new byte[1];</span>
<span class="source-line-no">209</span><span id="line-209"> int n = read(b, 0, 1);</span>
<span class="source-line-no">210</span><span id="line-210"> return (n != -1) ? b[0] : -1;</span>
<span class="source-line-no">211</span><span id="line-211"> }</span>
<span class="source-line-no">212</span><span id="line-212"></span>
<span class="source-line-no">213</span><span id="line-213"> @Override</span>
<span class="source-line-no">214</span><span id="line-214"> public int read(byte b[]) throws IOException {</span>
<span class="source-line-no">215</span><span id="line-215"> return read(b, 0, b.length);</span>
<span class="source-line-no">216</span><span id="line-216"> }</span>
<span class="source-line-no">217</span><span id="line-217"></span>
<span class="source-line-no">218</span><span id="line-218"> @Override</span>
<span class="source-line-no">219</span><span id="line-219"> public synchronized int read(byte[] buf, int off, int len) throws IOException {</span>
<span class="source-line-no">220</span><span id="line-220"> // fill the buffer with the next RPC message</span>
<span class="source-line-no">221</span><span id="line-221"> if (unwrappedRpcBuffer.remaining() == 0) {</span>
<span class="source-line-no">222</span><span id="line-222"> readNextRpcPacket();</span>
<span class="source-line-no">223</span><span id="line-223"> }</span>
<span class="source-line-no">224</span><span id="line-224"> // satisfy as much of the request as possible</span>
<span class="source-line-no">225</span><span id="line-225"> int readLen = Math.min(len, unwrappedRpcBuffer.remaining());</span>
<span class="source-line-no">226</span><span id="line-226"> unwrappedRpcBuffer.get(buf, off, readLen);</span>
<span class="source-line-no">227</span><span id="line-227"> return readLen;</span>
<span class="source-line-no">228</span><span id="line-228"> }</span>
<span class="source-line-no">229</span><span id="line-229"></span>
<span class="source-line-no">230</span><span id="line-230"> // unwrap messages with Crypto AES</span>
<span class="source-line-no">231</span><span id="line-231"> private void readNextRpcPacket() throws IOException {</span>
<span class="source-line-no">232</span><span id="line-232"> LOG.debug("reading next wrapped RPC packet");</span>
<span class="source-line-no">233</span><span id="line-233"> DataInputStream dis = new DataInputStream(in);</span>
<span class="source-line-no">234</span><span id="line-234"> int rpcLen = dis.readInt();</span>
<span class="source-line-no">235</span><span id="line-235"> byte[] rpcBuf = new byte[rpcLen];</span>
<span class="source-line-no">236</span><span id="line-236"> dis.readFully(rpcBuf);</span>
<span class="source-line-no">237</span><span id="line-237"></span>
<span class="source-line-no">238</span><span id="line-238"> // unwrap with Crypto AES</span>
<span class="source-line-no">239</span><span id="line-239"> rpcBuf = cryptoAES.unwrap(rpcBuf, 0, rpcBuf.length);</span>
<span class="source-line-no">240</span><span id="line-240"> if (LOG.isDebugEnabled()) {</span>
<span class="source-line-no">241</span><span id="line-241"> LOG.debug("unwrapping token of length:" + rpcBuf.length);</span>
<span class="source-line-no">242</span><span id="line-242"> }</span>
<span class="source-line-no">243</span><span id="line-243"> unwrappedRpcBuffer = ByteBuffer.wrap(rpcBuf);</span>
<span class="source-line-no">244</span><span id="line-244"> }</span>
<span class="source-line-no">245</span><span id="line-245"> }</span>
<span class="source-line-no">246</span><span id="line-246"></span>
<span class="source-line-no">247</span><span id="line-247"> /**</span>
<span class="source-line-no">248</span><span id="line-248"> * Get a SASL wrapped OutputStream. Can be called only after saslConnect() has been called.</span>
<span class="source-line-no">249</span><span id="line-249"> * @return a SASL wrapped OutputStream</span>
<span class="source-line-no">250</span><span id="line-250"> */</span>
<span class="source-line-no">251</span><span id="line-251"> public OutputStream getOutputStream() throws IOException {</span>
<span class="source-line-no">252</span><span id="line-252"> if (!saslClient.isComplete()) {</span>
<span class="source-line-no">253</span><span id="line-253"> throw new IOException("Sasl authentication exchange hasn't completed yet");</span>
<span class="source-line-no">254</span><span id="line-254"> }</span>
<span class="source-line-no">255</span><span id="line-255"> // If Crypto AES is enabled, return cryptoOutputStream which wrap the data with Crypto AES.</span>
<span class="source-line-no">256</span><span id="line-256"> if (cryptoAesEnable &amp;&amp; cryptoOutputStream != null) {</span>
<span class="source-line-no">257</span><span id="line-257"> return cryptoOutputStream;</span>
<span class="source-line-no">258</span><span id="line-258"> }</span>
<span class="source-line-no">259</span><span id="line-259"> return saslOutputStream;</span>
<span class="source-line-no">260</span><span id="line-260"> }</span>
<span class="source-line-no">261</span><span id="line-261"></span>
<span class="source-line-no">262</span><span id="line-262"> class WrappedOutputStream extends FilterOutputStream {</span>
<span class="source-line-no">263</span><span id="line-263"> public WrappedOutputStream(OutputStream out) throws IOException {</span>
<span class="source-line-no">264</span><span id="line-264"> super(out);</span>
<span class="source-line-no">265</span><span id="line-265"> }</span>
<span class="source-line-no">266</span><span id="line-266"></span>
<span class="source-line-no">267</span><span id="line-267"> @Override</span>
<span class="source-line-no">268</span><span id="line-268"> public void write(byte[] buf, int off, int len) throws IOException {</span>
<span class="source-line-no">269</span><span id="line-269"> if (LOG.isDebugEnabled()) {</span>
<span class="source-line-no">270</span><span id="line-270"> LOG.debug("wrapping token of length:" + len);</span>
<span class="source-line-no">271</span><span id="line-271"> }</span>
<span class="source-line-no">272</span><span id="line-272"></span>
<span class="source-line-no">273</span><span id="line-273"> // wrap with Crypto AES</span>
<span class="source-line-no">274</span><span id="line-274"> byte[] wrapped = cryptoAES.wrap(buf, off, len);</span>
<span class="source-line-no">275</span><span id="line-275"> DataOutputStream dob = new DataOutputStream(out);</span>
<span class="source-line-no">276</span><span id="line-276"> dob.writeInt(wrapped.length);</span>
<span class="source-line-no">277</span><span id="line-277"> dob.write(wrapped, 0, wrapped.length);</span>
<span class="source-line-no">278</span><span id="line-278"> dob.flush();</span>
<span class="source-line-no">279</span><span id="line-279"> }</span>
<span class="source-line-no">280</span><span id="line-280"> }</span>
<span class="source-line-no">281</span><span id="line-281">}</span>
</pre>
</div>
</main>
</body>
</html>