private void secureSession()

in core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java [124:165]

• 33 lines of code
• 8 McCabe index (conditional complexity)

    private void secureSession(final FtpIoSession session, final String type, LocalizedFtpReply reply)
        throws GeneralSecurityException, FtpException {
        SslConfiguration ssl = session.getListener().getSslConfiguration();
    
        if (ssl != null) {
            SslFilter sslFilter = new SslFilter(ssl.getSSLContext()) {
                @Override
                public void filterWrite(NextFilter next, IoSession session, WriteRequest request) throws Exception {
                    if (request.getOriginalMessage() == reply) {
                       next.filterWrite(session, request);
                    } else {
                        super.filterWrite(next, session, request);
                    }
                }
            };
            if (ssl.getClientAuth() == ClientAuth.NEED) {
            sslFilter.setNeedClientAuth(true);
            } else if (ssl.getClientAuth() == ClientAuth.WANT) {
            sslFilter.setWantClientAuth(true);
            }
    
            // note that we do not care about the protocol, we allow both types
            // and leave it to the SSL handshake to determine the protocol to
            // use. Thus the type argument is ignored.
    
            if (ssl.getEnabledCipherSuites() != null) {
            sslFilter.setEnabledCipherSuites(ssl.getEnabledCipherSuites());
            }
    
            if (ssl.getEnabledProtocols() != null) {
                sslFilter.setEnabledProtocols(ssl.getEnabledProtocols());
            }
    
            session.getFilterChain().addFirst(SSL_SESSION_FILTER_NAME, sslFilter);
    
            if ("SSL".equals(type)) {
            session.getDataConnection().setSecure(true);
            }
        } else {
            throw new FtpException("Socket factory SSL not configured");
        }
    }