1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http.nio.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33
34 import org.apache.hc.core5.http.HttpHost;
35 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
36 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
37 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
38 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
39 import org.apache.hc.core5.ssl.SSLContexts;
40 import org.apache.hc.core5.util.Args;
41 import org.apache.hc.core5.util.Timeout;
42
43
44
45
46
47
48
49 public class BasicServerTlsStrategy implements TlsStrategy {
50
51 private final SSLContext sslContext;
52 private final SecurePortStrategy securePortStrategy;
53 private final SSLBufferMode sslBufferMode;
54 private final SSLSessionInitializer initializer;
55 private final SSLSessionVerifier verifier;
56
57 public BasicServerTlsStrategy(
58 final SSLContext sslContext,
59 final SecurePortStrategy securePortStrategy,
60 final SSLBufferMode sslBufferMode,
61 final SSLSessionInitializer initializer,
62 final SSLSessionVerifier verifier) {
63 this.sslContext = Args.notNull(sslContext, "SSL context");
64 this.securePortStrategy = securePortStrategy;
65 this.sslBufferMode = sslBufferMode;
66 this.initializer = initializer;
67 this.verifier = verifier;
68 }
69
70 public BasicServerTlsStrategy(
71 final SSLContext sslContext,
72 final SecurePortStrategy securePortStrategy,
73 final SSLSessionInitializer initializer,
74 final SSLSessionVerifier verifier) {
75 this(sslContext, securePortStrategy, null, initializer, verifier);
76 }
77
78 public BasicServerTlsStrategy(
79 final SSLContext sslContext,
80 final SecurePortStrategy securePortStrategy,
81 final SSLSessionVerifier verifier) {
82 this(sslContext, securePortStrategy, null, null, verifier);
83 }
84
85 public BasicServerTlsStrategy(final SSLContext sslContext, final SecurePortStrategy securePortStrategy) {
86 this(sslContext, securePortStrategy, null, null, null);
87 }
88
89 public BasicServerTlsStrategy(final SecurePortStrategy securePortStrategy) {
90 this(SSLContexts.createSystemDefault(), securePortStrategy);
91 }
92
93 @Override
94 public boolean upgrade(
95 final TransportSecurityLayer tlsSession,
96 final HttpHost host,
97 final SocketAddress localAddress,
98 final SocketAddress remoteAddress,
99 final Object attachment,
100 final Timeout handshakeTimeout) {
101 if (securePortStrategy != null && securePortStrategy.isSecure(localAddress)) {
102 tlsSession.startTls(sslContext, host, sslBufferMode,
103 TlsSupport.enforceStrongSecurity(initializer), verifier, handshakeTimeout);
104 return true;
105 }
106 return false;
107 }
108
109 }