1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http.nio.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33
34 import org.apache.hc.core5.concurrent.FutureCallback;
35 import org.apache.hc.core5.http.HttpHost;
36 import org.apache.hc.core5.http.URIScheme;
37 import org.apache.hc.core5.net.NamedEndpoint;
38 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
39 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
40 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
41 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
42 import org.apache.hc.core5.ssl.SSLContexts;
43 import org.apache.hc.core5.util.Args;
44 import org.apache.hc.core5.util.Timeout;
45
46
47
48
49
50
51
52 public class BasicClientTlsStrategy implements TlsStrategy {
53
54 private final SSLContext sslContext;
55 private final SSLBufferMode sslBufferMode;
56 private final SSLSessionInitializer initializer;
57 private final SSLSessionVerifier verifier;
58
59 public BasicClientTlsStrategy(
60 final SSLContext sslContext,
61 final SSLBufferMode sslBufferMode,
62 final SSLSessionInitializer initializer,
63 final SSLSessionVerifier verifier) {
64 this.sslContext = Args.notNull(sslContext, "SSL context");
65 this.sslBufferMode = sslBufferMode;
66 this.initializer = initializer;
67 this.verifier = verifier;
68 }
69
70 public BasicClientTlsStrategy(
71 final SSLContext sslContext,
72 final SSLSessionInitializer initializer,
73 final SSLSessionVerifier verifier) {
74 this(sslContext, null, initializer, verifier);
75 }
76
77 public BasicClientTlsStrategy(
78 final SSLContext sslContext,
79 final SSLSessionVerifier verifier) {
80 this(sslContext, null, null, verifier);
81 }
82
83 public BasicClientTlsStrategy(final SSLContext sslContext) {
84 this(sslContext, null, null, null);
85 }
86
87 public BasicClientTlsStrategy() {
88 this(SSLContexts.createSystemDefault());
89 }
90
91
92
93
94
95
96
97 public BasicClientTlsStrategy(final SSLSessionVerifier verifier) {
98 this(SSLContexts.createSystemDefault(), verifier);
99 }
100
101 @Override
102 public void upgrade(
103 final TransportSecurityLayer tlsSession,
104 final NamedEndpoint endpoint,
105 final Object attachment,
106 final Timeout handshakeTimeout,
107 final FutureCallback<TransportSecurityLayer> callback) {
108 tlsSession.startTls(sslContext, endpoint, sslBufferMode,
109 TlsSupport.enforceStrongSecurity(initializer), verifier, handshakeTimeout, callback);
110 }
111
112
113
114
115 @Deprecated
116 @Override
117 public boolean upgrade(
118 final TransportSecurityLayer tlsSession,
119 final HttpHost host,
120 final SocketAddress localAddress,
121 final SocketAddress remoteAddress,
122 final Object attachment,
123 final Timeout handshakeTimeout) {
124 final String scheme = host != null ? host.getSchemeName() : null;
125 if (URIScheme.HTTPS.same(scheme)) {
126 upgrade(tlsSession, host, attachment, handshakeTimeout, null);
127 return true;
128 }
129 return false;
130 }
131
132 }