1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http.nio.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33
34 import org.apache.hc.core5.concurrent.FutureCallback;
35 import org.apache.hc.core5.http.HttpHost;
36 import org.apache.hc.core5.net.NamedEndpoint;
37 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
38 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
39 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
40 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
41 import org.apache.hc.core5.ssl.SSLContexts;
42 import org.apache.hc.core5.util.Args;
43 import org.apache.hc.core5.util.Timeout;
44
45
46
47
48
49
50
51 public class BasicServerTlsStrategy implements TlsStrategy {
52
53 private final SSLContext sslContext;
54 @SuppressWarnings("deprecation")
55 private final SecurePortStrategy securePortStrategy;
56 private final SSLBufferMode sslBufferMode;
57 private final SSLSessionInitializer initializer;
58 private final SSLSessionVerifier verifier;
59
60
61
62
63 @Deprecated
64 public BasicServerTlsStrategy(
65 final SSLContext sslContext,
66 final SecurePortStrategy securePortStrategy,
67 final SSLBufferMode sslBufferMode,
68 final SSLSessionInitializer initializer,
69 final SSLSessionVerifier verifier) {
70 this.sslContext = Args.notNull(sslContext, "SSL context");
71 this.securePortStrategy = securePortStrategy;
72 this.sslBufferMode = sslBufferMode;
73 this.initializer = initializer;
74 this.verifier = verifier;
75 }
76
77
78
79
80 @Deprecated
81 public BasicServerTlsStrategy(
82 final SSLContext sslContext,
83 final SecurePortStrategy securePortStrategy,
84 final SSLSessionInitializer initializer,
85 final SSLSessionVerifier verifier) {
86 this(sslContext, securePortStrategy, null, initializer, verifier);
87 }
88
89
90
91
92 @Deprecated
93 public BasicServerTlsStrategy(
94 final SSLContext sslContext,
95 final SecurePortStrategy securePortStrategy,
96 final SSLSessionVerifier verifier) {
97 this(sslContext, securePortStrategy, null, null, verifier);
98 }
99
100
101
102
103 @Deprecated
104 public BasicServerTlsStrategy(final SSLContext sslContext, final SecurePortStrategy securePortStrategy) {
105 this(sslContext, securePortStrategy, null, null, null);
106 }
107
108
109
110
111 @Deprecated
112 public BasicServerTlsStrategy(final SecurePortStrategy securePortStrategy) {
113 this(SSLContexts.createSystemDefault(), securePortStrategy);
114 }
115
116
117
118
119
120
121 public BasicServerTlsStrategy(final SSLSessionVerifier verifier) {
122 this(SSLContexts.createSystemDefault(), verifier);
123 }
124
125 public BasicServerTlsStrategy(
126 final SSLContext sslContext,
127 final SSLBufferMode sslBufferMode,
128 final SSLSessionInitializer initializer,
129 final SSLSessionVerifier verifier) {
130 this.sslContext = Args.notNull(sslContext, "SSL context");
131 this.sslBufferMode = sslBufferMode;
132 this.initializer = initializer;
133 this.verifier = verifier;
134 this.securePortStrategy = null;
135 }
136
137 public BasicServerTlsStrategy(
138 final SSLContext sslContext,
139 final SSLSessionInitializer initializer,
140 final SSLSessionVerifier verifier) {
141 this(sslContext, (SSLBufferMode) null, initializer, verifier);
142 }
143
144 public BasicServerTlsStrategy(
145 final SSLContext sslContext,
146 final SSLSessionVerifier verifier) {
147 this(sslContext, (SSLBufferMode) null, null, verifier);
148 }
149
150 public BasicServerTlsStrategy(final SSLContext sslContext) {
151 this(sslContext, null, null, null, null);
152 }
153
154 public BasicServerTlsStrategy() {
155 this(SSLContexts.createSystemDefault());
156 }
157
158 private boolean isApplicable(final SocketAddress localAddress) {
159 return securePortStrategy == null || securePortStrategy.isSecure(localAddress);
160 }
161
162 @Override
163 public void upgrade(
164 final TransportSecurityLayer tlsSession,
165 final NamedEndpoint endpoint,
166 final Object attachment,
167 final Timeout handshakeTimeout,
168 final FutureCallback<TransportSecurityLayer> callback) {
169 tlsSession.startTls(sslContext, endpoint, sslBufferMode,
170 TlsSupport.enforceStrongSecurity(initializer), verifier, handshakeTimeout, callback);
171 }
172
173
174
175
176 @Deprecated
177 @Override
178 public boolean upgrade(
179 final TransportSecurityLayer tlsSession,
180 final HttpHost host,
181 final SocketAddress localAddress,
182 final SocketAddress remoteAddress,
183 final Object attachment,
184 final Timeout handshakeTimeout) {
185 if (isApplicable(localAddress)) {
186 upgrade(tlsSession, host, attachment, handshakeTimeout, null);
187 return true;
188 }
189 return false;
190 }
191
192 }