1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http2.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33
34 import org.apache.hc.core5.concurrent.FutureCallback;
35 import org.apache.hc.core5.http.HttpHost;
36 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
37 import org.apache.hc.core5.net.NamedEndpoint;
38 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
39 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
40 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
41 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
42 import org.apache.hc.core5.ssl.SSLContexts;
43 import org.apache.hc.core5.util.Args;
44 import org.apache.hc.core5.util.Timeout;
45
46
47
48
49
50
51
52 public class H2ServerTlsStrategy implements TlsStrategy {
53
54 private final SSLContext sslContext;
55 @SuppressWarnings("deprecation")
56 private final org.apache.hc.core5.http.nio.ssl.SecurePortStrategy securePortStrategy;
57 private final SSLBufferMode sslBufferMode;
58 private final SSLSessionInitializer initializer;
59 private final SSLSessionVerifier verifier;
60
61
62
63
64 @Deprecated
65 public H2ServerTlsStrategy(
66 final SSLContext sslContext,
67 final org.apache.hc.core5.http.nio.ssl.SecurePortStrategy securePortStrategy,
68 final SSLBufferMode sslBufferMode,
69 final SSLSessionInitializer initializer,
70 final SSLSessionVerifier verifier) {
71 this.sslContext = Args.notNull(sslContext, "SSL context");
72 this.securePortStrategy = securePortStrategy;
73 this.sslBufferMode = sslBufferMode;
74 this.initializer = initializer;
75 this.verifier = verifier;
76 }
77
78
79
80
81 @Deprecated
82 public H2ServerTlsStrategy(
83 final SSLContext sslContext,
84 final org.apache.hc.core5.http.nio.ssl.SecurePortStrategy securePortStrategy,
85 final SSLSessionInitializer initializer,
86 final SSLSessionVerifier verifier) {
87 this(sslContext, securePortStrategy, null, initializer, verifier);
88 }
89
90
91
92
93 @Deprecated
94 public H2ServerTlsStrategy(
95 final SSLContext sslContext,
96 final org.apache.hc.core5.http.nio.ssl.SecurePortStrategy securePortStrategy,
97 final SSLSessionVerifier verifier) {
98 this(sslContext, securePortStrategy, null, null, verifier);
99 }
100
101
102
103
104 @Deprecated
105 public H2ServerTlsStrategy(final SSLContext sslContext,
106 final org.apache.hc.core5.http.nio.ssl.SecurePortStrategy securePortStrategy) {
107 this(sslContext, securePortStrategy, null, null, null);
108 }
109
110
111
112
113 @Deprecated
114 public H2ServerTlsStrategy(final int... securePorts) {
115 this(SSLContexts.createSystemDefault(), new org.apache.hc.core5.http.nio.ssl.FixedPortStrategy(securePorts));
116 }
117
118 public H2ServerTlsStrategy(
119 final SSLContext sslContext,
120 final SSLBufferMode sslBufferMode,
121 final SSLSessionInitializer initializer,
122 final SSLSessionVerifier verifier) {
123 this.sslContext = Args.notNull(sslContext, "SSL context");
124 this.sslBufferMode = sslBufferMode;
125 this.initializer = initializer;
126 this.verifier = verifier;
127 this.securePortStrategy = null;
128 }
129
130 public H2ServerTlsStrategy(
131 final SSLContext sslContext,
132 final SSLSessionInitializer initializer,
133 final SSLSessionVerifier verifier) {
134 this(sslContext, (SSLBufferMode) null, initializer, verifier);
135 }
136
137 public H2ServerTlsStrategy(final SSLContext sslContext, final SSLSessionVerifier verifier) {
138 this(sslContext, (SSLBufferMode) null, null, verifier);
139 }
140
141 public H2ServerTlsStrategy(final SSLContext sslContext) {
142 this(sslContext, (SSLBufferMode) null, null, null);
143 }
144
145 public H2ServerTlsStrategy() {
146 this(SSLContexts.createSystemDefault());
147 }
148
149 private boolean isApplicable(final SocketAddress localAddress) {
150 return securePortStrategy == null || securePortStrategy.isSecure(localAddress);
151 }
152
153 @Override
154 public void upgrade(
155 final TransportSecurityLayer tlsSession,
156 final NamedEndpoint endpoint,
157 final Object attachment,
158 final Timeout handshakeTimeout,
159 final FutureCallback<TransportSecurityLayer> callback) {
160 tlsSession.startTls(
161 sslContext,
162 endpoint,
163 sslBufferMode,
164 H2TlsSupport.enforceRequirements(attachment, initializer),
165 verifier,
166 handshakeTimeout,
167 callback);
168 }
169
170
171
172
173 @Deprecated
174 @Override
175 public boolean upgrade(
176 final TransportSecurityLayer tlsSession,
177 final HttpHost host,
178 final SocketAddress localAddress,
179 final SocketAddress remoteAddress,
180 final Object attachment,
181 final Timeout handshakeTimeout) {
182 if (isApplicable(localAddress)) {
183 upgrade(tlsSession, host, attachment, handshakeTimeout, null);
184 return true;
185 }
186 return false;
187 }
188 }