1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http2.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33 import javax.net.ssl.SSLParameters;
34
35 import org.apache.hc.core5.concurrent.FutureCallback;
36 import org.apache.hc.core5.http.HttpHost;
37 import org.apache.hc.core5.http.URIScheme;
38 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
39 import org.apache.hc.core5.net.NamedEndpoint;
40 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
41 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
42 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
43 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
44 import org.apache.hc.core5.ssl.SSLContexts;
45 import org.apache.hc.core5.util.Args;
46 import org.apache.hc.core5.util.Timeout;
47
48
49
50
51
52
53
54 public class H2ClientTlsStrategy implements TlsStrategy {
55
56 private final SSLContext sslContext;
57 private final SSLBufferMode sslBufferMode;
58 private final SSLSessionInitializer initializer;
59 private final SSLSessionVerifier verifier;
60
61 public H2ClientTlsStrategy(
62 final SSLContext sslContext,
63 final SSLBufferMode sslBufferMode,
64 final SSLSessionInitializer initializer,
65 final SSLSessionVerifier verifier) {
66 this.sslContext = Args.notNull(sslContext, "SSL context");
67 this.sslBufferMode = sslBufferMode;
68 this.initializer = initializer;
69 this.verifier = verifier;
70 }
71
72 public H2ClientTlsStrategy(
73 final SSLContext sslContext,
74 final SSLSessionInitializer initializer,
75 final SSLSessionVerifier verifier) {
76 this(sslContext, null, initializer, verifier);
77 }
78
79 public H2ClientTlsStrategy(
80 final SSLContext sslContext,
81 final SSLSessionVerifier verifier) {
82 this(sslContext, null, null, verifier);
83 }
84
85 public H2ClientTlsStrategy(final SSLContext sslContext) {
86 this(sslContext, null, null, null);
87 }
88
89 public H2ClientTlsStrategy() {
90 this(SSLContexts.createSystemDefault());
91 }
92
93
94
95
96
97
98
99 public H2ClientTlsStrategy( final SSLSessionVerifier verifier) {
100 this(SSLContexts.createSystemDefault(), null, null, verifier);
101 }
102
103 @Override
104 public void upgrade(
105 final TransportSecurityLayer tlsSession,
106 final NamedEndpoint endpoint,
107 final Object attachment,
108 final Timeout handshakeTimeout,
109 final FutureCallback<TransportSecurityLayer> callback) {
110 tlsSession.startTls(
111 sslContext,
112 endpoint,
113 sslBufferMode,
114 (e, sslEngine) -> {
115 final SSLParameters sslParameters = sslEngine.getSSLParameters();
116 sslParameters.setEndpointIdentificationAlgorithm(URIScheme.HTTPS.id);
117 sslEngine.setSSLParameters(H2TlsSupport.enforceRequirements(attachment, sslParameters));
118 if (initializer != null) {
119 initializer.initialize(e, sslEngine);
120 }
121 },
122 verifier,
123 handshakeTimeout,
124 callback);
125 }
126
127
128
129
130 @Deprecated
131 @Override
132 public boolean upgrade(
133 final TransportSecurityLayer tlsSession,
134 final HttpHost host,
135 final SocketAddress localAddress,
136 final SocketAddress remoteAddress,
137 final Object attachment,
138 final Timeout handshakeTimeout) {
139 final String scheme = host != null ? host.getSchemeName() : null;
140 if (URIScheme.HTTPS.same(scheme)) {
141 upgrade(tlsSession, host, attachment, handshakeTimeout, null);
142 return true;
143 }
144 return false;
145 }
146
147 }