View Javadoc
1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  
28  package org.apache.hc.client5.http.config;
29  
30  import java.util.Arrays;
31  import java.util.concurrent.TimeUnit;
32  
33  import org.apache.hc.core5.annotation.Contract;
34  import org.apache.hc.core5.annotation.ThreadingBehavior;
35  import org.apache.hc.core5.http.ssl.TLS;
36  import org.apache.hc.core5.http2.HttpVersionPolicy;
37  import org.apache.hc.core5.util.Timeout;
38  
39  /**
40   * Immutable class encapsulating TLS protocol settings.
41   *
42   * @since 5.2
43   */
44  @Contract(threading = ThreadingBehavior.IMMUTABLE)
45  public class TlsConfig implements Cloneable {
46  
47      public static final TlsConfig DEFAULT = new Builder().build();
48  
49      private final Timeout handshakeTimeout;
50      private final String[] supportedProtocols;
51      private final String[] supportedCipherSuites;
52      private final HttpVersionPolicy httpVersionPolicy;
53  
54      /**
55       * Intended for CDI compatibility
56       */
57      protected TlsConfig() {
58          this(null, null, null, null);
59      }
60  
61      TlsConfig(
62              final Timeout handshakeTimeout,
63              final String[] supportedProtocols,
64              final String[] supportedCipherSuites,
65              final HttpVersionPolicy httpVersionPolicy) {
66          super();
67          this.handshakeTimeout = handshakeTimeout;
68          this.supportedProtocols = supportedProtocols;
69          this.supportedCipherSuites = supportedCipherSuites;
70          this.httpVersionPolicy = httpVersionPolicy;
71      }
72  
73      /**
74       * @see Builder#setHandshakeTimeout(Timeout)
75       */
76      public Timeout getHandshakeTimeout() {
77          return handshakeTimeout;
78      }
79  
80      /**
81       * @see Builder#setSupportedProtocols(String...)
82       */
83      public String[] getSupportedProtocols() {
84          return supportedProtocols != null ? supportedProtocols.clone() : null;
85      }
86  
87      /**
88       * @see Builder#setSupportedCipherSuites(String...)
89       */
90      public String[] getSupportedCipherSuites() {
91          return supportedCipherSuites != null ? supportedCipherSuites.clone() : null;
92      }
93  
94      /**
95       * @see Builder#setVersionPolicy(HttpVersionPolicy)
96       */
97      public HttpVersionPolicy getHttpVersionPolicy() {
98          return httpVersionPolicy;
99      }
100 
101     @Override
102     protected TlsConfig clone() throws CloneNotSupportedException {
103         return (TlsConfig) super.clone();
104     }
105 
106     @Override
107     public String toString() {
108         final StringBuilder builder = new StringBuilder();
109         builder.append("[");
110         builder.append("handshakeTimeout=").append(handshakeTimeout);
111         builder.append(", supportedProtocols=").append(Arrays.toString(supportedProtocols));
112         builder.append(", supportedCipherSuites=").append(Arrays.toString(supportedCipherSuites));
113         builder.append(", httpVersionPolicy=").append(httpVersionPolicy);
114         builder.append("]");
115         return builder.toString();
116     }
117 
118     public static TlsConfig.Builder custom() {
119         return new Builder();
120     }
121 
122     public static TlsConfig.Builder copy(final TlsConfig config) {
123         return new Builder()
124                 .setHandshakeTimeout(config.getHandshakeTimeout())
125                 .setSupportedProtocols(config.getSupportedProtocols())
126                 .setSupportedCipherSuites(config.getSupportedCipherSuites())
127                 .setVersionPolicy(config.getHttpVersionPolicy());
128     }
129 
130     public static class Builder {
131 
132         private Timeout handshakeTimeout;
133         private String[] supportedProtocols;
134         private String[] supportedCipherSuites;
135         private HttpVersionPolicy versionPolicy;
136 
137         /**
138          * Determines the timeout used by TLS session negotiation exchanges (session handshake).
139          * <p>
140          * A timeout value of zero is interpreted as an infinite timeout.
141          * </p>
142          * <p>
143          * Default: {@code null} (undefined)
144          * </p>
145          */
146         public Builder setHandshakeTimeout(final Timeout handshakeTimeout) {
147             this.handshakeTimeout = handshakeTimeout;
148             return this;
149         }
150 
151         /**
152          * @see #setHandshakeTimeout(Timeout)
153          */
154         public Builder setHandshakeTimeout(final long handshakeTimeout, final TimeUnit timeUnit) {
155             this.handshakeTimeout = Timeout.of(handshakeTimeout, timeUnit);
156             return this;
157         }
158 
159         /**
160          * Determines supported TLS protocols.
161          * <p>
162          * Default: {@code null} (undefined)
163          * </p>
164          */
165         public Builder setSupportedProtocols(final String... supportedProtocols) {
166             this.supportedProtocols = supportedProtocols;
167             return this;
168         }
169 
170         /**
171          * Determines supported TLS protocols.
172          * <p>
173          * Default: {@code null} (undefined)
174          * </p>
175          */
176         public Builder setSupportedProtocols(final TLS... supportedProtocols) {
177             this.supportedProtocols = new String[supportedProtocols.length];
178             for (int i = 0; i < supportedProtocols.length; i++) {
179                 final TLS protocol = supportedProtocols[i];
180                 if (protocol != null) {
181                     this.supportedProtocols[i] = protocol.id;
182                 }
183             }
184             return this;
185         }
186 
187         /**
188          * Determines supported cipher suites.
189          * <p>
190          * Default: {@code null} (undefined)
191          * </p>
192          */
193         public Builder setSupportedCipherSuites(final String... supportedCipherSuites) {
194             this.supportedCipherSuites = supportedCipherSuites;
195             return this;
196         }
197 
198         /**
199          * Determines the HTTP protocol policy. By default, connections are expected to use TLS ALPN
200          * extension to negotiate the application protocol to be used by both endpoints.
201          * <p>
202          * Default: {@link HttpVersionPolicy#NEGOTIATE}
203          * </p>
204          */
205         public Builder setVersionPolicy(final HttpVersionPolicy versionPolicy) {
206             this.versionPolicy = versionPolicy;
207             return this;
208         }
209 
210         public TlsConfig build() {
211             return new TlsConfig(
212                     handshakeTimeout,
213                     supportedProtocols,
214                     supportedCipherSuites,
215                     versionPolicy != null ? versionPolicy : HttpVersionPolicy.NEGOTIATE);
216         }
217 
218     }
219 
220 }