View Javadoc
1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  
28  package org.apache.hc.client5.http.ssl;
29  
30  import javax.net.ssl.HostnameVerifier;
31  import javax.net.ssl.SSLContext;
32  import javax.net.ssl.SSLEngine;
33  import javax.net.ssl.SSLParameters;
34  
35  import org.apache.hc.core5.annotation.Contract;
36  import org.apache.hc.core5.annotation.ThreadingBehavior;
37  import org.apache.hc.core5.function.Factory;
38  import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
39  import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
40  import org.apache.hc.core5.reactor.ssl.TlsDetails;
41  import org.apache.hc.core5.ssl.SSLContexts;
42  
43  /**
44   * TLS upgrade strategy for non-blocking client connections.
45   *
46   * @since 5.0
47   */
48  @Contract(threading = ThreadingBehavior.STATELESS)
49  public class DefaultClientTlsStrategy extends AbstractClientTlsStrategy {
50  
51      /**
52       * @since 5.4
53       */
54      public static DefaultClientTlsStrategy createDefault() {
55          return new DefaultClientTlsStrategy(
56                  SSLContexts.createDefault(),
57                  HostnameVerificationPolicy.BOTH,
58                  HttpsSupport.getDefaultHostnameVerifier());
59      }
60  
61      /**
62       * @since 5.4
63       */
64      public static DefaultClientTlsStrategy createSystemDefault() {
65          return new DefaultClientTlsStrategy(
66                  SSLContexts.createSystemDefault(),
67                  HttpsSupport.getSystemProtocols(),
68                  HttpsSupport.getSystemCipherSuits(),
69                  SSLBufferMode.STATIC,
70                  HostnameVerificationPolicy.BOTH,
71                  HttpsSupport.getDefaultHostnameVerifier());
72      }
73  
74      /**
75       * @deprecated Use {@link #createDefault()}.
76       */
77      @Deprecated
78      public static TlsStrategy getDefault() {
79          return createDefault();
80      }
81  
82      /**
83       * @deprecated Use {@link #createSystemDefault()}.
84       */
85      @Deprecated
86      public static TlsStrategy getSystemDefault() {
87          return createSystemDefault();
88      }
89  
90      /**
91       * @deprecated To be removed.
92       */
93      @Deprecated
94      private Factory<SSLEngine, TlsDetails> tlsDetailsFactory;
95  
96      /**
97       * @deprecated Use {@link DefaultClientTlsStrategy#DefaultClientTlsStrategy(SSLContext, String[], String[], SSLBufferMode, HostnameVerifier)}
98       */
99      @Deprecated
100     public DefaultClientTlsStrategy(
101             final SSLContext sslContext,
102             final String[] supportedProtocols,
103             final String[] supportedCipherSuites,
104             final SSLBufferMode sslBufferManagement,
105             final HostnameVerifier hostnameVerifier,
106             final Factory<SSLEngine, TlsDetails> tlsDetailsFactory) {
107         super(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, HostnameVerificationPolicy.CLIENT, hostnameVerifier);
108         this.tlsDetailsFactory = tlsDetailsFactory;
109     }
110 
111     /**
112      * @since 5.4
113      */
114     public DefaultClientTlsStrategy(
115             final SSLContext sslContext,
116             final String[] supportedProtocols,
117             final String[] supportedCipherSuites,
118             final SSLBufferMode sslBufferManagement,
119             final HostnameVerificationPolicy hostnameVerificationPolicy,
120             final HostnameVerifier hostnameVerifier) {
121         super(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, hostnameVerificationPolicy, hostnameVerifier);
122     }
123 
124     public DefaultClientTlsStrategy(
125             final SSLContext sslContext,
126             final String[] supportedProtocols,
127             final String[] supportedCipherSuites,
128             final SSLBufferMode sslBufferManagement,
129             final HostnameVerifier hostnameVerifier) {
130         this(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, HostnameVerificationPolicy.CLIENT, hostnameVerifier);
131     }
132 
133     public DefaultClientTlsStrategy(
134             final SSLContext sslContext,
135             final HostnameVerifier hostnameVerifier) {
136         this(sslContext, null, null, SSLBufferMode.STATIC, hostnameVerifier);
137     }
138 
139     /**
140      * @since 5.4
141      */
142     public DefaultClientTlsStrategy(
143             final SSLContext sslContext,
144             final HostnameVerificationPolicy hostnameVerificationPolicy,
145             final HostnameVerifier hostnameVerifier) {
146         this(sslContext, null, null, SSLBufferMode.STATIC, hostnameVerificationPolicy, hostnameVerifier);
147     }
148 
149     public DefaultClientTlsStrategy(final SSLContext sslContext) {
150         this(sslContext, HttpsSupport.getDefaultHostnameVerifier());
151     }
152 
153     @Override
154     void applyParameters(final SSLEngine sslEngine, final SSLParameters sslParameters, final String[] appProtocols) {
155         sslParameters.setApplicationProtocols(appProtocols);
156         sslEngine.setSSLParameters(sslParameters);
157     }
158 
159     @Override
160     @SuppressWarnings("deprecated")
161     TlsDetails createTlsDetails(final SSLEngine sslEngine) {
162         return tlsDetailsFactory != null ? tlsDetailsFactory.create(sslEngine) : null;
163     }
164 
165 }