1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http2.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33
34 import org.apache.hc.core5.http.HttpHost;
35 import org.apache.hc.core5.http.nio.ssl.FixedPortStrategy;
36 import org.apache.hc.core5.http.nio.ssl.SecurePortStrategy;
37 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
38 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
39 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
40 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
41 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
42 import org.apache.hc.core5.ssl.SSLContexts;
43 import org.apache.hc.core5.util.Args;
44 import org.apache.hc.core5.util.Timeout;
45
46
47
48
49
50
51
52 public class H2ServerTlsStrategy implements TlsStrategy {
53
54 private final SSLContext sslContext;
55 private final SecurePortStrategy securePortStrategy;
56 private final SSLBufferMode sslBufferMode;
57 private final SSLSessionInitializer initializer;
58 private final SSLSessionVerifier verifier;
59
60 public H2ServerTlsStrategy(
61 final SSLContext sslContext,
62 final SecurePortStrategy securePortStrategy,
63 final SSLBufferMode sslBufferMode,
64 final SSLSessionInitializer initializer,
65 final SSLSessionVerifier verifier) {
66 this.sslContext = Args.notNull(sslContext, "SSL context");
67 this.securePortStrategy = securePortStrategy;
68 this.sslBufferMode = sslBufferMode;
69 this.initializer = initializer;
70 this.verifier = verifier;
71 }
72
73 public H2ServerTlsStrategy(
74 final SSLContext sslContext,
75 final SecurePortStrategy securePortStrategy,
76 final SSLSessionInitializer initializer,
77 final SSLSessionVerifier verifier) {
78 this(sslContext, securePortStrategy, null, initializer, verifier);
79 }
80
81 public H2ServerTlsStrategy(
82 final SSLContext sslContext,
83 final SecurePortStrategy securePortStrategy,
84 final SSLSessionVerifier verifier) {
85 this(sslContext, securePortStrategy, null, null, verifier);
86 }
87
88 public H2ServerTlsStrategy(final SSLContext sslContext, final SecurePortStrategy securePortStrategy) {
89 this(sslContext, securePortStrategy, null, null, null);
90 }
91
92 public H2ServerTlsStrategy(final int... securePorts) {
93 this(SSLContexts.createSystemDefault(), new FixedPortStrategy(securePorts));
94 }
95
96 @Override
97 public boolean upgrade(
98 final TransportSecurityLayer tlsSession,
99 final HttpHost host,
100 final SocketAddress localAddress,
101 final SocketAddress remoteAddress,
102 final Object attachment,
103 final Timeout handshakeTimeout) {
104 if (securePortStrategy != null && securePortStrategy.isSecure(localAddress)) {
105 tlsSession.startTls(
106 sslContext,
107 host,
108 sslBufferMode,
109 H2TlsSupport.enforceRequirements(attachment, initializer),
110 verifier,
111 handshakeTimeout);
112 return true;
113 }
114 return false;
115 }
116
117 }