1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http2.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33
34 import org.apache.hc.core5.http.HttpHost;
35 import org.apache.hc.core5.http.URIScheme;
36 import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
37 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
38 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
39 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
40 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
41 import org.apache.hc.core5.ssl.SSLContexts;
42 import org.apache.hc.core5.util.Args;
43 import org.apache.hc.core5.util.Timeout;
44
45
46
47
48
49
50
51 public class H2ClientTlsStrategy implements TlsStrategy {
52
53 private final SSLContext sslContext;
54 private final SSLBufferMode sslBufferMode;
55 private final SSLSessionInitializer initializer;
56 private final SSLSessionVerifier verifier;
57
58 public H2ClientTlsStrategy(
59 final SSLContext sslContext,
60 final SSLBufferMode sslBufferMode,
61 final SSLSessionInitializer initializer,
62 final SSLSessionVerifier verifier) {
63 this.sslContext = Args.notNull(sslContext, "SSL context");
64 this.sslBufferMode = sslBufferMode;
65 this.initializer = initializer;
66 this.verifier = verifier;
67 }
68
69 public H2ClientTlsStrategy(
70 final SSLContext sslContext,
71 final SSLSessionInitializer initializer,
72 final SSLSessionVerifier verifier) {
73 this(sslContext, null, initializer, verifier);
74 }
75
76 public H2ClientTlsStrategy(
77 final SSLContext sslContext,
78 final SSLSessionVerifier verifier) {
79 this(sslContext, null, null, verifier);
80 }
81
82 public H2ClientTlsStrategy(final SSLContext sslContext) {
83 this(sslContext, null, null, null);
84 }
85
86 public H2ClientTlsStrategy() {
87 this(SSLContexts.createSystemDefault());
88 }
89
90 @Override
91 public boolean upgrade(
92 final TransportSecurityLayer tlsSession,
93 final HttpHost host,
94 final SocketAddress localAddress,
95 final SocketAddress remoteAddress,
96 final Object attachment,
97 final Timeout handshakeTimeout) {
98 final String scheme = host != null ? host.getSchemeName() : null;
99 if (URIScheme.HTTPS.same(scheme)) {
100 tlsSession.startTls(
101 sslContext,
102 host,
103 sslBufferMode,
104 H2TlsSupport.enforceRequirements(attachment, initializer),
105 verifier,
106 handshakeTimeout);
107 return true;
108 }
109 return false;
110 }
111
112 }