1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http.nio.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33
34 import org.apache.hc.core5.http.HttpHost;
35 import org.apache.hc.core5.http.URIScheme;
36 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
37 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
38 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
39 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
40 import org.apache.hc.core5.ssl.SSLContexts;
41 import org.apache.hc.core5.util.Args;
42 import org.apache.hc.core5.util.Timeout;
43
44
45
46
47
48
49
50 public class BasicClientTlsStrategy implements TlsStrategy {
51
52 private final SSLContext sslContext;
53 private final SSLBufferMode sslBufferMode;
54 private final SSLSessionInitializer initializer;
55 private final SSLSessionVerifier verifier;
56
57 public BasicClientTlsStrategy(
58 final SSLContext sslContext,
59 final SSLBufferMode sslBufferMode,
60 final SSLSessionInitializer initializer,
61 final SSLSessionVerifier verifier) {
62 this.sslContext = Args.notNull(sslContext, "SSL context");
63 this.sslBufferMode = sslBufferMode;
64 this.initializer = initializer;
65 this.verifier = verifier;
66 }
67
68 public BasicClientTlsStrategy(
69 final SSLContext sslContext,
70 final SSLSessionInitializer initializer,
71 final SSLSessionVerifier verifier) {
72 this(sslContext, null, initializer, verifier);
73 }
74
75 public BasicClientTlsStrategy(
76 final SSLContext sslContext,
77 final SSLSessionVerifier verifier) {
78 this(sslContext, null, null, verifier);
79 }
80
81 public BasicClientTlsStrategy(final SSLContext sslContext) {
82 this(sslContext, null, null, null);
83 }
84
85 public BasicClientTlsStrategy() {
86 this(SSLContexts.createSystemDefault());
87 }
88
89 @Override
90 public boolean upgrade(
91 final TransportSecurityLayer tlsSession,
92 final HttpHost host,
93 final SocketAddress localAddress,
94 final SocketAddress remoteAddress,
95 final Object attachment,
96 final Timeout handshakeTimeout) {
97 final String scheme = host != null ? host.getSchemeName() : null;
98 if (URIScheme.HTTPS.same(scheme)) {
99 tlsSession.startTls(sslContext, host, sslBufferMode,
100 TlsSupport.enforceStrongSecurity(initializer), verifier, handshakeTimeout);
101 return true;
102 }
103 return false;
104 }
105
106 }