1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 package org.apache.hc.core5.http.nio.ssl;
29
30 import java.net.SocketAddress;
31
32 import javax.net.ssl.SSLContext;
33
34 import org.apache.hc.core5.http.HttpHost;
35 import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
36 import org.apache.hc.core5.reactor.ssl.SSLSessionInitializer;
37 import org.apache.hc.core5.reactor.ssl.SSLSessionVerifier;
38 import org.apache.hc.core5.reactor.ssl.TransportSecurityLayer;
39 import org.apache.hc.core5.ssl.SSLContexts;
40 import org.apache.hc.core5.util.Args;
41 import org.apache.hc.core5.util.Timeout;
42
43
44
45
46
47
48
49 public class BasicServerTlsStrategy implements TlsStrategy {
50
51 private final SSLContext sslContext;
52 @SuppressWarnings("deprecation")
53 private final SecurePortStrategy securePortStrategy;
54 private final SSLBufferMode sslBufferMode;
55 private final SSLSessionInitializer initializer;
56 private final SSLSessionVerifier verifier;
57
58
59
60
61 @Deprecated
62 public BasicServerTlsStrategy(
63 final SSLContext sslContext,
64 final SecurePortStrategy securePortStrategy,
65 final SSLBufferMode sslBufferMode,
66 final SSLSessionInitializer initializer,
67 final SSLSessionVerifier verifier) {
68 this.sslContext = Args.notNull(sslContext, "SSL context");
69 this.securePortStrategy = securePortStrategy;
70 this.sslBufferMode = sslBufferMode;
71 this.initializer = initializer;
72 this.verifier = verifier;
73 }
74
75
76
77
78 @Deprecated
79 public BasicServerTlsStrategy(
80 final SSLContext sslContext,
81 final SecurePortStrategy securePortStrategy,
82 final SSLSessionInitializer initializer,
83 final SSLSessionVerifier verifier) {
84 this(sslContext, securePortStrategy, null, initializer, verifier);
85 }
86
87
88
89
90 @Deprecated
91 public BasicServerTlsStrategy(
92 final SSLContext sslContext,
93 final SecurePortStrategy securePortStrategy,
94 final SSLSessionVerifier verifier) {
95 this(sslContext, securePortStrategy, null, null, verifier);
96 }
97
98
99
100
101 @Deprecated
102 public BasicServerTlsStrategy(final SSLContext sslContext, final SecurePortStrategy securePortStrategy) {
103 this(sslContext, securePortStrategy, null, null, null);
104 }
105
106
107
108
109 @Deprecated
110 public BasicServerTlsStrategy(final SecurePortStrategy securePortStrategy) {
111 this(SSLContexts.createSystemDefault(), securePortStrategy);
112 }
113
114 public BasicServerTlsStrategy(
115 final SSLContext sslContext,
116 final SSLBufferMode sslBufferMode,
117 final SSLSessionInitializer initializer,
118 final SSLSessionVerifier verifier) {
119 this.sslContext = Args.notNull(sslContext, "SSL context");
120 this.sslBufferMode = sslBufferMode;
121 this.initializer = initializer;
122 this.verifier = verifier;
123 this.securePortStrategy = null;
124 }
125
126 public BasicServerTlsStrategy(
127 final SSLContext sslContext,
128 final SSLSessionInitializer initializer,
129 final SSLSessionVerifier verifier) {
130 this(sslContext, (SSLBufferMode) null, initializer, verifier);
131 }
132
133 public BasicServerTlsStrategy(
134 final SSLContext sslContext,
135 final SSLSessionVerifier verifier) {
136 this(sslContext, (SSLBufferMode) null, null, verifier);
137 }
138
139 public BasicServerTlsStrategy(final SSLContext sslContext) {
140 this(sslContext, null, null, null, null);
141 }
142
143 public BasicServerTlsStrategy() {
144 this(SSLContexts.createSystemDefault());
145 }
146
147 private boolean isApplicable(final SocketAddress localAddress) {
148 return securePortStrategy == null || securePortStrategy.isSecure(localAddress);
149 }
150
151 @Override
152 public boolean upgrade(
153 final TransportSecurityLayer tlsSession,
154 final HttpHost host,
155 final SocketAddress localAddress,
156 final SocketAddress remoteAddress,
157 final Object attachment,
158 final Timeout handshakeTimeout) {
159 if (isApplicable(localAddress)) {
160 tlsSession.startTls(sslContext, host, sslBufferMode,
161 TlsSupport.enforceStrongSecurity(initializer), verifier, handshakeTimeout);
162 return true;
163 }
164 return false;
165 }
166
167 }