-
-
Save anonymous/cc11a4806512c3be3c98 to your computer and use it in GitHub Desktop.
AHC SSLContext.createSSLEngine(String, int)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/GrizzlyAsyncHttpProvider.java b/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/GrizzlyAsyncHttpProvider.java | |
index a7d2210..244caf8 100644 | |
--- a/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/GrizzlyAsyncHttpProvider.java | |
+++ b/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/GrizzlyAsyncHttpProvider.java | |
@@ -73,6 +73,7 @@ | |
import java.util.concurrent.ExecutorService; | |
import java.util.concurrent.TimeUnit; | |
import java.util.concurrent.TimeoutException; | |
+import org.asynchttpclient.providers.grizzly.filters.HostPortAwareSSLEngineConfigurator; | |
/** | |
* A Grizzly 2.0-based implementation of {@link AsyncHttpProvider}. | |
@@ -257,7 +258,7 @@ | |
throw new IllegalStateException(e); | |
} | |
} | |
- final SSLEngineConfigurator configurator = new SSLEngineConfigurator(context, true, false, false); | |
+ final SSLEngineConfigurator configurator = new HostPortAwareSSLEngineConfigurator(context, true, false, false); | |
final SwitchingSSLFilter filter = new SwitchingSSLFilter(configurator); | |
secure.add(filter); | |
GrizzlyAsyncHttpProviderConfig providerConfig = (GrizzlyAsyncHttpProviderConfig) clientConfig.getAsyncHttpProviderConfig(); | |
diff --git a/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/filters/HostPortAwareSSLEngineConfigurator.java b/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/filters/HostPortAwareSSLEngineConfigurator.java | |
new file mode 100644 | |
index 0000000..c3ff4d0 | |
--- /dev/null | |
+++ b/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/filters/HostPortAwareSSLEngineConfigurator.java | |
@@ -0,0 +1,48 @@ | |
+/* | |
+ * To change this license header, choose License Headers in Project Properties. | |
+ * To change this template file, choose Tools | Templates | |
+ * and open the template in the editor. | |
+ */ | |
+ | |
+package org.asynchttpclient.providers.grizzly.filters; | |
+ | |
+import javax.net.ssl.SSLContext; | |
+import javax.net.ssl.SSLEngine; | |
+import org.glassfish.grizzly.ssl.SSLContextConfigurator; | |
+import org.glassfish.grizzly.ssl.SSLEngineConfigurator; | |
+ | |
+public class HostPortAwareSSLEngineConfigurator extends SSLEngineConfigurator { | |
+ | |
+ public HostPortAwareSSLEngineConfigurator(final SSLContext context, | |
+ final boolean clientMode, final boolean needClientAuth, | |
+ final boolean wantClientAuth) { | |
+ super(context, clientMode, needClientAuth, wantClientAuth); | |
+ } | |
+ | |
+ | |
+ /** | |
+ * Create and configure {@link SSLEngine} using this context configuration | |
+ * using advisory peer information. | |
+ * <P> | |
+ * Applications using this factory method are providing hints | |
+ * for an internal session reuse strategy. | |
+ * <P> | |
+ * Some cipher suites (such as Kerberos) require remote hostname | |
+ * information, in which case peerHost needs to be specified. | |
+ * | |
+ * @param peerHost the non-authoritative name of the host | |
+ * @param peerPort the non-authoritative port | |
+ * | |
+ * @return {@link SSLEngine}. | |
+ */ | |
+ public SSLEngine createSSLEngine(final String peerHost, final int peerPort) { | |
+ final SSLEngine sslEngine = getSslContext().createSSLEngine(peerHost, peerPort); | |
+ configure(sslEngine); | |
+ | |
+ return sslEngine; | |
+ } | |
+} | |
diff --git a/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/filters/SwitchingSSLFilter.java b/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/filters/SwitchingSSLFilter.java | |
index 3085c95..84dbf91 100644 | |
--- a/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/filters/SwitchingSSLFilter.java | |
+++ b/providers/grizzly/src/main/java/org/asynchttpclient/providers/grizzly/filters/SwitchingSSLFilter.java | |
@@ -30,6 +30,9 @@ | |
import javax.net.ssl.SSLHandshakeException; | |
import java.io.IOException; | |
+import org.glassfish.grizzly.CompletionHandler; | |
+import org.glassfish.grizzly.ssl.SSLConnectionContext; | |
+import org.glassfish.grizzly.ssl.SSLUtils; | |
/** | |
* SSL Filter that may be present within the FilterChain and may be | |
@@ -143,6 +146,26 @@ | |
return HANDSHAKE_ERROR.remove(c); | |
} | |
+ @Override | |
+ protected void handshake(final Connection<?> connection, | |
+ final CompletionHandler<SSLEngine> completionHandler, | |
+ final Object dstAddress, SSLEngineConfigurator sslEngineConfigurator, | |
+ final FilterChainContext context) throws IOException { | |
+ | |
+ SSLEngine sslEngine = SSLUtils.getSSLEngine(connection); | |
+ if (sslEngine == null) { | |
+ sslEngine = ((HostPortAwareSSLEngineConfigurator) sslEngineConfigurator) | |
+ .createSSLEngine(HOST, PORT); | |
+ final SSLConnectionContext sslCtx = new SSLConnectionContext(connection); | |
+ sslCtx.configure(sslEngine); | |
+ sslCtx.attach(); | |
+ } | |
+ | |
+ super.handshake(connection, completionHandler, dstAddress, sslEngineConfigurator, | |
+ context); | |
+ } | |
+ | |
+ | |
// --------------------------------------------------------- Private Methods | |
private static boolean isSecure(final Connection c) { |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment