andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
2993760e92
netty5/codec-http2/src/main/java/io/netty/handler/codec/http2/Http2SecurityUtil.java

68 lines
3.0 KiB
Java
Raw Normal View History

Back port HTTP/2 codec from master to 4.1 Motivation: HTTP/2 codec was implemented in master branch. Since, master is not yet stable and will be some time before it gets released, backporting it to 4.1, enables people to use the codec with a stable netty version. Modification: The code has been copied from master branch as is, with minor modifications to suit the `ChannelHandler` API in 4.x. Apart from that change, there are two backward incompatible API changes included, namely, - Added an abstract method: `public abstract Map.Entry<CharSequence, CharSequence> forEachEntry(EntryVisitor<CharSequence> visitor) throws Exception;` to `HttpHeaders` and implemented the same in `DefaultHttpHeaders` as a delegate to the internal `TextHeader` instance. - Added a method: `FullHttpMessage copy(ByteBuf newContent);` in `FullHttpMessage` with the implementations copied from relevant places in the master branch. - Added missing abstract method related to setting/adding short values to `HttpHeaders` Result: HTTP/2 codec can be used with netty 4.1
2015-01-20 01:48:11 +01:00
/*
* Copyright 2014 The Netty Project
*
* The Netty Project licenses this file to you under the Apache License,
* version 2.0 (the "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
package io.netty.handler.codec.http2;
[#5088] Add annotation which marks packages/interfaces/classes as unstable Motivation: Some codecs should be considered unstable as these are relative new. For this purpose we should introduce an annotation which these codecs should us to be marked as unstable in terms of API. Modifications: - Add UnstableApi annotation and use it on codecs that are not stable - Move http2.hpack to http2.internal.hpack as it is internal. Result: Better document unstable APIs.
2016-04-12 14:22:41 +02:00
import io.netty.util.internal.UnstableApi;
Back port HTTP/2 codec from master to 4.1 Motivation: HTTP/2 codec was implemented in master branch. Since, master is not yet stable and will be some time before it gets released, backporting it to 4.1, enables people to use the codec with a stable netty version. Modification: The code has been copied from master branch as is, with minor modifications to suit the `ChannelHandler` API in 4.x. Apart from that change, there are two backward incompatible API changes included, namely, - Added an abstract method: `public abstract Map.Entry<CharSequence, CharSequence> forEachEntry(EntryVisitor<CharSequence> visitor) throws Exception;` to `HttpHeaders` and implemented the same in `DefaultHttpHeaders` as a delegate to the internal `TextHeader` instance. - Added a method: `FullHttpMessage copy(ByteBuf newContent);` in `FullHttpMessage` with the implementations copied from relevant places in the master branch. - Added missing abstract method related to setting/adding short values to `HttpHeaders` Result: HTTP/2 codec can be used with netty 4.1
2015-01-20 01:48:11 +01:00
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
/**
* Provides utilities related to security requirements specific to HTTP/2.
*/
[#5088] Add annotation which marks packages/interfaces/classes as unstable Motivation: Some codecs should be considered unstable as these are relative new. For this purpose we should introduce an annotation which these codecs should us to be marked as unstable in terms of API. Modifications: - Add UnstableApi annotation and use it on codecs that are not stable - Move http2.hpack to http2.internal.hpack as it is internal. Result: Better document unstable APIs.
2016-04-12 14:22:41 +02:00
@UnstableApi
Back port HTTP/2 codec from master to 4.1 Motivation: HTTP/2 codec was implemented in master branch. Since, master is not yet stable and will be some time before it gets released, backporting it to 4.1, enables people to use the codec with a stable netty version. Modification: The code has been copied from master branch as is, with minor modifications to suit the `ChannelHandler` API in 4.x. Apart from that change, there are two backward incompatible API changes included, namely, - Added an abstract method: `public abstract Map.Entry<CharSequence, CharSequence> forEachEntry(EntryVisitor<CharSequence> visitor) throws Exception;` to `HttpHeaders` and implemented the same in `DefaultHttpHeaders` as a delegate to the internal `TextHeader` instance. - Added a method: `FullHttpMessage copy(ByteBuf newContent);` in `FullHttpMessage` with the implementations copied from relevant places in the master branch. - Added missing abstract method related to setting/adding short values to `HttpHeaders` Result: HTTP/2 codec can be used with netty 4.1
2015-01-20 01:48:11 +01:00
public final class Http2SecurityUtil {
/**
* The following list is derived from <a
* href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html">SunJSSE Supported
* Ciphers</a> and <a
* href="https://wiki.mozilla.org/Security/Server_Side_TLS#Non-Backward_Compatible_Ciphersuite">Mozilla Cipher
* Suites</a> in accordance with the <a
* href="https://tools.ietf.org/html/draft-ietf-httpbis-http2-16#section-9.2.2">HTTP/2 Specification</a>.
*/
public static final List<String> CIPHERS;
private static final List<String> CIPHERS_JAVA_MOZILLA_INCREASED_SECURITY = Collections.unmodifiableList(Arrays
.asList(
/* Java 8 */
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", /* openssl = ECDHE-ECDSA-AES256-GCM-SHA384 */
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", /* openssl = ECDHE-ECDSA-AES128-GCM-SHA256 */
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", /* openssl = ECDHE-RSA-AES256-GCM-SHA384 */
/* REQUIRED BY HTTP/2 SPEC */
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", /* openssl = ECDHE-RSA-AES128-GCM-SHA256 */
/* REQUIRED BY HTTP/2 SPEC */
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", /* openssl = DHE-RSA-AES128-GCM-SHA256 */
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256" /* openssl = DHE-DSS-AES128-GCM-SHA256 */));
private static final List<String> CIPHERS_JAVA_NO_MOZILLA_INCREASED_SECURITY = Collections.unmodifiableList(Arrays
.asList(
/* Java 8 */
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", /* openssl = DHE-RSA-AES256-GCM-SHA384 */
"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384" /* openssl = DHE-DSS-AES256-GCM-SHA384 */));
static {
List<String> ciphers = new ArrayList<String>(CIPHERS_JAVA_MOZILLA_INCREASED_SECURITY.size()
+ CIPHERS_JAVA_NO_MOZILLA_INCREASED_SECURITY.size());
ciphers.addAll(CIPHERS_JAVA_MOZILLA_INCREASED_SECURITY);
ciphers.addAll(CIPHERS_JAVA_NO_MOZILLA_INCREASED_SECURITY);
CIPHERS = Collections.unmodifiableList(ciphers);
}
private Http2SecurityUtil() { }
}
Reference in New Issue Copy Permalink