[#3531] Create SslContext.Builder
Motivation: SslContext factory methods have gotten out of control; it's past time to swap to a builder. Modifications: New Builder class. The existing factory methods must be left as-is for backward compatibility. Result: Fixes #3531
This commit is contained in:
parent
acb6902f68
commit
4d56028df5
@ -24,6 +24,7 @@ import io.netty.channel.nio.NioEventLoopGroup;
|
|||||||
import io.netty.channel.socket.SocketChannel;
|
import io.netty.channel.socket.SocketChannel;
|
||||||
import io.netty.channel.socket.nio.NioSocketChannel;
|
import io.netty.channel.socket.nio.NioSocketChannel;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -40,7 +41,8 @@ public final class DiscardClient {
|
|||||||
// Configure SSL.
|
// Configure SSL.
|
||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
sslCtx = SslContext.newClientContext(InsecureTrustManagerFactory.INSTANCE);
|
sslCtx = SslContextBuilder.forClient()
|
||||||
|
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -26,6 +26,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -41,7 +42,7 @@ public final class DiscardServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -25,6 +25,7 @@ import io.netty.channel.nio.NioEventLoopGroup;
|
|||||||
import io.netty.channel.socket.SocketChannel;
|
import io.netty.channel.socket.SocketChannel;
|
||||||
import io.netty.channel.socket.nio.NioSocketChannel;
|
import io.netty.channel.socket.nio.NioSocketChannel;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -44,7 +45,8 @@ public final class EchoClient {
|
|||||||
// Configure SSL.git
|
// Configure SSL.git
|
||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
sslCtx = SslContext.newClientContext(InsecureTrustManagerFactory.INSTANCE);
|
sslCtx = SslContextBuilder.forClient()
|
||||||
|
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -27,6 +27,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -42,7 +43,7 @@ public final class EchoServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -21,6 +21,7 @@ import io.netty.channel.EventLoopGroup;
|
|||||||
import io.netty.channel.nio.NioEventLoopGroup;
|
import io.netty.channel.nio.NioEventLoopGroup;
|
||||||
import io.netty.channel.socket.nio.NioSocketChannel;
|
import io.netty.channel.socket.nio.NioSocketChannel;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -38,7 +39,8 @@ public final class FactorialClient {
|
|||||||
// Configure SSL.
|
// Configure SSL.
|
||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
sslCtx = SslContext.newClientContext(InsecureTrustManagerFactory.INSTANCE);
|
sslCtx = SslContextBuilder.forClient()
|
||||||
|
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -22,6 +22,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -38,7 +39,7 @@ public final class FactorialServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -30,6 +30,7 @@ import io.netty.handler.codec.string.StringEncoder;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
import io.netty.handler.stream.ChunkedWriteHandler;
|
import io.netty.handler.stream.ChunkedWriteHandler;
|
||||||
import io.netty.util.CharsetUtil;
|
import io.netty.util.CharsetUtil;
|
||||||
@ -48,7 +49,7 @@ public final class FileServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -22,6 +22,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -80,7 +81,7 @@ public final class HttpCorsServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -23,6 +23,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.SslProvider;
|
import io.netty.handler.ssl.SslProvider;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
@ -36,7 +37,8 @@ public final class HttpStaticFileServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(SslProvider.JDK, ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
|
||||||
|
.sslProvider(SslProvider.JDK).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -24,6 +24,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -40,7 +41,7 @@ public final class HttpHelloWorldServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -29,6 +29,7 @@ import io.netty.handler.codec.http.HttpMethod;
|
|||||||
import io.netty.handler.codec.http.HttpRequest;
|
import io.netty.handler.codec.http.HttpRequest;
|
||||||
import io.netty.handler.codec.http.HttpVersion;
|
import io.netty.handler.codec.http.HttpVersion;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
@ -63,7 +64,8 @@ public final class HttpSnoopClient {
|
|||||||
final boolean ssl = "https".equalsIgnoreCase(scheme);
|
final boolean ssl = "https".equalsIgnoreCase(scheme);
|
||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (ssl) {
|
if (ssl) {
|
||||||
sslCtx = SslContext.newClientContext(InsecureTrustManagerFactory.INSTANCE);
|
sslCtx = SslContextBuilder.forClient()
|
||||||
|
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -23,6 +23,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -39,7 +40,7 @@ public final class HttpSnoopServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -38,6 +38,7 @@ import io.netty.handler.codec.http.multipart.HttpDataFactory;
|
|||||||
import io.netty.handler.codec.http.multipart.HttpPostRequestEncoder;
|
import io.netty.handler.codec.http.multipart.HttpPostRequestEncoder;
|
||||||
import io.netty.handler.codec.http.multipart.InterfaceHttpData;
|
import io.netty.handler.codec.http.multipart.InterfaceHttpData;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
@ -87,7 +88,8 @@ public final class HttpUploadClient {
|
|||||||
final boolean ssl = "https".equalsIgnoreCase(scheme);
|
final boolean ssl = "https".equalsIgnoreCase(scheme);
|
||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (ssl) {
|
if (ssl) {
|
||||||
sslCtx = SslContext.newClientContext(InsecureTrustManagerFactory.INSTANCE);
|
sslCtx = SslContextBuilder.forClient()
|
||||||
|
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -23,6 +23,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -38,7 +39,7 @@ public final class HttpUploadServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -23,6 +23,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -43,7 +44,7 @@ public final class WebSocketServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -35,6 +35,7 @@ import io.netty.handler.codec.http.websocketx.WebSocketFrame;
|
|||||||
import io.netty.handler.codec.http.websocketx.WebSocketVersion;
|
import io.netty.handler.codec.http.websocketx.WebSocketVersion;
|
||||||
import io.netty.handler.codec.http.websocketx.extensions.compression.WebSocketClientCompressionHandler;
|
import io.netty.handler.codec.http.websocketx.extensions.compression.WebSocketClientCompressionHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
@ -84,7 +85,8 @@ public final class WebSocketClient {
|
|||||||
final boolean ssl = "wss".equalsIgnoreCase(scheme);
|
final boolean ssl = "wss".equalsIgnoreCase(scheme);
|
||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (ssl) {
|
if (ssl) {
|
||||||
sslCtx = SslContext.newClientContext(InsecureTrustManagerFactory.INSTANCE);
|
sslCtx = SslContextBuilder.forClient()
|
||||||
|
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -23,6 +23,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -54,7 +55,7 @@ public final class WebSocketServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -27,6 +27,7 @@ import io.netty.handler.codec.serialization.ClassResolvers;
|
|||||||
import io.netty.handler.codec.serialization.ObjectDecoder;
|
import io.netty.handler.codec.serialization.ObjectDecoder;
|
||||||
import io.netty.handler.codec.serialization.ObjectEncoder;
|
import io.netty.handler.codec.serialization.ObjectEncoder;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -43,7 +44,8 @@ public final class ObjectEchoClient {
|
|||||||
// Configure SSL.
|
// Configure SSL.
|
||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
sslCtx = SslContext.newClientContext(InsecureTrustManagerFactory.INSTANCE);
|
sslCtx = SslContextBuilder.forClient()
|
||||||
|
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -29,6 +29,7 @@ import io.netty.handler.codec.serialization.ObjectEncoder;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -44,7 +45,7 @@ public final class ObjectEchoServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -24,6 +24,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -40,7 +41,8 @@ public final class PortUnificationServer {
|
|||||||
public static void main(String[] args) throws Exception {
|
public static void main(String[] args) throws Exception {
|
||||||
// Configure SSL context
|
// Configure SSL context
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
final SslContext sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
final SslContext sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
|
||||||
|
.build();
|
||||||
|
|
||||||
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
|
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
|
||||||
EventLoopGroup workerGroup = new NioEventLoopGroup();
|
EventLoopGroup workerGroup = new NioEventLoopGroup();
|
||||||
|
@ -23,6 +23,7 @@ import io.netty.channel.nio.NioEventLoopGroup;
|
|||||||
import io.netty.channel.socket.nio.NioSocketChannel;
|
import io.netty.channel.socket.nio.NioSocketChannel;
|
||||||
import io.netty.example.telnet.TelnetClient;
|
import io.netty.example.telnet.TelnetClient;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
|
||||||
import java.io.BufferedReader;
|
import java.io.BufferedReader;
|
||||||
@ -38,7 +39,8 @@ public final class SecureChatClient {
|
|||||||
|
|
||||||
public static void main(String[] args) throws Exception {
|
public static void main(String[] args) throws Exception {
|
||||||
// Configure SSL.
|
// Configure SSL.
|
||||||
final SslContext sslCtx = SslContext.newClientContext(InsecureTrustManagerFactory.INSTANCE);
|
final SslContext sslCtx = SslContextBuilder.forClient()
|
||||||
|
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
|
||||||
|
|
||||||
EventLoopGroup group = new NioEventLoopGroup();
|
EventLoopGroup group = new NioEventLoopGroup();
|
||||||
try {
|
try {
|
||||||
|
@ -23,6 +23,7 @@ import io.netty.example.telnet.TelnetServer;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -34,7 +35,8 @@ public final class SecureChatServer {
|
|||||||
|
|
||||||
public static void main(String[] args) throws Exception {
|
public static void main(String[] args) throws Exception {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
SslContext sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
SslContext sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
|
||||||
|
.build();
|
||||||
|
|
||||||
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
|
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
|
||||||
EventLoopGroup workerGroup = new NioEventLoopGroup();
|
EventLoopGroup workerGroup = new NioEventLoopGroup();
|
||||||
|
@ -34,6 +34,7 @@ import io.netty.handler.ssl.ApplicationProtocolConfig.SelectedListenerFailureBeh
|
|||||||
import io.netty.handler.ssl.ApplicationProtocolConfig.SelectorFailureBehavior;
|
import io.netty.handler.ssl.ApplicationProtocolConfig.SelectorFailureBehavior;
|
||||||
import io.netty.handler.ssl.IdentityCipherSuiteFilter;
|
import io.netty.handler.ssl.IdentityCipherSuiteFilter;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -57,15 +58,15 @@ public final class SpdyClient {
|
|||||||
|
|
||||||
public static void main(String[] args) throws Exception {
|
public static void main(String[] args) throws Exception {
|
||||||
// Configure SSL.
|
// Configure SSL.
|
||||||
final SslContext sslCtx = SslContext.newClientContext(
|
final SslContext sslCtx = SslContextBuilder.forClient()
|
||||||
null, InsecureTrustManagerFactory.INSTANCE, null, IdentityCipherSuiteFilter.INSTANCE,
|
.trustManager(InsecureTrustManagerFactory.INSTANCE)
|
||||||
new ApplicationProtocolConfig(
|
.applicationProtocolConfig(new ApplicationProtocolConfig(
|
||||||
Protocol.NPN,
|
Protocol.NPN,
|
||||||
SelectorFailureBehavior.CHOOSE_MY_LAST_PROTOCOL,
|
SelectorFailureBehavior.CHOOSE_MY_LAST_PROTOCOL,
|
||||||
SelectedListenerFailureBehavior.CHOOSE_MY_LAST_PROTOCOL,
|
SelectedListenerFailureBehavior.CHOOSE_MY_LAST_PROTOCOL,
|
||||||
SelectedProtocol.SPDY_3_1.protocolName(),
|
SelectedProtocol.SPDY_3_1.protocolName(),
|
||||||
SelectedProtocol.HTTP_1_1.protocolName()),
|
SelectedProtocol.HTTP_1_1.protocolName()))
|
||||||
0, 0);
|
.build();
|
||||||
|
|
||||||
HttpResponseClientHandler httpResponseHandler = new HttpResponseClientHandler();
|
HttpResponseClientHandler httpResponseHandler = new HttpResponseClientHandler();
|
||||||
EventLoopGroup workerGroup = new NioEventLoopGroup();
|
EventLoopGroup workerGroup = new NioEventLoopGroup();
|
||||||
|
@ -30,6 +30,7 @@ import io.netty.handler.ssl.ApplicationProtocolConfig.SelectedListenerFailureBeh
|
|||||||
import io.netty.handler.ssl.ApplicationProtocolConfig.SelectorFailureBehavior;
|
import io.netty.handler.ssl.ApplicationProtocolConfig.SelectorFailureBehavior;
|
||||||
import io.netty.handler.ssl.IdentityCipherSuiteFilter;
|
import io.netty.handler.ssl.IdentityCipherSuiteFilter;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -57,15 +58,14 @@ public final class SpdyServer {
|
|||||||
public static void main(String[] args) throws Exception {
|
public static void main(String[] args) throws Exception {
|
||||||
// Configure SSL.
|
// Configure SSL.
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
SslContext sslCtx = SslContext.newServerContext(
|
SslContext sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
|
||||||
ssc.certificate(), ssc.privateKey(), null, null, IdentityCipherSuiteFilter.INSTANCE,
|
.applicationProtocolConfig(new ApplicationProtocolConfig(
|
||||||
new ApplicationProtocolConfig(
|
|
||||||
Protocol.NPN,
|
Protocol.NPN,
|
||||||
SelectorFailureBehavior.CHOOSE_MY_LAST_PROTOCOL,
|
SelectorFailureBehavior.CHOOSE_MY_LAST_PROTOCOL,
|
||||||
SelectedListenerFailureBehavior.CHOOSE_MY_LAST_PROTOCOL,
|
SelectedListenerFailureBehavior.CHOOSE_MY_LAST_PROTOCOL,
|
||||||
SelectedProtocol.SPDY_3_1.protocolName(),
|
SelectedProtocol.SPDY_3_1.protocolName(),
|
||||||
SelectedProtocol.HTTP_1_1.protocolName()),
|
SelectedProtocol.HTTP_1_1.protocolName()))
|
||||||
0, 0);
|
.build();
|
||||||
|
|
||||||
// Configure the server.
|
// Configure the server.
|
||||||
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
|
EventLoopGroup bossGroup = new NioEventLoopGroup(1);
|
||||||
|
@ -22,6 +22,7 @@ import io.netty.channel.EventLoopGroup;
|
|||||||
import io.netty.channel.nio.NioEventLoopGroup;
|
import io.netty.channel.nio.NioEventLoopGroup;
|
||||||
import io.netty.channel.socket.nio.NioSocketChannel;
|
import io.netty.channel.socket.nio.NioSocketChannel;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
|
||||||
import java.io.BufferedReader;
|
import java.io.BufferedReader;
|
||||||
@ -40,7 +41,8 @@ public final class TelnetClient {
|
|||||||
// Configure SSL.
|
// Configure SSL.
|
||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
sslCtx = SslContext.newClientContext(InsecureTrustManagerFactory.INSTANCE);
|
sslCtx = SslContextBuilder.forClient()
|
||||||
|
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -22,6 +22,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -37,7 +38,7 @@ public final class TelnetServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -21,6 +21,7 @@ import io.netty.channel.EventLoopGroup;
|
|||||||
import io.netty.channel.nio.NioEventLoopGroup;
|
import io.netty.channel.nio.NioEventLoopGroup;
|
||||||
import io.netty.channel.socket.nio.NioSocketChannel;
|
import io.netty.channel.socket.nio.NioSocketChannel;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||||
|
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
@ -42,7 +43,8 @@ public final class WorldClockClient {
|
|||||||
// Configure SSL.
|
// Configure SSL.
|
||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
sslCtx = SslContext.newClientContext(InsecureTrustManagerFactory.INSTANCE);
|
sslCtx = SslContextBuilder.forClient()
|
||||||
|
.trustManager(InsecureTrustManagerFactory.INSTANCE).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -22,6 +22,7 @@ import io.netty.channel.socket.nio.NioServerSocketChannel;
|
|||||||
import io.netty.handler.logging.LogLevel;
|
import io.netty.handler.logging.LogLevel;
|
||||||
import io.netty.handler.logging.LoggingHandler;
|
import io.netty.handler.logging.LoggingHandler;
|
||||||
import io.netty.handler.ssl.SslContext;
|
import io.netty.handler.ssl.SslContext;
|
||||||
|
import io.netty.handler.ssl.SslContextBuilder;
|
||||||
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
import io.netty.handler.ssl.util.SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -38,7 +39,7 @@ public final class WorldClockServer {
|
|||||||
final SslContext sslCtx;
|
final SslContext sslCtx;
|
||||||
if (SSL) {
|
if (SSL) {
|
||||||
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
SelfSignedCertificate ssc = new SelfSignedCertificate();
|
||||||
sslCtx = SslContext.newServerContext(ssc.certificate(), ssc.privateKey());
|
sslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).build();
|
||||||
} else {
|
} else {
|
||||||
sslCtx = null;
|
sslCtx = null;
|
||||||
}
|
}
|
||||||
|
@ -53,7 +53,7 @@ import java.util.List;
|
|||||||
* <pre>
|
* <pre>
|
||||||
* // In your {@link ChannelInitializer}:
|
* // In your {@link ChannelInitializer}:
|
||||||
* {@link ChannelPipeline} p = channel.pipeline();
|
* {@link ChannelPipeline} p = channel.pipeline();
|
||||||
* {@link SslContext} sslCtx = {@link #newServerContext(File, File) SslContext.newServerContext(...)};
|
* {@link SslContext} sslCtx = {@link SslContextBuilder#forServer(File, File) SslContextBuilder.forServer(...)}.build();
|
||||||
* p.addLast("ssl", {@link #newEngine(ByteBufAllocator) sslCtx.newEngine(channel.alloc())});
|
* p.addLast("ssl", {@link #newEngine(ByteBufAllocator) sslCtx.newEngine(channel.alloc())});
|
||||||
* ...
|
* ...
|
||||||
* </pre>
|
* </pre>
|
||||||
@ -62,7 +62,7 @@ import java.util.List;
|
|||||||
* <pre>
|
* <pre>
|
||||||
* // In your {@link ChannelInitializer}:
|
* // In your {@link ChannelInitializer}:
|
||||||
* {@link ChannelPipeline} p = channel.pipeline();
|
* {@link ChannelPipeline} p = channel.pipeline();
|
||||||
* {@link SslContext} sslCtx = {@link #newClientContext(File) SslContext.newClientContext(...)};
|
* {@link SslContext} sslCtx = {@link #newBuilderForClient() SslContext.newBuilderForClient()}.build();
|
||||||
* p.addLast("ssl", {@link #newEngine(ByteBufAllocator, String, int) sslCtx.newEngine(channel.alloc(), host, port)});
|
* p.addLast("ssl", {@link #newEngine(ByteBufAllocator, String, int) sslCtx.newEngine(channel.alloc(), host, port)});
|
||||||
* ...
|
* ...
|
||||||
* </pre>
|
* </pre>
|
||||||
@ -109,7 +109,9 @@ public abstract class SslContext {
|
|||||||
* @param certChainFile an X.509 certificate chain file in PEM format
|
* @param certChainFile an X.509 certificate chain file in PEM format
|
||||||
* @param keyFile a PKCS#8 private key file in PEM format
|
* @param keyFile a PKCS#8 private key file in PEM format
|
||||||
* @return a new server-side {@link SslContext}
|
* @return a new server-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newServerContext(File certChainFile, File keyFile) throws SSLException {
|
public static SslContext newServerContext(File certChainFile, File keyFile) throws SSLException {
|
||||||
return newServerContext(certChainFile, keyFile, null);
|
return newServerContext(certChainFile, keyFile, null);
|
||||||
}
|
}
|
||||||
@ -122,7 +124,9 @@ public abstract class SslContext {
|
|||||||
* @param keyPassword the password of the {@code keyFile}.
|
* @param keyPassword the password of the {@code keyFile}.
|
||||||
* {@code null} if it's not password-protected.
|
* {@code null} if it's not password-protected.
|
||||||
* @return a new server-side {@link SslContext}
|
* @return a new server-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newServerContext(
|
public static SslContext newServerContext(
|
||||||
File certChainFile, File keyFile, String keyPassword) throws SSLException {
|
File certChainFile, File keyFile, String keyPassword) throws SSLException {
|
||||||
return newServerContext(null, certChainFile, keyFile, keyPassword);
|
return newServerContext(null, certChainFile, keyFile, keyPassword);
|
||||||
@ -144,7 +148,9 @@ public abstract class SslContext {
|
|||||||
* @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
|
* @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
|
||||||
* {@code 0} to use the default value.
|
* {@code 0} to use the default value.
|
||||||
* @return a new server-side {@link SslContext}
|
* @return a new server-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newServerContext(
|
public static SslContext newServerContext(
|
||||||
File certChainFile, File keyFile, String keyPassword,
|
File certChainFile, File keyFile, String keyPassword,
|
||||||
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
||||||
@ -162,7 +168,9 @@ public abstract class SslContext {
|
|||||||
* @param certChainFile an X.509 certificate chain file in PEM format
|
* @param certChainFile an X.509 certificate chain file in PEM format
|
||||||
* @param keyFile a PKCS#8 private key file in PEM format
|
* @param keyFile a PKCS#8 private key file in PEM format
|
||||||
* @return a new server-side {@link SslContext}
|
* @return a new server-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newServerContext(
|
public static SslContext newServerContext(
|
||||||
SslProvider provider, File certChainFile, File keyFile) throws SSLException {
|
SslProvider provider, File certChainFile, File keyFile) throws SSLException {
|
||||||
return newServerContext(provider, certChainFile, keyFile, null);
|
return newServerContext(provider, certChainFile, keyFile, null);
|
||||||
@ -178,7 +186,9 @@ public abstract class SslContext {
|
|||||||
* @param keyPassword the password of the {@code keyFile}.
|
* @param keyPassword the password of the {@code keyFile}.
|
||||||
* {@code null} if it's not password-protected.
|
* {@code null} if it's not password-protected.
|
||||||
* @return a new server-side {@link SslContext}
|
* @return a new server-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newServerContext(
|
public static SslContext newServerContext(
|
||||||
SslProvider provider, File certChainFile, File keyFile, String keyPassword) throws SSLException {
|
SslProvider provider, File certChainFile, File keyFile, String keyPassword) throws SSLException {
|
||||||
return newServerContext(provider, certChainFile, keyFile, keyPassword, null, IdentityCipherSuiteFilter.INSTANCE,
|
return newServerContext(provider, certChainFile, keyFile, keyPassword, null, IdentityCipherSuiteFilter.INSTANCE,
|
||||||
@ -204,7 +214,9 @@ public abstract class SslContext {
|
|||||||
* @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
|
* @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
|
||||||
* {@code 0} to use the default value.
|
* {@code 0} to use the default value.
|
||||||
* @return a new server-side {@link SslContext}
|
* @return a new server-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newServerContext(SslProvider provider,
|
public static SslContext newServerContext(SslProvider provider,
|
||||||
File certChainFile, File keyFile, String keyPassword,
|
File certChainFile, File keyFile, String keyPassword,
|
||||||
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
||||||
@ -243,8 +255,22 @@ public abstract class SslContext {
|
|||||||
* @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
|
* @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
|
||||||
* {@code 0} to use the default value.
|
* {@code 0} to use the default value.
|
||||||
* @return a new server-side {@link SslContext}
|
* @return a new server-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
public static SslContext newServerContext(SslProvider provider,
|
@Deprecated
|
||||||
|
public static SslContext newServerContext(
|
||||||
|
SslProvider provider,
|
||||||
|
File trustCertChainFile, TrustManagerFactory trustManagerFactory,
|
||||||
|
File keyCertChainFile, File keyFile, String keyPassword, KeyManagerFactory keyManagerFactory,
|
||||||
|
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
||||||
|
long sessionCacheSize, long sessionTimeout) throws SSLException {
|
||||||
|
return newServerContextInternal(provider, trustCertChainFile, trustManagerFactory, keyCertChainFile,
|
||||||
|
keyFile, keyPassword, keyManagerFactory, ciphers, cipherFilter, apn,
|
||||||
|
sessionCacheSize, sessionTimeout);
|
||||||
|
}
|
||||||
|
|
||||||
|
static SslContext newServerContextInternal(
|
||||||
|
SslProvider provider,
|
||||||
File trustCertChainFile, TrustManagerFactory trustManagerFactory,
|
File trustCertChainFile, TrustManagerFactory trustManagerFactory,
|
||||||
File keyCertChainFile, File keyFile, String keyPassword, KeyManagerFactory keyManagerFactory,
|
File keyCertChainFile, File keyFile, String keyPassword, KeyManagerFactory keyManagerFactory,
|
||||||
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
||||||
@ -272,7 +298,9 @@ public abstract class SslContext {
|
|||||||
* Creates a new client-side {@link SslContext}.
|
* Creates a new client-side {@link SslContext}.
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newClientContext() throws SSLException {
|
public static SslContext newClientContext() throws SSLException {
|
||||||
return newClientContext(null, null, null);
|
return newClientContext(null, null, null);
|
||||||
}
|
}
|
||||||
@ -283,7 +311,9 @@ public abstract class SslContext {
|
|||||||
* @param certChainFile an X.509 certificate chain file in PEM format
|
* @param certChainFile an X.509 certificate chain file in PEM format
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newClientContext(File certChainFile) throws SSLException {
|
public static SslContext newClientContext(File certChainFile) throws SSLException {
|
||||||
return newClientContext(null, certChainFile);
|
return newClientContext(null, certChainFile);
|
||||||
}
|
}
|
||||||
@ -296,7 +326,9 @@ public abstract class SslContext {
|
|||||||
* {@code null} to use the default.
|
* {@code null} to use the default.
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newClientContext(TrustManagerFactory trustManagerFactory) throws SSLException {
|
public static SslContext newClientContext(TrustManagerFactory trustManagerFactory) throws SSLException {
|
||||||
return newClientContext(null, null, trustManagerFactory);
|
return newClientContext(null, null, trustManagerFactory);
|
||||||
}
|
}
|
||||||
@ -311,7 +343,9 @@ public abstract class SslContext {
|
|||||||
* {@code null} to use the default.
|
* {@code null} to use the default.
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newClientContext(
|
public static SslContext newClientContext(
|
||||||
File certChainFile, TrustManagerFactory trustManagerFactory) throws SSLException {
|
File certChainFile, TrustManagerFactory trustManagerFactory) throws SSLException {
|
||||||
return newClientContext(null, certChainFile, trustManagerFactory);
|
return newClientContext(null, certChainFile, trustManagerFactory);
|
||||||
@ -335,7 +369,9 @@ public abstract class SslContext {
|
|||||||
* {@code 0} to use the default value.
|
* {@code 0} to use the default value.
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newClientContext(
|
public static SslContext newClientContext(
|
||||||
File certChainFile, TrustManagerFactory trustManagerFactory,
|
File certChainFile, TrustManagerFactory trustManagerFactory,
|
||||||
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
||||||
@ -352,7 +388,9 @@ public abstract class SslContext {
|
|||||||
* {@code null} to use the current default one.
|
* {@code null} to use the current default one.
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newClientContext(SslProvider provider) throws SSLException {
|
public static SslContext newClientContext(SslProvider provider) throws SSLException {
|
||||||
return newClientContext(provider, null, null);
|
return newClientContext(provider, null, null);
|
||||||
}
|
}
|
||||||
@ -366,7 +404,9 @@ public abstract class SslContext {
|
|||||||
* {@code null} to use the system default
|
* {@code null} to use the system default
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newClientContext(SslProvider provider, File certChainFile) throws SSLException {
|
public static SslContext newClientContext(SslProvider provider, File certChainFile) throws SSLException {
|
||||||
return newClientContext(provider, certChainFile, null);
|
return newClientContext(provider, certChainFile, null);
|
||||||
}
|
}
|
||||||
@ -381,7 +421,9 @@ public abstract class SslContext {
|
|||||||
* {@code null} to use the default.
|
* {@code null} to use the default.
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newClientContext(
|
public static SslContext newClientContext(
|
||||||
SslProvider provider, TrustManagerFactory trustManagerFactory) throws SSLException {
|
SslProvider provider, TrustManagerFactory trustManagerFactory) throws SSLException {
|
||||||
return newClientContext(provider, null, trustManagerFactory);
|
return newClientContext(provider, null, trustManagerFactory);
|
||||||
@ -399,7 +441,9 @@ public abstract class SslContext {
|
|||||||
* {@code null} to use the default.
|
* {@code null} to use the default.
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public static SslContext newClientContext(
|
public static SslContext newClientContext(
|
||||||
SslProvider provider, File certChainFile, TrustManagerFactory trustManagerFactory) throws SSLException {
|
SslProvider provider, File certChainFile, TrustManagerFactory trustManagerFactory) throws SSLException {
|
||||||
return newClientContext(provider, certChainFile, trustManagerFactory, null, IdentityCipherSuiteFilter.INSTANCE,
|
return newClientContext(provider, certChainFile, trustManagerFactory, null, IdentityCipherSuiteFilter.INSTANCE,
|
||||||
@ -426,8 +470,11 @@ public abstract class SslContext {
|
|||||||
* {@code 0} to use the default value.
|
* {@code 0} to use the default value.
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
public static SslContext newClientContext(SslProvider provider,
|
@Deprecated
|
||||||
|
public static SslContext newClientContext(
|
||||||
|
SslProvider provider,
|
||||||
File certChainFile, TrustManagerFactory trustManagerFactory,
|
File certChainFile, TrustManagerFactory trustManagerFactory,
|
||||||
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
||||||
long sessionCacheSize, long sessionTimeout) throws SSLException {
|
long sessionCacheSize, long sessionTimeout) throws SSLException {
|
||||||
@ -469,8 +516,22 @@ public abstract class SslContext {
|
|||||||
* {@code 0} to use the default value.
|
* {@code 0} to use the default value.
|
||||||
*
|
*
|
||||||
* @return a new client-side {@link SslContext}
|
* @return a new client-side {@link SslContext}
|
||||||
|
* @deprecated Replaced by {@link SslContextBuilder}
|
||||||
*/
|
*/
|
||||||
public static SslContext newClientContext(SslProvider provider,
|
@Deprecated
|
||||||
|
public static SslContext newClientContext(
|
||||||
|
SslProvider provider,
|
||||||
|
File trustCertChainFile, TrustManagerFactory trustManagerFactory,
|
||||||
|
File keyCertChainFile, File keyFile, String keyPassword, KeyManagerFactory keyManagerFactory,
|
||||||
|
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
||||||
|
long sessionCacheSize, long sessionTimeout) throws SSLException {
|
||||||
|
return newClientContextInternal(provider, trustCertChainFile, trustManagerFactory,
|
||||||
|
keyCertChainFile, keyFile, keyPassword, keyManagerFactory, ciphers, cipherFilter, apn,
|
||||||
|
sessionCacheSize, sessionTimeout);
|
||||||
|
}
|
||||||
|
|
||||||
|
static SslContext newClientContextInternal(
|
||||||
|
SslProvider provider,
|
||||||
File trustCertChainFile, TrustManagerFactory trustManagerFactory,
|
File trustCertChainFile, TrustManagerFactory trustManagerFactory,
|
||||||
File keyCertChainFile, File keyFile, String keyPassword, KeyManagerFactory keyManagerFactory,
|
File keyCertChainFile, File keyFile, String keyPassword, KeyManagerFactory keyManagerFactory,
|
||||||
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
||||||
|
@ -0,0 +1,216 @@
|
|||||||
|
/*
|
||||||
|
* Copyright 2015 The Netty Project
|
||||||
|
*
|
||||||
|
* The Netty Project licenses this file to you under the Apache License,
|
||||||
|
* version 2.0 (the "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at:
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
* License for the specific language governing permissions and limitations
|
||||||
|
* under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package io.netty.handler.ssl;
|
||||||
|
|
||||||
|
import static io.netty.util.internal.ObjectUtil.checkNotNull;
|
||||||
|
|
||||||
|
import javax.net.ssl.KeyManagerFactory;
|
||||||
|
import javax.net.ssl.SSLException;
|
||||||
|
import javax.net.ssl.TrustManagerFactory;
|
||||||
|
import java.io.File;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Builder for configuring a new SslContext for creation.
|
||||||
|
*/
|
||||||
|
public final class SslContextBuilder {
|
||||||
|
/**
|
||||||
|
* Creates a builder for new client-side {@link SslContext}.
|
||||||
|
*/
|
||||||
|
public static SslContextBuilder forClient() {
|
||||||
|
return new SslContextBuilder(true);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a builder for new server-side {@link SslContext}.
|
||||||
|
*
|
||||||
|
* @param keyCertChainFile an X.509 certificate chain file in PEM format
|
||||||
|
* @param keyFile a PKCS#8 private key file in PEM format
|
||||||
|
*/
|
||||||
|
public static SslContextBuilder forServer(File keyCertChainFile, File keyFile) {
|
||||||
|
return new SslContextBuilder(false).keyManager(keyCertChainFile, keyFile);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a builder for new server-side {@link SslContext}.
|
||||||
|
*
|
||||||
|
* @param keyCertChainFile an X.509 certificate chain file in PEM format
|
||||||
|
* @param keyFile a PKCS#8 private key file in PEM format
|
||||||
|
* @param keyPassword the password of the {@code keyFile}, or {@code null} if it's not
|
||||||
|
* password-protected
|
||||||
|
*/
|
||||||
|
public static SslContextBuilder forServer(
|
||||||
|
File keyCertChainFile, File keyFile, String keyPassword) {
|
||||||
|
return new SslContextBuilder(false).keyManager(keyCertChainFile, keyFile, keyPassword);
|
||||||
|
}
|
||||||
|
|
||||||
|
private final boolean forServer;
|
||||||
|
private SslProvider provider;
|
||||||
|
private File trustCertChainFile;
|
||||||
|
private TrustManagerFactory trustManagerFactory;
|
||||||
|
private File keyCertChainFile;
|
||||||
|
private File keyFile;
|
||||||
|
private String keyPassword;
|
||||||
|
private KeyManagerFactory keyManagerFactory;
|
||||||
|
private Iterable<String> ciphers;
|
||||||
|
private CipherSuiteFilter cipherFilter = IdentityCipherSuiteFilter.INSTANCE;
|
||||||
|
private ApplicationProtocolConfig apn;
|
||||||
|
private long sessionCacheSize;
|
||||||
|
private long sessionTimeout;
|
||||||
|
|
||||||
|
private SslContextBuilder(boolean forServer) {
|
||||||
|
this.forServer = forServer;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The {@link SslContext} implementation to use. {@code null} uses the default one.
|
||||||
|
*/
|
||||||
|
public SslContextBuilder sslProvider(SslProvider provider) {
|
||||||
|
this.provider = provider;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Trusted certificates for verifying the remote endpoint's certificate. The file should
|
||||||
|
* contain an X.509 certificate chain in PEM format. {@code null} uses the system default.
|
||||||
|
*/
|
||||||
|
public SslContextBuilder trustManager(File trustCertChainFile) {
|
||||||
|
this.trustCertChainFile = trustCertChainFile;
|
||||||
|
this.trustManagerFactory = null;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Trusted manager for verifying the remote endpoint's certificate. Using a {@link
|
||||||
|
* TrustManagerFactory} is only supported for {@link SslProvider#JDK}; for other providers,
|
||||||
|
* you must use {@link #trustManager(File)}. {@code null} uses the system default.
|
||||||
|
*/
|
||||||
|
public SslContextBuilder trustManager(TrustManagerFactory trustManagerFactory) {
|
||||||
|
this.trustCertChainFile = null;
|
||||||
|
this.trustManagerFactory = trustManagerFactory;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Identifying certificate for this host. {@code keyCertChainFile} and {@code keyFile} may
|
||||||
|
* be {@code null} for client contexts, which disables mutual authentication.
|
||||||
|
*
|
||||||
|
* @param keyCertChainFile an X.509 certificate chain file in PEM format
|
||||||
|
* @param keyFile a PKCS#8 private key file in PEM format
|
||||||
|
*/
|
||||||
|
public SslContextBuilder keyManager(File keyCertChainFile, File keyFile) {
|
||||||
|
return keyManager(keyCertChainFile, keyFile, null);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Identifying certificate for this host. {@code keyCertChainFile} and {@code keyFile} may
|
||||||
|
* be {@code null} for client contexts, which disables mutual authentication.
|
||||||
|
*
|
||||||
|
* @param keyCertChainFile an X.509 certificate chain file in PEM format
|
||||||
|
* @param keyFile a PKCS#8 private key file in PEM format
|
||||||
|
* @param keyPassword the password of the {@code keyFile}, or {@code null} if it's not
|
||||||
|
* password-protected
|
||||||
|
*/
|
||||||
|
public SslContextBuilder keyManager(File keyCertChainFile, File keyFile, String keyPassword) {
|
||||||
|
if (forServer) {
|
||||||
|
checkNotNull(keyCertChainFile, "keyCertChainFile required for servers");
|
||||||
|
checkNotNull(keyFile, "keyFile required for servers");
|
||||||
|
}
|
||||||
|
this.keyCertChainFile = keyCertChainFile;
|
||||||
|
this.keyFile = keyFile;
|
||||||
|
this.keyPassword = keyPassword;
|
||||||
|
this.keyManagerFactory = null;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Identifying manager for this host. {@code keyManagerFactory} may be {@code null} for
|
||||||
|
* client contexts, which disables mutual authentication. Using a {@code KeyManagerFactory}
|
||||||
|
* is only supported for {@link SslProvider#JDK}; for other providers, you must use {@link
|
||||||
|
* #keyManager(File, File)} or {@link #keyManager(File, File, String)}.
|
||||||
|
*/
|
||||||
|
public SslContextBuilder keyManager(KeyManagerFactory keyManagerFactory) {
|
||||||
|
if (forServer) {
|
||||||
|
checkNotNull(keyManagerFactory, "keyManagerFactory required for servers");
|
||||||
|
}
|
||||||
|
this.keyCertChainFile = null;
|
||||||
|
this.keyFile = null;
|
||||||
|
this.keyPassword = null;
|
||||||
|
this.keyManagerFactory = keyManagerFactory;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The cipher suites to enable, in the order of preference. {@code null} to use default
|
||||||
|
* cipher suites.
|
||||||
|
*/
|
||||||
|
public SslContextBuilder ciphers(Iterable<String> ciphers) {
|
||||||
|
return ciphers(ciphers, IdentityCipherSuiteFilter.INSTANCE);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The cipher suites to enable, in the order of preference. {@code cipherFilter} will be
|
||||||
|
* applied to the ciphers before use if provider is {@link SslProvider#JDK}. If {@code
|
||||||
|
* ciphers} is {@code null}, then the default cipher suites will be used.
|
||||||
|
*/
|
||||||
|
public SslContextBuilder ciphers(Iterable<String> ciphers, CipherSuiteFilter cipherFilter) {
|
||||||
|
checkNotNull(cipherFilter, "cipherFilter");
|
||||||
|
this.ciphers = ciphers;
|
||||||
|
this.cipherFilter = cipherFilter;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Application protocol negotiation configuration. {@code null} disables support.
|
||||||
|
*/
|
||||||
|
public SslContextBuilder applicationProtocolConfig(ApplicationProtocolConfig apn) {
|
||||||
|
this.apn = apn;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set the size of the cache used for storing SSL session objects. {@code 0} to use the
|
||||||
|
* default value.
|
||||||
|
*/
|
||||||
|
public SslContextBuilder sessionCacheSize(long sessionCacheSize) {
|
||||||
|
this.sessionCacheSize = sessionCacheSize;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set the timeout for the cached SSL session objects, in seconds. {@code 0} to use the
|
||||||
|
* default value.
|
||||||
|
*/
|
||||||
|
public SslContextBuilder sessionTimeout(long sessionTimeout) {
|
||||||
|
this.sessionTimeout = sessionTimeout;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create new {@code SslContext} instance with configured settings.
|
||||||
|
*/
|
||||||
|
public SslContext build() throws SSLException {
|
||||||
|
if (forServer) {
|
||||||
|
return SslContext.newServerContextInternal(provider, trustCertChainFile,
|
||||||
|
trustManagerFactory, keyCertChainFile, keyFile, keyPassword, keyManagerFactory,
|
||||||
|
ciphers, cipherFilter, apn, sessionCacheSize, sessionTimeout);
|
||||||
|
} else {
|
||||||
|
return SslContext.newClientContextInternal(provider, trustCertChainFile,
|
||||||
|
trustManagerFactory, keyCertChainFile, keyFile, keyPassword, keyManagerFactory,
|
||||||
|
ciphers, cipherFilter, apn, sessionCacheSize, sessionTimeout);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user