Motivation: JdkSslContext provides public constructors to wrap an existing `javax.net.ssl.SSLContext`. Sadly, some options combinations are not possible with the existing constructors, eg: * protocols is not exposed and always forced to null, so default protocols are always enforced * startTls is not exposed and always forced to false Modification: Add full constructor that take protocols and startTls parameters. Result: It's possible to create a JdkSslContext from an existing SSLContext and still have control over protocols and startTls
This commit is contained in:
parent
04001fdad1
commit
9eebe7ed74
@ -140,7 +140,10 @@ public class JdkSslContext extends SslContext {
|
|||||||
* @param sslContext the {@link SSLContext} to use.
|
* @param sslContext the {@link SSLContext} to use.
|
||||||
* @param isClient {@code true} if this context should create {@link SSLEngine}s for client-side usage.
|
* @param isClient {@code true} if this context should create {@link SSLEngine}s for client-side usage.
|
||||||
* @param clientAuth the {@link ClientAuth} to use. This will only be used when {@param isClient} is {@code false}.
|
* @param clientAuth the {@link ClientAuth} to use. This will only be used when {@param isClient} is {@code false}.
|
||||||
|
* @deprecated Use {@link #JdkSslContext(SSLContext, boolean, Iterable, CipherSuiteFilter,
|
||||||
|
* ApplicationProtocolConfig, ClientAuth, String[], boolean)}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public JdkSslContext(SSLContext sslContext, boolean isClient,
|
public JdkSslContext(SSLContext sslContext, boolean isClient,
|
||||||
ClientAuth clientAuth) {
|
ClientAuth clientAuth) {
|
||||||
this(sslContext, isClient, null, IdentityCipherSuiteFilter.INSTANCE,
|
this(sslContext, isClient, null, IdentityCipherSuiteFilter.INSTANCE,
|
||||||
@ -156,11 +159,44 @@ public class JdkSslContext extends SslContext {
|
|||||||
* @param cipherFilter the filter to use.
|
* @param cipherFilter the filter to use.
|
||||||
* @param apn the {@link ApplicationProtocolConfig} to use.
|
* @param apn the {@link ApplicationProtocolConfig} to use.
|
||||||
* @param clientAuth the {@link ClientAuth} to use. This will only be used when {@param isClient} is {@code false}.
|
* @param clientAuth the {@link ClientAuth} to use. This will only be used when {@param isClient} is {@code false}.
|
||||||
|
* @deprecated Use {@link #JdkSslContext(SSLContext, boolean, Iterable, CipherSuiteFilter,
|
||||||
|
* ApplicationProtocolConfig, ClientAuth, String[], boolean)}
|
||||||
*/
|
*/
|
||||||
|
@Deprecated
|
||||||
public JdkSslContext(SSLContext sslContext, boolean isClient, Iterable<String> ciphers,
|
public JdkSslContext(SSLContext sslContext, boolean isClient, Iterable<String> ciphers,
|
||||||
CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
||||||
ClientAuth clientAuth) {
|
ClientAuth clientAuth) {
|
||||||
this(sslContext, isClient, ciphers, cipherFilter, toNegotiator(apn, !isClient), clientAuth, null, false);
|
this(sslContext, isClient, ciphers, cipherFilter, apn, clientAuth, null, false);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a new {@link JdkSslContext} from a pre-configured {@link SSLContext}.
|
||||||
|
*
|
||||||
|
* @param sslContext the {@link SSLContext} to use.
|
||||||
|
* @param isClient {@code true} if this context should create {@link SSLEngine}s for client-side usage.
|
||||||
|
* @param ciphers the ciphers to use or {@code null} if the standard should be used.
|
||||||
|
* @param cipherFilter the filter to use.
|
||||||
|
* @param apn the {@link ApplicationProtocolConfig} to use.
|
||||||
|
* @param clientAuth the {@link ClientAuth} to use. This will only be used when {@param isClient} is {@code false}.
|
||||||
|
* @param protocols the protocols to enable, or {@code null} to enable the default protocols.
|
||||||
|
* @param startTls {@code true} if the first write request shouldn't be encrypted
|
||||||
|
*/
|
||||||
|
public JdkSslContext(SSLContext sslContext,
|
||||||
|
boolean isClient,
|
||||||
|
Iterable<String> ciphers,
|
||||||
|
CipherSuiteFilter cipherFilter,
|
||||||
|
ApplicationProtocolConfig apn,
|
||||||
|
ClientAuth clientAuth,
|
||||||
|
String[] protocols,
|
||||||
|
boolean startTls) {
|
||||||
|
this(sslContext,
|
||||||
|
isClient,
|
||||||
|
ciphers,
|
||||||
|
cipherFilter,
|
||||||
|
toNegotiator(apn, !isClient),
|
||||||
|
clientAuth,
|
||||||
|
protocols == null ? null : protocols.clone(),
|
||||||
|
startTls);
|
||||||
}
|
}
|
||||||
|
|
||||||
@SuppressWarnings("deprecation")
|
@SuppressWarnings("deprecation")
|
||||||
|
Loading…
Reference in New Issue
Block a user