Use OpenSslClientContext as default if openssl is avaible
Motivation: As we now support OpenSslEngine for client side, we should use it when avaible. Modifications: Use SslProvider.OPENSSL when openssl can be found Result: OpenSslEngine is used whenever possible
This commit is contained in:
parent
a86a2f6478
commit
f13a3fbefb
@ -122,6 +122,29 @@ public final class OpenSslServerContext extends OpenSslContext {
|
||||
toApplicationProtocolConfig(nextProtocols), sessionCacheSize, sessionTimeout);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new instance.
|
||||
*
|
||||
* @param certChainFile an X.509 certificate chain file in PEM format
|
||||
* @param keyFile a PKCS#8 private key file in PEM format
|
||||
* @param keyPassword the password of the {@code keyFile}.
|
||||
* {@code null} if it's not password-protected.
|
||||
* @param ciphers the cipher suites to enable, in the order of preference.
|
||||
* {@code null} to use the default cipher suites.
|
||||
* @param config Application protocol config.
|
||||
* @param sessionCacheSize the size of the cache used for storing SSL session objects.
|
||||
* {@code 0} to use the default value.
|
||||
* @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
|
||||
* {@code 0} to use the default value.
|
||||
*/
|
||||
public OpenSslServerContext(
|
||||
File certChainFile, File keyFile, String keyPassword, TrustManagerFactory trustManagerFactory,
|
||||
Iterable<String> ciphers, ApplicationProtocolConfig config,
|
||||
long sessionCacheSize, long sessionTimeout) throws SSLException {
|
||||
this(certChainFile, keyFile, keyPassword, trustManagerFactory, ciphers,
|
||||
toNegotiator(config, true), sessionCacheSize, sessionTimeout);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new instance.
|
||||
*
|
||||
|
@ -85,20 +85,24 @@ public abstract class SslContext {
|
||||
* @return {@link SslProvider#OPENSSL} if OpenSSL is available. {@link SslProvider#JDK} otherwise.
|
||||
*/
|
||||
public static SslProvider defaultServerProvider() {
|
||||
if (OpenSsl.isAvailable()) {
|
||||
return SslProvider.OPENSSL;
|
||||
} else {
|
||||
return SslProvider.JDK;
|
||||
}
|
||||
return defaultProvider();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the default client-side implementation provider currently in use.
|
||||
*
|
||||
* @return {@link SslProvider#JDK}, because it is the only implementation at the moment
|
||||
* @return {@link SslProvider#OPENSSL} if OpenSSL is available. {@link SslProvider#JDK} otherwise.
|
||||
*/
|
||||
public static SslProvider defaultClientProvider() {
|
||||
return SslProvider.JDK;
|
||||
return defaultProvider();
|
||||
}
|
||||
|
||||
private static SslProvider defaultProvider() {
|
||||
if (OpenSsl.isAvailable()) {
|
||||
return SslProvider.OPENSSL;
|
||||
} else {
|
||||
return SslProvider.JDK;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -346,7 +350,7 @@ public abstract class SslContext {
|
||||
long sessionCacheSize, long sessionTimeout) throws SSLException {
|
||||
|
||||
if (provider == null) {
|
||||
provider = OpenSsl.isAvailable()? SslProvider.OPENSSL : SslProvider.JDK;
|
||||
provider = defaultServerProvider();
|
||||
}
|
||||
|
||||
switch (provider) {
|
||||
@ -356,7 +360,7 @@ public abstract class SslContext {
|
||||
keyManagerFactory, ciphers, cipherFilter, apn, sessionCacheSize, sessionTimeout);
|
||||
case OPENSSL:
|
||||
return new OpenSslServerContext(
|
||||
keyCertChainFile, keyFile, keyPassword,
|
||||
keyCertChainFile, keyFile, keyPassword, trustManagerFactory,
|
||||
ciphers, apn, sessionCacheSize, sessionTimeout);
|
||||
default:
|
||||
throw new Error(provider.toString());
|
||||
@ -640,12 +644,8 @@ public abstract class SslContext {
|
||||
File keyCertChainFile, File keyFile, String keyPassword, KeyManagerFactory keyManagerFactory,
|
||||
Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
|
||||
long sessionCacheSize, long sessionTimeout) throws SSLException {
|
||||
|
||||
if (provider != null && provider != SslProvider.JDK) {
|
||||
throw new SSLException("client context unsupported for: " + provider);
|
||||
}
|
||||
if (provider == null) {
|
||||
provider = SslProvider.JDK;
|
||||
provider = defaultClientProvider();
|
||||
}
|
||||
switch (provider) {
|
||||
case JDK:
|
||||
|
Loading…
Reference in New Issue
Block a user