Use OpenSslClientContext as default if openssl is avaible

Motivation: As we now support OpenSslEngine for client side, we should use it when avaible. Modifications: Use SslProvider.OPENSSL when openssl can be found Result: OpenSslEngine is used whenever possible
2014-10-30 08:56:07 +01:00 · 2014-10-30 08:56:07 +01:00 · f13a3fbefb
commit f13a3fbefb
parent a86a2f6478
2 changed files with 37 additions and 14 deletions
--- a/handler/src/main/java/io/netty/handler/ssl/OpenSslServerContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/OpenSslServerContext.java
@ -122,6 +122,29 @@ public final class OpenSslServerContext extends OpenSslContext {
            toApplicationProtocolConfig(nextProtocols), sessionCacheSize, sessionTimeout);
    }

+    /**
+     * Creates a new instance.
+     *
+     * @param certChainFile an X.509 certificate chain file in PEM format
+     * @param keyFile a PKCS#8 private key file in PEM format
+     * @param keyPassword the password of the {@code keyFile}.
+     *                    {@code null} if it's not password-protected.
+     * @param ciphers the cipher suites to enable, in the order of preference.
+     *                {@code null} to use the default cipher suites.
+     * @param config Application protocol config.
+     * @param sessionCacheSize the size of the cache used for storing SSL session objects.
+     *                         {@code 0} to use the default value.
+     * @param sessionTimeout the timeout for the cached SSL session objects, in seconds.
+     *                       {@code 0} to use the default value.
+     */
+    public OpenSslServerContext(
+            File certChainFile, File keyFile, String keyPassword, TrustManagerFactory trustManagerFactory,
+            Iterable<String> ciphers, ApplicationProtocolConfig config,
+            long sessionCacheSize, long sessionTimeout) throws SSLException {
+        this(certChainFile, keyFile, keyPassword, trustManagerFactory, ciphers,
+                toNegotiator(config, true), sessionCacheSize, sessionTimeout);
+    }
+
    /**
     * Creates a new instance.
     *
--- a/handler/src/main/java/io/netty/handler/ssl/SslContext.java
+++ b/handler/src/main/java/io/netty/handler/ssl/SslContext.java
@ -85,20 +85,24 @@ public abstract class SslContext {
     * @return {@link SslProvider#OPENSSL} if OpenSSL is available. {@link SslProvider#JDK} otherwise.
     */
    public static SslProvider defaultServerProvider() {
-        if (OpenSsl.isAvailable()) {
-            return SslProvider.OPENSSL;
-        } else {
-            return SslProvider.JDK;
-        }
+        return defaultProvider();
    }

    /**
     * Returns the default client-side implementation provider currently in use.
     *
-     * @return {@link SslProvider#JDK}, because it is the only implementation at the moment
+     * @return {@link SslProvider#OPENSSL} if OpenSSL is available. {@link SslProvider#JDK} otherwise.
     */
    public static SslProvider defaultClientProvider() {
-        return SslProvider.JDK;
+        return defaultProvider();
+    }
+
+    private static SslProvider defaultProvider() {
+        if (OpenSsl.isAvailable()) {
+            return SslProvider.OPENSSL;
+        } else {
+            return SslProvider.JDK;
+        }
    }

    /**
@ -346,7 +350,7 @@ public abstract class SslContext {
            long sessionCacheSize, long sessionTimeout) throws SSLException {

        if (provider == null) {
-            provider = OpenSsl.isAvailable()? SslProvider.OPENSSL : SslProvider.JDK;
+            provider = defaultServerProvider();
        }

        switch (provider) {
@ -356,7 +360,7 @@ public abstract class SslContext {
                    keyManagerFactory, ciphers, cipherFilter, apn, sessionCacheSize, sessionTimeout);
        case OPENSSL:
            return new OpenSslServerContext(
-                    keyCertChainFile, keyFile, keyPassword,
+                    keyCertChainFile, keyFile, keyPassword, trustManagerFactory,
                    ciphers, apn, sessionCacheSize, sessionTimeout);
        default:
            throw new Error(provider.toString());
@ -640,12 +644,8 @@ public abstract class SslContext {
            File keyCertChainFile, File keyFile, String keyPassword, KeyManagerFactory keyManagerFactory,
            Iterable<String> ciphers, CipherSuiteFilter cipherFilter, ApplicationProtocolConfig apn,
            long sessionCacheSize, long sessionTimeout) throws SSLException {
-
-        if (provider != null && provider != SslProvider.JDK) {
-            throw new SSLException("client context unsupported for: " + provider);
-        }
        if (provider == null) {
-            provider = SslProvider.JDK;
+            provider = defaultClientProvider();
        }
        switch (provider) {
            case JDK: