Add host and port to SSLEngineFactory

api/src/main/java/org/asynchttpclient/AsyncHttpClientConfig.java

@@ -30,6 +30,7 @@
 
 import java.io.IOException;
 import java.io.InputStream;
+import java.security.GeneralSecurityException;
 import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
@@ -351,6 +352,16 @@ public SSLEngine newSSLEngine() {
                         return null;
                     }
                 }
+
+                public SSLEngine newSSLEngine(String peerHost, int peerPort) throws GeneralSecurityException {
+                    if (sslContext != null) {
+                        SSLEngine sslEngine = sslContext.createSSLEngine(peerHost, peerPort);
+                        sslEngine.setUseClientMode(true);
+                        return sslEngine;
+                    } else {
+                        return null;
+                    }
+                }
             };
         }
         return sslEngineFactory;

api/src/main/java/org/asynchttpclient/SSLEngineFactory.java

@@ -30,4 +30,14 @@ public interface SSLEngineFactory {
      * @throws GeneralSecurityException if the SSLEngine cannot be created
      */
     SSLEngine newSSLEngine() throws GeneralSecurityException;
+
+    /**
+     * Creates new {@link SSLEngine}.
+     *
+     * @param peerHost the hostname of the peer the engine is connecting to.
+     * @param peerPort the port of the peer the engine is connecting to.
+     * @return new engine
+     * @throws GeneralSecurityException if the SSLEngine cannot be created
+     */
+    SSLEngine newSSLEngine(String peerHost, int peerPort) throws GeneralSecurityException;
 }

api/src/main/java/org/asynchttpclient/util/SslUtils.java

@@ -38,12 +38,12 @@ public class SslUtils {
 
     private static SSLContext context = null;
 
-    public static SSLEngine getSSLEngine() throws GeneralSecurityException, IOException {
+    public static SSLEngine getSSLEngine(String peerHost, int peerPort) throws GeneralSecurityException, IOException {
         SSLEngine engine = null;
 
         SSLContext context = getSSLContext();
         if (context != null) {
-            engine = context.createSSLEngine();
+            engine = context.createSSLEngine(peerHost, peerPort);
             engine.setUseClientMode(true);
         }
 

providers/netty/src/main/java/org/asynchttpclient/providers/netty/NettyAsyncHttpProvider.java

@@ -26,6 +26,7 @@
 import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
+import java.net.URI;
 import java.util.concurrent.atomic.AtomicBoolean;
 
 public class NettyAsyncHttpProvider implements AsyncHttpProvider {
@@ -47,7 +48,6 @@ public NettyAsyncHttpProvider(AsyncHttpClientConfig config) {
 
         channels = new Channels(config, nettyConfig);
         requestSender = new NettyRequestSender(closed, config, nettyConfig, channels);
-        channels.configureProcessor(requestSender, closed);
     }
 
     @Override
@@ -72,6 +72,9 @@ public void close() {
 
     @Override
     public <T> ListenableFuture<T> execute(Request request, final AsyncHandler<T> asyncHandler) throws IOException {
+        final URI uri = request.getURI();
+        channels.configureProcessor(requestSender, closed, uri.getHost(), uri.getPort());
+
         return requestSender.sendRequest(request, asyncHandler, null, false);
     }
 }

providers/netty/src/main/java/org/asynchttpclient/providers/netty/channel/Channels.java

@@ -195,15 +195,18 @@ public Channels(final AsyncHttpClientConfig config, NettyAsyncHttpProviderConfig
         secureWebSocketBootstrap.option(ChannelOption.CONNECT_TIMEOUT_MILLIS, timeOut);
     }
 
-    private SSLEngine createSSLEngine() throws IOException, GeneralSecurityException {
-        SSLEngine sslEngine = config.getSSLEngineFactory().newSSLEngine();
+    private SSLEngine createSSLEngine(String peerHost, int peerPort) throws IOException, GeneralSecurityException {
+        SSLEngine sslEngine = config.getSSLEngineFactory().newSSLEngine(peerHost, peerPort);
         if (sslEngine == null) {
-            sslEngine = SslUtils.getSSLEngine();
+            sslEngine = SslUtils.getSSLEngine(peerHost, peerPort);
         }
         return sslEngine;
     }
 
-    public void configureProcessor(NettyRequestSender requestSender, AtomicBoolean closed) {
+    public void configureProcessor(final NettyRequestSender requestSender,//
+                                   final AtomicBoolean closed,//
+                                   final String peerHost,//
+                                   final int peerPort) {
 
         final Processor httpProcessor = newHttpProcessor(config, nettyProviderConfig, requestSender, this, closed);
         wsProcessor = newWsProcessor(config, nettyProviderConfig, requestSender, this, closed);
@@ -243,7 +246,7 @@ protected void initChannel(Channel ch) throws Exception {
             @Override
             protected void initChannel(Channel ch) throws Exception {
 
-                SSLEngine sslEngine = createSSLEngine();
+                SSLEngine sslEngine = createSSLEngine(peerHost, peerPort);
                 SslHandler sslHandler = new SslHandler(sslEngine);
                 if (handshakeTimeoutInMillis > 0)
                     sslHandler.setHandshakeTimeoutMillis(handshakeTimeoutInMillis);
@@ -269,7 +272,7 @@ protected void initChannel(Channel ch) throws Exception {
             @Override
             protected void initChannel(Channel ch) throws Exception {
                 ch.pipeline()//
-                        .addLast(SSL_HANDLER, new SslHandler(createSSLEngine()))//
+                        .addLast(SSL_HANDLER, new SslHandler(createSSLEngine(peerHost, peerPort)))//
                         .addLast(HTTP_HANDLER, newHttpClientCodec())//
                         .addLast(WS_PROCESSOR, wsProcessor);
 
@@ -307,15 +310,15 @@ public void close() {
      * Always make sure the channel who got cached support the proper protocol. It could only occurs when a HttpMethod.
      * CONNECT is used against a proxy that requires upgrading from http to https.
      */
-    public void verifyChannelPipeline(ChannelPipeline pipeline, String scheme) throws IOException, GeneralSecurityException {
+    public void verifyChannelPipeline(ChannelPipeline pipeline, String scheme, String peerHost, int peerPort) throws IOException, GeneralSecurityException {
 
         boolean isSecure = isSecure(scheme);
         if (pipeline.get(SSL_HANDLER) != null) {
             if (!isSecure)
                 pipeline.remove(SSL_HANDLER);
 
         } else if (isSecure)
-            pipeline.addFirst(SSL_HANDLER, new SslHandler(createSSLEngine()));
+            pipeline.addFirst(SSL_HANDLER, new SslHandler(createSSLEngine(peerHost, peerPort)));
     }
 
     protected HttpClientCodec newHttpClientCodec() {
@@ -331,15 +334,15 @@ protected HttpClientCodec newHttpClientCodec() {
         }
     }
 
-    public void upgradeProtocol(ChannelPipeline p, String scheme) throws IOException, GeneralSecurityException {
+    public void upgradeProtocol(ChannelPipeline p, String scheme, String peerHost, int peerPort) throws IOException, GeneralSecurityException {
         if (p.get(HTTP_HANDLER) != null) {
             p.remove(HTTP_HANDLER);
         }
 
         if (isSecure(scheme)) {
             if (p.get(SSL_HANDLER) == null) {
                 p.addFirst(HTTP_HANDLER, newHttpClientCodec());
-                p.addFirst(SSL_HANDLER, new SslHandler(createSSLEngine()));
+                p.addFirst(SSL_HANDLER, new SslHandler(createSSLEngine(peerHost, peerPort)));
             } else {
                 p.addAfter(SSL_HANDLER, HTTP_HANDLER, newHttpClientCodec());
             }
@@ -365,7 +368,7 @@ public Channel pollAndVerifyCachedChannel(URI uri, ProxyServer proxy, Connection
             LOGGER.debug("Using cached Channel {}\n for uri {}\n", channel, uri);
 
             try {
-                verifyChannelPipeline(channel.pipeline(), uri.getScheme());
+                verifyChannelPipeline(channel.pipeline(), uri.getScheme(), uri.getHost(), uri.getPort());
             } catch (Exception ex) {
                 LOGGER.debug(ex.getMessage(), ex);
             }

providers/netty/src/main/java/org/asynchttpclient/providers/netty/handler/HttpProtocol.java

@@ -320,7 +320,8 @@ private boolean handleConnectOKAndExit(int statusCode, Realm realm, final Reques
 
             try {
                 LOGGER.debug("Connecting to proxy {} for scheme {}", proxyServer, request.getUrl());
-                channels.upgradeProtocol(channel.pipeline(), request.getURI().getScheme());
+                URI uri = request.getURI();
+                channels.upgradeProtocol(channel.pipeline(), uri.getScheme(), uri.getHost(), uri.getPort());
             } catch (Throwable ex) {
                 channels.abort(future, ex);
             }