/
SniConfigurator.java
110 lines (96 loc) · 3.87 KB
/
SniConfigurator.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
/*
* Copyright (c) 2023 Oracle and/or its affiliates. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0, which is available at
* http://www.eclipse.org/legal/epl-2.0.
*
* This Source Code may also be made available under the following Secondary
* Licenses when the conditions for such availability set forth in the
* Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
* version 2 with the GNU Classpath Exception, which is available at
* https://www.gnu.org/software/classpath/license.html.
*
* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
*/
package org.glassfish.jersey.client.innate.http;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SNIServerName;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.ws.rs.core.HttpHeaders;
import java.net.URI;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Optional;
/**
* A unified routines to set {@link SNIHostName} for the {@link javax.net.ssl.SSLContext}.
* To be reused in connectors.
*/
final class SniConfigurator {
private final String hostName;
private SniConfigurator(String hostName) {
this.hostName = hostName;
}
/**
* Get the hostName from the {@link HttpHeaders#HOST} header.
* @return
*/
String getHostName() {
return hostName;
}
/**
* Create ClientSNI when {@link HttpHeaders#HOST} is set different from the request URI host (or {@code whenDiffer}.is false).
* @param hostUri the Uri of the HTTP request
* @param headers the HttpHeaders
* @param whenDiffer create {@SniConfigurator only when different from the request URI host}
* @return ClientSNI or empty when {@link HttpHeaders#HOST}
*/
static Optional<SniConfigurator> createWhenHostHeader(URI hostUri, Map<String, List<Object>> headers, boolean whenDiffer) {
List<Object> hostHeaders = headers.get(HttpHeaders.HOST);
if (hostHeaders == null || hostHeaders.get(0) == null) {
return Optional.empty();
}
final String hostHeader = hostHeaders.get(0).toString();
final String trimmedHeader;
if (hostHeader != null) {
int index = hostHeader.indexOf(':'); // RFC 7230 Host = uri-host [ ":" port ] ;
final String trimmedHeader0 = index != -1 ? hostHeader.substring(0, index).trim() : hostHeader.trim();
trimmedHeader = trimmedHeader0.isEmpty() ? hostHeader : trimmedHeader0;
} else {
return Optional.empty();
}
final String hostUriString = hostUri.getHost();
if (!whenDiffer && hostUriString.equals(trimmedHeader)) {
return Optional.empty();
}
return Optional.of(new SniConfigurator(trimmedHeader));
}
/**
* Set {@link SNIServerName} for the given {@link SSLEngine} SSLParameters.
* @param sslEngine
*/
void setServerNames(SSLEngine sslEngine) {
SSLParameters sslParameters = sslEngine.getSSLParameters();
updateSSLParameters(sslParameters);
sslEngine.setSSLParameters(sslParameters);
}
/**
* Set {@link SNIServerName} for the given {@link SSLSocket} SSLParameters.
* @param sslSocket
*/
void setServerNames(SSLSocket sslSocket) {
SSLParameters sslParameters = sslSocket.getSSLParameters();
updateSSLParameters(sslParameters);
sslSocket.setSSLParameters(sslParameters);
}
private SSLParameters updateSSLParameters(SSLParameters sslParameters) {
SNIHostName serverName = new SNIHostName(hostName);
List<SNIServerName> serverNames = new LinkedList<>();
serverNames.add(serverName);
sslParameters.setServerNames(serverNames);
return sslParameters;
}
}