1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.eclipse.jetty.server;
21
22
23 import javax.net.ssl.SSLEngine;
24 import javax.net.ssl.SSLSession;
25
26 import org.eclipse.jetty.http.HttpVersion;
27 import org.eclipse.jetty.io.AbstractConnection;
28 import org.eclipse.jetty.io.Connection;
29 import org.eclipse.jetty.io.EndPoint;
30 import org.eclipse.jetty.io.ssl.SslConnection;
31 import org.eclipse.jetty.io.ssl.SslHandshakeListener;
32 import org.eclipse.jetty.util.annotation.Name;
33 import org.eclipse.jetty.util.component.ContainerLifeCycle;
34 import org.eclipse.jetty.util.ssl.SslContextFactory;
35
36 public class SslConnectionFactory extends AbstractConnectionFactory
37 {
38 private final SslContextFactory _sslContextFactory;
39 private final String _nextProtocol;
40
41 public SslConnectionFactory()
42 {
43 this(HttpVersion.HTTP_1_1.asString());
44 }
45
46 public SslConnectionFactory(@Name("next") String nextProtocol)
47 {
48 this(null,nextProtocol);
49 }
50
51 public SslConnectionFactory(@Name("sslContextFactory") SslContextFactory factory, @Name("next") String nextProtocol)
52 {
53 super("SSL");
54 _sslContextFactory=factory==null?new SslContextFactory():factory;
55 _nextProtocol=nextProtocol;
56 addBean(_sslContextFactory);
57 }
58
59 public SslContextFactory getSslContextFactory()
60 {
61 return _sslContextFactory;
62 }
63
64 public String getNextProtocol()
65 {
66 return _nextProtocol;
67 }
68
69 @Override
70 protected void doStart() throws Exception
71 {
72 super.doStart();
73
74 SSLEngine engine = _sslContextFactory.newSSLEngine();
75 engine.setUseClientMode(false);
76 SSLSession session=engine.getSession();
77
78 if (session.getPacketBufferSize()>getInputBufferSize())
79 setInputBufferSize(session.getPacketBufferSize());
80 }
81
82 @Override
83 public Connection newConnection(Connector connector, EndPoint endPoint)
84 {
85 SSLEngine engine = _sslContextFactory.newSSLEngine(endPoint.getRemoteAddress());
86 engine.setUseClientMode(false);
87
88 SslConnection sslConnection = newSslConnection(connector, endPoint, engine);
89 sslConnection.setRenegotiationAllowed(_sslContextFactory.isRenegotiationAllowed());
90 configure(sslConnection, connector, endPoint);
91
92 ConnectionFactory next = connector.getConnectionFactory(_nextProtocol);
93 EndPoint decryptedEndPoint = sslConnection.getDecryptedEndPoint();
94 Connection connection = next.newConnection(connector, decryptedEndPoint);
95 decryptedEndPoint.setConnection(connection);
96
97 return sslConnection;
98 }
99
100 protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine)
101 {
102 return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine);
103 }
104
105 @Override
106 protected AbstractConnection configure(AbstractConnection connection, Connector connector, EndPoint endPoint)
107 {
108 if (connection instanceof SslConnection)
109 {
110 SslConnection sslConnection = (SslConnection)connection;
111 if (connector instanceof ContainerLifeCycle)
112 {
113 ContainerLifeCycle container = (ContainerLifeCycle)connector;
114 container.getBeans(SslHandshakeListener.class).forEach(sslConnection::addHandshakeListener);
115 }
116 getBeans(SslHandshakeListener.class).forEach(sslConnection::addHandshakeListener);
117 }
118 return super.configure(connection, connector, endPoint);
119 }
120
121 @Override
122 public String toString()
123 {
124 return String.format("%s@%x{%s->%s}",this.getClass().getSimpleName(),hashCode(),getProtocol(),_nextProtocol);
125 }
126
127 }