1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package io.netty.handler.ssl;
17
18 import io.netty.buffer.ByteBufAllocator;
19 import io.netty.handler.ssl.util.BouncyCastleUtil;
20
21 import javax.net.ssl.SSLEngine;
22
23
24
25
26
27
28 @Deprecated
29 public final class JdkAlpnApplicationProtocolNegotiator extends JdkBaseApplicationProtocolNegotiator {
30 private static final boolean AVAILABLE = Conscrypt.isAvailable() ||
31 JdkAlpnSslUtils.supportsAlpn() ||
32 JettyAlpnSslEngine.isAvailable() ||
33 (BouncyCastleUtil.isBcTlsAvailable() && BouncyCastleAlpnSslUtils.isAlpnSupported());
34
35 private static final SslEngineWrapperFactory ALPN_WRAPPER = AVAILABLE ? new AlpnWrapper() : new FailureWrapper();
36
37
38
39
40
41 public JdkAlpnApplicationProtocolNegotiator(Iterable<String> protocols) {
42 this(false, protocols);
43 }
44
45
46
47
48
49 public JdkAlpnApplicationProtocolNegotiator(String... protocols) {
50 this(false, protocols);
51 }
52
53
54
55
56
57
58 public JdkAlpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, Iterable<String> protocols) {
59 this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);
60 }
61
62
63
64
65
66
67 public JdkAlpnApplicationProtocolNegotiator(boolean failIfNoCommonProtocols, String... protocols) {
68 this(failIfNoCommonProtocols, failIfNoCommonProtocols, protocols);
69 }
70
71
72
73
74
75
76
77 public JdkAlpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,
78 boolean serverFailIfNoCommonProtocols, Iterable<String> protocols) {
79 this(serverFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,
80 clientFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,
81 protocols);
82 }
83
84
85
86
87
88
89
90 public JdkAlpnApplicationProtocolNegotiator(boolean clientFailIfNoCommonProtocols,
91 boolean serverFailIfNoCommonProtocols, String... protocols) {
92 this(serverFailIfNoCommonProtocols ? FAIL_SELECTOR_FACTORY : NO_FAIL_SELECTOR_FACTORY,
93 clientFailIfNoCommonProtocols ? FAIL_SELECTION_LISTENER_FACTORY : NO_FAIL_SELECTION_LISTENER_FACTORY,
94 protocols);
95 }
96
97
98
99
100
101
102
103 public JdkAlpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,
104 ProtocolSelectionListenerFactory listenerFactory, Iterable<String> protocols) {
105 super(ALPN_WRAPPER, selectorFactory, listenerFactory, protocols);
106 }
107
108
109
110
111
112
113
114 public JdkAlpnApplicationProtocolNegotiator(ProtocolSelectorFactory selectorFactory,
115 ProtocolSelectionListenerFactory listenerFactory, String... protocols) {
116 super(ALPN_WRAPPER, selectorFactory, listenerFactory, protocols);
117 }
118
119 private static final class FailureWrapper extends AllocatorAwareSslEngineWrapperFactory {
120 @Override
121 public SSLEngine wrapSslEngine(SSLEngine engine, ByteBufAllocator alloc,
122 JdkApplicationProtocolNegotiator applicationNegotiator, boolean isServer) {
123 throw new RuntimeException("ALPN unsupported. Is your classpath configured correctly?"
124 + " For Conscrypt, add the appropriate Conscrypt JAR to classpath and set the security provider."
125 + " For Jetty-ALPN, see "
126 + "https://www.eclipse.org/jetty/documentation/current/alpn-chapter.html#alpn-starting");
127 }
128 }
129
130 private static final class AlpnWrapper extends AllocatorAwareSslEngineWrapperFactory {
131 @Override
132 public SSLEngine wrapSslEngine(SSLEngine engine, ByteBufAllocator alloc,
133 JdkApplicationProtocolNegotiator applicationNegotiator, boolean isServer) {
134 if (Conscrypt.isEngineSupported(engine)) {
135 return isServer ? ConscryptAlpnSslEngine.newServerEngine(engine, alloc, applicationNegotiator)
136 : ConscryptAlpnSslEngine.newClientEngine(engine, alloc, applicationNegotiator);
137 }
138 if (BouncyCastleUtil.isBcJsseInUse(engine) && BouncyCastleAlpnSslUtils.isAlpnSupported()) {
139 return new BouncyCastleAlpnSslEngine(engine, applicationNegotiator, isServer);
140 }
141
142
143
144
145 if (JdkAlpnSslUtils.supportsAlpn()) {
146 return new JdkAlpnSslEngine(engine, applicationNegotiator, isServer);
147 }
148 if (JettyAlpnSslEngine.isAvailable()) {
149 return isServer ? JettyAlpnSslEngine.newServerEngine(engine, applicationNegotiator)
150 : JettyAlpnSslEngine.newClientEngine(engine, applicationNegotiator);
151 }
152 throw new UnsupportedOperationException("ALPN not supported. Unable to wrap SSLEngine of type '"
153 + engine.getClass().getName() + "')");
154 }
155 }
156
157 static boolean isAlpnSupported() {
158 return AVAILABLE;
159 }
160 }