View Javadoc
1   /*
2    * Copyright 2014 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty5.handler.ssl;
17  
18  import javax.net.ssl.SSLEngine;
19  import java.util.Collections;
20  import java.util.List;
21  
22  import static io.netty5.handler.ssl.ApplicationProtocolUtil.toList;
23  import static io.netty5.util.internal.ObjectUtil.checkNonEmpty;
24  import static java.util.Objects.requireNonNull;
25  
26  /**
27   * Provides an {@link SSLEngine} agnostic way to configure a {@link ApplicationProtocolNegotiator}.
28   */
29  public final class ApplicationProtocolConfig {
30  
31      /**
32       * The configuration that disables application protocol negotiation.
33       */
34      public static final ApplicationProtocolConfig DISABLED = new ApplicationProtocolConfig();
35  
36      private final List<String> supportedProtocols;
37      private final Protocol protocol;
38      private final SelectorFailureBehavior selectorBehavior;
39      private final SelectedListenerFailureBehavior selectedBehavior;
40  
41      /**
42       * Create a new instance.
43       * @param protocol The application protocol functionality to use.
44       * @param selectorBehavior How the peer selecting the protocol should behave.
45       * @param selectedBehavior How the peer being notified of the selected protocol should behave.
46       * @param supportedProtocols The order of iteration determines the preference of support for protocols.
47       */
48      public ApplicationProtocolConfig(Protocol protocol, SelectorFailureBehavior selectorBehavior,
49              SelectedListenerFailureBehavior selectedBehavior, Iterable<String> supportedProtocols) {
50          this(protocol, selectorBehavior, selectedBehavior, toList(supportedProtocols));
51      }
52  
53      /**
54       * Create a new instance.
55       * @param protocol The application protocol functionality to use.
56       * @param selectorBehavior How the peer selecting the protocol should behave.
57       * @param selectedBehavior How the peer being notified of the selected protocol should behave.
58       * @param supportedProtocols The order of iteration determines the preference of support for protocols.
59       */
60      public ApplicationProtocolConfig(Protocol protocol, SelectorFailureBehavior selectorBehavior,
61              SelectedListenerFailureBehavior selectedBehavior, String... supportedProtocols) {
62          this(protocol, selectorBehavior, selectedBehavior, toList(supportedProtocols));
63      }
64  
65      /**
66       * Create a new instance.
67       * @param protocol The application protocol functionality to use.
68       * @param selectorBehavior How the peer selecting the protocol should behave.
69       * @param selectedBehavior How the peer being notified of the selected protocol should behave.
70       * @param supportedProtocols The order of iteration determines the preference of support for protocols.
71       */
72      private ApplicationProtocolConfig(
73              Protocol protocol, SelectorFailureBehavior selectorBehavior,
74              SelectedListenerFailureBehavior selectedBehavior, List<String> supportedProtocols) {
75          this.supportedProtocols = Collections.unmodifiableList(
76                  requireNonNull(supportedProtocols, "supportedProtocols"));
77          this.protocol = requireNonNull(protocol, "protocol");
78          this.selectorBehavior = requireNonNull(selectorBehavior, "selectorBehavior");
79          this.selectedBehavior = requireNonNull(selectedBehavior, "selectedBehavior");
80  
81          if (protocol == Protocol.NONE) {
82              throw new IllegalArgumentException("protocol (" + Protocol.NONE + ") must not be " + Protocol.NONE + '.');
83          }
84          checkNonEmpty(supportedProtocols, "supportedProtocols");
85      }
86  
87      /**
88       * A special constructor that is used to instantiate {@link #DISABLED}.
89       */
90      private ApplicationProtocolConfig() {
91          supportedProtocols = Collections.emptyList();
92          protocol = Protocol.NONE;
93          selectorBehavior = SelectorFailureBehavior.CHOOSE_MY_LAST_PROTOCOL;
94          selectedBehavior = SelectedListenerFailureBehavior.ACCEPT;
95      }
96  
97      /**
98       * Defines which application level protocol negotiation to use.
99       */
100     public enum Protocol {
101         NONE, NPN, ALPN, NPN_AND_ALPN
102     }
103 
104     /**
105      * Defines the most common behaviors for the peer that selects the application protocol.
106      */
107     public enum SelectorFailureBehavior {
108         /**
109          * If the peer who selects the application protocol doesn't find a match this will result in the failing the
110          * handshake with a fatal alert.
111          * <p>
112          * For example in the case of ALPN this will result in a
113          * <a herf="https://tools.ietf.org/html/rfc7301#section-3.2">no_application_protocol(120)</a> alert.
114          */
115         FATAL_ALERT,
116         /**
117          * If the peer who selects the application protocol doesn't find a match it will pretend no to support
118          * the TLS extension by not advertising support for the TLS extension in the handshake. This is used in cases
119          * where a "best effort" is desired to talk even if there is no matching protocol.
120          */
121         NO_ADVERTISE,
122         /**
123          * If the peer who selects the application protocol doesn't find a match it will just select the last protocol
124          * it advertised support for. This is used in cases where a "best effort" is desired to talk even if there
125          * is no matching protocol, and the assumption is the "most general" fallback protocol is typically listed last.
126          * <p>
127          * This may be <a href="https://tools.ietf.org/html/rfc7301#section-3.2">illegal for some RFCs</a> but was
128          * observed behavior by some SSL implementations, and is supported for flexibility/compatibility.
129          */
130         CHOOSE_MY_LAST_PROTOCOL
131     }
132 
133     /**
134      * Defines the most common behaviors for the peer which is notified of the selected protocol.
135      */
136     public enum SelectedListenerFailureBehavior {
137         /**
138          * If the peer who is notified what protocol was selected determines the selection was not matched, or the peer
139          * didn't advertise support for the TLS extension then the handshake will continue and the application protocol
140          * is assumed to be accepted.
141          */
142         ACCEPT,
143         /**
144          * If the peer who is notified what protocol was selected determines the selection was not matched, or the peer
145          * didn't advertise support for the TLS extension then the handshake will be failed with a fatal alert.
146          */
147         FATAL_ALERT,
148         /**
149          * If the peer who is notified what protocol was selected determines the selection was not matched, or the peer
150          * didn't advertise support for the TLS extension then the handshake will continue assuming the last protocol
151          * supported by this peer is used. This is used in cases where a "best effort" is desired to talk even if there
152          * is no matching protocol, and the assumption is the "most general" fallback protocol is typically listed last.
153          */
154         CHOOSE_MY_LAST_PROTOCOL
155     }
156 
157     /**
158      * The application level protocols supported.
159      */
160     public List<String> supportedProtocols() {
161         return supportedProtocols;
162     }
163 
164     /**
165      * Get which application level protocol negotiation to use.
166      */
167     public Protocol protocol() {
168         return protocol;
169     }
170 
171     /**
172      * Get the desired behavior for the peer who selects the application protocol.
173      */
174     public SelectorFailureBehavior selectorFailureBehavior() {
175         return selectorBehavior;
176     }
177 
178     /**
179      * Get the desired behavior for the peer who is notified of the selected protocol.
180      */
181     public SelectedListenerFailureBehavior selectedListenerFailureBehavior() {
182         return selectedBehavior;
183     }
184 }