Mercurial Hosting > luan

diff src/org/eclipse/jetty/server/ssl/SslSelectChannelConnector.java @ 1002:35d04ac3fd0b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
simplify ssl
author Franklin Schmidt <fschmidt@gmail.com>
date Sat, 22 Oct 2016 21:56:44 -0600
parents 39154cfa58e4
children 21910079096e
line wrap: on
line diff
--- a/src/org/eclipse/jetty/server/ssl/SslSelectChannelConnector.java	Sat Oct 22 20:56:41 2016 -0600
+++ b/src/org/eclipse/jetty/server/ssl/SslSelectChannelConnector.java	Sat Oct 22 21:56:44 2016 -0600
@@ -49,7 +49,7 @@
  *
  * @org.apache.xbean.XBean element="sslConnector" description="Creates an NIO ssl connector"
  */
-public class SslSelectChannelConnector extends SelectChannelConnector
+public final class SslSelectChannelConnector extends SelectChannelConnector
 {
 	private final SslContextFactory _sslContextFactory;
 	private Buffers _sslBuffers;
@@ -116,400 +116,6 @@
 
 	/* ------------------------------------------------------------ */
 	/**
-	 * @return True if SSL re-negotiation is allowed (default false)
-	 * @deprecated
-	 */
-	@Deprecated
-	public boolean isAllowRenegotiate()
-	{
-		return _sslContextFactory.isAllowRenegotiate();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * Set if SSL re-negotiation is allowed. CVE-2009-3555 discovered
-	 * a vulnerability in SSL/TLS with re-negotiation.  If your JVM
-	 * does not have CVE-2009-3555 fixed, then re-negotiation should
-	 * not be allowed.  CVE-2009-3555 was fixed in Sun java 1.6 with a ban
-	 * of renegotiate in u19 and with RFC5746 in u22.
-	 * @param allowRenegotiate true if re-negotiation is allowed (default false)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setAllowRenegotiate(boolean allowRenegotiate)
-	{
-		_sslContextFactory.setAllowRenegotiate(allowRenegotiate);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getExcludeCipherSuites()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String[] getExcludeCipherSuites()
-	{
-		return _sslContextFactory.getExcludeCipherSuites();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setExcludeCipherSuites(java.lang.String[])
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setExcludeCipherSuites(String[] cipherSuites)
-	{
-		_sslContextFactory.setExcludeCipherSuites(cipherSuites);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getExcludeCipherSuites()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String[] getIncludeCipherSuites()
-	{
-		return _sslContextFactory.getIncludeCipherSuites();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setExcludeCipherSuites(java.lang.String[])
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setIncludeCipherSuites(String[] cipherSuites)
-	{
-		_sslContextFactory.setIncludeCipherSuites(cipherSuites);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setPassword(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setPassword(String password)
-	{
-		_sslContextFactory.setKeyStorePassword(password);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setTrustPassword(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setTrustPassword(String password)
-	{
-		_sslContextFactory.setTrustStorePassword(password);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setKeyPassword(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setKeyPassword(String password)
-	{
-		_sslContextFactory.setKeyManagerPassword(password);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * Unsupported.
-	 *
-	 * TODO: we should remove this as it is no longer an overridden method from SslConnector (like it was in the past)
-	 * @deprecated
-	 */
-	@Deprecated
-	public String getAlgorithm()
-	{
-		throw new UnsupportedOperationException();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * Unsupported.
-	 *
-	 * TODO: we should remove this as it is no longer an overridden method from SslConnector (like it was in the past)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setAlgorithm(String algorithm)
-	{
-		throw new UnsupportedOperationException();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getProtocol()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String getProtocol()
-	{
-		return _sslContextFactory.getProtocol();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setProtocol(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setProtocol(String protocol)
-	{
-		_sslContextFactory.setProtocol(protocol);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setKeystore(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setKeystore(String keystore)
-	{
-		_sslContextFactory.setKeyStorePath(keystore);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getKeystore()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String getKeystore()
-	{
-		return _sslContextFactory.getKeyStorePath();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getKeystoreType()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String getKeystoreType()
-	{
-		return _sslContextFactory.getKeyStoreType();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getNeedClientAuth()
-	 * @deprecated
-	 */
-	@Deprecated
-	public boolean getNeedClientAuth()
-	{
-		return _sslContextFactory.getNeedClientAuth();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getWantClientAuth()
-	 * @deprecated
-	 */
-	@Deprecated
-	public boolean getWantClientAuth()
-	{
-		return _sslContextFactory.getWantClientAuth();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setNeedClientAuth(boolean)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setNeedClientAuth(boolean needClientAuth)
-	{
-		_sslContextFactory.setNeedClientAuth(needClientAuth);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setWantClientAuth(boolean)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setWantClientAuth(boolean wantClientAuth)
-	{
-		_sslContextFactory.setWantClientAuth(wantClientAuth);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setKeystoreType(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setKeystoreType(String keystoreType)
-	{
-		_sslContextFactory.setKeyStoreType(keystoreType);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getProvider()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String getProvider()
-	{
-		return _sslContextFactory.getProvider();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getSecureRandomAlgorithm()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String getSecureRandomAlgorithm()
-	{
-		return _sslContextFactory.getSecureRandomAlgorithm();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getSslKeyManagerFactoryAlgorithm()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String getSslKeyManagerFactoryAlgorithm()
-	{
-		return _sslContextFactory.getSslKeyManagerFactoryAlgorithm();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getSslTrustManagerFactoryAlgorithm()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String getSslTrustManagerFactoryAlgorithm()
-	{
-		return _sslContextFactory.getTrustManagerFactoryAlgorithm();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getTruststore()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String getTruststore()
-	{
-		return _sslContextFactory.getTrustStore();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#getTruststoreType()
-	 * @deprecated
-	 */
-	@Deprecated
-	public String getTruststoreType()
-	{
-		return _sslContextFactory.getTrustStoreType();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setProvider(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setProvider(String provider)
-	{
-		_sslContextFactory.setProvider(provider);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setSecureRandomAlgorithm(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setSecureRandomAlgorithm(String algorithm)
-	{
-		_sslContextFactory.setSecureRandomAlgorithm(algorithm);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setSslKeyManagerFactoryAlgorithm(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setSslKeyManagerFactoryAlgorithm(String algorithm)
-	{
-		_sslContextFactory.setSslKeyManagerFactoryAlgorithm(algorithm);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setSslTrustManagerFactoryAlgorithm(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setSslTrustManagerFactoryAlgorithm(String algorithm)
-	{
-		_sslContextFactory.setTrustManagerFactoryAlgorithm(algorithm);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setTruststore(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setTruststore(String truststore)
-	{
-		_sslContextFactory.setTrustStore(truststore);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setTruststoreType(java.lang.String)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setTruststoreType(String truststoreType)
-	{
-		_sslContextFactory.setTrustStoreType(truststoreType);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setSslContext(javax.net.ssl.SSLContext)
-	 * @deprecated
-	 */
-	@Deprecated
-	public void setSslContext(SSLContext sslContext)
-	{
-		_sslContextFactory.setSslContext(sslContext);
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
-	 * @see org.eclipse.jetty.server.ssl.SslConnector#setSslContext(javax.net.ssl.SSLContext)
-	 * @deprecated
-	 */
-	@Deprecated
-	public SSLContext getSslContext()
-	{
-		return _sslContextFactory.getSslContext();
-	}
-
-	/* ------------------------------------------------------------ */
-	/**
 	 * @see org.eclipse.jetty.server.ssl.SslConnector#getSslContextFactory()
 	 */
 	public SslContextFactory getSslContextFactory()
@@ -557,20 +163,11 @@
 	 * @return A SSLEngine for a new or cached SSL Session
 	 * @throws IOException if the SSLEngine cannot be created
 	 */
-	protected SSLEngine createSSLEngine(SocketChannel channel) throws IOException
+	private SSLEngine createSSLEngine(SocketChannel channel) throws IOException
 	{
-		SSLEngine engine;
-		if (channel != null)
-		{
-			String peerHost = channel.socket().getInetAddress().getHostAddress();
-			int peerPort = channel.socket().getPort();
-			engine = _sslContextFactory.newSslEngine(peerHost, peerPort);
-		}
-		else
-		{
-			engine = _sslContextFactory.newSslEngine();
-		}
-
+		String peerHost = channel.socket().getInetAddress().getHostAddress();
+		int peerPort = channel.socket().getPort();
+		SSLEngine engine = _sslContextFactory.newSslEngine(peerHost, peerPort);
 		engine.setUseClientMode(false);
 		return engine;
 	}
@@ -612,16 +209,8 @@
 	@Override
 	protected void doStop() throws Exception
 	{
-		_sslBuffers=null;
+		_sslBuffers = null;
 		super.doStop();
 	}
 
-	/* ------------------------------------------------------------ */
-	/**
-	 * @return SSL buffers
-	 */
-	public Buffers getSslBuffers()
-	{
-		return _sslBuffers;
-	}
 }