Package io.undertow.server.protocol.http
Class ALPNLimitingSSLEngine
- java.lang.Object
-
- javax.net.ssl.SSLEngine
-
- io.undertow.server.protocol.http.ALPNLimitingSSLEngine
-
public class ALPNLimitingSSLEngine extends SSLEngine
SSLEngine that will limit the cipher selection to HTTP/2 suitable protocols if the client is offering h2 as an option.In theory this is not a perfect solution to the HTTP/2 cipher strength issue, but in practice it should be sufficient as any RFC compliant implementation should be able to negotiate TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- Author:
- Stuart Douglas
-
-
Constructor Summary
Constructors Constructor Description ALPNLimitingSSLEngine(SSLEngine delegate, Runnable invalidAlpnRunnable)
-
Method Summary
-
Methods inherited from class javax.net.ssl.SSLEngine
getApplicationProtocol, getHandshakeApplicationProtocol, getHandshakeApplicationProtocolSelector, setHandshakeApplicationProtocolSelector
-
-
-
-
Method Detail
-
getPeerHost
public String getPeerHost()
- Overrides:
getPeerHostin classSSLEngine
-
getPeerPort
public int getPeerPort()
- Overrides:
getPeerPortin classSSLEngine
-
wrap
public SSLEngineResult wrap(ByteBuffer src, ByteBuffer dst) throws SSLException
- Overrides:
wrapin classSSLEngine- Throws:
SSLException
-
wrap
public SSLEngineResult wrap(ByteBuffer[] srcs, ByteBuffer dst) throws SSLException
- Overrides:
wrapin classSSLEngine- Throws:
SSLException
-
unwrap
public SSLEngineResult unwrap(ByteBuffer src, ByteBuffer dst) throws SSLException
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
unwrap
public SSLEngineResult unwrap(ByteBuffer src, ByteBuffer[] dsts) throws SSLException
- Overrides:
unwrapin classSSLEngine- Throws:
SSLException
-
getHandshakeSession
public SSLSession getHandshakeSession()
- Overrides:
getHandshakeSessionin classSSLEngine
-
getSSLParameters
public SSLParameters getSSLParameters()
- Overrides:
getSSLParametersin classSSLEngine
-
setSSLParameters
public void setSSLParameters(SSLParameters sslParameters)
- Overrides:
setSSLParametersin classSSLEngine
-
wrap
public SSLEngineResult wrap(ByteBuffer[] srcs, int off, int len, ByteBuffer dst) throws SSLException
- Specified by:
wrapin classSSLEngine- Throws:
SSLException
-
unwrap
public SSLEngineResult unwrap(ByteBuffer byteBuffer, ByteBuffer[] byteBuffers, int i, int i1) throws SSLException
- Specified by:
unwrapin classSSLEngine- Throws:
SSLException
-
getDelegatedTask
public Runnable getDelegatedTask()
- Specified by:
getDelegatedTaskin classSSLEngine
-
closeInbound
public void closeInbound() throws SSLException- Specified by:
closeInboundin classSSLEngine- Throws:
SSLException
-
isInboundDone
public boolean isInboundDone()
- Specified by:
isInboundDonein classSSLEngine
-
closeOutbound
public void closeOutbound()
- Specified by:
closeOutboundin classSSLEngine
-
isOutboundDone
public boolean isOutboundDone()
- Specified by:
isOutboundDonein classSSLEngine
-
getSupportedCipherSuites
public String[] getSupportedCipherSuites()
- Specified by:
getSupportedCipherSuitesin classSSLEngine
-
getEnabledCipherSuites
public String[] getEnabledCipherSuites()
- Specified by:
getEnabledCipherSuitesin classSSLEngine
-
setEnabledCipherSuites
public void setEnabledCipherSuites(String[] strings)
- Specified by:
setEnabledCipherSuitesin classSSLEngine
-
getSupportedProtocols
public String[] getSupportedProtocols()
- Specified by:
getSupportedProtocolsin classSSLEngine
-
getEnabledProtocols
public String[] getEnabledProtocols()
- Specified by:
getEnabledProtocolsin classSSLEngine
-
setEnabledProtocols
public void setEnabledProtocols(String[] strings)
- Specified by:
setEnabledProtocolsin classSSLEngine
-
getSession
public SSLSession getSession()
- Specified by:
getSessionin classSSLEngine
-
beginHandshake
public void beginHandshake() throws SSLException- Specified by:
beginHandshakein classSSLEngine- Throws:
SSLException
-
getHandshakeStatus
public SSLEngineResult.HandshakeStatus getHandshakeStatus()
- Specified by:
getHandshakeStatusin classSSLEngine
-
setUseClientMode
public void setUseClientMode(boolean b)
- Specified by:
setUseClientModein classSSLEngine
-
getUseClientMode
public boolean getUseClientMode()
- Specified by:
getUseClientModein classSSLEngine
-
setNeedClientAuth
public void setNeedClientAuth(boolean b)
- Specified by:
setNeedClientAuthin classSSLEngine
-
getNeedClientAuth
public boolean getNeedClientAuth()
- Specified by:
getNeedClientAuthin classSSLEngine
-
setWantClientAuth
public void setWantClientAuth(boolean b)
- Specified by:
setWantClientAuthin classSSLEngine
-
getWantClientAuth
public boolean getWantClientAuth()
- Specified by:
getWantClientAuthin classSSLEngine
-
setEnableSessionCreation
public void setEnableSessionCreation(boolean b)
- Specified by:
setEnableSessionCreationin classSSLEngine
-
getEnableSessionCreation
public boolean getEnableSessionCreation()
- Specified by:
getEnableSessionCreationin classSSLEngine
-
-