2 // ========================================================================
3 // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
20 package org.eclipse.jetty.server;
23 import javax.net.ssl.SSLEngine;
24 import javax.net.ssl.SSLSession;
26 import org.eclipse.jetty.http.HttpVersion;
27 import org.eclipse.jetty.io.Connection;
28 import org.eclipse.jetty.io.EndPoint;
29 import org.eclipse.jetty.io.ssl.SslConnection;
30 import org.eclipse.jetty.io.ssl.SslReconfigurator;
31 import org.eclipse.jetty.util.annotation.Name;
32 import org.eclipse.jetty.util.ssl.SslContextFactory;
34 public class SslConnectionFactory extends AbstractConnectionFactory implements SslReconfigurator
36 private final SslContextFactory _sslContextFactory;
37 private final String _nextProtocol;
39 public SslConnectionFactory()
41 this(HttpVersion.HTTP_1_1.asString());
44 public SslConnectionFactory(@Name("next") String nextProtocol)
46 this(null,nextProtocol);
49 public SslConnectionFactory(@Name("sslContextFactory") SslContextFactory factory, @Name("next") String nextProtocol)
51 super("SSL-"+nextProtocol);
52 _sslContextFactory=factory==null?new SslContextFactory():factory;
53 _nextProtocol=nextProtocol;
54 addBean(_sslContextFactory);
57 public SslContextFactory getSslContextFactory()
59 return _sslContextFactory;
63 protected void doStart() throws Exception
67 SSLEngine engine = _sslContextFactory.newSSLEngine();
68 engine.setUseClientMode(false);
69 SSLSession session=engine.getSession();
71 if (session.getPacketBufferSize()>getInputBufferSize())
72 setInputBufferSize(session.getPacketBufferSize());
76 public Connection newConnection(Connector connector, EndPoint endPoint)
78 SSLEngine engine = _sslContextFactory.newSSLEngine(endPoint.getRemoteAddress());
79 engine.setUseClientMode(false);
81 SslConnection sslConnection = newSslConnection(connector, endPoint, engine);
82 sslConnection.setRenegotiationAllowed(_sslContextFactory.isRenegotiationAllowed());
83 configure(sslConnection, connector, endPoint);
85 ConnectionFactory next = connector.getConnectionFactory(_nextProtocol);
86 EndPoint decryptedEndPoint = sslConnection.getDecryptedEndPoint();
87 Connection connection = next.newConnection(connector, decryptedEndPoint);
88 decryptedEndPoint.setConnection(connection);
93 protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine engine)
95 return new SslConnection(connector.getByteBufferPool(), connector.getExecutor(), endPoint, engine, shouldRestartSSL()?this:null);
98 public boolean shouldRestartSSL(){
102 public SSLEngine restartSSL(SSLSession sslSession){
103 throw new UnsupportedOperationException();
107 public String toString()
109 return String.format("%s@%x{%s}",this.getClass().getSimpleName(),hashCode(),getProtocol());