1 /* 2 * Copyright 2016 The Netty Project 3 * 4 * The Netty Project licenses this file to you under the Apache License, 5 * version 2.0 (the "License"); you may not use this file except in compliance 6 * with the License. You may obtain a copy of the License at: 7 * 8 * https://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 * License for the specific language governing permissions and limitations 14 * under the License. 15 */ 16 package io.netty.handler.ssl; 17 18 import io.netty.util.internal.SuppressJava6Requirement; 19 import io.netty.util.CharsetUtil; 20 21 import javax.net.ssl.SNIHostName; 22 import javax.net.ssl.SNIMatcher; 23 import javax.net.ssl.SNIServerName; 24 import javax.net.ssl.SSLParameters; 25 import java.util.ArrayList; 26 import java.util.Collection; 27 import java.util.Collections; 28 import java.util.Iterator; 29 import java.util.List; 30 31 @SuppressJava6Requirement(reason = "Usage guarded by java version check") 32 final class Java8SslUtils { 33 34 private Java8SslUtils() { } 35 36 static List<String> getSniHostNames(SSLParameters sslParameters) { 37 List<SNIServerName> names = sslParameters.getServerNames(); 38 if (names == null || names.isEmpty()) { 39 return Collections.emptyList(); 40 } 41 List<String> strings = new ArrayList<String>(names.size()); 42 43 for (SNIServerName serverName : names) { 44 if (serverName instanceof SNIHostName) { 45 strings.add(((SNIHostName) serverName).getAsciiName()); 46 } else { 47 throw new IllegalArgumentException("Only " + SNIHostName.class.getName() 48 + " instances are supported, but found: " + serverName); 49 } 50 } 51 return strings; 52 } 53 54 static void setSniHostNames(SSLParameters sslParameters, List<String> names) { 55 sslParameters.setServerNames(getSniHostNames(names)); 56 } 57 58 static boolean isValidHostNameForSNI(String hostname) { 59 try { 60 new SNIHostName(hostname); 61 return true; 62 } catch (IllegalArgumentException illegal) { 63 return false; 64 } 65 } 66 67 static List getSniHostNames(List<String> names) { 68 if (names == null || names.isEmpty()) { 69 return Collections.emptyList(); 70 } 71 List<SNIServerName> sniServerNames = new ArrayList<SNIServerName>(names.size()); 72 for (String name: names) { 73 sniServerNames.add(new SNIHostName(name.getBytes(CharsetUtil.UTF_8))); 74 } 75 return sniServerNames; 76 } 77 78 static List getSniHostName(byte[] hostname) { 79 if (hostname == null || hostname.length == 0) { 80 return Collections.emptyList(); 81 } 82 return Collections.singletonList(new SNIHostName(hostname)); 83 } 84 85 static boolean getUseCipherSuitesOrder(SSLParameters sslParameters) { 86 return sslParameters.getUseCipherSuitesOrder(); 87 } 88 89 static void setUseCipherSuitesOrder(SSLParameters sslParameters, boolean useOrder) { 90 sslParameters.setUseCipherSuitesOrder(useOrder); 91 } 92 93 @SuppressWarnings("unchecked") 94 static void setSNIMatchers(SSLParameters sslParameters, Collection<?> matchers) { 95 sslParameters.setSNIMatchers((Collection<SNIMatcher>) matchers); 96 } 97 98 @SuppressWarnings("unchecked") 99 static boolean checkSniHostnameMatch(Collection<?> matchers, byte[] hostname) { 100 if (matchers != null && !matchers.isEmpty()) { 101 SNIHostName name = new SNIHostName(hostname); 102 Iterator<SNIMatcher> matcherIt = (Iterator<SNIMatcher>) matchers.iterator(); 103 while (matcherIt.hasNext()) { 104 SNIMatcher matcher = matcherIt.next(); 105 // type 0 is for hostname 106 if (matcher.getType() == 0 && matcher.matches(name)) { 107 return true; 108 } 109 } 110 return false; 111 } 112 return true; 113 } 114 }
以上源码来自: 即时通讯网 - 即时通讯开发者社区!