org.eclipse.jetty/jetty-server/11.0.0 : org/eclipse/jetty/server/OptionalSslConnectionFactory.java

OptionalSslConnectionFactory
https://eclipse.org/jetty/jetty-server: The core jetty server artifact. (Webtide)
Greg Wilkins (Webtide, LLC)
Jan Bartel (Webtide, LLC)
Jesse McConnell (Webtide, LLC)
Joakim Erdfelt (Webtide, LLC)
Simone Bordet (Webtide, LLC)
David Jencks (IBM)
Olivier Lamy (Webtide, LLC)
Ludovic Orban (Webtide, LLC)
//
// ========================================================================
// Copyright (c) 1995-2020 Mort Bay Consulting Pty Ltd and others.
//
// This program and the accompanying materials are made available under
// the terms of the Eclipse Public License 2.0 which is available at
// https://www.eclipse.org/legal/epl-2.0
//
// This Source Code may also be made available under the following
// Secondary Licenses when the conditions for such availability set
// forth in the Eclipse Public License, v. 2.0 are satisfied:
// the Apache License v2.0 which is available at
// https://www.apache.org/licenses/LICENSE-2.0
//
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
// ========================================================================
//

package org.eclipse.jetty.server;

import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;

import org.eclipse.jetty.io.EndPoint;
import org.eclipse.jetty.util.Callback;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

A ConnectionFactory whose connections detect whether the first bytes are
TLS bytes and upgrades to either a TLS connection or to another configurable
connection.
Deprecated: Use DetectorConnectionFactory with a SslConnectionFactory instead./**
 * <p>A ConnectionFactory whose connections detect whether the first bytes are
 * TLS bytes and upgrades to either a TLS connection or to another configurable
 * connection.</p>
 *
 * @deprecated Use {@link DetectorConnectionFactory} with a {@link SslConnectionFactory} instead.
 */
@Deprecated
public class OptionalSslConnectionFactory extends DetectorConnectionFactory
{
    private static final Logger LOG = LoggerFactory.getLogger(OptionalSslConnectionFactory.class);
    private final String _nextProtocol;

    Creates a new ConnectionFactory whose connections can upgrade to TLS or another protocol.
Params: sslConnectionFactory – The SslConnectionFactory to use if the first bytes are TLS
nextProtocol – the protocol of the ConnectionFactory to use if the first bytes are not TLS, or null to explicitly handle the non-TLS case/**
     * <p>Creates a new ConnectionFactory whose connections can upgrade to TLS or another protocol.</p>
     *
     * @param sslConnectionFactory The {@link SslConnectionFactory} to use if the first bytes are TLS
     * @param nextProtocol the protocol of the {@link ConnectionFactory} to use if the first bytes are not TLS,
     * or null to explicitly handle the non-TLS case
     */
    public OptionalSslConnectionFactory(SslConnectionFactory sslConnectionFactory, String nextProtocol)
    {
        super(sslConnectionFactory);
        _nextProtocol = nextProtocol;
    }

    Callback method invoked when the detected bytes are not TLS.
This typically happens when a client is trying to connect to a TLS port using the http scheme (and not the https scheme).
Params: connector – The connector object
endPoint – The connection EndPoint object
buffer – The buffer with the first bytes of the connection/**
     * <p>Callback method invoked when the detected bytes are not TLS.</p>
     * <p>This typically happens when a client is trying to connect to a TLS
     * port using the {@code http} scheme (and not the {@code https} scheme).</p>
     *
     * @param connector The connector object
     * @param endPoint The connection EndPoint object
     * @param buffer The buffer with the first bytes of the connection
     */
    protected void nextProtocol(Connector connector, EndPoint endPoint, ByteBuffer buffer)
    {
        if (LOG.isDebugEnabled())
            LOG.debug("OptionalSSL TLS detection unsuccessful, attempting to upgrade to {}", _nextProtocol);
        if (_nextProtocol != null)
        {
            ConnectionFactory connectionFactory = connector.getConnectionFactory(_nextProtocol);
            if (connectionFactory == null)
                throw new IllegalStateException("Cannot find protocol '" + _nextProtocol + "' in connector's protocol list " + connector.getProtocols() + " for " + endPoint);
            upgradeToConnectionFactory(connectionFactory, connector, endPoint);
        }
        else
        {
            otherProtocol(buffer, endPoint);
        }
    }

    Legacy callback method invoked when nextProtocol is null and the first bytes are not TLS.
This typically happens when a client is trying to connect to a TLS port using the http scheme (and not the https scheme).
This method is kept around for backward compatibility.
Params: buffer – The buffer with the first bytes of the connection
endPoint – The connection EndPoint object
Deprecated: Override nextProtocol(Connector, EndPoint, ByteBuffer) instead./**
     * <p>Legacy callback method invoked when {@code nextProtocol} is {@code null}
     * and the first bytes are not TLS.</p>
     * <p>This typically happens when a client is trying to connect to a TLS
     * port using the {@code http} scheme (and not the {@code https} scheme).</p>
     * <p>This method is kept around for backward compatibility.</p>
     *
     * @param buffer The buffer with the first bytes of the connection
     * @param endPoint The connection EndPoint object
     * @deprecated Override {@link #nextProtocol(Connector, EndPoint, ByteBuffer)} instead.
     */
    @Deprecated
    protected void otherProtocol(ByteBuffer buffer, EndPoint endPoint)
    {
        LOG.warn("Detected non-TLS bytes, but no other protocol to upgrade to for {}", endPoint);

        // There are always at least 2 bytes.
        int byte1 = buffer.get(0) & 0xFF;
        int byte2 = buffer.get(1) & 0xFF;
        if (byte1 == 'G' && byte2 == 'E')
        {
            // Plain text HTTP to an HTTPS port,
            // write a minimal response.
            String body =
                "<!DOCTYPE html>\r\n" +
                    "<html>\r\n" +
                    "<head><title>Bad Request</title></head>\r\n" +
                    "<body>" +
                    "<h1>Bad Request</h1>" +
                    "<p>HTTP request to HTTPS port</p>" +
                    "</body>\r\n" +
                    "</html>";
            String response =
                "HTTP/1.1 400 Bad Request\r\n" +
                    "Content-Type: text/html\r\n" +
                    "Content-Length: " + body.length() + "\r\n" +
                    "Connection: close\r\n" +
                    "\r\n" +
                    body;
            Callback.Completable completable = new Callback.Completable();
            endPoint.write(completable, ByteBuffer.wrap(response.getBytes(StandardCharsets.US_ASCII)));
            completable.whenComplete((r, x) -> endPoint.close());
        }
        else
        {
            endPoint.close();
        }
    }
}
Params:	buffer – The buffer with the first bytes of the connection endPoint – The connection EndPoint object
Deprecated:	Override `nextProtocol(Connector, EndPoint, ByteBuffer)` instead.
/

org.eclipse.jetty/ jetty-server/ 11.0.0/ org/eclipse/jetty/server/OptionalSslConnectionFactory.java
