Issue #3464 - Split SslContextFactory into Client and Server

Introduced SslContextFactory subclasses Client and Server. Replaced all usages of SslContextFactory with either Client or Server as required. Refactored configuration checking so that warnings are not emitted when non necessary. Signed-off-by: Simone Bordet <[email protected]>
jetty · Mar 21, 2019 · 6fb243f · 6fb243f
1 parent 432fc41
commit 6fb243f
Show file tree

Hide file tree

Showing 76 changed files with 571 additions and 404 deletions.
diff --git a/examples/embedded/src/main/java/org/eclipse/jetty/embedded/Http2Server.java b/examples/embedded/src/main/java/org/eclipse/jetty/embedded/Http2Server.java
@@ -22,7 +22,6 @@
 import java.io.File;
 import java.io.IOException;
 import java.lang.management.ManagementFactory;
-import java.nio.file.Files;
 import java.util.Date;
 import java.util.EnumSet;
 
@@ -101,7 +100,7 @@ public static void main(String... args) throws Exception
         String jetty_distro = System.getProperty("jetty.distro","../../jetty-distribution/target/distribution");
         if (!new File(jetty_distro).exists())
             jetty_distro = "jetty-distribution/target/distribution";
-        SslContextFactory sslContextFactory = new SslContextFactory();
+        SslContextFactory sslContextFactory = new SslContextFactory.Server();
         sslContextFactory.setKeyStorePath(jetty_distro + "/demo-base/etc/keystore");
         sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
         sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");

diff --git a/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java b/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java
@@ -138,7 +138,7 @@ public static void main( String[] args ) throws Exception
 
         // === jetty-https.xml ===
         // SSL Context Factory
-        SslContextFactory sslContextFactory = new SslContextFactory();
+        SslContextFactory sslContextFactory = new SslContextFactory.Server();
         sslContextFactory.setKeyStorePath(jetty_home + "/../../../jetty-server/src/test/config/etc/keystore");
         sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
         sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");

diff --git a/examples/embedded/src/main/java/org/eclipse/jetty/embedded/ManyConnectors.java b/examples/embedded/src/main/java/org/eclipse/jetty/embedded/ManyConnectors.java
@@ -20,9 +20,7 @@
 
 import java.io.File;
 import java.io.FileNotFoundException;
-import java.security.Security;
 
-import org.conscrypt.OpenSSLProvider;
 import org.eclipse.jetty.http.HttpVersion;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.HttpConfiguration;
@@ -89,7 +87,7 @@ public static void main( String[] args ) throws Exception
         // including things like choosing the particular certificate out of a
         // keystore to be used.
 
-        SslContextFactory sslContextFactory = new SslContextFactory();
+        SslContextFactory sslContextFactory = new SslContextFactory.Server();
         sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
         sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
         sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");

diff --git a/...nscrypt-client/src/test/java/org/eclipse/jetty/alpn/java/client/ConscryptHTTP2Client.java b/...nscrypt-client/src/test/java/org/eclipse/jetty/alpn/java/client/ConscryptHTTP2Client.java
@@ -44,7 +44,7 @@ public class ConscryptHTTP2Client
     public static void main(String[] args) throws Exception
     {
         Security.addProvider(new OpenSSLProvider());
-        SslContextFactory sslContextFactory = new SslContextFactory();
+        SslContextFactory sslContextFactory = new SslContextFactory.Client();
         sslContextFactory.setProvider("Conscrypt");
         HTTP2Client client = new HTTP2Client();
         client.addBean(sslContextFactory);

diff --git a/...erver/src/test/java/org/eclipse/jetty/alpn/conscrypt/server/ConscryptHTTP2ServerTest.java b/...erver/src/test/java/org/eclipse/jetty/alpn/conscrypt/server/ConscryptHTTP2ServerTest.java
@@ -61,24 +61,35 @@ public class ConscryptHTTP2ServerTest
 
     private Server server = new Server();
 
-    private SslContextFactory newSslContextFactory()
+    private SslContextFactory.Server newServerSslContextFactory()
+    {
+        SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
+        configureSslContextFactory(sslContextFactory);
+        return sslContextFactory;
+    }
+
+    private SslContextFactory.Client newClientSslContextFactory()
+    {
+        SslContextFactory.Client sslContextFactory = new SslContextFactory.Client();
+        configureSslContextFactory(sslContextFactory);
+        sslContextFactory.setEndpointIdentificationAlgorithm(null);
+        return sslContextFactory;
+    }
+
+    private void configureSslContextFactory(SslContextFactory sslContextFactory)
     {
         Path path = Paths.get("src", "test", "resources");
         File keys = path.resolve("keystore").toFile();
-
-        SslContextFactory sslContextFactory = new SslContextFactory();
+        sslContextFactory.setKeyStorePath(keys.getAbsolutePath());
         sslContextFactory.setKeyManagerPassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
         sslContextFactory.setTrustStorePath(keys.getAbsolutePath());
-        sslContextFactory.setKeyStorePath(keys.getAbsolutePath());
         sslContextFactory.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
         sslContextFactory.setProvider("Conscrypt");
-        sslContextFactory.setEndpointIdentificationAlgorithm(null);
         if (JavaVersion.VERSION.getPlatform() < 9)
         {
             // Conscrypt enables TLSv1.3 by default but it's not supported in Java 8.
             sslContextFactory.addExcludeProtocols("TLSv1.3");
         }
-        return sslContextFactory;
     }
 
     @BeforeEach
@@ -95,7 +106,7 @@ public void startServer() throws Exception
         HTTP2ServerConnectionFactory h2 = new HTTP2ServerConnectionFactory(httpsConfig);
         ALPNServerConnectionFactory alpn = new ALPNServerConnectionFactory();
         alpn.setDefaultProtocol(http.getProtocol());
-        SslConnectionFactory ssl = new SslConnectionFactory(newSslContextFactory(), alpn.getProtocol());
+        SslConnectionFactory ssl = new SslConnectionFactory(newServerSslContextFactory(), alpn.getProtocol());
 
         ServerConnector http2Connector = new ServerConnector(server, ssl, alpn, h2, http);
         http2Connector.setPort(0);
@@ -125,7 +136,7 @@ public void stopServer() throws Exception
     public void testSimpleRequest() throws Exception
     {
         HTTP2Client h2Client = new HTTP2Client();
-        HttpClient client = new HttpClient(new HttpClientTransportOverHTTP2(h2Client), newSslContextFactory());
+        HttpClient client = new HttpClient(new HttpClientTransportOverHTTP2(h2Client), newClientSslContextFactory());
         client.start();
         try
         {

diff --git a/...ty-alpn-java-client/src/test/java/org/eclipse/jetty/alpn/java/client/JDK9HTTP2Client.java b/...ty-alpn-java-client/src/test/java/org/eclipse/jetty/alpn/java/client/JDK9HTTP2Client.java
@@ -42,7 +42,7 @@ public class JDK9HTTP2Client
     public static void main(String[] args) throws Exception
     {
         HTTP2Client client = new HTTP2Client();
-        SslContextFactory sslContextFactory = new SslContextFactory();
+        SslContextFactory sslContextFactory = new SslContextFactory.Client();
         client.addBean(sslContextFactory);
         client.start();
 

diff --git a/...jetty-alpn-java-server/src/test/java/org/eclipse/jetty/alpn/java/server/JDK9ALPNTest.java b/...jetty-alpn-java-server/src/test/java/org/eclipse/jetty/alpn/java/server/JDK9ALPNTest.java
@@ -18,9 +18,6 @@
 
 package org.eclipse.jetty.alpn.java.server;
 
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.containsString;
-
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStream;
@@ -47,6 +44,9 @@
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.junit.jupiter.api.Test;
 
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.containsString;
+
 public class JDK9ALPNTest
 {
     private Server server;
@@ -68,7 +68,7 @@ public void startServer(Handler handler) throws Exception
 
     private SslContextFactory newSslContextFactory()
     {
-        SslContextFactory sslContextFactory = new SslContextFactory();
+        SslContextFactory sslContextFactory = new SslContextFactory.Server();
         sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
         sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
         sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
@@ -90,7 +90,7 @@ protected void doNonErrorHandle(String target, Request baseRequest, HttpServletR
             }
         });
 
-        SslContextFactory sslContextFactory = new SslContextFactory(true);
+        SslContextFactory sslContextFactory = new SslContextFactory.Client(true);
         sslContextFactory.start();
         SSLContext sslContext = sslContextFactory.getSslContext();
         try (SSLSocket client = (SSLSocket)sslContext.getSocketFactory().createSocket("localhost", connector.getLocalPort()))
@@ -132,7 +132,7 @@ protected void doNonErrorHandle(String target, Request baseRequest, HttpServletR
             }
         });
 
-        SslContextFactory sslContextFactory = new SslContextFactory(true);
+        SslContextFactory sslContextFactory = new SslContextFactory.Client(true);
         sslContextFactory.start();
         SSLContext sslContext = sslContextFactory.getSslContext();
         try (SSLSocket client = (SSLSocket)sslContext.getSocketFactory().createSocket("localhost", connector.getLocalPort()))

diff --git a/...ty-alpn-java-server/src/test/java/org/eclipse/jetty/alpn/java/server/JDK9HTTP2Server.java b/...ty-alpn-java-server/src/test/java/org/eclipse/jetty/alpn/java/server/JDK9HTTP2Server.java
@@ -45,7 +45,7 @@ public static void main(String... args) throws Exception
         httpsConfig.setSendServerVersion(true);
         httpsConfig.addCustomizer(new SecureRequestCustomizer());
 
-        SslContextFactory sslContextFactory = new SslContextFactory();
+        SslContextFactory sslContextFactory = new SslContextFactory.Server();
         sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
         sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
         sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");

diff --git a/...openjdk8-client/src/test/java/org/eclipse/jetty/alpn/java/client/OpenJDK8HTTP2Client.java b/...openjdk8-client/src/test/java/org/eclipse/jetty/alpn/java/client/OpenJDK8HTTP2Client.java
@@ -42,7 +42,7 @@ public class OpenJDK8HTTP2Client
     public static void main(String[] args) throws Exception
     {
         HTTP2Client client = new HTTP2Client();
-        SslContextFactory sslContextFactory = new SslContextFactory();
+        SslContextFactory sslContextFactory = new SslContextFactory.Client();
         client.addBean(sslContextFactory);
         client.start();
 

diff --git a/...jdk8-server/src/test/java/org/eclipse/jetty/alpn/openjdk8/server/OpenJDK8HTTP2Server.java b/...jdk8-server/src/test/java/org/eclipse/jetty/alpn/openjdk8/server/OpenJDK8HTTP2Server.java
@@ -45,7 +45,7 @@ public static void main(String... args) throws Exception
         httpsConfig.setSendServerVersion(true);
         httpsConfig.addCustomizer(new SecureRequestCustomizer());
 
-        SslContextFactory sslContextFactory = new SslContextFactory();
+        SslContextFactory sslContextFactory = new SslContextFactory.Server();
         sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
         sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
         sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");

diff --git a/jetty-client/src/test/java/org/eclipse/jetty/client/AbstractHttpClientServerTest.java b/jetty-client/src/test/java/org/eclipse/jetty/client/AbstractHttpClientServerTest.java
@@ -58,7 +58,7 @@ protected void startServer(final Scenario scenario, Handler handler) throws Exce
             serverThreads.setName("server");
             server = new Server(serverThreads);
         }
-        connector = new ServerConnector(server, scenario.newSslContextFactory());
+        connector = new ServerConnector(server, scenario.newServerSslContextFactory());
         connector.setPort(0);
         server.addConnector(connector);
         server.setHandler(handler);
@@ -67,12 +67,12 @@ protected void startServer(final Scenario scenario, Handler handler) throws Exce
 
     protected void startClient(final Scenario scenario) throws Exception
     {
-        startClient(scenario, null,null);
+        startClient(scenario, null, null);
     }
 
     protected void startClient(final Scenario scenario, HttpClientTransport transport, Consumer<HttpClient> config) throws Exception
     {
-        if (transport==null)
+        if (transport == null)
             transport = new HttpClientTransportOverHTTP(1);
 
         QueuedThreadPool executor = new QueuedThreadPool();
@@ -82,15 +82,15 @@ protected void startClient(final Scenario scenario, HttpClientTransport transpor
         client.setExecutor(executor);
         client.setScheduler(scheduler);
         client.setSocketAddressResolver(new SocketAddressResolver.Sync());
-        if (config!=null)
+        if (config != null)
             config.accept(client);
 
         client.start();
     }
 
     public HttpClient newHttpClient(Scenario scenario, HttpClientTransport transport)
     {
-        return new HttpClient(transport, scenario.newSslContextFactory());
+        return new HttpClient(transport, scenario.newClientSslContextFactory());
     }
 
     @AfterEach
@@ -113,9 +113,10 @@ public void disposeServer() throws Exception
         }
     }
 
-    public static class ScenarioProvider implements ArgumentsProvider {
+    public static class ScenarioProvider implements ArgumentsProvider
+    {
         @Override
-        public Stream<? extends Arguments> provideArguments(ExtensionContext context) throws Exception
+        public Stream<? extends Arguments> provideArguments(ExtensionContext context)
         {
             return Stream.of(
                     new NormalScenario(),
@@ -125,9 +126,10 @@ public Stream<? extends Arguments> provideArguments(ExtensionContext context) th
         }
     }
 
-    public static class NonSslScenarioProvider implements ArgumentsProvider {
+    public static class NonSslScenarioProvider implements ArgumentsProvider
+    {
         @Override
-        public Stream<? extends Arguments> provideArguments(ExtensionContext context) throws Exception
+        public Stream<? extends Arguments> provideArguments(ExtensionContext context)
         {
             return Stream.of(
                     new NormalScenario()
@@ -138,12 +140,27 @@ public Stream<? extends Arguments> provideArguments(ExtensionContext context) th
 
     public interface Scenario
     {
-        default SslContextFactory newSslContextFactory() { return null; }
+        SslContextFactory newClientSslContextFactory();
+
+        SslContextFactory newServerSslContextFactory();
+
         String getScheme();
     }
 
     public static class NormalScenario implements Scenario
     {
+        @Override
+        public SslContextFactory newClientSslContextFactory()
+        {
+            return null;
+        }
+
+        @Override
+        public SslContextFactory newServerSslContextFactory()
+        {
+            return null;
+        }
+
         @Override
         public String getScheme()
         {
@@ -160,15 +177,27 @@ public String toString()
     public static class SslScenario implements Scenario
     {
         @Override
-        public SslContextFactory newSslContextFactory()
+        public SslContextFactory newClientSslContextFactory()
         {
-            Path keystorePath = MavenTestingUtils.getTestResourcePath("keystore.jks");
+            SslContextFactory.Client result = new SslContextFactory.Client();
+            result.setEndpointIdentificationAlgorithm(null);
+            configure(result);
+            return result;
+        }
+
+        @Override
+        public SslContextFactory newServerSslContextFactory()
+        {
+            SslContextFactory.Server result = new SslContextFactory.Server();
+            configure(result);
+            return result;
+        }
 
-            SslContextFactory ssl = new SslContextFactory();
-            ssl.setEndpointIdentificationAlgorithm("");
+        private void configure(SslContextFactory ssl)
+        {
+            Path keystorePath = MavenTestingUtils.getTestResourcePath("keystore.jks");
             ssl.setKeyStorePath(keystorePath.toString());
             ssl.setKeyStorePassword("storepwd");
-            return ssl;
         }
 
         @Override

diff --git a/jetty-client/src/test/java/org/eclipse/jetty/client/ExternalSiteTest.java b/jetty-client/src/test/java/org/eclipse/jetty/client/ExternalSiteTest.java
@@ -18,10 +18,6 @@
 
 package org.eclipse.jetty.client;
 
-import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertTrue;
-import static org.junit.jupiter.api.Assumptions.assumeTrue;
-
 import java.net.Socket;
 import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.TimeUnit;
@@ -36,6 +32,10 @@
 import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
 
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
+
 @Disabled
 public class ExternalSiteTest
 {
@@ -44,7 +44,7 @@ public class ExternalSiteTest
     @BeforeEach
     public void prepare() throws Exception
     {
-        client = new HttpClient(new SslContextFactory());
+        client = new HttpClient(new SslContextFactory.Client());
         client.start();
     }
 
@@ -94,7 +94,7 @@ public void onComplete(Result result)
     public void testExternalSSLSite() throws Exception
     {
         client.stop();
-        client = new HttpClient(new SslContextFactory());
+        client = new HttpClient(new SslContextFactory.Client());
         client.start();
 
         String host = "api-3t.paypal.com";