In the process of refactoring TLS stuff and cleaning up constructor/i…

…nitialization flow

src/main/java/org/littleshoot/proxy/ChainedProxyManager.java

@@ -2,12 +2,10 @@
 
 import io.netty.handler.codec.http.HttpRequest;
 
-import javax.net.ssl.SSLContext;
-
 /**
  * Interface for classes that manage chained proxies.
  */
-public interface ChainedProxyManager {
+public interface ChainedProxyManager extends SSLContextSource {
 
     /**
      * Return the host and port for the chained proxy to use. Returning null
@@ -21,7 +19,9 @@ public interface ChainedProxyManager {
 
     /**
      * Implement this method to tell LittleProxy whether or not to encrypt
-     * connections to the chained proxy for the given request.
+     * connections to the chained proxy for the given request. If true,
+     * LittleProxy will call {@link SSLContextSource#getSSLContext()} to obtain
+     * an SSLContext used by the upstream proxy.
      * 
      * @param httpRequest
      *            The HTTP request.
@@ -30,14 +30,6 @@ public interface ChainedProxyManager {
      */
     boolean requiresTLSEncryption(HttpRequest httpRequest);
 
-    /**
-     * If {@link #requiresTLSEncryption(HttpRequest)} returns true, LittleProxy
-     * will call this method to obtain an SSLContext used by the upstream proxy.
-     * 
-     * @return
-     */
-    SSLContext getSSLContext();
-
     /**
      * Tell LittleProxy what kind of TransportProtocol to use to communicate
      * with the chained proxy.

src/main/java/org/littleshoot/proxy/HttpProxyServer.java

@@ -28,19 +28,12 @@ public interface HttpProxyServer {
      */
     void start(boolean localOnly, boolean anyAddress);
 
-    /**
-     * Set the ProxyAuthenticator to use for authenticating users of the proxy.
-     * 
-     * @param proxyAuthenticator
-     *            The new ProxyAuthenticator
-     */
-    void setProxyAuthenticator(ProxyAuthenticator proxyAuthenticator);
-
     /**
      * Add an ActivityTracker for tracking proxying activity.
      * 
      * @param activityTracker
+     * @return this HttpProxyServer for call chaining
      */
-    void addActivityTracker(ActivityTracker activityTracker);
+    HttpProxyServer addActivityTracker(ActivityTracker activityTracker);
 
 }

src/main/java/org/littleshoot/proxy/Launcher.java

@@ -93,8 +93,10 @@ public static void main(final String... args) {
         }
 
         System.out.println("About to start server on port: " + port);
-        final HttpProxyServer server = new DefaultHttpProxyServer(
-                TransportProtocol.TCP, port);
+        final HttpProxyServer server = DefaultHttpProxyServer
+                .configure()
+                .withPort(port)
+                .build();
         System.out.println("About to start...");
         server.start();
     }

src/main/java/org/littleshoot/proxy/SSLContextSource.java

@@ -0,0 +1,10 @@
+package org.littleshoot.proxy;
+
+import javax.net.ssl.SSLContext;
+
+/**
+ * Source for {@link SSLContext}s.
+ */
+public interface SSLContextSource {
+    SSLContext getSSLContext();
+}

src/main/java/org/littleshoot/proxy/UnknownTransportProtocolError.java

@@ -0,0 +1,14 @@
+package org.littleshoot.proxy;
+
+/**
+ * This error indicates that the system was asked to use a TransportProtocol
+ * that it didn't know how to handle.
+ */
+public class UnknownTransportProtocolError extends Error {
+    private static final long serialVersionUID = 1L;
+
+    public UnknownTransportProtocolError(TransportProtocol transportProtocol) {
+        super(String.format("Unknown TransportProtocol: %1$s",
+                transportProtocol));
+    }
+}

src/main/java/org/littleshoot/proxy/impl/ClientToProxyConnection.java

@@ -21,6 +21,7 @@
 import io.netty.handler.codec.http.HttpResponseEncoder;
 import io.netty.handler.codec.http.HttpResponseStatus;
 import io.netty.handler.codec.http.HttpVersion;
+import io.netty.handler.ssl.SslHandler;
 import io.netty.handler.timeout.IdleStateHandler;
 import io.netty.util.concurrent.Future;
 import io.netty.util.concurrent.GenericFutureListener;
@@ -40,18 +41,19 @@
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.atomic.AtomicInteger;
 
+import javax.net.ssl.SSLEngine;
+
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang3.StringUtils;
 import org.littleshoot.dnssec4j.VerifiedAddressFactory;
 import org.littleshoot.proxy.ActivityTracker;
 import org.littleshoot.proxy.ChainedProxyManager;
 import org.littleshoot.proxy.FlowContext;
-import org.littleshoot.proxy.HandshakeHandler;
-import org.littleshoot.proxy.HandshakeHandlerFactory;
 import org.littleshoot.proxy.HttpFilter;
 import org.littleshoot.proxy.HttpRequestFilter;
 import org.littleshoot.proxy.HttpResponseFilters;
 import org.littleshoot.proxy.ProxyAuthenticator;
+import org.littleshoot.proxy.SSLContextSource;
 import org.littleshoot.proxy.TransportProtocol;
 
 /**
@@ -86,9 +88,9 @@ public class ClientToProxyConnection extends ProxyConnection<HttpRequest> {
                     "proxy-authenticate", "proxy-authorization", "te",
                     "trailers", "upgrade" }));
 
+    private final SSLContextSource sslContextSource;
     private final ChainedProxyManager chainProxyManager;
     private final ProxyAuthenticator authenticator;
-    private final HandshakeHandlerFactory handshakeHandlerFactory;
     private final HttpRequestFilter requestFilter;
     private final HttpResponseFilters responseFilters;
     private final Collection<ActivityTracker> activityTrackers;
@@ -132,17 +134,17 @@ public class ClientToProxyConnection extends ProxyConnection<HttpRequest> {
     ClientToProxyConnection(
             ChannelGroup channelGroup,
             Map<TransportProtocol, EventLoopGroup> proxyToServerWorkerPools,
+            SSLContextSource sslContextSource,
             ChainedProxyManager chainProxyManager,
             ProxyAuthenticator authenticator,
-            HandshakeHandlerFactory handshakeHandlerFactory,
             HttpRequestFilter requestFilter,
             HttpResponseFilters responseFilters,
             Collection<ActivityTracker> activityTrackers,
             ChannelPipeline pipeline) {
         super(AWAITING_INITIAL, channelGroup, proxyToServerWorkerPools);
+        this.sslContextSource = sslContextSource;
         this.chainProxyManager = chainProxyManager;
         this.authenticator = authenticator;
-        this.handshakeHandlerFactory = handshakeHandlerFactory;
         this.requestFilter = requestFilter;
         this.responseFilters = responseFilters;
         this.activityTrackers = activityTrackers;
@@ -669,11 +671,12 @@ private void fallbackToDirectConnection(
     private void initChannelPipeline(ChannelPipeline pipeline) {
         LOG.debug("Configuring ChannelPipeline");
 
-        if (this.handshakeHandlerFactory != null) {
+        if (this.sslContextSource != null) {
             LOG.debug("Adding SSL handler");
-            HandshakeHandler hh = this.handshakeHandlerFactory
-                    .newHandshakeHandler();
-            pipeline.addLast(hh.getId(), hh.getChannelHandler());
+            SSLEngine engine = this.sslContextSource.getSSLContext()
+                    .createSSLEngine();
+            engine.setUseClientMode(false);
+            pipeline.addLast("ssl", new SslHandler(engine));
         }
 
         // We want to allow longer request lines, headers, and chunks