[GH-15909] Fix Jetty 9 SSL init (#15824)

* [GH-15909] Fix Jetty 9 SSL init * switch & add comment
h2oai · Jan 22, 2024 · 6508c53 · 6508c53
1 parent fba1e05
commit 6508c53
Showing 1 changed file with 20 additions and 2 deletions.
diff --git a/h2o-jetty-9/src/main/java/water/webserver/jetty9/Jetty9Helper.java b/h2o-jetty-9/src/main/java/water/webserver/jetty9/Jetty9Helper.java
@@ -17,7 +17,6 @@
 import org.eclipse.jetty.server.handler.HandlerWrapper;
 import org.eclipse.jetty.server.session.SessionHandler;
 import org.eclipse.jetty.servlet.ServletContextHandler;
-import org.eclipse.jetty.util.annotation.ManagedAttribute;
 import org.eclipse.jetty.util.security.Constraint;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.eclipse.jetty.util.thread.QueuedThreadPool;
@@ -33,6 +32,8 @@
 import java.io.IOException;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
 import java.util.Collections;
 
 class Jetty9Helper {
@@ -65,7 +66,8 @@ Server createJettyServer(String ip, int port) {
 
         final ServerConnector connector;
         if (isSecured) {
-            final SslContextFactory sslContextFactory = new SslContextFactory(config.jks);
+            final SslContextFactory sslContextFactory = getSslContextFactory();
+            sslContextFactory.setKeyStorePath(config.jks);
             sslContextFactory.setKeyStorePassword(config.jks_pass);
             if (config.jks_alias != null) {
                 sslContextFactory.setCertAlias(config.jks_alias);
@@ -84,6 +86,22 @@ Server createJettyServer(String ip, int port) {
         return jettyServer;
     }
 
+    /**
+     * A method which tries to get the proper SslContextFactory - for older Jetty 9 versions SslContextFactory,
+     * and for newer ones (which fail with the former one) SslContextFactory$Server
+     */
+    protected static SslContextFactory getSslContextFactory() {
+        try {
+            return (SslContextFactory) Class.forName("org.eclipse.jetty.util.ssl.SslContextFactory$Server").newInstance();
+        } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
+            try {
+                return (SslContextFactory) Class.forName("org.eclipse.jetty.util.ssl.SslContextFactory").newInstance();
+            } catch (ClassNotFoundException | InstantiationException | IllegalAccessException ex) {
+                throw new RuntimeException(ex);
+            }
+        }
+    }
+
     static HttpConfiguration makeHttpConfiguration(ConnectionConfiguration cfg) {
         final HttpConfiguration httpConfiguration = new HttpConfiguration();
         httpConfiguration.setSendServerVersion(false);