From 28c7f65a25e115104a41042f8ab8c9f8544bba87 Mon Sep 17 00:00:00 2001
From: Brian Clozel <bclozel@pivotal.io>
Date: Tue, 17 Jan 2017 11:15:06 +0100
Subject: [PATCH] Add SNI support in Netty4ClientHttpRequestFactory

This commit changes the `Bootstrap` to create a SSL Handler with
advisory peer information; this enables support for SNI.

Issue: SPR-15101
(cherry picked from commit 0c99346)
---
 .../client/Netty4ClientHttpRequestFactory.java   | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/spring-web/src/main/java/org/springframework/http/client/Netty4ClientHttpRequestFactory.java b/spring-web/src/main/java/org/springframework/http/client/Netty4ClientHttpRequestFactory.java
index d0e4e5da04f..676cb92950d 100644
--- a/spring-web/src/main/java/org/springframework/http/client/Netty4ClientHttpRequestFactory.java
+++ b/spring-web/src/main/java/org/springframework/http/client/Netty4ClientHttpRequestFactory.java
@@ -48,6 +48,9 @@ import org.springframework.util.Assert;
  * <p>Allows to use a pre-configured {@link EventLoopGroup} instance: useful for
  * sharing across multiple clients.
  *
+ * <p>Note that this implementation consistently closes the HTTP connection on each
+ * request.
+ *
  * @author Arjen Poutsma
  * @author Rossen Stoyanchev
  * @author Brian Clozel
@@ -78,8 +81,6 @@ public class Netty4ClientHttpRequestFactory implements ClientHttpRequestFactory,
 
 	private volatile Bootstrap bootstrap;
 
-	private volatile Bootstrap sslBootstrap;
-
 
 	/**
 	 * Create a new {@code Netty4ClientHttpRequestFactory} with a default
@@ -177,20 +178,17 @@ public class Netty4ClientHttpRequestFactory implements ClientHttpRequestFactory,
 	private Bootstrap getBootstrap(URI uri) {
 		boolean isSecure = (uri.getPort() == 443 || "https".equalsIgnoreCase(uri.getScheme()));
 		if (isSecure) {
-			if (this.sslBootstrap == null) {
-				this.sslBootstrap = buildBootstrap(true);
-			}
-			return this.sslBootstrap;
+			return buildBootstrap(uri, true);
 		}
 		else {
 			if (this.bootstrap == null) {
-				this.bootstrap = buildBootstrap(false);
+				this.bootstrap = buildBootstrap(uri, false);
 			}
 			return this.bootstrap;
 		}
 	}
 
-	private Bootstrap buildBootstrap(final boolean isSecure) {
+	private Bootstrap buildBootstrap(final URI uri, final boolean isSecure) {
 		Bootstrap bootstrap = new Bootstrap();
 		bootstrap.group(this.eventLoopGroup).channel(NioSocketChannel.class)
 				.handler(new ChannelInitializer<SocketChannel>() {
@@ -200,7 +198,7 @@ public class Netty4ClientHttpRequestFactory implements ClientHttpRequestFactory,
 						ChannelPipeline pipeline = channel.pipeline();
 						if (isSecure) {
 							Assert.notNull(sslContext, "sslContext should not be null");
-							pipeline.addLast(sslContext.newHandler(channel.alloc()));
+							pipeline.addLast(sslContext.newHandler(channel.alloc(), uri.getHost(), uri.getPort()));
 						}
 						pipeline.addLast(new HttpClientCodec());
 						pipeline.addLast(new HttpObjectAggregator(maxResponseSize));