You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2017/04/19 16:39:19 UTC
svn commit: r1791940 [2/2] - in /httpcomponents/httpcore/trunk:
httpcore5-h2/src/main/java/org/apache/hc/core5/http2/impl/nio/
httpcore5-h2/src/main/java/org/apache/hc/core5/http2/ssl/
httpcore5-testing/src/main/java/org/apache/hc/core5/testing/nio/ ht...
Modified: httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java?rev=1791940&r1=1791939&r2=1791940&view=diff
==============================================================================
--- httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java (original)
+++ httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java Wed Apr 19 16:39:18 2017
@@ -41,10 +41,12 @@ import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLEngineResult.HandshakeStatus;
import javax.net.ssl.SSLEngineResult.Status;
import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSession;
import org.apache.hc.core5.annotation.Contract;
import org.apache.hc.core5.annotation.ThreadingBehavior;
+import org.apache.hc.core5.function.Callback;
import org.apache.hc.core5.io.ShutdownType;
import org.apache.hc.core5.net.NamedEndpoint;
import org.apache.hc.core5.reactor.Command;
@@ -66,6 +68,7 @@ public class SSLIOSession implements IOS
private static final ByteBuffer EMPTY_BUFFER = ByteBuffer.allocate(0);
+ private final NamedEndpoint targetEndpoint;
private final IOSession session;
private final SSLEngine sslEngine;
private final SSLBuffer inEncrypted;
@@ -75,6 +78,7 @@ public class SSLIOSession implements IOS
private final ByteChannel channel;
private final SSLSessionInitializer initializer;
private final SSLSessionVerifier verifier;
+ private final Callback<SSLIOSession> callback;
private int appEventMask;
@@ -101,8 +105,9 @@ public class SSLIOSession implements IOS
final SSLMode sslMode,
final SSLContext sslContext,
final SSLSessionInitializer initializer,
- final SSLSessionVerifier verifier) {
- this(targetEndpoint, session, sslMode, sslContext, SSLBufferManagement.STATIC, initializer, verifier);
+ final SSLSessionVerifier verifier,
+ final Callback<SSLIOSession> callback) {
+ this(targetEndpoint, session, sslMode, sslContext, SSLBufferManagement.STATIC, initializer, verifier, callback);
}
/**
@@ -125,14 +130,17 @@ public class SSLIOSession implements IOS
final SSLContext sslContext,
final SSLBufferManagement sslBufferManagement,
final SSLSessionInitializer initializer,
- final SSLSessionVerifier verifier) {
+ final SSLSessionVerifier verifier,
+ final Callback<SSLIOSession> callback) {
super();
Args.notNull(session, "IO session");
Args.notNull(sslContext, "SSL context");
+ this.targetEndpoint = targetEndpoint;
this.session = session;
this.sslMode = sslMode;
this.initializer = initializer;
this.verifier = verifier;
+ this.callback = callback;
this.appEventMask = session.getEventMask();
if (this.sslMode == SSLMode.CLIENT && targetEndpoint != null) {
@@ -191,8 +199,8 @@ public class SSLIOSession implements IOS
/**
* Initializes the session. This method invokes the {@link
- * SSLSessionInitializer#initialize(SSLEngine)} callback if an instance of
- * {@link SSLSessionInitializer} was specified at the construction time.
+ * SSLSessionInitializer#initialize(NamedEndpoint, SSLParameters)} callback
+ * if an instance of {@link SSLSessionInitializer} was specified at the construction time.
*
* @throws SSLException in case of a SSL protocol exception.
* @throws IllegalStateException if the session has already been initialized.
@@ -211,7 +219,9 @@ public class SSLIOSession implements IOS
break;
}
if (this.initializer != null) {
- this.initializer.initialize(this.sslEngine);
+ final SSLParameters sslParameters = this.sslEngine.getSSLParameters();
+ this.initializer.initialize(this.targetEndpoint, sslParameters);
+ this.sslEngine.setSSLParameters(sslParameters);
}
this.initialized = true;
this.sslEngine.beginHandshake();
@@ -341,7 +351,10 @@ public class SSLIOSession implements IOS
// It is never generated by SSLEngine.getHandshakeStatus().
if (result != null && result.getHandshakeStatus() == HandshakeStatus.FINISHED) {
if (this.verifier != null) {
- this.verifier.verify(this.session, this.sslEngine.getSession());
+ this.verifier.verify(this.targetEndpoint, this.sslEngine.getSession());
+ }
+ if (this.callback != null) {
+ this.callback.execute(this);
}
}
}
Modified: httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLSessionInitializer.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLSessionInitializer.java?rev=1791940&r1=1791939&r2=1791940&view=diff
==============================================================================
--- httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLSessionInitializer.java (original)
+++ httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLSessionInitializer.java Wed Apr 19 16:39:18 2017
@@ -27,8 +27,9 @@
package org.apache.hc.core5.reactor.ssl;
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLParameters;
+
+import org.apache.hc.core5.net.NamedEndpoint;
/**
* Callback interface that can be used to customize various aspects of
@@ -40,12 +41,14 @@ public interface SSLSessionInitializer {
/**
* Triggered when the SSL connection is being initialized. Custom handlers
- * can use this callback to customize properties of the {@link SSLEngine}
- * used to establish the SSL session.
+ * can use this callback to customize properties of the {@link javax.net.ssl.SSLEngine}
+ * used to establish the SSL session by modifying the given
+ * {@link SSLParameters}.
*
- * @param sslengine the SSL engine.
- * @throws SSLException if case of SSL protocol error.
+ * @param endpoint the endpoint name for a client side session or {@code null}
+ * for a server side session.
+ * @param sslParameters the actual SSL parameters.
*/
- void initialize(SSLEngine sslengine) throws SSLException;
+ void initialize(NamedEndpoint endpoint, SSLParameters sslParameters);
}
Modified: httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLSessionVerifier.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLSessionVerifier.java?rev=1791940&r1=1791939&r2=1791940&view=diff
==============================================================================
--- httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLSessionVerifier.java (original)
+++ httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLSessionVerifier.java Wed Apr 19 16:39:18 2017
@@ -30,7 +30,7 @@ package org.apache.hc.core5.reactor.ssl;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
-import org.apache.hc.core5.reactor.IOSession;
+import org.apache.hc.core5.net.NamedEndpoint;
/**
* Callback interface that can be used to customize various aspects of
@@ -47,10 +47,11 @@ public interface SSLSessionVerifier {
* For instance this would be the right place to enforce SSL cipher
* strength, validate certificate chain and do hostname checks.
*
- * @param iosession the underlying IOSession for the SSL connection.
+ * @param endpoint the endpoint name for a client side session or {@code null}
+ * for a server side session.
* @param sslsession newly created SSL session.
* @throws SSLException if case of SSL protocol error.
*/
- void verify(IOSession iosession, SSLSession sslsession) throws SSLException;
+ void verify(NamedEndpoint endpoint, SSLSession sslsession) throws SSLException;
}
Modified: httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/TransportSecurityLayer.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/TransportSecurityLayer.java?rev=1791940&r1=1791939&r2=1791940&view=diff
==============================================================================
--- httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/TransportSecurityLayer.java (original)
+++ httpcomponents/httpcore/trunk/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/TransportSecurityLayer.java Wed Apr 19 16:39:18 2017
@@ -37,7 +37,7 @@ import javax.net.ssl.SSLSession;
*/
public interface TransportSecurityLayer {
- void start(
+ void startTls(
SSLContext sslContext,
SSLBufferManagement sslBufferManagement,
SSLSessionInitializer initializer,