You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by as...@apache.org on 2010/02/14 16:15:30 UTC
svn commit: r910019 - in
/httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor:
SSLIOSession.java SSLIOSessionHandlerExt.java
Author: asankha
Date: Sun Feb 14 15:15:19 2010
New Revision: 910019
URL: http://svn.apache.org/viewvc?rev=910019&view=rev
Log:
fix HTTPCORE-217
Added:
httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSessionHandlerExt.java
Modified:
httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSession.java
Modified: httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSession.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSession.java?rev=910019&r1=910018&r2=910019&view=diff
==============================================================================
--- httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSession.java (original)
+++ httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSession.java Sun Feb 14 15:15:19 2010
@@ -178,9 +178,16 @@
// It is never generated by SSLEngine.getHandshakeStatus().
if (result != null && result.getHandshakeStatus() == HandshakeStatus.FINISHED) {
if (this.handler != null) {
- this.handler.verify(
+ if (this.handler instanceof SSLIOSessionHandlerExt) {
+ ((SSLIOSessionHandlerExt) this.handler).verify(
+ this.session.getRemoteAddress(),
+ this.sslEngine.getSession(),
+ this.session);
+ } else {
+ this.handler.verify(
this.session.getRemoteAddress(),
this.sslEngine.getSession());
+ }
}
}
}
Added: httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSessionHandlerExt.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSessionHandlerExt.java?rev=910019&view=auto
==============================================================================
--- httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSessionHandlerExt.java (added)
+++ httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSessionHandlerExt.java Sun Feb 14 15:15:19 2010
@@ -0,0 +1,29 @@
+package org.apache.http.impl.nio.reactor;
+
+import org.apache.http.nio.reactor.IOSession;
+
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLSession;
+import java.net.SocketAddress;
+
+/**
+ * This is an extended interface of the SSLIOSessionHandler - to maintain backwards compatibility but yet solve HTTPCORE-217
+ */
+public interface SSLIOSessionHandlerExt extends SSLIOSessionHandler {
+ /**
+ * Triggered when the SSL connection has been established and initial SSL
+ * handshake has been successfully completed. Custom handlers can use
+ * this callback to verify properties of the {@link javax.net.ssl.SSLSession}
+ * and optionally set properties on the IOSession to be processed later.
+ * For instance this would be the right place to enforce SSL cipher
+ * strength, validate certificate chain and do hostname checks, and to optionally
+ * set the client DN as an IOSession attribute
+ *
+ * @param remoteAddress the remote address of the connection.
+ * @param session newly created SSL session.
+ * @param iosession the underlying IOSession for the SSL connection.
+ * @throws javax.net.ssl.SSLException if case of SSL protocol error.
+ */
+ void verify(SocketAddress remoteAddress, SSLSession session, IOSession iosession)
+ throws SSLException;
+}