hc-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From asan...@apache.org
Subject svn commit: r910019 - in /httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor: SSLIOSession.java SSLIOSessionHandlerExt.java
Date Sun, 14 Feb 2010 15:15:30 GMT
Author: asankha
Date: Sun Feb 14 15:15:19 2010
New Revision: 910019

URL: http://svn.apache.org/viewvc?rev=910019&view=rev
Log:
fix HTTPCORE-217

Added:
    httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSessionHandlerExt.java
Modified:
    httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSession.java

Modified: httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSession.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSession.java?rev=910019&r1=910018&r2=910019&view=diff
==============================================================================
--- httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSession.java
(original)
+++ httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSession.java
Sun Feb 14 15:15:19 2010
@@ -178,9 +178,16 @@
         // It is never generated by SSLEngine.getHandshakeStatus().
         if (result != null && result.getHandshakeStatus() == HandshakeStatus.FINISHED)
{
             if (this.handler != null) {
-                this.handler.verify(
+                if (this.handler instanceof SSLIOSessionHandlerExt) {
+                    ((SSLIOSessionHandlerExt) this.handler).verify(
+                        this.session.getRemoteAddress(),
+                        this.sslEngine.getSession(),
+                        this.session);
+                } else {
+                    this.handler.verify(
                         this.session.getRemoteAddress(),
                         this.sslEngine.getSession());
+                }
             }
         }
     }

Added: httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSessionHandlerExt.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSessionHandlerExt.java?rev=910019&view=auto
==============================================================================
--- httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSessionHandlerExt.java
(added)
+++ httpcomponents/httpcore/trunk/httpcore-nio/src/main/java/org/apache/http/impl/nio/reactor/SSLIOSessionHandlerExt.java
Sun Feb 14 15:15:19 2010
@@ -0,0 +1,29 @@
+package org.apache.http.impl.nio.reactor;
+
+import org.apache.http.nio.reactor.IOSession;
+
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLSession;
+import java.net.SocketAddress;
+
+/**
+ * This is an extended interface of the SSLIOSessionHandler - to maintain backwards compatibility
but yet solve HTTPCORE-217
+ */
+public interface SSLIOSessionHandlerExt extends SSLIOSessionHandler {
+    /**
+     * Triggered when the SSL connection has been established and initial SSL
+     * handshake has been successfully completed. Custom handlers can use
+     * this callback to verify properties of the {@link javax.net.ssl.SSLSession}
+     * and optionally set properties on the IOSession to be processed later.
+     * For instance this would be the right place to enforce SSL cipher
+     * strength, validate certificate chain and do hostname checks, and to optionally
+     * set the client DN as an IOSession attribute
+     *
+     * @param remoteAddress the remote address of the connection.
+     * @param session newly created SSL session.
+     * @param iosession the underlying IOSession for the SSL connection.
+     * @throws javax.net.ssl.SSLException if case of SSL protocol error.
+     */
+    void verify(SocketAddress remoteAddress, SSLSession session, IOSession iosession)
+        throws SSLException;
+}



Mime
View raw message