hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pasi Eronen (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HTTPCLIENT-1111) Setting SSLSocket parameters
Date Mon, 25 Jul 2011 12:27:09 GMT
Setting SSLSocket parameters
----------------------------

                 Key: HTTPCLIENT-1111
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1111
             Project: HttpComponents HttpClient
          Issue Type: Improvement
          Components: HttpClient
    Affects Versions: 4.1.1
            Reporter: Pasi Eronen
            Priority: Minor


In HttpClient 4.0.3, it was easy to subclass SSLSocketFactory, and set SSLSocket options (e.g.
setEnabledCipherSuites() or setSSLParameterse()) before the SSL handshake happened. This way
it was possible to e.g. restrict cipher suites on per-HttpClient basis (instead of JVM-wide
system properties).

In HttpClient 4.1.1, the design has changed quite a lot, and copy-pasting of several long
methods is needed. 

Ideally, SSLSocketFactory should support applying SSLParameters to the socket. However, SSLParameters
is Java 1.6, so if we want to keep compatibility with 1.5, that's out.

However, it'd be nice to at least have a method (e.g. "protected SSLSocket prepareSSLSocket(SSLSocket
s)") that would get called immediately after a socket is retrieved from the socket factory.
The default implementation could be just "return s;", but subclasses could do something like
s.setEnabledCipherSuites() s.setSSLParameters().

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message