From e033a99de3dc7ccd18a670dd1ef6326f0c1428bc Mon Sep 17 00:00:00 2001 From: Roland Weber Date: Sat, 29 Sep 2007 17:25:18 +0000 Subject: [PATCH] HTTPCLIENT-690: provide access to the SSLSession of SSL connections git-svn-id: https://svn.apache.org/repos/asf/jakarta/httpcomponents/httpclient/trunk@580608 13f79535-47bb-0310-9956-ffa450edef68 --- RELEASE_NOTES.txt | 3 +++ .../http/conn/ManagedClientConnection.java | 21 +++++++++++++++++++ .../impl/conn/AbstractClientConnAdapter.java | 16 ++++++++++++++ 3 files changed, 40 insertions(+) diff --git a/RELEASE_NOTES.txt b/RELEASE_NOTES.txt index 4c5a50800..91b1b9bf2 100644 --- a/RELEASE_NOTES.txt +++ b/RELEASE_NOTES.txt @@ -1,5 +1,8 @@ Changes since release 4.0 Alpha 1 +* [HTTPCLIENT-690] ManagedClientConnection provides access to SSLSession + Contributed by Roland Weber + * [HTTPCLIENT-692] ClientConnectionManager throws InterruptedException Contributed by Roland Weber diff --git a/module-client/src/main/java/org/apache/http/conn/ManagedClientConnection.java b/module-client/src/main/java/org/apache/http/conn/ManagedClientConnection.java index 88352008a..6c2f40c87 100644 --- a/module-client/src/main/java/org/apache/http/conn/ManagedClientConnection.java +++ b/module-client/src/main/java/org/apache/http/conn/ManagedClientConnection.java @@ -32,6 +32,7 @@ package org.apache.http.conn; import java.io.IOException; +import javax.net.ssl.SSLSession; import org.apache.http.HttpClientConnection; import org.apache.http.HttpInetConnection; @@ -78,6 +79,26 @@ public interface ManagedClientConnection extends ; + /** + * Obtains the SSL session of the underlying connection, if any. + * If this connection is open, and the underlying socket is an + * {@link javax.net.ssl.SSLSocket SSLSocket}, the SSL session of + * that socket is obtained. This is a potentially blocking operation. + *
+ * Note: Whether the underlying socket is an SSL socket + * can not necessarily be determined via {@link #isSecure}. + * Plain sockets may be considered secure, for example if they are + * connected to a known host in the same network segment. + * On the other hand, SSL sockets may be considered insecure, + * for example depending on the chosen cipher suite. + * + * @return the underlying SSL session if available, + * null otherwise + */ + SSLSession getSSLSession() + ; + + /** * Opens this connection according to the given route. * diff --git a/module-client/src/main/java/org/apache/http/impl/conn/AbstractClientConnAdapter.java b/module-client/src/main/java/org/apache/http/impl/conn/AbstractClientConnAdapter.java index ff7799f61..746313462 100644 --- a/module-client/src/main/java/org/apache/http/impl/conn/AbstractClientConnAdapter.java +++ b/module-client/src/main/java/org/apache/http/impl/conn/AbstractClientConnAdapter.java @@ -33,6 +33,9 @@ package org.apache.http.impl.conn; import java.io.IOException; import java.net.InetAddress; +import java.net.Socket; +import javax.net.ssl.SSLSocket; +import javax.net.ssl.SSLSession; import org.apache.http.HttpException; import org.apache.http.HttpRequest; @@ -246,6 +249,19 @@ public abstract class AbstractClientConnAdapter return wrappedConnection.isSecure(); } + // non-javadoc, see interface ManagedClientConnection + public SSLSession getSSLSession() { + if (!isOpen()) + return null; + + SSLSession result = null; + Socket sock = wrappedConnection.getSocket(); + if (sock instanceof SSLSocket) { + result = ((SSLSocket)sock).getSession(); + } + return result; + } + // non-javadoc, see interface ManagedClientConnection public void markReusable() { markedReusable = true;