001/*
002 * ====================================================================
003 * Licensed to the Apache Software Foundation (ASF) under one
004 * or more contributor license agreements.  See the NOTICE file
005 * distributed with this work for additional information
006 * regarding copyright ownership.  The ASF licenses this file
007 * to you under the Apache License, Version 2.0 (the
008 * "License"); you may not use this file except in compliance
009 * with the License.  You may obtain a copy of the License at
010 *
011 *   http://www.apache.org/licenses/LICENSE-2.0
012 *
013 * Unless required by applicable law or agreed to in writing,
014 * software distributed under the License is distributed on an
015 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
016 * KIND, either express or implied.  See the License for the
017 * specific language governing permissions and limitations
018 * under the License.
019 * ====================================================================
020 *
021 * This software consists of voluntary contributions made by many
022 * individuals on behalf of the Apache Software Foundation.  For more
023 * information on the Apache Software Foundation, please see
024 * <http://www.apache.org/>.
025 *
026 */
027
028package org.apache.http.nio.reactor.ssl;
029
030import javax.net.ssl.SSLEngine;
031import javax.net.ssl.SSLException;
032import javax.net.ssl.SSLSession;
033
034import org.apache.http.nio.reactor.IOSession;
035
036/**
037 * Callback interface that can be used to customize various aspects of
038 * the TLS/SSL protocol.
039 *
040 * @since 4.2
041 */
042public interface SSLSetupHandler {
043
044    /**
045     * Triggered when the SSL connection is being initialized. Custom handlers
046     * can use this callback to customize properties of the {@link SSLEngine}
047     * used to establish the SSL session.
048     *
049     * @param sslEngine the SSL engine.
050     * @throws SSLException if case of SSL protocol error.
051     */
052    //FIXME: fix type
053    void initalize(SSLEngine sslEngine) throws SSLException;
054
055    /**
056     * Triggered when the SSL connection has been established and initial SSL
057     * handshake has been successfully completed. Custom handlers can use
058     * this callback to verify properties of the {@link SSLSession}.
059     * For instance this would be the right place to enforce SSL cipher
060     * strength, validate certificate chain and do hostname checks.
061     *
062     * @param ioSession the underlying IOSession for the SSL connection.
063     * @param sslSession newly created SSL session.
064     * @throws SSLException if case of SSL protocol error.
065     */
066    void verify(IOSession ioSession, SSLSession sslSession) throws SSLException;
067
068}