001/* 002 * ==================================================================== 003 * Licensed to the Apache Software Foundation (ASF) under one 004 * or more contributor license agreements. See the NOTICE file 005 * distributed with this work for additional information 006 * regarding copyright ownership. The ASF licenses this file 007 * to you under the Apache License, Version 2.0 (the 008 * "License"); you may not use this file except in compliance 009 * with the License. You may obtain a copy of the License at 010 * 011 * http://www.apache.org/licenses/LICENSE-2.0 012 * 013 * Unless required by applicable law or agreed to in writing, 014 * software distributed under the License is distributed on an 015 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 016 * KIND, either express or implied. See the License for the 017 * specific language governing permissions and limitations 018 * under the License. 019 * ==================================================================== 020 * 021 * This software consists of voluntary contributions made by many 022 * individuals on behalf of the Apache Software Foundation. For more 023 * information on the Apache Software Foundation, please see 024 * <http://www.apache.org/>. 025 * 026 */ 027 028package org.apache.http.nio.reactor.ssl; 029 030import javax.net.ssl.SSLEngine; 031import javax.net.ssl.SSLException; 032import javax.net.ssl.SSLSession; 033 034import org.apache.http.nio.reactor.IOSession; 035 036/** 037 * Callback interface that can be used to customize various aspects of 038 * the TLS/SSL protocol. 039 * 040 * @since 4.2 041 */ 042public interface SSLSetupHandler { 043 044 /** 045 * Triggered when the SSL connection is being initialized. Custom handlers 046 * can use this callback to customize properties of the {@link SSLEngine} 047 * used to establish the SSL session. 048 * 049 * @param sslEngine the SSL engine. 050 * @throws SSLException if case of SSL protocol error. 051 */ 052 //FIXME: fix type 053 void initalize(SSLEngine sslEngine) throws SSLException; 054 055 /** 056 * Triggered when the SSL connection has been established and initial SSL 057 * handshake has been successfully completed. Custom handlers can use 058 * this callback to verify properties of the {@link SSLSession}. 059 * For instance this would be the right place to enforce SSL cipher 060 * strength, validate certificate chain and do hostname checks. 061 * 062 * @param ioSession the underlying IOSession for the SSL connection. 063 * @param sslSession newly created SSL session. 064 * @throws SSLException if case of SSL protocol error. 065 */ 066 void verify(IOSession ioSession, SSLSession sslSession) throws SSLException; 067 068}