mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: 381218cf | patch | commit | show whitespace
Matthew Swift
17.36.2012 cbc64bf726c6178e8850fef01ccbac23d38cadbd 
Fix OPENDJ-666: Expose SSLSession in LDAPClientContext
2 files modified
42 ■■■■■ changed files
opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPServerFilter.java 21 ●●●● patch | view | raw | blame | history
opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/LDAPClientContext.java 21 ●●●● patch | view | raw | blame | history 
 opendj3/opendj-ldap-sdk/src/main/java/com/forgerock/opendj/ldap/LDAPServerFilter.java


@@ -35,6 +35,7 @@




import javax.net.ssl.SSLContext;


import javax.net.ssl.SSLEngine;


import javax.net.ssl.SSLSession;




import org.forgerock.opendj.ldap.ByteString;


import org.forgerock.opendj.ldap.ConnectionSecurityLayer;


@@ -235,24 +236,24 @@




        @Override


        public int getSecurityStrengthFactor() {


            int ssf = 0;


            final SSLEngine sslEngine = SSLUtils.getSSLEngine(connection);


            if (sslEngine != null) {


                final String cipherString = sslEngine.getSession().getCipherSuite();


            final SSLSession sslSession = getSSLSession();


            if (sslSession != null) {


                final String cipherString = sslSession.getCipherSuite();


                for (final Object[] cipher : CIPHER_KEY_SIZES) {


                    if (cipherString.indexOf((String) cipher[0]) >= 0) {


                        ssf = (Integer) cipher[1];


                        break;


                        return (Integer) cipher[1];


                    }


                }


            }


            return 0;


        }




            return ssf;


        @Override


        public SSLSession getSSLSession() {


            final SSLEngine sslEngine = SSLUtils.getSSLEngine(connection);


            return sslEngine != null ? sslEngine.getSession() : null;


        }




        /**


         * {@inheritDoc}


         */


        @Override


        public boolean isClosed() {


            return isClosed.get();




 opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/LDAPClientContext.java


@@ -30,6 +30,7 @@


import java.net.InetSocketAddress;




import javax.net.ssl.SSLContext;


import javax.net.ssl.SSLSession;




import org.forgerock.opendj.ldap.responses.ExtendedResult;




@@ -82,15 +83,29 @@


    InetSocketAddress getPeerAddress();




    /**


     * Returns the strongest cipher strength currently in use by the underlying


     * connection.


     * Returns the cipher strength, in bits, currently in use by the underlying


     * connection. This value is analogous to the


     * {@code javax.servlet.request.key_size} property defined in the Servlet


     * specification (section 3.8 "SSL Attributes"). It provides no indication


     * of the relative strength of different cipher algorithms, their known


     * weaknesses, nor the strength of other cryptographic information used


     * during SSL/TLS negotiation.


     *


     * @return The strongest cipher strength currently in use by the underlying


     * @return The cipher strength, in bits, currently in use by the underlying


     *         connection.


     */


    int getSecurityStrengthFactor();




    /**


     * Returns the SSL session currently in use by the underlying connection, or


     * {@code null} if SSL/TLS is not enabled.


     *


     * @return The SSL session currently in use by the underlying connection, or


     *         {@code null} if SSL/TLS is not enabled.


     */


    SSLSession getSSLSession();




    /**


     * Returns {@code true} if the underlying connection has been closed as a


     * result of a client disconnect, a fatal connection error, or a server-side


     * {@link #disconnect}.