From cbc64bf726c6178e8850fef01ccbac23d38cadbd Mon Sep 17 00:00:00 2001
From: Matthew Swift <matthew.swift@forgerock.com>
Date: Mon, 17 Dec 2012 16:36:07 +0000
Subject: [PATCH] Fix OPENDJ-666: Expose SSLSession in LDAPClientContext

---
 opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/LDAPClientContext.java |   21 ++++++++++++++++++---
 1 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/LDAPClientContext.java b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/LDAPClientContext.java
index 7575ea0..d3491ad 100644
--- a/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/LDAPClientContext.java
+++ b/opendj3/opendj-ldap-sdk/src/main/java/org/forgerock/opendj/ldap/LDAPClientContext.java
@@ -30,6 +30,7 @@
 import java.net.InetSocketAddress;
 
 import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
 
 import org.forgerock.opendj.ldap.responses.ExtendedResult;
 
@@ -82,15 +83,29 @@
     InetSocketAddress getPeerAddress();
 
     /**
-     * Returns the strongest cipher strength currently in use by the underlying
-     * connection.
+     * Returns the cipher strength, in bits, currently in use by the underlying
+     * connection. This value is analogous to the
+     * {@code javax.servlet.request.key_size} property defined in the Servlet
+     * specification (section 3.8 "SSL Attributes"). It provides no indication
+     * of the relative strength of different cipher algorithms, their known
+     * weaknesses, nor the strength of other cryptographic information used
+     * during SSL/TLS negotiation.
      *
-     * @return The strongest cipher strength currently in use by the underlying
+     * @return The cipher strength, in bits, currently in use by the underlying
      *         connection.
      */
     int getSecurityStrengthFactor();
 
     /**
+     * Returns the SSL session currently in use by the underlying connection, or
+     * {@code null} if SSL/TLS is not enabled.
+     *
+     * @return The SSL session currently in use by the underlying connection, or
+     *         {@code null} if SSL/TLS is not enabled.
+     */
+    SSLSession getSSLSession();
+
+    /**
      * Returns {@code true} if the underlying connection has been closed as a
      * result of a client disconnect, a fatal connection error, or a server-side
      * {@link #disconnect}.

--
Gitblit v1.10.0