Code example for SSLSocket

Methods: getSession, startHandshake

0
     * to SSLCertificateSocketFactory.createSocket().  It is harmless to call this method 
     * redundantly if the hostname has already been verified. 
     * 
     * <p>Wildcard certificates are allowed to verify any matching hostname, 
     * so "foo.bar.example.com" is verified if the peer has a certificate 
     * for "*.example.com". 
     * 
     * @param socket An SSL socket which has been connected to a server 
     * @param hostname The expected hostname of the remote server 
     * @throws IOException if something goes wrong handshaking with the server 
     * @throws SSLPeerUnverifiedException if the server cannot prove its identity 
      */ 
    private void verifyHostname(Socket socket, String hostname) throws IOException {
        // The code at the start of OpenSSLSocketImpl.startHandshake() 
        // ensures that the call is idempotent, so we can safely call it. 
        SSLSocket ssl = (SSLSocket) socket;
        ssl.startHandshake();
 
        SSLSession session = ssl.getSession();
        if (session == null) {
            throw new SSLException("Cannot verify SSL socket without session");