/** * Construct a new instance. * * @param delegate the delegate SASL client factory * @param sslSession supplier of the current SSLSession * @deprecated Use {@link #SSLSaslClientFactory(Supplier, SaslClientFactory)} to avoid problems where a TLS client is acting as a SASL server. */ public SSLSaslClientFactory(final SaslClientFactory delegate, final Supplier<SSLSession> sslSession) { this(() -> SSLConnection.forSession(sslSession.get(), true), delegate); }
final boolean clientMode = isClientMode(); switch (bindingType) { case TLS_SERVER_ENDPOINT: { final X509Certificate serverCert; final SSLSession session = getSession(); if (session == null) { return null;
/** * Populate the given channel binding callback with any channel binding data that might be present on this * connection. If no channel binding seems to be supported, then the callback will be left unpopulated. * * @param callback the binding callback to populate (must not be {@code null}) */ public void handleChannelBindingCallback(final ChannelBindingCallback callback) { Assert.checkNotNullParam("callback", callback); byte[] bindingData = getChannelBinding("tls-unique"); if (bindingData != null) { callback.setBindingType("tls-unique"); callback.setBindingData(bindingData); } else { bindingData = getChannelBinding(TLS_SERVER_ENDPOINT); if (bindingData != null) { callback.setBindingType(TLS_SERVER_ENDPOINT); callback.setBindingData(bindingData); } } }
peerCerts = X500.asX509CertificateArray(sslCallback.getSslConnection().getSession().getPeerCertificates()); } catch (SSLPeerUnverifiedException e) { log.trace("Peer unverified", e); final SSLConnection sslConnection = this.sslConnection; if (sslConnection != null) { sslConnection.handleChannelBindingCallback((ChannelBindingCallback) callback);
/** * Get the SSL session in force. * * @return the SSL session in force */ public SSLSession getSslSession() { return sslConnection.getSession(); }
sslConnection.handleChannelBindingCallback((ChannelBindingCallback) callback);
peerCerts = X500.asX509CertificateArray(sslCallback.getSslConnection().getSession().getPeerCertificates()); } catch (SSLPeerUnverifiedException e) { log.trace("Peer unverified", e); final SSLConnection sslConnection = this.sslConnection; if (sslConnection != null) { sslConnection.handleChannelBindingCallback((ChannelBindingCallback) callback);
final SSLSession sslSession = ((SSLCallback) callback).getSslConnection().getSession(); if (sslSession != null) { final Principal localPrincipal = sslSession.getLocalPrincipal();
sslConnection.handleChannelBindingCallback((ChannelBindingCallback) callback);
peerCerts = X500.asX509CertificateArray(sslCallback.getSslConnection().getSession().getPeerCertificates()); } catch (SSLPeerUnverifiedException e) { log.trace("Peer unverified", e); final SSLConnection sslConnection = this.sslConnection; if (sslConnection != null) { sslConnection.handleChannelBindingCallback((ChannelBindingCallback) callback);
final boolean clientMode = isClientMode(); switch (bindingType) { case TLS_SERVER_ENDPOINT: { final X509Certificate serverCert; final SSLSession session = getSession(); if (session == null) { return null;
/** * Construct a new instance. The session connection is assumed to be in server mode. * * @param sslSession supplier for the current SSL session * @param delegate the delegate SASL server factory * @deprecated Use {@link #SSLSaslServerFactory(Supplier, SaslServerFactory)} to avoid problems where a TLS server is acting as a SASL client. */ @Deprecated public SSLSaslServerFactory(final SaslServerFactory delegate, final Supplier<SSLSession> sslSession) { this(() -> SSLConnection.forSession(sslSession.get(), false), delegate); }
/** * Get the SSL session in force. * * @return the SSL session in force */ public SSLSession getSslSession() { return sslConnection.getSession(); }
sslConnection.handleChannelBindingCallback((ChannelBindingCallback) callback);
/** * Populate the given channel binding callback with any channel binding data that might be present on this * connection. If no channel binding seems to be supported, then the callback will be left unpopulated. * * @param callback the binding callback to populate (must not be {@code null}) */ public void handleChannelBindingCallback(final ChannelBindingCallback callback) { Assert.checkNotNullParam("callback", callback); byte[] bindingData = getChannelBinding("tls-unique"); if (bindingData != null) { callback.setBindingType("tls-unique"); callback.setBindingData(bindingData); } else { bindingData = getChannelBinding(TLS_SERVER_ENDPOINT); if (bindingData != null) { callback.setBindingType(TLS_SERVER_ENDPOINT); callback.setBindingData(bindingData); } } }
peerCerts = X500.asX509CertificateArray(sslCallback.getSslConnection().getSession().getPeerCertificates()); } catch (SSLPeerUnverifiedException e) { log.trace("Peer unverified", e); final SSLConnection sslConnection = this.sslConnection; if (sslConnection != null) { sslConnection.handleChannelBindingCallback((ChannelBindingCallback) callback);
final boolean clientMode = isClientMode(); switch (bindingType) { case TLS_SERVER_ENDPOINT: { final X509Certificate serverCert; final SSLSession session = getSession(); if (session == null) { return null;
saslClientFactory = new SSLSaslClientFactory(() -> SSLConnection.forSession(sslSession, true), saslClientFactory);
/** * Get the SSL session in force. * * @return the SSL session in force */ public SSLSession getSslSession() { return sslConnection.getSession(); }
sslConnection.handleChannelBindingCallback((ChannelBindingCallback) callback);