null if there is none.
+ *
+ * @return The local identity.
+ * @since 1.5
+ */
+ public Principal getLocalPrincipal ()
+ {
+ if (session != null)
+ return session.getLocalPrincipal ();
+ return null;
+ }
+
+ /**
* Returns the peer's certificates being used in this connection.
*
* @return The peer's certificates.
@@ -125,6 +140,22 @@
{
if (session != null)
return session.getPeerCertificateChain();
+ return null;
+ }
+
+ /**
+ * Returns the peer's identity, or null if there is
+ * none.
+ *
+ * @return The peer's identity.
+ * @throws SSLPeerUnverifiedException If the remote peer's identity
+ * could not be verified.
+ * @since 1.5
+ */
+ public Principal getPeerPrincipal () throws SSLPeerUnverifiedException
+ {
+ if (session != null)
+ return session.getPeerPrincipal ();
return null;
}
Index: javax/net/ssl/HttpsURLConnection.java
===================================================================
RCS file: /cvsroot/classpath/classpath/javax/net/ssl/HttpsURLConnection.java,v
retrieving revision 1.3
diff -u -B -b -r1.3 HttpsURLConnection.java
--- javax/net/ssl/HttpsURLConnection.java 2 Jul 2005 20:32:45 -0000 1.3
+++ javax/net/ssl/HttpsURLConnection.java 13 Sep 2005 05:02:28 -0000
@@ -41,7 +41,9 @@
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
+import java.security.Principal;
import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
/**
* A URL connection that connects via the Secure Socket Layer
@@ -92,7 +94,7 @@
* @param url The URL of the connection being established.
* @throws IOException If the connection cannot be established.
*/
- protected HttpsURLConnection(URL url) throws IOException
+ protected HttpsURLConnection(URL url)
{
super(url);
}
@@ -243,6 +245,48 @@
if (factory == null)
throw new IllegalArgumentException("factory cannot be null");
this.factory = factory;
+ }
+
+ /**
+ * Returns the local principal for this connection.
+ *
+ * The default implementation will return the address@hidden
+ * javax.security.x500.X500Principal} for the end entity certificate
+ * in the local certificate chain if those certificates are of type
+ * address@hidden java.security.cert.X509Certificate}. Otherwise, this
+ * method returns null.
+ *
+ * @return The local principal.
+ * @since 1.5
+ */
+ public Principal getLocalPrincipal ()
+ {
+ Certificate[] c = getLocalCertificates ();
+ if (c != null && c.length > 0 && (c[0] instanceof X509Certificate))
+ return ((X509Certificate) c[0]).getSubjectX500Principal ();
+ return null;
+ }
+
+ /**
+ * Returns the remote peer's principal for this connection.
+ *
+ *
The default implementation will return the address@hidden
+ * javax.security.x500.X500Principal} for the end entity certificate
+ * in the remote peer's certificate chain if those certificates are
+ * of type address@hidden java.security.cert.X509Certificate}. Otherwise,
+ * this method returns null.
+ *
+ * @return The remote principal.
+ * @throws SSLPeerUnverifiedException If the remote peer has not
+ * been verified.
+ * @since 1.5
+ */
+ public Principal getPeerPrincipal () throws SSLPeerUnverifiedException
+ {
+ Certificate[] c = getServerCertificates ();
+ if (c != null && c.length > 0 && (c[0] instanceof X509Certificate))
+ return ((X509Certificate) c[0]).getSubjectX500Principal ();
+ return null;
}
// Abstract methods.
Index: javax/net/ssl/SSLContext.java
===================================================================
RCS file: /cvsroot/classpath/classpath/javax/net/ssl/SSLContext.java,v
retrieving revision 1.4
diff -u -B -b -r1.4 SSLContext.java
--- javax/net/ssl/SSLContext.java 2 Jul 2005 20:32:45 -0000 1.4
+++ javax/net/ssl/SSLContext.java 13 Sep 2005 05:02:30 -0000
@@ -188,6 +188,31 @@
// -----------------------------------------------------------------
/**
+ * Creates a new address@hidden SSLEngine} for this context.
+ *
+ * @return The new SSLEngine.
+ * @since 1.5
+ */
+ public final SSLEngine createSSLEngine ()
+ {
+ return ctxSpi.engineCreateSSLEngine ();
+ }
+
+ /**
+ * Creates a new address@hidden SSLEngine} for this context, with a given
+ * host name and port number.
+ *
+ * @param host The local host name.
+ * @param port The local port number.
+ * @return The new SSLEngine.
+ * @since 1.5
+ */
+ public final SSLEngine createSSLEngine (final String host, final int port)
+ {
+ return ctxSpi.engineCreateSSLEngine (host, port);
+ }
+
+ /**
* Returns the set of SSL contexts available for client connections.
*
* @return The set of SSL contexts available for client connections.
Index: javax/net/ssl/SSLContextSpi.java
===================================================================
RCS file: /cvsroot/classpath/classpath/javax/net/ssl/SSLContextSpi.java,v
retrieving revision 1.2
diff -u -B -b -r1.2 SSLContextSpi.java
--- javax/net/ssl/SSLContextSpi.java 2 Jul 2005 20:32:45 -0000 1.2
+++ javax/net/ssl/SSLContextSpi.java 13 Sep 2005 05:02:30 -0000
@@ -64,6 +64,28 @@
// Abstract methods.
// -------------------------------------------------------------------
+ // Sun, you've broken existing applications by introducing new
+ // abstract methods! Goodjob!!!
+
+ /**
+ * Returns a new address@hidden SSLEngine} for this context.
+ *
+ * @return A new SSLEngine.
+ * @since 1.5
+ */
+ protected abstract SSLEngine engineCreateSSLEngine ();
+
+ /**
+ * Returns a new address@hidden SSLEngine} for this context, for the given
+ * host name and port number.
+ *
+ * @param host The local host name.
+ * @param port The local port number.
+ * @return A new SSLEngine.
+ * @since 1.5
+ */
+ protected abstract SSLEngine engineCreateSSLEngine (String host, int port);
+
/**
* Returns the set of SSL sessions available for client connections.
*
Index: javax/net/ssl/SSLException.java
===================================================================
RCS file: /cvsroot/classpath/classpath/javax/net/ssl/SSLException.java,v
retrieving revision 1.2
diff -u -B -b -r1.2 SSLException.java
--- javax/net/ssl/SSLException.java 2 Jul 2005 20:32:45 -0000 1.2
+++ javax/net/ssl/SSLException.java 13 Sep 2005 05:02:30 -0000
@@ -56,4 +56,15 @@
{
super(message);
}
+
+ public SSLException (String message, Throwable cause)
+ {
+ super (message);
+ initCause (cause);
+ }
+
+ public SSLException (Throwable cause)
+ {
+ initCause (cause);
+ }
}
Index: javax/net/ssl/SSLSession.java
===================================================================
RCS file: /cvsroot/classpath/classpath/javax/net/ssl/SSLSession.java,v
retrieving revision 1.3
diff -u -B -b -r1.3 SSLSession.java
--- javax/net/ssl/SSLSession.java 2 Jul 2005 20:32:45 -0000 1.3
+++ javax/net/ssl/SSLSession.java 13 Sep 2005 05:02:36 -0000
@@ -38,6 +38,7 @@
package javax.net.ssl;
+import java.security.Principal;
import java.security.cert.Certificate;
import javax.security.cert.X509Certificate;
@@ -48,6 +49,20 @@
*/
public interface SSLSession
{
+
+ /**
+ * Returns the size of the largest application data buffer that can
+ * occur in this session.
+ *
+ *
Buffers passed to handle the incoming data for the
+ * unwrap method of SSLEngine must be at least this
+ * large.
+ *
+ * @return The size of application buffers.
+ * @since 1.5
+ */
+ int getApplicationBufferSize ();
+
/**
* Returns this session's cihper suite.
*
@@ -87,6 +102,28 @@
Certificate[] getLocalCertificates();
/**
+ * Returns the address@hidden Principal} representing the local identity
+ * used in this session, or null if there is no local
+ * identity.
+ *
+ * @return The local principal.
+ */
+ Principal getLocalPrincipal ();
+
+ /**
+ * Returns the size of the largest SSL message that will be
+ * generated by this session.
+ *
+ *
Callers of wrap and unwrap should
+ * use this value to determine the size of buffers for data coming
+ * into, or going out over, the network.
+ *
+ * @returns The maximum network packet size.
+ * @since 1.5
+ */
+ int getPacketBufferSize ();
+
+ /**
* Returns the chain of certificates that the remote side used in
* the handshake, or null if none were used.
*
@@ -115,6 +152,27 @@
String getPeerHost();
/**
+ * Returns the port number the remote peer is using for this
+ * session.
+ *
+ * @return The peer's port number.
+ * @since 1.5
+ */
+ int getPeerPort ();
+
+ /**
+ * Returns the address@hidden Principal} representing the identity of the
+ * remote peer, or null if the remote peer has no known
+ * identity.
+ *
+ * @return The remote peer's principal.
+ * @throws SSLPeerUnverifiedException If the remote peer's identity
+ * could not be verified.
+ * @since 1.5
+ */
+ Principal getPeerPrincipal () throws SSLPeerUnverifiedException;
+
+ /**
* Returns the protocol this session uses.
*
* @return The protocol.
@@ -150,6 +208,15 @@
* another socket.
*/
void invalidate();
+
+ /**
+ * Tells if this session is currently valid, and may be resumed.
+ *
+ * @return True if this session is valid.
+ * @since 1.5
+ * @see #invalidate()
+ */
+ boolean isValid ();
/**
* Binds a value to this session, with the given name.