1 /* 2 * ==================================================================== 3 * Licensed to the Apache Software Foundation (ASF) under one 4 * or more contributor license agreements. See the NOTICE file 5 * distributed with this work for additional information 6 * regarding copyright ownership. The ASF licenses this file 7 * to you under the Apache License, Version 2.0 (the 8 * "License"); you may not use this file except in compliance 9 * with the License. You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, 14 * software distributed under the License is distributed on an 15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 * KIND, either express or implied. See the License for the 17 * specific language governing permissions and limitations 18 * under the License. 19 * ==================================================================== 20 * 21 * This software consists of voluntary contributions made by many 22 * individuals on behalf of the Apache Software Foundation. For more 23 * information on the Apache Software Foundation, please see 24 * <http://www.apache.org/>. 25 * 26 */ 27 28 package org.apache.hc.core5.reactor.ssl; 29 30 import javax.net.ssl.SSLEngine; 31 import javax.net.ssl.SSLException; 32 33 import org.apache.hc.core5.net.NamedEndpoint; 34 35 /** 36 * Callback interface that can be used to customize TLS/SSL session verification. 37 * 38 * @since 4.2 39 */ 40 public interface SSLSessionVerifier { 41 42 /** 43 * Triggered when the SSL connection has been established and initial SSL 44 * handshake has been successfully completed. Custom handlers can use 45 * this callback to verify properties of the {@link SSLEngine}. 46 * For instance this would be the right place to enforce SSL cipher 47 * strength, validate certificate chain and do hostname checks. 48 * 49 * @param endpoint the endpoint name for a client side session or {@code null} 50 * for a server side session. 51 * @param sslEngine SSL engine. 52 * @throws SSLException if case of SSL protocol error. 53 */ 54 TlsDetails verify(NamedEndpoint endpoint, SSLEngine sslEngine) throws SSLException; 55 56 }