This is an automated email from the ASF dual-hosted git repository.
earthchen pushed a commit to branch 3.2
in repository https://gitbox.apache.org/repos/asf/dubbo.git
The following commit(s) were added to refs/heads/3.2 by this push:
new 652a78aeb2 Support pass SSLSession in Invocation to check permission
(#15049)
652a78aeb2 is described below
commit 652a78aeb2dab6f333766d477038bf6f5183c4ba
Author: Albumen Kevin <[email protected]>
AuthorDate: Mon Jan 13 11:15:31 2025 +0800
Support pass SSLSession in Invocation to check permission (#15049)
---
.../java/org/apache/dubbo/common/ssl/CertManager.java | 4 ++--
.../java/org/apache/dubbo/common/ssl/CertProvider.java | 10 ++++++++++
.../main/java/org/apache/dubbo/remoting/Constants.java | 1 +
.../netty4/NettyPortUnificationServerHandler.java | 4 ++++
.../remoting/transport/netty4/NettyServerHandler.java | 16 ++++++++++++++++
.../transport/netty4/ssl/SslClientTlsHandler.java | 5 ++++-
.../transport/netty4/ssl/SslServerTlsHandler.java | 4 ++++
.../rpc/protocol/dubbo/DecodeableRpcInvocation.java | 4 ++++
.../dubbo/rpc/protocol/tri/call/AbstractServerCall.java | 7 +++++++
.../org/apache/dubbo/rpc/protocol/tri/stream/Stream.java | 9 +++++++++
.../rpc/protocol/tri/stream/TripleClientStream.java | 10 ++++++++++
.../rpc/protocol/tri/stream/TripleServerStream.java | 11 +++++++++++
12 files changed, 82 insertions(+), 3 deletions(-)
diff --git
a/dubbo-common/src/main/java/org/apache/dubbo/common/ssl/CertManager.java
b/dubbo-common/src/main/java/org/apache/dubbo/common/ssl/CertManager.java
index 8bb0c492ec..608fff2d87 100644
--- a/dubbo-common/src/main/java/org/apache/dubbo/common/ssl/CertManager.java
+++ b/dubbo-common/src/main/java/org/apache/dubbo/common/ssl/CertManager.java
@@ -32,8 +32,8 @@ public class CertManager {
public ProviderCert getProviderConnectionConfig(URL localAddress,
SocketAddress remoteAddress) {
for (CertProvider certProvider : certProviders) {
- if (certProvider.isSupport(localAddress)) {
- ProviderCert cert =
certProvider.getProviderConnectionConfig(localAddress);
+ if (certProvider.isSupport(localAddress, remoteAddress)) {
+ ProviderCert cert =
certProvider.getProviderConnectionConfig(localAddress, remoteAddress);
if (cert != null) {
return cert;
}
diff --git
a/dubbo-common/src/main/java/org/apache/dubbo/common/ssl/CertProvider.java
b/dubbo-common/src/main/java/org/apache/dubbo/common/ssl/CertProvider.java
index dad514f9b2..1c80158ee3 100644
--- a/dubbo-common/src/main/java/org/apache/dubbo/common/ssl/CertProvider.java
+++ b/dubbo-common/src/main/java/org/apache/dubbo/common/ssl/CertProvider.java
@@ -20,11 +20,21 @@ import org.apache.dubbo.common.URL;
import org.apache.dubbo.common.extension.ExtensionScope;
import org.apache.dubbo.common.extension.SPI;
+import java.net.SocketAddress;
+
@SPI(scope = ExtensionScope.FRAMEWORK)
public interface CertProvider {
boolean isSupport(URL address);
+ default boolean isSupport(URL address, SocketAddress remoteAddress) {
+ return isSupport(address);
+ }
+
ProviderCert getProviderConnectionConfig(URL localAddress);
+ default ProviderCert getProviderConnectionConfig(URL localAddress,
SocketAddress remoteAddress) {
+ return getProviderConnectionConfig(localAddress);
+ }
+
Cert getConsumerConnectionConfig(URL remoteAddress);
}
diff --git
a/dubbo-remoting/dubbo-remoting-api/src/main/java/org/apache/dubbo/remoting/Constants.java
b/dubbo-remoting/dubbo-remoting-api/src/main/java/org/apache/dubbo/remoting/Constants.java
index 019a113a01..05dd76beb2 100644
---
a/dubbo-remoting/dubbo-remoting-api/src/main/java/org/apache/dubbo/remoting/Constants.java
+++
b/dubbo-remoting/dubbo-remoting-api/src/main/java/org/apache/dubbo/remoting/Constants.java
@@ -175,6 +175,7 @@ public interface Constants {
String APACHE_HTTP_CLIENT = "apache-http-client";
String CONTENT_LENGTH_KEY = "content-length";
+ String SSL_SESSION_KEY = "ssl-session";
String USE_SECURE_RANDOM_ID =
"dubbo.application.use-secure-random-request-id";
diff --git
a/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/NettyPortUnificationServerHandler.java
b/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/NettyPortUnificationServerHandler.java
index 12ea3ffc09..9b1ccd1d1d 100644
---
a/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/NettyPortUnificationServerHandler.java
+++
b/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/NettyPortUnificationServerHandler.java
@@ -23,6 +23,7 @@ import org.apache.dubbo.common.logger.LoggerFactory;
import org.apache.dubbo.common.ssl.CertManager;
import org.apache.dubbo.common.ssl.ProviderCert;
import org.apache.dubbo.remoting.ChannelHandler;
+import org.apache.dubbo.remoting.Constants;
import org.apache.dubbo.remoting.api.ProtocolDetector;
import org.apache.dubbo.remoting.api.WireProtocol;
import org.apache.dubbo.remoting.buffer.ChannelBuffer;
@@ -42,6 +43,7 @@ import io.netty.handler.codec.ByteToMessageDecoder;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslHandshakeCompletionEvent;
+import io.netty.util.AttributeKey;
import static
org.apache.dubbo.common.constants.LoggerCodeConstants.INTERNAL_ERROR;
@@ -55,6 +57,7 @@ public class NettyPortUnificationServerHandler extends
ByteToMessageDecoder {
private final Map<String, WireProtocol> protocols;
private final Map<String, URL> urlMapper;
private final Map<String, ChannelHandler> handlerMapper;
+ private static final AttributeKey<SSLSession> SSL_SESSION_KEY =
AttributeKey.valueOf(Constants.SSL_SESSION_KEY);
public NettyPortUnificationServerHandler(
URL url,
@@ -89,6 +92,7 @@ public class NettyPortUnificationServerHandler extends
ByteToMessageDecoder {
SSLSession session =
ctx.pipeline().get(SslHandler.class).engine().getSession();
LOGGER.info("TLS negotiation succeed with session: " +
session);
+ ctx.channel().attr(SSL_SESSION_KEY).set(session);
} else {
LOGGER.error(
INTERNAL_ERROR,
diff --git
a/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/NettyServerHandler.java
b/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/NettyServerHandler.java
index 1eff7fc84b..116511ac5c 100644
---
a/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/NettyServerHandler.java
+++
b/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/NettyServerHandler.java
@@ -22,6 +22,9 @@ import org.apache.dubbo.common.logger.LoggerFactory;
import org.apache.dubbo.common.utils.NetUtils;
import org.apache.dubbo.remoting.Channel;
import org.apache.dubbo.remoting.ChannelHandler;
+import org.apache.dubbo.remoting.Constants;
+
+import javax.net.ssl.SSLSession;
import java.net.InetSocketAddress;
import java.util.Map;
@@ -30,7 +33,9 @@ import java.util.concurrent.ConcurrentHashMap;
import io.netty.channel.ChannelDuplexHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelPromise;
+import io.netty.handler.ssl.SslHandshakeCompletionEvent;
import io.netty.handler.timeout.IdleStateEvent;
+import io.netty.util.AttributeKey;
/**
* NettyServerHandler.
@@ -44,6 +49,8 @@ public class NettyServerHandler extends ChannelDuplexHandler {
*/
private final Map<String, Channel> channels = new ConcurrentHashMap<>();
+ private static final AttributeKey<SSLSession> SSL_SESSION_KEY =
AttributeKey.valueOf(Constants.SSL_SESSION_KEY);
+
private final URL url;
private final ChannelHandler handler;
@@ -123,6 +130,15 @@ public class NettyServerHandler extends
ChannelDuplexHandler {
}
}
super.userEventTriggered(ctx, evt);
+ if (evt instanceof SslHandshakeCompletionEvent) {
+ SslHandshakeCompletionEvent handshakeEvent =
(SslHandshakeCompletionEvent) evt;
+ if (handshakeEvent.isSuccess()) {
+ NettyChannel channel =
NettyChannel.getOrAddChannel(ctx.channel(), url, handler);
+ channel.setAttribute(
+ Constants.SSL_SESSION_KEY,
+ ctx.channel().attr(SSL_SESSION_KEY).get());
+ }
+ }
}
@Override
diff --git
a/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/ssl/SslClientTlsHandler.java
b/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/ssl/SslClientTlsHandler.java
index 9918d171ee..fd3f245884 100644
---
a/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/ssl/SslClientTlsHandler.java
+++
b/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/ssl/SslClientTlsHandler.java
@@ -19,6 +19,7 @@ package org.apache.dubbo.remoting.transport.netty4.ssl;
import org.apache.dubbo.common.URL;
import org.apache.dubbo.common.logger.ErrorTypeAwareLogger;
import org.apache.dubbo.common.logger.LoggerFactory;
+import org.apache.dubbo.remoting.Constants;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSession;
@@ -28,13 +29,14 @@ import io.netty.channel.ChannelInboundHandlerAdapter;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslHandshakeCompletionEvent;
+import io.netty.util.AttributeKey;
import static
org.apache.dubbo.common.constants.LoggerCodeConstants.INTERNAL_ERROR;
public class SslClientTlsHandler extends ChannelInboundHandlerAdapter {
private static final ErrorTypeAwareLogger logger =
LoggerFactory.getErrorTypeAwareLogger(SslClientTlsHandler.class);
-
+ private static final AttributeKey<SSLSession> SSL_SESSION_KEY =
AttributeKey.valueOf(Constants.SSL_SESSION_KEY);
private final SslContext sslContext;
public SslClientTlsHandler(URL url) {
@@ -60,6 +62,7 @@ public class SslClientTlsHandler extends
ChannelInboundHandlerAdapter {
ctx.pipeline().get(SslHandler.class).engine().getSession();
logger.info("TLS negotiation succeed with: " +
session.getPeerHost());
ctx.pipeline().remove(this);
+ ctx.channel().attr(SSL_SESSION_KEY).set(session);
} else {
logger.error(
INTERNAL_ERROR,
diff --git
a/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/ssl/SslServerTlsHandler.java
b/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/ssl/SslServerTlsHandler.java
index 519c45c6de..00b1a0c30b 100644
---
a/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/ssl/SslServerTlsHandler.java
+++
b/dubbo-remoting/dubbo-remoting-netty4/src/main/java/org/apache/dubbo/remoting/transport/netty4/ssl/SslServerTlsHandler.java
@@ -22,6 +22,7 @@ import org.apache.dubbo.common.logger.LoggerFactory;
import org.apache.dubbo.common.ssl.AuthPolicy;
import org.apache.dubbo.common.ssl.CertManager;
import org.apache.dubbo.common.ssl.ProviderCert;
+import org.apache.dubbo.remoting.Constants;
import javax.net.ssl.SSLSession;
@@ -34,6 +35,7 @@ import io.netty.handler.codec.ByteToMessageDecoder;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslHandshakeCompletionEvent;
+import io.netty.util.AttributeKey;
import static
org.apache.dubbo.common.constants.LoggerCodeConstants.INTERNAL_ERROR;
@@ -43,6 +45,7 @@ public class SslServerTlsHandler extends ByteToMessageDecoder
{
private final URL url;
private final boolean sslDetected;
+ private static final AttributeKey<SSLSession> SSL_SESSION_KEY =
AttributeKey.valueOf(Constants.SSL_SESSION_KEY);
public SslServerTlsHandler(URL url) {
this.url = url;
@@ -74,6 +77,7 @@ public class SslServerTlsHandler extends ByteToMessageDecoder
{
logger.info("TLS negotiation succeed with: " +
session.getPeerHost());
// Remove after handshake success.
ctx.pipeline().remove(this);
+ ctx.channel().attr(SSL_SESSION_KEY).set(session);
} else {
logger.error(
INTERNAL_ERROR,
diff --git
a/dubbo-rpc/dubbo-rpc-dubbo/src/main/java/org/apache/dubbo/rpc/protocol/dubbo/DecodeableRpcInvocation.java
b/dubbo-rpc/dubbo-rpc-dubbo/src/main/java/org/apache/dubbo/rpc/protocol/dubbo/DecodeableRpcInvocation.java
index 7c197597ee..23ff9dee61 100644
---
a/dubbo-rpc/dubbo-rpc-dubbo/src/main/java/org/apache/dubbo/rpc/protocol/dubbo/DecodeableRpcInvocation.java
+++
b/dubbo-rpc/dubbo-rpc-dubbo/src/main/java/org/apache/dubbo/rpc/protocol/dubbo/DecodeableRpcInvocation.java
@@ -124,6 +124,10 @@ public class DecodeableRpcInvocation extends RpcInvocation
implements Codec, Dec
public Object decode(Channel channel, InputStream input) throws
IOException {
int contentLength = input.available();
getAttributes().put(Constants.CONTENT_LENGTH_KEY, contentLength);
+ Object sslSession = channel.getAttribute(Constants.SSL_SESSION_KEY);
+ if (null != sslSession) {
+ put(Constants.SSL_SESSION_KEY, sslSession);
+ }
ObjectInput in =
CodecSupport.getSerialization(serializationType).deserialize(channel.getUrl(),
input);
this.put(SERIALIZATION_ID_KEY, serializationType);
diff --git
a/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/call/AbstractServerCall.java
b/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/call/AbstractServerCall.java
index fb8f516367..05e39b1421 100644
---
a/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/call/AbstractServerCall.java
+++
b/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/call/AbstractServerCall.java
@@ -21,6 +21,7 @@ import org.apache.dubbo.common.constants.CommonConstants;
import org.apache.dubbo.common.logger.ErrorTypeAwareLogger;
import org.apache.dubbo.common.logger.LoggerFactory;
import org.apache.dubbo.common.utils.StringUtils;
+import org.apache.dubbo.remoting.Constants;
import org.apache.dubbo.rpc.CancellationContext;
import org.apache.dubbo.rpc.Invoker;
import org.apache.dubbo.rpc.RpcContext;
@@ -39,6 +40,8 @@ import
org.apache.dubbo.rpc.protocol.tri.observer.ServerCallToObserverAdapter;
import org.apache.dubbo.rpc.protocol.tri.stream.ServerStream;
import org.apache.dubbo.rpc.protocol.tri.stream.StreamUtils;
+import javax.net.ssl.SSLSession;
+
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.Executor;
@@ -264,6 +267,10 @@ public abstract class AbstractServerCall implements
ServerCall, ServerStream.Lis
inv.setReturnTypes(methodDescriptor.getReturnTypes());
inv.setObjectAttachments(StreamUtils.toAttachments(requestMetadata));
inv.put(REMOTE_ADDRESS_KEY, stream.remoteAddress());
+ SSLSession sslSession = stream.getSslSession();
+ if (null != sslSession) {
+ inv.put(Constants.SSL_SESSION_KEY, sslSession);
+ }
// handle timeout
String timeout = (String)
requestMetadata.get(TripleHeaderEnum.TIMEOUT.getHeader());
try {
diff --git
a/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/Stream.java
b/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/Stream.java
index 05b55e5224..2ff8d7c831 100644
---
a/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/Stream.java
+++
b/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/Stream.java
@@ -18,6 +18,8 @@ package org.apache.dubbo.rpc.protocol.tri.stream;
import org.apache.dubbo.rpc.TriRpcStatus;
+import javax.net.ssl.SSLSession;
+
import java.net.SocketAddress;
import io.netty.handler.codec.http2.Http2Headers;
@@ -74,6 +76,13 @@ public interface Stream {
*/
SocketAddress remoteAddress();
+ /**
+ * Get ssl session.
+ *
+ * @return ssl session
+ */
+ SSLSession getSslSession();
+
/**
* Request n message from remote peer.
*
diff --git
a/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/TripleClientStream.java
b/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/TripleClientStream.java
index 120b6489b6..a3223c7bc4 100644
---
a/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/TripleClientStream.java
+++
b/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/TripleClientStream.java
@@ -19,6 +19,7 @@ package org.apache.dubbo.rpc.protocol.tri.stream;
import org.apache.dubbo.common.constants.CommonConstants;
import org.apache.dubbo.common.logger.ErrorTypeAwareLogger;
import org.apache.dubbo.common.logger.LoggerFactory;
+import org.apache.dubbo.remoting.Constants;
import org.apache.dubbo.rpc.TriRpcStatus;
import org.apache.dubbo.rpc.model.FrameworkModel;
import org.apache.dubbo.rpc.protocol.tri.ClassLoadUtil;
@@ -40,6 +41,8 @@ import
org.apache.dubbo.rpc.protocol.tri.transport.TripleHttp2ClientResponseHand
import org.apache.dubbo.rpc.protocol.tri.transport.TripleWriteQueue;
import org.apache.dubbo.rpc.protocol.tri.transport.WriteQueue;
+import javax.net.ssl.SSLSession;
+
import java.io.IOException;
import java.net.SocketAddress;
import java.nio.charset.StandardCharsets;
@@ -61,6 +64,7 @@ import io.netty.handler.codec.http2.Http2Error;
import io.netty.handler.codec.http2.Http2Headers;
import io.netty.handler.codec.http2.Http2StreamChannel;
import io.netty.handler.codec.http2.Http2StreamChannelBootstrap;
+import io.netty.util.AttributeKey;
import io.netty.util.ReferenceCountUtil;
import static
org.apache.dubbo.common.constants.LoggerCodeConstants.PROTOCOL_FAILED_RESPONSE;
@@ -73,6 +77,7 @@ import static
org.apache.dubbo.common.constants.LoggerCodeConstants.PROTOCOL_FAI
public class TripleClientStream extends AbstractStream implements ClientStream
{
private static final ErrorTypeAwareLogger LOGGER =
LoggerFactory.getErrorTypeAwareLogger(TripleClientStream.class);
+ private static final AttributeKey<SSLSession> SSL_SESSION_KEY =
AttributeKey.valueOf(Constants.SSL_SESSION_KEY);
public final ClientStream.Listener listener;
private final TripleWriteQueue writeQueue;
@@ -166,6 +171,11 @@ public class TripleClientStream extends AbstractStream
implements ClientStream {
return parent.remoteAddress();
}
+ @Override
+ public SSLSession getSslSession() {
+ return parent.attr(SSL_SESSION_KEY).get();
+ }
+
@Override
public ChannelFuture sendMessage(byte[] message, int compressFlag, boolean
eos) {
ChannelFuture checkResult = preCheck();
diff --git
a/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/TripleServerStream.java
b/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/TripleServerStream.java
index aa8799a39e..6d97df862d 100644
---
a/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/TripleServerStream.java
+++
b/dubbo-rpc/dubbo-rpc-triple/src/main/java/org/apache/dubbo/rpc/protocol/tri/stream/TripleServerStream.java
@@ -21,6 +21,7 @@ import org.apache.dubbo.common.constants.CommonConstants;
import org.apache.dubbo.common.logger.ErrorTypeAwareLogger;
import org.apache.dubbo.common.logger.LoggerFactory;
import org.apache.dubbo.common.utils.StringUtils;
+import org.apache.dubbo.remoting.Constants;
import org.apache.dubbo.rpc.HeaderFilter;
import org.apache.dubbo.rpc.Invoker;
import org.apache.dubbo.rpc.PathResolver;
@@ -44,6 +45,8 @@ import
org.apache.dubbo.rpc.protocol.tri.transport.AbstractH2TransportListener;
import org.apache.dubbo.rpc.protocol.tri.transport.H2TransportListener;
import org.apache.dubbo.rpc.protocol.tri.transport.TripleWriteQueue;
+import javax.net.ssl.SSLSession;
+
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
@@ -65,6 +68,7 @@ import io.netty.handler.codec.http2.DefaultHttp2Headers;
import io.netty.handler.codec.http2.Http2Error;
import io.netty.handler.codec.http2.Http2Headers;
import io.netty.handler.codec.http2.Http2StreamChannel;
+import io.netty.util.AttributeKey;
import io.netty.util.ReferenceCountUtil;
import io.netty.util.concurrent.Future;
@@ -74,6 +78,8 @@ import static
org.apache.dubbo.common.constants.LoggerCodeConstants.PROTOCOL_FAI
public class TripleServerStream extends AbstractStream implements ServerStream
{
private static final ErrorTypeAwareLogger LOGGER =
LoggerFactory.getErrorTypeAwareLogger(TripleServerStream.class);
+ private static final AttributeKey<SSLSession> SSL_SESSION_KEY =
AttributeKey.valueOf(Constants.SSL_SESSION_KEY);
+
public final ServerTransportObserver transportObserver = new
ServerTransportObserver();
private final TripleWriteQueue writeQueue;
private final PathResolver pathResolver;
@@ -112,6 +118,11 @@ public class TripleServerStream extends AbstractStream
implements ServerStream {
return remoteAddress;
}
+ @Override
+ public SSLSession getSslSession() {
+ return http2StreamChannel.attr(SSL_SESSION_KEY).get();
+ }
+
@Override
public void request(int n) {
deframer.request(n);
