diff options
Diffstat (limited to 'container-core/src/main/java/com/yahoo/container/logging')
-rw-r--r-- | container-core/src/main/java/com/yahoo/container/logging/ConnectionLogEntry.java | 8 | ||||
-rw-r--r-- | container-core/src/main/java/com/yahoo/container/logging/JsonConnectionLogWriter.java | 10 |
2 files changed, 17 insertions, 1 deletions
diff --git a/container-core/src/main/java/com/yahoo/container/logging/ConnectionLogEntry.java b/container-core/src/main/java/com/yahoo/container/logging/ConnectionLogEntry.java index 5b30ce5963d..6f9d7840573 100644 --- a/container-core/src/main/java/com/yahoo/container/logging/ConnectionLogEntry.java +++ b/container-core/src/main/java/com/yahoo/container/logging/ConnectionLogEntry.java @@ -33,6 +33,7 @@ public class ConnectionLogEntry { private final Instant sslPeerNotAfter; private final String sslSniServerName; private final SslHandshakeFailure sslHandshakeFailure; + private final List<String> sslSubjectAlternativeNames; private final String httpProtocol; private final String proxyProtocolVersion; @@ -59,6 +60,7 @@ public class ConnectionLogEntry { this.sslPeerNotAfter = builder.sslPeerNotAfter; this.sslSniServerName = builder.sslSniServerName; this.sslHandshakeFailure = builder.sslHandshakeFailure; + this.sslSubjectAlternativeNames = builder.sslSubjectAlternativeNames; this.httpProtocol = builder.httpProtocol; this.proxyProtocolVersion = builder.proxyProtocolVersion; } @@ -88,6 +90,7 @@ public class ConnectionLogEntry { public Optional<Instant> sslPeerNotAfter() { return Optional.ofNullable(sslPeerNotAfter); } public Optional<String> sslSniServerName() { return Optional.ofNullable(sslSniServerName); } public Optional<SslHandshakeFailure> sslHandshakeFailure() { return Optional.ofNullable(sslHandshakeFailure); } + public List<String> sslSubjectAlternativeNames() { return sslSubjectAlternativeNames == null ? List.of() : sslSubjectAlternativeNames; } public Optional<String> httpProtocol() { return Optional.ofNullable(httpProtocol); } public Optional<String> proxyProtocolVersion() { return Optional.ofNullable(proxyProtocolVersion); } @@ -139,6 +142,7 @@ public class ConnectionLogEntry { private Instant sslPeerNotAfter; private String sslSniServerName; private SslHandshakeFailure sslHandshakeFailure; + private List<String> sslSubjectAlternativeNames; private String httpProtocol; private String proxyProtocolVersion; @@ -225,6 +229,10 @@ public class ConnectionLogEntry { this.sslHandshakeFailure = sslHandshakeFailure; return this; } + public Builder withSslSubjectAlternativeNames(List<String> sslSubjectAlternativeNames) { + this.sslSubjectAlternativeNames = sslSubjectAlternativeNames; + return this; + } public Builder withHttpProtocol(String protocol) { this.httpProtocol = protocol; return this; diff --git a/container-core/src/main/java/com/yahoo/container/logging/JsonConnectionLogWriter.java b/container-core/src/main/java/com/yahoo/container/logging/JsonConnectionLogWriter.java index dfdc5f1b55a..53aa79b9f8c 100644 --- a/container-core/src/main/java/com/yahoo/container/logging/JsonConnectionLogWriter.java +++ b/container-core/src/main/java/com/yahoo/container/logging/JsonConnectionLogWriter.java @@ -11,6 +11,7 @@ import java.io.IOException; import java.io.OutputStream; import java.time.Instant; import java.util.Arrays; +import java.util.List; import java.util.Objects; import java.util.Optional; @@ -68,6 +69,7 @@ class JsonConnectionLogWriter implements LogWriter<ConnectionLogEntry> { Instant sslPeerNotAfter = unwrap(record.sslPeerNotAfter()); String sslSniServerName = unwrap(record.sslSniServerName()); ConnectionLogEntry.SslHandshakeFailure sslHandshakeFailure = unwrap(record.sslHandshakeFailure()); + List<String> sslSubjectAlternativeNames = record.sslSubjectAlternativeNames(); if (isAnyValuePresent( sslProtocol, sslSessionId, sslCipherSuite, sslPeerSubject, sslPeerNotBefore, sslPeerNotAfter, @@ -95,7 +97,13 @@ class JsonConnectionLogWriter implements LogWriter<ConnectionLogEntry> { generator.writeStringField("type", sslHandshakeFailure.type()); generator.writeEndObject(); } - + if (!sslSubjectAlternativeNames.isEmpty()) { + generator.writeArrayFieldStart("san"); + for (String sanEntry : sslSubjectAlternativeNames) { + generator.writeString(sanEntry); + } + generator.writeEndArray(); + } generator.writeEndObject(); } } |