Example usage for android.net SSLCertificateSocketFactory setHostname

List of usage examples for android.net SSLCertificateSocketFactory setHostname

  1. HOME
  2. Java
  3. android
  4. android.net.*
  5. SSLCertificateSocketFactory
  6. setHostname

Introduction

In this page you can find the example usage for android.net SSLCertificateSocketFactory setHostname.

Prototype

public void setHostname(Socket socket, String hostName)

Source Link

Document

Turns on <a href="http://tools.ietf.org/html/rfc6066#section-3">Server Name Indication (SNI)</a> on a given socket.

Usage

From source file:org.transdroid.util.TlsSniSocketFactory.java

@Override
@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR1)
public Socket createSocket(Socket plainSocket, String host, int port, boolean autoClose) throws IOException {
    if (autoClose) {
        // we don't need the plainSocket
        plainSocket.close();//from  www.ja v  a2  s  .com
    }

    SSLCertificateSocketFactory sslSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory
            .getDefault(0);

    // create and connect SSL socket, but don't do hostname/certificate verification yet
    SSLSocket ssl = (SSLSocket) sslSocketFactory.createSocket(InetAddress.getByName(host), port);

    // enable TLSv1.1/1.2 if available
    ssl.setEnabledProtocols(ssl.getSupportedProtocols());

    // set up SNI before the handshake
    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) {
        sslSocketFactory.setHostname(ssl, host);
    } else {
        try {
            java.lang.reflect.Method setHostnameMethod = ssl.getClass().getMethod("setHostname", String.class);
            setHostnameMethod.invoke(ssl, host);
        } catch (Exception e) {
            Log.d(TlsSniSocketFactory.class.getSimpleName(), "SNI not usable: " + e);
        }
    }

    // verify hostname and certificate
    SSLSession session = ssl.getSession();
    if (!hostnameVerifier.verify(host, session)) {
        throw new SSLPeerUnverifiedException("Cannot verify hostname: " + host);
    }

    return ssl;
}

From source file:org.transdroid.util.IgnoreTlsSniSocketFactory.java

@Override
@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR1)
public Socket createSocket(Socket plainSocket, String host, int port, boolean autoClose) throws IOException {
    if (autoClose) {
        // we don't need the plainSocket
        plainSocket.close();/*w w w  . jav  a  2  s. co m*/
    }

    SSLCertificateSocketFactory sslSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory
            .getDefault(0);

    // For self-signed certificates use a custom trust manager
    sslSocketFactory.setTrustManagers(new TrustManager[] { new IgnoreSSLTrustManager() });

    // create and connect SSL socket, but don't do hostname/certificate verification yet
    SSLSocket ssl = (SSLSocket) sslSocketFactory.createSocket(InetAddress.getByName(host), port);

    // enable TLSv1.1/1.2 if available
    ssl.setEnabledProtocols(ssl.getSupportedProtocols());

    // set up SNI before the handshake
    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) {
        sslSocketFactory.setHostname(ssl, host);
    } else {
        try {
            java.lang.reflect.Method setHostnameMethod = ssl.getClass().getMethod("setHostname", String.class);
            setHostnameMethod.invoke(ssl, host);
        } catch (Exception e) {
            throw new IOException("SNI not usable: " + e, e);
        }
    }

    return ssl;
}

From source file:org.transdroid.daemon.util.TlsSniSocketFactory.java

@Override
@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR1)
public Socket createSocket(Socket plainSocket, String host, int port, boolean autoClose) throws IOException {
    if (autoClose) {
        // we don't need the plainSocket
        plainSocket.close();/*from w  w  w .j a v a  2  s.  co m*/
    }

    SSLCertificateSocketFactory sslSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory
            .getDefault(0);

    // For self-signed certificates use a custom trust manager
    if (acceptAllCertificates) {
        sslSocketFactory.setTrustManagers(new TrustManager[] { new IgnoreSSLTrustManager() });
    } else if (selfSignedCertificateKey != null) {
        sslSocketFactory
                .setTrustManagers(new TrustManager[] { new SelfSignedTrustManager(selfSignedCertificateKey) });
    }

    // create and connect SSL socket, but don't do hostname/certificate verification yet
    SSLSocket ssl = (SSLSocket) sslSocketFactory.createSocket(InetAddress.getByName(host), port);

    // enable TLSv1.1/1.2 if available
    ssl.setEnabledProtocols(ssl.getSupportedProtocols());

    // set up SNI before the handshake
    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) {
        sslSocketFactory.setHostname(ssl, host);
    } else {
        try {
            java.lang.reflect.Method setHostnameMethod = ssl.getClass().getMethod("setHostname", String.class);
            setHostnameMethod.invoke(ssl, host);
        } catch (Exception e) {
            Log.d(TlsSniSocketFactory.class.getSimpleName(), "SNI not usable: " + e);
        }
    }

    // verify hostname and certificate
    SSLSession session = ssl.getSession();
    if (!(acceptAllCertificates || selfSignedCertificateKey != null)
            && !hostnameVerifier.verify(host, session)) {
        throw new SSLPeerUnverifiedException("Cannot verify hostname: " + host);
    }

    /*DLog.d(TlsSniSocketFactory.class.getSimpleName(),
    "Established " + session.getProtocol() + " connection with " + session.getPeerHost() +
          " using " + session.getCipherSuite());*/

    return ssl;
}