List of usage examples for javax.net.ssl HttpsURLConnection getDefaultHostnameVerifier
public static HostnameVerifier getDefaultHostnameVerifier()
HostnameVerifier that is inherited by new instances of this class. From source file:com.bytelightning.opensource.pokerface.HelloWorldScriptTest.java
@BeforeClass public static void setUpBeforeClass() throws Exception { PrevSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory(); PrevHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier(); proxy = new PokerFace(); XMLConfiguration conf = new XMLConfiguration(); conf.load(ProxySpecificTest.class.getResource("/HelloWorldTestConfig.xml")); proxy.config(conf);//from w ww .ja v a 2s . c o m boolean started = proxy.start(); Assert.assertTrue("Successful proxy start", started); SSLContext sc = SSLContext.getInstance("TLS"); TrustManager[] trustAllCertificates = { new X509TrustAllManager() }; sc.init(null, trustAllCertificates, new SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; // Just allow them all. } }); }
From source file:com.kenai.redminenb.repository.RedmineManagerFactoryHelper.java
public static HttpClient getTransportConfig() { /**/*from ww w. j a v a 2s . com*/ * Implement a minimal hostname verifier. This is needed to be able to use * hosts with certificates, that don't match the used hostname (VServer). * * This is implemented by first trying the "Browser compatible" hostname * verifier and if that fails, fall back to the default java hostname * verifier. * * If the default case the hostname verifier in java always rejects, but * for netbeans the "SSL Certificate Exception" module is available that * catches this and turns a failure into a request to the GUI user. */ X509HostnameVerifier hostnameverified = new X509HostnameVerifier() { @Override public void verify(String string, SSLSocket ssls) throws IOException { if (SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER.verify(string, ssls.getSession())) { return; } if (!HttpsURLConnection.getDefaultHostnameVerifier().verify(string, ssls.getSession())) { throw new SSLException("Hostname did not verify"); } } @Override public void verify(String string, X509Certificate xc) throws SSLException { throw new SSLException("Check not implemented yet"); } @Override public void verify(String string, String[] strings, String[] strings1) throws SSLException { throw new SSLException("Check not implemented yet"); } @Override public boolean verify(String string, SSLSession ssls) { if (SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER.verify(string, ssls)) { return true; } return HttpsURLConnection.getDefaultHostnameVerifier().verify(string, ssls); } }; try { SSLConnectionSocketFactory scsf = new SSLConnectionSocketFactory(SSLContext.getDefault(), hostnameverified); HttpClient hc = HttpClientBuilder.create() .setRoutePlanner(new SystemDefaultRoutePlanner(ProxySelector.getDefault())) .setSSLSocketFactory(scsf).build(); return hc; } catch (NoSuchAlgorithmException ex) { throw new RuntimeException(ex); } }
From source file:uk.me.sa.android.notify_smtp.net.AuthSMTPTLSClient.java
public AuthSMTPTLSClient() throws NoSuchAlgorithmException { super("TLS", "UTF-8"); setHostnameVerifier(HttpsURLConnection.getDefaultHostnameVerifier()); addProtocolCommandListener(this); }
From source file:com.fuzhouxiu.coretransfer.net.core.TcpSocket.java
/** Creates a new UdpSocket */ public TcpSocket(IpAddress ipaddr, int port, String host) throws java.io.IOException { // socket = new Socket(ipaddr.getInetAddress(), port); modified SSLSocketFactory f = (SSLSocketFactory) SSLSocketFactory.getSocketFactory(); if (host == null) socket = new Socket(); else//from w ww . j ava2 s. com socket = f.createSocket(); if (lock) throw new java.io.IOException(); lock = true; try { socket.connect(new InetSocketAddress(ipaddr.toString(), port), Thread.currentThread().getName().equals("main") ? 1000 : 10000); } catch (java.io.IOException e) { lock = false; throw e; } if (host != null) { HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier(); SSLSession s = ((SSLSocket) socket).getSession(); if (!hv.verify(host, s)) { lock = false; throw new java.io.IOException(); } } lock = false; }
From source file:at.gv.egiz.bku.spring.ConfigurableHostnameVerifier.java
@Override public boolean verify(String hostname, SSLSession session) { if (configurationFacade.disableAllSslChecks() || configurationFacade.disableSslHostnameVerification()) { return true; } else {//from ww w. jav a 2s . c o m return HttpsURLConnection.getDefaultHostnameVerifier().verify(hostname, session); } }
From source file:org.qi4j.library.http.AbstractSecureJettyTest.java
@BeforeClass public static void beforeSecureClass() throws IOException, GeneralSecurityException { defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier(); defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory(); HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { public boolean verify(String string, SSLSession ssls) { return true; }/* www . j av a 2 s .c o m*/ }); KeyStore truststore = KeyStore.getInstance("JCEKS"); truststore.load(new FileInputStream(TRUSTSTORE_FILE), KS_PASSWORD.toCharArray()); SSLContext sslCtx = SSLContext.getInstance("TLS"); TrustManagerFactory caTrustManagerFactory = TrustManagerFactory.getInstance(getX509Algorithm()); caTrustManagerFactory.init(truststore); sslCtx.init(null, caTrustManagerFactory.getTrustManagers(), null); HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory()); }
From source file:android.net.SSLCertificateSocketFactory.java
/** * Verify the hostname of the certificate used by the other end of a * connected socket. You MUST call this if you did not supply a hostname * to {@link #createSocket()}. It is harmless to call this method * redundantly if the hostname has already been verified. * * <p>Wildcard certificates are allowed to verify any matching hostname, * so "foo.bar.example.com" is verified if the peer has a certificate * for "*.example.com".//from w ww . j a va 2 s . co m * * @param socket An SSL socket which has been connected to a server * @param hostname The expected hostname of the remote server * @throws IOException if something goes wrong handshaking with the server * @throws SSLPeerUnverifiedException if the server cannot prove its identity * * @hide */ public static void verifyHostname(Socket socket, String hostname) throws IOException { if (!(socket instanceof SSLSocket)) { throw new IllegalArgumentException("Attempt to verify non-SSL socket"); } if (!isSslCheckRelaxed()) { // The code at the start of OpenSSLSocketImpl.startHandshake() // ensures that the call is idempotent, so we can safely call it. SSLSocket ssl = (SSLSocket) socket; ssl.startHandshake(); SSLSession session = ssl.getSession(); if (session == null) { throw new SSLException("Cannot verify SSL socket without session"); } if (!HttpsURLConnection.getDefaultHostnameVerifier().verify(hostname, session)) { throw new SSLPeerUnverifiedException("Cannot verify hostname: " + hostname); } } }
From source file:net.myrrix.client.ClientRecommender.java
private SSLSocketFactory buildSSLSocketFactory() throws IOException { final HostnameVerifier defaultVerifier = HttpsURLConnection.getDefaultHostnameVerifier(); HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { @Override//from w w w .j a va2s .c om public boolean verify(String hostname, SSLSession sslSession) { return ignoreHTTPSHost || "localhost".equals(hostname) || "127.0.0.1".equals(hostname) || defaultVerifier.verify(hostname, sslSession); } }); try { KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); File trustStoreFile = config.getKeystoreFile().getAbsoluteFile(); String password = config.getKeystorePassword(); Preconditions.checkNotNull(password); InputStream in = new FileInputStream(trustStoreFile); try { keyStore.load(in, password.toCharArray()); } finally { in.close(); } TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(keyStore); SSLContext ctx; try { ctx = SSLContext.getInstance("TLSv1.1"); // Java 7 only } catch (NoSuchAlgorithmException ignored) { log.info("TLSv1.1 unavailable, falling back to TLSv1"); ctx = SSLContext.getInstance("TLSv1"); // Java 6 // This also seems to be necessary: if (System.getProperty("https.protocols") == null) { System.setProperty("https.protocols", "TLSv1"); } } ctx.init(null, tmf.getTrustManagers(), null); return ctx.getSocketFactory(); } catch (NoSuchAlgorithmException nsae) { // can't happen? throw new IllegalStateException(nsae); } catch (KeyStoreException kse) { throw new IOException(kse); } catch (KeyManagementException kme) { throw new IOException(kme); } catch (CertificateException ce) { throw new IOException(ce); } }
From source file:ch.lipsch.subsonic4j.internal.SubsonicServiceImpl.java
private synchronized void allowUntrustedCerts() throws KeyManagementException, NoSuchAlgorithmException { SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(new KeyManager[0], new TrustManager[] { new DefaultTrustManager() }, new SecureRandom()); SSLContext.setDefault(ctx);//from w w w .j a va 2s . com HostnameVerifier hv = new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }; defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier(); HttpsURLConnection.setDefaultHostnameVerifier(hv); }