List of usage examples for javax.net.ssl SSLSocket getInetAddress
public InetAddress getInetAddress()
From source file:ie.aib.nbp.aibssl.AibHostVerifier.java
@Override public void verify(String host, SSLSocket ssl) throws IOException { String sslHost = ssl.getInetAddress().getHostName(); System.out.println("Host=" + host); System.out.println("SSL Host=" + sslHost); if (host.equals(sslHost)) { return;/*from w ww.j a va 2 s.c o m*/ } else { throw new IOException("hostname in certificate didn't match: " + host + " != " + sslHost); } }
From source file:edu.gmu.isa681.server.Server.java
/** * Spawns a <code>SessionHandler</code> for the given SSL connection. * @param sslSocket/*from ww w .jav a 2 s. c o m*/ */ private void handleRequest(SSLSocket sslSocket) { SessionHandler handler = new SessionHandler(sslSocket); Thread thread = new Thread(handler, "RequestHandler[" + sslSocket.getInetAddress().toString() + "]"); thread.setDaemon(true); thread.start(); }
From source file:org.hyperic.hq.bizapp.agent.server.SSLConnectionListener.java
private SSLServerConnection handleNewConn(SSLSocket sock) throws AgentConnectionException, SocketTimeoutException { SSLServerConnection res;// ww w .ja va2 s. co m InetAddress remoteAddr; TokenData token; String authToken; boolean doSave; remoteAddr = sock.getInetAddress(); this.log.debug("Handling SSL connection from " + remoteAddr); res = new SSLServerConnection(sock); // Validate the actual auth token which is sent try { DataInputStream dIs; dIs = new DataInputStream(sock.getInputStream()); this.log.debug("Starting to read authToken for SSL connection"); authToken = dIs.readUTF(); this.log.debug("Finished reading authToken for SSL connection"); } catch (SocketTimeoutException exc) { throw exc; } catch (IOException exc) { throw new AgentConnectionException("Error negotiating auth: " + exc.getMessage(), exc); } // Set the token from pending to locked, if need be doSave = false; try { token = this.tokenManager.getToken(authToken); } catch (TokenNotFoundException exc) { this.log.error( "Rejecting client from " + remoteAddr + ": Passed an invalid auth token (" + authToken + ")", exc); // Due to 20 second expiration, the tokens in the manager // may not match what is in the tokendata. List l = this.tokenManager.getTokens(); for (Iterator i = l.iterator(); i.hasNext();) { TokenData data = (TokenData) i.next(); this.log.debug("Token: " + data.getToken() + ":" + data.getCreateTime() + ":" + (data.isLocked() ? "locked" : "pending")); } try { res.readCommand(); res.sendErrorResponse("Unauthorized"); } catch (AgentConnectionException iExc) { log.debug(iExc, iExc); } catch (EOFException e) { log.debug(e, e); } throw new AgentConnectionException("Client from " + remoteAddr + " unauthorized"); } if (!token.isLocked()) { try { this.log.info("Locking auth token"); this.tokenManager.setTokenLocked(token, true); doSave = true; } catch (TokenNotFoundException exc) { // This should never occur this.log.error("Error setting token '" + token + "' to " + "locked state -- it no longer exists"); } } // If set the token, re-store the data. if (doSave) { try { this.tokenManager.store(); } catch (IOException exc) { this.log.error("Error storing token data: " + exc.getMessage()); } } this.log.debug("Done connecting SSL"); return res; }
From source file:org.kuali.mobility.push.dao.PushDaoImpl.java
private SSLSocket openConnectionToAPNS(String host, int port, String key, String passphrase) { SSLSocket socket; try {/* www . j a v a 2 s . c o m*/ KeyStore keyStore = KeyStore.getInstance("PKCS12"); // keyStore.load(Thread.currentThread().getContextClassLoader().getResourceAsStream("newcert.p12"), "strange word to use".toCharArray()); // keyStore.load(getClass().getResourceAsStream("/newcert.p12"), "strange word to use".toCharArray()); // keyStore.load(this.getClass().getClassLoader().getResourceAsStream("newcert.p12"), "strange word to use".toCharArray()); // This works when built with Eclipse, but not when built from command line. // Has to do with where the build system puts /resources/*.p12 file // keyStore.load(this.getClass().getClassLoader().getResourceAsStream(key), "strange word to use".toCharArray()); // Currently only works when read from the server's FS. Won't currently read from within eclipse project. // Putting it in /opt/kme/push prevents naming conflicts. keyStore.load(new FileInputStream("/opt/kme/push/newcert.p12"), "strange word to use".toCharArray()); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("sunx509"); keyManagerFactory.init(keyStore, "strange word to use".toCharArray()); TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("sunx509"); trustManagerFactory.init(keyStore); SSLContext sslCtx = SSLContext.getInstance("TLS"); sslCtx.init(keyManagerFactory.getKeyManagers(), null, null); SSLSocketFactory sslSocketFactory = sslCtx.getSocketFactory(); socket = (SSLSocket) sslSocketFactory.createSocket(host, port); socket.startHandshake(); //Diagnostic output Enumeration e = keyStore.aliases(); LOG.info(e.toString()); while (e.hasMoreElements()) { LOG.info("Alias: " + e.nextElement().toString()); } String not = (socket.isConnected()) ? "" : "NOT "; LOG.info("SSLSocket is " + not + "Connected"); LOG.info("Connected to: " + socket.getInetAddress().getCanonicalHostName()); LOG.info("Connected to: " + socket.getInetAddress().getHostAddress()); String cs[] = socket.getEnabledCipherSuites(); LOG.info("CipherSuites: " + Arrays.toString(cs)); String ep[] = socket.getEnabledProtocols(); LOG.info("Enabled Protocols: " + Arrays.toString(ep)); LOG.info("Timeout: " + socket.getSoTimeout()); LOG.info("Send Buffer Size: " + socket.getSendBufferSize()); return socket; } catch (Exception e) { e.printStackTrace(); } return null; }
From source file:org.lockss.protocol.BlockingStreamComm.java
protected void handshake(SSLSocket s) throws SSLPeerUnverifiedException { long oldTimeout = -2; try {//from ww w . j av a2s.c om oldTimeout = s.getSoTimeout(); if (absTimeout(paramSslHandshakeTimeout) < absTimeout(oldTimeout)) { s.setSoTimeout((int) paramSslHandshakeTimeout); } } catch (SocketException e) { log.warning("Couldn't save/set socket timeout before handshake", e); } try { SSLSession session = s.getSession(); java.security.cert.Certificate[] certs = session.getPeerCertificates(); log.debug(session.getPeerHost() + " via " + session.getProtocol() + " verified"); } catch (SSLPeerUnverifiedException ex) { log.error(s.getInetAddress() + ":" + s.getPort() + " not verified"); try { s.close(); } catch (IOException ex2) { log.error("Socket close threw " + ex2); } throw ex; } finally { if (!s.isClosed() && absTimeout(paramSslHandshakeTimeout) < absTimeout(oldTimeout)) { try { s.setSoTimeout((int) oldTimeout); } catch (SocketException e) { log.warning("Couldn't restore socket timeout after handshake", e); } } } }