List of usage examples for javax.net.ssl SSLSocket setEnabledProtocols
public abstract void setEnabledProtocols(String protocols[]);
From source file:de.vanita5.twittnuker.util.net.ssl.HostResolvedSSLConnectionSocketFactory.java
@Override public Socket createLayeredSocket(final Socket socket, final String target, final int port, final HttpContext context) throws IOException { final SSLSocket sslsock = (SSLSocket) socketfactory.createSocket(socket, target, port, true); if (supportedProtocols != null) { sslsock.setEnabledProtocols(supportedProtocols); }//from ww w .ja va 2 s . c om if (supportedCipherSuites != null) { sslsock.setEnabledCipherSuites(supportedCipherSuites); } prepareSocket(sslsock); // Android specific code to enable SNI if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) { if (socketfactory instanceof SSLCertificateSocketFactory) { if (Log.isLoggable(TAG, Log.DEBUG)) { Log.d(TAG, "Enabling SNI for " + target); } ((SSLCertificateSocketFactory) socketfactory).setHostname(sslsock, target); } } // End of Android specific code sslsock.startHandshake(); verifyHostname(sslsock, target, context); return sslsock; }
From source file:com.eviware.soapui.impl.wsdl.support.http.SoapUIEasySSLProtocolSocketFactory.java
private synchronized Socket enableSocket(SSLSocket socket) { socket.getSession().invalidate();// ww w . j av a 2 s . c o m String protocols = System.getProperty("soapui.https.protocols"); String ciphers = System.getProperty("soapui.https.ciphers"); if (StringUtils.hasContent(protocols)) { socket.setEnabledProtocols(protocols.split(",")); } else if (socket.getSupportedProtocols() != null) { socket.setEnabledProtocols(socket.getSupportedProtocols()); } if (StringUtils.hasContent(ciphers)) { socket.setEnabledCipherSuites(ciphers.split(",")); } else if (socket.getSupportedCipherSuites() != null) { socket.setEnabledCipherSuites(socket.getSupportedCipherSuites()); } return socket; }
From source file:com.dubsar_dictionary.SecureClient.SecureSocketFactory.java
private void setupCrypto(SSLSocket socket) { // Log.d(TAG, "in setupCrypto"); String[] protocols = getEnabledProtocols(); if (protocols != null) { socket.setEnabledProtocols(protocols); }//from ww w .jav a2 s. c om String[] ciphers = getEnabledCipherSuites(); if (ciphers != null) { socket.setEnabledCipherSuites(ciphers); } protocols = socket.getEnabledProtocols(); if (protocols == null) { Log.e(TAG, "protocols is null"); return; } for (String protocol : protocols) { Log.d(TAG, protocol + " is enabled"); } ciphers = socket.getEnabledCipherSuites(); if (ciphers == null) { Log.e(TAG, "ciphers is null"); return; } for (String cipher : ciphers) { Log.d(TAG, cipher + " is enabled"); } // no? // socket.setHandshakeTimeout(mHandshakeTimeoutMillis); }
From source file:com.groupon.odo.bmp.http.TrustingSSLSocketFactory.java
private Socket createSimulatedSocket(SSLSocket socket) { SimulatedSocketFactory.configure(socket); socket.setEnabledProtocols(new String[] { SSLAlgorithm.SSLv3.name(), SSLAlgorithm.TLSv1.name() }); //socket.setEnabledCipherSuites(new String[] { "SSL_RSA_WITH_RC4_128_MD5" }); return new SimulatedSSLSocket(socket, streamManager); }
From source file:org.andstatus.app.net.http.TlsSniSocketFactory.java
@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR1) private void connectWithSNI(SSLSocket ssl, String host) throws SSLPeerUnverifiedException { // set reasonable SSL/TLS settings before the handshake: // - enable all supported protocols (enables TLSv1.1 and TLSv1.2 on Android <4.4.3, if available) ssl.setEnabledProtocols(ssl.getSupportedProtocols()); // - set SNI host name if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) { MyLog.d(this, "Using documented SNI with host name " + host); sslSocketFactory.setHostname(ssl, host); } else {/*from w w w . jav a2 s . co m*/ MyLog.d(this, "No documented SNI support on Android <4.2, trying with reflection"); try { java.lang.reflect.Method setHostnameMethod = ssl.getClass().getMethod("setHostname", String.class); setHostnameMethod.invoke(ssl, host); } catch (Exception e) { MyLog.i(this, "SNI not useable", e); } } // verify hostname and certificate SSLSession session = ssl.getSession(); if (!session.isValid()) { MyLog.i(this, "Invalid session to host:'" + host + "'"); } HostnameVerifier hostnameVerifier = secure ? new BrowserCompatHostnameVerifier() : new AllowAllHostnameVerifier(); if (!hostnameVerifier.verify(host, session)) { throw new SSLPeerUnverifiedException("Cannot verify hostname: " + host); } MyLog.i(this, "Established " + session.getProtocol() + " connection with " + session.getPeerHost() + " using " + session.getCipherSuite()); }
From source file:com.leetchi.api.client.ssl.SSLConnectionSocketFactory.java
public Socket createLayeredSocket(final Socket socket, final String target, final int port, final HttpContext context) throws IOException { final SSLSocket sslsock = (SSLSocket) this.socketfactory.createSocket(socket, target, port, true); // DEBUT PATCH POUR FORCER LA VERSION DE PROTOCOLE // if (supportedProtocols != null) { sslsock.setEnabledProtocols(new String[] { "TLSv1" }); // }//from w w w .j av a 2 s . c o m if (supportedCipherSuites != null) { sslsock.setEnabledCipherSuites(supportedCipherSuites); } prepareSocket(sslsock); sslsock.startHandshake(); verifyHostname(sslsock, target); return sslsock; }
From source file:com.serphacker.serposcope.scraper.http.extensions.ScrapClientSSLConnectionFactory.java
@Override public Socket createLayeredSocket(final Socket socket, final String target, final int port, final HttpContext context) throws IOException { SSLSocketFactory sslSocketFactory = insecure ? insecoreSSLSocketfactory : defaultSSLSocketFactory; final SSLSocket sslsock = (SSLSocket) sslSocketFactory.createSocket(socket, target, port, true); if (supportedProtocols != null) { sslsock.setEnabledProtocols(supportedProtocols); } else {//from w w w .j a v a 2 s.c om // If supported protocols are not explicitly set, remove all SSL protocol versions final String[] allProtocols = sslsock.getEnabledProtocols(); final List<String> enabledProtocols = new ArrayList<String>(allProtocols.length); for (String protocol : allProtocols) { if (!protocol.startsWith("SSL")) { enabledProtocols.add(protocol); } } if (!enabledProtocols.isEmpty()) { sslsock.setEnabledProtocols(enabledProtocols.toArray(new String[enabledProtocols.size()])); } } if (supportedCipherSuites != null) { sslsock.setEnabledCipherSuites(supportedCipherSuites); } if (this.log.isDebugEnabled()) { this.log.debug("Enabled protocols: " + Arrays.asList(sslsock.getEnabledProtocols())); this.log.debug("Enabled cipher suites:" + Arrays.asList(sslsock.getEnabledCipherSuites())); } prepareSocket(sslsock); this.log.debug("Starting handshake"); sslsock.startHandshake(); verifyHostname(sslsock, target); return sslsock; }
From source file:com.googlecode.xremoting.core.commonshttpclient.ssl.AuthSSLProtocolSocketFactory.java
private void doPreConnectSocketStuff(Socket socket) { if (enabledProtocols != null) { if (socket instanceof SSLSocket) { SSLSocket sslSocket = (SSLSocket) socket; sslSocket.setEnabledProtocols(enabledProtocols); }/*from ww w .j a v a 2s. c om*/ } }
From source file:org.dcache.srm.client.FlexibleCredentialSSLConnectionSocketFactory.java
@Override public Socket createLayeredSocket(final Socket socket, final String target, final int port, final HttpContext context) throws IOException { final X509Credential credential = (X509Credential) context .getAttribute(HttpClientTransport.TRANSPORT_HTTP_CREDENTIALS); if (credential == null) { throw new IOException("Client credentials are missing from context."); }//from ww w .j a v a 2 s .co m final SSLContext sslContext; try { sslContext = contextProvider.getContext(credential); } catch (GeneralSecurityException e) { throw new IOException("Failed to create SSLContext: " + e.getMessage(), e); } final SSLSocket sslsock = (SSLSocket) sslContext.getSocketFactory().createSocket(socket, target, port, true); if (supportedProtocols != null) { sslsock.setEnabledProtocols(supportedProtocols); } else { // If supported protocols are not explicitly set, remove all SSL protocol versions final String[] allProtocols = sslsock.getEnabledProtocols(); final List<String> enabledProtocols = new ArrayList<String>(allProtocols.length); for (String protocol : allProtocols) { if (!protocol.startsWith("SSL")) { enabledProtocols.add(protocol); } } if (!enabledProtocols.isEmpty()) { sslsock.setEnabledProtocols(enabledProtocols.toArray(new String[enabledProtocols.size()])); } } if (supportedCipherSuites != null) { sslsock.setEnabledCipherSuites(supportedCipherSuites); } if (LOGGER.isDebugEnabled()) { LOGGER.debug("Enabled protocols: {}", Arrays.asList(sslsock.getEnabledProtocols())); LOGGER.debug("Enabled cipher suites: {}", Arrays.asList(sslsock.getEnabledCipherSuites())); } prepareSocket(sslsock); LOGGER.debug("Starting handshake"); sslsock.startHandshake(); verifyHostname(sslsock, target); return sslsock; }
From source file:com.predic8.membrane.core.transport.ssl.SSLContext.java
public Socket createSocket(InetAddress host, int port, int connectTimeout) throws IOException { Socket s = new Socket(); s.connect(new InetSocketAddress(host, port), connectTimeout); SSLSocketFactory sslsf = sslc.getSocketFactory(); SSLSocket ssls = (SSLSocket) sslsf.createSocket(s, host.getHostName(), port, true); if (protocols != null) { ssls.setEnabledProtocols(protocols); } else {/*from ww w . ja v a 2s. c o m*/ String[] protocols = ssls.getEnabledProtocols(); Set<String> set = new HashSet<String>(); for (String protocol : protocols) { if (protocol.equals("SSLv3") || protocol.equals("SSLv2Hello")) { continue; } set.add(protocol); } ssls.setEnabledProtocols(set.toArray(new String[0])); } applyCiphers(ssls); return ssls; }