geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ga...@apache.org
Subject svn commit: r1441563 - in /geronimo/bundles/trunk/commons-httpclient: pom.xml src/main/java/org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.java src/main/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java
Date Fri, 01 Feb 2013 18:08:46 GMT
Author: gawor
Date: Fri Feb  1 18:08:46 2013
New Revision: 1441563

URL: http://svn.apache.org/viewvc?rev=1441563&view=rev
Log:
GERONIMO-6406: Ability to disable host verification (as it might be needed in certain cases)

Added:
    geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.java
  (with props)
Modified:
    geronimo/bundles/trunk/commons-httpclient/pom.xml
    geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java

Modified: geronimo/bundles/trunk/commons-httpclient/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/bundles/trunk/commons-httpclient/pom.xml?rev=1441563&r1=1441562&r2=1441563&view=diff
==============================================================================
--- geronimo/bundles/trunk/commons-httpclient/pom.xml (original)
+++ geronimo/bundles/trunk/commons-httpclient/pom.xml Fri Feb  1 18:08:46 2013
@@ -74,7 +74,8 @@
                            org/apache/commons/httpclient/protocol/BrowserCompatHostnameVerifier.class=target/classes/org/apache/commons/httpclient/protocol/BrowserCompatHostnameVerifier.class,
                            org/apache/commons/httpclient/protocol/InetAddressUtils.class=target/classes/org/apache/commons/httpclient/protocol/InetAddressUtils.class,
                            org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.class=target/classes/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.class,
-                           org/apache/commons/httpclient/protocol/X509HostnameVerifier.class=target/classes/org/apache/commons/httpclient/protocol/X509HostnameVerifier.class
+                           org/apache/commons/httpclient/protocol/X509HostnameVerifier.class=target/classes/org/apache/commons/httpclient/protocol/X509HostnameVerifier.class,
+                           org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.class=target/classes/org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.class
                         </Include-Resource>  
                     </instructions>
                 </configuration>

Added: geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.java
URL: http://svn.apache.org/viewvc/geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.java?rev=1441563&view=auto
==============================================================================
--- geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.java
(added)
+++ geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.java
Fri Feb  1 18:08:46 2013
@@ -0,0 +1,34 @@
+package org.apache.commons.httpclient.protocol;
+
+import java.io.IOException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocket;
+
+/**
+ * An implementation of {@link X509HostnameVerifier} that allows all host names.
+ * That is, verification of the host name is not done at all.
+ */
+public class AllowAllHostnameVerifier implements X509HostnameVerifier {
+
+    public boolean verify(String host, SSLSession session) {
+        return true;
+    }
+
+    public void verify(String host, SSLSocket ssl) throws IOException {
+    }
+
+    public void verify(String host, X509Certificate cert) throws SSLException {
+    }
+
+    public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException
{
+    }
+    
+    @Override
+    public final String toString() {
+        return "ALLOW_ALL";
+    }
+   
+}

Propchange: geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/AllowAllHostnameVerifier.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java
URL: http://svn.apache.org/viewvc/geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java?rev=1441563&r1=1441562&r2=1441563&view=diff
==============================================================================
--- geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java
(original)
+++ geronimo/bundles/trunk/commons-httpclient/src/main/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java
Fri Feb  1 18:08:46 2013
@@ -54,13 +54,17 @@ import org.apache.commons.logging.Log;
 public class SSLProtocolSocketFactory implements SecureProtocolSocketFactory {
     private static final Log LOG = LogFactory.getLog(SSLProtocolSocketFactory.class);
     
-    private static final X509HostnameVerifier BROWSER_COMPATIBLE_HOSTNAME_VERIFIER = new
BrowserCompatHostnameVerifier();
+    public static final X509HostnameVerifier ALLOW_ALL_HOSTNAME_VERIFIER = 
+            new AllowAllHostnameVerifier();
+    
+    public static final X509HostnameVerifier BROWSER_COMPATIBLE_HOSTNAME_VERIFIER = 
+            new BrowserCompatHostnameVerifier();
     
     /* 
      * Not setting hostnameVerifier directly to BROWSER_COMPATIBLE_HOSTNAME_VERIFIER in case
we need to 
      * add more implementations.
      */    
-    private final X509HostnameVerifier hostnameVerifier;
+    private X509HostnameVerifier hostnameVerifier;
 
     /**
      * The factory singleton.
@@ -71,7 +75,7 @@ public class SSLProtocolSocketFactory im
      * Gets an singleton instance of the SSLProtocolSocketFactory.
      * @return a SSLProtocolSocketFactory
      */
-    static SSLProtocolSocketFactory getSocketFactory() {
+    public static SSLProtocolSocketFactory getSocketFactory() {
         return factory;
     }    
     
@@ -80,7 +84,7 @@ public class SSLProtocolSocketFactory im
      */
     public SSLProtocolSocketFactory() {
         super();
-        hostnameVerifier = BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
+        hostnameVerifier = getDefaultHostnameVerifier();
     }
     
     /**
@@ -189,4 +193,37 @@ public class SSLProtocolSocketFactory im
         return getClass().hashCode();
     }    
     
+    public void setHostnameVerifier(X509HostnameVerifier hostnameVerifier) {
+        if (hostnameVerifier == null) {
+            throw new IllegalArgumentException("Hostname verifier may not be null");
+        }
+        this.hostnameVerifier = hostnameVerifier;
+    }
+    
+    public X509HostnameVerifier getHostnameVerifier() {
+        return hostnameVerifier;
+    }
+    
+    private static X509HostnameVerifier getDefaultHostnameVerifier() {
+        String className = System.getProperty("org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.hostnameVerifier");
+        if (className != null) {
+            if (className.equalsIgnoreCase(BROWSER_COMPATIBLE_HOSTNAME_VERIFIER.toString()))
{
+                return BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
+            } else if (className.equalsIgnoreCase(ALLOW_ALL_HOSTNAME_VERIFIER.toString()))
{
+                return ALLOW_ALL_HOSTNAME_VERIFIER;
+            } else {
+                try {
+                    Class<?> clazz = Class.forName(className);
+                    if (X509HostnameVerifier.class.isAssignableFrom(clazz)) {
+                        Object instance = clazz.newInstance();
+                        return (X509HostnameVerifier)instance;
+                    }
+                } catch (Exception e) {
+                    LOG.warn("Error setting host verifier", e);
+                }
+            }
+        }
+        return BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
+    }
+    
 }



Mime
View raw message