/** * Ensure Https verification is disabled or matches given certificates */ public void handle(URLConnection connection) throws Exception { if (connection instanceof HttpsURLConnection && matches(connection)) { init(); if ( certificates.isEmpty()) trace("Https verification for %s is DISABLED", connection.getURL()); HttpsURLConnection https = (HttpsURLConnection) connection; https.setSSLSocketFactory(factory); https.setHostnameVerifier(verifier); } }
List<X509Certificate> createCertificates(String paths) throws FileNotFoundException, CertificateException, IOException { List<X509Certificate> certificates = new ArrayList<>(); if (paths != null) { getCertificates(paths, certificates); } else if (certificateChain != null) { Collections.addAll(certificates, certificateChain); } return certificates; }
public HttpsVerification(String certificates, boolean hostnameVerify, Reporter reporter) { certificatesPath = certificates; this.verify = hostnameVerify; this.setReporter(reporter); }
/** * Ensure Https verification is disabled or matches given certificates */ @Override public void handle(URLConnection connection) throws Exception { if (connection instanceof HttpsURLConnection && matches(connection)) { HttpsURLConnection https = (HttpsURLConnection) connection; init(); https.setSSLSocketFactory(factory); https.setHostnameVerifier(verifier); } }
SettingsURLConnectionHandler(ServerDTO serverDTO, Processor processor) { match = new Glob(serverDTO.match != null ? serverDTO.match : serverDTO.id); if (serverDTO.password == null) { handler = null; } else if (serverDTO.username != null) { handler = new BasicAuthentication(serverDTO.username, serverDTO.password, processor); } else { handler = new BearerAuthentication(serverDTO.password, processor); } // verify=false, trust.isEmpty -> void default check // verify=false, !trust.isEmpty -> ignore // verify=true, trust.isEmpty -> use default check // verify=true, !trust.isEmpty -> verify against given certs boolean hasCerts = serverDTO.trust != null && !serverDTO.trust.isEmpty(); if (serverDTO.verify == false || hasCerts) https = new HttpsVerification(serverDTO.trust, serverDTO.verify, processor); else https = null; // verify & no certs ==> default }
/** * Initialize the SSL Context, factory and verifier. * * @throws NoSuchAlgorithmException * @throws KeyManagementException * @throws IOException * @throws CertificateException * @throws FileNotFoundException * @throws InvalidAlgorithmParameterException */ private synchronized void init() throws NoSuchAlgorithmException, KeyManagementException, FileNotFoundException, CertificateException, IOException, InvalidAlgorithmParameterException { if (factory == null) { TrustManager[] trustManagers = new TrustManager[0]; trustManagers = new TrustManager[] { new LocalTrustManager(verify, createCertificates(certificatesPath)) }; SSLContext context = SSLContext.getInstance("TLS"); context.init(null, trustManagers, new SecureRandom()); factory = context.getSocketFactory(); verifier = new HostnameVerifier() { @Override public boolean verify(String string, SSLSession session) { return verify; } }; } }
/** * Ensure Https verification is disabled or matches given certificates */ @Override public void handle(URLConnection connection) throws Exception { if (connection instanceof HttpsURLConnection && matches(connection)) { HttpsURLConnection https = (HttpsURLConnection) connection; init(); https.setSSLSocketFactory(factory); https.setHostnameVerifier(verifier); } }
SettingsURLConnectionHandler(ServerDTO serverDTO, Processor processor) { match = new Glob(serverDTO.match != null ? serverDTO.match : serverDTO.id); if (serverDTO.password == null) { handler = null; } else if (serverDTO.username != null) { handler = new BasicAuthentication(serverDTO.username, serverDTO.password, processor); } else { handler = new BearerAuthentication(serverDTO.password, processor); } // verify=false, trust.isEmpty -> void default check // verify=false, !trust.isEmpty -> ignore // verify=true, trust.isEmpty -> use default check // verify=true, !trust.isEmpty -> verify against given certs boolean hasCerts = serverDTO.trust != null && !serverDTO.trust.isEmpty(); if (serverDTO.verify == false || hasCerts) https = new HttpsVerification(serverDTO.trust, serverDTO.verify, processor); else https = null; // verify & no certs ==> default }
/** * Initialize the SSL Context, factory and verifier. * * @throws NoSuchAlgorithmException * @throws KeyManagementException * @throws IOException * @throws CertificateException * @throws FileNotFoundException * @throws InvalidAlgorithmParameterException */ private synchronized void init() throws NoSuchAlgorithmException, KeyManagementException, FileNotFoundException, CertificateException, IOException, InvalidAlgorithmParameterException { if (factory == null) { TrustManager[] trustManagers = new TrustManager[0]; trustManagers = new TrustManager[] { new LocalTrustManager(verify, createCertificates(certificatesPath)) }; SSLContext context = SSLContext.getInstance("TLS"); context.init(null, trustManagers, new SecureRandom()); factory = context.getSocketFactory(); verifier = new HostnameVerifier() { @Override public boolean verify(String string, SSLSession session) { return verify; } }; } }
/** * Ensure Https verification is disabled or matches given certificates */ public void handle(URLConnection connection) throws Exception { if (connection instanceof HttpsURLConnection && matches(connection)) { init(); if ( certificates.isEmpty()) trace("Https verification for %s is DISABLED", connection.getURL()); HttpsURLConnection https = (HttpsURLConnection) connection; https.setSSLSocketFactory(factory); https.setHostnameVerifier(verifier); } }
public HttpsVerification(String certificates, boolean hostnameVerify, Reporter reporter) { certificatesPath = certificates; this.verify = hostnameVerify; this.setReporter(reporter); }
List<X509Certificate> createCertificates(String paths) throws FileNotFoundException, CertificateException, IOException { List<X509Certificate> certificates = new ArrayList<>(); if (paths != null) { getCertificates(paths, certificates); } else if (certificateChain != null) { Collections.addAll(certificates, certificateChain); } return certificates; }
public HttpsVerification(X509Certificate[] certificateChain, boolean b, Reporter hc) { this.certificateChain = certificateChain; this.verify = b; this.setReporter(hc); }
f.format(" %s%n", file); List<X509Certificate> certificates = new ArrayList<>(); HttpsVerification.getCertificates(path, certificates); for (X509Certificate certificate : certificates) { f.format(" Subject %s%n", certificate.getSubjectDN());
public HttpsVerification(X509Certificate[] certificateChain, boolean b, Reporter hc) { this.certificateChain = certificateChain; this.verify = b; this.setReporter(hc); }
f.format(" %s%n", file); List<X509Certificate> certificates = new ArrayList<>(); HttpsVerification.getCertificates(path, certificates); for (X509Certificate certificate : certificates) { f.format(" Subject %s%n", certificate.getSubjectDN());