private void processHandshakeFailure(Socket raw) throws Exception { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, new TrustManager[] {UNTRUSTED_TRUST_MANAGER}, new SecureRandom()); SSLSocketFactory sslSocketFactory = context.getSocketFactory(); SSLSocket socket = (SSLSocket) sslSocketFactory.createSocket( raw, raw.getInetAddress().getHostAddress(), raw.getPort(), true); try { socket.startHandshake(); // we're testing a handshake failure throw new AssertionError(); } catch (IOException expected) { } socket.close(); }
/** * Create a secure client socket that is connected to the given address and * port. * * @param address the address to connect to * @param port the port * @return the socket */ public static Socket createSocket(InetAddress address, int port) throws IOException { Socket socket = null; setKeystore(); SSLSocketFactory f = (SSLSocketFactory) SSLSocketFactory.getDefault(); SSLSocket secureSocket = (SSLSocket) f.createSocket(); secureSocket.connect(new InetSocketAddress(address, port), SysProperties.SOCKET_CONNECT_TIMEOUT); secureSocket.setEnabledProtocols( disableSSL(secureSocket.getEnabledProtocols())); if (SysProperties.ENABLE_ANONYMOUS_TLS) { String[] list = enableAnonymous( secureSocket.getEnabledCipherSuites(), secureSocket.getSupportedCipherSuites()); secureSocket.setEnabledCipherSuites(list); } socket = secureSocket; return socket; }
if (socket instanceof SSLSocket) { try { this.handshake = Handshake.get(((SSLSocket) socket).getSession()); } catch (IOException e) { throw new IllegalArgumentException(e); InetAddress inetAddress = socket.getLocalAddress(); String hostname = inetAddress.getHostName(); if (inetAddress instanceof Inet6Address) { hostname = "[" + hostname + "]"; int localPort = socket.getLocalPort();
/** Applies this spec to {@code sslSocket}. */ void apply(SSLSocket sslSocket, boolean isFallback) { ConnectionSpec specToApply = supportedSpec(sslSocket, isFallback); if (specToApply.tlsVersions != null) { sslSocket.setEnabledProtocols(specToApply.tlsVersions); } if (specToApply.cipherSuites != null) { sslSocket.setEnabledCipherSuites(specToApply.cipherSuites); } }
public void configure(final SSLContext context, final SSLSocket sslSocket) { sslSocket.setUseClientMode(clientMode); final SSLParameters sslParameters = sslSocket.getSSLParameters(); configure(sslParameters, sslSocket.getSupportedProtocols(), sslSocket.getSupportedCipherSuites()); sslSocket.setSSLParameters(sslParameters); }
List<String> enabledProtocols = new ArrayList<String>(Arrays.asList(delegate.getEnabledProtocols())); if (enabledProtocols.size() > 1) { enabledProtocols.remove("SSLv3"); return delegate.getSupportedCipherSuites(); return delegate.getEnabledCipherSuites(); delegate.setEnabledCipherSuites(suites); return delegate.getSupportedProtocols(); return delegate.getEnabledProtocols(); delegate.setEnabledProtocols(protocols); return delegate.getSession(); delegate.addHandshakeCompletedListener(listener); delegate.removeHandshakeCompletedListener(listener); delegate.startHandshake(); delegate.setUseClientMode(mode); return delegate.getUseClientMode(); delegate.setNeedClientAuth(need);
LOG.info("connecting to {} {}", host, port); Socket sock; InetSocketAddress hostaddress= host != null ? new InetSocketAddress(host, port) : new InetSocketAddress(InetAddress.getByName(null), port); if (secure) { LOG.info("using secure socket"); try (X509Util x509Util = new ClientX509Util()) { SSLContext sslContext = x509Util.getDefaultSSLContext(); SSLSocketFactory socketFactory = sslContext.getSocketFactory(); SSLSocket sslSock = (SSLSocket) socketFactory.createSocket(); sslSock.connect(hostaddress, timeout); sslSock.startHandshake(); sock = sslSock; sock = new Socket(); sock.connect(hostaddress, timeout); sock.setSoTimeout(timeout); BufferedReader reader = null; try {
private void upgradeToTls(Socket socket) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException { KeyStore keyStore = keyStoreProvider.getKeyStore(); String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm(); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm); keyManagerFactory.init(keyStore, keyStoreProvider.getPassword()); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagerFactory.getKeyManagers(), null, null); SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory(); SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket( socket, socket.getInetAddress().getHostAddress(), socket.getPort(), true); sslSocket.setUseClientMode(false); sslSocket.startHandshake(); input = Okio.buffer(Okio.source(sslSocket.getInputStream())); output = Okio.buffer(Okio.sink(sslSocket.getOutputStream())); }
public Socket connect() throws GeneralSecurityException, IOException { Socket socket; SocketAddress sockaddr = new InetSocketAddress(host, port); if (isSsl()) { final SSLContext sslContext = getSSLContextInstance(); final KeyManager[] keyManagers = getKeyManagers(); final TrustManager[] trustManagers = getTrustManagers(); sslContext.init(keyManagers, trustManagers, null /* use the default secure random */); javax.net.SocketFactory socketFactory = sslContext.getSocketFactory(); socket = socketFactory.createSocket(); socket.connect(sockaddr, Math.max(timeout, 0)); if (socket instanceof SSLSocket) { SSLSocket sslSocket = (SSLSocket) socket; sslSocket.setUseClientMode(true); sslSocket.setEnableSessionCreation(true); if (timeout > 0) { sslSocket.setSoTimeout(timeout); sslSocket.setEnabledProtocols(protocols.split(" ")); sslSocket.setEnabledCipherSuites(ciphers.split(" ")); sslSocket.startHandshake(); socket = new Socket(); socket.connect(sockaddr, Math.max(timeout, 0));
@Override public void run() { try { SSLContext sc = SSLContext.getInstance("TLSv1.2"); sc.init(null, new TrustManager[]{new NaiveTrustManager()}, new java.security.SecureRandom()); try (SSLSocket connection = (SSLSocket) sc.getSocketFactory().createSocket(serverAddress.getAddress(), serverAddress.getPort())) { OutputStream os = connection.getOutputStream(); connection.startHandshake(); handshaked.countDown(); os.write(payload); os.flush(); } } catch (Exception e) { e.printStackTrace(System.err); } }
/** * Creates test client. * * @param sock Socket to use. * @param addr Address to connect to. * @param port Port to connect to. * @param connTimeout Connection timeout. * @throws IgniteCheckedException If connect failed. */ private TestClient(Socket sock, InetAddress addr, int port, int connTimeout) throws IgniteCheckedException { this.sock = sock; try { sock.connect(new InetSocketAddress(addr, port), connTimeout); if (sock instanceof SSLSocket) ((SSLSocket)sock).startHandshake(); out = sock.getOutputStream(); in = sock.getInputStream(); } catch (IOException e) { close(); throw new IgniteCheckedException(e); } }
SSLSocketFactory factory = m_ctx.getSocketFactory(); SSLSocket ss = (SSLSocket)factory.createSocket(s, host, port, autoClose); ss.setEnabledProtocols(m_protocols); ss.setEnabledCipherSuites(m_ciphers); ss.setEnabledProtocols(m_protocols); ss.setEnabledCipherSuites(m_ciphers); ss.setEnabledProtocols(m_protocols); ss.setEnabledCipherSuites(m_ciphers); ss.setEnabledProtocols(m_protocols); ss.setEnabledCipherSuites(m_ciphers); SSLSocket ss = (SSLSocket)factory.createSocket(host, port); ss.setEnabledProtocols(m_protocols); ss.setEnabledCipherSuites(m_ciphers); socket = (SSLSocket)factory.createSocket(); availableProtocols = socket.getSupportedProtocols(); Arrays.sort(availableProtocols); socket.close();
socket = socketFactory.createSocket(host, port); socket = new Socket(); socket.connect(new InetSocketAddress(host, port), connectionTimeout); sslSocket = (SSLSocket) ((SSLSocketFactory)socketFactory).createSocket(socket, host, port, true); sslSocket = (SSLSocket) (getDefaultSSLSocketFactory(trustAll)).createSocket(socket, host, port, true); sslSocket.setEnabledProtocols(values); sslSocket.setSSLParameters(sslParams);
return; socket = sslSocketFactory.createSocket(raw, raw.getInetAddress().getHostAddress(), raw.getPort(), true); SSLSocket sslSocket = (SSLSocket) socket; sslSocket.setUseClientMode(false); if (clientAuth == CLIENT_AUTH_REQUIRED) { sslSocket.setNeedClientAuth(true); } else if (clientAuth == CLIENT_AUTH_REQUESTED) { sslSocket.setWantClientAuth(true); sslSocket.startHandshake(); logger.warning(MockWebServer.this + " connection from " + raw.getInetAddress() + " didn't make a request");
public static Socket createSSLSocket(KeyManager[] keyManagers, TrustManager trustManager, String host, int port, int connectTimeout, int readTimeout, ISVNCanceller cancel) throws IOException, SVNCancelException { InetAddress address = createAddres(host); Socket sslSocket = createSSLContext(keyManagers, trustManager).getSocketFactory().createSocket(); InetSocketAddress socketAddress = new InetSocketAddress(address, port); connect(sslSocket, socketAddress, connectTimeout, cancel); sslSocket.setReuseAddress(true); sslSocket.setTcpNoDelay(true); sslSocket.setKeepAlive(true); sslSocket.setSoLinger(true, 0); sslSocket.setSoTimeout(readTimeout); ((SSLSocket) sslSocket).setEnabledProtocols(new String[] {"SSLv3"}); return sslSocket; }
public synchronized SSLSocket wrapSocket(Socket socket) throws IOException { // ssl socket factory javax.net.ssl.SSLSocketFactory sslSocketFactory = keyStoreFactory().sslContext().getSocketFactory(); // ssl socket SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(socket, socket.getInetAddress().getHostAddress(), socket.getPort(), true); sslSocket.setUseClientMode(true); sslSocket.startHandshake(); return sslSocket; } }
@Override public void run() { try { DataInputStream input = new DataInputStream(socket.getInputStream()); DataOutputStream output = new DataOutputStream(socket.getOutputStream()); while (socket.isConnected() && !socket.isClosed()) { int size = input.readInt(); if (renegotiate.get()) { renegotiate.set(false); ((SSLSocket) socket).startHandshake(); } byte[] bytes = new byte[size]; input.readFully(bytes); output.writeInt(size); output.write(bytes); output.flush(); } } catch (IOException e) { // ignore } finally { try { socket.close(); } catch (IOException e) { // ignore } } } };
initSslContext(); SSLSocketFactory ssf = context.getSocketFactory(); String host = (_hostname_ != null) ? _hostname_ : getRemoteAddress().getHostAddress(); int port = _socket_.getPort(); SSLSocket socket = (SSLSocket) ssf.createSocket(_socket_, host, port, false); socket.setEnableSessionCreation(isCreation); socket.setUseClientMode(isClientMode); socket.setNeedClientAuth(isNeedClientAuth); socket.setWantClientAuth(isWantClientAuth); socket.setEnabledProtocols(protocols); socket.setEnabledCipherSuites(suites); socket.startHandshake(); socket .getInputStream(), getControlEncoding())); _controlOutput_ = new BufferedWriter(new OutputStreamWriter( socket.getOutputStream(), getControlEncoding())); if (hostnameVerifier != null && !hostnameVerifier.verify(host, socket.getSession())) { throw new SSLHandshakeException("Hostname doesn't match certificate");
@Override public Socket createSocket(final String host, final int port, final InetAddress localAddress, final int localPort, final HttpConnectionParams params) throws IOException { final Socket socket = this.sslContext.getSocketFactory().createSocket(); ((SSLSocket) socket).setEnabledProtocols(this.config.getSSLProtocolos()); socket.bind(new InetSocketAddress(localAddress, localPort)); socket.connect(new InetSocketAddress(host, port), 60000); return socket; }
context = SSLContext.getInstance("TLS"); customTrustManagers = new TrustManager[] { customTrustManager }; context.init(kms, customTrustManagers, secureRandom); socket = context.getSocketFactory().createSocket(plain, config.getXMPPServiceDomain().toString(), plain.getPort(), true); sslSocket.startHandshake(); if (verifier == null) { throw new IllegalStateException("No HostnameVerifier set. Use connectionConfiguration.setHostnameVerifier() to configure."); } else if (!verifier.verify(getXMPPServiceDomain().toString(), sslSocket.getSession())) { throw new CertificateException("Hostname verification of certificate failed. Certificate does not authenticate " + getXMPPServiceDomain());