private CertificateException checkServerTrustedByDefault(X509Certificate[] certs, String algorithm) { final X509TrustManager[] trustManagers = getDefaultTrustManagers(); if (trustManagers == null) { return null; } for (int i = 0; i < trustManagers.length; i++) { final X509TrustManager trustManager = trustManagers[i]; try { trustManager.checkServerTrusted(certs, algorithm); } catch (CertificateException e) { return e; } } return null; }
public X509Certificate[] getAcceptedIssuers() { init(); return myTrustedCerts; }
private X509TrustManager[] getDefaultTrustManagers() { if (myDefaultTrustManagers == null && myIsUseKeyStore) { myDefaultTrustManagers = initDefaultTrustManagers(); } return myDefaultTrustManagers; }
return; stored = getStoredServerCertificate(myRealm); if (data.equals(stored)) { return; boolean trustServer = checkServerTrustedByDefault(certs, algorithm); int result; if (trustServer) { storeServerCertificate(myRealm, data, failures); } catch (SVNException e) { throw new SVNSSLUtil.CertificateNotTrustedException("svn: Server SSL ceritificate for '" + myRealm + "' cannot be saved");
private void init() { if (myTrustedCerts != null) { return; } Collection trustedCerts = new ArrayList(); // load trusted certs from files. for (int i = 0; i < myServerCertFiles.length; i++) { X509Certificate cert = loadCertificate(myServerCertFiles[i]); if (cert != null) { trustedCerts.add(cert); } } X509TrustManager[] trustManagers = getDefaultTrustManagers(); for (int i = 0; trustManagers != null && i < trustManagers.length; i++) { X509TrustManager trustManager = trustManagers[i]; X509Certificate[] acceptedCerts = trustManager.getAcceptedIssuers(); for (int c = 0; acceptedCerts != null && c < acceptedCerts.length; c++) { X509Certificate cert = acceptedCerts[c]; trustedCerts.add(cert); } } myTrustedCerts = (X509Certificate[]) trustedCerts.toArray(new X509Certificate[trustedCerts.size()]); }
public TrustManager getTrustManager(SVNURL url) throws SVNException { String host = url.getHost(); Map properties = getHostProperties(host); boolean trustAll = !"no".equalsIgnoreCase((String) properties.get("ssl-trust-default-ca")); // jdk keystore String sslAuthorityFiles = (String) properties.get("ssl-authority-files"); // "pem" files Collection trustStorages = new ArrayList(); if (sslAuthorityFiles != null) { for(StringTokenizer files = new StringTokenizer(sslAuthorityFiles, ";"); files.hasMoreTokens();) { String fileName = files.nextToken(); fileName = fileName == null ? null : fileName.trim(); if (fileName != null && !"".equals(fileName)) { trustStorages.add(new File(fileName)); } } } File[] serverCertFiles = (File[]) trustStorages.toArray(new File[trustStorages.size()]); File authDir = new File(myConfigDirectory, "auth/svn.ssl.server"); return new DefaultSVNSSLTrustManager(authDir, url, serverCertFiles, trustAll, this); }
return; stored = getStoredServerCertificate(myRealm); if (data.equals(stored)) { return; boolean trustServer = checkServerTrustedByDefault(certs, algorithm); int result; if (trustServer) { storeServerCertificate(myRealm, data, failures); } catch (SVNException e) {
private void init() { if (myTrustedCerts != null) { return; } Collection trustedCerts = new ArrayList(); // load trusted certs from files. for (int i = 0; i < myServerCertFiles.length; i++) { X509Certificate cert = loadCertificate(myServerCertFiles[i]); if (cert != null) { trustedCerts.add(cert); } } X509TrustManager[] trustManagers = getDefaultTrustManagers(); for (int i = 0; trustManagers != null && i < trustManagers.length; i++) { X509TrustManager trustManager = trustManagers[i]; X509Certificate[] acceptedCerts = trustManager.getAcceptedIssuers(); for (int c = 0; acceptedCerts != null && c < acceptedCerts.length; c++) { X509Certificate cert = acceptedCerts[c]; trustedCerts.add(cert); } } myTrustedCerts = (X509Certificate[]) trustedCerts.toArray(new X509Certificate[trustedCerts.size()]); }
public TrustManager getTrustManager(SVNURL url) throws SVNException { String host = url.getHost(); Map properties = getHostProperties(host); boolean trustAll = !"no".equalsIgnoreCase((String) properties.get("ssl-trust-default-ca")); // jdk keystore String sslAuthorityFiles = (String) properties.get("ssl-authority-files"); // "pem" files Collection trustStorages = new ArrayList(); if (sslAuthorityFiles != null) { for(StringTokenizer files = new StringTokenizer(sslAuthorityFiles, ";"); files.hasMoreTokens();) { String fileName = files.nextToken(); fileName = fileName == null ? null : fileName.trim(); if (fileName != null && !"".equals(fileName)) { trustStorages.add(new File(fileName)); } } } File[] serverCertFiles = (File[]) trustStorages.toArray(new File[trustStorages.size()]); File authDir = new File(myConfigDirectory, "auth/svn.ssl.server"); return new DefaultSVNSSLTrustManager(authDir, url, serverCertFiles, trustAll, this); }
return; stored = getStoredServerCertificate(myRealm); if (data.equals(stored)) { return; final CertificateException exception = checkServerTrustedByDefault(certs, algorithm); if (exception != null && exception.getMessage().indexOf("Certificates does not conform to algorithm constraints") >= 0) { throw new SVNSSLUtil.CertificateDoesNotConformConstraints("svn: Server SSL certificates chain for '" + myRealm + "' does not conform to algorithm constraints", exception); storeServerCertificate(myRealm, data, failures); } catch (SVNException e) {
private void init() { if (myTrustedCerts != null) { return; } Collection trustedCerts = new ArrayList(); // load trusted certs from files. for (int i = 0; i < myServerCertFiles.length; i++) { X509Certificate cert = loadCertificate(myServerCertFiles[i]); if (cert != null) { trustedCerts.add(cert); } } X509TrustManager[] trustManagers = getDefaultTrustManagers(); for (int i = 0; trustManagers != null && i < trustManagers.length; i++) { X509TrustManager trustManager = trustManagers[i]; X509Certificate[] acceptedCerts = trustManager.getAcceptedIssuers(); for (int c = 0; acceptedCerts != null && c < acceptedCerts.length; c++) { X509Certificate cert = acceptedCerts[c]; trustedCerts.add(cert); } } myTrustedCerts = (X509Certificate[]) trustedCerts.toArray(new X509Certificate[trustedCerts.size()]); }
public X509Certificate[] getAcceptedIssuers() { init(); return myTrustedCerts; }
public TrustManager getTrustManager(SVNURL url) throws SVNException { final ISVNHostOptions hostOptions = getHostOptionsProvider().getHostOptions(url); boolean trustAll = hostOptions.trustDefaultSSLCertificateAuthority(); File[] serverCertFiles = hostOptions.getSSLAuthorityFiles(); File authDir = new File(myConfigDirectory, "auth/svn.ssl.server"); return new DefaultSVNSSLTrustManager(authDir, url, serverCertFiles, trustAll, this); }
private X509TrustManager[] getDefaultTrustManagers() { if (myDefaultTrustManagers == null && myIsUseKeyStore) { myDefaultTrustManagers = initDefaultTrustManagers(); } return myDefaultTrustManagers; }
private boolean checkServerTrustedByDefault(X509Certificate[] certs, String algorithm) { X509TrustManager[] trustManagers = getDefaultTrustManagers(); if (trustManagers == null) { return false; } for (int i = 0; i < trustManagers.length; i++) { X509TrustManager trustManager = trustManagers[i]; boolean trusted = true; try { trustManager.checkServerTrusted(certs, algorithm); } catch (CertificateException e) { trusted = false; } if (trusted) { return true; } } return false; }
public X509Certificate[] getAcceptedIssuers() { init(); return myTrustedCerts; }
private X509TrustManager[] getDefaultTrustManagers() { if (myDefaultTrustManagers == null && myIsUseKeyStore) { myDefaultTrustManagers = initDefaultTrustManagers(); } return myDefaultTrustManagers; }
private boolean checkServerTrustedByDefault(X509Certificate[] certs, String algorithm) { X509TrustManager[] trustManagers = getDefaultTrustManagers(); if (trustManagers == null) { return false; } for (int i = 0; i < trustManagers.length; i++) { X509TrustManager trustManager = trustManagers[i]; boolean trusted = true; try { trustManager.checkServerTrusted(certs, algorithm); } catch (CertificateException e) { trusted = false; } if (trusted) { return true; } } return false; }