- * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s - * that accept self-signed certificates. - *
- *- * This socket factory SHOULD NOT be used for productive systems - * due to security reasons, unless it is a concious decision and - * you are perfectly aware of security implications of accepting - * self-signed certificates - *
- * - *- * Example of using custom protocol socket factory for a specific host: - *
- * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
- *
- * URI uri = new URI("https://localhost/", true);
- * // use relative url only
- * GetMethod httpget = new GetMethod(uri.getPathQuery());
- * HostConfiguration hc = new HostConfiguration();
- * hc.setHost(uri.getHost(), uri.getPort(), easyhttps);
- * HttpClient client = new HttpClient();
- * client.executeMethod(hc, httpget);
- *
- *
- * - * Example of using custom protocol socket factory per default instead of the standard one: - *
- * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
- * Protocol.registerProtocol("https", easyhttps);
- *
- * HttpClient client = new HttpClient();
- * GetMethod httpget = new GetMethod("https://localhost/");
- * client.executeMethod(httpget);
- *
- *
- *
- * @author Oleg Kalnichevski
- *
- * - * DISCLAIMER: HttpClient developers DO NOT actively support this component. - * The component is provided as a reference material, which may be inappropriate - * for use without additional customization. - *
- */ - -public class EasySSLProtocolSocketFactory implements SecureProtocolSocketFactory { - - private SSLContext sslcontext = null; - private static final String TAG = EasySSLProtocolSocketFactory.class.getSimpleName(); - - /** - * Constructor for EasySSLProtocolSocketFactory. - */ - public EasySSLProtocolSocketFactory() { - super(); - } - - private static SSLContext createEasySSLContext() { - SSLContext context = EasySSLProtocolSocketFactory.tryCreateSSLContext("TLSv1.2"); - if (context == null) { - context = EasySSLProtocolSocketFactory.tryCreateSSLContext("TLSv1.1"); - Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to TLSv1.1"); - } - else { - Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to TLSv1.2"); - } - - if (context == null) { - context = EasySSLProtocolSocketFactory.tryCreateSSLContext("TLSv1"); - Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to TLSv1"); - } - - if (context == null) { - context = EasySSLProtocolSocketFactory.tryCreateSSLContext("SSL"); - Log.i(EasySSLProtocolSocketFactory.TAG, "SSLContext set to SSL"); - } - - if (context == null) { - throw new HttpClientError("Failed to create SSLContext"); - } - - try { - context.init( - null, - new TrustManager[] {new EasyX509TrustManager(null)}, - null); - return context; - } catch (Exception e) { - throw new HttpClientError(e.toString()); - } - } - - private static SSLContext tryCreateSSLContext(String ctx) { - try { - return SSLContext.getInstance(ctx); - } catch (NoSuchAlgorithmException e) { - return null; - } - } - - private SSLContext getSSLContext() { - if (sslcontext == null) { - sslcontext = EasySSLProtocolSocketFactory.createEasySSLContext(); - } - return sslcontext; - } - - /** - * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int) - */ - public Socket createSocket( - String host, - int port, - InetAddress clientHost, - int clientPort) - throws IOException { - - return getSSLContext().getSocketFactory().createSocket( - host, - port, - clientHost, - clientPort - ); - } - - /** - * Attempts to get a new socket connection to the given host within the given time limit. - *- * To circumvent the limitations of older JREs that do not support connect timeout a - * controller thread is executed. The controller thread attempts to create a new socket - * within the given limit of time. If socket constructor does not return until the - * timeout expires, the controller terminates and throws an {@link ConnectTimeoutException} - *
- * - * @param host the host name/IP - * @param port the port on the host - * @param params {@link HttpConnectionParams Http connection parameters} - * - * @return Socket a new socket - * - * @throws IOException if an I/O error occurs while creating the socket - * @throws UnknownHostException if the IP address of the host cannot be - * determined - */ - public Socket createSocket( - String host, - int port, - InetAddress localAddress, - int localPort, - HttpConnectionParams params - ) throws IOException { - if (params == null) { - throw new IllegalArgumentException("Parameters may not be null"); - } - int timeout = params.getConnectionTimeout(); - SocketFactory socketfactory = getSSLContext().getSocketFactory(); - if (timeout == 0) { - return socketfactory.createSocket(host, port, localAddress, localPort); - } else { - Socket socket = socketfactory.createSocket(); - SocketAddress localaddr = new InetSocketAddress(localAddress, localPort); - SocketAddress remoteaddr = new InetSocketAddress(host, port); - socket.bind(localaddr); - socket.connect(remoteaddr, timeout); - return socket; - } - } - - /** - * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int) - */ - public Socket createSocket(String host, int port) - throws IOException { - return getSSLContext().getSocketFactory().createSocket( - host, - port - ); - } - - /** - * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean) - */ - public Socket createSocket( - Socket socket, - String host, - int port, - boolean autoClose) - throws IOException { - return getSSLContext().getSocketFactory().createSocket( - socket, - host, - port, - autoClose - ); - } - - public boolean equals(Object obj) { - return ((obj != null) && obj.getClass().equals(EasySSLProtocolSocketFactory.class)); - } - - public int hashCode() { - return EasySSLProtocolSocketFactory.class.hashCode(); - } - -} diff --git a/src/main/java/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java b/src/main/java/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java deleted file mode 100644 index 4bfb12b..0000000 --- a/src/main/java/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java +++ /dev/null @@ -1,103 +0,0 @@ -/* - * ==================================================================== - * - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ==================================================================== - * - * This software consists of voluntary contributions made by many - * individuals on behalf of the Apache Software Foundation. For more - * information on the Apache Software Foundation, please see - *- * EasyX509TrustManager unlike default {@link X509TrustManager} accepts - * self-signed certificates. - *
- *- * This trust manager SHOULD NOT be used for productive systems - * due to security reasons, unless it is a concious decision and - * you are perfectly aware of security implications of accepting - * self-signed certificates - *
- * - * @author Adrian Sutton - * @author Oleg Kalnichevski - * - *- * DISCLAIMER: HttpClient developers DO NOT actively support this component. - * The component is provided as a reference material, which may be inappropriate - * for use without additional customization. - *
- */ - -class EasyX509TrustManager implements X509TrustManager -{ - private X509TrustManager standardTrustManager = null; - - /** - * Constructor for EasyX509TrustManager. - */ - EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException { - super(); - TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); - factory.init(keystore); - TrustManager[] trustmanagers = factory.getTrustManagers(); - if (trustmanagers.length == 0) { - throw new NoSuchAlgorithmException("no trust manager found"); - } - standardTrustManager = (X509TrustManager)trustmanagers[0]; - } - - /** - * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType) - */ - public void checkClientTrusted(X509Certificate[] certificates,String authType) throws CertificateException { - standardTrustManager.checkClientTrusted(certificates,authType); - } - - /** - * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType) - */ - public void checkServerTrusted(X509Certificate[] certificates,String authType) throws CertificateException { - if ((certificates != null) && (certificates.length == 1)) { - certificates[0].checkValidity(); - } else { - standardTrustManager.checkServerTrusted(certificates,authType); - } - } - - /** - * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers() - */ - public X509Certificate[] getAcceptedIssuers() { - return standardTrustManager.getAcceptedIssuers(); - } -} diff --git a/src/main/res/values-ca/strings.xml b/src/main/res/values-ca/strings.xml index db1553f..2d482e7 100644 --- a/src/main/res/values-ca/strings.xml +++ b/src/main/res/values-ca/strings.xml @@ -50,7 +50,7 @@