1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
|
21 |
|
|
22 |
|
|
23 |
|
|
24 |
|
|
25 |
|
|
26 |
|
|
27 |
|
|
28 |
|
package net.sourceforge.subsonic.androidapp.service.ssl; |
29 |
|
|
30 |
|
import org.apache.http.conn.ConnectTimeoutException; |
31 |
|
import org.apache.http.conn.scheme.HostNameResolver; |
32 |
|
import org.apache.http.conn.scheme.LayeredSocketFactory; |
33 |
|
import org.apache.http.conn.ssl.AllowAllHostnameVerifier; |
34 |
|
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier; |
35 |
|
import org.apache.http.conn.ssl.StrictHostnameVerifier; |
36 |
|
import org.apache.http.conn.ssl.X509HostnameVerifier; |
37 |
|
import org.apache.http.params.HttpConnectionParams; |
38 |
|
import org.apache.http.params.HttpParams; |
39 |
|
|
40 |
|
import javax.net.ssl.HttpsURLConnection; |
41 |
|
import javax.net.ssl.KeyManager; |
42 |
|
import javax.net.ssl.KeyManagerFactory; |
43 |
|
import javax.net.ssl.SSLContext; |
44 |
|
import javax.net.ssl.SSLSocket; |
45 |
|
import javax.net.ssl.TrustManager; |
46 |
|
import javax.net.ssl.TrustManagerFactory; |
47 |
|
import javax.net.ssl.X509TrustManager; |
48 |
|
|
49 |
|
import java.io.IOException; |
50 |
|
import java.net.InetAddress; |
51 |
|
import java.net.InetSocketAddress; |
52 |
|
import java.net.Socket; |
53 |
|
import java.net.SocketTimeoutException; |
54 |
|
import java.net.UnknownHostException; |
55 |
|
import java.security.KeyManagementException; |
56 |
|
import java.security.KeyStore; |
57 |
|
import java.security.KeyStoreException; |
58 |
|
import java.security.NoSuchAlgorithmException; |
59 |
|
import java.security.SecureRandom; |
60 |
|
import java.security.UnrecoverableKeyException; |
61 |
|
|
62 |
|
|
63 |
|
|
64 |
|
|
65 |
|
|
66 |
|
|
67 |
|
|
68 |
|
|
69 |
|
@link |
70 |
|
|
71 |
|
|
72 |
|
|
73 |
|
|
74 |
|
|
75 |
|
|
76 |
|
|
77 |
|
|
78 |
|
|
79 |
|
@link |
80 |
|
|
81 |
|
|
82 |
|
|
83 |
|
|
84 |
|
|
85 |
|
@link |
86 |
|
@link |
87 |
|
|
88 |
|
|
89 |
|
|
90 |
|
@link |
91 |
|
|
92 |
|
|
93 |
|
|
94 |
|
|
95 |
|
|
96 |
|
|
97 |
|
|
98 |
|
|
99 |
|
|
100 |
|
|
101 |
|
|
102 |
|
|
103 |
|
|
104 |
|
|
105 |
|
|
106 |
|
|
107 |
|
|
108 |
|
|
109 |
|
|
110 |
|
|
111 |
|
|
112 |
|
|
113 |
|
|
114 |
|
|
115 |
|
|
116 |
|
|
117 |
|
|
118 |
|
|
119 |
|
|
120 |
|
|
121 |
|
|
122 |
|
|
123 |
|
|
124 |
|
|
125 |
|
|
126 |
|
|
127 |
|
|
128 |
|
|
129 |
|
|
130 |
|
|
131 |
|
|
132 |
|
|
133 |
|
|
134 |
|
|
135 |
|
|
136 |
|
|
137 |
|
|
138 |
|
|
139 |
|
|
140 |
|
@since |
141 |
|
|
|
|
| 24,7% |
Uncovered Elements: 110 (146) |
Complexity: 46 |
Complexity Density: 0,53 |
|
142 |
|
public class SSLSocketFactory implements LayeredSocketFactory { |
143 |
|
|
144 |
|
public static final String TLS = "TLS"; |
145 |
|
public static final String SSL = "SSL"; |
146 |
|
public static final String SSLV2 = "SSLv2"; |
147 |
|
|
148 |
|
public static final X509HostnameVerifier ALLOW_ALL_HOSTNAME_VERIFIER |
149 |
|
= new AllowAllHostnameVerifier(); |
150 |
|
|
151 |
|
public static final X509HostnameVerifier BROWSER_COMPATIBLE_HOSTNAME_VERIFIER |
152 |
|
= new BrowserCompatHostnameVerifier(); |
153 |
|
|
154 |
|
public static final X509HostnameVerifier STRICT_HOSTNAME_VERIFIER |
155 |
|
= new StrictHostnameVerifier(); |
156 |
|
|
157 |
|
|
158 |
|
|
159 |
|
|
160 |
|
private static final SSLSocketFactory DEFAULT_FACTORY = new SSLSocketFactory(); |
161 |
|
|
162 |
|
|
163 |
|
|
164 |
|
|
165 |
|
|
166 |
|
@return |
167 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
168 |
0
|
public static SSLSocketFactory getSocketFactory() {... |
169 |
0
|
return DEFAULT_FACTORY; |
170 |
|
} |
171 |
|
|
172 |
|
private final javax.net.ssl.SSLSocketFactory socketfactory; |
173 |
|
private final HostNameResolver nameResolver; |
174 |
|
|
175 |
|
private volatile X509HostnameVerifier hostnameVerifier; |
176 |
|
|
|
|
| 80,8% |
Uncovered Elements: 5 (26) |
Complexity: 7 |
Complexity Density: 0,44 |
|
177 |
2
|
private static SSLContext createSSLContext(... |
178 |
|
String algorithm, |
179 |
|
final KeyStore keystore, |
180 |
|
final String keystorePassword, |
181 |
|
final KeyStore truststore, |
182 |
|
final SecureRandom random, |
183 |
|
final TrustStrategy trustStrategy) |
184 |
|
throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, KeyManagementException { |
185 |
2
|
if (algorithm == null) { |
186 |
0
|
algorithm = TLS; |
187 |
|
} |
188 |
2
|
KeyManagerFactory kmfactory = KeyManagerFactory.getInstance( |
189 |
|
KeyManagerFactory.getDefaultAlgorithm()); |
190 |
2
|
kmfactory.init(keystore, keystorePassword != null ? keystorePassword.toCharArray(): null); |
191 |
2
|
KeyManager[] keymanagers = kmfactory.getKeyManagers(); |
192 |
2
|
TrustManagerFactory tmfactory = TrustManagerFactory.getInstance( |
193 |
|
TrustManagerFactory.getDefaultAlgorithm()); |
194 |
2
|
tmfactory.init(keystore); |
195 |
2
|
TrustManager[] trustmanagers = tmfactory.getTrustManagers(); |
196 |
2
|
if (trustmanagers != null && trustStrategy != null) { |
197 |
4
|
for (int i = 0; i < trustmanagers.length; i++) { |
198 |
2
|
TrustManager tm = trustmanagers[i]; |
199 |
2
|
if (tm instanceof X509TrustManager) { |
200 |
2
|
trustmanagers[i] = new TrustManagerDecorator( |
201 |
|
(X509TrustManager) tm, trustStrategy); |
202 |
|
} |
203 |
|
} |
204 |
|
} |
205 |
|
|
206 |
2
|
SSLContext sslcontext = SSLContext.getInstance(algorithm); |
207 |
2
|
sslcontext.init(keymanagers, trustmanagers, random); |
208 |
2
|
return sslcontext; |
209 |
|
} |
210 |
|
|
211 |
|
|
212 |
|
@deprecated@link |
213 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
214 |
0
|
@Deprecated... |
215 |
|
public SSLSocketFactory( |
216 |
|
final String algorithm, |
217 |
|
final KeyStore keystore, |
218 |
|
final String keystorePassword, |
219 |
|
final KeyStore truststore, |
220 |
|
final SecureRandom random, |
221 |
|
final HostNameResolver nameResolver) |
222 |
|
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { |
223 |
0
|
this(createSSLContext( |
224 |
|
algorithm, keystore, keystorePassword, truststore, random, null), |
225 |
|
nameResolver); |
226 |
|
} |
227 |
|
|
228 |
|
|
229 |
|
@since |
230 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
231 |
0
|
public SSLSocketFactory(... |
232 |
|
String algorithm, |
233 |
|
final KeyStore keystore, |
234 |
|
final String keystorePassword, |
235 |
|
final KeyStore truststore, |
236 |
|
final SecureRandom random, |
237 |
|
final X509HostnameVerifier hostnameVerifier) |
238 |
|
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { |
239 |
0
|
this(createSSLContext( |
240 |
|
algorithm, keystore, keystorePassword, truststore, random, null), |
241 |
|
hostnameVerifier); |
242 |
|
} |
243 |
|
|
244 |
|
|
245 |
|
@since |
246 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
247 |
2
|
public SSLSocketFactory(... |
248 |
|
String algorithm, |
249 |
|
final KeyStore keystore, |
250 |
|
final String keystorePassword, |
251 |
|
final KeyStore truststore, |
252 |
|
final SecureRandom random, |
253 |
|
final TrustStrategy trustStrategy, |
254 |
|
final X509HostnameVerifier hostnameVerifier) |
255 |
|
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { |
256 |
2
|
this(createSSLContext( |
257 |
|
algorithm, keystore, keystorePassword, truststore, random, trustStrategy), |
258 |
|
hostnameVerifier); |
259 |
|
} |
260 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
261 |
0
|
public SSLSocketFactory(... |
262 |
|
final KeyStore keystore, |
263 |
|
final String keystorePassword, |
264 |
|
final KeyStore truststore) |
265 |
|
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { |
266 |
0
|
this(TLS, keystore, keystorePassword, truststore, null, null, BROWSER_COMPATIBLE_HOSTNAME_VERIFIER); |
267 |
|
} |
268 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
269 |
0
|
public SSLSocketFactory(... |
270 |
|
final KeyStore keystore, |
271 |
|
final String keystorePassword) |
272 |
|
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException{ |
273 |
0
|
this(TLS, keystore, keystorePassword, null, null, null, BROWSER_COMPATIBLE_HOSTNAME_VERIFIER); |
274 |
|
} |
275 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
276 |
0
|
public SSLSocketFactory(... |
277 |
|
final KeyStore truststore) |
278 |
|
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { |
279 |
0
|
this(TLS, null, null, truststore, null, null, BROWSER_COMPATIBLE_HOSTNAME_VERIFIER); |
280 |
|
} |
281 |
|
|
282 |
|
|
283 |
|
@since |
284 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
285 |
2
|
public SSLSocketFactory(... |
286 |
|
final TrustStrategy trustStrategy, |
287 |
|
final X509HostnameVerifier hostnameVerifier) |
288 |
|
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { |
289 |
2
|
this(TLS, null, null, null, null, trustStrategy, hostnameVerifier); |
290 |
|
} |
291 |
|
|
292 |
|
|
293 |
|
@since |
294 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
295 |
0
|
public SSLSocketFactory(... |
296 |
|
final TrustStrategy trustStrategy) |
297 |
|
throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { |
298 |
0
|
this(TLS, null, null, null, null, trustStrategy, BROWSER_COMPATIBLE_HOSTNAME_VERIFIER); |
299 |
|
} |
300 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
301 |
0
|
public SSLSocketFactory(final SSLContext sslContext) {... |
302 |
0
|
this(sslContext, BROWSER_COMPATIBLE_HOSTNAME_VERIFIER); |
303 |
|
} |
304 |
|
|
305 |
|
|
306 |
|
@deprecated@link |
307 |
|
|
|
|
| 0% |
Uncovered Elements: 4 (4) |
Complexity: 1 |
Complexity Density: 0,25 |
|
308 |
0
|
@Deprecated... |
309 |
|
public SSLSocketFactory( |
310 |
|
final SSLContext sslContext, final HostNameResolver nameResolver) { |
311 |
0
|
super(); |
312 |
0
|
this.socketfactory = sslContext.getSocketFactory(); |
313 |
0
|
this.hostnameVerifier = BROWSER_COMPATIBLE_HOSTNAME_VERIFIER; |
314 |
0
|
this.nameResolver = nameResolver; |
315 |
|
} |
316 |
|
|
317 |
|
|
318 |
|
@since |
319 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (4) |
Complexity: 1 |
Complexity Density: 0,25 |
|
320 |
2
|
public SSLSocketFactory(... |
321 |
|
final SSLContext sslContext, final X509HostnameVerifier hostnameVerifier) { |
322 |
2
|
super(); |
323 |
2
|
this.socketfactory = sslContext.getSocketFactory(); |
324 |
2
|
this.hostnameVerifier = hostnameVerifier; |
325 |
2
|
this.nameResolver = null; |
326 |
|
} |
327 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (4) |
Complexity: 1 |
Complexity Density: 0,25 |
|
328 |
1
|
private SSLSocketFactory() {... |
329 |
1
|
super(); |
330 |
1
|
this.socketfactory = HttpsURLConnection.getDefaultSSLSocketFactory(); |
331 |
1
|
this.hostnameVerifier = null; |
332 |
1
|
this.nameResolver = null; |
333 |
|
} |
334 |
|
|
335 |
|
|
336 |
|
@param |
337 |
|
@link |
338 |
|
@link |
339 |
|
@since |
340 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
341 |
0
|
@SuppressWarnings("cast")... |
342 |
|
public Socket createSocket(final HttpParams params) throws IOException { |
343 |
|
|
344 |
0
|
return (SSLSocket) this.socketfactory.createSocket(); |
345 |
|
} |
346 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
347 |
0
|
@SuppressWarnings("cast")... |
348 |
|
public Socket createSocket() throws IOException { |
349 |
|
|
350 |
0
|
return (SSLSocket) this.socketfactory.createSocket(); |
351 |
|
} |
352 |
|
|
353 |
|
|
354 |
|
@since |
355 |
|
|
|
|
| 0% |
Uncovered Elements: 30 (30) |
Complexity: 9 |
Complexity Density: 0,45 |
|
356 |
0
|
public Socket connectSocket(... |
357 |
|
final Socket sock, |
358 |
|
final InetSocketAddress remoteAddress, |
359 |
|
final InetSocketAddress localAddress, |
360 |
|
final HttpParams params) throws IOException, UnknownHostException, ConnectTimeoutException { |
361 |
0
|
if (remoteAddress == null) { |
362 |
0
|
throw new IllegalArgumentException("Remote address may not be null"); |
363 |
|
} |
364 |
0
|
if (params == null) { |
365 |
0
|
throw new IllegalArgumentException("HTTP parameters may not be null"); |
366 |
|
} |
367 |
0
|
SSLSocket sslsock = (SSLSocket) (sock != null ? sock : createSocket()); |
368 |
0
|
if (localAddress != null) { |
369 |
|
|
370 |
0
|
sslsock.bind(localAddress); |
371 |
|
} |
372 |
|
|
373 |
0
|
int connTimeout = HttpConnectionParams.getConnectionTimeout(params); |
374 |
0
|
int soTimeout = HttpConnectionParams.getSoTimeout(params); |
375 |
|
|
376 |
0
|
try { |
377 |
0
|
sslsock.connect(remoteAddress, connTimeout); |
378 |
|
} catch (SocketTimeoutException ex) { |
379 |
0
|
throw new ConnectTimeoutException("Connect to " + remoteAddress.getHostName() + "/" |
380 |
|
+ remoteAddress.getAddress() + " timed out"); |
381 |
|
} |
382 |
0
|
sslsock.setSoTimeout(soTimeout); |
383 |
0
|
if (this.hostnameVerifier != null) { |
384 |
0
|
try { |
385 |
0
|
this.hostnameVerifier.verify(remoteAddress.getHostName(), sslsock); |
386 |
|
|
387 |
|
} catch (IOException iox) { |
388 |
|
|
389 |
0
|
try { sslsock.close(); } catch (Exception x) { } |
390 |
0
|
throw iox; |
391 |
|
} |
392 |
|
} |
393 |
0
|
return sslsock; |
394 |
|
} |
395 |
|
|
396 |
|
|
397 |
|
|
398 |
|
|
399 |
|
|
400 |
|
|
401 |
|
|
402 |
|
|
403 |
|
|
404 |
|
|
405 |
|
@param |
406 |
|
|
407 |
|
@return |
408 |
|
|
409 |
|
@throws |
410 |
|
|
|
|
| 0% |
Uncovered Elements: 13 (13) |
Complexity: 4 |
Complexity Density: 0,57 |
|
411 |
0
|
public boolean isSecure(final Socket sock) throws IllegalArgumentException {... |
412 |
0
|
if (sock == null) { |
413 |
0
|
throw new IllegalArgumentException("Socket may not be null"); |
414 |
|
} |
415 |
|
|
416 |
0
|
if (!(sock instanceof SSLSocket)) { |
417 |
0
|
throw new IllegalArgumentException("Socket not created by this factory"); |
418 |
|
} |
419 |
|
|
420 |
0
|
if (sock.isClosed()) { |
421 |
0
|
throw new IllegalArgumentException("Socket is closed"); |
422 |
|
} |
423 |
0
|
return true; |
424 |
|
} |
425 |
|
|
426 |
|
|
427 |
|
@since |
428 |
|
|
|
|
| 0% |
Uncovered Elements: 6 (6) |
Complexity: 2 |
Complexity Density: 0,5 |
|
429 |
0
|
public Socket createLayeredSocket(... |
430 |
|
final Socket socket, |
431 |
|
final String host, |
432 |
|
final int port, |
433 |
|
final boolean autoClose) throws IOException, UnknownHostException { |
434 |
0
|
SSLSocket sslSocket = (SSLSocket) this.socketfactory.createSocket( |
435 |
|
socket, |
436 |
|
host, |
437 |
|
port, |
438 |
|
autoClose |
439 |
|
); |
440 |
0
|
if (this.hostnameVerifier != null) { |
441 |
0
|
this.hostnameVerifier.verify(host, sslSocket); |
442 |
|
} |
443 |
|
|
444 |
0
|
return sslSocket; |
445 |
|
} |
446 |
|
|
|
|
| 0% |
Uncovered Elements: 5 (5) |
Complexity: 2 |
Complexity Density: 0,67 |
|
447 |
0
|
@Deprecated... |
448 |
|
public void setHostnameVerifier(X509HostnameVerifier hostnameVerifier) { |
449 |
0
|
if ( hostnameVerifier == null ) { |
450 |
0
|
throw new IllegalArgumentException("Hostname verifier may not be null"); |
451 |
|
} |
452 |
0
|
this.hostnameVerifier = hostnameVerifier; |
453 |
|
} |
454 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
455 |
0
|
public X509HostnameVerifier getHostnameVerifier() {... |
456 |
0
|
return this.hostnameVerifier; |
457 |
|
} |
458 |
|
|
459 |
|
|
460 |
|
@deprecated@link |
461 |
|
|
|
|
| 0% |
Uncovered Elements: 17 (17) |
Complexity: 5 |
Complexity Density: 0,45 |
|
462 |
0
|
@Deprecated... |
463 |
|
public Socket connectSocket( |
464 |
|
final Socket socket, |
465 |
|
final String host, int port, |
466 |
|
final InetAddress localAddress, int localPort, |
467 |
|
final HttpParams params) throws IOException, UnknownHostException, ConnectTimeoutException { |
468 |
0
|
InetSocketAddress local = null; |
469 |
0
|
if (localAddress != null || localPort > 0) { |
470 |
|
|
471 |
0
|
if (localPort < 0) { |
472 |
0
|
localPort = 0; |
473 |
|
} |
474 |
0
|
local = new InetSocketAddress(localAddress, localPort); |
475 |
|
} |
476 |
0
|
InetAddress remoteAddress; |
477 |
0
|
if (this.nameResolver != null) { |
478 |
0
|
remoteAddress = this.nameResolver.resolve(host); |
479 |
|
} else { |
480 |
0
|
remoteAddress = InetAddress.getByName(host); |
481 |
|
} |
482 |
0
|
InetSocketAddress remote = new InetSocketAddress(remoteAddress, port); |
483 |
0
|
return connectSocket(socket, remote, local, params); |
484 |
|
} |
485 |
|
|
486 |
|
|
487 |
|
@deprecated@link |
488 |
|
|
|
|
| 0% |
Uncovered Elements: 1 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
489 |
0
|
@Deprecated... |
490 |
|
public Socket createSocket( |
491 |
|
final Socket socket, |
492 |
|
final String host, int port, |
493 |
|
boolean autoClose) throws IOException, UnknownHostException { |
494 |
0
|
return createLayeredSocket(socket, host, port, autoClose); |
495 |
|
} |
496 |
|
|
497 |
|
} |