Java Code Examples for com.squareup.okhttp.internal.Platform#supportTlsIntolerantServer()

The following examples show how to use com.squareup.okhttp.internal.Platform#supportTlsIntolerantServer() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: Connection.java    From L.TileLayer.Cordova with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 2
Source File: Connection.java    From IoTgo_Android_App with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 3
Source File: Connection.java    From android-discourse with Apache License 2.0 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
    Platform platform = Platform.get();

    // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
    if (requiresTunnel()) {
        makeTunnel(tunnelRequest);
    }

    // Create the wrapper over connected socket.
    socket = route.address.sslSocketFactory.createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
    SSLSocket sslSocket = (SSLSocket) socket;
    if (route.modernTls) {
        platform.enableTlsExtensions(sslSocket, route.address.uriHost);
    } else {
        platform.supportTlsIntolerantServer(sslSocket);
    }

    boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
    if (useNpn) {
        platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
    }

    // Force handshake. This can throw!
    sslSocket.startHandshake();

    // Verify that the socket's certificates are acceptable for the target host.
    if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
        throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
    }

    out = sslSocket.getOutputStream();
    in = sslSocket.getInputStream();

    byte[] selectedProtocol;
    if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
        if (Arrays.equals(selectedProtocol, SPDY3)) {
            sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
            spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out).build();
            spdyConnection.sendConnectionHeader();
        } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
            throw new IOException("Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
        }
    }
}
 
Example 4
Source File: Connection.java    From bluemix-parking-meter with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 5
Source File: Connection.java    From reader with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 6
Source File: Connection.java    From reader with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 7
Source File: Connection.java    From cordova-amazon-fireos with Apache License 2.0 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 8
Source File: Connection.java    From phonegapbootcampsite with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 9
Source File: Connection.java    From CordovaYoutubeVideoPlayer with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 10
Source File: Connection.java    From cordova-android-chromeview with Apache License 2.0 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  if (route.modernTls) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();

  byte[] selectedProtocol;
  if (route.modernTls
      && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 11
Source File: Connection.java    From wildfly-samples with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 12
Source File: Connection.java    From phonegap-plugin-loading-spinner with Apache License 2.0 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  if (route.modernTls) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();

  byte[] selectedProtocol;
  if (route.modernTls
      && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 13
Source File: Connection.java    From crosswalk-cordova-android with Apache License 2.0 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}