Java Code Examples for javax.net.ssl.SSLSocket#setSoTimeout()

The following examples show how to use javax.net.ssl.SSLSocket#setSoTimeout() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: GfxdTSSLSocketFactory.java    From gemfirexd-oss with Apache License 2.0 7 votes vote down vote up
private static SSLSocket createClient(SSLSocketFactory factory,
    InetAddress hostAddress, int port, int timeout,
    final SocketParameters params) throws TTransportException {
  try {
    SSLSocket socket = (SSLSocket)factory.createSocket(hostAddress, port);
    socket.setSoTimeout(timeout);
    if (params != null) {
      if (params.getSSLEnabledProtocols() != null) {
        socket.setEnabledProtocols(params.getSSLEnabledProtocols());
      }
      if (params.getSSLCipherSuites() != null) {
        socket.setEnabledCipherSuites(params.getSSLCipherSuites());
      }
    }
    return socket;
  } catch (IOException ioe) {
    throw new TTransportException(TTransportException.NOT_OPEN, ioe);
  } catch (Exception e) {
    throw new TTransportException(TTransportException.NOT_OPEN,
        "Could not connect to " + hostAddress + " on port " + port, e);
  }
}
 
Example 2
Source File: EasySSLSocketFactory.java    From openhab1-addons with Eclipse Public License 2.0 6 votes vote down vote up
/**
 * @see org.apache.http.conn.scheme.SocketFactory#connectSocket(java.net.Socket,
 *      java.lang.String, int, java.net.InetAddress, int,
 *      org.apache.http.params.HttpParams)
 */
@Override
public Socket connectSocket(Socket sock, String host, int port, InetAddress localAddress, int localPort,
        HttpParams params) throws IOException, UnknownHostException, ConnectTimeoutException {
    int connTimeout = HttpConnectionParams.getConnectionTimeout(params);
    int soTimeout = HttpConnectionParams.getSoTimeout(params);
    InetSocketAddress remoteAddress = new InetSocketAddress(host, port);
    SSLSocket sslsock = (SSLSocket) ((sock != null) ? sock : createSocket());

    if ((localAddress != null) || (localPort > 0)) {
        // we need to bind explicitly
        if (localPort < 0) {
            localPort = 0; // indicates "any"
        }
        InetSocketAddress isa = new InetSocketAddress(localAddress, localPort);
        sslsock.bind(isa);
    }

    sslsock.connect(remoteAddress, connTimeout);
    sslsock.setSoTimeout(soTimeout);
    return sslsock;

}
 
Example 3
Source File: LibSSLSocketFactory.java    From YiBo with Apache License 2.0 6 votes vote down vote up
public Socket connectSocket(Socket sock, String host, int port,
		InetAddress localAddress, int localPort, HttpParams params)
		throws IOException, UnknownHostException, ConnectTimeoutException {
	int connTimeout = HttpConnectionParams.getConnectionTimeout(params);
	int soTimeout = HttpConnectionParams.getSoTimeout(params);

	InetSocketAddress remoteAddress = new InetSocketAddress(host, port);
	SSLSocket sslsock = (SSLSocket) ((sock != null) ? sock : createSocket());

	if ((localAddress != null) || (localPort > 0)) {
		// we need to bind explicitly
		if (localPort < 0) {
			localPort = 0; // indicates "any"
		}
		InetSocketAddress isa = new InetSocketAddress(localAddress,
				localPort);
		sslsock.bind(isa);
	}

	sslsock.connect(remoteAddress, connTimeout);
	sslsock.setSoTimeout(soTimeout);
	return sslsock;

}
 
Example 4
Source File: EasySSLSocketFactory.java    From panoramagl with Apache License 2.0 6 votes vote down vote up
/**
 * @see org.apache.http.conn.scheme.SocketFactory#connectSocket(Socket,
 * String, int, InetAddress, int,
 * HttpParams)
 */
public Socket connectSocket(Socket sock, String host, int port,
                            InetAddress localAddress, int localPort, HttpParams params)
        throws IOException, UnknownHostException, ConnectTimeoutException {
    int connTimeout = HttpConnectionParams.getConnectionTimeout(params);
    int soTimeout = HttpConnectionParams.getSoTimeout(params);

    InetSocketAddress remoteAddress = new InetSocketAddress(host, port);
    SSLSocket sslsock = (SSLSocket) ((sock != null) ? sock : createSocket());

    if ((localAddress != null) || (localPort > 0)) {
        // we need to bind explicitly
        if (localPort < 0) {
            localPort = 0; // indicates "any"
        }
        InetSocketAddress isa = new InetSocketAddress(localAddress,
                localPort);
        sslsock.bind(isa);
    }

    sslsock.connect(remoteAddress, connTimeout);
    sslsock.setSoTimeout(soTimeout);
    return sslsock;

}
 
Example 5
Source File: EasyHttpClient.java    From mobilecloud-15 with Apache License 2.0 6 votes vote down vote up
/**
 * @see org.apache.http.conn.scheme.SocketFactory#connectSocket(java.net.Socket,
 *      java.lang.String, int, java.net.InetAddress, int,
 *      org.apache.http.params.HttpParams)
 */
public Socket connectSocket(Socket sock, String host, int port,
		InetAddress localAddress, int localPort, HttpParams params)
		throws IOException, UnknownHostException, ConnectTimeoutException {
	int connTimeout = HttpConnectionParams.getConnectionTimeout(params);
	int soTimeout = HttpConnectionParams.getSoTimeout(params);

	InetSocketAddress remoteAddress = new InetSocketAddress(host, port);
	SSLSocket sslsock = (SSLSocket) ((sock != null) ? sock : createSocket());

	if ((localAddress != null) || (localPort > 0)) {
		// we need to bind explicitly
		if (localPort < 0) {
			localPort = 0; // indicates "any"
		}
		InetSocketAddress isa = new InetSocketAddress(localAddress,
				localPort);
		sslsock.bind(isa);
	}

	sslsock.connect(remoteAddress, connTimeout);
	sslsock.setSoTimeout(soTimeout);
	return sslsock;
}
 
Example 6
Source File: TSSLTransportFactory.java    From galaxy-sdk-java with Apache License 2.0 5 votes vote down vote up
private static TSocket createClient(SSLSocketFactory factory, String host, int port, int timeout) throws TTransportException {
  try {
    SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
    socket.setSoTimeout(timeout);
    return new TSocket(socket);
  } catch (Exception e) {
    throw new TTransportException("Could not connect to " + host + " on port " + port, e);
  }
}
 
Example 7
Source File: SocketFactory.java    From dacapobench with Apache License 2.0 5 votes vote down vote up
/**
 * Create an SSL client socket using the IOR-encoded
 * security characteristics.
 * Setting want/need client auth on a client socket has no effect so all we can do is use the right host, port, ciphers
 *
 * @param host     The target host name.
 * @param port     The target connection port.
 *
 * @return An appropriately configured client SSLSocket.
 * @exception IOException if ssl socket can't be obtained and configured.
 */
private Socket createSSLSocket(String host, int port, int requires, int supports) throws IOException {
    SSLSocketFactory factory = getSocketFactory();
    SSLSocket socket = (SSLSocket) factory.createSocket(host, port);

    socket.setSoTimeout(SOCKET_TIMEOUT_MS);

    // get a set of cipher suites appropriate for this connections requirements.
    // We request this for each connection, since the outgoing IOR's requirements may be different from
    // our server listener requirements.
    String[] iorSuites = SSLCipherSuiteDatabase.getCipherSuites(requires, supports, factory.getSupportedCipherSuites());
    socket.setEnabledCipherSuites(iorSuites);
    if (log.isDebugEnabled()) {
        log.debug("Created SSL socket to " + host + ":" + port);
        log.debug("    cipher suites:");

        for (int i = 0; i < iorSuites.length; i++) {
            log.debug("    " + iorSuites[i]);
        }
        socket.addHandshakeCompletedListener(new HandshakeCompletedListener() {

            public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
                Certificate[] certs = handshakeCompletedEvent.getLocalCertificates();
                if (certs != null) {
                    log.debug("handshake returned local certs count: " + certs.length);
                    for (int i = 0; i < certs.length; i++) {
                        Certificate cert = certs[i];
                        log.debug("cert: " + cert.toString());
                    }
                } else {
                    log.debug("handshake returned no local certs");
                }
            }
        });
    }
    return socket;
}
 
Example 8
Source File: BinarySecureClientPoolFactory.java    From product-microgateway with Apache License 2.0 5 votes vote down vote up
@Override
public Object createClient(String protocol, String hostName, int port) throws DataEndpointException {
    if (protocol.equalsIgnoreCase(DataEndpointConfiguration.Protocol.SSL.toString())) {
        int timeout = AgentHolder.getInstance().getDataEndpointAgent().getAgentConfiguration()
                .getSocketTimeoutMS();
        String sslProtocols = AgentHolder.getInstance().getDataEndpointAgent().getAgentConfiguration()
                .getSslEnabledProtocols();
        String ciphers = AgentHolder.getInstance().getDataEndpointAgent().getAgentConfiguration().getCiphers();

        try {
            SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(hostName, port);
            sslSocket.setSoTimeout(timeout);

            if (sslProtocols != null && sslProtocols.length() != 0) {
                String[] sslProtocolsArray = sslProtocols.split(",");
                sslSocket.setEnabledProtocols(sslProtocolsArray);
            }

            if (ciphers != null && ciphers.length() != 0) {
                String[] ciphersArray = ciphers.replaceAll(" ", "").split(",");
                sslSocket.setEnabledCipherSuites(ciphersArray);
            } else {
                sslSocket.setEnabledCipherSuites(sslSocket.getSupportedCipherSuites());
            }
            return sslSocket;
        } catch (IOException e) {
            throw new DataEndpointException("Error while opening socket to " + hostName + ":" + port + ". " +
                    e.getMessage(), e);
        }
    } else {
        throw new DataEndpointException("Unsupported protocol: " + protocol + ". Currently only " +
                DataEndpointConfiguration.Protocol.SSL.toString() + " supported.");
    }
}
 
Example 9
Source File: ECCurvesconstraints.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
void doServerSide() throws Exception {
    SSLContext context = generateSSLContext(false);
    SSLServerSocketFactory sslssf = context.getServerSocketFactory();
    SSLServerSocket sslServerSocket =
        (SSLServerSocket)sslssf.createServerSocket(serverPort);
    serverPort = sslServerSocket.getLocalPort();

    /*
     * Signal Client, we're ready for his connect.
     */
    serverReady = true;

    SSLSocket sslSocket = (SSLSocket)sslServerSocket.accept();
    try {
        sslSocket.setSoTimeout(5000);
        sslSocket.setSoLinger(true, 5);

        InputStream sslIS = sslSocket.getInputStream();
        OutputStream sslOS = sslSocket.getOutputStream();

        sslIS.read();
        sslOS.write('A');
        sslOS.flush();

        throw new Exception("EC curve secp224k1 should be disabled");
    } catch (SSLHandshakeException she) {
        // expected exception: no cipher suites in common
        System.out.println("Expected exception: " + she);
    } finally {
        sslSocket.close();
        sslServerSocket.close();
    }
}
 
Example 10
Source File: NFSeGeraCadeiaCertificados.java    From nfse with MIT License 5 votes vote down vote up
public static void get(String host, int port, KeyStore keyStore) throws Exception {
  TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
  tmf.init(keyStore);
  
  X509TrustManager defaultTrustManager = (X509TrustManager) tmf.getTrustManagers()[0];
  SavingTrustManager tm = new SavingTrustManager(defaultTrustManager);
  
  SSLContext sslContext = SSLContext.getInstance("TLS");
  sslContext.init(null, new TrustManager[] {tm}, null);
  
  LOGGER.info("Iniciando conexão com: " + host + ":" + port + "...");
  SSLSocket socket = (SSLSocket) sslContext.getSocketFactory().createSocket(host, port);
  
  try {
    socket.setSoTimeout(30 * 1000);
    socket.startHandshake();
    socket.close();
  } catch (Exception e) {
    LOGGER.info(e.toString());
  } 

  X509Certificate[] chain = tm.chain;
  if (chain == null) {
    LOGGER.info("Não foi possivel obter a cadeia de certificados");
  }

  LOGGER.info("O servidor enviou " + chain.length + " certificado(s):");
  MessageDigest sha1 = MessageDigest.getInstance("SHA1");
  MessageDigest md5 = MessageDigest.getInstance("MD5");
  for (int i = 0; i < chain.length; i++) {
    X509Certificate cert = chain[i];
    sha1.update(cert.getEncoded());
    md5.update(cert.getEncoded());

    String alias = host + "-" + (i);
    keyStore.setCertificateEntry(alias, cert);
    LOGGER.info("Certificado adicionado usando alias: '" + alias + "'");
  }
}
 
Example 11
Source File: HttpClientConnectionManagerFactory.java    From signalfx-java with Apache License 2.0 4 votes vote down vote up
@Override
protected void prepareSocket(SSLSocket socket) throws IOException {
  socket.setSoTimeout(timeoutMs);
}
 
Example 12
Source File: Connection.java    From phonegap-plugin-loading-spinner with Apache License 2.0 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  if (route.modernTls) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();

  byte[] selectedProtocol;
  if (route.modernTls
      && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 13
Source File: Connection.java    From L.TileLayer.Cordova with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 14
Source File: Connection.java    From cordova-amazon-fireos with Apache License 2.0 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 15
Source File: Connection.java    From android-discourse with Apache License 2.0 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
    Platform platform = Platform.get();

    // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
    if (requiresTunnel()) {
        makeTunnel(tunnelRequest);
    }

    // Create the wrapper over connected socket.
    socket = route.address.sslSocketFactory.createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
    SSLSocket sslSocket = (SSLSocket) socket;
    if (route.modernTls) {
        platform.enableTlsExtensions(sslSocket, route.address.uriHost);
    } else {
        platform.supportTlsIntolerantServer(sslSocket);
    }

    boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
    if (useNpn) {
        platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
    }

    // Force handshake. This can throw!
    sslSocket.startHandshake();

    // Verify that the socket's certificates are acceptable for the target host.
    if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
        throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
    }

    out = sslSocket.getOutputStream();
    in = sslSocket.getInputStream();

    byte[] selectedProtocol;
    if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
        if (Arrays.equals(selectedProtocol, SPDY3)) {
            sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
            spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out).build();
            spdyConnection.sendConnectionHeader();
        } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
            throw new IOException("Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
        }
    }
}
 
Example 16
Source File: SSLSocketFactory.java    From Popeens-DSub with GNU General Public License v3.0 4 votes vote down vote up
/**
     * @since 4.1
     */
    public Socket connectSocket(
            final Socket sock,
            final InetSocketAddress remoteAddress,
            final InetSocketAddress localAddress,
            final HttpParams params) throws IOException, UnknownHostException, ConnectTimeoutException {
        if (remoteAddress == null) {
            throw new IllegalArgumentException("Remote address may not be null");
        }
        if (params == null) {
            throw new IllegalArgumentException("HTTP parameters may not be null");
        }
        SSLSocket sslsock = (SSLSocket) (sock != null ? sock : createSocket());
        if (localAddress != null) {
//            sslsock.setReuseAddress(HttpConnectionParams.getSoReuseaddr(params));
            sslsock.bind(localAddress);
        }

		setHostName(sslsock, remoteAddress.getHostName());
        int connTimeout = HttpConnectionParams.getConnectionTimeout(params);
        int soTimeout = HttpConnectionParams.getSoTimeout(params);

        try {
            sslsock.connect(remoteAddress, connTimeout);
        } catch (SocketTimeoutException ex) {
            throw new ConnectTimeoutException("Connect to " + remoteAddress.getHostName() + "/"
                    + remoteAddress.getAddress() + " timed out");
        }
        sslsock.setSoTimeout(soTimeout);
        if (this.hostnameVerifier != null) {
            try {
                this.hostnameVerifier.verify(remoteAddress.getHostName(), sslsock);
                // verifyHostName() didn't blowup - good!
            } catch (IOException iox) {
                // close the socket before re-throwing the exception
                try { sslsock.close(); } catch (Exception x) { /*ignore*/ }
                throw iox;
            }
        }
        return sslsock;
    }
 
Example 17
Source File: Connection.java    From bluemix-parking-meter with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 18
Source File: Connection.java    From reader with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 19
Source File: Connection.java    From CordovaYoutubeVideoPlayer with MIT License 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}
 
Example 20
Source File: Connection.java    From crosswalk-cordova-android with Apache License 2.0 4 votes vote down vote up
/**
 * Create an {@code SSLSocket} and perform the TLS handshake and certificate
 * validation.
 */
private void upgradeToTls(TunnelRequest tunnelRequest) throws IOException {
  Platform platform = Platform.get();

  // Make an SSL Tunnel on the first message pair of each SSL + proxy connection.
  if (requiresTunnel()) {
    makeTunnel(tunnelRequest);
  }

  // Create the wrapper over connected socket.
  socket = route.address.sslSocketFactory
      .createSocket(socket, route.address.uriHost, route.address.uriPort, true /* autoClose */);
  SSLSocket sslSocket = (SSLSocket) socket;
  if (route.modernTls) {
    platform.enableTlsExtensions(sslSocket, route.address.uriHost);
  } else {
    platform.supportTlsIntolerantServer(sslSocket);
  }

  boolean useNpn = route.modernTls && route.address.transports.contains("spdy/3");
  if (useNpn) {
    platform.setNpnProtocols(sslSocket, NPN_PROTOCOLS);
  }

  // Force handshake. This can throw!
  sslSocket.startHandshake();

  // Verify that the socket's certificates are acceptable for the target host.
  if (!route.address.hostnameVerifier.verify(route.address.uriHost, sslSocket.getSession())) {
    throw new IOException("Hostname '" + route.address.uriHost + "' was not verified");
  }

  out = sslSocket.getOutputStream();
  in = sslSocket.getInputStream();
  streamWrapper();

  byte[] selectedProtocol;
  if (useNpn && (selectedProtocol = platform.getNpnSelectedProtocol(sslSocket)) != null) {
    if (Arrays.equals(selectedProtocol, SPDY3)) {
      sslSocket.setSoTimeout(0); // SPDY timeouts are set per-stream.
      spdyConnection = new SpdyConnection.Builder(route.address.getUriHost(), true, in, out)
          .build();
      spdyConnection.sendConnectionHeader();
    } else if (!Arrays.equals(selectedProtocol, HTTP_11)) {
      throw new IOException(
          "Unexpected NPN transport " + new String(selectedProtocol, "ISO-8859-1"));
    }
  }
}