当前位置: 首页>>代码示例>>Java>>正文

Java SSLParameters.setEndpointIdentificationAlgorithm方法代码示例

本文整理汇总了Java中javax.net.ssl.SSLParameters.setEndpointIdentificationAlgorithm方法的典型用法代码示例。如果您正苦于以下问题:Java SSLParameters.setEndpointIdentificationAlgorithm方法的具体用法?Java SSLParameters.setEndpointIdentificationAlgorithm怎么用?Java SSLParameters.setEndpointIdentificationAlgorithm使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在javax.net.ssl.SSLParameters的用法示例。


在下文中一共展示了SSLParameters.setEndpointIdentificationAlgorithm方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: copySSLParameters

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
public static SSLParameters copySSLParameters(SSLParameters p) {
    SSLParameters p1 = new SSLParameters();
    p1.setAlgorithmConstraints(p.getAlgorithmConstraints());
    p1.setCipherSuites(p.getCipherSuites());
    // JDK 8 EXCL START
    p1.setEnableRetransmissions(p.getEnableRetransmissions());
    p1.setMaximumPacketSize(p.getMaximumPacketSize());
    // JDK 8 EXCL END
    p1.setEndpointIdentificationAlgorithm(p.getEndpointIdentificationAlgorithm());
    p1.setNeedClientAuth(p.getNeedClientAuth());
    String[] protocols = p.getProtocols();
    if (protocols != null) {
        p1.setProtocols(protocols.clone());
    }
    p1.setSNIMatchers(p.getSNIMatchers());
    p1.setServerNames(p.getServerNames());
    p1.setUseCipherSuitesOrder(p.getUseCipherSuitesOrder());
    p1.setWantClientAuth(p.getWantClientAuth());
    return p1;
}
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:21,代码来源:Utils.java

示例2: createSslEngine

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
public SSLEngine createSslEngine(String peerHost, int peerPort) {
    SSLEngine sslEngine = sslContext.createSSLEngine(peerHost, peerPort);
    if (cipherSuites != null) sslEngine.setEnabledCipherSuites(cipherSuites);
    if (enabledProtocols != null) sslEngine.setEnabledProtocols(enabledProtocols);

    // SSLParameters#setEndpointIdentificationAlgorithm enables endpoint validation
    // only in client mode. Hence, validation is enabled only for clients.
    if (mode == Mode.SERVER) {
        sslEngine.setUseClientMode(false);
        if (needClientAuth)
            sslEngine.setNeedClientAuth(needClientAuth);
        else
            sslEngine.setWantClientAuth(wantClientAuth);
    } else {
        sslEngine.setUseClientMode(true);
        SSLParameters sslParams = sslEngine.getSSLParameters();
        sslParams.setEndpointIdentificationAlgorithm(endpointIdentification);
        sslEngine.setSSLParameters(sslParams);
    }
    return sslEngine;
}
开发者ID:YMCoding,项目名称:kafka-0.11.0.0-src-with-comment,代码行数:22,代码来源:SslFactory.java

示例3: copySSLParameters

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
static SSLParameters copySSLParameters(SSLParameters p) {
    SSLParameters p1 = new SSLParameters();
    p1.setAlgorithmConstraints(p.getAlgorithmConstraints());
    p1.setCipherSuites(p.getCipherSuites());
    p1.setEnableRetransmissions(p.getEnableRetransmissions());
    p1.setEndpointIdentificationAlgorithm(p.getEndpointIdentificationAlgorithm());
    p1.setMaximumPacketSize(p.getMaximumPacketSize());
    p1.setNeedClientAuth(p.getNeedClientAuth());
    String[] protocols = p.getProtocols();
    if (protocols != null)
        p1.setProtocols(protocols.clone());
    p1.setSNIMatchers(p.getSNIMatchers());
    p1.setServerNames(p.getServerNames());
    p1.setUseCipherSuitesOrder(p.getUseCipherSuitesOrder());
    p1.setWantClientAuth(p.getWantClientAuth());
    return p1;
}
开发者ID:campolake,项目名称:openjdk9,代码行数:18,代码来源:Utils.java

示例4: createSslEngine

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
public SSLEngine createSslEngine(String peerHost, int peerPort) {
    SSLEngine sslEngine = sslContext.createSSLEngine(peerHost, peerPort);
    if (cipherSuites != null) sslEngine.setEnabledCipherSuites(cipherSuites);
    if (enabledProtocols != null) sslEngine.setEnabledProtocols(enabledProtocols);

    if (mode == Mode.SERVER) {
        sslEngine.setUseClientMode(false);
        if (needClientAuth)
            sslEngine.setNeedClientAuth(needClientAuth);
        else
            sslEngine.setWantClientAuth(wantClientAuth);
    } else {
        sslEngine.setUseClientMode(true);
        SSLParameters sslParams = sslEngine.getSSLParameters();
        sslParams.setEndpointIdentificationAlgorithm(endpointIdentification);
        sslEngine.setSSLParameters(sslParams);
    }
    return sslEngine;
}
开发者ID:txazo,项目名称:kafka,代码行数:20,代码来源:SslFactory.java

示例5: test_setSSLParameters_Socket

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
@Test
public void test_setSSLParameters_Socket() throws Exception {
    assumeJava8();
    Socket socket = new OpenSSLSocketFactoryImpl().createSocket();
    SSLParametersImpl impl = SSLParametersImpl.getDefault();
    SSLParameters params = new SSLParameters();
    List<SNIServerName> names = new ArrayList<SNIServerName>();
    names.add(new SNIHostName("some.host"));
    params.setServerNames(names);
    params.setUseCipherSuitesOrder(false);
    params.setEndpointIdentificationAlgorithm("ABC");
    String[] applicationProtocols = new String[] {"foo", "bar"};
    if (isJavaVersion(9)) {
        setApplicationProtocols(params, applicationProtocols);
    }
    Platform.setSSLParameters(params, impl, (AbstractConscryptSocket) socket);
    assertEquals("some.host", ((AbstractConscryptSocket) socket).getHostname());
    assertFalse(impl.getUseCipherSuitesOrder());
    assertEquals("ABC", impl.getEndpointIdentificationAlgorithm());
    if (isJavaVersion(9)) {
        assertArrayEquals(applicationProtocols, impl.getApplicationProtocols());
    }
}
开发者ID:google,项目名称:conscrypt,代码行数:24,代码来源:PlatformTest.java

示例6: test_setSSLParameters_Engine

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
@Test
public void test_setSSLParameters_Engine() throws Exception {
    assumeJava8();
    SSLParametersImpl impl = SSLParametersImpl.getDefault();
    SSLParameters params = new SSLParameters();
    ConscryptEngine engine = new ConscryptEngine(impl);
    List<SNIServerName> names = new ArrayList<SNIServerName>();
    names.add(new SNIHostName("some.host"));
    params.setServerNames(names);
    params.setUseCipherSuitesOrder(false);
    params.setEndpointIdentificationAlgorithm("ABC");
    String[] applicationProtocols = new String[] {"foo", "bar"};
    if (isJavaVersion(9)) {
        setApplicationProtocols(params, applicationProtocols);
    }
    Platform.setSSLParameters(params, impl, engine);
    assertEquals("some.host", engine.getHostname());
    assertFalse(impl.getUseCipherSuitesOrder());
    assertEquals("ABC", impl.getEndpointIdentificationAlgorithm());
    if (isJavaVersion(9)) {
        assertArrayEquals(applicationProtocols, impl.getApplicationProtocols());
    }
}
开发者ID:google,项目名称:conscrypt,代码行数:24,代码来源:PlatformTest.java

示例7: test_SSLSocket_getSSLParameters

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
@Test
public void test_SSLSocket_getSSLParameters() throws Exception {
    TestUtils.assumeSetEndpointIdentificationAlgorithmAvailable();
    SSLSocketFactory sf = (SSLSocketFactory) SSLSocketFactory.getDefault();
    SSLSocket ssl = (SSLSocket) sf.createSocket();
    SSLParameters p = ssl.getSSLParameters();
    assertNotNull(p);
    String[] cipherSuites = p.getCipherSuites();
    assertNotSame(cipherSuites, ssl.getEnabledCipherSuites());
    assertEquals(Arrays.asList(cipherSuites), Arrays.asList(ssl.getEnabledCipherSuites()));
    String[] protocols = p.getProtocols();
    assertNotSame(protocols, ssl.getEnabledProtocols());
    assertEquals(Arrays.asList(protocols), Arrays.asList(ssl.getEnabledProtocols()));
    assertEquals(p.getWantClientAuth(), ssl.getWantClientAuth());
    assertEquals(p.getNeedClientAuth(), ssl.getNeedClientAuth());
    assertNull(p.getEndpointIdentificationAlgorithm());
    p.setEndpointIdentificationAlgorithm(null);
    assertNull(p.getEndpointIdentificationAlgorithm());
    p.setEndpointIdentificationAlgorithm("HTTPS");
    assertEquals("HTTPS", p.getEndpointIdentificationAlgorithm());
    p.setEndpointIdentificationAlgorithm("FOO");
    assertEquals("FOO", p.getEndpointIdentificationAlgorithm());
}
开发者ID:google,项目名称:conscrypt,代码行数:24,代码来源:SSLSocketTest.java

示例8: serverSslEngine

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
@Override
public SSLEngine serverSslEngine(String peerHost, int peerPort) {
    try {
        SSLEngine sslEngine = upstreamServerSslContext.get().newEngine(ByteBufAllocator.DEFAULT, peerHost, peerPort);

        // support SNI by setting the endpoint identification algorithm. this requires Java 7+.
        SSLParameters sslParams = new SSLParameters();
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
            sslParams.setEndpointIdentificationAlgorithm("HTTPS");
        }
        sslEngine.setSSLParameters(sslParams);

        return sslEngine;
    } catch (RuntimeException e) {
        throw new MitmException("Error creating SSLEngine for connection to upstream server: " + peerHost + ":" + peerPort, e);
    }
}
开发者ID:misakuo,项目名称:Dream-Catcher,代码行数:18,代码来源:ImpersonatingMitmManager.java

示例9: createSSLEngine

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
@Override
public SSLEngine createSSLEngine(BufferAllocator allocator, String peerHost, int peerPort) {
  SSLEngine engine = super.createSSLEngine(allocator, peerHost, peerPort);

  if (!this.disableHostVerification()) {
    SSLParameters sslParameters = engine.getSSLParameters();
    // only available since Java 7
    sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
    engine.setSSLParameters(sslParameters);
  }

  engine.setUseClientMode(true);

  try {
    engine.setEnableSessionCreation(true);
  } catch (Exception e) {
    // Openssl implementation may throw this.
    logger.debug("Session creation not enabled. Exception: {}", e.getMessage());
  }

  return engine;
}
开发者ID:axbaretto,项目名称:drill,代码行数:23,代码来源:SSLConfigClient.java

示例10: initChannel

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
@Override
protected void initChannel(C channel) throws Exception {
  BackendProtocol protocol = (BackendProtocol) channel.attr(PROTOCOL_KEY).get();
  checkNotNull(protocol, "Protocol is not set for channel: %s", channel);
  SslHandler sslHandler =
      SslContextBuilder.forClient()
          .sslProvider(sslProvider)
          .trustManager(trustedCertificates)
          .build()
          .newHandler(channel.alloc(), protocol.host(), protocol.port());

  // Enable hostname verification.
  SSLEngine sslEngine = sslHandler.engine();
  SSLParameters sslParameters = sslEngine.getSSLParameters();
  sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
  sslEngine.setSSLParameters(sslParameters);

  channel.pipeline().addLast(sslHandler);
}
开发者ID:google,项目名称:nomulus,代码行数:20,代码来源:SslClientInitializer.java

示例11: getSSLParameters

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
/**
 * Returns the SSLParameters in effect for newly accepted connections.
 */
@Override
synchronized public SSLParameters getSSLParameters() {
    SSLParameters params = super.getSSLParameters();

    // the super implementation does not handle the following parameters
    params.setEndpointIdentificationAlgorithm(identificationProtocol);
    params.setAlgorithmConstraints(algorithmConstraints);
    params.setSNIMatchers(sniMatchers);
    params.setUseCipherSuitesOrder(preferLocalCipherSuites);


    return params;
}
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:17,代码来源:SSLServerSocketImpl.java

示例12: testClientEndpointNotValidated

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
/**
 * According to RFC 2818:
 * <blockquote>Typically, the server has no external knowledge of what the client's
 * identity ought to be and so checks (other than that the client has a
 * certificate chain rooted in an appropriate CA) are not possible. If a
 * server has such knowledge (typically from some source external to
 * HTTP or TLS) it SHOULD check the identity as described above.</blockquote>
 *
 * However, Java SSL engine does not perform any endpoint validation for client IP address.
 * Hence it is safe to avoid reverse DNS lookup while creating the SSL engine. This test checks
 * that client validation does not fail even if the client certificate has an invalid hostname.
 * This test is to ensure that if client endpoint validation is added to Java in future, we can detect
 * and update Kafka SSL code to enable validation on the server-side and provide hostname if required.
 */
@Test
public void testClientEndpointNotValidated() throws Exception {
    String node = "0";

    // Create client certificate with an invalid hostname
    clientCertStores = new CertStores(false, "non-existent.com");
    serverCertStores = new CertStores(true, "localhost");
    sslServerConfigs = serverCertStores.getTrustingConfig(clientCertStores);
    sslClientConfigs = clientCertStores.getTrustingConfig(serverCertStores);

    // Create a server with endpoint validation enabled on the server SSL engine
    SslChannelBuilder serverChannelBuilder = new SslChannelBuilder(Mode.SERVER) {
        @Override
        protected SslTransportLayer buildTransportLayer(SslFactory sslFactory, String id, SelectionKey key, String host) throws IOException {
            SocketChannel socketChannel = (SocketChannel) key.channel();
            SSLEngine sslEngine = sslFactory.createSslEngine(host, socketChannel.socket().getPort());
            SSLParameters sslParams = sslEngine.getSSLParameters();
            sslParams.setEndpointIdentificationAlgorithm("HTTPS");
            sslEngine.setSSLParameters(sslParams);
            TestSslTransportLayer transportLayer = new TestSslTransportLayer(id, key, sslEngine, BUFFER_SIZE, BUFFER_SIZE, BUFFER_SIZE);
            transportLayer.startHandshake();
            return transportLayer;
        }
    };
    serverChannelBuilder.configure(sslServerConfigs);
    server = new NioEchoServer(ListenerName.forSecurityProtocol(SecurityProtocol.SSL), SecurityProtocol.SSL,
            new TestSecurityConfig(sslServerConfigs), "localhost", serverChannelBuilder);
    server.start();

    createSelector(sslClientConfigs);
    InetSocketAddress addr = new InetSocketAddress("localhost", server.port());
    selector.connect(node, addr, BUFFER_SIZE, BUFFER_SIZE);

    NetworkTestUtils.checkClientConnection(selector, node, 100, 10);
}
开发者ID:YMCoding,项目名称:kafka-0.11.0.0-src-with-comment,代码行数:50,代码来源:SslTransportLayerTest.java

示例13: getSSLParameters

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
/**
 * Returns the SSLParameters in effect for newly accepted connections.
 */
@Override
public synchronized SSLParameters getSSLParameters() {
    SSLParameters params = super.getSSLParameters();

    // the super implementation does not handle the following parameters
    params.setEndpointIdentificationAlgorithm(identificationProtocol);
    params.setAlgorithmConstraints(algorithmConstraints);
    params.setSNIMatchers(sniMatchers);
    params.setUseCipherSuitesOrder(preferLocalCipherSuites);
    params.setApplicationProtocols(applicationProtocols);

    return params;
}
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:17,代码来源:SSLServerSocketImpl.java

示例14: getSSLParameters

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
static void getSSLParameters(
        SSLParameters params, SSLParametersImpl impl, AbstractConscryptSocket socket) {
    params.setEndpointIdentificationAlgorithm(impl.getEndpointIdentificationAlgorithm());
    params.setUseCipherSuitesOrder(impl.getUseCipherSuitesOrder());
    if (impl.getUseSni() && AddressUtils.isValidSniHostname(socket.getHostname())) {
        params.setServerNames(Collections.<SNIServerName>singletonList(
                new SNIHostName(socket.getHostname())));
    }
}
开发者ID:google,项目名称:conscrypt,代码行数:10,代码来源:Platform.java

示例15: configureSslEngine

import javax.net.ssl.SSLParameters; //导入方法依赖的package包/类
protected void configureSslEngine(SSLEngine sslEngine, AsyncHttpClientConfig config) {
    sslEngine.setUseClientMode(true);
    if (!config.isAcceptAnyCertificate()) {
        SSLParameters params = sslEngine.getSSLParameters();
        params.setEndpointIdentificationAlgorithm("HTTPS");
        sslEngine.setSSLParameters(params);
    }

    if (isNonEmpty(config.getEnabledProtocols()))
        sslEngine.setEnabledProtocols(config.getEnabledProtocols());

    if (isNonEmpty(config.getEnabledCipherSuites()))
        sslEngine.setEnabledCipherSuites(config.getEnabledCipherSuites());
}
开发者ID:amaralDaniel,项目名称:megaphone,代码行数:15,代码来源:SslEngineFactoryBase.java


注:本文中的javax.net.ssl.SSLParameters.setEndpointIdentificationAlgorithm方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。