当前位置: 首页>>代码示例>>Java>>正文


Java SSLSocket.getSession方法代码示例

本文整理汇总了Java中javax.net.ssl.SSLSocket.getSession方法的典型用法代码示例。如果您正苦于以下问题:Java SSLSocket.getSession方法的具体用法?Java SSLSocket.getSession怎么用?Java SSLSocket.getSession使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在javax.net.ssl.SSLSocket的用法示例。


在下文中一共展示了SSLSocket.getSession方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: verifyHostname

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
private void verifyHostname(SSLSocket socket, String hostname) throws HostnameUnverifiedException
{
    if (mVerifyHostname == false)
    {
        // Skip hostname verification.
        return;
    }

    // Hostname verifier.
    OkHostnameVerifier verifier = OkHostnameVerifier.INSTANCE;

    // The SSL session.
    SSLSession session = socket.getSession();

    // Verify the hostname.
    if (verifier.verify(hostname, session))
    {
        // Verified. No problem.
        return;
    }

    // The certificate of the peer does not match the expected hostname.
    throw new HostnameUnverifiedException(socket, hostname);
}
 
开发者ID:angcyo,项目名称:RLibrary,代码行数:25,代码来源:SocketConnector.java

示例2: verifyHostname

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
/**
 * Verifies the peer's hostname using the configured {@link HostnameVerifier}.
 * 
 * @param socket the socket connected to the peer whose hostname is to be verified.
 * 
 * @throws SSLException if the hostname does not verify against the peer's certificate, 
 *          or if there is an error in performing the evaluation
 */
protected void verifyHostname(Socket socket) throws SSLException {
    if (hostnameVerifier == null) {
        return;
    }
    
    if (!(socket instanceof SSLSocket)) {
        return;
    }
    
    SSLSocket sslSocket = (SSLSocket) socket;
    
    try {
        SSLSession sslSession = sslSocket.getSession();
        String hostname = sslSession.getPeerHost();
        
        if (!hostnameVerifier.verify(hostname, sslSession)) {
            throw new SSLPeerUnverifiedException("SSL peer failed hostname validation for name: " + hostname);
        }
    } catch (SSLException e) {
        cleanUpFailedSocket(sslSocket);
        throw e;
    } catch (Throwable t) {
        // Make sure we close the socket on any kind of Exception, RuntimeException or Error.
        cleanUpFailedSocket(sslSocket);
        throw new SSLException("Error in hostname verification", t);
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:36,代码来源:TLSProtocolSocketFactory.java

示例3: getHelloFromServer

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
/**
 * Returned socket may be sslsocket if TLSEnabled.
 * 
 * @param socket
 * @param TLSEnabled
 * @param host
 * @param charset
 * @return
 * @throws IOException
 */
public static Socket getHelloFromServer(Socket socket, boolean TLSEnabled, String host, Charset charset) throws SSLPeerUnverifiedException, IOException, SocketTimeoutException{
	
	PrintWriter out = new PrintWriter(new OutputStreamWriter(socket.getOutputStream(), charset));
	BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream(), charset));
	
	String line = in.readLine();
	if (line == null || (!line.startsWith("200") && !line.startsWith("201") )){
		Log.get().log(Level.WARNING, "Bad Hello from host {0} : {1}",
				new Object[]{host, line});
		throw new IOException();
	}
	
	if (TLSEnabled){
		SSLSocket sslsocket = TLS.createSSLClientSocket(socket);
		
		out.print("STARTTLS"+NNTPConnection.NEWLINE);
		out.flush();
		line = in.readLine();
		if (line == null || !line.startsWith("382")) { //"382 Continue with TLS negotiation"
			Log.get().log(Level.WARNING, "From host {0} STARTTLS response: {1}",
					new Object[]{host, line});
			throw new IOException();
		}
		
		SSLSession session = sslsocket.getSession(); //handshake
		//throw exception:
		X509Certificate cert = (X509Certificate) session.getPeerCertificates()[0]; //I am not sure how to check that it is right cert. TrustManager must do it.
        
		//ready for encrypted communication
		
		//new encrypted streams
		//this.out = new PrintWriter(new OutputStreamWriter(sslsocket.getOutputStream(), this.charset));
		//this.in = new BufferedReader(new InputStreamReader(sslsocket.getInputStream(), this.charset));
		return sslsocket;
	}else
		return socket;
	
}
 
开发者ID:Anoncheg1,项目名称:dibd,代码行数:49,代码来源:FeedManager.java

示例4: verifyHostname

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
/**
 * Verify hostname against certificate
 * @param sslSocket Socket
 * @param host Host name
 * @throws IOException Exception if host name is not verified
 */
private void verifyHostname(SSLSocket sslSocket, String host) throws IOException {
    // Make sure we started handshake before verifying
    sslSocket.startHandshake();

    SSLSession session = sslSocket.getSession();
    if (session == null) {
        throw new SSLException("Hostname '" + host + "' was not verified (no session)");
    }
    if (!hostnameVerifier.verify(host, session)) {
        throw new SSLPeerUnverifiedException("Hostname '" + host + "' was not verified (" + session.getPeerPrincipal() + ")");
    }
    if (Logger.DEBUG) { Log.d(TAG, "Connected to " + session.getPeerHost() + " using " + session.getProtocol() + " (" + session.getCipherSuite() + ")"); }
}
 
开发者ID:bfabiszewski,项目名称:ulogger-android,代码行数:20,代码来源:TlsSocketFactory.java

示例5: JSSESupport

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
JSSESupport(SSLSocket sock){
    ssl=sock;
    session = sock.getSession();
    sock.addHandshakeCompletedListener(listener);
}
 
开发者ID:liaokailin,项目名称:tomcat7,代码行数:6,代码来源:JSSESupport.java

示例6: verify

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
public final void verify(String host, SSLSocket ssl)
      throws IOException {
    if(host == null) {
        throw new NullPointerException("host to verify is null");
    }

    SSLSession session = ssl.getSession();
    if(session == null) {
        // In our experience this only happens under IBM 1.4.x when
        // spurious (unrelated) certificates show up in the server'
        // chain.  Hopefully this will unearth the real problem:
        InputStream in = ssl.getInputStream();
        in.available();
        /*
          If you're looking at the 2 lines of code above because
          you're running into a problem, you probably have two
          options:

            #1.  Clean up the certificate chain that your server
                 is presenting (e.g. edit "/etc/apache2/server.crt"
                 or wherever it is your server's certificate chain
                 is defined).

                                       OR

            #2.   Upgrade to an IBM 1.5.x or greater JVM, or switch
                  to a non-IBM JVM.
        */

        // If ssl.getInputStream().available() didn't cause an
        // exception, maybe at least now the session is available?
        session = ssl.getSession();
        if(session == null) {
            // If it's still null, probably a startHandshake() will
            // unearth the real problem.
            ssl.startHandshake();

            // Okay, if we still haven't managed to cause an exception,
            // might as well go for the NPE.  Or maybe we're okay now?
            session = ssl.getSession();
        }
    }

    Certificate[] certs = session.getPeerCertificates();
    X509Certificate x509 = (X509Certificate) certs[0];
    verify(host, x509);
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:48,代码来源:AbstractVerifier.java

示例7: verify

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
public final void verify(final String host, final SSLSocket ssl)
      throws IOException {
    if(host == null) {
        throw new NullPointerException("host to verify is null");
    }

    SSLSession session = ssl.getSession();
    if(session == null) {
        // In our experience this only happens under IBM 1.4.x when
        // spurious (unrelated) certificates show up in the server'
        // chain.  Hopefully this will unearth the real problem:
        final InputStream in = ssl.getInputStream();
        in.available();
        /*
          If you're looking at the 2 lines of code above because
          you're running into a problem, you probably have two
          options:

            #1.  Clean up the certificate chain that your server
                 is presenting (e.g. edit "/etc/apache2/server.crt"
                 or wherever it is your server's certificate chain
                 is defined).

                                       OR

            #2.   Upgrade to an IBM 1.5.x or greater JVM, or switch
                  to a non-IBM JVM.
        */

        // If ssl.getInputStream().available() didn't cause an
        // exception, maybe at least now the session is available?
        session = ssl.getSession();
        if(session == null) {
            // If it's still null, probably a startHandshake() will
            // unearth the real problem.
            ssl.startHandshake();

            // Okay, if we still haven't managed to cause an exception,
            // might as well go for the NPE.  Or maybe we're okay now?
            session = ssl.getSession();
        }
    }

    final Certificate[] certs = session.getPeerCertificates();
    final X509Certificate x509 = (X509Certificate) certs[0];
    verify(host, x509);
}
 
开发者ID:mozilla-mobile,项目名称:FirefoxData-android,代码行数:48,代码来源:AbstractVerifier.java

示例8: doClientSide

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
SBListener doClientSide() throws Exception {

        /*
         * Wait for server to get started.
         */
        while (!serverReady) {
            Thread.sleep(50);
        }

        SSLSocketFactory sslsf =
            (SSLSocketFactory) SSLSocketFactory.getDefault();

        try {
                SSLSocket sslSocket = (SSLSocket)
                    sslsf.createSocket("localhost", serverPort);
                InputStream sslIS = sslSocket.getInputStream();
                OutputStream sslOS = sslSocket.getOutputStream();

            sslOS.write(280);
            sslOS.flush();
            sslIS.read();

            sslOS.close();
            sslIS.close();

            SSLSession sslSession = sslSocket.getSession();
            System.out.printf(" sslSession: %s %n   %s%n", sslSession, sslSession.getClass());
            SBListener sbListener = new SBListener(sslSession);

            sslSession.putValue("x", sbListener);

            sslSession.invalidate();

            sslSocket.close();

            sslOS = null;
            sslIS = null;
            sslSession = null;
            sslSocket = null;
            Reference.reachabilityFence(sslOS);
            Reference.reachabilityFence(sslIS);
            Reference.reachabilityFence(sslSession);
            Reference.reachabilityFence(sslSocket);

            return sbListener;
        } catch (Exception ex) {
            ex.printStackTrace();
            throw ex;
        }
    }
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:51,代码来源:SSLSessionFinalizeTest.java

示例9: verifyHostName

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
/**
    * Verifies that the given hostname in certicifate is the hostname we are trying to connect to
    * http://www.cvedetails.com/cve/CVE-2012-5783/
    * @param host
    * @param ssl
    * @throws IOException
    */
   
private static void verifyHostName(String host, SSLSocket ssl)
		throws IOException {
	if (host == null) {
		throw new IllegalArgumentException("host to verify was null");
	}

	SSLSession session = ssl.getSession();
	if (session == null) {
           // In our experience this only happens under IBM 1.4.x when
           // spurious (unrelated) certificates show up in the server's chain.
           // Hopefully this will unearth the real problem:
		InputStream in = ssl.getInputStream();
		in.available();
           /*
                If you're looking at the 2 lines of code above because you're
                running into a problem, you probably have two options:

                   #1.  Clean up the certificate chain that your server
                        is presenting (e.g. edit "/etc/apache2/server.crt" or
                        wherever it is your server's certificate chain is
                        defined).

                                            OR

                   #2.   Upgrade to an IBM 1.5.x or greater JVM, or switch to a
                         non-IBM JVM.
             */

           // If ssl.getInputStream().available() didn't cause an exception,
           // maybe at least now the session is available?
		session = ssl.getSession();
		if (session == null) {
               // If it's still null, probably a startHandshake() will
               // unearth the real problem.
			ssl.startHandshake();

               // Okay, if we still haven't managed to cause an exception,
               // might as well go for the NPE.  Or maybe we're okay now?
			session = ssl.getSession();
		}
	}

	Certificate[] certs = session.getPeerCertificates();
	verifyHostName(host.trim().toLowerCase(Locale.US),  (X509Certificate) certs[0]);
}
 
开发者ID:jenkinsci,项目名称:lib-commons-httpclient,代码行数:54,代码来源:SSLProtocolSocketFactory.java

示例10: verifyHostname

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
/**
 * Describe <code>verifyHostname</code> method here.
 *
 * @param socket a <code>SSLSocket</code> value
 * @exception SSLPeerUnverifiedException  If there are problems obtaining
 * the server certificates from the SSL session, or the server host name 
 * does not match with the "Common Name" in the server certificates 
 * SubjectDN.
 * @exception UnknownHostException  If we are not able to resolve
 * the SSL sessions returned server host name. 
 */
private void verifyHostname(SSLSocket socket) 
    throws SSLPeerUnverifiedException, UnknownHostException {
    if (! verifyHostname) 
        return;

    SSLSession session = socket.getSession();
    String hostname = session.getPeerHost();
    try {
        InetAddress addr = InetAddress.getByName(hostname);
    } catch (UnknownHostException uhe) {
        throw new UnknownHostException("Could not resolve SSL sessions "
                                       + "server hostname: " + hostname);
    }
    
    X509Certificate[] certs = session.getPeerCertificateChain();
    if (certs == null || certs.length == 0) 
        throw new SSLPeerUnverifiedException("No server certificates found!");
    
    //get the servers DN in its string representation
    String dn = certs[0].getSubjectDN().getName();

    //might be useful to print out all certificates we receive from the
    //server, in case one has to debug a problem with the installed certs.
    if (LOG.isDebugEnabled()) {
        LOG.debug("Server certificate chain:");
        for (int i = 0; i < certs.length; i++) {
            LOG.debug("X509Certificate[" + i + "]=" + certs[i]);
        }
    }
    //get the common name from the first cert
    String cn = getCN(dn);
    if (hostname.equalsIgnoreCase(cn)) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Target hostname valid: " + cn);
        }
    } else {
        throw new SSLPeerUnverifiedException(
            "HTTPS hostname invalid: expected '" + hostname + "', received '" + cn + "'");
    }
}
 
开发者ID:jenkinsci,项目名称:lib-commons-httpclient,代码行数:52,代码来源:StrictSSLProtocolSocketFactory.java

示例11: JSSESupport

import javax.net.ssl.SSLSocket; //导入方法依赖的package包/类
JSSESupport(SSLSocket sock) {
	ssl = sock;
	session = sock.getSession();
	sock.addHandshakeCompletedListener(listener);
}
 
开发者ID:how2j,项目名称:lazycat,代码行数:6,代码来源:JSSESupport.java


注:本文中的javax.net.ssl.SSLSocket.getSession方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。