Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
Copyright (c) 2003, 2007 s IT Solutions AT Spardat GmbH . All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse Public License v1.0 which accompanies this distribution, and is available at http://www.eclipse.org/legal/epl-v10.html Contributors: s IT Solutions AT Spardat GmbH - initial API and implementation /
 
 
 /*
  * @(#) $Id: HostnameVerifierImpl.java 2084 2007-11-27 14:53:31Z s3460 $
  */
 package at.spardat.xma.boot.transport;
 
 import java.util.List;
 
 
This class checks if the common name contained in a server certificate is appropriate for the desired https server. It can be attached to an HttpsUrlConnection by calling javax.net.ssl.HttpsURLConnection.setHostnameVerifier(javax.net.ssl.HostnameVerifier) Then it will be called by the JDK1.4 JSSE HTTPS implementation if the name contained in the certificate does not exactly match the hostname part of the url.

Author(s):
s2877
Since:
1.3.0
 
 public class HostnameVerifierImpl implements HostnameVerifier {
     private List ignoredHostNames = new ArrayList();

    
Constructs the hostname verifier. The property "boot.transport.hostnameverify.ignore" contains the list of hosts for which every certificate name is accepted. This list is seperated by '|' or ';' and every entry may contain one wildcard character ('*').

Parameters:
props the Properties object containting the mentioned property.
 
     public HostnameVerifierImpl(Properties props) {
         String ignors = props.getProperty(.);
         if(ignors!=null) {
             ignors = ignors.replace(';','|');
             for(StringTokenizer tok=new StringTokenizer(ignors,"|");tok.hasMoreTokens();) {
                 String hostname = tok.nextToken();
                 int wild = hostname.indexOf('*');
                 if(wild>=0&&wild!=hostname.lastIndexOf('*')) {// not understood
                     Logger.getLogger("boot.transport.http").log(.,"pattern not understood: "+hostname); //$NON-NLS-1$
                     continue;
                 }
                 .add(hostname);
             }
         }
     }

    
Checks if the given hostname accepted. If it is contained in the list given in the property "boot.transport.hostnameverify.ignore" it is accepted. This method is called by JDK1.4 JSSE HTTPS implementation only if the name contained in the certificate does not exactly match the hostname part of the url.

Parameters:
hostname DNS-name or IP-address of the SSL-server
session ignored
Returns:
true if accepted false otherwise
 
     public boolean verify(String hostnameSSLSession session) {
         if(match(hostname)) return true;
         try {
             InetAddress[] ip = InetAddress.getAllByName(hostname);
             for(int i=0;i<ip.length;i++) {
                 if(match(ip[i].getHostAddress())) return true;
             }
         } catch (UnknownHostException e) {
             Logger.getLogger("boot.transport.http").log(.,"can not resolve hostname: "+hostname); //$NON-NLS-1$
         }
         return false;
     }

    
Does the actual match of the hostname to each entry of the ignored list. Every entry may contain zero or one wildcard character ('*') at any place.

Parameters:
hostname to match
Returns:
true if at least one entry matches
 
     private boolean match(String hostname) {
         for(Iterator it=.iterator();it.hasNext();) {
             String ignored = (String)it.next();
             int wild = ignored.indexOf('*');
            if(wild<0) {
                if(hostname.equals(ignored)) return true;
            } else if(wild==0) {
                if(hostname.endsWith(ignored.substring(wild+1,ignored.length()))) return true;
            } else if(wild>0&&wild<ignored.length()-1) {
                if(hostname.startsWith(ignored.substring(0,wild))&&hostname.endsWith(ignored.substring(wild+1,ignored.length()))) return true;
            } else {
                if(hostname.startsWith(ignored.substring(0,wild))) return true;
            }
        }
        return false;
    }
New to GrepCode? Check out our FAQ X