/**
* Create a new BeeswaxServiceImpl.
*
* @param dtHost The Hue host (ip or hostname).
* @param dtPort The port Desktop runs on.
* @param dtHttps Whether Desktop is running https.
*/
public BeeswaxServiceImpl(String dtHost, int dtPort, boolean dtHttps) {
LogContext.initLogCapture();
this.executor = Executors.newCachedThreadPool(new NamingThreadFactory("Beeswax-%d"));
this.runningQueries = new ConcurrentHashMap<String, RunningQueryState>();
String protocol;
if (dtHttps) {
protocol = "https";
try {
// Disable SSL verification. HUE cert may be signed by untrusted CA.
SSLContext sslcontext = SSLContext.getInstance("SSL");
sslcontext.init(
null, new DummyX509TrustManager[] {new DummyX509TrustManager()}, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sslcontext.getSocketFactory());
} catch (NoSuchAlgorithmException ex) {
LOG.warn("Failed to disable SSL certificate check " + ex);
} catch (KeyManagementException ex) {
LOG.warn("Failed to disable SSL certificate check " + ex);
}
DummyHostnameVerifier dummy = new DummyHostnameVerifier();
HttpsURLConnection.setDefaultHostnameVerifier(dummy);
} else {
protocol = "http";
}
this.notifyUrl = protocol + "://" + dtHost + ":" + dtPort + NOTIFY_URL_BASE;
// A daemon thread that periodically evict stale RunningQueryState objects
Thread evicter =
new Thread(
new Runnable() {
@Override
public void run() {
while (true) {
long now = System.currentTimeMillis();
for (Map.Entry<String, RunningQueryState> entry : runningQueries.entrySet()) {
RunningQueryState rqState = entry.getValue();
if (rqState.getAtime() + RUNNING_QUERY_LIFETIME < now) {
String id = entry.getKey();
runningQueries.remove(id);
LOG.debug("Removed " + rqState.toString());
Thread.yield(); // be nice
}
}
LogContext.garbageCollect(RUNNING_QUERY_LIFETIME);
long wakeup = now + EVICTION_INTERVAL;
while (System.currentTimeMillis() < wakeup) {
try {
Thread.sleep(EVICTION_INTERVAL);
} catch (InterruptedException e) {
}
}
}
}
},
"Evicter");
evicter.setDaemon(true);
evicter.start();
}
@Override
public HttpDownloadResult postUrlUnsecure(
final URL url,
final Integer timeOut,
final Map<String, String> data,
final HttpHeader httpHeader)
throws HttpDownloaderException {
final TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManagerAllowAll()};
final SSLSocketFactory orgSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
final HostnameVerifier orgHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
try {
final SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
final HostnameVerifier hv = new HostnameVerifierAllowAll();
HttpsURLConnection.setDefaultHostnameVerifier(hv);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
return postUrlSecure(url, timeOut, data, httpHeader);
} catch (final NoSuchAlgorithmException e) {
logger.error("NoSuchAlgorithmException", e);
throw new HttpDownloaderException("NoSuchAlgorithmException", e);
} catch (final KeyManagementException e) {
logger.error("KeyManagementException", e);
throw new HttpDownloaderException("KeyManagementException", e);
} finally {
HttpsURLConnection.setDefaultHostnameVerifier(orgHostnameVerifier);
HttpsURLConnection.setDefaultSSLSocketFactory(orgSSLSocketFactory);
}
}
/*
* Define the client side of the test.
*
* If the server prematurely exits, serverReady will be set to true
* to avoid infinite hangs.
*/
void doClientSide() throws Exception {
/*
* Wait for server to get started.
*/
while (!serverReady) {
Thread.sleep(50);
}
// Send HTTP POST request to server
URL url = new URL("https://localhost:" + serverPort);
HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier());
HttpsURLConnection http = (HttpsURLConnection) url.openConnection();
http.setDoOutput(true);
http.setRequestMethod("POST");
PrintStream ps = new PrintStream(http.getOutputStream());
try {
ps.println(postMsg);
ps.flush();
if (http.getResponseCode() != 200) {
throw new RuntimeException("test Failed");
}
} finally {
ps.close();
http.disconnect();
closeReady = true;
}
}
/** 信任所有请求站点 */
private void trustAllHttpsCertificates() {
try {
javax.net.ssl.X509TrustManager tm =
new javax.net.ssl.X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {}
};
// Create a trust manager that does not validate certificate chains:
javax.net.ssl.TrustManager[] trustAllCerts = {tm};
javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, null);
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
javax.net.ssl.HostnameVerifier hv =
new javax.net.ssl.HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
} catch (Exception ex) {
ex.printStackTrace();
}
}
protected void trustAllHosts() throws NoSuchAlgorithmException, KeyManagementException{
TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager()
{
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[] {};
}
public void checkClientTrusted(X509Certificate[] chain,String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain,String authType) throws CertificateException {
}
}
};
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSession) {
return true;
}
});
}
private HttpUtils(Context context) {
// private constructor to prevent instantiation
this.context = context;
try {
// get version number to be set as part of user agent string
version = context.getPackageManager().getPackageInfo(context.getPackageName(), 0).versionName;
} catch (NameNotFoundException e) {
}
if (Utils.DEV_ENV) {
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
try {
TrustManager[] trustManagers = new X509TrustManager[1];
trustManagers[0] = new TrustAllManager();
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustManagers, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
} catch (Exception ex) {
}
}
enableHttpResponseCache();
}
private static void setURLConnectionTrust() {
try {
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
SSLContext context = SSLContext.getInstance("TLS");
context.init(
null,
new X509TrustManager[] {
new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {}
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
// return null;
}
}
},
new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
} catch (Exception e) { // should never happen
Log.e("httpmon", "error setting up SSL trust", e);
}
}
/**
* HttpUrlConnection支持所有Https免验证,不建议使用
*
* @throws KeyManagementException
* @throws NoSuchAlgorithmException
* @throws IOException
*/
public void initSSLALL() throws KeyManagementException, NoSuchAlgorithmException, IOException {
URL url = new URL("https://trade3.guosen.com.cn/mtrade/check_version");
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, new TrustManager[] {new TrustAllManager()}, null);
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
connection.setDoInput(true);
connection.setDoOutput(false);
connection.setRequestMethod("GET");
connection.connect();
InputStream in = connection.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(in));
String line = "";
StringBuffer result = new StringBuffer();
while ((line = reader.readLine()) != null) {
result.append(line);
}
String reString = result.toString();
Log.i("TTTT", reString);
}
public static void trustAllHttpsURLConnection() {
// Create a trust manager that does not validate certificate chains
if (sslSocketFactory == null) {
TrustManager[] trustAllCerts =
new TrustManager[] {
new X509TrustManager() {
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
}
};
try {
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, null);
sslSocketFactory = sslContext.getSocketFactory();
} catch (Throwable e) {
Log.e("trustAllHttpsURLConnection", e.getMessage(), e);
}
}
if (sslSocketFactory != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory);
HttpsURLConnection.setDefaultHostnameVerifier(
org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
}
}
@BeforeClass
public static void beforeClass() throws Exception {
TrustManager[] trustAllCerts =
new TrustManager[] {
new X509TrustManager() {
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
}
};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier allHostsValid =
new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
}
{
TrustManager[] trustAllCerts =
new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
}
};
SSLContext sc = null;
try {
sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
} catch (KeyManagementException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier allHostsValid =
new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
}
public HttpsClient() {
String trustStore = System.getProperty("javax.net.ssl.trustStore");
// 抑制证书域名与实际域名不匹配的警告
HostnameVerifier hv =
new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
System.out.println(
"Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
String nonce = String.valueOf(Math.random() * 1000000);
String timestamp = String.valueOf(System.currentTimeMillis() / 1000);
StringBuilder toSign = new StringBuilder(appSecret).append(nonce).append(timestamp);
String sign = CodeUtil.hexSHA1(toSign.toString());
// 初始化请求参数
reqProperty = new HashMap<String, String>();
reqProperty.put("Content-Type", "text/xml");
reqProperty.put(APPKEY, appKey);
reqProperty.put(NONCE, nonce);
reqProperty.put(TIMESTAMP, timestamp);
reqProperty.put(SIGNATURE, sign);
reqProperty.put("Content-Type", "application/x-www-form-urlencoded");
}
/**
* Establishes session with the virtual center server.
*
* @throws Exception the exception
*/
private static void connect() throws Exception {
HostnameVerifier hv =
new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
return true;
}
};
trustAllHttpsCertificates();
HttpsURLConnection.setDefaultHostnameVerifier(hv);
SVC_INST_REF.setType(SVC_INST_NAME);
SVC_INST_REF.setValue(SVC_INST_NAME);
vimService = new VimService();
vimPort = vimService.getVimPort();
Map<String, Object> ctxt = ((BindingProvider) vimPort).getRequestContext();
ctxt.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, url);
ctxt.put(BindingProvider.SESSION_MAINTAIN_PROPERTY, true);
serviceContent = vimPort.retrieveServiceContent(SVC_INST_REF);
vimPort.login(serviceContent.getSessionManager(), userName, password, null);
isConnected = true;
propCollectorRef = serviceContent.getPropertyCollector();
rootRef = serviceContent.getRootFolder();
perfManager = serviceContent.getPerfManager();
}
/**
* Bypass certificate checking
*
* @throws Exception
*/
private static void trustHttpsCertificates() throws Exception {
Class<?> sslProvider = null;
boolean goodProvider = true;
try {
sslProvider = Class.forName("com.sun.net.ssl.internal.ssl.Provider"); // $NON-NLS-1$
} catch (ClassNotFoundException e) {
goodProvider = false;
}
if (!goodProvider) {
sslProvider = Class.forName("com.ibm.jsse.IBMJSSEProvider"); // $NON-NLS-1$
}
Security.addProvider(
(Provider)
sslProvider
.newInstance()); // new
// com.ibm.jsse.IBMJSSEProvider());//com.sun.net.ssl.internal.ssl.Provider());
// Create a trust manager that does not validate certificate chains:
TrustManager[] trustAllCerts =
new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] chain, String authType)
throws java.security.cert.CertificateException {}
public void checkServerTrusted(
java.security.cert.X509Certificate[] chain, String authType)
throws java.security.cert.CertificateException {}
}
};
// Install the all-trusting trust manager:
SSLContext sc = SSLContext.getInstance("SSL"); // $NON-NLS-1$
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// avoid "HTTPS hostname wrong: should be <myhostname>" exception:
HostnameVerifier hv =
new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
if (!urlHostName.equalsIgnoreCase(session.getPeerHost())) {
System.out.println(
Messages.TAUPortalUploadDialog_WarningURLHost
+ urlHostName
+ Messages.TAUPortalUploadDialog_IsDifferent
+ session.getPeerHost()
+ "'."); //$NON-NLS-3$
}
return true; // also accept different hostname (e.g. domain name instead of IP address)
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
private void untrustEveryone() {
if (defaultVerifier != null) {
HttpsURLConnection.setDefaultHostnameVerifier(defaultVerifier);
}
if (defaultSSLSocketFactory != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(defaultSSLSocketFactory);
}
}
/** Set the default Hostname Verifier to an instance of a fake class that trust all hostnames. */
private static void _trustAllHostnames() {
// Create a trust manager that does not validate certificate chains
if (_hostnameVerifier == null) {
_hostnameVerifier = new FakeHostnameVerifier();
} // if
// Install the all-trusting host name verifier:
HttpsURLConnection.setDefaultHostnameVerifier(_hostnameVerifier);
} // _trustAllHttpsCertificates
public void pullSimulcastSSLCertChain() throws Exception {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(
null,
new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {
try {
PKCS7 pkcs =
new PKCS7(
new AlgorithmId[0],
new ContentInfo(ContentInfo.DATA_OID, null),
certs,
new SignerInfo[0]);
Path store = Paths.get("manheim.p7b");
OutputStream out =
Files.newOutputStream(
store, StandardOpenOption.CREATE_NEW, StandardOpenOption.WRITE);
pkcs.encodeSignedData(out);
out.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
},
null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
// HTTPS instead of raw SSL, so that -Dhttps.proxyHost and
// -Dhttps.proxyPort can be used. Since we only go through
// the handshake process, an HTTPS server is not needed.
// This program should be able to deal with any SSL-based
// network service.
Exception ex = null;
try {
new URL("https://www.manheim.com").openConnection().connect();
} catch (Exception e) {
ex = e;
}
}
private void setDefaultHostnameVerifier() {
//
HostnameVerifier hv =
new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
private SSLContext initCertificate() throws Exception {
// 设置SSLContext
SSLContext sslcontext = SSLContext.getInstance("TLS");
X509TrustManager[] xtmArray = new X509TrustManager[] {new HttpsX509TrustManager()};
sslcontext.init(null, xtmArray, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sslcontext.getSocketFactory());
// 设置验证方式
HttpsURLConnection.setDefaultHostnameVerifier(new HttpsHostnameVerifier());
return sslcontext;
}
/**
* 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
*
* @throws Exception
*/
public static void ignoreSsl() throws Exception {
HostnameVerifier hv =
new HostnameVerifier() {
public boolean verify(String urlHostName, SSLSession session) {
System.out.println(
"Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());
return true;
}
};
trustAllHttpsCertificates();
HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
public static void allowAllSSL() {
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
// TODO Auto-generated method stub
return true;
}
});
HttpsURLConnection.setDefaultSSLSocketFactory(getSSLSocketFactory());
}
public LiteHttp(Context context) {
mContext = context;
httpManagerImpl = HttpManagerImpl.registerInstance();
taskController = TaskControllerImpl.registerInstance();
// 默认信任所有https域名
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
}
static {
SSLContext sslContext = null;
try {
sslContext = SSLContext.getInstance("TLS");
X509TrustManager[] xtmArray = new X509TrustManager[] {xtm};
sslContext.init(null, xtmArray, new java.security.SecureRandom());
} catch (GeneralSecurityException gse) {
}
if (sslContext != null)
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
}
static {
// for localhost testing only
javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(
new javax.net.ssl.HostnameVerifier() {
@Override
public boolean verify(final String hostname, final javax.net.ssl.SSLSession sslSession) {
if (hostname.equals("localhost")) {
return true;
}
return false;
}
});
}
/**
* Spawns a new thread connecting to the specified URL. The result of the request is displayed on
* the screen.
*
* @param urlString a HTTPS URL to connect to.
*/
void connect(final String urlString) {
// register the right hostname verifier
if (verifyhost.isChecked()) {
HttpsURLConnection.setDefaultHostnameVerifier(defaultverifier);
} else {
HttpsURLConnection.setDefaultHostnameVerifier(
new org.apache.http.conn.ssl.AllowAllHostnameVerifier());
}
new Thread() {
public void run() {
try {
URL u = new URL(urlString);
HttpsURLConnection c = (HttpsURLConnection) u.openConnection();
c.connect();
setText("" + c.getResponseCode() + " " + c.getResponseMessage(), false);
c.disconnect();
} catch (Exception e) {
setText(e.toString(), false);
e.printStackTrace();
}
}
}.start();
}
/** Creates a new URL to use as the basis of a connection. */
public MsgRpcImpl(
String username, String password, String host, int port, boolean ssl, boolean debugf)
throws MalformedURLException {
if (ssl) { // Install the all-trusting trust manager & HostnameVerifier
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(
null,
new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType) {}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType) {}
}
},
new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
public boolean verify(String string, SSLSession ssls) {
return true;
}
});
} catch (Exception e) {
}
u = new URL("https", host, port, "/api/1.0/");
} else {
u = new URL("http", host, port, "/api/1.0/");
}
/* login to msf server */
Object[] params = new Object[] {username, password};
Map results = exec("auth.login", params);
/* save the temp token (lasts for 5 minutes of inactivity) */
rpcToken = results.get("token").toString();
/* generate a non-expiring token and use that */
params = new Object[] {rpcToken};
results = exec("auth.token_generate", params);
rpcToken = results.get("token").toString();
}
/** {@inheritDoc} */
@Override
protected final void setUp() throws Exception {
// Disable SSL hostname verifier.
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
@Override
public boolean verify(String s, SSLSession sslSes) {
return true;
}
});
getTestCounters().incrementStarted();
super.setUp();
}
private static void disableSSLCertCheck()
throws NoSuchAlgorithmException, KeyManagementException {
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts =
new TrustManager[] {
new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] chain, String authType)
throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] chain, String authType)
throws CertificateException {
// TODO Auto-generated method stub
}
}
};
// Install the all-trusting trust manager
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// Create all-trusting host name verifier
HostnameVerifier allHostsValid =
new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
// Install the all-trusting host verifier
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
}
// Static block code allowing all SSL connections bypassing the certificates verification
// See https://developer.android.com/training/articles/security-ssl.html to check the real
// certificates
static {
// Default cookie manager
CookieManager cookieManager = new CookieManager();
CookieHandler.setDefault(cookieManager);
// Trust all SSL certificates
TrustManager[] trustAllCerts =
new TrustManager[] {
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
X509Certificate[] myTrustedAnchors = new X509Certificate[0];
return myTrustedAnchors;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
}
};
SSLContext sc = null;
try {
sc = SSLContext.getInstance("SSL");
if (sc != null) {
sc.init(null, trustAllCerts, new SecureRandom());
}
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
if (sc != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(
new HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
});
}
}
static {
File file = PropertiesUtil.findConfigFile("environment.properties");
if (file == null) {
s_logger.debug("Unable to find environment.properties");
} else {
FileInputStream finputstream;
try {
finputstream = new FileInputStream(file);
final Properties props = new Properties();
props.load(finputstream);
finputstream.close();
String search = props.getProperty("manage.xenserver.pool.master");
if (search != null) {
s_managePool = Boolean.parseBoolean(search);
}
search = props.getProperty("sleep.interval.on.error");
if (search != null) {
s_sleepOnError = NumbersUtil.parseInterval(search, 10) * 1000;
}
s_logger.info(
"XenServer Connection Pool Configs: manage.xenserver.pool.master="
+ s_managePool
+ "; sleep.interval.on.error="
+ s_sleepOnError);
} catch (FileNotFoundException e) {
s_logger.debug("File is not found", e);
} catch (IOException e) {
s_logger.debug("IO Exception while reading file", e);
}
}
try {
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new TrustAllManager();
trustAllCerts[0] = tm;
javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, null);
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HostnameVerifier hv =
new HostnameVerifier() {
@Override
public boolean verify(String hostName, SSLSession session) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(hv);
} catch (Exception e) {
}
}
