public SunSSLTransportFactory(Properties properties) throws GeneralSecurityException {
X509TrustManager trustManager;
HostnameVerifier hostnameVerifier;
SSLContext sslContext;
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
url = (URL) properties.get(XmlRpcTransportFactory.TRANSPORT_URL);
auth = properties.getProperty(XmlRpcTransportFactory.TRANSPORT_AUTH);
trustManager = (X509TrustManager) properties.get(TRANSPORT_TRUSTMANAGER);
if (trustManager == null) {
trustManager = openTrustManager;
}
hostnameVerifier = (HostnameVerifier) properties.get(TRANSPORT_HOSTNAMEVERIFIER);
if (hostnameVerifier == null) {
hostnameVerifier = openHostnameVerifier;
}
sslContext = SSLContext.getInstance(SecurityTool.getSecurityProtocol());
X509TrustManager[] tmArray = new X509TrustManager[] {trustManager};
sslContext.init(null, tmArray, new SecureRandom());
// Set the default SocketFactory and HostnameVerifier
// for javax.net.ssl.HttpsURLConnection
if (sslContext != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
}
HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
}
public static void main(String[] args) throws Exception {
System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
/**
* This test does not establish any connection to the specified URL, hence a dummy URL is used.
*/
URL foobar = new URL("https://example.com/");
HttpsURLConnection urlc = (HttpsURLConnection) foobar.openConnection();
try {
urlc.getCipherSuite();
} catch (IllegalStateException e) {
System.out.print("Caught proper exception: ");
System.out.println(e.getMessage());
}
try {
urlc.getServerCertificateChain();
} catch (IllegalStateException e) {
System.out.print("Caught proper exception: ");
System.out.println(e.getMessage());
}
try {
urlc.setDefaultHostnameVerifier(null);
} catch (IllegalArgumentException e) {
System.out.print("Caught proper exception: ");
System.out.println(e.getMessage());
}
try {
urlc.setHostnameVerifier(null);
} catch (IllegalArgumentException e) {
System.out.print("Caught proper exception: ");
System.out.println(e.getMessage());
}
try {
urlc.setDefaultSSLSocketFactory(null);
} catch (IllegalArgumentException e) {
System.out.print("Caught proper exception: ");
System.out.println(e.getMessage());
}
try {
urlc.setSSLSocketFactory(null);
} catch (IllegalArgumentException e) {
System.out.print("Caught proper exception");
System.out.println(e.getMessage());
}
System.out.println("TESTS PASSED");
}
/**
* Set the default X509 Trust Manager to an instance of a fake class that trust all certificates,
* even the self-signed ones. This method uses the old deprecated API from the <code>com.sun.ssl
* </code> package.
*
* @deprecated see {@link #_trustAllHttpsCertificates()}.
*/
private static void __trustAllHttpsCertificates() {
com.sun.net.ssl.SSLContext context;
// Create a trust manager that does not validate certificate chains
if (__trustManagers == null) {
__trustManagers = new com.sun.net.ssl.TrustManager[] {new _FakeX509TrustManager()};
} // if
// Install the all-trusting trust manager
try {
context = com.sun.net.ssl.SSLContext.getInstance("SSL");
context.init(null, __trustManagers, new SecureRandom());
} catch (GeneralSecurityException gse) {
throw new IllegalStateException(gse.getMessage());
} // catch
com.sun.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
} // __trustAllHttpsCertificates