public void afterConnect() throws IOException, UnknownHostException { if (!isCachedConnection()) { SSLSocket s = null; SSLSocketFactory factory; factory = sslSocketFactory; try { if (!(serverSocket instanceof SSLSocket)) { s = (SSLSocket) factory.createSocket(serverSocket, host, port, true); } else { s = (SSLSocket) serverSocket; } } catch (IOException ex) { // If we fail to connect through the tunnel, try it // locally, as a last resort. If this doesn't work, // throw the original exception. try { s = (SSLSocket) factory.createSocket(host, port); } catch (IOException ignored) { throw ex; } } SSLSocketFactoryImpl.checkCreate(s); // // Force handshaking, so that we get any authentication. // Register a handshake callback so our session state tracks any // later session renegotiations. // String[] protocols = getProtocols(); String[] ciphers = getCipherSuites(); if (protocols != null) s.setEnabledProtocols(protocols); if (ciphers != null) s.setEnabledCipherSuites(ciphers); s.addHandshakeCompletedListener(this); s.startHandshake(); session = s.getSession(); // change the serverSocket and serverOutput serverSocket = s; try { serverOutput = new PrintStream( new BufferedOutputStream(serverSocket.getOutputStream()), false, encoding); } catch (UnsupportedEncodingException e) { throw new InternalError(encoding + " encoding not found"); } // check URL spoofing checkURLSpoofing(hv); } else { // if we are reusing a cached https session, // we don't need to do handshaking etc. But we do need to // set the ssl session session = ((SSLSocket) serverSocket).getSession(); } }
/** * SSL/TLS negotiation. Acquires an SSL socket of a connection and carries out handshake * processing. * * @throws java.io.IOException If server negotiation fails. */ private void performSSLNegotiation() throws IOException { initSSLContext(); SSLSocketFactory ssf = context.getSocketFactory(); String ip = getRemoteAddress().getHostAddress(); int port = getRemotePort(); SSLSocket socket = (SSLSocket) ssf.createSocket(_socket_, ip, port, true); socket.setEnableSessionCreation(true); socket.setUseClientMode(true); if (protocols != null) { socket.setEnabledProtocols(protocols); } if (suites != null) { socket.setEnabledCipherSuites(suites); } socket.startHandshake(); _socket_ = socket; _input_ = socket.getInputStream(); _output_ = socket.getOutputStream(); _reader = new CRLFLineReader(new InputStreamReader(_input_, encoding)); _writer = new BufferedWriter(new OutputStreamWriter(_output_, encoding)); }