Replaced LdapName with custom DN parser
git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1616137 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
95953f857e
commit
0bc123c992
|
@ -38,20 +38,15 @@ import java.util.Iterator;
|
||||||
import java.util.LinkedList;
|
import java.util.LinkedList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Locale;
|
import java.util.Locale;
|
||||||
import java.util.NoSuchElementException;
|
|
||||||
|
|
||||||
import javax.naming.InvalidNameException;
|
|
||||||
import javax.naming.NamingException;
|
|
||||||
import javax.naming.directory.Attribute;
|
|
||||||
import javax.naming.directory.Attributes;
|
|
||||||
import javax.naming.ldap.LdapName;
|
|
||||||
import javax.naming.ldap.Rdn;
|
|
||||||
import javax.net.ssl.SSLException;
|
import javax.net.ssl.SSLException;
|
||||||
|
|
||||||
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.Log;
|
||||||
import org.apache.commons.logging.LogFactory;
|
import org.apache.commons.logging.LogFactory;
|
||||||
|
import org.apache.http.NameValuePair;
|
||||||
import org.apache.http.annotation.Immutable;
|
import org.apache.http.annotation.Immutable;
|
||||||
import org.apache.http.conn.util.InetAddressUtils;
|
import org.apache.http.conn.util.InetAddressUtils;
|
||||||
|
import org.apache.http.util.TextUtils;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Abstract base class for all standard {@link org.apache.http.conn.ssl.X509HostnameVerifier}
|
* Abstract base class for all standard {@link org.apache.http.conn.ssl.X509HostnameVerifier}
|
||||||
|
@ -200,26 +195,17 @@ public abstract class AbstractCommonHostnameVerifier extends AbstractBaseHostnam
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
final List<String> cns = new ArrayList<String>();
|
final List<String> cns = new ArrayList<String>();
|
||||||
try {
|
final List<NameValuePair> nvps = DistinguishedNameParser.INSTANCE.parse(subjectPrincipal);
|
||||||
final LdapName subjectDN = new LdapName(subjectPrincipal);
|
for (int i = 0; i < nvps.size(); i++) {
|
||||||
final List<Rdn> rdns = subjectDN.getRdns();
|
final NameValuePair nvp = nvps.get(i);
|
||||||
for (int i = rdns.size() - 1; i >= 0; i--) {
|
final String attribName = nvp.getName();
|
||||||
final Rdn rds = rdns.get(i);
|
final String attribValue = nvp.getValue();
|
||||||
final Attributes attributes = rds.toAttributes();
|
if (TextUtils.isBlank(attribValue)) {
|
||||||
final Attribute cn = attributes.get("cn");
|
throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name");
|
||||||
if (cn != null) {
|
}
|
||||||
try {
|
if (attribName.equalsIgnoreCase("cn")) {
|
||||||
final Object value = cn.get();
|
cns.add(attribValue);
|
||||||
if (value != null) {
|
|
||||||
cns.add(value.toString());
|
|
||||||
}
|
|
||||||
} catch (NoSuchElementException ignore) {
|
|
||||||
} catch (NamingException ignore) {
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
} catch (InvalidNameException e) {
|
|
||||||
throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name");
|
|
||||||
}
|
}
|
||||||
return cns.isEmpty() ? null : cns.toArray(new String[ cns.size() ]);
|
return cns.isEmpty() ? null : cns.toArray(new String[ cns.size() ]);
|
||||||
}
|
}
|
||||||
|
|
|
@ -357,16 +357,20 @@ public class TestHostnameVerifier {
|
||||||
Assert.assertArrayEquals(new String[] {"blah, blah"}, AbstractCommonHostnameVerifier.extractCNs("cn=\"blah, blah\", ou=blah, o=blah"));
|
Assert.assertArrayEquals(new String[] {"blah, blah"}, AbstractCommonHostnameVerifier.extractCNs("cn=\"blah, blah\", ou=blah, o=blah"));
|
||||||
Assert.assertArrayEquals(new String[] {"blah, blah"}, AbstractCommonHostnameVerifier.extractCNs("cn=blah\\, blah, ou=blah, o=blah"));
|
Assert.assertArrayEquals(new String[] {"blah, blah"}, AbstractCommonHostnameVerifier.extractCNs("cn=blah\\, blah, ou=blah, o=blah"));
|
||||||
Assert.assertArrayEquals(new String[] {"blah"}, AbstractCommonHostnameVerifier.extractCNs("c = cn=uuh, cn=blah, ou=blah, o=blah"));
|
Assert.assertArrayEquals(new String[] {"blah"}, AbstractCommonHostnameVerifier.extractCNs("c = cn=uuh, cn=blah, ou=blah, o=blah"));
|
||||||
Assert.assertArrayEquals(new String[] {""}, AbstractCommonHostnameVerifier.extractCNs("cn= , ou=blah, o=blah"));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(expected = SSLException.class)
|
@Test(expected = SSLException.class)
|
||||||
public void testExtractCNInvalid1() throws Exception {
|
public void testExtractCNEmpty() throws Exception {
|
||||||
|
AbstractCommonHostnameVerifier.extractCNs("cn= , ou=blah, o=blah");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test(expected = SSLException.class)
|
||||||
|
public void testExtractCNMissing() throws Exception {
|
||||||
AbstractCommonHostnameVerifier.extractCNs("blah,blah");
|
AbstractCommonHostnameVerifier.extractCNs("blah,blah");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(expected = SSLException.class)
|
@Test(expected = SSLException.class)
|
||||||
public void testExtractCNInvalid2() throws Exception {
|
public void testExtractCNNull() throws Exception {
|
||||||
AbstractCommonHostnameVerifier.extractCNs("cn,o=blah");
|
AbstractCommonHostnameVerifier.extractCNs("cn,o=blah");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue