Code clean; renamed some package private methods

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1614354 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Oleg Kalnichevski 2014-07-29 13:56:10 +00:00
parent 770285d505
commit 2ad9a219de
3 changed files with 22 additions and 26 deletions

View File

@ -37,6 +37,7 @@ import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import org.apache.http.annotation.Immutable;
import org.apache.http.util.Args;
/**
* Abstract base class for all standard {@link org.apache.http.conn.ssl.X509HostnameVerifier}
@ -52,10 +53,7 @@ public abstract class AbstractBaseHostnameVerifier implements X509HostnameVerifi
@Override
public final void verify(final String host, final SSLSocket ssl)
throws IOException {
if(host == null) {
throw new NullPointerException("host to verify is null");
}
Args.notNull(host, "Host");
SSLSession session = ssl.getSession();
if(session == null) {
// In our experience this only happens under IBM 1.4.x when

View File

@ -54,7 +54,6 @@ import org.apache.http.annotation.Immutable;
import org.apache.http.conn.util.InetAddressUtils;
/**
/**
* Abstract base class for all standard {@link org.apache.http.conn.ssl.X509HostnameVerifier}
* implementations that provides methods to extract Common Name (CN) and alternative subjects
* (subjectAlt) from {@link java.security.cert.X509Certificate} being validated as well
@ -92,7 +91,7 @@ public abstract class AbstractCommonHostnameVerifier extends AbstractBaseHostnam
throws SSLException {
final String subjectPrincipal = cert.getSubjectX500Principal().toString();
final String[] cns = extractCNs(subjectPrincipal);
final String[] subjectAlts = getSubjectAlts(cert, host);
final String[] subjectAlts = extractSubjectAlts(cert, host);
verify(host, cns, subjectAlts);
}
@ -233,8 +232,7 @@ public abstract class AbstractCommonHostnameVerifier extends AbstractBaseHostnam
* @param hostname
* @return Array of SubjectALT DNS or IP names stored in the certificate.
*/
private static String[] getSubjectAlts(
final X509Certificate cert, final String hostname) {
static String[] extractSubjectAlts(final X509Certificate cert, final String hostname) {
final int subjectType;
if (isIPAddress(hostname)) {
subjectType = 7;
@ -268,24 +266,6 @@ public abstract class AbstractCommonHostnameVerifier extends AbstractBaseHostnam
}
}
/**
* Extracts the array of SubjectAlt DNS names from an X509Certificate.
* Returns null if there aren't any.
* <p/>
* Note: Java doesn't appear able to extract international characters
* from the SubjectAlts. It can only extract international characters
* from the CN field.
* <p/>
* (Or maybe the version of OpenSSL I'm using to test isn't storing the
* international characters correctly in the SubjectAlts?).
*
* @param cert X509Certificate
* @return Array of SubjectALT DNS names stored in the certificate.
*/
public static String[] getDNSSubjectAlts(final X509Certificate cert) {
return getSubjectAlts(cert, null);
}
/**
* Counts the number of dots "." in a string.
* @param s string to count dots from

View File

@ -52,4 +52,22 @@ public abstract class AbstractVerifier extends AbstractCommonHostnameVerifier {
}
}
/**
* Extracts the array of SubjectAlt DNS names from an X509Certificate.
* Returns null if there aren't any.
* <p/>
* Note: Java doesn't appear able to extract international characters
* from the SubjectAlts. It can only extract international characters
* from the CN field.
* <p/>
* (Or maybe the version of OpenSSL I'm using to test isn't storing the
* international characters correctly in the SubjectAlts?).
*
* @param cert X509Certificate
* @return Array of SubjectALT DNS names stored in the certificate.
*/
public static String[] getDNSSubjectAlts(final X509Certificate cert) {
return extractSubjectAlts(cert, null);
}
}