Apache
/
httpcomponents-client
mirror of https://github.com/apache/httpcomponents-client.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Code clean; renamed some package private methods 

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1614354 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Oleg Kalnichevski 2014-07-29 13:56:10 +00:00
parent 770285d505
commit 2ad9a219de
3 changed files with 22 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
httpclient/src/main/java/org/apache/http/conn/ssl/AbstractBaseHostnameVerifier.java
View File

@ -37,6 +37,7 @@ import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocket;
import org.apache.http.annotation.Immutable; import org.apache.http.annotation.Immutable;
import org.apache.http.util.Args;
/** /**
* Abstract base class for all standard {@link org.apache.http.conn.ssl.X509HostnameVerifier} * Abstract base class for all standard {@link org.apache.http.conn.ssl.X509HostnameVerifier}
@ -52,10 +53,7 @@ public abstract class AbstractBaseHostnameVerifier implements X509HostnameVerifi
@Override @Override
public final void verify(final String host, final SSLSocket ssl) public final void verify(final String host, final SSLSocket ssl)
throws IOException { throws IOException {
if(host == null) { Args.notNull(host, "Host");
throw new NullPointerException("host to verify is null");
}
SSLSession session = ssl.getSession(); SSLSession session = ssl.getSession();
if(session == null) { if(session == null) {
// In our experience this only happens under IBM 1.4.x when // In our experience this only happens under IBM 1.4.x when

24
httpclient/src/main/java/org/apache/http/conn/ssl/AbstractCommonHostnameVerifier.java
View File

@ -54,7 +54,6 @@ import org.apache.http.annotation.Immutable;
import org.apache.http.conn.util.InetAddressUtils; import org.apache.http.conn.util.InetAddressUtils;
/** /**
/**
* Abstract base class for all standard {@link org.apache.http.conn.ssl.X509HostnameVerifier} * Abstract base class for all standard {@link org.apache.http.conn.ssl.X509HostnameVerifier}
* implementations that provides methods to extract Common Name (CN) and alternative subjects * implementations that provides methods to extract Common Name (CN) and alternative subjects
* (subjectAlt) from {@link java.security.cert.X509Certificate} being validated as well * (subjectAlt) from {@link java.security.cert.X509Certificate} being validated as well
@ -92,7 +91,7 @@ public abstract class AbstractCommonHostnameVerifier extends AbstractBaseHostnam
throws SSLException { throws SSLException {
final String subjectPrincipal = cert.getSubjectX500Principal().toString(); final String subjectPrincipal = cert.getSubjectX500Principal().toString();
final String[] cns = extractCNs(subjectPrincipal); final String[] cns = extractCNs(subjectPrincipal);
final String[] subjectAlts = getSubjectAlts(cert, host); final String[] subjectAlts = extractSubjectAlts(cert, host);
verify(host, cns, subjectAlts); verify(host, cns, subjectAlts);
} }
@ -233,8 +232,7 @@ public abstract class AbstractCommonHostnameVerifier extends AbstractBaseHostnam
* @param hostname * @param hostname
* @return Array of SubjectALT DNS or IP names stored in the certificate. * @return Array of SubjectALT DNS or IP names stored in the certificate.
*/ */
private static String[] getSubjectAlts( static String[] extractSubjectAlts(final X509Certificate cert, final String hostname) {
final X509Certificate cert, final String hostname) {
final int subjectType; final int subjectType;
if (isIPAddress(hostname)) { if (isIPAddress(hostname)) {
subjectType = 7; subjectType = 7;
@ -268,24 +266,6 @@ public abstract class AbstractCommonHostnameVerifier extends AbstractBaseHostnam
} }
} }
/**
* Extracts the array of SubjectAlt DNS names from an X509Certificate.
* Returns null if there aren't any.
* <p/>
* Note: Java doesn't appear able to extract international characters
* from the SubjectAlts. It can only extract international characters
* from the CN field.
* <p/>
* (Or maybe the version of OpenSSL I'm using to test isn't storing the
* international characters correctly in the SubjectAlts?).
*
* @param cert X509Certificate
* @return Array of SubjectALT DNS names stored in the certificate.
*/
public static String[] getDNSSubjectAlts(final X509Certificate cert) {
return getSubjectAlts(cert, null);
}
/** /**
* Counts the number of dots "." in a string. * Counts the number of dots "." in a string.
* @param s string to count dots from * @param s string to count dots from

18
httpclient/src/main/java/org/apache/http/conn/ssl/AbstractVerifier.java
View File

@ -52,4 +52,22 @@ public abstract class AbstractVerifier extends AbstractCommonHostnameVerifier {
} }
} }
/**
* Extracts the array of SubjectAlt DNS names from an X509Certificate.
* Returns null if there aren't any.
* <p/>
* Note: Java doesn't appear able to extract international characters
* from the SubjectAlts. It can only extract international characters
* from the CN field.
* <p/>
* (Or maybe the version of OpenSSL I'm using to test isn't storing the
* international characters correctly in the SubjectAlts?).
*
* @param cert X509Certificate
* @return Array of SubjectALT DNS names stored in the certificate.
*/
public static String[] getDNSSubjectAlts(final X509Certificate cert) {
return extractSubjectAlts(cert, null);
}
} }