src/com/owncloud/android/authenticator/EasySSLSocketFactory.java

   1 /*
   2  * $HeadURL$
   3  * $Revision$
   4  * $Date$
   5  *
   6  * ====================================================================
   7  *
   8  *  Licensed to the Apache Software Foundation (ASF) under one or more
   9  *  contributor license agreements.  See the NOTICE file distributed with
  10  *  this work for additional information regarding copyright ownership.
  11  *  The ASF licenses this file to You under the Apache License, Version 2.0
  12  *  (the "License"); you may not use this file except in compliance with
  13  *  the License.  You may obtain a copy of the License at
  14  *
  15  *      http://www.apache.org/licenses/LICENSE-2.0
  16  *
  17  *  Unless required by applicable law or agreed to in writing, software
  18  *  distributed under the License is distributed on an "AS IS" BASIS,
  19  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20  *  See the License for the specific language governing permissions and
  21  *  limitations under the License.
  22  * ====================================================================
  23  *
  24  * This software consists of voluntary contributions made by many
  25  * individuals on behalf of the Apache Software Foundation.  For more
  26  * information on the Apache Software Foundation, please see
  27  * <http://www.apache.org/>.
  28  *
  29  */
  30
  31 package com.owncloud.android.authenticator;
  32
  33 import java.io.IOException;
  34 import java.net.InetAddress;
  35 import java.net.InetSocketAddress;
  36 import java.net.Socket;
  37 import java.net.SocketAddress;
  38 import java.net.UnknownHostException;
  39
  40 import javax.net.SocketFactory;
  41 import javax.net.ssl.SSLContext;
  42 import javax.net.ssl.TrustManager;
  43
  44 import org.apache.commons.httpclient.ConnectTimeoutException;
  45 import org.apache.commons.httpclient.HttpClientError;
  46 import org.apache.commons.httpclient.params.HttpConnectionParams;
  47 import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
  48 import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
  49
  50 import android.util.Log;
  51
  52 /**
  53  * <p>
  54  * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s that
  55  * accept self-signed certificates.
  56  * </p>
  57  * <p>
  58  * This socket factory SHOULD NOT be used for productive systems due to security
  59  * reasons, unless it is a concious decision and you are perfectly aware of
  60  * security implications of accepting self-signed certificates
  61  * </p>
  62  *
  63  * <p>
  64  * Example of using custom protocol socket factory for a specific host:
  65  *
  66  * <pre>
  67  * Protocol easyhttps = new Protocol(&quot;https&quot;, new EasySSLProtocolSocketFactory(),
  68  *         443);
  69  *
  70  * URI uri = new URI(&quot;https://localhost/&quot;, true);
  71  * // use relative url only
  72  * GetMethod httpget = new GetMethod(uri.getPathQuery());
  73  * HostConfiguration hc = new HostConfiguration();
  74  * hc.setHost(uri.getHost(), uri.getPort(), easyhttps);
  75  * HttpClient client = new HttpClient();
  76  * client.executeMethod(hc, httpget);
  77  * </pre>
  78  *
  79  * </p>
  80  * <p>
  81  * Example of using custom protocol socket factory per default instead of the
  82  * standard one:
  83  *
  84  * <pre>
  85  * Protocol easyhttps = new Protocol(&quot;https&quot;, new EasySSLProtocolSocketFactory(),
  86  *         443);
  87  * Protocol.registerProtocol(&quot;https&quot;, easyhttps);
  88  *
  89  * HttpClient client = new HttpClient();
  90  * GetMethod httpget = new GetMethod(&quot;https://localhost/&quot;);
  91  * client.executeMethod(httpget);
  92  * </pre>
  93  *
  94  * </p>
  95  *
  96  * @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a>
  97  *
  98  *         <p>
  99  *         DISCLAIMER: HttpClient developers DO NOT actively support this
 100  *         component. The component is provided as a reference material, which
 101  *         may be inappropriate for use without additional customization.
 102  *         </p>
 103  */
 104
 105 public class EasySSLSocketFactory implements ProtocolSocketFactory {
 106
 107     private static final String TAG = "EasySSLSocketFactory";
 108     private SSLContext sslcontext = null;
 109
 110     /**
 111      * Constructor for EasySSLProtocolSocketFactory.
 112      */
 113     public EasySSLSocketFactory() {
 114         super();
 115     }
 116
 117     private static SSLContext createEasySSLContext() {
 118         Log.d(TAG, "Creating Easy SSL Context");
 119         try {
 120             SSLContext context = SSLContext.getInstance("TLS");
 121             context.init(null, new TrustManager[] { new EasyX509TrustManager(
 122                     null) }, null);
 123             return context;
 124         } catch (Exception er) {
 125             Log.e(TAG, er.getMessage() + "");
 126             throw new HttpClientError(er.toString());
 127         }
 128     }
 129
 130     private SSLContext getSSLContext() {
 131         Log.d(TAG, "Getting Easy SSL Context");
 132         if (this.sslcontext == null) {
 133             this.sslcontext = createEasySSLContext();
 134         }
 135         return this.sslcontext;
 136     }
 137
 138     /**
 139      * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int)
 140      */
 141     public Socket createSocket(String host, int port, InetAddress clientHost,
 142             int clientPort) throws IOException, UnknownHostException {
 143         Log.d(TAG, "Creating SSL Socket with remote " + host + ":" + port + ", client " + clientHost + ":" + clientPort);
 144
 145         return getSSLContext().getSocketFactory().createSocket(host, port,
 146                 clientHost, clientPort);
 147     }
 148
 149     /**
 150      * Attempts to get a new socket connection to the given host within the
 151      * given time limit.
 152      * <p>
 153      * To circumvent the limitations of older JREs that do not support connect
 154      * timeout a controller thread is executed. The controller thread attempts
 155      * to create a new socket within the given limit of time. If socket
 156      * constructor does not return until the timeout expires, the controller
 157      * terminates and throws an {@link ConnectTimeoutException}
 158      * </p>
 159      *
 160      * @param host the host name/IP
 161      * @param port the port on the host
 162      * @param clientHost the local host name/IP to bind the socket to
 163      * @param clientPort the port on the local machine
 164      * @param params {@link HttpConnectionParams Http connection parameters}
 165      *
 166      * @return Socket a new socket
 167      *
 168      * @throws IOException if an I/O error occurs while creating the socket
 169      * @throws UnknownHostException if the IP address of the host cannot be
 170      *             determined
 171      */
 172     public Socket createSocket(final String host, final int port,
 173             final InetAddress localAddress, final int localPort,
 174             final HttpConnectionParams params) throws IOException,
 175             UnknownHostException, ConnectTimeoutException {
 176         Log.d(TAG, "Creating SSL Socket with remote " + host + ":" + port + ", local " + localAddress + ":" + localPort + ", params: " + params);
 177         if (params == null) {
 178             throw new IllegalArgumentException("Parameters may not be null");
 179         }
 180         int timeout = params.getConnectionTimeout();
 181         SocketFactory socketfactory = getSSLContext().getSocketFactory();
 182         if (timeout == 0) {
 183             Log.d(TAG, " ... with connection timeout 0 and socket timeout " + params.getSoTimeout());
 184             Socket socket = socketfactory.createSocket(host, port, localAddress,
 185                     localPort);
 186             socket.setSoTimeout(params.getSoTimeout());
 187             return socket;
 188         } else {
 189             Log.d(TAG, " ... with connection timeout " + timeout + " and socket timeout" + params.getSoTimeout());
 190             Socket socket = socketfactory.createSocket();
 191             SocketAddress localaddr = new InetSocketAddress(localAddress,
 192                     localPort);
 193             SocketAddress remoteaddr = new InetSocketAddress(host, port);
 194             socket.setSoTimeout(params.getSoTimeout());
 195             socket.bind(localaddr);
 196             socket.connect(remoteaddr, timeout);
 197             return socket;
 198         }
 199     }
 200
 201     /**
 202      * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int)
 203      */
 204     public Socket createSocket(String host, int port) throws IOException,
 205             UnknownHostException {
 206         Log.d(TAG, "Creating SSL Socket with remote " + host + ":" + port);
 207         return getSSLContext().getSocketFactory().createSocket(host, port);
 208     }
 209
 210     /**
 211      * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean)
 212      */
 213     public Socket createSocket(Socket socket, String host, int port,
 214             boolean autoClose) throws IOException, UnknownHostException {
 215         Log.d(TAG, "Creating SSL Socket from other shocket " + socket + " to remote " + host + ":" + port);
 216         return getSSLContext().getSocketFactory().createSocket(socket, host,
 217                 port, autoClose);
 218     }
 219
 220     public boolean equals(Object obj) {
 221         return ((obj != null) && obj.getClass().equals(
 222                 EasySSLSocketFactory.class));
 223     }
 224
 225     public int hashCode() {
 226         return EasySSLSocketFactory.class.hashCode();
 227     }
 228
 229 }