src/com/owncloud/android/network/EasySSLSocketFactory.java

   1 /*
   2  * $HeadURL$
   3  * $Revision$
   4  * $Date$
   5  *
   6  * ====================================================================
   7  *
   8  *  Licensed to the Apache Software Foundation (ASF) under one or more
   9  *  contributor license agreements.  See the NOTICE file distributed with
  10  *  this work for additional information regarding copyright ownership.
  11  *  The ASF licenses this file to You under the Apache License, Version 2.0
  12  *  (the "License"); you may not use this file except in compliance with
  13  *  the License.  You may obtain a copy of the License at
  14  *
  15  *      http://www.apache.org/licenses/LICENSE-2.0
  16  *
  17  *  Unless required by applicable law or agreed to in writing, software
  18  *  distributed under the License is distributed on an "AS IS" BASIS,
  19  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20  *  See the License for the specific language governing permissions and
  21  *  limitations under the License.
  22  * ====================================================================
  23  *
  24  * This software consists of voluntary contributions made by many
  25  * individuals on behalf of the Apache Software Foundation.  For more
  26  * information on the Apache Software Foundation, please see
  27  * <http://www.apache.org/>.
  28  *
  29  */
  30
  31 package com.owncloud.android.network;
  32
  33 import java.io.IOException;
  34 import java.net.InetAddress;
  35 import java.net.InetSocketAddress;
  36 import java.net.Socket;
  37 import java.net.SocketAddress;
  38 import java.net.UnknownHostException;
  39
  40 import javax.net.SocketFactory;
  41 import javax.net.ssl.SSLContext;
  42 import javax.net.ssl.TrustManager;
  43
  44 import org.apache.commons.httpclient.ConnectTimeoutException;
  45 import org.apache.commons.httpclient.HttpClientError;
  46 import org.apache.commons.httpclient.params.HttpConnectionParams;
  47 import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
  48 import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
  49
  50
  51 import android.util.Log;
  52
  53 /**
  54  * <p>
  55  * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s that
  56  * accept self-signed certificates.
  57  * </p>
  58  * <p>
  59  * This socket factory SHOULD NOT be used for productive systems due to security
  60  * reasons, unless it is a concious decision and you are perfectly aware of
  61  * security implications of accepting self-signed certificates
  62  * </p>
  63  *
  64  * <p>
  65  * Example of using custom protocol socket factory for a specific host:
  66  *
  67  * <pre>
  68  * Protocol easyhttps = new Protocol(&quot;https&quot;, new EasySSLProtocolSocketFactory(),
  69  *         443);
  70  *
  71  * URI uri = new URI(&quot;https://localhost/&quot;, true);
  72  * // use relative url only
  73  * GetMethod httpget = new GetMethod(uri.getPathQuery());
  74  * HostConfiguration hc = new HostConfiguration();
  75  * hc.setHost(uri.getHost(), uri.getPort(), easyhttps);
  76  * HttpClient client = new HttpClient();
  77  * client.executeMethod(hc, httpget);
  78  * </pre>
  79  *
  80  * </p>
  81  * <p>
  82  * Example of using custom protocol socket factory per default instead of the
  83  * standard one:
  84  *
  85  * <pre>
  86  * Protocol easyhttps = new Protocol(&quot;https&quot;, new EasySSLProtocolSocketFactory(),
  87  *         443);
  88  * Protocol.registerProtocol(&quot;https&quot;, easyhttps);
  89  *
  90  * HttpClient client = new HttpClient();
  91  * GetMethod httpget = new GetMethod(&quot;https://localhost/&quot;);
  92  * client.executeMethod(httpget);
  93  * </pre>
  94  *
  95  * </p>
  96  *
  97  * @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a>
  98  *
  99  *         <p>
 100  *         DISCLAIMER: HttpClient developers DO NOT actively support this
 101  *         component. The component is provided as a reference material, which
 102  *         may be inappropriate for use without additional customization.
 103  *         </p>
 104  */
 105
 106 public class EasySSLSocketFactory implements ProtocolSocketFactory {
 107
 108     private static final String TAG = "EasySSLSocketFactory";
 109     private SSLContext sslcontext = null;
 110
 111     /**
 112      * Constructor for EasySSLProtocolSocketFactory.
 113      */
 114     public EasySSLSocketFactory() {
 115         super();
 116     }
 117
 118     private static SSLContext createEasySSLContext() {
 119         Log.d(TAG, "Creating Easy SSL Context");
 120         try {
 121             SSLContext context = SSLContext.getInstance("TLS");
 122             context.init(null, new TrustManager[] { new EasyX509TrustManager(
 123                     null) }, null);
 124             return context;
 125         } catch (Exception er) {
 126             Log.e(TAG, er.getMessage() + "");
 127             throw new HttpClientError(er.toString());
 128         }
 129     }
 130
 131     private SSLContext getSSLContext() {
 132         Log.d(TAG, "Getting Easy SSL Context");
 133         if (this.sslcontext == null) {
 134             this.sslcontext = createEasySSLContext();
 135         }
 136         return this.sslcontext;
 137     }
 138
 139     /**
 140      * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int)
 141      */
 142     public Socket createSocket(String host, int port, InetAddress clientHost,
 143             int clientPort) throws IOException, UnknownHostException {
 144         Log.d(TAG, "Creating SSL Socket with remote " + host + ":" + port + ", client " + clientHost + ":" + clientPort);
 145
 146         return getSSLContext().getSocketFactory().createSocket(host, port,
 147                 clientHost, clientPort);
 148     }
 149
 150     /**
 151      * Attempts to get a new socket connection to the given host within the
 152      * given time limit.
 153      * <p>
 154      * To circumvent the limitations of older JREs that do not support connect
 155      * timeout a controller thread is executed. The controller thread attempts
 156      * to create a new socket within the given limit of time. If socket
 157      * constructor does not return until the timeout expires, the controller
 158      * terminates and throws an {@link ConnectTimeoutException}
 159      * </p>
 160      *
 161      * @param host the host name/IP
 162      * @param port the port on the host
 163      * @param clientHost the local host name/IP to bind the socket to
 164      * @param clientPort the port on the local machine
 165      * @param params {@link HttpConnectionParams Http connection parameters}
 166      *
 167      * @return Socket a new socket
 168      *
 169      * @throws IOException if an I/O error occurs while creating the socket
 170      * @throws UnknownHostException if the IP address of the host cannot be
 171      *             determined
 172      */
 173     public Socket createSocket(final String host, final int port,
 174             final InetAddress localAddress, final int localPort,
 175             final HttpConnectionParams params) throws IOException,
 176             UnknownHostException, ConnectTimeoutException {
 177         Log.d(TAG, "Creating SSL Socket with remote " + host + ":" + port + ", local " + localAddress + ":" + localPort + ", params: " + params);
 178         if (params == null) {
 179             throw new IllegalArgumentException("Parameters may not be null");
 180         }
 181         int timeout = params.getConnectionTimeout();
 182         SocketFactory socketfactory = getSSLContext().getSocketFactory();
 183         /*if (timeout == 0) {
 184             Log.d(TAG, " ... with connection timeout 0 and socket timeout " + params.getSoTimeout());
 185             Socket socket = socketfactory.createSocket(host, port, localAddress,
 186                     localPort);
 187             socket.setSoTimeout(params.getSoTimeout());
 188             return socket;
 189         } else {*/
 190         Log.d(TAG, " ... with connection timeout " + timeout + " and socket timeout " + params.getSoTimeout());
 191         Socket socket = socketfactory.createSocket();
 192         SocketAddress localaddr = new InetSocketAddress(localAddress,
 193                 localPort);
 194         SocketAddress remoteaddr = new InetSocketAddress(host, port);
 195         socket.setSoTimeout(params.getSoTimeout());
 196         socket.bind(localaddr);
 197         socket.connect(remoteaddr, timeout);
 198         return socket;
 199         //}
 200     }
 201
 202     /**
 203      * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int)
 204      */
 205     public Socket createSocket(String host, int port) throws IOException,
 206             UnknownHostException {
 207         Log.d(TAG, "Creating SSL Socket with remote " + host + ":" + port);
 208         return getSSLContext().getSocketFactory().createSocket(host, port);
 209     }
 210
 211     /**
 212      * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean)
 213      */
 214     public Socket createSocket(Socket socket, String host, int port,
 215             boolean autoClose) throws IOException, UnknownHostException {
 216         Log.d(TAG, "Creating SSL Socket from other shocket " + socket + " to remote " + host + ":" + port);
 217         return getSSLContext().getSocketFactory().createSocket(socket, host,
 218                 port, autoClose);
 219     }
 220
 221     public boolean equals(Object obj) {
 222         return ((obj != null) && obj.getClass().equals(
 223                 EasySSLSocketFactory.class));
 224     }
 225
 226     public int hashCode() {
 227         return EasySSLSocketFactory.class.hashCode();
 228     }
 229
 230 }