X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/blobdiff_plain/2bc41ee3315feb483e4b92873df8f7dd3bb5499c..7f75f13f0c47b5cc4f5fe6a743a6fb8a9281fef7:/src/eu/alefzero/owncloud/authenticator/EasySSLSocketFactory.java diff --git a/src/eu/alefzero/owncloud/authenticator/EasySSLSocketFactory.java b/src/eu/alefzero/owncloud/authenticator/EasySSLSocketFactory.java index f057b8bd..f1de8f5f 100644 --- a/src/eu/alefzero/owncloud/authenticator/EasySSLSocketFactory.java +++ b/src/eu/alefzero/owncloud/authenticator/EasySSLSocketFactory.java @@ -1,138 +1,221 @@ -package eu.alefzero.owncloud.authenticator; - /* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at + * $HeadURL$ + * $Revision$ + * $Date$ + * + * ==================================================================== + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 * - * http://www.apache.org/licenses/LICENSE-2.0 + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * . * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. */ +package eu.alefzero.owncloud.authenticator; + import java.io.IOException; import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.Socket; +import java.net.SocketAddress; import java.net.UnknownHostException; +import javax.net.SocketFactory; import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSocket; import javax.net.ssl.TrustManager; -import org.apache.http.conn.ConnectTimeoutException; -import org.apache.http.conn.scheme.LayeredSocketFactory; -import org.apache.http.conn.scheme.SocketFactory; -import org.apache.http.params.HttpConnectionParams; -import org.apache.http.params.HttpParams; +import org.apache.commons.httpclient.ConnectTimeoutException; +import org.apache.commons.httpclient.HttpClientError; +import org.apache.commons.httpclient.params.HttpConnectionParams; +import org.apache.commons.httpclient.protocol.ProtocolSocketFactory; +import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; + +import android.util.Log; /** - * This socket factory will create ssl socket that accepts self signed - * certificate + *

+ * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s that + * accept self-signed certificates. + *

+ *

+ * This socket factory SHOULD NOT be used for productive systems due to security + * reasons, unless it is a concious decision and you are perfectly aware of + * security implications of accepting self-signed certificates + *

+ * + *

+ * Example of using custom protocol socket factory for a specific host: + * + * 

+ * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(),
+ *         443);
+ * 
+ * URI uri = new URI("https://localhost/", true);
+ * // use relative url only
+ * GetMethod httpget = new GetMethod(uri.getPathQuery());
+ * HostConfiguration hc = new HostConfiguration();
+ * hc.setHost(uri.getHost(), uri.getPort(), easyhttps);
+ * HttpClient client = new HttpClient();
+ * client.executeMethod(hc, httpget);
+ *
+ * + *

+ *

+ * Example of using custom protocol socket factory per default instead of the + * standard one: + * + * 

+ * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(),
+ *         443);
+ * Protocol.registerProtocol("https", easyhttps);
+ * 
+ * HttpClient client = new HttpClient();
+ * GetMethod httpget = new GetMethod("https://localhost/");
+ * client.executeMethod(httpget);
+ *
+ * + *

+ * + * @author Oleg Kalnichevski * - * @author olamy - * @version $Id: EasySSLSocketFactory.java 765355 2009-04-15 20:59:07Z evenisse - * $ - * @since 1.2.3 + *

+ * DISCLAIMER: HttpClient developers DO NOT actively support this + * component. The component is provided as a reference material, which + * may be inappropriate for use without additional customization. + *

*/ -public class EasySSLSocketFactory implements SocketFactory, - LayeredSocketFactory { - - private SSLContext sslcontext = null; - - private static SSLContext createEasySSLContext() throws IOException { - try { - SSLContext context = SSLContext.getInstance("TLS"); - context.init(null, new TrustManager[] { new EasyX509TrustManager( - null) }, null); - return context; - } catch (Exception e) { - throw new IOException(e.getMessage()); + +public class EasySSLSocketFactory implements ProtocolSocketFactory { + + private static final String TAG = "EasySSLSocketFactory"; + private SSLContext sslcontext = null; + + /** + * Constructor for EasySSLProtocolSocketFactory. + */ + public EasySSLSocketFactory() { + super(); + } + + private static SSLContext createEasySSLContext() { + try { + SSLContext context = SSLContext.getInstance("TLS"); + context.init(null, new TrustManager[] { new EasyX509TrustManager( + null) }, null); + return context; + } catch (Exception er) { + Log.e(TAG, er.getMessage() + ""); + throw new HttpClientError(er.toString()); + } + } + + private SSLContext getSSLContext() { + if (this.sslcontext == null) { + this.sslcontext = createEasySSLContext(); + } + return this.sslcontext; + } + + /** + * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int) + */ + public Socket createSocket(String host, int port, InetAddress clientHost, + int clientPort) throws IOException, UnknownHostException { + + return getSSLContext().getSocketFactory().createSocket(host, port, + clientHost, clientPort); + } + + /** + * Attempts to get a new socket connection to the given host within the + * given time limit. + *

+ * To circumvent the limitations of older JREs that do not support connect + * timeout a controller thread is executed. The controller thread attempts + * to create a new socket within the given limit of time. If socket + * constructor does not return until the timeout expires, the controller + * terminates and throws an {@link ConnectTimeoutException} + *

+ * + * @param host the host name/IP + * @param port the port on the host + * @param clientHost the local host name/IP to bind the socket to + * @param clientPort the port on the local machine + * @param params {@link HttpConnectionParams Http connection parameters} + * + * @return Socket a new socket + * + * @throws IOException if an I/O error occurs while creating the socket + * @throws UnknownHostException if the IP address of the host cannot be + * determined + */ + public Socket createSocket(final String host, final int port, + final InetAddress localAddress, final int localPort, + final HttpConnectionParams params) throws IOException, + UnknownHostException, ConnectTimeoutException { + if (params == null) { + throw new IllegalArgumentException("Parameters may not be null"); + } + int timeout = params.getConnectionTimeout(); + SocketFactory socketfactory = getSSLContext().getSocketFactory(); + if (timeout == 0) { + Socket socket = socketfactory.createSocket(host, port, localAddress, + localPort); + socket.setSoTimeout(params.getSoTimeout()); + return socket; + } else { + Socket socket = socketfactory.createSocket(); + SocketAddress localaddr = new InetSocketAddress(localAddress, + localPort); + SocketAddress remoteaddr = new InetSocketAddress(host, port); + socket.setSoTimeout(params.getSoTimeout()); + socket.bind(localaddr); + socket.connect(remoteaddr, timeout); + return socket; + } } - } - private SSLContext getSSLContext() throws IOException { - if (this.sslcontext == null) { - this.sslcontext = createEasySSLContext(); + /** + * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int) + */ + public Socket createSocket(String host, int port) throws IOException, + UnknownHostException { + return getSSLContext().getSocketFactory().createSocket(host, port); } - return this.sslcontext; - } - - /** - * @see org.apache.http.conn.scheme.SocketFactory#connectSocket(java.net.Socket, - * java.lang.String, int, java.net.InetAddress, int, - * org.apache.http.params.HttpParams) - */ - public Socket connectSocket(Socket sock, String host, int port, - InetAddress localAddress, int localPort, HttpParams params) - throws IOException, UnknownHostException, ConnectTimeoutException { - int connTimeout = HttpConnectionParams.getConnectionTimeout(params); - int soTimeout = HttpConnectionParams.getSoTimeout(params); - - InetSocketAddress remoteAddress = new InetSocketAddress(host, port); - SSLSocket sslsock = (SSLSocket) ((sock != null) ? sock : createSocket()); - - if ((localAddress != null) || (localPort > 0)) { - // we need to bind explicitly - if (localPort < 0) { - localPort = 0; // indicates "any" - } - InetSocketAddress isa = new InetSocketAddress(localAddress, - localPort); - sslsock.bind(isa); + + /** + * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean) + */ + public Socket createSocket(Socket socket, String host, int port, + boolean autoClose) throws IOException, UnknownHostException { + return getSSLContext().getSocketFactory().createSocket(socket, host, + port, autoClose); + } + + public boolean equals(Object obj) { + return ((obj != null) && obj.getClass().equals( + EasySSLSocketFactory.class)); } - sslsock.connect(remoteAddress, connTimeout); - sslsock.setSoTimeout(soTimeout); - return sslsock; - - } - - /** - * @see org.apache.http.conn.scheme.SocketFactory#createSocket() - */ - public Socket createSocket() throws IOException { - return getSSLContext().getSocketFactory().createSocket(); - } - - /** - * @see org.apache.http.conn.scheme.SocketFactory#isSecure(java.net.Socket) - */ - public boolean isSecure(Socket socket) throws IllegalArgumentException { - return true; - } - - /** - * @see org.apache.http.conn.scheme.LayeredSocketFactory#createSocket(java.net.Socket, - * java.lang.String, int, boolean) - */ - public Socket createSocket(Socket socket, String host, int port, - boolean autoClose) throws IOException, UnknownHostException { - return getSSLContext().getSocketFactory().createSocket(socket, host, port, autoClose); - } - - // ------------------------------------------------------------------- - // javadoc in org.apache.http.conn.scheme.SocketFactory says : - // Both Object.equals() and Object.hashCode() must be overridden - // for the correct operation of some connection managers - // ------------------------------------------------------------------- - - public boolean equals(Object obj) { - return ((obj != null) && obj.getClass().equals( - EasySSLSocketFactory.class)); - } - - public int hashCode() { - return EasySSLSocketFactory.class.hashCode(); - } + public int hashCode() { + return EasySSLSocketFactory.class.hashCode(); + } } \ No newline at end of file