1*13efc523SAndrew Rist /************************************************************** 2cdf0e10cSrcweir * 3*13efc523SAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one 4*13efc523SAndrew Rist * or more contributor license agreements. See the NOTICE file 5*13efc523SAndrew Rist * distributed with this work for additional information 6*13efc523SAndrew Rist * regarding copyright ownership. The ASF licenses this file 7*13efc523SAndrew Rist * to you under the Apache License, Version 2.0 (the 8*13efc523SAndrew Rist * "License"); you may not use this file except in compliance 9*13efc523SAndrew Rist * with the License. You may obtain a copy of the License at 10cdf0e10cSrcweir * 11*13efc523SAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0 12cdf0e10cSrcweir * 13*13efc523SAndrew Rist * Unless required by applicable law or agreed to in writing, 14*13efc523SAndrew Rist * software distributed under the License is distributed on an 15*13efc523SAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16*13efc523SAndrew Rist * KIND, either express or implied. See the License for the 17*13efc523SAndrew Rist * specific language governing permissions and limitations 18*13efc523SAndrew Rist * under the License. 19cdf0e10cSrcweir * 20*13efc523SAndrew Rist *************************************************************/ 21*13efc523SAndrew Rist 22*13efc523SAndrew Rist 23cdf0e10cSrcweir 24cdf0e10cSrcweir package com.sun.star.wiki; 25cdf0e10cSrcweir 26cdf0e10cSrcweir import java.io.IOException; 27cdf0e10cSrcweir import java.net.InetAddress; 28cdf0e10cSrcweir import java.net.InetSocketAddress; 29cdf0e10cSrcweir import java.net.Socket; 30cdf0e10cSrcweir import java.net.UnknownHostException; 31cdf0e10cSrcweir import java.security.KeyStore; 32cdf0e10cSrcweir import javax.net.ssl.SSLContext; 33cdf0e10cSrcweir import javax.net.ssl.TrustManager; 34cdf0e10cSrcweir import javax.net.ssl.TrustManagerFactory; 35cdf0e10cSrcweir import javax.net.ssl.X509TrustManager; 36cdf0e10cSrcweir import java.security.cert.CertificateException; 37cdf0e10cSrcweir import java.security.cert.X509Certificate; 38cdf0e10cSrcweir import org.apache.commons.httpclient.ConnectTimeoutException; 39cdf0e10cSrcweir import org.apache.commons.httpclient.HttpClientError; 40cdf0e10cSrcweir import org.apache.commons.httpclient.params.HttpConnectionParams; 41cdf0e10cSrcweir import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; 42cdf0e10cSrcweir 43cdf0e10cSrcweir class WikiProtocolSocketFactory implements SecureProtocolSocketFactory 44cdf0e10cSrcweir { 45cdf0e10cSrcweir private SSLContext m_aSSLContext; 46cdf0e10cSrcweir WikiProtocolSocketFactory()47cdf0e10cSrcweir public WikiProtocolSocketFactory() 48cdf0e10cSrcweir { 49cdf0e10cSrcweir super(); 50cdf0e10cSrcweir } 51cdf0e10cSrcweir GetNotSoSecureSSLContext()52cdf0e10cSrcweir public synchronized SSLContext GetNotSoSecureSSLContext() 53cdf0e10cSrcweir { 54cdf0e10cSrcweir if ( m_aSSLContext == null ) 55cdf0e10cSrcweir { 56cdf0e10cSrcweir TrustManager[] pTrustUnknownCerts = new TrustManager[] 57cdf0e10cSrcweir { 58cdf0e10cSrcweir new X509TrustManager() { 59cdf0e10cSrcweir private X509TrustManager m_aOrgTrustManager; 60cdf0e10cSrcweir 61cdf0e10cSrcweir private X509TrustManager GetOrgTrustManager() 62cdf0e10cSrcweir { 63cdf0e10cSrcweir if ( m_aOrgTrustManager == null ) 64cdf0e10cSrcweir { 65cdf0e10cSrcweir try 66cdf0e10cSrcweir { 67cdf0e10cSrcweir TrustManagerFactory aFactory = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm() ); 68cdf0e10cSrcweir aFactory.init( (KeyStore)null ); 69cdf0e10cSrcweir TrustManager[] pTrustmanagers = aFactory.getTrustManagers(); 70cdf0e10cSrcweir if ( pTrustmanagers.length != 0 && pTrustmanagers[0] != null ) 71cdf0e10cSrcweir m_aOrgTrustManager = (X509TrustManager)pTrustmanagers[0]; 72cdf0e10cSrcweir } 73cdf0e10cSrcweir catch( Exception e ) 74cdf0e10cSrcweir { 75cdf0e10cSrcweir throw new RuntimeException( "No access to the default trust manager!" ); 76cdf0e10cSrcweir } 77cdf0e10cSrcweir } 78cdf0e10cSrcweir 79cdf0e10cSrcweir return m_aOrgTrustManager; 80cdf0e10cSrcweir } 81cdf0e10cSrcweir 82cdf0e10cSrcweir public X509Certificate[] getAcceptedIssuers() 83cdf0e10cSrcweir { 84cdf0e10cSrcweir return GetOrgTrustManager().getAcceptedIssuers(); 85cdf0e10cSrcweir } 86cdf0e10cSrcweir 87cdf0e10cSrcweir public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException 88cdf0e10cSrcweir { 89cdf0e10cSrcweir GetOrgTrustManager().checkClientTrusted( certs, authType ); 90cdf0e10cSrcweir } 91cdf0e10cSrcweir 92cdf0e10cSrcweir public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException 93cdf0e10cSrcweir { 94cdf0e10cSrcweir if ( certs == null || certs.length == 0 ) 95cdf0e10cSrcweir GetOrgTrustManager().checkServerTrusted( certs, authType ); 96cdf0e10cSrcweir else 97cdf0e10cSrcweir for ( int nInd = 0; nInd < certs.length; nInd++ ) 98cdf0e10cSrcweir certs[nInd].checkValidity(); 99cdf0e10cSrcweir } 100cdf0e10cSrcweir } 101cdf0e10cSrcweir }; 102cdf0e10cSrcweir 103cdf0e10cSrcweir try 104cdf0e10cSrcweir { 105cdf0e10cSrcweir SSLContext aContext = SSLContext.getInstance("SSL"); 106cdf0e10cSrcweir if ( aContext != null ) 107cdf0e10cSrcweir { 108cdf0e10cSrcweir aContext.init( null, pTrustUnknownCerts, null ); 109cdf0e10cSrcweir m_aSSLContext = aContext; 110cdf0e10cSrcweir } 111cdf0e10cSrcweir } 112cdf0e10cSrcweir catch ( Exception e ) 113cdf0e10cSrcweir { 114cdf0e10cSrcweir } 115cdf0e10cSrcweir } 116cdf0e10cSrcweir 117cdf0e10cSrcweir if ( m_aSSLContext == null ) 118cdf0e10cSrcweir throw new HttpClientError(); 119cdf0e10cSrcweir 120cdf0e10cSrcweir return m_aSSLContext; 121cdf0e10cSrcweir } 122cdf0e10cSrcweir createSocket( String sHost, int nPort, InetAddress clientHost, int clientPort )123cdf0e10cSrcweir public Socket createSocket( String sHost, int nPort, InetAddress clientHost, int clientPort ) 124cdf0e10cSrcweir throws IOException, UnknownHostException 125cdf0e10cSrcweir { 126cdf0e10cSrcweir return GetNotSoSecureSSLContext().getSocketFactory().createSocket( sHost, nPort, clientHost, clientPort ); 127cdf0e10cSrcweir } 128cdf0e10cSrcweir createSocket( final String sHost, final int nPort, final InetAddress aLocalAddress, final int nLocalPort, final HttpConnectionParams params )129cdf0e10cSrcweir public Socket createSocket( final String sHost, final int nPort, final InetAddress aLocalAddress, final int nLocalPort, final HttpConnectionParams params ) 130cdf0e10cSrcweir throws IOException, UnknownHostException, ConnectTimeoutException 131cdf0e10cSrcweir { 132cdf0e10cSrcweir if ( params == null ) 133cdf0e10cSrcweir return createSocket( sHost, nPort, aLocalAddress, nLocalPort ); 134cdf0e10cSrcweir 135cdf0e10cSrcweir int nTimeout = params.getConnectionTimeout(); 136cdf0e10cSrcweir Socket aSocket = GetNotSoSecureSSLContext().getSocketFactory().createSocket(); 137cdf0e10cSrcweir aSocket.bind( new InetSocketAddress( aLocalAddress, nLocalPort ) ); 138cdf0e10cSrcweir aSocket.connect( new InetSocketAddress( sHost, nPort ), nTimeout ); 139cdf0e10cSrcweir return aSocket; 140cdf0e10cSrcweir } 141cdf0e10cSrcweir createSocket( String sHost, int nPort )142cdf0e10cSrcweir public Socket createSocket( String sHost, int nPort ) 143cdf0e10cSrcweir throws IOException, UnknownHostException 144cdf0e10cSrcweir { 145cdf0e10cSrcweir return GetNotSoSecureSSLContext().getSocketFactory().createSocket( sHost, nPort ); 146cdf0e10cSrcweir } 147cdf0e10cSrcweir createSocket( Socket aSocket, String sHost, int nPort, boolean bAutoClose )148cdf0e10cSrcweir public Socket createSocket( Socket aSocket, String sHost, int nPort, boolean bAutoClose ) 149cdf0e10cSrcweir throws IOException, UnknownHostException 150cdf0e10cSrcweir { 151cdf0e10cSrcweir return GetNotSoSecureSSLContext().getSocketFactory().createSocket( aSocket, sHost, nPort, bAutoClose ); 152cdf0e10cSrcweir } 153cdf0e10cSrcweir equals(Object obj)154cdf0e10cSrcweir public boolean equals(Object obj) 155cdf0e10cSrcweir { 156cdf0e10cSrcweir return ((obj != null) && obj.getClass().equals(WikiProtocolSocketFactory.class)); 157cdf0e10cSrcweir } 158cdf0e10cSrcweir hashCode()159cdf0e10cSrcweir public int hashCode() 160cdf0e10cSrcweir { 161cdf0e10cSrcweir return WikiProtocolSocketFactory.class.hashCode(); 162cdf0e10cSrcweir } 163cdf0e10cSrcweir }; 164cdf0e10cSrcweir 165