Package org.apache.http.conn.ssl

Class AbstractVerifier

java.lang.Object

org.apache.http.conn.ssl.AbstractVerifier

All Implemented Interfaces:

HostnameVerifier, X509HostnameVerifier

Direct Known Subclasses:

AllowAllHostnameVerifier, BrowserCompatHostnameVerifier, StrictHostnameVerifier

public abstract class AbstractVerifier
extends Object
implements X509HostnameVerifier

Abstract base class for all standard X509HostnameVerifier implementations.

Author:

Julius Davies

Constructor Summary

Constructors

Constructor	Description
AbstractVerifier()

Method Summary

Modifier and Type	Method	Description
static boolean	acceptableCountryWildcard(String cn)
static int	countDots(String s)	Counts the number of dots "." in a string.
static String[]	getCNs(X509Certificate cert)
static String[]	getDNSSubjectAlts(X509Certificate cert)	Extracts the array of SubjectAlt DNS names from an X509Certificate.
void	verify(String host, String[] cns, String[] subjectAlts, boolean strictWithSubDomains)
void	verify(String host, X509Certificate cert)
boolean	verify(String host, SSLSession session)	Verifies that the specified hostname is allowed within the specified SSL session.
void	verify(String host, SSLSocket ssl)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.http.conn.ssl.X509HostnameVerifier

verify

Constructor Details

AbstractVerifier

public AbstractVerifier()

Method Details

verify

public final void verify(String host,
SSLSocket ssl)
                  throws IOException

Specified by:

verify in interface X509HostnameVerifier

Throws:

IOException

verify

public final boolean verify(String host,
SSLSession session)

Description copied from interface: HostnameVerifier

Verifies that the specified hostname is allowed within the specified SSL session.

Specified by:

verify in interface HostnameVerifier

Specified by:

verify in interface X509HostnameVerifier

Parameters:

host - the hostname.

session - the SSL session of the connection.

Returns:

true if the specified hostname is allowed, otherwise false.

verify

public final void verify(String host,
X509Certificate cert)
                  throws SSLException

Specified by:

verify in interface X509HostnameVerifier

Throws:

SSLException

verify

public final void verify(String host,
String[] cns,
String[] subjectAlts,
boolean strictWithSubDomains)
                  throws SSLException

Throws:

SSLException

acceptableCountryWildcard

public static boolean acceptableCountryWildcard(String cn)

getCNs

public static String[] getCNs(X509Certificate cert)

getDNSSubjectAlts

public static String[] getDNSSubjectAlts(X509Certificate cert)

Extracts the array of SubjectAlt DNS names from an X509Certificate. Returns null if there aren't any.

Note: Java doesn't appear able to extract international characters from the SubjectAlts. It can only extract international characters from the CN field.

(Or maybe the version of OpenSSL I'm using to test isn't storing the international characters correctly in the SubjectAlts?).

Parameters:

cert - X509Certificate

Returns:

Array of SubjectALT DNS names stored in the certificate.

countDots

public static int countDots(String s)

Counts the number of dots "." in a string.

Parameters:

s - string to count dots from

Returns:

number of dots