Lines 29-34
Link Here
|
29 |
import javax.net.ssl.TrustManager; |
29 |
import javax.net.ssl.TrustManager; |
30 |
import javax.net.ssl.TrustManagerFactory; |
30 |
import javax.net.ssl.TrustManagerFactory; |
31 |
import javax.net.ssl.X509KeyManager; |
31 |
import javax.net.ssl.X509KeyManager; |
|
|
32 |
import javax.net.ssl.X509TrustManager; |
32 |
|
33 |
|
33 |
import org.apache.tomcat.util.res.StringManager; |
34 |
import org.apache.tomcat.util.res.StringManager; |
34 |
|
35 |
|
Lines 65-72
Link Here
|
65 |
*/ |
66 |
*/ |
66 |
protected boolean wantClientAuth = false; |
67 |
protected boolean wantClientAuth = false; |
67 |
|
68 |
|
68 |
public JSSE14SocketFactory () { |
69 |
JSSE14AllTrustingX509TrustManager atm; |
69 |
super(); |
70 |
|
|
|
71 |
public JSSE14SocketFactory (JSSE14AllTrustingX509TrustManager atm) { |
72 |
this.atm = atm; |
70 |
} |
73 |
} |
71 |
|
74 |
|
72 |
/** |
75 |
/** |
Lines 104-114
Link Here
|
104 |
if( trustAlgorithm == null ) { |
107 |
if( trustAlgorithm == null ) { |
105 |
trustAlgorithm = algorithm; |
108 |
trustAlgorithm = algorithm; |
106 |
} |
109 |
} |
|
|
110 |
|
111 |
String acceptUntrustedCertStr = (String)attributes.get("acceptUntrustedCertificates"); |
112 |
boolean acceptUntrustedCert = false; |
113 |
if ("true".equals(acceptUntrustedCertStr) || |
114 |
"yes".equals(acceptUntrustedCertStr)) { |
115 |
acceptUntrustedCert = true; |
116 |
} |
117 |
|
118 |
TrustManager[] tms = getTrustManagers(keystoreType, trustAlgorithm); |
119 |
|
120 |
if (acceptUntrustedCert) { |
121 |
|
122 |
/* |
123 |
* Get the first instance of an X509TrustManager and wrap the |
124 |
* JSSE14PlugableX509TrustManager around it. |
125 |
* Depends on the current implementation of SSLContext, which |
126 |
* only supports X509TrustManagers. |
127 |
*/ |
128 |
if (tms == null) { |
129 |
TrustManagerFactory tmf = TrustManagerFactory.getInstance(trustAlgorithm); |
130 |
tmf.init((KeyStore) null); |
131 |
tms = tmf.getTrustManagers(); |
132 |
} |
133 |
if (tms != null) { |
134 |
for (int i = 0; i < tms.length;i++) { |
135 |
if (tms[i] instanceof X509TrustManager) { |
136 |
atm.init((javax.net.ssl.X509TrustManager) tms[i]); |
137 |
tms[i] = atm; |
138 |
break; |
139 |
} |
140 |
} |
141 |
} |
142 |
} |
143 |
|
107 |
// Create and init SSLContext |
144 |
// Create and init SSLContext |
108 |
SSLContext context = SSLContext.getInstance(protocol); |
145 |
SSLContext context = SSLContext.getInstance(protocol); |
109 |
context.init(getKeyManagers(keystoreType, algorithm, |
146 |
context.init(getKeyManagers(keystoreType, algorithm, |
110 |
(String) attributes.get("keyAlias")), |
147 |
(String) attributes.get("keyAlias")), |
111 |
getTrustManagers(keystoreType, trustAlgorithm), |
148 |
tms, |
112 |
new SecureRandom()); |
149 |
new SecureRandom()); |
113 |
|
150 |
|
114 |
// create proxy |
151 |
// create proxy |