The Android Open Source Project | 069490a | 2009-03-03 19:29:16 -0800 | [diff] [blame] | 1 | /* |
| 2 | * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ssl/X509HostnameVerifier.java $ |
| 3 | * $Revision: 618365 $ |
| 4 | * $Date: 2008-02-04 10:20:08 -0800 (Mon, 04 Feb 2008) $ |
| 5 | * |
| 6 | * ==================================================================== |
| 7 | * Licensed to the Apache Software Foundation (ASF) under one |
| 8 | * or more contributor license agreements. See the NOTICE file |
| 9 | * distributed with this work for additional information |
| 10 | * regarding copyright ownership. The ASF licenses this file |
| 11 | * to you under the Apache License, Version 2.0 (the |
| 12 | * "License"); you may not use this file except in compliance |
| 13 | * with the License. You may obtain a copy of the License at |
| 14 | * |
| 15 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 16 | * |
| 17 | * Unless required by applicable law or agreed to in writing, |
| 18 | * software distributed under the License is distributed on an |
| 19 | * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| 20 | * KIND, either express or implied. See the License for the |
| 21 | * specific language governing permissions and limitations |
| 22 | * under the License. |
| 23 | * ==================================================================== |
| 24 | * |
| 25 | * This software consists of voluntary contributions made by many |
| 26 | * individuals on behalf of the Apache Software Foundation. For more |
| 27 | * information on the Apache Software Foundation, please see |
| 28 | * <http://www.apache.org/>. |
| 29 | * |
| 30 | */ |
| 31 | |
| 32 | package org.apache.http.conn.ssl; |
| 33 | |
| 34 | import javax.net.ssl.HostnameVerifier; |
| 35 | import javax.net.ssl.SSLException; |
| 36 | import javax.net.ssl.SSLSession; |
| 37 | import javax.net.ssl.SSLSocket; |
| 38 | import java.io.IOException; |
| 39 | import java.security.cert.X509Certificate; |
| 40 | |
| 41 | /** |
| 42 | * Interface for checking if a hostname matches the names stored inside the |
| 43 | * server's X.509 certificate. Implements javax.net.ssl.HostnameVerifier, but |
| 44 | * we don't actually use that interface. Instead we added some methods that |
| 45 | * take String parameters (instead of javax.net.ssl.HostnameVerifier's |
| 46 | * SSLSession). JUnit is a lot easier this way! :-) |
| 47 | * <p/> |
| 48 | * We provide the HostnameVerifier.DEFAULT, HostnameVerifier.STRICT, and |
| 49 | * HostnameVerifier.ALLOW_ALL implementations. But feel free to define |
| 50 | * your own implementation! |
| 51 | * <p/> |
| 52 | * Inspired by Sebastian Hauer's original StrictSSLProtocolSocketFactory in the |
| 53 | * HttpClient "contrib" repository. |
| 54 | * |
| 55 | * @author Julius Davies |
| 56 | * @author <a href="mailto:hauer@psicode.com">Sebastian Hauer</a> |
| 57 | * |
| 58 | * @since 4.0 (8-Dec-2006) |
Narayan Kamath | d42abb2 | 2014-10-23 12:54:27 +0100 | [diff] [blame] | 59 | * |
| 60 | * @deprecated Please use {@link java.net.URL#openConnection} instead. |
| 61 | * Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a> |
| 62 | * for further details. |
The Android Open Source Project | 069490a | 2009-03-03 19:29:16 -0800 | [diff] [blame] | 63 | */ |
Narayan Kamath | d42abb2 | 2014-10-23 12:54:27 +0100 | [diff] [blame] | 64 | @Deprecated |
The Android Open Source Project | 069490a | 2009-03-03 19:29:16 -0800 | [diff] [blame] | 65 | public interface X509HostnameVerifier extends HostnameVerifier { |
| 66 | |
| 67 | boolean verify(String host, SSLSession session); |
| 68 | |
| 69 | void verify(String host, SSLSocket ssl) throws IOException; |
| 70 | |
| 71 | void verify(String host, X509Certificate cert) throws SSLException; |
| 72 | |
| 73 | /** |
| 74 | * Checks to see if the supplied hostname matches any of the supplied CNs |
| 75 | * or "DNS" Subject-Alts. Most implementations only look at the first CN, |
| 76 | * and ignore any additional CNs. Most implementations do look at all of |
| 77 | * the "DNS" Subject-Alts. The CNs or Subject-Alts may contain wildcards |
| 78 | * according to RFC 2818. |
| 79 | * |
| 80 | * @param cns CN fields, in order, as extracted from the X.509 |
| 81 | * certificate. |
| 82 | * @param subjectAlts Subject-Alt fields of type 2 ("DNS"), as extracted |
| 83 | * from the X.509 certificate. |
| 84 | * @param host The hostname to verify. |
| 85 | * @throws SSLException If verification failed. |
| 86 | */ |
| 87 | void verify(String host, String[] cns, String[] subjectAlts) |
| 88 | throws SSLException; |
| 89 | |
| 90 | |
| 91 | } |