michael@0: /** michael@0: * Copyright (c) 2012-2013, Gerald Garcia michael@0: * michael@0: * This file is part of Andoid Caldav Sync Adapter Free. michael@0: * michael@0: * Andoid Caldav Sync Adapter Free is free software: you can redistribute michael@0: * it and/or modify it under the terms of the GNU General Public License michael@0: * as published by the Free Software Foundation, either version 3 of the michael@0: * License, or at your option any later version. michael@0: * michael@0: * Andoid Caldav Sync Adapter Free is distributed in the hope that michael@0: * it will be useful, but WITHOUT ANY WARRANTY; without even the implied michael@0: * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the michael@0: * GNU General Public License for more details. michael@0: * michael@0: * You should have received a copy of the GNU General Public License michael@0: * along with Andoid Caldav Sync Adapter Free. michael@0: * If not, see . michael@0: * michael@0: */ michael@0: michael@0: package org.gege.caldavsyncadapter.caldav; michael@0: michael@0: import java.io.IOException; michael@0: import java.net.InetAddress; michael@0: import java.net.InetSocketAddress; michael@0: import java.net.Socket; michael@0: import java.net.UnknownHostException; michael@8: import java.security.KeyManagementException; michael@8: import java.security.NoSuchAlgorithmException; michael@8: import java.security.SecureRandom; michael@8: import java.security.cert.CertificateException; michael@8: import java.security.cert.X509Certificate; michael@0: michael@0: import javax.net.ssl.SSLContext; michael@0: import javax.net.ssl.SSLSocket; michael@0: import javax.net.ssl.TrustManager; michael@8: import javax.net.ssl.X509TrustManager; michael@0: michael@0: import org.apache.http.conn.ConnectTimeoutException; michael@0: import org.apache.http.conn.scheme.LayeredSocketFactory; michael@8: import org.apache.http.conn.ssl.SSLSocketFactory; michael@0: import org.apache.http.params.HttpConnectionParams; michael@0: import org.apache.http.params.HttpParams; michael@0: michael@8: import android.util.Log; michael@0: michael@0: michael@0: michael@8: public final class EasySSLSocketFactory implements michael@8: LayeredSocketFactory { michael@0: michael@8: private static final String TAG = "TrustAllSSLSocketFactory"; michael@8: michael@8: private static final EasySSLSocketFactory DEFAULT_FACTORY = new EasySSLSocketFactory(); michael@0: michael@8: public static EasySSLSocketFactory getSocketFactory michael@8: () { michael@8: return DEFAULT_FACTORY; michael@8: } michael@0: michael@8: private SSLContext sslcontext; michael@8: private javax.net.ssl.SSLSocketFactory socketfactory; michael@0: michael@8: private EasySSLSocketFactory() { michael@8: super(); michael@8: TrustManager[] tm = new TrustManager[] { new X509TrustManager() { michael@0: michael@8: @Override michael@8: public void checkClientTrusted(X509Certificate[] chain, michael@8: String authType) throws CertificateException { michael@8: // do nothing michael@8: } michael@0: michael@8: @Override michael@8: public void checkServerTrusted(X509Certificate[] chain, michael@8: String authType) throws CertificateException { michael@8: // do nothing michael@8: } michael@0: michael@8: @Override michael@8: public X509Certificate[] getAcceptedIssuers() { michael@8: return new X509Certificate[0]; michael@8: } michael@0: michael@8: } }; michael@8: try { michael@8: this.sslcontext = SSLContext.getInstance(SSLSocketFactory.TLS); michael@8: this.sslcontext.init(null, tm, new SecureRandom()); michael@8: this.socketfactory = this.sslcontext.getSocketFactory(); michael@8: } catch ( NoSuchAlgorithmException e ) { michael@8: Log.e(TAG, michael@8: "Faild to instantiate TrustAllSSLSocketFactory!", e); michael@8: } catch ( KeyManagementException e ) { michael@8: Log.e(TAG, michael@8: "Failed to instantiate TrustAllSSLSocketFactory!", e); michael@8: } michael@8: } michael@0: michael@8: @Override michael@8: public Socket createSocket(Socket socket, String host, int port, michael@8: boolean autoClose) throws IOException, UnknownHostException { michael@8: SSLSocket sslSocket = (SSLSocket) this.socketfactory.createSocket( michael@8: socket, host, port, autoClose); michael@8: return sslSocket; michael@8: } michael@0: michael@8: @Override michael@8: public Socket connectSocket(Socket sock, String host, int port, michael@8: InetAddress localAddress, int localPort, HttpParams params) michael@8: throws IOException, UnknownHostException, ConnectTimeoutException { michael@8: if ( host == null ) { michael@8: throw new IllegalArgumentException( michael@8: "Target host may not be null."); michael@8: } michael@8: if ( params == null ) { michael@8: throw new IllegalArgumentException( michael@8: "Parameters may not be null."); michael@8: } michael@0: michael@8: SSLSocket sslsock = (SSLSocket) ( ( sock != null ) ? sock michael@8: : createSocket() ); michael@8: michael@8: if ( ( localAddress != null ) || ( localPort > 0 ) ) { michael@8: michael@8: // we need to bind explicitly michael@8: if ( localPort < 0 ) { michael@8: localPort = 0; // indicates "any" michael@8: } michael@8: michael@8: InetSocketAddress isa = new InetSocketAddress(localAddress, michael@8: localPort); michael@8: sslsock.bind(isa); michael@8: } michael@8: michael@8: int connTimeout = HttpConnectionParams.getConnectionTimeout(params); michael@8: int soTimeout = HttpConnectionParams.getSoTimeout(params); michael@8: michael@8: InetSocketAddress remoteAddress; michael@8: remoteAddress = new InetSocketAddress(host, port); michael@8: michael@8: sslsock.connect(remoteAddress, connTimeout); michael@8: michael@8: sslsock.setSoTimeout(soTimeout); michael@8: michael@8: return sslsock; michael@8: } michael@8: michael@8: @Override michael@8: public Socket createSocket() throws IOException { michael@8: // the cast makes sure that the factory is working as expected michael@8: return (SSLSocket) this.socketfactory.createSocket(); michael@8: } michael@8: michael@8: @Override michael@8: public boolean isSecure(Socket sock) throws IllegalArgumentException { michael@8: return true; michael@8: } michael@0: michael@0: }