• file
• revisions
• annotate
• diff
• comparison
• raw

mobile/android/thirdparty/ch/boye/httpclientandroidlib/conn/ssl/StrictHostnameVerifier.java@fc2d59ddac77 (annotated)

mobile/android/thirdparty/ch/boye/httpclientandroidlib/conn/ssl/StrictHostnameVerifier.java

Wed, 31 Dec 2014 07:22:50 +0100

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Wed, 31 Dec 2014 07:22:50 +0100

branch

TOR_BUG_3246

changeset 4

fc2d59ddac77

permissions

-rw-r--r--

Correct previous dual key logic pending first delivery installment.

michael@0	1	/*
michael@0	2	* ====================================================================
michael@0	3	* Licensed to the Apache Software Foundation (ASF) under one
michael@0	4	* or more contributor license agreements. See the NOTICE file
michael@0	5	* distributed with this work for additional information
michael@0	6	* regarding copyright ownership. The ASF licenses this file
michael@0	7	* to you under the Apache License, Version 2.0 (the
michael@0	8	* "License"); you may not use this file except in compliance
michael@0	9	* with the License. You may obtain a copy of the License at
michael@0	10	*
michael@0	11	* http://www.apache.org/licenses/LICENSE-2.0
michael@0	12	*
michael@0	13	* Unless required by applicable law or agreed to in writing,
michael@0	14	* software distributed under the License is distributed on an
michael@0	15	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
michael@0	16	* KIND, either express or implied. See the License for the
michael@0	17	* specific language governing permissions and limitations
michael@0	18	* under the License.
michael@0	19	* ====================================================================
michael@0	20	*
michael@0	21	* This software consists of voluntary contributions made by many
michael@0	22	* individuals on behalf of the Apache Software Foundation. For more
michael@0	23	* information on the Apache Software Foundation, please see
michael@0	24	* <http://www.apache.org/>.
michael@0	25	*
michael@0	26	*/
michael@0	27
michael@0	28	package ch.boye.httpclientandroidlib.conn.ssl;
michael@0	29
michael@0	30	import javax.net.ssl.SSLException;
michael@0	31
michael@0	32	import ch.boye.httpclientandroidlib.annotation.Immutable;
michael@0	33
michael@0	34	/**
michael@0	35	* The Strict HostnameVerifier works the same way as Sun Java 1.4, Sun
michael@0	36	* Java 5, Sun Java 6-rc. It's also pretty close to IE6. This
michael@0	37	* implementation appears to be compliant with RFC 2818 for dealing with
michael@0	38	* wildcards.
michael@0	39	* <p/>
michael@0	40	* The hostname must match either the first CN, or any of the subject-alts.
michael@0	41	* A wildcard can occur in the CN, and in any of the subject-alts. The
michael@0	42	* one divergence from IE6 is how we only check the first CN. IE6 allows
michael@0	43	* a match against any of the CNs present. We decided to follow in
michael@0	44	* Sun Java 1.4's footsteps and only check the first CN. (If you need
michael@0	45	* to check all the CN's, feel free to write your own implementation!).
michael@0	46	* <p/>
michael@0	47	* A wildcard such as "*.foo.com" matches only subdomains in the same
michael@0	48	* level, for example "a.foo.com". It does not match deeper subdomains
michael@0	49	* such as "a.b.foo.com".
michael@0	50	*
michael@0	51	*
michael@0	52	* @since 4.0
michael@0	53	*/
michael@0	54	@Immutable
michael@0	55	public class StrictHostnameVerifier extends AbstractVerifier {
michael@0	56
michael@0	57	public final void verify(
michael@0	58	final String host,
michael@0	59	final String[] cns,
michael@0	60	final String[] subjectAlts) throws SSLException {
michael@0	61	verify(host, cns, subjectAlts, true);
michael@0	62	}
michael@0	63
michael@0	64	@Override
michael@0	65	public final String toString() {
michael@0	66	return "STRICT";
michael@0	67	}
michael@0	68
michael@0	69	}