The Tor Browser / file revision

mobile/android/thirdparty/ch/boye/httpclientandroidlib/conn/ssl/StrictHostnameVerifier.java@fc2d59ddac77

mobile/android/thirdparty/ch/boye/httpclientandroidlib/conn/ssl/StrictHostnameVerifier.java

Wed, 31 Dec 2014 07:22:50 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 07:22:50 +0100
branch
TOR_BUG_3246
changeset 4
fc2d59ddac77
permissions
-rw-r--r--

Correct previous dual key logic pending first delivery installment.

     1 /*

     2  * ====================================================================

     3  * Licensed to the Apache Software Foundation (ASF) under one

     4  * or more contributor license agreements.  See the NOTICE file

     5  * distributed with this work for additional information

     6  * regarding copyright ownership.  The ASF licenses this file

     7  * to you under the Apache License, Version 2.0 (the

     8  * "License"); you may not use this file except in compliance

     9  * with the License.  You may obtain a copy of the License at

    10  *

    11  *   http://www.apache.org/licenses/LICENSE-2.0

    12  *

    13  * Unless required by applicable law or agreed to in writing,

    14  * software distributed under the License is distributed on an

    15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

    16  * KIND, either express or implied.  See the License for the

    17  * specific language governing permissions and limitations

    18  * under the License.

    19  * ====================================================================

    20  *

    21  * This software consists of voluntary contributions made by many

    22  * individuals on behalf of the Apache Software Foundation.  For more

    23  * information on the Apache Software Foundation, please see

    24  * <http://www.apache.org/>.

    25  *

    26  */

    27 

    28 package ch.boye.httpclientandroidlib.conn.ssl;

    29 

    30 import javax.net.ssl.SSLException;

    31 

    32 import ch.boye.httpclientandroidlib.annotation.Immutable;

    33 

    34 /**

    35  * The Strict HostnameVerifier works the same way as Sun Java 1.4, Sun

    36  * Java 5, Sun Java 6-rc.  It's also pretty close to IE6.  This

    37  * implementation appears to be compliant with RFC 2818 for dealing with

    38  * wildcards.

    39  * <p/>

    40  * The hostname must match either the first CN, or any of the subject-alts.

    41  * A wildcard can occur in the CN, and in any of the subject-alts.  The

    42  * one divergence from IE6 is how we only check the first CN.  IE6 allows

    43  * a match against any of the CNs present.  We decided to follow in

    44  * Sun Java 1.4's footsteps and only check the first CN.  (If you need

    45  * to check all the CN's, feel free to write your own implementation!).

    46  * <p/>

    47  * A wildcard such as "*.foo.com" matches only subdomains in the same

    48  * level, for example "a.foo.com".  It does not match deeper subdomains

    49  * such as "a.b.foo.com".

    50  *

    51  *

    52  * @since 4.0

    53  */

    54 @Immutable

    55 public class StrictHostnameVerifier extends AbstractVerifier {

    56 

    57     public final void verify(

    58             final String host,

    59             final String[] cns,

    60             final String[] subjectAlts) throws SSLException {

    61         verify(host, cns, subjectAlts, true);

    62     }

    63 

    64     @Override

    65     public final String toString() {

    66         return "STRICT";

    67     }

    68 

    69 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial