CoCalc -- HttpsURLConnection.java

GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/javax/net/ssl/HttpsURLConnection.java
³⁸⁹¹⁸ views
1
/*
2
 * Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.  Oracle designates this
8
 * particular file as subject to the "Classpath" exception as provided
9
 * by Oracle in the LICENSE file that accompanied this code.
10
 *
11
 * This code is distributed in the hope that it will be useful, but WITHOUT
12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14
 * version 2 for more details (a copy is included in the LICENSE file that
15
 * accompanied this code).
16
 *
17
 * You should have received a copy of the GNU General Public License version
18
 * 2 along with this work; if not, write to the Free Software Foundation,
19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20
 *
21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22
 * or visit www.oracle.com if you need additional information or have any
23
 * questions.
24
 */
25

26
package javax.net.ssl;
27

28
import java.net.URL;
29
import java.net.HttpURLConnection;
30
import java.security.Principal;
31
import java.security.cert.X509Certificate;
32

33
/**
34
 * <code>HttpsURLConnection</code> extends <code>HttpURLConnection</code>
35
 * with support for https-specific features.
36
 * <P>
37
 * See <A HREF="http://www.w3.org/pub/WWW/Protocols/">
38
 * http://www.w3.org/pub/WWW/Protocols/</A> and
39
 * <A HREF="http://www.ietf.org/"> RFC 2818 </A>
40
 * for more details on the
41
 * https specification.
42
 * <P>
43
 * This class uses <code>HostnameVerifier</code> and
44
 * <code>SSLSocketFactory</code>.
45
 * There are default implementations defined for both classes.
46
 * However, the implementations can be replaced on a per-class (static) or
47
 * per-instance basis.  All new <code>HttpsURLConnection</code>s instances
48
 * will be assigned
49
 * the "default" static values at instance creation, but they can be overriden
50
 * by calling the appropriate per-instance set method(s) before
51
 * <code>connect</code>ing.
52
 *
53
 * @since 1.4
54
 */
55
abstract public
56
class HttpsURLConnection extends HttpURLConnection
57
{
58
    /**
59
     * Creates an <code>HttpsURLConnection</code> using the
60
     * URL specified.
61
     *
62
     * @param url the URL
63
     */
64
    protected HttpsURLConnection(URL url) {
65
        super(url);
66
    }
67

68
    /**
69
     * Returns the cipher suite in use on this connection.
70
     *
71
     * @return the cipher suite
72
     * @throws IllegalStateException if this method is called before
73
     *          the connection has been established.
74
     */
75
    public abstract String getCipherSuite();
76

77
    /**
78
     * Returns the certificate(s) that were sent to the server during
79
     * handshaking.
80
     * <P>
81
     * Note: This method is useful only when using certificate-based
82
     * cipher suites.
83
     * <P>
84
     * When multiple certificates are available for use in a
85
     * handshake, the implementation chooses what it considers the
86
     * "best" certificate chain available, and transmits that to
87
     * the other side.  This method allows the caller to know
88
     * which certificate chain was actually sent.
89
     *
90
     * @return an ordered array of certificates,
91
     *          with the client's own certificate first followed by any
92
     *          certificate authorities.  If no certificates were sent,
93
     *          then null is returned.
94
     * @throws IllegalStateException if this method is called before
95
     *          the connection has been established.
96
     * @see #getLocalPrincipal()
97
     */
98
    public abstract java.security.cert.Certificate [] getLocalCertificates();
99

100
    /**
101
     * Returns the server's certificate chain which was established
102
     * as part of defining the session.
103
     * <P>
104
     * Note: This method can be used only when using certificate-based
105
     * cipher suites; using it with non-certificate-based cipher suites,
106
     * such as Kerberos, will throw an SSLPeerUnverifiedException.
107
     *
108
     * @return an ordered array of server certificates,
109
     *          with the peer's own certificate first followed by
110
     *          any certificate authorities.
111
     * @throws SSLPeerUnverifiedException if the peer is not verified.
112
     * @throws IllegalStateException if this method is called before
113
     *          the connection has been established.
114
     * @see #getPeerPrincipal()
115
     */
116
    public abstract java.security.cert.Certificate [] getServerCertificates()
117
            throws SSLPeerUnverifiedException;
118

119
    /**
120
     * Returns the server's principal which was established as part of
121
     * defining the session.
122
     * <P>
123
     * Note: Subclasses should override this method. If not overridden, it
124
     * will default to returning the X500Principal of the server's end-entity
125
     * certificate for certificate-based ciphersuites, or throw an
126
     * SSLPeerUnverifiedException for non-certificate based ciphersuites,
127
     * such as Kerberos.
128
     *
129
     * @return the server's principal. Returns an X500Principal of the
130
     * end-entity certiticate for X509-based cipher suites, and
131
     * KerberosPrincipal for Kerberos cipher suites.
132
     *
133
     * @throws SSLPeerUnverifiedException if the peer was not verified
134
     * @throws IllegalStateException if this method is called before
135
     *          the connection has been established.
136
     *
137
     * @see #getServerCertificates()
138
     * @see #getLocalPrincipal()
139
     *
140
     * @since 1.5
141
     */
142
    public Principal getPeerPrincipal()
143
            throws SSLPeerUnverifiedException {
144

145
        java.security.cert.Certificate[] certs = getServerCertificates();
146
        return ((X509Certificate)certs[0]).getSubjectX500Principal();
147
    }
148

149
    /**
150
     * Returns the principal that was sent to the server during handshaking.
151
     * <P>
152
     * Note: Subclasses should override this method. If not overridden, it
153
     * will default to returning the X500Principal of the end-entity certificate
154
     * that was sent to the server for certificate-based ciphersuites or,
155
     * return null for non-certificate based ciphersuites, such as Kerberos.
156
     *
157
     * @return the principal sent to the server. Returns an X500Principal
158
     * of the end-entity certificate for X509-based cipher suites, and
159
     * KerberosPrincipal for Kerberos cipher suites. If no principal was
160
     * sent, then null is returned.
161
     *
162
     * @throws IllegalStateException if this method is called before
163
     *          the connection has been established.
164
     *
165
     * @see #getLocalCertificates()
166
     * @see #getPeerPrincipal()
167
     *
168
     * @since 1.5
169
     */
170
    public Principal getLocalPrincipal() {
171

172
        java.security.cert.Certificate[] certs = getLocalCertificates();
173
        if (certs != null) {
174
            return ((X509Certificate)certs[0]).getSubjectX500Principal();
175
        } else {
176
            return null;
177
        }
178
    }
179

180
    /**
181
     * <code>HostnameVerifier</code> provides a callback mechanism so that
182
     * implementers of this interface can supply a policy for
183
     * handling the case where the host to connect to and
184
     * the server name from the certificate mismatch.
185
     * <p>
186
     * The default implementation will deny such connections.
187
     */
188
    private static HostnameVerifier defaultHostnameVerifier =
189
                                        new DefaultHostnameVerifier();
190

191
    /*
192
     * The initial default <code>HostnameVerifier</code>.  Should be
193
     * updated for another other type of <code>HostnameVerifier</code>
194
     * that are created.
195
     */
196
    private static class DefaultHostnameVerifier
197
            implements HostnameVerifier {
198
        @Override
199
        public boolean verify(String hostname, SSLSession session) {
200
            return false;
201
        }
202
    }
203

204
    /**
205
     * The <code>hostnameVerifier</code> for this object.
206
     */
207
    protected HostnameVerifier hostnameVerifier = defaultHostnameVerifier;
208

209
    /**
210
     * Sets the default <code>HostnameVerifier</code> inherited by a
211
     * new instance of this class.
212
     * <P>
213
     * If this method is not called, the default
214
     * <code>HostnameVerifier</code> assumes the connection should not
215
     * be permitted.
216
     *
217
     * @param v the default host name verifier
218
     * @throws IllegalArgumentException if the <code>HostnameVerifier</code>
219
     *          parameter is null.
220
     * @throws SecurityException if a security manager exists and its
221
     *         <code>checkPermission</code> method does not allow
222
     *         <code>SSLPermission("setHostnameVerifier")</code>
223
     * @see #getDefaultHostnameVerifier()
224
     */
225
    public static void setDefaultHostnameVerifier(HostnameVerifier v) {
226
        if (v == null) {
227
            throw new IllegalArgumentException(
228
                "no default HostnameVerifier specified");
229
        }
230

231
        SecurityManager sm = System.getSecurityManager();
232
        if (sm != null) {
233
            sm.checkPermission(new SSLPermission("setHostnameVerifier"));
234
        }
235
        defaultHostnameVerifier = v;
236
    }
237

238
    /**
239
     * Gets the default <code>HostnameVerifier</code> that is inherited
240
     * by new instances of this class.
241
     *
242
     * @return the default host name verifier
243
     * @see #setDefaultHostnameVerifier(HostnameVerifier)
244
     */
245
    public static HostnameVerifier getDefaultHostnameVerifier() {
246
        return defaultHostnameVerifier;
247
    }
248

249
    /**
250
     * Sets the <code>HostnameVerifier</code> for this instance.
251
     * <P>
252
     * New instances of this class inherit the default static hostname
253
     * verifier set by {@link #setDefaultHostnameVerifier(HostnameVerifier)
254
     * setDefaultHostnameVerifier}.  Calls to this method replace
255
     * this object's <code>HostnameVerifier</code>.
256
     *
257
     * @param v the host name verifier
258
     * @throws IllegalArgumentException if the <code>HostnameVerifier</code>
259
     *  parameter is null.
260
     * @see #getHostnameVerifier()
261
     * @see #setDefaultHostnameVerifier(HostnameVerifier)
262
     */
263
    public void setHostnameVerifier(HostnameVerifier v) {
264
        if (v == null) {
265
            throw new IllegalArgumentException(
266
                "no HostnameVerifier specified");
267
        }
268

269
        hostnameVerifier = v;
270
    }
271

272
    /**
273
     * Gets the <code>HostnameVerifier</code> in place on this instance.
274
     *
275
     * @return the host name verifier
276
     * @see #setHostnameVerifier(HostnameVerifier)
277
     * @see #setDefaultHostnameVerifier(HostnameVerifier)
278
     */
279
    public HostnameVerifier getHostnameVerifier() {
280
        return hostnameVerifier;
281
    }
282

283
    private static SSLSocketFactory defaultSSLSocketFactory = null;
284

285
    /**
286
     * The <code>SSLSocketFactory</code> inherited when an instance
287
     * of this class is created.
288
     */
289
    private SSLSocketFactory sslSocketFactory = getDefaultSSLSocketFactory();
290

291
    /**
292
     * Sets the default <code>SSLSocketFactory</code> inherited by new
293
     * instances of this class.
294
     * <P>
295
     * The socket factories are used when creating sockets for secure
296
     * https URL connections.
297
     *
298
     * @param sf the default SSL socket factory
299
     * @throws IllegalArgumentException if the SSLSocketFactory
300
     *          parameter is null.
301
     * @throws SecurityException if a security manager exists and its
302
     *         <code>checkSetFactory</code> method does not allow
303
     *         a socket factory to be specified.
304
     * @see #getDefaultSSLSocketFactory()
305
     */
306
    public static void setDefaultSSLSocketFactory(SSLSocketFactory sf) {
307
        if (sf == null) {
308
            throw new IllegalArgumentException(
309
                "no default SSLSocketFactory specified");
310
        }
311

312
        SecurityManager sm = System.getSecurityManager();
313
        if (sm != null) {
314
            sm.checkSetFactory();
315
        }
316
        defaultSSLSocketFactory = sf;
317
    }
318

319
    /**
320
     * Gets the default static <code>SSLSocketFactory</code> that is
321
     * inherited by new instances of this class.
322
     * <P>
323
     * The socket factories are used when creating sockets for secure
324
     * https URL connections.
325
     *
326
     * @return the default <code>SSLSocketFactory</code>
327
     * @see #setDefaultSSLSocketFactory(SSLSocketFactory)
328
     */
329
    public static SSLSocketFactory getDefaultSSLSocketFactory() {
330
        if (defaultSSLSocketFactory == null) {
331
            defaultSSLSocketFactory =
332
                (SSLSocketFactory)SSLSocketFactory.getDefault();
333
        }
334
        return defaultSSLSocketFactory;
335
    }
336

337
    /**
338
     * Sets the <code>SSLSocketFactory</code> to be used when this instance
339
     * creates sockets for secure https URL connections.
340
     * <P>
341
     * New instances of this class inherit the default static
342
     * <code>SSLSocketFactory</code> set by
343
     * {@link #setDefaultSSLSocketFactory(SSLSocketFactory)
344
     * setDefaultSSLSocketFactory}.  Calls to this method replace
345
     * this object's <code>SSLSocketFactory</code>.
346
     *
347
     * @param sf the SSL socket factory
348
     * @throws IllegalArgumentException if the <code>SSLSocketFactory</code>
349
     *          parameter is null.
350
     * @throws SecurityException if a security manager exists and its
351
     *         <code>checkSetFactory</code> method does not allow
352
     *         a socket factory to be specified.
353
     * @see #getSSLSocketFactory()
354
     */
355
    public void setSSLSocketFactory(SSLSocketFactory sf) {
356
        if (sf == null) {
357
            throw new IllegalArgumentException(
358
                "no SSLSocketFactory specified");
359
        }
360

361
        SecurityManager sm = System.getSecurityManager();
362
        if (sm != null) {
363
            sm.checkSetFactory();
364
        }
365
        sslSocketFactory = sf;
366
    }
367

368
    /**
369
     * Gets the SSL socket factory to be used when creating sockets
370
     * for secure https URL connections.
371
     *
372
     * @return the <code>SSLSocketFactory</code>
373
     * @see #setSSLSocketFactory(SSLSocketFactory)
374
     */
375
    public SSLSocketFactory getSSLSocketFactory() {
376
        return sslSocketFactory;
377
    }
378
}
379

380
Product

Resources

Company
