Search in sources :

Example 61 with SSLException

use of javax.net.ssl.SSLException in project stocator by SparkTC.

the class SwiftConnectionManager method getRetryHandler.

/**
 * Creates custom retry handler to be used if HTTP exception happens
 *
 * @return retry handler
 */
private HttpRequestRetryHandler getRetryHandler() {
    HttpRequestRetryHandler myRetryHandler = new HttpRequestRetryHandler() {

        public boolean retryRequest(IOException exception, int executionCount, HttpContext context) {
            if (executionCount >= connectionConfiguration.getExecutionCount()) {
                // Do not retry if over max retry count
                LOG.debug("Execution count {} is bigger then threashold. Stop", executionCount);
                return false;
            }
            if (exception instanceof NoHttpResponseException) {
                LOG.debug("NoHttpResponseException exception. Retry count {}", executionCount);
                return true;
            }
            if (exception instanceof UnknownHostException) {
                LOG.debug("UnknownHostException. Retry count {}", executionCount);
                return true;
            }
            if (exception instanceof ConnectTimeoutException) {
                LOG.debug("ConnectTimeoutException. Retry count {}", executionCount);
                return true;
            }
            if (exception instanceof SocketTimeoutException || exception.getClass() == SocketTimeoutException.class || exception.getClass().isInstance(SocketTimeoutException.class)) {
                // Connection refused
                LOG.debug("socketTimeoutException Retry count {}", executionCount);
                return true;
            }
            if (exception instanceof InterruptedIOException) {
                // Timeout
                LOG.debug("InterruptedIOException Retry count {}", executionCount);
                return true;
            }
            if (exception instanceof SSLException) {
                LOG.debug("SSLException Retry count {}", executionCount);
                return true;
            }
            HttpClientContext clientContext = HttpClientContext.adapt(context);
            HttpRequest request = clientContext.getRequest();
            boolean idempotent = !(request instanceof HttpEntityEnclosingRequest);
            if (idempotent) {
                LOG.debug("HttpEntityEnclosingRequest. Retry count {}", executionCount);
                return true;
            }
            LOG.debug("Retry stopped. Retry count {}", executionCount);
            return false;
        }
    };
    return myRetryHandler;
}
Also used : NoHttpResponseException(org.apache.http.NoHttpResponseException) HttpRequest(org.apache.http.HttpRequest) InterruptedIOException(java.io.InterruptedIOException) UnknownHostException(java.net.UnknownHostException) HttpContext(org.apache.http.protocol.HttpContext) HttpClientContext(org.apache.http.client.protocol.HttpClientContext) InterruptedIOException(java.io.InterruptedIOException) IOException(java.io.IOException) SSLException(javax.net.ssl.SSLException) SocketTimeoutException(java.net.SocketTimeoutException) HttpEntityEnclosingRequest(org.apache.http.HttpEntityEnclosingRequest) HttpRequestRetryHandler(org.apache.http.client.HttpRequestRetryHandler) ConnectTimeoutException(org.apache.http.conn.ConnectTimeoutException)

Example 62 with SSLException

use of javax.net.ssl.SSLException in project cxf by apache.

the class DefaultHostnameVerifier method verify.

@Override
public boolean verify(final String host, final SSLSession session) {
    try {
        final Certificate[] certs = session.getPeerCertificates();
        final X509Certificate x509 = (X509Certificate) certs[0];
        verify(host, x509);
        return true;
    } catch (final SSLException ex) {
        if (LOG.isLoggable(Level.FINE)) {
            LOG.log(Level.FINE, ex.getMessage(), ex);
        }
        return false;
    }
}
Also used : SSLException(javax.net.ssl.SSLException) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 63 with SSLException

use of javax.net.ssl.SSLException in project cxf by apache.

the class DefaultHostnameVerifier method extractCN.

static String extractCN(final String subjectPrincipal) throws SSLException {
    if (subjectPrincipal == null) {
        return null;
    }
    try {
        final LdapName subjectDN = new LdapName(subjectPrincipal);
        final List<Rdn> rdns = subjectDN.getRdns();
        for (int i = rdns.size() - 1; i >= 0; i--) {
            final Rdn rds = rdns.get(i);
            final Attributes attributes = rds.toAttributes();
            final Attribute cn = attributes.get("cn");
            if (cn != null) {
                try {
                    final Object value = cn.get();
                    if (value != null) {
                        return value.toString();
                    }
                } catch (NoSuchElementException ignore) {
                // 
                } catch (NamingException ignore) {
                // 
                }
            }
        }
        return null;
    } catch (InvalidNameException e) {
        throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name");
    }
}
Also used : InvalidNameException(javax.naming.InvalidNameException) Attribute(javax.naming.directory.Attribute) Attributes(javax.naming.directory.Attributes) NamingException(javax.naming.NamingException) Rdn(javax.naming.ldap.Rdn) SSLException(javax.net.ssl.SSLException) NoSuchElementException(java.util.NoSuchElementException) LdapName(javax.naming.ldap.LdapName)

Example 64 with SSLException

use of javax.net.ssl.SSLException in project cxf by apache.

the class DefaultHostnameVerifierTest method testSubjectAlt.

@Test
public void testSubjectAlt() throws Exception {
    final CertificateFactory cf = CertificateFactory.getInstance("X.509");
    final InputStream in = new ByteArrayInputStream(CertificatesToPlayWith.X509_MULTIPLE_SUBJECT_ALT);
    final X509Certificate x509 = (X509Certificate) cf.generateCertificate(in);
    Assert.assertEquals("CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=CH", x509.getSubjectDN().getName());
    impl.verify("localhost.localdomain", x509);
    impl.verify("127.0.0.1", x509);
    try {
        impl.verify("localhost", x509);
        Assert.fail("SSLException should have been thrown");
    } catch (final SSLException ex) {
    // expected
    }
    try {
        impl.verify("local.host", x509);
        Assert.fail("SSLException should have been thrown");
    } catch (final SSLException ex) {
    // expected
    }
    try {
        impl.verify("127.0.0.2", x509);
        Assert.fail("SSLException should have been thrown");
    } catch (final SSLException ex) {
    // expected
    }
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) CertificateFactory(java.security.cert.CertificateFactory) SSLException(javax.net.ssl.SSLException) X509Certificate(java.security.cert.X509Certificate) Test(org.junit.Test)

Example 65 with SSLException

use of javax.net.ssl.SSLException in project ignite by apache.

the class SslContextFactory method checkParameters.

/**
 * Checks that all required parameters are set.
 *
 * @throws SSLException If any of required parameters is missing.
 */
private void checkParameters() throws SSLException {
    assert keyStoreType != null;
    assert proto != null;
    checkNullParameter(keyStoreFilePath, "keyStoreFilePath");
    checkNullParameter(keyStorePwd, "keyStorePwd");
    if (trustMgrs == null) {
        if (trustStoreFilePath == null)
            throw new SSLException("Failed to initialize SSL context (either trustStoreFilePath or " + "trustManagers must be provided)");
        else
            checkNullParameter(trustStorePwd, "trustStorePwd");
    }
}
Also used : SSLException(javax.net.ssl.SSLException)

Aggregations

SSLException (javax.net.ssl.SSLException)158 IOException (java.io.IOException)46 X509Certificate (java.security.cert.X509Certificate)26 SSLEngineResult (javax.net.ssl.SSLEngineResult)23 SocketException (java.net.SocketException)20 SSLSocket (javax.net.ssl.SSLSocket)20 ByteBuffer (java.nio.ByteBuffer)19 CertificateException (java.security.cert.CertificateException)19 Test (org.junit.Test)19 SSLHandshakeException (javax.net.ssl.SSLHandshakeException)18 SSLContext (javax.net.ssl.SSLContext)15 SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)15 SSLSession (javax.net.ssl.SSLSession)15 InetSocketAddress (java.net.InetSocketAddress)14 SSLEngine (javax.net.ssl.SSLEngine)14 X509TrustManager (javax.net.ssl.X509TrustManager)12 Bootstrap (io.netty.bootstrap.Bootstrap)11 NioEventLoopGroup (io.netty.channel.nio.NioEventLoopGroup)11 NioSocketChannel (io.netty.channel.socket.nio.NioSocketChannel)11 Socket (java.net.Socket)11